head	1.13;
access;
symbols
	RELENG_8_4:1.12.0.2
	RELENG_9_1_0_RELEASE:1.9
	RELENG_9_1:1.9.0.6
	RELENG_9_1_BP:1.9
	RELENG_8_3_0_RELEASE:1.3.2.1
	RELENG_8_3:1.3.2.1.0.6
	RELENG_8_3_BP:1.3.2.1
	RELENG_9_0_0_RELEASE:1.9
	RELENG_9_0:1.9.0.4
	RELENG_9_0_BP:1.9
	RELENG_9:1.9.0.2
	RELENG_9_BP:1.9
	RELENG_7_4_0_RELEASE:1.1.1.14.2.1
	RELENG_8_2_0_RELEASE:1.3.2.1
	RELENG_7_4:1.1.1.14.2.1.0.8
	RELENG_7_4_BP:1.1.1.14.2.1
	RELENG_8_2:1.3.2.1.0.4
	RELENG_8_2_BP:1.3.2.1
	RELENG_8_1_0_RELEASE:1.3.2.1
	RELENG_8_1:1.3.2.1.0.2
	RELENG_8_1_BP:1.3.2.1
	RELENG_7_3_0_RELEASE:1.1.1.14.2.1
	RELENG_7_3:1.1.1.14.2.1.0.6
	RELENG_7_3_BP:1.1.1.14.2.1
	RELENG_8_0_0_RELEASE:1.3
	RELENG_8_0:1.3.0.4
	RELENG_8_0_BP:1.3
	RELENG_8:1.3.0.2
	RELENG_8_BP:1.3
	RELENG_7_2_0_RELEASE:1.1.1.14.2.1
	RELENG_7_2:1.1.1.14.2.1.0.4
	RELENG_7_2_BP:1.1.1.14.2.1
	RELENG_7_1_0_RELEASE:1.1.1.14.2.1
	RELENG_6_4_0_RELEASE:1.1.1.10.2.3
	RELENG_7_1:1.1.1.14.2.1.0.2
	RELENG_7_1_BP:1.1.1.14.2.1
	RELENG_6_4:1.1.1.10.2.3.0.6
	RELENG_6_4_BP:1.1.1.10.2.3
	RELENG_7_0_0_RELEASE:1.1.1.14
	RELENG_6_3_0_RELEASE:1.1.1.10.2.3
	RELENG_7_0:1.1.1.14.0.4
	RELENG_7_0_BP:1.1.1.14
	RELENG_6_3:1.1.1.10.2.3.0.4
	RELENG_6_3_BP:1.1.1.10.2.3
	RELENG_7:1.1.1.14.0.2
	RELENG_7_BP:1.1.1.14
	RELENG_6_2_0_RELEASE:1.1.1.10.2.3
	RELENG_6_2:1.1.1.10.2.3.0.2
	RELENG_6_2_BP:1.1.1.10.2.3
	OpenSSH_4_5p1:1.1.1.14
	OpenSSH_4_4p1:1.1.1.13
	RELENG_5_5_0_RELEASE:1.1.1.7
	RELENG_5_5:1.1.1.7.0.8
	RELENG_5_5_BP:1.1.1.7
	RELENG_6_1_0_RELEASE:1.1.1.10.2.1
	RELENG_6_1:1.1.1.10.2.1.0.4
	RELENG_6_1_BP:1.1.1.10.2.1
	OpenSSH_4_3p1:1.1.1.12
	RELENG_6_0_0_RELEASE:1.1.1.10.2.1
	RELENG_6_0:1.1.1.10.2.1.0.2
	RELENG_6_0_BP:1.1.1.10.2.1
	OpenSSH_4_2p1:1.1.1.11
	RELENG_6:1.1.1.10.0.2
	RELENG_6_BP:1.1.1.10
	OpenSSH_4_1p1:1.1.1.10
	OpenSSH_4_0p1:1.1.1.9
	RELENG_5_4_0_RELEASE:1.1.1.7
	RELENG_5_4:1.1.1.7.0.6
	RELENG_5_4_BP:1.1.1.7
	RELENG_4_11_0_RELEASE:1.1.1.2.2.2
	RELENG_4_11:1.1.1.2.2.2.0.8
	RELENG_4_11_BP:1.1.1.2.2.2
	OpenSSH_3_9p1:1.1.1.8
	RELENG_5_3_0_RELEASE:1.1.1.7
	RELENG_5_3:1.1.1.7.0.4
	RELENG_5_3_BP:1.1.1.7
	RELENG_5:1.1.1.7.0.2
	RELENG_5_BP:1.1.1.7
	RELENG_4_10_0_RELEASE:1.1.1.2.2.2
	RELENG_4_10:1.1.1.2.2.2.0.6
	RELENG_4_10_BP:1.1.1.2.2.2
	OpenSSH_3_8_1p1:1.1.1.7
	OpenSSH_3_8p1:1.1.1.6
	RELENG_5_2_1_RELEASE:1.1.1.4
	RELENG_5_2_0_RELEASE:1.1.1.4
	OpenSSH_3_7_1p2:1.1.1.5
	RELENG_5_2:1.1.1.4.0.4
	RELENG_5_2_BP:1.1.1.4
	RELENG_4_9_0_RELEASE:1.1.1.2.2.2
	RELENG_4_9:1.1.1.2.2.2.0.4
	RELENG_4_9_BP:1.1.1.2.2.2
	RELENG_5_1_0_RELEASE:1.1.1.4
	RELENG_5_1:1.1.1.4.0.2
	RELENG_5_1_BP:1.1.1.4
	OpenSSH_3_6_1p1:1.1.1.4
	RELENG_4_8_0_RELEASE:1.1.1.2.2.2
	RELENG_4_8:1.1.1.2.2.2.0.2
	RELENG_4_8_BP:1.1.1.2.2.2
	RELENG_5_0_0_RELEASE:1.1.1.3
	RELENG_5_0:1.1.1.3.0.2
	RELENG_5_0_BP:1.1.1.3
	OpenSSH_3_5p1:1.1.1.3
	OPENSSH:1.1.1
	RELENG_4_7_0_RELEASE:1.1.1.2.2.1
	RELENG_4_7:1.1.1.2.2.1.0.2
	RELENG_4_7_BP:1.1.1.2.2.1
	RELENG_4_6_2_RELEASE:1.1.1.2.4.1
	RELENG_4_6_1_RELEASE:1.1.1.2.4.1
	RELENG_4_6:1.1.1.2.0.4
	RELENG_4:1.1.1.2.0.2
	OpenSSH_3_4p1:1.1.1.2
	OpenSSH_3_3p1:1.1.1.1
	OPENBSD:1.1.1;
locks; strict;
comment	@# @;


1.13
date	2013.05.18.00.28.34;	author svnexp;	state Exp;
branches;
next	1.12;

1.12
date	2013.03.23.02.26.25;	author svnexp;	state Exp;
branches
	1.12.2.1;
next	1.11;

1.11
date	2012.09.03.16.51.41;	author des;	state Exp;
branches;
next	1.10;

1.10
date	2011.10.05.22.08.17;	author des;	state Exp;
branches;
next	1.9;

1.9
date	2011.05.05.08.08.18;	author des;	state Exp;
branches
	1.9.2.1;
next	1.8;

1.8
date	2011.05.04.07.34.44;	author des;	state Exp;
branches;
next	1.7;

1.7
date	2010.11.11.11.46.19;	author des;	state Exp;
branches;
next	1.6;

1.6
date	2010.04.28.10.36.33;	author des;	state Exp;
branches;
next	1.5;

1.5
date	2010.03.09.19.16.43;	author des;	state Exp;
branches;
next	1.4;

1.4
date	2009.10.01.17.12.52;	author des;	state Exp;
branches;
next	1.3;

1.3
date	2009.05.22.18.46.28;	author des;	state Exp;
branches
	1.3.2.1;
next	1.2;

1.2
date	2008.08.01.02.48.36;	author des;	state Exp;
branches;
next	1.1;

1.1
date	2002.06.27.22.30.58;	author des;	state Exp;
branches
	1.1.1.1;
next	;

1.12.2.1
date	2013.03.23.02.26.25;	author svnexp;	state dead;
branches;
next	1.12.2.2;

1.12.2.2
date	2013.03.28.13.02.24;	author svnexp;	state Exp;
branches;
next	;

1.9.2.1
date	2013.02.28.18.51.25;	author svnexp;	state Exp;
branches;
next	1.9.2.2;

1.9.2.2
date	2013.05.30.13.02.57;	author svnexp;	state Exp;
branches;
next	1.9.2.3;

1.9.2.3
date	2014.03.31.15.01.50;	author svnexp;	state Exp;
branches;
next	;

1.3.2.1
date	2010.04.21.06.33.10;	author des;	state Exp;
branches;
next	1.3.2.2;

1.3.2.2
date	2013.03.01.02.23.11;	author svnexp;	state Exp;
branches;
next	;

1.1.1.1
date	2002.06.27.22.30.58;	author des;	state Exp;
branches;
next	1.1.1.2;

1.1.1.2
date	2002.06.29.11.33.56;	author des;	state Exp;
branches
	1.1.1.2.2.1
	1.1.1.2.4.1;
next	1.1.1.3;

1.1.1.3
date	2002.10.29.09.42.46;	author des;	state Exp;
branches;
next	1.1.1.4;

1.1.1.4
date	2003.04.23.16.52.49;	author des;	state Exp;
branches;
next	1.1.1.5;

1.1.1.5
date	2004.01.07.11.10.00;	author des;	state Exp;
branches;
next	1.1.1.6;

1.1.1.6
date	2004.02.26.10.38.36;	author des;	state Exp;
branches;
next	1.1.1.7;

1.1.1.7
date	2004.04.20.09.34.58;	author des;	state Exp;
branches;
next	1.1.1.8;

1.1.1.8
date	2004.10.28.16.03.45;	author des;	state Exp;
branches;
next	1.1.1.9;

1.1.1.9
date	2005.06.05.15.40.37;	author des;	state Exp;
branches;
next	1.1.1.10;

1.1.1.10
date	2005.06.05.15.41.45;	author des;	state Exp;
branches
	1.1.1.10.2.1;
next	1.1.1.11;

1.1.1.11
date	2005.09.03.06.59.17;	author des;	state Exp;
branches;
next	1.1.1.12;

1.1.1.12
date	2006.03.22.19.46.03;	author des;	state Exp;
branches;
next	1.1.1.13;

1.1.1.13
date	2006.09.30.13.29.46;	author des;	state Exp;
branches;
next	1.1.1.14;

1.1.1.14
date	2006.11.10.16.38.03;	author des;	state Exp;
branches
	1.1.1.14.2.1;
next	;

1.1.1.2.2.1
date	2002.07.03.22.11.40;	author des;	state Exp;
branches;
next	1.1.1.2.2.2;

1.1.1.2.2.2
date	2003.02.03.17.31.06;	author des;	state Exp;
branches;
next	;

1.1.1.2.4.1
date	2002.07.16.12.27.05;	author des;	state Exp;
branches;
next	;

1.1.1.10.2.1
date	2005.09.11.16.50.33;	author des;	state Exp;
branches;
next	1.1.1.10.2.2;

1.1.1.10.2.2
date	2006.10.06.14.07.11;	author des;	state Exp;
branches;
next	1.1.1.10.2.3;

1.1.1.10.2.3
date	2006.11.11.00.51.27;	author des;	state Exp;
branches;
next	;

1.1.1.14.2.1
date	2008.09.01.20.03.13;	author des;	state Exp;
branches;
next	;


desc
@@


1.13
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/250739
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@20130510
 - (djm) OpenBSD CVS Cherrypick
   - djm@@cvs.openbsd.org 2013/04/11 02:27:50
     [packet.c]
     quiet disconnect notifications on the server from error() back to logit()
     if it is a normal client closure; bz#2057 ok+feedback dtucker@@
 - (djm) [version.h contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Crank version numbers for release.

20130404
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2013/02/17 23:16:57
     [readconf.c ssh.c readconf.h sshconnect2.c]
     Keep track of which IndentityFile options were manually supplied and which
     were default options, and don't warn if the latter are missing.
     ok markus@@
   - dtucker@@cvs.openbsd.org 2013/02/19 02:12:47
     [krl.c]
     Remove bogus include.  ok djm
   - dtucker@@cvs.openbsd.org 2013/02/22 04:45:09
     [ssh.c readconf.c readconf.h]
     Don't complain if IdentityFiles specified in system-wide configs are
     missing.  ok djm, deraadt.
   - markus@@cvs.openbsd.org 2013/02/22 19:13:56
     [sshconnect.c]
     support ProxyCommand=- (stdin/out already point to the proxy); ok djm@@
   - djm@@cvs.openbsd.org 2013/02/22 22:09:01
     [ssh.c]
     Allow IdenityFile=none; ok markus deraadt (and dtucker for an earlier
     version)

20130401
 - (dtucker) [openbsd-compat/bsd-cygwin_util.{c,h}] Don't include windows.h
   to avoid conflicting definitions of __int64, adding the required bits.
   Patch from Corinna Vinschen.

20120322
 - (djm) [contrib/ssh-copy-id contrib/ssh-copy-id.1] Updated to Phil
   Hands' greatly revised version.
 - (djm) Release 6.2p1

20120318
 - (djm) [configure.ac log.c scp.c sshconnect2.c openbsd-compat/vis.c]
   [openbsd-compat/vis.h] FreeBSD's strnvis isn't compatible with OpenBSD's
   so mark it as broken. Patch from des AT des.no

20120317
 - (tim) [configure.ac] OpenServer 5 wants lastlog even though it has none
   of the bits the configure test looks for.

20120316
 - (djm) [configure.ac] Disable utmp, wtmp and/or lastlog if the platform
   is unable to successfully compile them. Based on patch from des AT
   des.no
 - (djm) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
   Add a usleep replacement for platforms that lack it; ok dtucker
 - (djm) [session.c] FreeBSD needs setusercontext(..., LOGIN_SETUMASK) to
   occur after UID switch; patch from John Marshall via des AT des.no;
   ok dtucker@@

20120312
 - (dtucker) [regress/Makefile regress/cipher-speed.sh regress/test-exec.sh]
   Improve portability of cipher-speed test, based mostly on a patch from
   Iain Morgan.
 - (dtucker) [auth.c configure.ac platform.c platform.h] Accept uid 2 ("bin")
   in addition to root as an owner of system directories on AIX and HP-UX.
   ok djm@@

20130307
 - (dtucker) [INSTALL] Bump documented autoconf version to what we're
   currently using.
 - (dtucker) [defines.h] Remove SIZEOF_CHAR bits since the test for it
   was removed in configure.ac rev 1.481 as it was redundant.
 - (tim) [Makefile.in] Add another missing $(EXEEXT) I should have seen 3 days
   ago.
 - (djm) [configure.ac] Add a timeout to the select/rlimit test to give it a
   chance to complete on broken systems; ok dtucker@@

20130306
 - (dtucker) [regress/forward-control.sh] Wait longer for the forwarding
  connection to start so that the test works on slower machines.
 - (dtucker) [configure.ac] test that we can set number of file descriptors
   to zero with setrlimit before enabling the rlimit sandbox.  This affects
   (at least) HPUX 11.11.

20130305
 - (djm) [regress/modpipe.c] Compilation fix for AIX and parsing fix for
   HP/UX. Spotted by Kevin Brott
 - (dtucker) [configure.ac] use "=" for shell test and not "==".  Spotted by
   Amit Kulkarni and Kevin Brott.
 - (dtucker) [Makefile.in] Remove trailing "\" on PATHS, which caused obscure
   build breakage on (at least) HP-UX 11.11.  Found by Amit Kulkarni and Kevin
   Brott.
 - (tim) [Makefile.in] Add missing $(EXEEXT). Found by Roumen Petrov.

20130227
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Crank version numbers
 - (tim) [regress/forward-control.sh] use sh in case login shell is csh.
 - (tim) [regress/integrity.sh] shell portability fix.
 - (tim) [regress/integrity.sh] keep old solaris awk from hanging.
 - (tim) [regress/krl.sh] keep old solaris awk from hanging.

20130226
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/02/20 08:27:50
     [integrity.sh]
     Add an option to modpipe that warns if the modification offset it not
     reached in it's stream and turn it on for t-integrity. This should catch
     cases where the session is not fuzzed for being too short (cf. my last
     "oops" commit)
 - (djm) [regress/integrity.sh] Run sshd via $SUDO; fixes tinderbox breakage
   for UsePAM=yes configuration

20130225
 - (dtucker) [configure.ac ssh-gss.h] bz#2073: additional #includes needed
   to use Solaris native GSS libs.  Patch from Pierre Ossman.

20130223
 - (djm) [configure.ac includes.h loginrec.c mux.c sftp.c] Prefer
   bsd/libutil.h to libutil.h to avoid deprecation warnings on Ubuntu.
   ok tim

20130222
 - (dtucker) [Makefile.in configure.ac] bz#2072: don't link krb5 libs to
   ssh(1) since they're not needed.  Patch from Pierre Ossman, ok djm.
 - (dtucker) [configure.ac] bz#2073: look for Solaris' differently-named
   libgss too.  Patch from Pierre Ossman, ok djm.
 - (djm) [configure.ac sandbox-seccomp-filter.c] Support for Linux
   seccomp-bpf sandbox on ARM. Patch from shawnlandden AT gmail.com;
   ok dtucker

20130221
 - (tim) [regress/forward-control.sh] shell portability fix.

20130220
 - (tim) [regress/cipher-speed.sh regress/try-ciphers.sh] shell portability fix.
 - (tim) [krl.c Makefile.in regress/Makefile regress/modpipe.c] remove unneeded
   err.h include from krl.c. Additional portability fixes for modpipe. OK djm
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/02/20 08:27:50
     [regress/integrity.sh regress/modpipe.c]
     Add an option to modpipe that warns if the modification offset it not
     reached in it's stream and turn it on for t-integrity. This should catch
     cases where the session is not fuzzed for being too short (cf. my last
     "oops" commit)
   - djm@@cvs.openbsd.org 2013/02/20 08:29:27
     [regress/modpipe.c]
     s/Id/OpenBSD/ in RCS tag

20130219
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/02/18 22:26:47
     [integrity.sh]
     crank the offset yet again; it was still fuzzing KEX one of Darren's
     portable test hosts at 2800
   - djm@@cvs.openbsd.org 2013/02/19 02:14:09
     [integrity.sh]
     oops, forgot to increase the output of the ssh command to ensure that
     we actually reach $offset
 - (djm) [regress/integrity.sh] Skip SHA2-based MACs on configurations that
   lack support for SHA2.
 - (djm) [regress/modpipe.c] Add local err, and errx functions for platforms
   that do not have them.

20130217
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/02/17 23:16:55
     [integrity.sh]
     make the ssh command generates some output to ensure that there are at
     least offset+tries bytes in the stream.

20130216
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/02/16 06:08:45
     [integrity.sh]
     make sure the fuzz offset is actually past the end of KEX for all KEX
     types. diffie-hellman-group-exchange-sha256 requires an offset around
     2700. Noticed via test failures in portable OpenSSH on platforms that
     lack ECC and this the more byte-frugal ECDH KEX algorithms.

20130215
 - (djm) [contrib/suse/rc.sshd] Use SSHD_BIN consistently; bz#2056 from
   Iain Morgan
 - (dtucker) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
   Use getpgrp() if we don't have getpgid() (old BSDs, maybe others).
 - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoull.c
   openbsd-compat/openbsd-compat.h] Add strtoull to compat library for
   platforms that don't have it.
 - (dtucker) [openbsd-compat/openbsd-compat.h] Add prototype for strtoul,
   group strto* function prototypes together.
 - (dtucker) [openbsd-compat/bsd-misc.c] Handle the case where setpgrp() takes
   an argument.  Pointed out by djm.
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/02/14 21:35:59
     [auth2-pubkey.c]
     Correct error message that had a typo and was logging the wrong thing;
     patch from Petr Lautrbach
   - dtucker@@cvs.openbsd.org 2013/02/15 00:21:01
     [sshconnect2.c]
     Warn more loudly if an IdentityFile provided by the user cannot be read.
     bz #1981, ok djm@@

20130214
 - (djm) [regress/krl.sh] Don't use ecdsa keys in environment that lack ECC.
 - (djm) [regress/krl.sh] typo; found by Iain Morgan
 - (djm) [regress/integrity.sh] Start fuzzing from offset 2500 (instead
   of 2300) to avoid clobbering the end of (non-MAC'd) KEX. Verified by
   Iain Morgan

20130212
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/01/24 21:45:37
     [krl.c]
     fix handling of (unused) KRL signatures; skip string in correct buffer
   - djm@@cvs.openbsd.org 2013/01/24 22:08:56
     [krl.c]
     skip serial lookup when cert's serial number is zero
   - krw@@cvs.openbsd.org 2013/01/25 05:00:27
     [krl.c]
     Revert last. Breaks due to likely typo. Let djm@@ fix later.
     ok djm@@ via dlg@@
   - djm@@cvs.openbsd.org 2013/01/25 10:22:19
     [krl.c]
     redo last commit without the vi-vomit that snuck in:
     skip serial lookup when cert's serial number is zero
     (now with 100% better comment)
   - djm@@cvs.openbsd.org 2013/01/26 06:11:05
     [Makefile.in acss.c acss.h cipher-acss.c cipher.c]
     [openbsd-compat/openssl-compat.h]
     remove ACSS, now that it is gone from libcrypto too
   - djm@@cvs.openbsd.org 2013/01/27 10:06:12
     [krl.c]
     actually use the xrealloc() return value; spotted by xi.wang AT gmail.com
   - dtucker@@cvs.openbsd.org 2013/02/06 00:20:42
     [servconf.c sshd_config sshd_config.5]
     Change default of MaxStartups to 10:30:100 to start doing random early
     drop at 10 connections up to 100 connections.  This will make it harder
     to DoS as CPUs have come a long way since the original value was set
     back in 2000.  Prompted by nion at debian org, ok markus@@
   - dtucker@@cvs.openbsd.org 2013/02/06 00:22:21
     [auth.c]
     Fix comment, from jfree.e1 at gmail
   - djm@@cvs.openbsd.org 2013/02/08 00:41:12
     [sftp.c]
     fix NULL deref when built without libedit and control characters
     entered as command; debugging and patch from Iain Morgan an
     Loganaden Velvindron in bz#1956
   - markus@@cvs.openbsd.org 2013/02/10 21:19:34
     [version.h]
     openssh 6.2
   - djm@@cvs.openbsd.org 2013/02/10 23:32:10
     [ssh-keygen.c]
     append to moduli file when screening candidates rather than overwriting.
     allows resumption of interrupted screen; patch from Christophe Garault
     in bz#1957; ok dtucker@@
   - djm@@cvs.openbsd.org 2013/02/10 23:35:24
     [packet.c]
     record "Received disconnect" messages at ERROR rather than INFO priority,
     since they are abnormal and result in a non-zero ssh exit status; patch
     from Iain Morgan in bz#2057; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2013/02/11 21:21:58
     [sshd.c]
     Add openssl version to debug output similar to the client.  ok markus@@
   - djm@@cvs.openbsd.org 2013/02/11 23:58:51
     [regress/try-ciphers.sh]
     remove acss here too
 - (djm) [regress/try-ciphers.sh] clean up CVS merge botch

20130211
 - (djm) [configure.ac openbsd-compat/openssl-compat.h] Repair build on old
   libcrypto that lacks EVP_CIPHER_CTX_ctrl

20130208
 - (djm) [contrib/redhat/sshd.init] treat RETVAL as an integer;
   patch from Iain Morgan in bz#2059
 - (dtucker) [configure.ac openbsd-compat/sys-tree.h] Test if compiler allows
   __attribute__ on return values and work around if necessary.  ok djm@@

20130207
 - (djm) [configure.ac] Don't probe seccomp capability of running kernel
   at configure time; the seccomp sandbox will fall back to rlimit at
   runtime anyway. Patch from plautrba AT redhat.com in bz#2011

20130120
 - (djm) [cipher-aes.c cipher-ctr.c openbsd-compat/openssl-compat.h]
   Move prototypes for replacement ciphers to openssl-compat.h; fix EVP
   prototypes for openssl-1.0.0-fips.
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2013/01/18 07:57:47
     [ssh-keygen.1]
     tweak previous;
   - jmc@@cvs.openbsd.org 2013/01/18 07:59:46
     [ssh-keygen.c]
     -u before -V in usage();
   - jmc@@cvs.openbsd.org 2013/01/18 08:00:49
     [sshd_config.5]
     tweak previous;
   - jmc@@cvs.openbsd.org 2013/01/18 08:39:04
     [ssh-keygen.1]
     add -Q to the options list; ok djm
   - jmc@@cvs.openbsd.org 2013/01/18 21:48:43
     [ssh-keygen.1]
     command-line (adj.) -> command line (n.);
   - jmc@@cvs.openbsd.org 2013/01/19 07:13:25
     [ssh-keygen.1]
     fix some formatting; ok djm
   - markus@@cvs.openbsd.org 2013/01/19 12:34:55
     [krl.c]
     RB_INSERT does not remove existing elments; ok djm@@
 - (djm) [openbsd-compat/sys-tree.h] Sync with OpenBSD. krl.c needs newer
   version.
 - (djm) [regress/krl.sh] replacement for jot; most platforms lack it

20130118
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/01/17 23:00:01
     [auth.c key.c key.h ssh-keygen.1 ssh-keygen.c sshd_config.5]
     [krl.c krl.h PROTOCOL.krl]
     add support for Key Revocation Lists (KRLs). These are a compact way to
     represent lists of revoked keys and certificates, taking as little as
     a single bit of incremental cost to revoke a certificate by serial number.
     KRLs are loaded via the existing RevokedKeys sshd_config option.
     feedback and ok markus@@
   - djm@@cvs.openbsd.org 2013/01/18 00:45:29
     [regress/Makefile regress/cert-userkey.sh regress/krl.sh]
     Tests for Key Revocation Lists (KRLs)
   - djm@@cvs.openbsd.org 2013/01/18 03:00:32
     [krl.c]
     fix KRL generation bug for list sections

20130117
 - (djm) [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh]
   check for GCM support before testing GCM ciphers.

20130112
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/01/12 11:22:04
     [cipher.c]
     improve error message for integrity failure in AES-GCM modes; ok markus@@
   - djm@@cvs.openbsd.org 2013/01/12 11:23:53
     [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh]
     test AES-GCM modes; feedback markus@@
 - (djm) [regress/integrity.sh] repair botched merge

20130109
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/12/14 05:26:43
     [auth.c]
     use correct string in error message; from rustybsd at gmx.fr
   - djm@@cvs.openbsd.org 2013/01/02 00:32:07
     [clientloop.c mux.c]
     channel_setup_local_fwd_listener() returns 0 on failure, not -ve
     bz#2055 reported by mathieu.lacage AT gmail.com
   - djm@@cvs.openbsd.org 2013/01/02 00:33:49
     [PROTOCOL.agent]
     correct format description for SSH_AGENTC_ADD_RSA_ID_CONSTRAINED
     bz#2051 from david AT lechnology.com
   - djm@@cvs.openbsd.org 2013/01/03 05:49:36
     [servconf.h]
     add a couple of ServerOptions members that should be copied to the privsep
     child (for consistency, in this case they happen only to be accessed in
     the monitor); ok dtucker@@
   - djm@@cvs.openbsd.org 2013/01/03 12:49:01
     [PROTOCOL]
     fix description of MAC calculation for EtM modes; ok markus@@
   - djm@@cvs.openbsd.org 2013/01/03 12:54:49
     [sftp-server.8 sftp-server.c]
     allow specification of an alternate start directory for sftp-server(8)
     "I like this" markus@@
   - djm@@cvs.openbsd.org 2013/01/03 23:22:58
     [ssh-keygen.c]
     allow fingerprinting of keys hosted in PKCS#11 tokens: ssh-keygen -lD ...
     ok markus@@
   - jmc@@cvs.openbsd.org 2013/01/04 19:26:38
     [sftp-server.8 sftp-server.c]
     sftp-server.8: add argument name to -d
     sftp-server.c: add -d to usage()
     ok djm
   - markus@@cvs.openbsd.org 2013/01/08 18:49:04
     [PROTOCOL authfile.c cipher.c cipher.h kex.c kex.h monitor_wrap.c]
     [myproposal.h packet.c ssh_config.5 sshd_config.5]
     support AES-GCM as defined in RFC 5647 (but with simpler KEX handling)
     ok and feedback djm@@
   - djm@@cvs.openbsd.org 2013/01/09 05:40:17
     [ssh-keygen.c]
     correctly initialise fingerprint type for fingerprinting PKCS#11 keys
 - (djm) [cipher.c configure.ac openbsd-compat/openssl-compat.h]
   Fix merge botch, automatically detect AES-GCM in OpenSSL, move a little
   cipher compat code to openssl-compat.h

20121217
 - (dtucker) [Makefile.in] Add some scaffolding so that the new regress
   tests will work with VPATH directories.

20121213
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2012/12/12 16:45:52
     [packet.c]
     reset incoming_packet buffer for each new packet in EtM-case, too;
     this happens if packets are parsed only parially (e.g. ignore
     messages sent when su/sudo turn off echo); noted by sthen/millert
   - naddy@@cvs.openbsd.org 2012/12/12 16:46:10
     [cipher.c]
     use OpenSSL's EVP_aes_{128,192,256}_ctr() API and remove our hand-rolled
     counter mode code; ok djm@@
 - (djm) [configure.ac cipher-ctr.c] Adapt EVP AES CTR change to retain our
   compat code for older OpenSSL
 - (djm) [cipher.c] Fix missing prototype for compat code

20121212
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2012/12/11 22:16:21
     [monitor.c]
     drain the log messages after receiving the keystate from the unpriv
     child. otherwise it might block while sending. ok djm@@
   - markus@@cvs.openbsd.org 2012/12/11 22:31:18
     [PROTOCOL authfile.c cipher.c cipher.h kex.h mac.c myproposal.h]
     [packet.c ssh_config.5 sshd_config.5]
     add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms
     that change the packet format and compute the MAC over the encrypted
     message (including the packet size) instead of the plaintext data;
     these EtM modes are considered more secure and used by default.
     feedback and ok djm@@
   - sthen@@cvs.openbsd.org 2012/12/11 22:51:45
     [mac.c]
     fix typo, s/tem/etm in hmac-ripemd160-tem. ok markus@@
   - markus@@cvs.openbsd.org 2012/12/11 22:32:56
     [regress/try-ciphers.sh]
     add etm modes
   - markus@@cvs.openbsd.org 2012/12/11 22:42:11
     [regress/Makefile regress/modpipe.c regress/integrity.sh]
     test the integrity of the packets; with djm@@
   - markus@@cvs.openbsd.org 2012/12/11 23:12:13
     [try-ciphers.sh]
     add hmac-ripemd160-etm@@openssh.com
 - (djm) [mac.c] fix merge botch
 - (djm) [regress/Makefile regress/integrity.sh] Make the integrity.sh test
   work on platforms without 'jot'
 - (djm) [regress/integrity.sh] Fix awk quoting, packet length skip
 - (djm) [regress/Makefile] fix t-exec rule

20121207
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/12/06 06:06:54
     [regress/keys-command.sh]
     Fix some problems with the keys-command test:
      - use string comparison rather than numeric comparison
      - check for existing KEY_COMMAND file and don't clobber if it exists
      - clean up KEY_COMMAND file if we do create it.
      - check that KEY_COMMAND is executable (which it won't be if eg /var/run
        is mounted noexec).
     ok djm.
   - jmc@@cvs.openbsd.org 2012/12/03 08:33:03
     [ssh-add.1 sshd_config.5]
     tweak previous;
   - markus@@cvs.openbsd.org 2012/12/05 15:42:52
     [ssh-add.c]
     prevent double-free of comment; ok djm@@
   - dtucker@@cvs.openbsd.org 2012/12/07 01:51:35
     [serverloop.c]
     Cast signal to int for logging.  A no-op on openbsd (they're always ints)
     but will prevent warnings in portable.  ok djm@@

20121205
 - (tim) [defines.h] Some platforms are missing ULLONG_MAX. Feedback djm@@.

20121203
 - (djm) [openbsd-compat/sys-queue.h] Sync with OpenBSD to get
   TAILQ_FOREACH_SAFE needed for upcoming changes.
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2012/12/02 20:26:11
     [ssh_config.5 sshconnect2.c]
     Make IdentitiesOnly apply to keys obtained from a PKCS11Provider.
     This allows control of which keys are offered from tokens using
     IdentityFile. ok markus@@
   - djm@@cvs.openbsd.org 2012/12/02 20:42:15
     [ssh-add.1 ssh-add.c]
     make deleting explicit keys "ssh-add -d" symmetric with adding keys -
     try to delete the corresponding certificate too and respect the -k option
     to allow deleting of the key only; feedback and ok markus@@
   - djm@@cvs.openbsd.org 2012/12/02 20:46:11
     [auth-options.c channels.c servconf.c servconf.h serverloop.c session.c]
     [sshd_config.5]
     make AllowTcpForwarding accept "local" and "remote" in addition to its
     current "yes"/"no" to allow the server to specify whether just local or
     remote TCP forwarding is enabled. ok markus@@
   - dtucker@@cvs.openbsd.org 2012/10/05 02:20:48
     [regress/cipher-speed.sh regress/try-ciphers.sh]
     Add umac-128@@openssh.com to the list of MACs to be tested
   - djm@@cvs.openbsd.org 2012/10/19 05:10:42
     [regress/cert-userkey.sh]
     include a serial number when generating certs
   - djm@@cvs.openbsd.org 2012/11/22 22:49:30
     [regress/Makefile regress/keys-command.sh]
     regress for AuthorizedKeysCommand; hints from markus@@
   - djm@@cvs.openbsd.org 2012/12/02 20:47:48
     [Makefile regress/forward-control.sh]
     regress for AllowTcpForwarding local/remote; ok markus@@
   - djm@@cvs.openbsd.org 2012/12/03 00:14:06
     [auth2-chall.c ssh-keygen.c]
     Fix compilation with -Wall -Werror (trivial type fixes)
 - (djm) [configure.ac] Turn on -g for gcc compilers. Helps pre-installation
   debugging. ok dtucker@@
 - (djm) [configure.ac] Revert previous. configure.ac already does this
   for us.

20121114
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2012/11/14 02:24:27
     [auth2-pubkey.c]
     fix username passed to helper program
     prepare stdio fds before closefrom()
     spotted by landry@@
   - djm@@cvs.openbsd.org 2012/11/14 02:32:15
     [ssh-keygen.c]
     allow the full range of unsigned serial numbers; 'fine' deraadt@@
   - djm@@cvs.openbsd.org 2012/12/02 20:34:10
     [auth.c auth.h auth1.c auth2-chall.c auth2-gss.c auth2-jpake.c auth2.c]
     [monitor.c monitor.h]
     Fixes logging of partial authentication when privsep is enabled
     Previously, we recorded "Failed xxx" since we reset authenticated before
     calling auth_log() in auth2.c. This adds an explcit "Partial" state.
     
     Add a "submethod" to auth_log() to report which submethod is used
     for keyboard-interactive.
     
     Fix multiple authentication when one of the methods is
     keyboard-interactive.
     
     ok markus@@
   - dtucker@@cvs.openbsd.org 2012/10/05 02:05:30
     [regress/multiplex.sh]
     Use 'kill -0' to test for the presence of a pid since it's more portable

20121107
 - (djm) OpenBSD CVS Sync
   - eric@@cvs.openbsd.org 2011/11/28 08:46:27
     [moduli.5]
     fix formula
     ok djm@@
   - jmc@@cvs.openbsd.org 2012/09/26 17:34:38
     [moduli.5]
     last stage of rfc changes, using consistent Rs/Re blocks, and moving the
     references into a STANDARDS section;

20121105
 - (dtucker) [uidswap.c openbsd-compat/Makefile.in
   openbsd-compat/bsd-setres_id.c openbsd-compat/bsd-setres_id.h
   openbsd-compat/openbsd-compat.h]  Move the fallback code for setting uids
   and gids from uidswap.c to the compat library, which allows it to work with
   the new setresuid calls in auth2-pubkey.  with tim@@, ok djm@@
 - (dtucker) [auth2-pubkey.c] wrap paths.h in an ifdef for platforms that
   don't have it.  Spotted by tim@@.

20121104
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2012/10/31 08:04:50
     [sshd_config.5]
     tweak previous;
   - djm@@cvs.openbsd.org 2012/11/04 10:38:43
     [auth2-pubkey.c sshd.c sshd_config.5]
     Remove default of AuthorizedCommandUser. Administrators are now expected
     to explicitly specify a user. feedback and ok markus@@
   - djm@@cvs.openbsd.org 2012/11/04 11:09:15
     [auth.h auth1.c auth2.c monitor.c servconf.c servconf.h sshd.c]
     [sshd_config.5]
     Support multiple required authentication via an AuthenticationMethods
     option. This option lists one or more comma-separated lists of
     authentication method names. Successful completion of all the methods in
     any list is required for authentication to complete;
     feedback and ok markus@@

20121030
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2012/10/05 12:34:39
     [sftp.c]
     fix signed vs unsigned warning; feedback & ok: djm@@
   - djm@@cvs.openbsd.org 2012/10/30 21:29:55
     [auth-rsa.c auth.c auth.h auth2-pubkey.c servconf.c servconf.h]
     [sshd.c sshd_config sshd_config.5]
     new sshd_config option AuthorizedKeysCommand to support fetching
     authorized_keys from a command in addition to (or instead of) from
     the filesystem. The command is run as the target server user unless
     another specified via a new AuthorizedKeysCommandUser option.
     
     patch originally by jchadima AT redhat.com, reworked by me; feedback
     and ok markus@@

20121019
 - (tim) [buildpkg.sh.in] Double up on some backslashes so they end up in
   the generated file as intended.

20121005
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2012/09/17 09:54:44
     [sftp.c]
     an XXX for later
   - markus@@cvs.openbsd.org 2012/09/17 13:04:11
     [packet.c]
     clear old keys on rekeing; ok djm
   - dtucker@@cvs.openbsd.org 2012/09/18 10:36:12
     [sftp.c]
     Add bounds check on sftp tab-completion.  Part of a patch from from
     Jean-Marc Robert via tech@@, ok djm
   - dtucker@@cvs.openbsd.org 2012/09/21 10:53:07
     [sftp.c]
     Fix improper handling of absolute paths when PWD is part of the completed
     path.  Patch from Jean-Marc Robert via tech@@, ok djm.
  - dtucker@@cvs.openbsd.org 2012/09/21 10:55:04
     [sftp.c]
     Fix handling of filenames containing escaped globbing characters and
     escape "#" and "*".  Patch from Jean-Marc Robert via tech@@, ok djm.
   - jmc@@cvs.openbsd.org 2012/09/26 16:12:13
     [ssh.1]
     last stage of rfc changes, using consistent Rs/Re blocks, and moving the
     references into a STANDARDS section;
   - naddy@@cvs.openbsd.org 2012/10/01 13:59:51
     [monitor_wrap.c]
     pasto; ok djm@@
   - djm@@cvs.openbsd.org 2012/10/02 07:07:45
     [ssh-keygen.c]
     fix -z option, broken in revision 1.215
   - markus@@cvs.openbsd.org 2012/10/04 13:21:50
     [myproposal.h ssh_config.5 umac.h sshd_config.5 ssh.1 sshd.8 mac.c]
     add umac128 variant; ok djm@@ at n2k12
  - dtucker@@cvs.openbsd.org 2012/09/06 04:11:07
     [regress/try-ciphers.sh]
     Restore missing space.  (Id sync only).
   - dtucker@@cvs.openbsd.org 2012/09/09 11:51:25
     [regress/multiplex.sh]
     Add test for ssh -Ostop
   - dtucker@@cvs.openbsd.org 2012/09/10 00:49:21
     [regress/multiplex.sh]
     Log -O cmd output to the log file and make logging consistent with the
     other tests.  Test clean shutdown of an existing channel when testing
     "stop".
   - dtucker@@cvs.openbsd.org 2012/09/10 01:51:19
     [regress/multiplex.sh]
     use -Ocheck and waiting for completions by PID to make multiplexing test
     less racy and (hopefully) more reliable on slow hardware.
 - [Makefile umac.c] Add special-case target to build umac128.o.
 - [umac.c] Enforce allowed umac output sizes.  From djm@@.
 - [Makefile.in] "Using $< in a non-suffix rule context is a GNUmake idiom".

20120917
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/09/13 23:37:36
     [servconf.c]
     Fix comment line length
   - markus@@cvs.openbsd.org 2012/09/14 16:51:34
     [sshconnect.c]
     remove unused variable

20120907
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/09/06 09:50:13
     [clientloop.c]
     Make the escape command help (~?) context sensitive so that only commands
     that will work in the current session are shown.  ok markus@@
   - jmc@@cvs.openbsd.org 2012/09/06 13:57:42
     [ssh.1]
     missing letter in previous;
   - dtucker@@cvs.openbsd.org 2012/09/07 00:30:19
     [clientloop.c]
     Print '^Z' instead of a raw ^Z when the sequence is not supported.  ok djm@@
   - dtucker@@cvs.openbsd.org 2012/09/07 01:10:21
     [clientloop.c]
     Merge escape help text for ~v and ~V; ok djm@@
   - dtucker@@cvs.openbsd.org 2012/09/07 06:34:21
     [clientloop.c]
     when muxmaster is run with -N, make it shut down gracefully when a client
     sends it "-O stop" rather than hanging around (bz#1985).  ok djm@@

20120906
 - (dtucker) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2012/08/15 18:25:50
     [ssh-keygen.1]
     a little more info on certificate validity;
     requested by Ross L Richardson, and provided by djm
   - dtucker@@cvs.openbsd.org 2012/08/17 00:45:45
     [clientloop.c clientloop.h mux.c]
     Force a clean shutdown of ControlMaster client sessions when the ~. escape
     sequence is used.  This means that ~. should now work in mux clients even
     if the server is no longer responding.  Found by tedu, ok djm.
   - djm@@cvs.openbsd.org 2012/08/17 01:22:56
     [kex.c]
     add some comments about better handling first-KEX-follows notifications
     from the server. Nothing uses these right now. No binary change
   - djm@@cvs.openbsd.org 2012/08/17 01:25:58
     [ssh-keygen.c]
     print details of which host lines were deleted when using
     "ssh-keygen -R host"; ok markus@@
   - djm@@cvs.openbsd.org 2012/08/17 01:30:00
     [compat.c sshconnect.c]
     Send client banner immediately, rather than waiting for the server to
     move first for SSH protocol 2 connections (the default). Patch based on
     one in bz#1999 by tls AT panix.com, feedback dtucker@@ ok markus@@
   - dtucker@@cvs.openbsd.org 2012/09/06 04:37:39
     [clientloop.c log.c ssh.1 log.h]
     Add ~v and ~V escape sequences to raise and lower the logging level
     respectively. Man page help from jmc, ok deraadt jmc

20120830
 - (dtucker) [moduli] Import new moduli file.

20120828
 - (djm) Release openssh-6.1

20120828
 - (dtucker) [openbsd-compat/bsd-cygwin_util.h] define WIN32_LEAN_AND_MEAN
   for compatibility with future mingw-w64 headers.  Patch from vinschen at
   redhat com.

20120822
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Update version numbers

20120731
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2012/07/06 06:38:03
     [ssh-keygen.c]
     missing full stop in usage();
   - djm@@cvs.openbsd.org 2012/07/10 02:19:15
     [servconf.c servconf.h sshd.c sshd_config]
     Turn on systrace sandboxing of pre-auth sshd by default for new installs
     by shipping a config that overrides the current UsePrivilegeSeparation=yes
     default. Make it easier to flip the default in the future by adding too.
     prodded markus@@ feedback dtucker@@ "get it in" deraadt@@
   - dtucker@@cvs.openbsd.org 2012/07/13 01:35:21
     [servconf.c]
     handle long comments in config files better.  bz#2025, ok markus
   - markus@@cvs.openbsd.org 2012/07/22 18:19:21
     [version.h]
     openssh 6.1

20120720
 - (dtucker) Import regened moduli file.

20120706
 - (djm) [sandbox-seccomp-filter.c] fallback to rlimit if seccomp filter is
   not available. Allows use of sshd compiled on host with a filter-capable
   kernel on hosts that lack the support. bz#2011 ok dtucker@@
 - (djm) [configure.ac] Recursively expand $(bindir) to ensure it has no
   unexpanded $(prefix) embedded. bz#2007 patch from nix-corp AT
   esperi.org.uk; ok dtucker@@
- (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/07/06 00:41:59
     [moduli.c ssh-keygen.1 ssh-keygen.c]
     Add options to specify starting line number and number of lines to process
     when screening moduli candidates.  This allows processing of different
     parts of a candidate moduli file in parallel.  man page help jmc@@, ok djm@@
   - djm@@cvs.openbsd.org 2012/07/06 01:37:21
     [mux.c]
     fix memory leak of passed-in environment variables and connection
     context when new session message is malformed; bz#2003 from Bert.Wesarg
     AT googlemail.com
   - djm@@cvs.openbsd.org 2012/07/06 01:47:38
     [ssh.c]
     move setting of tty_flag to after config parsing so RequestTTY options
     are correctly picked up. bz#1995 patch from przemoc AT gmail.com;
     ok dtucker@@

20120704
 - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] Add setlinebuf for
   platforms that don't have it.  "looks good" tim@@

20120703
 - (dtucker) [configure.ac] Detect platforms that can't use select(2) with
   setrlimit(RLIMIT_NOFILE, rl_zero) and disable the rlimit sandbox on those.
 - (dtucker) [configure.ac sandbox-rlimit.c] Test whether or not
   setrlimit(RLIMIT_FSIZE, rl_zero) and skip it if it's not supported.  Its
   benefit is minor, so it's not worth disabling the sandbox if it doesn't
   work.

20120702
- (dtucker) OpenBSD CVS Sync
   - naddy@@cvs.openbsd.org 2012/06/29 13:57:25
     [ssh_config.5 sshd_config.5]
     match the documented MAC order of preference to the actual one;
     ok dtucker@@
   - markus@@cvs.openbsd.org 2012/06/30 14:35:09
     [sandbox-systrace.c sshd.c]
     fix a during the load of the sandbox policies (child can still make
     the read-syscall and wait forever for systrace-answers) by replacing
     the read/write synchronisation with SIGSTOP/SIGCONT;
     report and help hshoexer@@; ok djm@@, dtucker@@
   - dtucker@@cvs.openbsd.org 2012/07/02 08:50:03
     [ssh.c]
     set interactive ToS for forwarded X11 sessions.  ok djm@@
   - dtucker@@cvs.openbsd.org 2012/07/02 12:13:26
     [ssh-pkcs11-helper.c sftp-client.c]
     fix a couple of "assigned but not used" warnings.  ok markus@@
   - dtucker@@cvs.openbsd.org 2012/07/02 14:37:06
     [regress/connect-privsep.sh]
     remove exit from end of test since it prevents reporting failure
 - (dtucker) [regress/reexec.sh regress/sftp-cmds.sh regress/test-exec.sh]
   Move cygwin detection to test-exec and use to skip reexec test on cygwin.
 - (dtucker) [regress/test-exec.sh] Correct uname for cygwin/w2k.

20120629
 - OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/06/21 00:16:07
     [addrmatch.c]
     fix strlcpy truncation check.  from carsten at debian org, ok markus
   - dtucker@@cvs.openbsd.org 2012/06/22 12:30:26
     [monitor.c sshconnect2.c]
     remove dead code following 'for (;;)' loops.
     From Steve.McClellan at radisys com, ok markus@@
   - dtucker@@cvs.openbsd.org 2012/06/22 14:36:33
     [sftp.c]
     Remove unused variable leftover from tab-completion changes.
     From Steve.McClellan at radisys com, ok markus@@
   - dtucker@@cvs.openbsd.org 2012/06/26 11:02:30
     [sandbox-systrace.c]
     Add mquery to the list of allowed syscalls for "UsePrivilegeSeparation
     sandbox" since malloc now uses it.  From johnw.mail at gmail com.
   - dtucker@@cvs.openbsd.org 2012/06/28 05:07:45
     [mac.c myproposal.h ssh_config.5 sshd_config.5]
     Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
     from draft6 of the spec and will not be in the RFC when published.  Patch
     from mdb at juniper net via bz#2023, ok markus.
   - naddy@@cvs.openbsd.org 2012/06/29 13:57:25
     [ssh_config.5 sshd_config.5]
     match the documented MAC order of preference to the actual one; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2012/05/13 01:42:32
     [regress/addrmatch.sh]
     Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests
     to match.  Feedback and ok djm@@ markus@@.
   - djm@@cvs.openbsd.org 2012/06/01 00:47:35
     [regress/multiplex.sh regress/forwarding.sh]
     append to rather than truncate test log; bz#2013 from openssh AT
     roumenpetrov.info
   - djm@@cvs.openbsd.org 2012/06/01 00:52:52
     [regress/sftp-cmds.sh]
     don't delete .* on cleanup due to unintended env expansion; pointed out in
     bz#2014 by openssh AT roumenpetrov.info
   - dtucker@@cvs.openbsd.org 2012/06/26 12:06:59
     [regress/connect-privsep.sh]
     test sandbox with every malloc option
   - dtucker@@cvs.openbsd.org 2012/06/28 05:07:45
     [regress/try-ciphers.sh regress/cipher-speed.sh]
     Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
     from draft6 of the spec and will not be in the RFC when published.  Patch
     from mdb at juniper net via bz#2023, ok markus.
 - (dtucker) [myproposal.h] Remove trailing backslash to fix compile error.
 - (dtucker) [key.c] ifdef out sha256 key types on platforms that don't have
   the required functions in libcrypto.

20120628
 - (dtucker) [openbsd-compat/getrrsetbyname-ldns.c] bz #2022: prevent null
   pointer deref in the client when built with LDNS and using DNSSEC with a
   CNAME.  Patch from gregdlg+mr at hochet info.

20120622
 - (dtucker) [contrib/cygwin/ssh-host-config] Ensure that user sshd runs as
   can logon as a service.  Patch from vinschen at redhat com.

20120620
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/12/02 00:41:56
     [mux.c]
     fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     ok dtucker@@
   - djm@@cvs.openbsd.org 2011/12/04 23:16:12
     [mux.c]
     revert:
     > revision 1.32
     > date: 2011/12/02 00:41:56;  author: djm;  state: Exp;  lines: +4 -1
     > fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     > ok dtucker@@
     it interacts badly with ControlPersist
   - djm@@cvs.openbsd.org 2012/01/07 21:11:36
     [mux.c]
     fix double-free in new session handler
     NB. Id sync only
   - djm@@cvs.openbsd.org 2012/05/23 03:28:28
     [dns.c dns.h key.c key.h ssh-keygen.c]
     add support for RFC6594 SSHFP DNS records for ECDSA key types.
     patch from bugzilla-m67 AT nulld.me in bz#1978; ok + tweak markus@@
     (Original authors Ondřej Surý,  Ondřej Caletka and Daniel Black)
   - djm@@cvs.openbsd.org 2012/06/01 00:49:35
     [PROTOCOL.mux]
     correct types of port numbers (integers, not strings); bz#2004 from
     bert.wesarg AT googlemail.com
   - djm@@cvs.openbsd.org 2012/06/01 01:01:22
     [mux.c]
     fix memory leak when mux socket creation fails; bz#2002 from bert.wesarg
     AT googlemail.com
   - dtucker@@cvs.openbsd.org 2012/06/18 11:43:53
     [jpake.c]
     correct sizeof usage.  patch from saw at online.de, ok deraadt
   - dtucker@@cvs.openbsd.org 2012/06/18 11:49:58
     [ssh_config.5]
     RSA instead of DSA twice.  From Steve.McClellan at radisys com
   - dtucker@@cvs.openbsd.org 2012/06/18 12:07:07
     [ssh.1 sshd.8]
     Remove mention of 'three' key files since there are now four.  From
     Steve.McClellan at radisys com.
   - dtucker@@cvs.openbsd.org 2012/06/18 12:17:18
     [ssh.1]
     Clarify description of -W.  Noted by Steve.McClellan at radisys com,
     ok jmc
   - markus@@cvs.openbsd.org 2012/06/19 18:25:28
     [servconf.c servconf.h sshd_config.5]
     sshd_config: extend Match to allow AcceptEnv and {Allow,Deny}{Users,Groups}
     this allows 'Match LocalPort 1022' combined with 'AllowUser bauer'
     ok djm@@ (back in March)
   - jmc@@cvs.openbsd.org 2012/06/19 21:35:54
     [sshd_config.5]
     tweak previous; ok markus
   - djm@@cvs.openbsd.org 2012/06/20 04:42:58
     [clientloop.c serverloop.c]
     initialise accept() backoff timer to avoid EINVAL from select(2) in
     rekeying

20120519
 - (dtucker) [configure.ac] bz#2010: fix non-portable shell construct.  Patch
   from cjwatson at debian org.
 - (dtucker) [configure.ac contrib/Makefile] bz#1996: use AC_PATH_TOOL to find
   pkg-config so it does the right thing when cross-compiling.  Patch from
   cjwatson at debian org.
- (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/05/13 01:42:32
     [servconf.h servconf.c sshd.8 sshd.c auth.c sshd_config.5]
     Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests
     to match.  Feedback and ok djm@@ markus@@.
   - dtucker@@cvs.openbsd.org 2012/05/19 06:30:30
     [sshd_config.5]
     Document PermitOpen none.  bz#2001, patch from Loganaden Velvindron

20120504
 - (dtucker) [configure.ac] Include <sys/param.h> rather than <sys/types.h>
   to fix building on some plaforms.  Fom bowman at math utah edu and
   des at des no.

20120427
 - (dtucker) [regress/addrmatch.sh] skip tests when running on a non-ipv6
   platform rather than exiting early, so that we still clean up and return
   success or failure to test-exec.sh

20120426
 - (djm) [auth-passwd.c] Handle crypt() returning NULL; from Paul Wouters
   via Niels
 - (djm) [auth-krb5.c] Save errno across calls that might modify it;
   ok dtucker@@

20120423
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2012/04/23 08:18:17
     [channels.c]
     fix function proto/source mismatch

20120422
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2012/02/29 11:21:26
     [ssh-keygen.c]
     allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@@
   - guenther@@cvs.openbsd.org 2012/03/15 03:10:27
     [session.c]
     root should always be excluded from the test for /etc/nologin instead
     of having it always enforced even when marked as ignorenologin.  This
     regressed when the logic was incompletely flipped around in rev 1.251
     ok halex@@ millert@@
   - djm@@cvs.openbsd.org 2012/03/28 07:23:22
     [PROTOCOL.certkeys]
     explain certificate extensions/crit split rationale. Mention requirement
     that each appear at most once per cert.
   - dtucker@@cvs.openbsd.org 2012/03/29 23:54:36
     [channels.c channels.h servconf.c]
     Add PermitOpen none option based on patch from Loganaden Velvindron
     (bz #1949).  ok djm@@
   - djm@@cvs.openbsd.org 2012/04/11 13:16:19
     [channels.c channels.h clientloop.c serverloop.c]
     don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
     while; ok deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2012/04/11 13:17:54
     [auth.c]
     Support "none" as an argument for AuthorizedPrincipalsFile to indicate
     no file should be read.
   - djm@@cvs.openbsd.org 2012/04/11 13:26:40
     [sshd.c]
     don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
     while; ok deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2012/04/11 13:34:17
     [ssh-keyscan.1 ssh-keyscan.c]
     now that sshd defaults to offering ECDSA keys, ssh-keyscan should also
     look for them by default; bz#1971
   - djm@@cvs.openbsd.org 2012/04/12 02:42:32
     [servconf.c servconf.h sshd.c sshd_config sshd_config.5]
     VersionAddendum option to allow server operators to append some arbitrary
     text to the SSH-... banner; ok deraadt@@ "don't care" markus@@
   - djm@@cvs.openbsd.org 2012/04/12 02:43:55
     [sshd_config sshd_config.5]
     mention AuthorizedPrincipalsFile=none default
   - djm@@cvs.openbsd.org 2012/04/20 03:24:23
     [sftp.c]
     setlinebuf(3) is more readable than setvbuf(.., _IOLBF, ...)
   - jmc@@cvs.openbsd.org 2012/04/20 16:26:22
     [ssh.1]
     use "brackets" instead of "braces", for consistency;

20120420
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Update for release 6.0
 - (djm) [README] Update URL to release notes.
 - (djm) Release openssh-6.0

20120419
 - (djm) [configure.ac] Fix compilation error on FreeBSD, whose libutil
   contains openpty() but not login()

20120404
 - (djm) [Makefile.in configure.ac sandbox-seccomp-filter.c] Add sandbox
   mode for Linux's new seccomp filter; patch from Will Drewry; feedback
   and ok dtucker@@

20120330
 - (dtucker) [contrib/redhat/openssh.spec] Bug #1992: remove now-gone WARNING
   file from spec file.  From crighter at nuclioss com.
 - (djm) [entropy.c] bz#1991: relax OpenSSL version test to allow running
   openssh binaries on a newer fix release than they were compiled on.
   with and ok dtucker@@
 - (djm) [openbsd-compat/bsd-cygwin_util.h] #undef _WIN32 to avoid incorrect
   assumptions when building on Cygwin; patch from Corinna Vinschen

20120309
 - (djm) [openbsd-compat/port-linux.c] bz#1960: fix crash on SELinux 
   systems where sshd is run in te wrong context. Patch from Sven
   Vermeulen; ok dtucker@@
 - (djm) [packet.c] bz#1963: Fix IPQoS not being set on non-mapped v4-in-v6
   addressed connections. ok dtucker@@

20120224
 - (dtucker) [audit-bsm.c configure.ac] bug #1968: enable workarounds for BSM
   audit breakage in Solaris 11.  Patch from Magnus Johansson.

20120215
 - (tim) [openbsd-compat/bsd-misc.h sshd.c] Fix conflicting return type for
   unsetenv due to rev 1.14 change to setenv.c. Cast unsetenv to void in sshd.c
   ok dtucker@@
 - (tim) [defines.h] move chunk introduced in 1.125 before MAXPATHLEN so
   it actually works.
 - (tim) [regress/keytype.sh] stderr redirection needs to be inside back quote
   to work. Spotted by Angel Gonzalez

20120214
 - (djm) [openbsd-compat/bsd-cygwin_util.c] Add PROGRAMFILES to list of
   preserved Cygwin environment variables; from Corinna Vinschen

20120211
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2012/01/05 00:16:56
     [monitor.c]
     memleak on error path
   - djm@@cvs.openbsd.org 2012/01/07 21:11:36
     [mux.c]
     fix double-free in new session handler
   - miod@@cvs.openbsd.org 2012/01/08 13:17:11
     [ssh-ecdsa.c]
     Fix memory leak in ssh_ecdsa_verify(); from Loganaden Velvindron,
     ok markus@@
   - miod@@cvs.openbsd.org 2012/01/16 20:34:09
     [ssh-pkcs11-client.c]
     Fix a memory leak in pkcs11_rsa_private_encrypt(), reported by Jan Klemkow.
     While there, be sure to buffer_clear() between send_msg() and recv_msg().
     ok markus@@
   - dtucker@@cvs.openbsd.org 2012/01/18 21:46:43
     [clientloop.c]
     Ensure that $DISPLAY contains only valid characters before using it to
     extract xauth data so that it can't be used to play local shell
     metacharacter games.  Report from r00t_ati at ihteam.net, ok markus.
   - markus@@cvs.openbsd.org 2012/01/25 19:26:43
     [packet.c]
     do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying;
     ok dtucker@@, djm@@
   - markus@@cvs.openbsd.org 2012/01/25 19:36:31
     [authfile.c]
     memleak in key_load_file(); from Jan Klemkow
   - markus@@cvs.openbsd.org 2012/01/25 19:40:09
     [packet.c packet.h]
     packet_read_poll() is not used anymore.
   - markus@@cvs.openbsd.org 2012/02/09 20:00:18
     [version.h]
     move from 6.0-beta to 6.0

20120206
 - (djm) [ssh-keygen.c] Don't fail in do_gen_all_hostkeys on platforms
   that don't support ECC. Patch from Phil Oleson

20111219
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/12/02 00:41:56
     [mux.c]
     fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     ok dtucker@@
   - djm@@cvs.openbsd.org 2011/12/02 00:43:57
     [mac.c]
     fix bz#1934: newer OpenSSL versions will require HMAC_CTX_Init before
     HMAC_init (this change in policy seems insane to me)
     ok dtucker@@
   - djm@@cvs.openbsd.org 2011/12/04 23:16:12
     [mux.c]
     revert:
     > revision 1.32
     > date: 2011/12/02 00:41:56;  author: djm;  state: Exp;  lines: +4 -1
     > fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     > ok dtucker@@
     it interacts badly with ControlPersist
   - djm@@cvs.openbsd.org 2011/12/07 05:44:38
     [auth2.c dh.c packet.c roaming.h roaming_client.c roaming_common.c]
     fix some harmless and/or unreachable int overflows;
     reported Xi Wang, ok markus@@

20111125
 - OpenBSD CVS Sync
   - oga@@cvs.openbsd.org 2011/11/16 12:24:28
     [sftp.c]
     Don't leak list in complete_cmd_parse if there are no commands found.
     Discovered when I was ``borrowing'' this code for something else.
     ok djm@@

20111121
 - (dtucker) [configure.ac] Set _FORTIFY_SOURCE.  ok djm@@

20111104
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/10/18 05:15:28
     [ssh.c]
     ssh(1): skip attempting to create ~/.ssh when -F is passed; ok markus@@
   - djm@@cvs.openbsd.org 2011/10/18 23:37:42
     [ssh-add.c]
     add -k to usage(); reminded by jmc@@
   - djm@@cvs.openbsd.org 2011/10/19 00:06:10
     [moduli.c]
     s/tmpfile/tmp/ to make this -Wshadow clean
   - djm@@cvs.openbsd.org 2011/10/19 10:39:48
     [umac.c]
     typo in comment; patch from Michael W. Bombardieri
   - djm@@cvs.openbsd.org 2011/10/24 02:10:46
     [ssh.c]
     bz#1943: unbreak stdio forwarding when ControlPersist is in user - ssh
     was incorrectly requesting the forward in both the control master and
     slave. skip requesting it in the master to fix. ok markus@@
   - djm@@cvs.openbsd.org 2011/10/24 02:13:13
     [session.c]
     bz#1859: send tty break to pty master instead of (probably already
     closed) slave side; "looks good" markus@@
   - dtucker@@cvs.openbsd.org 011/11/04 00:09:39
     [moduli]
     regenerated moduli file; ok deraadt
 - (dtucker) [INSTALL LICENCE configure.ac openbsd-compat/Makefile.in
   openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/getrrsetbyname.c]
   bz 1320: Add optional support for LDNS, a BSD licensed DNS resolver library
   which supports DNSSEC.  Patch from Simon Vallet (svallet at genoscope cns fr)
   with some rework from myself and djm.  ok djm.

20111025
 - (dtucker) [contrib/cygwin/Makefile] Continue if installing a doc file
   fails.  Patch from Corinna Vinschen.

20111018
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/10/04 14:17:32
     [sftp-glob.c]
     silence error spam for "ls */foo" in directory with files; bz#1683
   - dtucker@@cvs.openbsd.org 2011/10/16 11:02:46
     [moduli.c ssh-keygen.1 ssh-keygen.c]
     Add optional checkpoints for moduli screening.  feedback & ok deraadt
   - jmc@@cvs.openbsd.org 2011/10/16 15:02:41
     [ssh-keygen.c]
     put -K in the right place (usage());
   - stsp@@cvs.openbsd.org 2011/10/16 15:51:39
     [moduli.c]
     add missing includes to unbreak tree; fix from rpointel
   - djm@@cvs.openbsd.org 2011/10/18 04:58:26
     [auth-options.c key.c]
     remove explict search for \0 in packet strings, this job is now done
     implicitly by buffer_get_cstring; ok markus
   - djm@@cvs.openbsd.org 2011/10/18 05:00:48
     [ssh-add.1 ssh-add.c]
     new "ssh-add -k" option to load plain keys (skipping certificates);
     "looks ok" markus@@

20111001
 - (dtucker) [openbsd-compat/mktemp.c] Fix compiler warning.  ok djm
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2011/09/23 00:22:04
     [channels.c auth-options.c servconf.c channels.h sshd.8]
     Add wildcard support to PermitOpen, allowing things like "PermitOpen
     localhost:*".  bz #1857, ok djm markus.
   - markus@@cvs.openbsd.org 2011/09/23 07:45:05
     [mux.c readconf.h channels.h compat.h compat.c ssh.c readconf.c channels.c
     version.h]
     unbreak remote portforwarding with dynamic allocated listen ports:
     1) send the actual listen port in the open message (instead of 0).
        this allows multiple forwardings with a dynamic listen port
     2) update the matching permit-open entry, so we can identify where
        to connect to
     report: den at skbkontur.ru and P. Szczygielski
     feedback and ok djm@@
   - djm@@cvs.openbsd.org 2011/09/25 05:44:47
     [auth2-pubkey.c]
     improve the AuthorizedPrincipalsFile debug log message to include
     file and line number
   - dtucker@@cvs.openbsd.org 2011/09/30 00:47:37
     [sshd.c]
     don't attempt privsep cleanup when not using privsep; ok markus@@
   - djm@@cvs.openbsd.org 2011/09/30 21:22:49
     [sshd.c]
     fix inverted test that caused logspam; spotted by henning@@

20110929
 - (djm) [configure.ac defines.h] No need to detect sizeof(char); patch
   from des AT des.no
 - (dtucker) [configure.ac openbsd-compat/Makefile.in
   openbsd-compat/strnlen.c] Add strnlen to the compat library.

20110923
 - (djm) [openbsd-compat/getcwd.c] Remove OpenBSD rcsid marker since we no
   longer want to sync this file (OpenBSD uses a __getcwd syscall now, we
   want this longhand version)
 - (djm) [openbsd-compat/getgrouplist.c] Remove OpenBSD rcsid marker: the
   upstream version is YPified and we don't want this
 - (djm) [openbsd-compat/mktemp.c] forklift upgrade to -current version.
   The file was totally rewritten between what we had in tree and -current.
 - (djm) [openbsd-compat/sha2.c openbsd-compat/sha2.h] Remove OpenBSD rcsid
   marker. The upstream API has changed (function and structure names)
   enough to put it out of sync with other providers of this interface.
 - (djm) [openbsd-compat/setenv.c] Forklift upgrade, including inclusion
   of static __findenv() function from upstream setenv.c
 - OpenBSD CVS Sync
   - millert@@cvs.openbsd.org 2006/05/05 15:27:38
     [openbsd-compat/strlcpy.c]
     Convert do {} while loop -> while {} for clarity.  No binary change
     on most architectures.  From Oliver Smith.  OK deraadt@@ and henning@@
   - tobias@@cvs.openbsd.org 2007/10/21 11:09:30
     [openbsd-compat/mktemp.c]
     Comment fix about time consumption of _gettemp.
     FreeBSD did this in revision 1.20.
     OK deraadt@@, krw@@
   - deraadt@@cvs.openbsd.org 2008/07/22 21:47:45
     [openbsd-compat/mktemp.c]
     use arc4random_uniform(); ok djm millert
   - millert@@cvs.openbsd.org 2008/08/21 16:54:44
     [openbsd-compat/mktemp.c]
     Remove useless code, the kernel will set errno appropriately if an
     element in the path does not exist.  OK deraadt@@ pvalchev@@
   - otto@@cvs.openbsd.org 2008/12/09 19:38:38
     [openbsd-compat/inet_ntop.c]
     fix inet_ntop(3) prototype; ok millert@@ libc to be bumbed very soon

20110922
 - OpenBSD CVS Sync
   - pyr@@cvs.openbsd.org 2011/05/12 07:15:10
     [openbsd-compat/glob.c]
     When the max number of items for a directory has reached GLOB_LIMIT_READDIR
     an error is returned but closedir() is not called.
     spotted and fix provided by Frank Denis obsd-tech@@pureftpd.org
     ok otto@@, millert@@
   - stsp@@cvs.openbsd.org 2011/09/20 10:18:46
     [glob.c]
     In glob(3), limit recursion during matching attempts. Similar to
     fnmatch fix. Also collapse consecutive '*' (from NetBSD).
     ok miod deraadt
   - djm@@cvs.openbsd.org 2011/09/22 06:27:29
     [glob.c]
     fix GLOB_KEEPSTAT without GLOB_NOSORT; the implicit sort was being
     applied only to the gl_pathv vector and not the corresponding gl_statv
     array. reported in OpenSSH bz#1935; feedback and okay matthew@@
   - djm@@cvs.openbsd.org 2011/08/26 01:45:15
     [ssh.1]
     Add some missing ssh_config(5) options that can be used in ssh(1)'s
     -o argument. Patch from duclare AT guu.fi
   - djm@@cvs.openbsd.org 2011/09/05 05:56:13
     [scp.1 sftp.1]
     mention ControlPersist and KbdInteractiveAuthentication in the -o
     verbiage in these pages too (prompted by jmc@@)
   - djm@@cvs.openbsd.org 2011/09/05 05:59:08
     [misc.c]
     fix typo in IPQoS parsing: there is no "AF14" class, but there is
     an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
   - jmc@@cvs.openbsd.org 2011/09/05 07:01:44
     [scp.1]
     knock out a useless Ns;
   - deraadt@@cvs.openbsd.org 2011/09/07 02:18:31
     [ssh-keygen.1]
     typo (they vs the) found by Lawrence Teo
   - djm@@cvs.openbsd.org 2011/09/09 00:43:00
     [ssh_config.5 sshd_config.5]
     fix typo in IPQoS parsing: there is no "AF14" class, but there is
     an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
   - djm@@cvs.openbsd.org 2011/09/09 00:44:07
     [PROTOCOL.mux]
     MUX_C_CLOSE_FWD includes forward type in message (though it isn't
     implemented anyway)
   - djm@@cvs.openbsd.org 2011/09/09 22:37:01
     [scp.c]
     suppress adding '--' to remote commandlines when the first argument
     does not start with '-'. saves breakage on some difficult-to-upgrade
     embedded/router platforms; feedback & ok dtucker ok markus
   - djm@@cvs.openbsd.org 2011/09/09 22:38:21
     [sshd.c]
     kill the preauth privsep child on fatal errors in the monitor;
     ok markus@@
   - djm@@cvs.openbsd.org 2011/09/09 22:46:44
     [channels.c channels.h clientloop.h mux.c ssh.c]
     support for cancelling local and remote port forwards via the multiplex
     socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@@host" to request
     the cancellation of the specified forwardings; ok markus@@
   - markus@@cvs.openbsd.org 2011/09/10 22:26:34
     [channels.c channels.h clientloop.c ssh.1]
     support cancellation of local/dynamic forwardings from ~C commandline;
     ok & feedback djm@@
   - okan@@cvs.openbsd.org 2011/09/11 06:59:05
     [ssh.1]
     document new -O cancel command; ok djm@@
   - markus@@cvs.openbsd.org 2011/09/11 16:07:26
     [sftp-client.c]
     fix leaks in do_hardlink() and do_readlink(); bz#1921
     from Loganaden Velvindron
   - markus@@cvs.openbsd.org 2011/09/12 08:46:15
     [sftp-client.c]
     fix leak in do_lsreaddir(); ok djm
   - djm@@cvs.openbsd.org 2011/09/22 06:29:03
     [sftp.c]
     don't let remote_glob() implicitly sort its results in do_globbed_ls() -
     in all likelihood, they will be resorted anyway

20110909
 - (dtucker) [entropy.h] Bug #1932: remove old definition of init_rng.  From
   Colin Watson.

20110906
 - (djm) [README version.h] Correct version
 - (djm) [contrib/redhat/openssh.spec] Correct restorcon => restorecon
 - (djm) Respin OpenSSH-5.9p1 release

20110905
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Update version numbers.

20110904
 - (djm) [regress/connect-privsep.sh regress/test-exec.sh] demote fatal
   regress errors for the sandbox to warnings. ok tim dtucker
 - (dtucker) [ssh-keygen.c ssh-pkcs11.c] Bug #1929: add null implementations
   ofsh-pkcs11.cpkcs_init and pkcs_terminate for building without dlopen
   support.

20110829
 - (djm) [openbsd-compat/port-linux.c] Suppress logging when attempting
   to switch SELinux context away from unconfined_t, based on patch from
   Jan Chadima; bz#1919 ok dtucker@@

20110827
 - (dtucker) [auth-skey.c] Add log.h to fix build --with-skey.

20110818
 - (tim) [configure.ac] Typo in error message spotted by Andy Tsouladze

20110817
 - (tim) [mac.c myproposal.h] Wrap SHA256 and SHA512 in ifdefs for
   OpenSSL 0.9.7. ok djm
 - (djm) [ openbsd-compat/bsd-cygwin_util.c openbsd-compat/bsd-cygwin_util.h]
   binary_pipe is no longer required on Cygwin; patch from Corinna Vinschen
 - (djm) [configure.ac] error out if the host lacks the necessary bits for
   an explicitly requested sandbox type
 - (djm) [contrib/ssh-copy-id] Missing backlslash; spotted by
   bisson AT archlinux.org
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2011/06/03 05:35:10
     [regress/cfgmatch.sh]
     use OBJ to find test configs, patch from Tim Rice
   - markus@@cvs.openbsd.org 2011/06/30 22:44:43
     [regress/connect-privsep.sh]
     test with sandbox enabled; ok djm@@
   - djm@@cvs.openbsd.org 2011/08/02 01:23:41
     [regress/cipher-speed.sh regress/try-ciphers.sh]
     add SHA256/SHA512 based HMAC modes
 - (djm) [regress/cipher-speed.sh regress/try-ciphers.sh] disable HMAC-SHA2
   MAC tests for platforms that hack EVP_SHA2 support

20110812
 - (dtucker) [openbsd-compat/port-linux.c] Bug 1924: Improve selinux context
   change error by reporting old and new context names  Patch from
   jchadima at redhat.
 - (djm) [contrib/redhat/openssh.spec contrib/redhat/sshd.init]
   [contrib/suse/openssh.spec contrib/suse/rc.sshd] Updated RHEL and SLES
   init scrips from imorgan AT nas.nasa.gov; bz#1920
 - (djm) [contrib/ssh-copy-id] Fix failure for cases where the path to the
   identify file contained whitespace. bz#1828 patch from gwenael.lambrouin
   AT gmail.com; ok dtucker@@

20110807
 - (dtucker) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2008/06/26 06:59:39
     [moduli.5]
     tweak previous;
   - sobrado@@cvs.openbsd.org 2009/10/28 08:56:54
     [moduli.5]
     "Diffie-Hellman" is the usual spelling for the cryptographic protocol
     first published by Whitfield Diffie and Martin Hellman in 1976.
     ok jmc@@
   - jmc@@cvs.openbsd.org 2010/10/14 20:41:28
     [moduli.5]
     probabalistic -> probabilistic; from naddy
   - dtucker@@cvs.openbsd.org 2011/08/07 12:55:30
     [sftp.1]
     typo, fix from Laurent Gautrot

20110805
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/06/23 23:35:42
     [monitor.c]
     ignore EINTR errors from poll()
   - tedu@@cvs.openbsd.org 2011/07/06 18:09:21
     [authfd.c]
     bzero the agent address.  the kernel was for a while very cranky about
     these things.  evne though that's fixed, always good to initialize
     memory.  ok deraadt djm
   - djm@@cvs.openbsd.org 2011/07/29 14:42:45
     [sandbox-systrace.c]
     fail open(2) with EPERM rather than SIGKILLing the whole process. libc
     will call open() to do strerror() when NLS is enabled;
     feedback and ok markus@@
   - markus@@cvs.openbsd.org 2011/08/01 19:18:15
     [gss-serv.c]
     prevent post-auth resource exhaustion (int overflow leading to 4GB malloc);
     report Adam Zabrock; ok djm@@, deraadt@@
   - djm@@cvs.openbsd.org 2011/08/02 01:22:11
     [mac.c myproposal.h ssh.1 ssh_config.5 sshd.8 sshd_config.5]
     Add new SHA256 and SHA512 based HMAC modes from
     http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt
     Patch from mdb AT juniper.net; feedback and ok markus@@
   - djm@@cvs.openbsd.org 2011/08/02 23:13:01
     [version.h]
     crank now, release later
   - djm@@cvs.openbsd.org 2011/08/02 23:15:03
     [ssh.c]
     typo in comment

20110624
 - (djm) [configure.ac Makefile.in sandbox-darwin.c] Add a sandbox for
   Darwin/OS X using sandbox_init() + setrlimit(); feedback and testing
   markus@@

20110623
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/06/22 21:47:28
     [servconf.c]
     reuse the multistate option arrays to pretty-print options for "sshd -T"
   - djm@@cvs.openbsd.org 2011/06/22 21:57:01
     [servconf.c servconf.h sshd.c sshd_config.5]
     [configure.ac Makefile.in]
     introduce sandboxing of the pre-auth privsep child using systrace(4).
     
     This introduces a new "UsePrivilegeSeparation=sandbox" option for
     sshd_config that applies mandatory restrictions on the syscalls the
     privsep child can perform. This prevents a compromised privsep child
     from being used to attack other hosts (by opening sockets and proxying)
     or probing local kernel attack surface.
     
     The sandbox is implemented using systrace(4) in unsupervised "fast-path"
     mode, where a list of permitted syscalls is supplied. Any syscall not
     on the list results in SIGKILL being sent to the privsep child. Note
     that this requires a kernel with the new SYSTR_POLICY_KILL option.
     
     UsePrivilegeSeparation=sandbox will become the default in the future
     so please start testing it now.
     
     feedback dtucker@@; ok markus@@
   - djm@@cvs.openbsd.org 2011/06/22 22:08:42
     [channels.c channels.h clientloop.c clientloop.h mux.c ssh.c]
     hook up a channel confirm callback to warn the user then requested X11
     forwarding was refused by the server; ok markus@@
   - djm@@cvs.openbsd.org 2011/06/23 09:34:13
     [sshd.c ssh-sandbox.h sandbox.h sandbox-rlimit.c sandbox-systrace.c]
     [sandbox-null.c]
     rename sandbox.h => ssh-sandbox.h to make things easier for portable
 - (djm) [sandbox-null.c] Dummy sandbox for platforms that don't support
   setrlimit(2)

20110620
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/06/04 00:10:26
     [ssh_config.5]
     explain IdentifyFile's semantics a little better, prompted by bz#1898
     ok dtucker jmc
   - markus@@cvs.openbsd.org 2011/06/14 22:49:18
     [authfile.c]
     make sure key_parse_public/private_rsa1() no longer consumes its input
     buffer.  fixes ssh-add for passphrase-protected ssh1-keys;
     noted by naddy@@; ok djm@@
   - djm@@cvs.openbsd.org 2011/06/17 21:44:31
     [log.c log.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h sshd.c]
     make the pre-auth privsep slave log via a socketpair shared with the
     monitor rather than /var/empty/dev/log; ok dtucker@@ deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2011/06/17 21:46:16
     [sftp-server.c]
     the protocol version should be unsigned; bz#1913 reported by mb AT
     smartftp.com
   - djm@@cvs.openbsd.org 2011/06/17 21:47:35
     [servconf.c]
     factor out multi-choice option parsing into a parse_multistate label
     and some support structures; ok dtucker@@
   - djm@@cvs.openbsd.org 2011/06/17 21:57:25
     [clientloop.c]
     setproctitle for a mux master that has been gracefully stopped;
     bz#1911 from Bert.Wesarg AT googlemail.com

20110603
 - (dtucker) [README version.h contrib/caldera/openssh.spec
   contrib/redhat/openssh.spec contrib/suse/openssh.spec] Pull the version
   bumps from the 5.8p2 branch into HEAD.  ok djm.
 - (tim) [configure.ac defines.h] Run test program to detect system mail
   directory. Add --with-maildir option to override. Fixed OpenServer 6
   getting it wrong. Fixed many systems having MAIL=/var/mail//username
   ok dtucker
 - (dtucker) [monitor.c] Remove the !HAVE_SOCKETPAIR case.  We use socketpair
   unconditionally in other places and the survey data we have does not show
   any systems that use it.  "nuke it" djm@@
 - (djm) [configure.ac] enable setproctitle emulation for OS X
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/06/03 00:54:38
     [ssh.c]
     bz#1883 - setproctitle() to identify mux master; patch from Bert.Wesarg
     AT googlemail.com; ok dtucker@@
     NB. includes additional portability code to enable setproctitle emulation
     on platforms that don't support it.
   - dtucker@@cvs.openbsd.org 2011/06/03 01:37:40
     [ssh-agent.c]
     Check current parent process ID against saved one to determine if the parent
     has exited, rather than attempting to send a zero signal, since the latter
     won't work if the parent has changed privs.  bz#1905, patch from Daniel Kahn
     Gillmor, ok djm@@
    - dtucker@@cvs.openbsd.org 2011/05/31 02:01:58
     [regress/dynamic-forward.sh]
     back out revs 1.6 and 1.5 since it's not reliable
   - dtucker@@cvs.openbsd.org 2011/05/31 02:03:34
     [regress/dynamic-forward.sh]
     work around startup and teardown races; caught by deraadt
   - dtucker@@cvs.openbsd.org 2011/06/03 00:29:52
     [regress/dynamic-forward.sh]
     Retry establishing the port forwarding after a small delay, should make
     the tests less flaky when the previous test is slow to shut down and free
     up the port.
 - (tim) [regress/cfgmatch.sh] Build/test out of tree fix.

20110529
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/05/23 03:30:07
     [auth-rsa.c auth.c auth.h auth2-pubkey.c monitor.c monitor_wrap.c]
     [pathnames.h servconf.c servconf.h sshd.8 sshd_config sshd_config.5]
     allow AuthorizedKeysFile to specify multiple files, separated by spaces.
     Bring back authorized_keys2 as a default search path (to avoid breaking
     existing users of this file), but override this in sshd_config so it will
     be no longer used on fresh installs. Maybe in 2015 we can remove it
     entierly :)
     
     feedback and ok markus@@ dtucker@@
   - djm@@cvs.openbsd.org 2011/05/23 03:33:38
     [auth.c]
     make secure_filename() spam debug logs less
   - djm@@cvs.openbsd.org 2011/05/23 03:52:55
     [sshconnect.c]
     remove extra newline
   - jmc@@cvs.openbsd.org 2011/05/23 07:10:21
     [sshd.8 sshd_config.5]
     tweak previous; ok djm
   - djm@@cvs.openbsd.org 2011/05/23 07:24:57
     [authfile.c]
     read in key comments for v.2 keys (though note that these are not
     passed over the agent protocol); bz#439, based on patch from binder
     AT arago.de; ok markus@@
   - djm@@cvs.openbsd.org 2011/05/24 07:15:47
     [readconf.c readconf.h ssh.c ssh_config.5 sshconnect.c sshconnect2.c]
     Remove undocumented legacy options UserKnownHostsFile2 and
     GlobalKnownHostsFile2 by making UserKnownHostsFile/GlobalKnownHostsFile
     accept multiple paths per line and making their defaults include
     known_hosts2; ok markus
   - djm@@cvs.openbsd.org 2011/05/23 03:31:31
     [regress/cfgmatch.sh]
     include testing of multiple/overridden AuthorizedKeysFiles
     refactor to simply daemon start/stop and get rid of racy constructs

20110520
 - (djm) [session.c] call setexeccon() before executing passwd for pw
   changes; bz#1891 reported by jchadima AT redhat.com; ok dtucker@@
 - (djm) [aclocal.m4 configure.ac] since gcc-4.x ignores all -Wno-options
   options, we should corresponding -W-option when trying to determine
   whether it is accepted.  Also includes a warning fix on the program
   fragment uses (bad main() return type).
   bz#1900 and bz#1901 reported by g.esp AT free.fr; ok dtucker@@
 - (djm) [servconf.c] remove leftover droppings of AuthorizedKeysFile2
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/05/15 08:09:01
     [authfd.c monitor.c serverloop.c]
     use FD_CLOEXEC consistently; patch from zion AT x96.org
   - djm@@cvs.openbsd.org 2011/05/17 07:13:31
     [key.c]
     fatal() if asked to generate a legacy ECDSA cert (these don't exist)
     and fix the regress test that was trying to generate them :)
   - djm@@cvs.openbsd.org 2011/05/20 00:55:02
     [servconf.c]
     the options TrustedUserCAKeys, RevokedKeysFile, AuthorizedKeysFile
     and AuthorizedPrincipalsFile were not being correctly applied in
     Match blocks, despite being overridable there; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2011/05/20 02:00:19
     [servconf.c]
     Add comment documenting what should be after the preauth check.  ok djm
   - djm@@cvs.openbsd.org 2011/05/20 03:25:45
     [monitor.c monitor_wrap.c servconf.c servconf.h]
     use a macro to define which string options to copy between configs
     for Match. This avoids problems caused by forgetting to keep three
     code locations in perfect sync and ordering
     
     "this is at once beautiful and horrible" + ok dtucker@@
   - djm@@cvs.openbsd.org 2011/05/17 07:13:31
     [regress/cert-userkey.sh]
     fatal() if asked to generate a legacy ECDSA cert (these don't exist)
     and fix the regress test that was trying to generate them :)
   - djm@@cvs.openbsd.org 2011/05/20 02:43:36
     [cert-hostkey.sh]
     another attempt to generate a v00 ECDSA key that broke the test
     ID sync only - portable already had this somehow
   - dtucker@@cvs.openbsd.org 2011/05/20 05:19:50
     [dynamic-forward.sh]
     Prevent races in dynamic forwarding test; ok djm
   - dtucker@@cvs.openbsd.org 2011/05/20 06:32:30
     [dynamic-forward.sh]
     fix dumb error in dynamic-forward test

20110515
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/05/05 05:12:08
     [mux.c]
     gracefully fall back when ControlPath is too large for a
     sockaddr_un. ok markus@@ as part of a larger diff
   - dtucker@@cvs.openbsd.org 2011/05/06 01:03:35
     [sshd_config]
     clarify language about overriding defaults.  bz#1892, from Petr Cerny
   - djm@@cvs.openbsd.org 2011/05/06 01:09:53
     [sftp.1]
     mention that IPv6 addresses must be enclosed in square brackets;
     bz#1845
   - djm@@cvs.openbsd.org 2011/05/06 02:05:41
     [sshconnect2.c]
     fix memory leak; bz#1849 ok dtucker@@
   - djm@@cvs.openbsd.org 2011/05/06 21:14:05
     [packet.c packet.h]
     set traffic class for IPv6 traffic as we do for IPv4 TOS;
     patch from lionel AT mamane.lu via Colin Watson in bz#1855;
     ok markus@@
   - djm@@cvs.openbsd.org 2011/05/06 21:18:02
     [ssh.c ssh_config.5]
     add a %L expansion (short-form of the local host name) for ControlPath;
     sync some more expansions with LocalCommand; ok markus@@
   - djm@@cvs.openbsd.org 2011/05/06 21:31:38
     [readconf.c ssh_config.5]
     support negated Host matching, e.g.
     
     Host *.example.org !c.example.org
        User mekmitasdigoat
     
     Will match "a.example.org", "b.example.org", but not "c.example.org"
     ok markus@@
   - djm@@cvs.openbsd.org 2011/05/06 21:34:32
     [clientloop.c mux.c readconf.c readconf.h ssh.c ssh_config.5]
     Add a RequestTTY ssh_config option to allow configuration-based
     control over tty allocation (like -t/-T); ok markus@@
   - djm@@cvs.openbsd.org 2011/05/06 21:38:58
     [ssh.c]
     fix dropping from previous diff
   - djm@@cvs.openbsd.org 2011/05/06 22:20:10
     [PROTOCOL.mux]
     fix numbering; from bert.wesarg AT googlemail.com
   - jmc@@cvs.openbsd.org 2011/05/07 23:19:39
     [ssh_config.5]
     - tweak previous
     - come consistency fixes
     ok djm
   - jmc@@cvs.openbsd.org 2011/05/07 23:20:25
     [ssh.1]
     +.It RequestTTY
   - djm@@cvs.openbsd.org 2011/05/08 12:52:01
     [PROTOCOL.mux clientloop.c clientloop.h mux.c]
     improve our behaviour when TTY allocation fails: if we are in
     RequestTTY=auto mode (the default), then do not treat at TTY
     allocation error as fatal but rather just restore the local TTY
     to cooked mode and continue. This is more graceful on devices that
     never allocate TTYs.
     
     If RequestTTY is set to "yes" or "force", then failure to allocate
     a TTY is fatal.
     
     ok markus@@
   - djm@@cvs.openbsd.org 2011/05/10 05:46:46
     [authfile.c]
     despam debug() logs by detecting that we are trying to load a private key
     in key_try_load_public() and returning early; ok markus@@
   - djm@@cvs.openbsd.org 2011/05/11 04:47:06
     [auth.c auth.h auth2-pubkey.c pathnames.h servconf.c servconf.h]
     remove support for authorized_keys2; it is a relic from the early days
     of protocol v.2 support and has been undocumented for many years;
     ok markus@@
   - djm@@cvs.openbsd.org 2011/05/13 00:05:36
     [authfile.c]
     warn on unexpected key type in key_parse_private_type()
 - (djm) [packet.c] unbreak portability #endif

20110510
 - (dtucker) [openbsd-compat/openssl-compat.{c,h}] Bug #1882: fix
   --with-ssl-engine which was broken with the change from deprecated
   SSLeay_add_all_algorithms().  ok djm

20110506
 - (dtucker) [openbsd-compat/regress/closefromtest.c] Bug #1875: add prototype
   for closefrom() in test code.  Report from Dan Wallis via Gentoo.

20110505
 - (djm) [defines.h] Move up include of netinet/ip.h for IPTOS
   definitions. From des AT des.no
 - (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac]
   [entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c]
   [ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c]
   [ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh]
   [regress/README.regress] Remove ssh-rand-helper and all its
   tentacles. PRNGd seeding has been rolled into entropy.c directly.
   Thanks to tim@@ for testing on affected platforms.
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/03/10 02:52:57
     [auth2-gss.c auth2.c auth.h]
     allow GSSAPI authentication to detect when a server-side failure causes
     authentication failure and don't count such failures against MaxAuthTries;
     bz#1244 from simon AT sxw.org.uk; ok markus@@ before lock
   - okan@@cvs.openbsd.org 2011/03/15 10:36:02
     [ssh-keyscan.c]
     use timerclear macro
     ok djm@@
   - stevesk@@cvs.openbsd.org 2011/03/23 15:16:22
     [ssh-keygen.1 ssh-keygen.c]
     Add -A option.  For each of the key types (rsa1, rsa, dsa and ecdsa)
     for which host keys do not exist, generate the host keys with the
     default key file path, an empty passphrase, default bits for the key
     type, and default comment.  This will be used by /etc/rc to generate
     new host keys.  Idea from deraadt.
     ok deraadt
   - stevesk@@cvs.openbsd.org 2011/03/23 16:24:56
     [ssh-keygen.1]
     -q not used in /etc/rc now so remove statement.
   - stevesk@@cvs.openbsd.org 2011/03/23 16:50:04
     [ssh-keygen.c]
     remove -d, documentation removed >10 years ago; ok markus
   - jmc@@cvs.openbsd.org 2011/03/24 15:29:30
     [ssh-keygen.1]
     zap trailing whitespace;
   - stevesk@@cvs.openbsd.org 2011/03/24 22:14:54
     [ssh-keygen.c]
     use strcasecmp() for "clear" cert permission option also; ok djm
   - stevesk@@cvs.openbsd.org 2011/03/29 18:54:17
     [misc.c misc.h servconf.c]
     print ipqos friendly string for sshd -T; ok markus
     # sshd -Tf sshd_config|grep ipqos
     ipqos lowdelay throughput
   - djm@@cvs.openbsd.org 2011/04/12 04:23:50
     [ssh-keygen.c]
     fix -Wshadow
   - djm@@cvs.openbsd.org 2011/04/12 05:32:49
     [sshd.c]
     exit with 0 status on SIGTERM; bz#1879
   - djm@@cvs.openbsd.org 2011/04/13 04:02:48
     [ssh-keygen.1]
     improve wording; bz#1861
   - djm@@cvs.openbsd.org 2011/04/13 04:09:37
     [ssh-keygen.1]
     mention valid -b sizes for ECDSA keys; bz#1862
   - djm@@cvs.openbsd.org 2011/04/17 22:42:42
     [PROTOCOL.mux clientloop.c clientloop.h mux.c ssh.1 ssh.c]
     allow graceful shutdown of multiplexing: request that a mux server
     removes its listener socket and refuse future multiplexing requests;
     ok markus@@
   - djm@@cvs.openbsd.org 2011/04/18 00:46:05
     [ssh-keygen.c]
     certificate options are supposed to be packed in lexical order of
     option name (though we don't actually enforce this at present).
     Move one up that was out of sequence
   - djm@@cvs.openbsd.org 2011/05/04 21:15:29
     [authfile.c authfile.h ssh-add.c]
     allow "ssh-add - < key"; feedback and ok markus@@
 - (tim) [configure.ac] Add AC_LANG_SOURCE to OPENSSH_CHECK_CFLAG_COMPILE
   so autoreconf 2.68 is happy.
 - (tim) [defines.h] Deal with platforms that do not have S_IFSOCK ok djm@@

20110221
 - (dtucker) [contrib/cygwin/ssh-host-config] From Corinna: revamp of the
   Cygwin-specific service installer script ssh-host-config.  The actual
   functionality is the same, the revisited version is just more
   exact when it comes to check for problems which disallow to run
   certain aspects of the script.  So, part of this script and the also
   rearranged service helper script library "csih" is to check if all
   the tools required to run the script are available on the system.
   The new script also is more thorough to inform the user why the
   script failed.  Patch from vinschen at redhat com.

20110218
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/02/16 00:31:14
     [ssh-keysign.c]
     make hostbased auth with ECDSA keys work correctly. Based on patch
     by harvey.eneman AT oracle.com in bz#1858; ok markus@@ (pre-lock)

20110206
 - (dtucker) [openbsd-compat/port-linux.c] Bug #1851: fix syntax error in
   selinux code.  Patch from Leonardo Chiquitto 
 - (dtucker) [contrib/cygwin/ssh-{host,user}-config]  Add ECDSA key
   generation and simplify.  Patch from Corinna Vinschen.

20110204
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/01/31 21:42:15
     [PROTOCOL.mux]
     cut'n'pasto; from bert.wesarg AT googlemail.com
   - djm@@cvs.openbsd.org 2011/02/04 00:44:21
     [key.c]
     fix uninitialised nonce variable; reported by Mateusz Kocielski
   - djm@@cvs.openbsd.org 2011/02/04 00:44:43
     [version.h]
     openssh-5.8
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] update versions in docs and spec files.
 - Release OpenSSH 5.8p1

20110128
 - (djm) [openbsd-compat/port-linux.c] Check whether SELinux is enabled
   before attempting setfscreatecon(). Check whether matchpathcon()
   succeeded before using its result. Patch from cjwatson AT debian.org;
   bz#1851

20110127
 - (tim) [config.guess config.sub] Sync with upstream.
 - (tim) [configure.ac] Consistent M4 quoting throughout, updated obsolete
   AC_TRY_COMPILE with AC_COMPILE_IFELSE, updated obsolete AC_TRY_LINK with
   AC_LINK_IFELSE, updated obsolete AC_TRY_RUN with AC_RUN_IFELSE, misc white
   space changes for consistency/readability. Makes autoconf 2.68 happy.
   "Nice work" djm

20110125
 - (djm) [configure.ac Makefile.in ssh.c openbsd-compat/port-linux.c
   openbsd-compat/port-linux.h] Move SELinux-specific code from ssh.c to
   port-linux.c to avoid compilation errors. Add -lselinux to ssh when
   building with SELinux support to avoid linking failure; report from
   amk AT spamfence.net; ok dtucker

20110122
 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add
   RSA_get_default_method() for the benefit of openssl versions that don't
   have it (at least openssl-engine-0.9.6b).  Found and tested by Kevin Brott,
   ok djm@@.
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/01/22 09:18:53
     [version.h]
     crank to OpenSSH-5.7
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] update versions in docs and spec files.
 - (djm) Release 5.7p1

20110119
 - (tim) [contrib/caldera/openssh.spec] Use CFLAGS from Makefile instead
   of RPM so build completes. Signatures were changed to .asc since 4.1p1.
 - (djm) [configure.ac] Disable ECC on OpenSSL <0.9.8g. Releases prior to
   0.9.8 lacked it, and 0.9.8a through 0.9.8d have proven buggy in pre-
   release testing (random crashes and failure to load ECC keys).
   ok dtucker@@

20110117
 - (djm) [regress/Makefile] use $TEST_SSH_KEYGEN instead of the one in
   $PATH, fix cleanup of droppings; reported by openssh AT
   roumenpetrov.info; ok dtucker@@
 - (djm) [regress/agent-ptrace.sh] Fix false failure on OS X by adding
   its unique snowflake of a gdb error to the ones we look for.
 - (djm) [regress/agent-getpeereid.sh] leave stdout attached when running
   ssh-add to avoid $SUDO failures on Linux
 - (dtucker) [openbsd-compat/port-linux.c] Bug #1838: Add support for the new
   Linux OOM-killer magic values that changed in 2.6.36 kernels, with fallback
   to the old values.  Feedback from vapier at gentoo org and djm, ok djm.
 - (djm) [configure.ac regress/agent-getpeereid.sh regress/multiplex.sh]
   [regress/sftp-glob.sh regress/test-exec.sh] Rework how feature tests are
   disabled on platforms that do not support them; add a "config_defined()"
   shell function that greps for defines in config.h and use them to decide
   on feature tests.
   Convert a couple of existing grep's over config.h to use the new function
   Add a define "FILESYSTEM_NO_BACKSLASH" for filesystem that can't represent
   backslash characters in filenames, enable it for Cygwin and use it to turn
   of tests for quotes backslashes in sftp-glob.sh.
   based on discussion with vinschen AT redhat.com and dtucker@@; ok dtucker@@
 - (tim) [regress/agent-getpeereid.sh] shell portability fix.
 - (dtucker) [openbsd-compat/port-linux.c] Fix minor bug caught by -Werror on
   the tinderbox.
 - (dtucker) [LICENCE Makefile.in audit-bsm.c audit-linux.c audit.c audit.h
   configure.ac defines.h loginrec.c]  Bug #1402: add linux audit subsystem
   support, based on patches from Tomas Mraz and jchadima at redhat.

20110116
 - (dtucker) [Makefile.in configure.ac regress/kextype.sh] Skip sha256-based
   on configurations that don't have it.
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/01/16 11:50:05
     [clientloop.c]
     Use atomicio when flushing protocol 1 std{out,err} buffers at
     session close. This was a latent bug exposed by setting a SIGCHLD
     handler and spotted by kevin.brott AT gmail.com; ok dtucker@@
   - djm@@cvs.openbsd.org 2011/01/16 11:50:36
     [sshconnect.c]
     reset the SIGPIPE handler when forking to execute child processes;
     ok dtucker@@
   - djm@@cvs.openbsd.org 2011/01/16 12:05:59
     [clientloop.c]
     a couple more tweaks to the post-close protocol 1 stderr/stdout flush:
     now that we use atomicio(), convert them from while loops to if statements
     add test and cast to compile cleanly with -Wsigned

20110114
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/01/13 21:54:53
     [mux.c]
     correct error messages; patch from bert.wesarg AT googlemail.com
   - djm@@cvs.openbsd.org 2011/01/13 21:55:25
     [PROTOCOL.mux]
     correct protocol names and add a couple of missing protocol number
     defines; patch from bert.wesarg AT googlemail.com
 - (djm) [Makefile.in] Use shell test to disable ecdsa key generating in
   host-key-force target rather than a substitution that is replaced with a
   comment so that the Makefile.in is still a syntactically valid Makefile
   (useful to run the distprep target)
 - (tim) [regress/cert-hostkey.sh] Typo. Missing $ on variable name.
 - (tim) [regress/cert-hostkey.sh] Add missing TEST_SSH_ECC guard around some
   ecdsa bits.

20110113
 - (djm) [misc.c] include time.h for nanosleep() prototype
 - (tim) [Makefile.in] test the ECC bits if we have the capability. ok djm
 - (tim) [Makefile.in configure.ac opensshd.init.in] Add support for generating
   ecdsa keys. ok djm.
 - (djm) [entropy.c] cast OPENSSL_VERSION_NUMBER to u_long to avoid
   gcc warning on platforms where it defaults to int
 - (djm) [regress/Makefile] add a few more generated files to the clean
   target
 - (djm) [myproposal.h] Fix reversed OPENSSL_VERSION_NUMBER test and bad
   #define that was causing diffie-hellman-group-exchange-sha256 to be
   incorrectly disabled
 - (djm) [regress/kextype.sh] Testing diffie-hellman-group-exchange-sha256
   should not depend on ECC support

20110112
 - OpenBSD CVS Sync
   - nicm@@cvs.openbsd.org 2010/10/08 21:48:42
     [openbsd-compat/glob.c]
     Extend GLOB_LIMIT to cover readdir and stat and bump the malloc limit
     from ARG_MAX to 64K.
     Fixes glob-using programs (notably ftp) able to be triggered to hit
     resource limits.
     Idea from a similar NetBSD change, original problem reported by jasper@@.
     ok millert tedu jasper
   - djm@@cvs.openbsd.org 2011/01/12 01:53:14
     avoid some integer overflows mostly with GLOB_APPEND and GLOB_DOOFFS
     and sanity check arguments (these will be unnecessary when we switch
     struct glob members from being type into to size_t in the future);
     "looks ok" tedu@@ feedback guenther@@
 - (djm) [configure.ac] Turn on -Wno-unused-result for gcc >= 4.4 to avoid
   silly warnings on write() calls we don't care succeed or not.
 - (djm) [configure.ac] Fix broken test for gcc >= 4.4 with per-compiler
   flag tests that don't depend on gcc version at all; suggested by and
   ok dtucker@@

20110111
 - (tim) [regress/host-expand.sh] Fix for building outside of read only
   source tree.
 - (djm) [platform.c] Some missing includes that show up under -Werror
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/01/08 10:51:51
     [clientloop.c]
     use host and not options.hostname, as the latter may have unescaped
     substitution characters
   - djm@@cvs.openbsd.org 2011/01/11 06:06:09
     [sshlogin.c]
     fd leak on error paths; from zinovik@@
     NB. Id sync only; we use loginrec.c that was also audited and fixed
     recently
   - djm@@cvs.openbsd.org 2011/01/11 06:13:10
     [clientloop.c ssh-keygen.c sshd.c]
     some unsigned long long casts that make things a bit easier for
     portable without resorting to dropping PRIu64 formats everywhere

20110109
 - (djm) [Makefile.in] list ssh_host_ecdsa key in PATHSUBS; spotted by
   openssh AT roumenpetrov.info

20110108
 - (djm) [regress/keytype.sh] s/echo -n/echon/ to repair failing regress
   test on OSX and others. Reported by imorgan AT nas.nasa.gov

20110107
 - (djm) [regress/cert-hostkey.sh regress/cert-userkey.sh] fix shell test
   for no-ECC case. Patch from cristian.ionescu-idbohrn AT axis.com
   - djm@@cvs.openbsd.org 2011/01/06 22:23:53
     [ssh.c]
     unbreak %n expansion in LocalCommand; patch from bert.wesarg AT
     googlemail.com; ok markus@@
   - djm@@cvs.openbsd.org 2011/01/06 22:23:02
     [clientloop.c]
     when exiting due to ServerAliveTimeout, mention the hostname that caused
     it (useful with backgrounded controlmaster)
   - djm@@cvs.openbsd.org 2011/01/06 22:46:21
     [regress/Makefile regress/host-expand.sh]
     regress test for LocalCommand %n expansion from bert.wesarg AT
     googlemail.com; ok markus@@
   - djm@@cvs.openbsd.org 2011/01/06 23:01:35
     [sshconnect.c]
     reset SIGCHLD handler to SIG_DFL when execuring LocalCommand;
     ok markus@@

20110106
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2010/12/08 22:46:03
     [scp.1 scp.c]
     add a new -3 option to scp: Copies between two remote hosts are
     transferred through the local host.  Without this option the data
     is copied directly between the two remote hosts. ok djm@@ (bugzilla #1837)
   - jmc@@cvs.openbsd.org 2010/12/09 14:13:33
     [scp.1 scp.c]
     scp.1: grammer fix
     scp.c: add -3 to usage()
   - markus@@cvs.openbsd.org 2010/12/14 11:59:06
     [sshconnect.c]
     don't mention key type in key-changed-warning, since we also print
     this warning if a new key type appears. ok djm@@
   - djm@@cvs.openbsd.org 2010/12/15 00:49:27
     [readpass.c]
     fix ControlMaster=ask regression
     reset SIGCHLD handler before fork (and restore it after) so we don't miss
     the the askpass child's exit status. Correct test for exit status/signal to
     account for waitpid() failure; with claudio@@ ok claudio@@ markus@@
   - djm@@cvs.openbsd.org 2010/12/24 21:41:48
     [auth-options.c]
     don't send the actual forced command in a debug message; ok markus deraadt
   - otto@@cvs.openbsd.org 2011/01/04 20:44:13
     [ssh-keyscan.c]
     handle ecdsa-sha2 with various key lengths; hint and ok djm@@

20110104
 - (djm) [configure.ac Makefile.in] Use mandoc as preferred manpage
   formatter if it is present, followed by nroff and groff respectively.
   Fixes distprep target on OpenBSD (which has bumped groff/nroff to ports
   in favour of mandoc). feedback and ok tim

20110103
 - (djm) [Makefile.in] revert local hack I didn't intend to commit

20110102
 - (djm) [loginrec.c] Fix some fd leaks on error paths. ok dtucker
 - (djm) [configure.ac] Check whether libdes is needed when building
   with Heimdal krb5 support. On OpenBSD this library no longer exists,
   so linking it unconditionally causes a build failure; ok dtucker

20101226
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/12/08 04:02:47
     [ssh_config.5 sshd_config.5]
     explain that IPQoS arguments are separated by whitespace; iirc requested
     by jmc@@ a while back

20101205
 - (dtucker) openbsd-compat/openssl-compat.c] remove sleep leftover from
   debugging.  Spotted by djm.
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/12/03 23:49:26
     [schnorr.c]
     check that g^x^q === 1 mod p; recommended by JPAKE author Feng Hao
     (this code is still disabled, but apprently people are treating it as
     a reference implementation)
   - djm@@cvs.openbsd.org 2010/12/03 23:55:27
     [auth-rsa.c]
     move check for revoked keys to run earlier (in auth_rsa_key_allowed)
     bz#1829; patch from ldv AT altlinux.org; ok markus@@
   - djm@@cvs.openbsd.org 2010/12/04 00:18:01
     [sftp-server.c sftp.1 sftp-client.h sftp.c PROTOCOL sftp-client.c]
     add a protocol extension to support a hard link operation. It is
     available through the "ln" command in the client. The old "ln"
     behaviour of creating a symlink is available using its "-s" option
     or through the preexisting "symlink" command; based on a patch from
     miklos AT szeredi.hu in bz#1555; ok markus@@
   - djm@@cvs.openbsd.org 2010/12/04 13:31:37
     [hostfile.c]
     fix fd leak; spotted and ok dtucker
   - djm@@cvs.openbsd.org 2010/12/04 00:21:19
     [regress/sftp-cmds.sh]
     adjust for hard-link support
 - (dtucker) [regress/Makefile] Id sync.

20101204
 - (djm) [openbsd-compat/bindresvport.c] Use arc4random_uniform(range)
   instead of (arc4random() % range)
 - (dtucker) [configure.ac moduli.c openbsd-compat/openssl-compat.{c,h}]  Add
   shims for the new, non-deprecated OpenSSL key generation functions for
   platforms that don't have the new interfaces.

20101201
 - OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2010/11/20 05:12:38
     [auth2-pubkey.c]
     clean up cases of ;;
   - djm@@cvs.openbsd.org 2010/11/21 01:01:13
     [clientloop.c misc.c misc.h ssh-agent.1 ssh-agent.c]
     honour $TMPDIR for client xauth and ssh-agent temporary directories;
     feedback and ok markus@@
   - djm@@cvs.openbsd.org 2010/11/21 10:57:07
     [authfile.c]
     Refactor internals of private key loading and saving to work on memory
     buffers rather than directly on files. This will make a few things
     easier to do in the future; ok markus@@
   - djm@@cvs.openbsd.org 2010/11/23 02:35:50
     [auth.c]
     use strict_modes already passed as function argument over referencing
     global options.strict_modes
   - djm@@cvs.openbsd.org 2010/11/23 23:57:24
     [clientloop.c]
     avoid NULL deref on receiving a channel request on an unknown or invalid
     channel; report bz#1842 from jchadima AT redhat.com; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/11/24 01:24:14
     [channels.c]
     remove a debug() that pollutes stderr on client connecting to a server
     in debug mode (channel_close_fds is called transitively from the session
     code post-fork); bz#1719, ok dtucker
   - djm@@cvs.openbsd.org 2010/11/25 04:10:09
     [session.c]
     replace close() loop for fds 3->64 with closefrom();
     ok markus deraadt dtucker
   - djm@@cvs.openbsd.org 2010/11/26 05:52:49
     [scp.c]
     Pass through ssh command-line flags and options when doing remote-remote
     transfers, e.g. to enable agent forwarding which is particularly useful
     in this case; bz#1837 ok dtucker@@
   - markus@@cvs.openbsd.org 2010/11/29 18:57:04
     [authfile.c]
     correctly load comment for encrypted rsa1 keys;
     report/fix Joachim Schipper; ok djm@@
   - djm@@cvs.openbsd.org 2010/11/29 23:45:51
     [auth.c hostfile.c hostfile.h ssh.c ssh_config.5 sshconnect.c]
     [sshconnect.h sshconnect2.c]
     automatically order the hostkeys requested by the client based on
     which hostkeys are already recorded in known_hosts. This avoids
     hostkey warnings when connecting to servers with new ECDSA keys
     that are preferred by default; with markus@@

20101124
 - (dtucker) [platform.c session.c] Move the getluid call out of session.c and
   into the platform-specific code  Only affects SCO, tested by and ok tim@@.
 - (djm) [loginrec.c] Relax permission requirement on btmp logs to allow
   group read/write. ok dtucker@@
 - (dtucker) [packet.c] Remove redundant local declaration of "int tos".
 - (djm) [defines.h] Add IP DSCP defines

20101122
 - (dtucker) Bug #1840: fix warning when configuring --with-ssl-engine, patch
   from vapier at gentoo org.

20101120
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/11/05 02:46:47
     [packet.c]
     whitespace KNF
   - djm@@cvs.openbsd.org 2010/11/10 01:33:07
     [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c moduli.c]
     use only libcrypto APIs that are retained with OPENSSL_NO_DEPRECATED.
     these have been around for years by this time. ok markus
   - djm@@cvs.openbsd.org 2010/11/13 23:27:51
     [clientloop.c misc.c misc.h packet.c packet.h readconf.c readconf.h]
     [servconf.c servconf.h session.c ssh.c ssh_config.5 sshd_config.5]
     allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead of
     hardcoding lowdelay/throughput.
     
     bz#1733 patch from philipp AT redfish-solutions.com; ok markus@@ deraadt@@
   - jmc@@cvs.openbsd.org 2010/11/15 07:40:14
     [ssh_config.5]
     libary -> library;
   - jmc@@cvs.openbsd.org 2010/11/18 15:01:00
     [scp.1 sftp.1 ssh.1 sshd_config.5]
     add IPQoS to the various -o lists, and zap some trailing whitespace;

20101111
 - (djm) [servconf.c ssh-add.c ssh-keygen.c] don't look for ECDSA keys on
   platforms that don't support ECC. Fixes some spurious warnings reported
   by tim@@

20101109
 - (tim) [regress/kextype.sh] Not all platforms have time in /usr/bin.
   Feedback from dtucker@@
 - (tim) [configure.ac openbsd-compat/bsd-misc.h openbsd-compat/bsd-misc.c] Add
   support for platforms missing isblank(). ok djm@@

20101108
 - (tim) [regress/Makefile] Fixes to allow building/testing outside source
   tree.
 - (tim) [regress/kextype.sh] Shell portability fix.

20101107
 - (dtucker) [platform.c] includes.h instead of defines.h so that we get
   the correct typedefs.

20101105
 - (djm) [loginrec.c loginrec.h] Use correct uid_t/pid_t types instead of
   int. Should fix bz#1817 cleanly; ok dtucker@@
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/09/22 12:26:05
     [regress/Makefile regress/kextype.sh]
     regress test for each of the key exchange algorithms that we support
   - djm@@cvs.openbsd.org 2010/10/28 11:22:09
     [authfile.c key.c key.h ssh-keygen.c]
     fix a possible NULL deref on loading a corrupt ECDH key
     
     store ECDH group information in private keys files as "named groups"
     rather than as a set of explicit group parameters (by setting
     the OPENSSL_EC_NAMED_CURVE flag). This makes for shorter key files and
     retrieves the group's OpenSSL NID that we need for various things.
   - jmc@@cvs.openbsd.org 2010/10/28 18:33:28
     [scp.1 ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5]
     knock out some "-*- nroff -*-" lines;
   - djm@@cvs.openbsd.org 2010/11/04 02:45:34
     [sftp-server.c]
     umask should be parsed as octal. reported by candland AT xmission.com;
     ok markus@@
 - (dtucker) [configure.ac platform.{c,h} session.c
   openbsd-compat/port-solaris.{c,h}] Bug #1824: Add Solaris Project support.
   Patch from cory.erickson at csu mnscu edu with a bit of rework from me.
   ok djm@@
 - (dtucker) [platform.c platform.h session.c] Add a platform hook to run
   after the user's groups are established and move the selinux calls into it.
 - (dtucker) [platform.c session.c] Move the AIX setpcred+chroot hack into
   platform.c
 - (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c.
 - (dtucker) [platform.c] Only call setpgrp on BSDI if running as root to
   retain previous behavior.
 - (dtucker) [platform.c session.c] Move the PAM credential establishment for
   the LOGIN_CAP case into platform.c.
 - (dtucker) platform.c session.c] Move the USE_LIBIAF fragment into
   platform.c
 - (dtucker) [platform.c session.c] Move aix_usrinfo frament into platform.c.
 - (dtucker) [platform.c session.c] Move irix setusercontext fragment into
   platform.c.
 - (dtucker) [platform.c session.c] Move PAM credential establishment for the
   non-LOGIN_CAP case into platform.c.
 - (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case
   check into platform.c
 - (dtucker) [regress/keytype.sh] Import new test.
 - (dtucker) [Makefile configure.ac regress/Makefile regress/keytype.sh]
   Import recent changes to regress/Makefile, pass a flag to enable ECC tests
   from configure through to regress/Makefile and use it in the tests.
 - (dtucker) [regress/kextype.sh] Add missing "test".
 - (dtucker) [regress/kextype.sh] Make sha256 test depend on ECC.  This is not
   strictly correct since while ECC requires sha256 the reverse is not true
   however it does prevent spurious test failures.
 - (dtucker) [platform.c] Need servconf.h and extern options.

20101025
 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with
   1.12 to unbreak Solaris build.
   ok djm@@
 - (dtucker) [defines.h] Use SIZE_T_MAX for SIZE_MAX for platforms that have a
   native one.

20101024
 - (dtucker) [includes.h] Add missing ifdef GLOB_HAS_GL_STATV to fix build.
 - (dtucker) [regress/cert-hostkey.sh] Disable ECC-based tests on platforms
   which don't have ECC support in libcrypto.
 - (dtucker) [regress/cert-userkey.sh] Disable ECC-based tests on platforms
   which don't have ECC support in libcrypto.
 - (dtucker) [defines.h] Add SIZE_MAX for the benefit of platforms that don't
   have it.
 - (dtucker) OpenBSD CVS Sync
   - sthen@@cvs.openbsd.org 2010/10/23 22:06:12
     [sftp.c]
     escape '[' in filename tab-completion; fix a type while there.
     ok djm@@

20101021
 - OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2010/10/12 02:22:24
     [mux.c]
     Typo in confirmation message.  bz#1827, patch from imorgan at
     nas nasa gov
   - djm@@cvs.openbsd.org 2010/08/31 12:24:09
     [regress/cert-hostkey.sh regress/cert-userkey.sh]
     tests for ECDSA certificates

20101011
 - (djm) [canohost.c] Zero a4 instead of addr to better match type.
   bz#1825, reported by foo AT mailinator.com
 - (djm) [sshconnect.c] Need signal.h for prototype for kill(2)

20101011
 - (djm) [configure.ac] Use = instead of == in shell tests. Patch from
   dr AT vasco.com

20101007
 - (djm) [ssh-agent.c] Fix type for curve name.
 - (djm) OpenBSD CVS Sync
   - matthew@@cvs.openbsd.org 2010/09/24 13:33:00
     [misc.c misc.h configure.ac openbsd-compat/openbsd-compat.h]
     [openbsd-compat/timingsafe_bcmp.c]
     Add timingsafe_bcmp(3) to libc, mention that it's already in the
     kernel in kern(9), and remove it from OpenSSH.
     ok deraadt@@, djm@@
     NB. re-added under openbsd-compat/ for portable OpenSSH
   - djm@@cvs.openbsd.org 2010/09/25 09:30:16
     [sftp.c configure.ac openbsd-compat/glob.c openbsd-compat/glob.h]
     make use of new glob(3) GLOB_KEEPSTAT extension to save extra server
     rountrips to fetch per-file stat(2) information.
     NB. update openbsd-compat/ glob(3) implementation from OpenBSD libc to
     match.
   - djm@@cvs.openbsd.org 2010/09/26 22:26:33
     [sftp.c]
     when performing an "ls" in columnated (short) mode, only call
     ioctl(TIOCGWINSZ) once to get the window width instead of per-
     filename
   - djm@@cvs.openbsd.org 2010/09/30 11:04:51
     [servconf.c]
     prevent free() of string in .rodata when overriding AuthorizedKeys in
     a Match block; patch from rein AT basefarm.no
   - djm@@cvs.openbsd.org 2010/10/01 23:05:32
     [cipher-3des1.c cipher-bf1.c cipher-ctr.c openbsd-compat/openssl-compat.h]
     adapt to API changes in openssl-1.0.0a
     NB. contains compat code to select correct API for older OpenSSL
   - djm@@cvs.openbsd.org 2010/10/05 05:13:18
     [sftp.c sshconnect.c]
     use default shell /bin/sh if $SHELL is ""; ok markus@@
   - djm@@cvs.openbsd.org 2010/10/06 06:39:28
     [clientloop.c ssh.c sshconnect.c sshconnect.h]
     kill proxy command on fatal() (we already kill it on clean exit);
     ok markus@@
   - djm@@cvs.openbsd.org 2010/10/06 21:10:21
     [sshconnect.c]
     swapped args to kill(2)
 - (djm) [openbsd-compat/glob.c] restore ARG_MAX compat code.
 - (djm) [cipher-acss.c] Add missing header.
 - (djm) [openbsd-compat/Makefile.in] Actually link timingsafe_bcmp

20100924
 - (djm) OpenBSD CVS Sync
   - naddy@@cvs.openbsd.org 2010/09/10 15:19:29
     [ssh-keygen.1]
     * mention ECDSA in more places
     * less repetition in FILES section
     * SSHv1 keys are still encrypted with 3DES
     help and ok jmc@@
   - djm@@cvs.openbsd.org 2010/09/11 21:44:20
     [ssh.1]
     mention RFC 5656 for ECC stuff
   - jmc@@cvs.openbsd.org 2010/09/19 21:30:05
     [sftp.1]
     more wacky macro fixing;
   - djm@@cvs.openbsd.org 2010/09/20 04:41:47
     [ssh.c]
     install a SIGCHLD handler to reap expiried child process; ok markus@@
   - djm@@cvs.openbsd.org 2010/09/20 04:50:53
     [jpake.c schnorr.c]
     check that received values are smaller than the group size in the
     disabled and unfinished J-PAKE code.
     avoids catastrophic security failure found by Sebastien Martini
   - djm@@cvs.openbsd.org 2010/09/20 04:54:07
     [jpake.c]
     missing #include
   - djm@@cvs.openbsd.org 2010/09/20 07:19:27
     [mux.c]
     "atomically" create the listening mux socket by binding it on a temorary
     name and then linking it into position after listen() has succeeded.
     this allows the mux clients to determine that the server socket is
     either ready or stale without races. stale server sockets are now
     automatically removed
     ok deraadt
   - djm@@cvs.openbsd.org 2010/09/22 05:01:30
     [kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c readconf.c readconf.h]
     [servconf.c servconf.h ssh_config.5 sshconnect2.c sshd.c sshd_config.5]
     add a KexAlgorithms knob to the client and server configuration to allow
     selection of which key exchange methods are used by ssh(1) and sshd(8)
     and their order of preference.
     ok markus@@
   - jmc@@cvs.openbsd.org 2010/09/22 08:30:08
     [ssh.1 ssh_config.5]
     ssh.1: add kexalgorithms to the -o list
     ssh_config.5: format the kexalgorithms in a more consistent
     (prettier!) way
     ok djm
   - djm@@cvs.openbsd.org 2010/09/22 22:58:51
     [atomicio.c atomicio.h misc.c misc.h scp.c sftp-client.c]
     [sftp-client.h sftp.1 sftp.c]
     add an option per-read/write callback to atomicio

     factor out bandwidth limiting code from scp(1) into a generic bandwidth
     limiter that can be attached using the atomicio callback mechanism

     add a bandwidth limit option to sftp(1) using the above
     "very nice" markus@@
   - jmc@@cvs.openbsd.org 2010/09/23 13:34:43
     [sftp.c]
     add [-l limit] to usage();
   - jmc@@cvs.openbsd.org 2010/09/23 13:36:46
     [scp.1 sftp.1]
     add KexAlgorithms to the -o list;

20100910
 - (dtucker) [openbsd-compat/port-linux.c] Check is_selinux_enabled for exact
   return code since it can apparently return -1 under some conditions.  From
   openssh bugs werbittewas de, ok djm@@
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/08/31 12:33:38
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     reintroduce commit from tedu@@, which I pulled out for release
     engineering:
       OpenSSL_add_all_algorithms is the name of the function we have a
       man page for, so use that.  ok djm
   - jmc@@cvs.openbsd.org 2010/08/31 17:40:54
     [ssh-agent.1]
     fix some macro abuse;
   - jmc@@cvs.openbsd.org 2010/08/31 21:14:58
     [ssh.1]
     small text tweak to accommodate previous;
   - naddy@@cvs.openbsd.org 2010/09/01 15:21:35
     [servconf.c]
     pick up ECDSA host key by default; ok djm@@
   - markus@@cvs.openbsd.org 2010/09/02 16:07:25
     [ssh-keygen.c]
     permit -b 256, 384 or 521 as key size for ECDSA; ok djm@@
   - markus@@cvs.openbsd.org 2010/09/02 16:08:39
     [ssh.c]
     unbreak ControlPersist=yes for ControlMaster=yes; ok djm@@
   - naddy@@cvs.openbsd.org 2010/09/02 17:21:50
     [ssh-keygen.c]
     Switch ECDSA default key size to 256 bits, which according to RFC5656
     should still be better than our current RSA-2048 default.
     ok djm@@, markus@@
   - jmc@@cvs.openbsd.org 2010/09/03 11:09:29
     [scp.1]
     add an EXIT STATUS section for /usr/bin;
   - jmc@@cvs.openbsd.org 2010/09/04 09:38:34
     [ssh-add.1 ssh.1]
     two more EXIT STATUS sections;
   - naddy@@cvs.openbsd.org 2010/09/06 17:10:19
     [sshd_config]
     add ssh_host_ecdsa_key to /etc; from Mattieu Baptiste
     <mattieu.b@@gmail.com>
     ok deraadt@@
   - djm@@cvs.openbsd.org 2010/09/08 03:54:36
     [authfile.c]
     typo
   - deraadt@@cvs.openbsd.org 2010/09/08 04:13:31
     [compress.c]
     work around name-space collisions some buggy compilers (looking at you
     gcc, at least in earlier versions, but this does not forgive your current
     transgressions) seen between zlib and openssl
     ok djm
   - djm@@cvs.openbsd.org 2010/09/09 10:45:45
     [kex.c kex.h kexecdh.c key.c key.h monitor.c ssh-ecdsa.c]
     ECDH/ECDSA compliance fix: these methods vary the hash function they use
     (SHA256/384/512) depending on the length of the curve in use. The previous
     code incorrectly used SHA256 in all cases.
     
     This fix will cause authentication failure when using 384 or 521-bit curve
     keys if one peer hasn't been upgraded and the other has. (256-bit curve
     keys work ok). In particular you may need to specify HostkeyAlgorithms
     when connecting to a server that has not been upgraded from an upgraded
     client.
     
     ok naddy@@
 - (djm) [authfd.c authfile.c bufec.c buffer.h configure.ac kex.h kexecdh.c]
   [kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c]
   [ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on
   platforms that don't have the requisite OpenSSL support. ok dtucker@@
 - (dtucker) [kex.h key.c packet.h ssh-agent.c ssh.c] A few more ECC ifdefs
   for missing headers and compiler warnings.

20100831
 - OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2010/08/08 19:36:30
     [ssh-keysign.8 ssh.1 sshd.8]
     use the same template for all FILES sections; i.e. -compact/.Pp where we
     have multiple items, and .Pa for path names;
   - tedu@@cvs.openbsd.org 2010/08/12 23:34:39
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     OpenSSL_add_all_algorithms is the name of the function we have a man page
     for, so use that.  ok djm
   - djm@@cvs.openbsd.org 2010/08/16 04:06:06
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     backout previous temporarily; discussed with deraadt@@
   - djm@@cvs.openbsd.org 2010/08/31 09:58:37
     [auth-options.c auth1.c auth2.c bufaux.c buffer.h kex.c key.c packet.c]
     [packet.h ssh-dss.c ssh-rsa.c]
     Add buffer_get_cstring() and related functions that verify that the
     string extracted from the buffer contains no embedded \0 characters*
     This prevents random (possibly malicious) crap from being appended to
     strings where it would not be noticed if the string is used with
     a string(3) function.
     
     Use the new API in a few sensitive places.
     
     * actually, we allow a single one at the end of the string for now because
     we don't know how many deployed implementations get this wrong, but don't
     count on this to remain indefinitely.
   - djm@@cvs.openbsd.org 2010/08/31 11:54:45
     [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c]
     [authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c]
     [monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c]
     [ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c]
     [ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h]
     [ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5]
     [uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c]
     Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and
     host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
     better performance than plain DH and DSA at the same equivalent symmetric
     key length, as well as much shorter keys.
     
     Only the mandatory sections of RFC5656 are implemented, specifically the
     three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and
     ECDSA. Point compression (optional in RFC5656 is NOT implemented).
     
     Certificate host and user keys using the new ECDSA key types are supported.
     
     Note that this code has not been tested for interoperability and may be
     subject to change.
     
     feedback and ok markus@@
 - (djm) [Makefile.in] Add new ECC files
 - (djm) [bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c] include
   includes.h

20100827
 - (dtucker) [contrib/redhat/sshd.init] Bug #1810: initlog is deprecated,
   remove.  Patch from martynas at venck us 

20100823
 - (djm) Release OpenSSH-5.6p1

20100816
 - (dtucker) [configure.ac openbsd-compat/Makefile.in
   openbsd-compat/openbsd-compat.h openbsd-compat/strptime.c] Add strptime to
   the compat library which helps on platforms like old IRIX.  Based on work
   by djm, tested by Tom Christensen.
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/08/12 21:49:44
     [ssh.c]
     close any extra file descriptors inherited from parent at start and
     reopen stdin/stdout to /dev/null when forking for ControlPersist.
     
     prevents tools that fork and run a captive ssh for communication from
     failing to exit when the ssh completes while they wait for these fds to
     close. The inherited fds may persist arbitrarily long if a background
     mux master has been started by ControlPersist. cvs and scp were effected
     by this.
     
     "please commit" markus@@
 - (djm) [regress/README.regress] typo

20100812
 - (tim) [regress/login-timeout.sh regress/reconfigure.sh regress/reexec.sh
   regress/test-exec.sh] Under certain conditions when testing with sudo
   tests would fail because the pidfile could not be read by a regular user.
   "cat: cannot open ...../regress/pidfile: Permission denied (error 13)"
   Make sure cat is run by $SUDO.  no objection from me. djm@@
 - (tim) [auth.c] add cast to quiet compiler. Change only affects SVR5 systems.

20100809
 - (djm) bz#1561: don't bother setting IFF_UP on tun(4) device if it is
   already set. Makes FreeBSD user openable tunnels useful; patch from
   richard.burakowski+ossh AT mrburak.net, ok dtucker@@
 - (dtucker) bug #1530: strip trailing ":" from hostname in ssh-copy-id.
   based in part on a patch from Colin Watson, ok djm@@

20100809
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/08/08 16:26:42
     [version.h]
     crank to 5.6
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Crank version numbers

20100805
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/08/04 05:37:01
     [ssh.1 ssh_config.5 sshd.8]
     Remove mentions of weird "addr/port" alternate address format for IPv6
     addresses combinations. It hasn't worked for ages and we have supported
     the more commen "[addr]:port" format for a long time. ok jmc@@ markus@@
   - djm@@cvs.openbsd.org 2010/08/04 05:40:39
     [PROTOCOL.certkeys ssh-keygen.c]
     tighten the rules for certificate encoding by requiring that options
     appear in lexical order and make our ssh-keygen comply. ok markus@@
   - djm@@cvs.openbsd.org 2010/08/04 05:42:47
     [auth.c auth2-hostbased.c authfile.c authfile.h ssh-keysign.8]
     [ssh-keysign.c ssh.c]
     enable certificates for hostbased authentication, from Iain Morgan;
     "looks ok" markus@@
   - djm@@cvs.openbsd.org 2010/08/04 05:49:22
     [authfile.c]
     commited the wrong version of the hostbased certificate diff; this
     version replaces some strlc{py,at} verbosity with xasprintf() at
     the request of markus@@
   - djm@@cvs.openbsd.org 2010/08/04 06:07:11
     [ssh-keygen.1 ssh-keygen.c]
     Support CA keys in PKCS#11 tokens; feedback and ok markus@@
   - djm@@cvs.openbsd.org 2010/08/04 06:08:40
     [ssh-keysign.c]
     clean for -Wuninitialized (Id sync only; portable had this change)
   - djm@@cvs.openbsd.org 2010/08/05 13:08:42
     [channels.c]
     Fix a trio of bugs in the local/remote window calculation for datagram
     data channels (i.e. TunnelForward):
     
     Calculate local_consumed correctly in channel_handle_wfd() by measuring
     the delta to buffer_len(c->output) from when we start to when we finish.
     The proximal problem here is that the output_filter we use in portable
     modified the length of the dequeued datagram (to futz with the headers
     for !OpenBSD).
     
     In channel_output_poll(), don't enqueue datagrams that won't fit in the
     peer's advertised packet size (highly unlikely to ever occur) or which
     won't fit in the peer's remaining window (more likely).
     
     In channel_input_data(), account for the 4-byte string header in
     datagram packets that we accept from the peer and enqueue in c->output.
     
     report, analysis and testing 2/3 cases from wierbows AT us.ibm.com;
     "looks good" markus@@

20100803
 - (dtucker) [monitor.c] Bug #1795: Initialize the values to be returned from
   PAM to sane values in case the PAM method doesn't write to them.  Spotted by
   Bitman Zhou, ok djm@@.
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/07/16 04:45:30
     [ssh-keygen.c]
     avoid bogus compiler warning
   - djm@@cvs.openbsd.org 2010/07/16 14:07:35
     [ssh-rsa.c]
     more timing paranoia - compare all parts of the expected decrypted
     data before returning. AFAIK not exploitable in the SSH protocol.
     "groovy" deraadt@@
   - djm@@cvs.openbsd.org 2010/07/19 03:16:33
     [sftp-client.c]
     bz#1797: fix swapped args in upload_dir_internal(), breaking recursive
     upload depth checks and causing verbose printing of transfers to always
     be turned on; patch from imorgan AT nas.nasa.gov
   - djm@@cvs.openbsd.org 2010/07/19 09:15:12
     [clientloop.c readconf.c readconf.h ssh.c ssh_config.5]
     add a "ControlPersist" option that automatically starts a background
     ssh(1) multiplex master when connecting. This connection can stay alive
     indefinitely, or can be set to automatically close after a user-specified
     duration of inactivity. bz#1330 - patch by dwmw2 AT infradead.org, but
     further hacked on by wmertens AT cisco.com, apb AT cequrux.com,
     martin-mindrot-bugzilla AT earth.li and myself; "looks ok" markus@@
   - djm@@cvs.openbsd.org 2010/07/21 02:10:58
     [misc.c]
     sync timingsafe_bcmp() with the one dempsky@@ committed to sys/lib/libkern
   - dtucker@@cvs.openbsd.org 2010/07/23 08:49:25
     [ssh.1]
     Ciphers is documented in ssh_config(5) these days

20100819
 - (dtucker) [contrib/ssh-copy-ud.1] Bug #1786: update ssh-copy-id.1 with more
   details about its behaviour WRT existing directories.  Patch from
   asguthrie at gmail com, ok djm.

20100716
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/07/02 04:32:44
     [misc.c]
     unbreak strdelim() skipping past quoted strings, e.g.
     AllowUsers "blah blah" blah
     was broken; report and fix in bz#1757 from bitman.zhou AT centrify.com
     ok dtucker;
   - djm@@cvs.openbsd.org 2010/07/12 22:38:52
     [ssh.c]
     Make ExitOnForwardFailure work with fork-after-authentication ("ssh -f")
     for protocol 2. ok markus@@
   - djm@@cvs.openbsd.org 2010/07/12 22:41:13
     [ssh.c ssh_config.5]
     expand %h to the hostname in ssh_config Hostname options. While this
     sounds useless, it is actually handy for working with unqualified
     hostnames:
     
     Host *.*
        Hostname %h
     Host *
        Hostname %h.example.org
     
     "I like it" markus@@
   - djm@@cvs.openbsd.org 2010/07/13 11:52:06
     [auth-rsa.c channels.c jpake.c key.c misc.c misc.h monitor.c]
     [packet.c ssh-rsa.c]
     implement a timing_safe_cmp() function to compare memory without leaking
     timing information by short-circuiting like memcmp() and use it for
     some of the more sensitive comparisons (though nothing high-value was
     readily attackable anyway); "looks ok" markus@@
   - djm@@cvs.openbsd.org 2010/07/13 23:13:16
     [auth-rsa.c channels.c jpake.c key.c misc.c misc.h monitor.c packet.c]
     [ssh-rsa.c]
     s/timing_safe_cmp/timingsafe_bcmp/g
   - jmc@@cvs.openbsd.org 2010/07/14 17:06:58
     [ssh.1]
     finally ssh synopsis looks nice again! this commit just removes a ton of
     hacks we had in place to make it work with old groff;
   - schwarze@@cvs.openbsd.org 2010/07/15 21:20:38
     [ssh-keygen.1]
     repair incorrect block nesting, which screwed up indentation;
     problem reported and fix OK by jmc@@

20100714
 - (tim) [contrib/redhat/openssh.spec] Bug 1796: Test for skip_x11_askpass
   (line 77) should have been for no_x11_askpass. 

20100702
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2010/06/26 00:57:07
     [ssh_config.5]
     tweak previous;
   - djm@@cvs.openbsd.org 2010/06/26 23:04:04
     [ssh.c]
     oops, forgot to #include <canohost.h>; spotted and patch from chl@@
   - djm@@cvs.openbsd.org 2010/06/29 23:15:30
     [ssh-keygen.1 ssh-keygen.c]
     allow import (-i) and export (-e) of PEM and PKCS#8 encoded keys;
     bz#1749; ok markus@@
   - djm@@cvs.openbsd.org 2010/06/29 23:16:46
     [auth2-pubkey.c sshd_config.5]
     allow key options (command="..." and friends) in AuthorizedPrincipals;
     ok markus@@
   - jmc@@cvs.openbsd.org 2010/06/30 07:24:25
     [ssh-keygen.1]
     tweak previous;
   - jmc@@cvs.openbsd.org 2010/06/30 07:26:03
     [ssh-keygen.c]
     sort usage();
   - jmc@@cvs.openbsd.org 2010/06/30 07:28:34
     [sshd_config.5]
     tweak previous;
   - millert@@cvs.openbsd.org 2010/07/01 13:06:59
     [scp.c]
     Fix a longstanding problem where if you suspend scp at the
     password/passphrase prompt the terminal mode is not restored.
     OK djm@@
   - phessler@@cvs.openbsd.org 2010/06/27 19:19:56
     [regress/Makefile]
     fix how we run the tests so we can successfully use SUDO='sudo -E'
     in our env
   - djm@@cvs.openbsd.org 2010/06/29 23:59:54
     [cert-userkey.sh]
     regress tests for key options in AuthorizedPrincipals

20100627
 - (tim) [openbsd-compat/port-uw.c] Reorder includes. auth-options.h now needs
   key.h.

20100626
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/05/21 05:00:36
     [misc.c]
     colon() returns char*, so s/return (0)/return NULL/
   - markus@@cvs.openbsd.org 2010/06/08 21:32:19
     [ssh-pkcs11.c]
     check length of value returned  C_GetAttributValue for != 0
     from mdrtbugzilla@@codefive.co.uk; bugzilla #1773; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/06/17 07:07:30
     [mux.c]
     Correct sizing of object to be allocated by calloc(), replacing
     sizeof(state) with sizeof(*state). This worked by accident since
     the struct contained a single int at present, but could have broken
     in the future. patch from hyc AT symas.com
   - djm@@cvs.openbsd.org 2010/06/18 00:58:39
     [sftp.c]
     unbreak ls in working directories that contains globbing characters in
     their pathnames. bz#1655 reported by vgiffin AT apple.com
   - djm@@cvs.openbsd.org 2010/06/18 03:16:03
     [session.c]
     Missing check for chroot_director == "none" (we already checked against
     NULL); bz#1564 from Jan.Pechanec AT Sun.COM
   - djm@@cvs.openbsd.org 2010/06/18 04:43:08
     [sftp-client.c]
     fix memory leak in do_realpath() error path; bz#1771, patch from
     anicka AT suse.cz
   - djm@@cvs.openbsd.org 2010/06/22 04:22:59
     [servconf.c sshd_config.5]
     expose some more sshd_config options inside Match blocks:
       AuthorizedKeysFile AuthorizedPrincipalsFile
       HostbasedUsesNameFromPacketOnly PermitTunnel
     bz#1764; feedback from imorgan AT nas.nasa.gov; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/06/22 04:32:06
     [ssh-keygen.c]
     standardise error messages when attempting to open private key
     files to include "progname: filename: error reason"
     bz#1783; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/06/22 04:49:47
     [auth.c]
     queue auth debug messages for bad ownership or permissions on the user's
     keyfiles. These messages will be sent after the user has successfully
     authenticated (where our client will display them with LogLevel=debug).
     bz#1554; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/06/22 04:54:30
     [ssh-keyscan.c]
     replace verbose and overflow-prone Linebuf code with read_keyfile_line()
     based on patch from joachim AT joachimschipper.nl; bz#1565; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/06/22 04:59:12
     [session.c]
     include the user name on "subsystem request for ..." log messages;
     bz#1571; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/06/23 02:59:02
     [ssh-keygen.c]
     fix printing of extensions in v01 certificates that I broke in r1.190
   - djm@@cvs.openbsd.org 2010/06/25 07:14:46
     [channels.c mux.c readconf.c readconf.h ssh.h]
     bz#1327: remove hardcoded limit of 100 permitopen clauses and port
     forwards per direction; ok markus@@ stevesk@@
   - djm@@cvs.openbsd.org 2010/06/25 07:20:04
     [channels.c session.c]
     bz#1750: fix requirement for /dev/null inside ChrootDirectory for
     internal-sftp accidentally introduced in r1.253 by removing the code
     that opens and dup /dev/null to stderr and modifying the channels code
     to read stderr but discard it instead; ok markus@@
   - djm@@cvs.openbsd.org 2010/06/25 08:46:17
     [auth1.c auth2-none.c]
     skip the initial check for access with an empty password when
     PermitEmptyPasswords=no; bz#1638; ok markus@@
   - djm@@cvs.openbsd.org 2010/06/25 23:10:30
     [ssh.c]
     log the hostname and address that we connected to at LogLevel=verbose
     after authentication is successful to mitigate "phishing" attacks by
     servers with trusted keys that accept authentication silently and
     automatically before presenting fake password/passphrase prompts;
     "nice!" markus@@
   - djm@@cvs.openbsd.org 2010/06/25 23:10:30
     [ssh.c]
     log the hostname and address that we connected to at LogLevel=verbose
     after authentication is successful to mitigate "phishing" attacks by
     servers with trusted keys that accept authentication silently and
     automatically before presenting fake password/passphrase prompts;
     "nice!" markus@@

20100622
 - (djm) [loginrec.c] crank LINFO_NAMESIZE (username length) to 512
   bz#1579; ok dtucker

20100618
 - (djm) [contrib/ssh-copy-id] Update key file explicitly under ~
   rather than assuming that $CWD == $HOME. bz#1500, patch from
   timothy AT gelter.com

20100617
 - (tim) [contrib/cygwin/README] Remove a reference to the obsolete
   minires-devel package, and to add the reference to the libedit-devel
   package since CYgwin now provides libedit. Patch from Corinna Vinschen.

20100521
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/05/07 11:31:26
     [regress/Makefile regress/cert-userkey.sh]
     regress tests for AuthorizedPrincipalsFile and "principals=" key option.
     feedback and ok markus@@
   - djm@@cvs.openbsd.org 2010/05/11 02:58:04
     [auth-rsa.c]
     don't accept certificates marked as "cert-authority" here; ok markus@@
   - djm@@cvs.openbsd.org 2010/05/14 00:47:22
     [ssh-add.c]
     check that the certificate matches the corresponding private key before
     grafting it on
   - djm@@cvs.openbsd.org 2010/05/14 23:29:23
     [channels.c channels.h mux.c ssh.c]
     Pause the mux channel while waiting for reply from aynch callbacks.
     Prevents misordering of replies if new requests arrive while waiting.
     
     Extend channel open confirm callback to allow signalling failure
     conditions as well as success. Use this to 1) fix a memory leak, 2)
     start using the above pause mechanism and 3) delay sending a success/
     failure message on mux slave session open until we receive a reply from
     the server.
     
     motivated by and with feedback from markus@@
   - markus@@cvs.openbsd.org 2010/05/16 12:55:51
     [PROTOCOL.mux clientloop.h mux.c readconf.c readconf.h ssh.1 ssh.c]
     mux support for remote forwarding with dynamic port allocation,
     use with
        LPORT=`ssh -S muxsocket -R0:localhost:25 -O forward somehost`
     feedback and ok djm@@
   - djm@@cvs.openbsd.org 2010/05/20 11:25:26
     [auth2-pubkey.c]
     fix logspam when key options (from="..." especially) deny non-matching
     keys; reported by henning@@ also bz#1765; ok markus@@ dtucker@@
   - djm@@cvs.openbsd.org 2010/05/20 23:46:02
     [PROTOCOL.certkeys auth-options.c ssh-keygen.c]
     Move the permit-* options to the non-critical "extensions" field for v01
     certificates. The logic is that if another implementation fails to
     implement them then the connection just loses features rather than fails
     outright.
     
     ok markus@@

20100511
 - (dtucker) [Makefile.in] Bug #1770: Link libopenbsd-compat twice to solve
   circular dependency problem on old or odd platforms.  From Tom Lane, ok
   djm@@.
 - (djm) [openbsd-compat/openssl-compat.h] Fix build breakage on older
   libcrypto by defining OPENSSL_[DR]SA_MAX_MODULUS_BITS if they aren't
   already. ok dtucker@@

20100510
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/04/23 01:47:41
     [ssh-keygen.c]
     bz#1740: display a more helpful error message when $HOME is
     inaccessible while trying to create .ssh directory. Based on patch
     from jchadima AT redhat.com; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/04/23 22:27:38
     [mux.c]
     set "detach_close" flag when registering channel cleanup callbacks.
     This causes the channel to close normally when its fds close and
     hangs when terminating a mux slave using ~. bz#1758; ok markus@@
   - djm@@cvs.openbsd.org 2010/04/23 22:42:05
     [session.c]
     set stderr to /dev/null for subsystems rather than just closing it.
     avoids hangs if a subsystem or shell initialisation writes to stderr.
     bz#1750; ok markus@@
   - djm@@cvs.openbsd.org 2010/04/23 22:48:31
     [ssh-keygen.c]
     refuse to generate keys longer than OPENSSL_[RD]SA_MAX_MODULUS_BITS,
     since we would refuse to use them anyway. bz#1516; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/04/26 22:28:24
     [sshconnect2.c]
     bz#1502: authctxt.success is declared as an int, but passed by
     reference to function that accepts sig_atomic_t*. Convert it to
     the latter; ok markus@@ dtucker@@
   - djm@@cvs.openbsd.org 2010/05/01 02:50:50
     [PROTOCOL.certkeys]
     typo; jmeltzer@@
   - dtucker@@cvs.openbsd.org 2010/05/05 04:22:09
     [sftp.c]
     restore mput and mget which got lost in the tab-completion changes.
     found by Kenneth Whitaker, ok djm@@
   - djm@@cvs.openbsd.org 2010/05/07 11:30:30
     [auth-options.c auth-options.h auth.c auth.h auth2-pubkey.c]
     [key.c servconf.c servconf.h sshd.8 sshd_config.5]
     add some optional indirection to matching of principal names listed
     in certificates. Currently, a certificate must include the a user's name
     to be accepted for authentication. This change adds the ability to
     specify a list of certificate principal names that are acceptable.
     
     When authenticating using a CA trusted through ~/.ssh/authorized_keys,
     this adds a new principals="name1[,name2,...]" key option.
     
     For CAs listed through sshd_config's TrustedCAKeys option, a new config
     option "AuthorizedPrincipalsFile" specifies a per-user file containing
     the list of acceptable names.
     
     If either option is absent, the current behaviour of requiring the
     username to appear in principals continues to apply.
     
     These options are useful for role accounts, disjoint account namespaces
     and "user@@realm"-style naming policies in certificates.
     
     feedback and ok markus@@
   - jmc@@cvs.openbsd.org 2010/05/07 12:49:17
     [sshd_config.5]
     tweak previous;

20100423
 - (dtucker) [configure.ac] Bug #1756: Check for the existence of a lib64 dir
   in the openssl install directory (some newer openssl versions do this on at
   least some amd64 platforms).

20100418
 - OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2010/04/16 06:45:01
     [ssh_config.5]
     tweak previous; ok djm
   - jmc@@cvs.openbsd.org 2010/04/16 06:47:04
     [ssh-keygen.1 ssh-keygen.c]
     tweak previous; ok djm
   - djm@@cvs.openbsd.org 2010/04/16 21:14:27
     [sshconnect.c]
     oops, %r => remote username, not %u
   - djm@@cvs.openbsd.org 2010/04/16 01:58:45
     [regress/cert-hostkey.sh regress/cert-userkey.sh]
     regression tests for v01 certificate format
     includes interop tests for v00 certs
 - (dtucker) [contrib/aix/buildbff.sh] Fix creation of ssh_prng_cmds.default
   file.

20100416
 - (djm) Release openssh-5.5p1
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/03/26 03:13:17
     [bufaux.c]
     allow buffer_get_int_ret/buffer_get_int64_ret to take a NULL pointer
     argument to allow skipping past values in a buffer
   - jmc@@cvs.openbsd.org 2010/03/26 06:54:36
     [ssh.1]
     tweak previous;
   - jmc@@cvs.openbsd.org 2010/03/27 14:26:55
     [ssh_config.5]
     tweak previous; ok dtucker
   - djm@@cvs.openbsd.org 2010/04/10 00:00:16
     [ssh.c]
     bz#1746 - suppress spurious tty warning when using -O and stdin
     is not a tty; ok dtucker@@ markus@@
   - djm@@cvs.openbsd.org 2010/04/10 00:04:30
     [sshconnect.c]
     fix terminology: we didn't find a certificate in known_hosts, we found
     a CA key
   - djm@@cvs.openbsd.org 2010/04/10 02:08:44
     [clientloop.c]
     bz#1698: kill channel when pty allocation requests fail. Fixed
     stuck client if the server refuses pty allocation.
     ok dtucker@@ "think so" markus@@
   - djm@@cvs.openbsd.org 2010/04/10 02:10:56
     [sshconnect2.c]
     show the key type that we are offering in debug(), helps distinguish
     between certs and plain keys as the path to the private key is usually
     the same.
   - djm@@cvs.openbsd.org 2010/04/10 05:48:16
     [mux.c]
     fix NULL dereference; from matthew.haub AT alumni.adelaide.edu.au
   - djm@@cvs.openbsd.org 2010/04/14 22:27:42
     [ssh_config.5 sshconnect.c]
     expand %r => remote username in ssh_config:ProxyCommand;
     ok deraadt markus
   - markus@@cvs.openbsd.org 2010/04/15 20:32:55
     [ssh-pkcs11.c]
     retry lookup for private key if there's no matching key with CKA_SIGN
     attribute enabled; this fixes fixes MuscleCard support (bugzilla #1736)
     ok djm@@
   - djm@@cvs.openbsd.org 2010/04/16 01:47:26
     [PROTOCOL.certkeys auth-options.c auth-options.h auth-rsa.c]
     [auth2-pubkey.c authfd.c key.c key.h myproposal.h ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.1 ssh-keygen.c ssh-rsa.c]
     [sshconnect.c sshconnect2.c sshd.c]
     revised certificate format ssh-{dss,rsa}-cert-v01@@openssh.com with the
     following changes:
     
     move the nonce field to the beginning of the certificate where it can
     better protect against chosen-prefix attacks on the signature hash
     
     Rename "constraints" field to "critical options"
     
     Add a new non-critical "extensions" field
     
     Add a serial number
     
     The older format is still support for authentication and cert generation
     (use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate)
     
     ok markus@@
@


1.12
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/248619
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d1 36
@


1.12.2.1
log
@file ChangeLog was added on branch RELENG_8_4 on 2013-03-28 13:02:24 +0000
@
text
@d1 3020
@


1.12.2.2
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/248810
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a0 2349
20120828
 - (djm) Release openssh-6.1

20120828
 - (dtucker) [openbsd-compat/bsd-cygwin_util.h] define WIN32_LEAN_AND_MEAN
   for compatibility with future mingw-w64 headers.  Patch from vinschen at
   redhat com.

20120822
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Update version numbers

20120731
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2012/07/06 06:38:03
     [ssh-keygen.c]
     missing full stop in usage();
   - djm@@cvs.openbsd.org 2012/07/10 02:19:15
     [servconf.c servconf.h sshd.c sshd_config]
     Turn on systrace sandboxing of pre-auth sshd by default for new installs
     by shipping a config that overrides the current UsePrivilegeSeparation=yes
     default. Make it easier to flip the default in the future by adding too.
     prodded markus@@ feedback dtucker@@ "get it in" deraadt@@
   - dtucker@@cvs.openbsd.org 2012/07/13 01:35:21
     [servconf.c]
     handle long comments in config files better.  bz#2025, ok markus
   - markus@@cvs.openbsd.org 2012/07/22 18:19:21
     [version.h]
     openssh 6.1

20120720
 - (dtucker) Import regened moduli file.

20120706
 - (djm) [sandbox-seccomp-filter.c] fallback to rlimit if seccomp filter is
   not available. Allows use of sshd compiled on host with a filter-capable
   kernel on hosts that lack the support. bz#2011 ok dtucker@@
 - (djm) [configure.ac] Recursively expand $(bindir) to ensure it has no
   unexpanded $(prefix) embedded. bz#2007 patch from nix-corp AT
   esperi.org.uk; ok dtucker@@
- (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/07/06 00:41:59
     [moduli.c ssh-keygen.1 ssh-keygen.c]
     Add options to specify starting line number and number of lines to process
     when screening moduli candidates.  This allows processing of different
     parts of a candidate moduli file in parallel.  man page help jmc@@, ok djm@@
   - djm@@cvs.openbsd.org 2012/07/06 01:37:21
     [mux.c]
     fix memory leak of passed-in environment variables and connection
     context when new session message is malformed; bz#2003 from Bert.Wesarg
     AT googlemail.com
   - djm@@cvs.openbsd.org 2012/07/06 01:47:38
     [ssh.c]
     move setting of tty_flag to after config parsing so RequestTTY options
     are correctly picked up. bz#1995 patch from przemoc AT gmail.com;
     ok dtucker@@

20120704
 - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] Add setlinebuf for
   platforms that don't have it.  "looks good" tim@@

20120703
 - (dtucker) [configure.ac] Detect platforms that can't use select(2) with
   setrlimit(RLIMIT_NOFILE, rl_zero) and disable the rlimit sandbox on those.
 - (dtucker) [configure.ac sandbox-rlimit.c] Test whether or not
   setrlimit(RLIMIT_FSIZE, rl_zero) and skip it if it's not supported.  Its
   benefit is minor, so it's not worth disabling the sandbox if it doesn't
   work.

20120702
- (dtucker) OpenBSD CVS Sync
   - naddy@@cvs.openbsd.org 2012/06/29 13:57:25
     [ssh_config.5 sshd_config.5]
     match the documented MAC order of preference to the actual one;
     ok dtucker@@
   - markus@@cvs.openbsd.org 2012/06/30 14:35:09
     [sandbox-systrace.c sshd.c]
     fix a during the load of the sandbox policies (child can still make
     the read-syscall and wait forever for systrace-answers) by replacing
     the read/write synchronisation with SIGSTOP/SIGCONT;
     report and help hshoexer@@; ok djm@@, dtucker@@
   - dtucker@@cvs.openbsd.org 2012/07/02 08:50:03
     [ssh.c]
     set interactive ToS for forwarded X11 sessions.  ok djm@@
   - dtucker@@cvs.openbsd.org 2012/07/02 12:13:26
     [ssh-pkcs11-helper.c sftp-client.c]
     fix a couple of "assigned but not used" warnings.  ok markus@@
   - dtucker@@cvs.openbsd.org 2012/07/02 14:37:06
     [regress/connect-privsep.sh]
     remove exit from end of test since it prevents reporting failure
 - (dtucker) [regress/reexec.sh regress/sftp-cmds.sh regress/test-exec.sh]
   Move cygwin detection to test-exec and use to skip reexec test on cygwin.
 - (dtucker) [regress/test-exec.sh] Correct uname for cygwin/w2k.

20120629
 - OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/06/21 00:16:07
     [addrmatch.c]
     fix strlcpy truncation check.  from carsten at debian org, ok markus
   - dtucker@@cvs.openbsd.org 2012/06/22 12:30:26
     [monitor.c sshconnect2.c]
     remove dead code following 'for (;;)' loops.
     From Steve.McClellan at radisys com, ok markus@@
   - dtucker@@cvs.openbsd.org 2012/06/22 14:36:33
     [sftp.c]
     Remove unused variable leftover from tab-completion changes.
     From Steve.McClellan at radisys com, ok markus@@
   - dtucker@@cvs.openbsd.org 2012/06/26 11:02:30
     [sandbox-systrace.c]
     Add mquery to the list of allowed syscalls for "UsePrivilegeSeparation
     sandbox" since malloc now uses it.  From johnw.mail at gmail com.
   - dtucker@@cvs.openbsd.org 2012/06/28 05:07:45
     [mac.c myproposal.h ssh_config.5 sshd_config.5]
     Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
     from draft6 of the spec and will not be in the RFC when published.  Patch
     from mdb at juniper net via bz#2023, ok markus.
   - naddy@@cvs.openbsd.org 2012/06/29 13:57:25
     [ssh_config.5 sshd_config.5]
     match the documented MAC order of preference to the actual one; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2012/05/13 01:42:32
     [regress/addrmatch.sh]
     Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests
     to match.  Feedback and ok djm@@ markus@@.
   - djm@@cvs.openbsd.org 2012/06/01 00:47:35
     [regress/multiplex.sh regress/forwarding.sh]
     append to rather than truncate test log; bz#2013 from openssh AT
     roumenpetrov.info
   - djm@@cvs.openbsd.org 2012/06/01 00:52:52
     [regress/sftp-cmds.sh]
     don't delete .* on cleanup due to unintended env expansion; pointed out in
     bz#2014 by openssh AT roumenpetrov.info
   - dtucker@@cvs.openbsd.org 2012/06/26 12:06:59
     [regress/connect-privsep.sh]
     test sandbox with every malloc option
   - dtucker@@cvs.openbsd.org 2012/06/28 05:07:45
     [regress/try-ciphers.sh regress/cipher-speed.sh]
     Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
     from draft6 of the spec and will not be in the RFC when published.  Patch
     from mdb at juniper net via bz#2023, ok markus.
 - (dtucker) [myproposal.h] Remove trailing backslash to fix compile error.
 - (dtucker) [key.c] ifdef out sha256 key types on platforms that don't have
   the required functions in libcrypto.

20120628
 - (dtucker) [openbsd-compat/getrrsetbyname-ldns.c] bz #2022: prevent null
   pointer deref in the client when built with LDNS and using DNSSEC with a
   CNAME.  Patch from gregdlg+mr at hochet info.

20120622
 - (dtucker) [contrib/cygwin/ssh-host-config] Ensure that user sshd runs as
   can logon as a service.  Patch from vinschen at redhat com.

20120620
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/12/02 00:41:56
     [mux.c]
     fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     ok dtucker@@
   - djm@@cvs.openbsd.org 2011/12/04 23:16:12
     [mux.c]
     revert:
     > revision 1.32
     > date: 2011/12/02 00:41:56;  author: djm;  state: Exp;  lines: +4 -1
     > fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     > ok dtucker@@
     it interacts badly with ControlPersist
   - djm@@cvs.openbsd.org 2012/01/07 21:11:36
     [mux.c]
     fix double-free in new session handler
     NB. Id sync only
   - djm@@cvs.openbsd.org 2012/05/23 03:28:28
     [dns.c dns.h key.c key.h ssh-keygen.c]
     add support for RFC6594 SSHFP DNS records for ECDSA key types.
     patch from bugzilla-m67 AT nulld.me in bz#1978; ok + tweak markus@@
   - djm@@cvs.openbsd.org 2012/06/01 00:49:35
     [PROTOCOL.mux]
     correct types of port numbers (integers, not strings); bz#2004 from
     bert.wesarg AT googlemail.com
   - djm@@cvs.openbsd.org 2012/06/01 01:01:22
     [mux.c]
     fix memory leak when mux socket creation fails; bz#2002 from bert.wesarg
     AT googlemail.com
   - dtucker@@cvs.openbsd.org 2012/06/18 11:43:53
     [jpake.c]
     correct sizeof usage.  patch from saw at online.de, ok deraadt
   - dtucker@@cvs.openbsd.org 2012/06/18 11:49:58
     [ssh_config.5]
     RSA instead of DSA twice.  From Steve.McClellan at radisys com
   - dtucker@@cvs.openbsd.org 2012/06/18 12:07:07
     [ssh.1 sshd.8]
     Remove mention of 'three' key files since there are now four.  From
     Steve.McClellan at radisys com.
   - dtucker@@cvs.openbsd.org 2012/06/18 12:17:18
     [ssh.1]
     Clarify description of -W.  Noted by Steve.McClellan at radisys com,
     ok jmc
   - markus@@cvs.openbsd.org 2012/06/19 18:25:28
     [servconf.c servconf.h sshd_config.5]
     sshd_config: extend Match to allow AcceptEnv and {Allow,Deny}{Users,Groups}
     this allows 'Match LocalPort 1022' combined with 'AllowUser bauer'
     ok djm@@ (back in March)
   - jmc@@cvs.openbsd.org 2012/06/19 21:35:54
     [sshd_config.5]
     tweak previous; ok markus
   - djm@@cvs.openbsd.org 2012/06/20 04:42:58
     [clientloop.c serverloop.c]
     initialise accept() backoff timer to avoid EINVAL from select(2) in
     rekeying

20120519
 - (dtucker) [configure.ac] bz#2010: fix non-portable shell construct.  Patch
   from cjwatson at debian org.
 - (dtucker) [configure.ac contrib/Makefile] bz#1996: use AC_PATH_TOOL to find
   pkg-config so it does the right thing when cross-compiling.  Patch from
   cjwatson at debian org.
- (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/05/13 01:42:32
     [servconf.h servconf.c sshd.8 sshd.c auth.c sshd_config.5]
     Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests
     to match.  Feedback and ok djm@@ markus@@.
   - dtucker@@cvs.openbsd.org 2012/05/19 06:30:30
     [sshd_config.5]
     Document PermitOpen none.  bz#2001, patch from Loganaden Velvindron

20120504
 - (dtucker) [configure.ac] Include <sys/param.h> rather than <sys/types.h>
   to fix building on some plaforms.  Fom bowman at math utah edu and
   des at des no.

20120427
 - (dtucker) [regress/addrmatch.sh] skip tests when running on a non-ipv6
   platform rather than exiting early, so that we still clean up and return
   success or failure to test-exec.sh

20120426
 - (djm) [auth-passwd.c] Handle crypt() returning NULL; from Paul Wouters
   via Niels
 - (djm) [auth-krb5.c] Save errno across calls that might modify it;
   ok dtucker@@

20120423
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2012/04/23 08:18:17
     [channels.c]
     fix function proto/source mismatch

20120422
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2012/02/29 11:21:26
     [ssh-keygen.c]
     allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@@
   - guenther@@cvs.openbsd.org 2012/03/15 03:10:27
     [session.c]
     root should always be excluded from the test for /etc/nologin instead
     of having it always enforced even when marked as ignorenologin.  This
     regressed when the logic was incompletely flipped around in rev 1.251
     ok halex@@ millert@@
   - djm@@cvs.openbsd.org 2012/03/28 07:23:22
     [PROTOCOL.certkeys]
     explain certificate extensions/crit split rationale. Mention requirement
     that each appear at most once per cert.
   - dtucker@@cvs.openbsd.org 2012/03/29 23:54:36
     [channels.c channels.h servconf.c]
     Add PermitOpen none option based on patch from Loganaden Velvindron
     (bz #1949).  ok djm@@
   - djm@@cvs.openbsd.org 2012/04/11 13:16:19
     [channels.c channels.h clientloop.c serverloop.c]
     don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
     while; ok deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2012/04/11 13:17:54
     [auth.c]
     Support "none" as an argument for AuthorizedPrincipalsFile to indicate
     no file should be read.
   - djm@@cvs.openbsd.org 2012/04/11 13:26:40
     [sshd.c]
     don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
     while; ok deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2012/04/11 13:34:17
     [ssh-keyscan.1 ssh-keyscan.c]
     now that sshd defaults to offering ECDSA keys, ssh-keyscan should also
     look for them by default; bz#1971
   - djm@@cvs.openbsd.org 2012/04/12 02:42:32
     [servconf.c servconf.h sshd.c sshd_config sshd_config.5]
     VersionAddendum option to allow server operators to append some arbitrary
     text to the SSH-... banner; ok deraadt@@ "don't care" markus@@
   - djm@@cvs.openbsd.org 2012/04/12 02:43:55
     [sshd_config sshd_config.5]
     mention AuthorizedPrincipalsFile=none default
   - djm@@cvs.openbsd.org 2012/04/20 03:24:23
     [sftp.c]
     setlinebuf(3) is more readable than setvbuf(.., _IOLBF, ...)
   - jmc@@cvs.openbsd.org 2012/04/20 16:26:22
     [ssh.1]
     use "brackets" instead of "braces", for consistency;

20120420
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Update for release 6.0
 - (djm) [README] Update URL to release notes.
 - (djm) Release openssh-6.0

20120419
 - (djm) [configure.ac] Fix compilation error on FreeBSD, whose libutil
   contains openpty() but not login()

20120404
 - (djm) [Makefile.in configure.ac sandbox-seccomp-filter.c] Add sandbox
   mode for Linux's new seccomp filter; patch from Will Drewry; feedback
   and ok dtucker@@

20120330
 - (dtucker) [contrib/redhat/openssh.spec] Bug #1992: remove now-gone WARNING
   file from spec file.  From crighter at nuclioss com.
 - (djm) [entropy.c] bz#1991: relax OpenSSL version test to allow running
   openssh binaries on a newer fix release than they were compiled on.
   with and ok dtucker@@
 - (djm) [openbsd-compat/bsd-cygwin_util.h] #undef _WIN32 to avoid incorrect
   assumptions when building on Cygwin; patch from Corinna Vinschen

20120309
 - (djm) [openbsd-compat/port-linux.c] bz#1960: fix crash on SELinux 
   systems where sshd is run in te wrong context. Patch from Sven
   Vermeulen; ok dtucker@@
 - (djm) [packet.c] bz#1963: Fix IPQoS not being set on non-mapped v4-in-v6
   addressed connections. ok dtucker@@

20120224
 - (dtucker) [audit-bsm.c configure.ac] bug #1968: enable workarounds for BSM
   audit breakage in Solaris 11.  Patch from Magnus Johansson.

20120215
 - (tim) [openbsd-compat/bsd-misc.h sshd.c] Fix conflicting return type for
   unsetenv due to rev 1.14 change to setenv.c. Cast unsetenv to void in sshd.c
   ok dtucker@@
 - (tim) [defines.h] move chunk introduced in 1.125 before MAXPATHLEN so
   it actually works.
 - (tim) [regress/keytype.sh] stderr redirection needs to be inside back quote
   to work. Spotted by Angel Gonzalez

20120214
 - (djm) [openbsd-compat/bsd-cygwin_util.c] Add PROGRAMFILES to list of
   preserved Cygwin environment variables; from Corinna Vinschen

20120211
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2012/01/05 00:16:56
     [monitor.c]
     memleak on error path
   - djm@@cvs.openbsd.org 2012/01/07 21:11:36
     [mux.c]
     fix double-free in new session handler
   - miod@@cvs.openbsd.org 2012/01/08 13:17:11
     [ssh-ecdsa.c]
     Fix memory leak in ssh_ecdsa_verify(); from Loganaden Velvindron,
     ok markus@@
   - miod@@cvs.openbsd.org 2012/01/16 20:34:09
     [ssh-pkcs11-client.c]
     Fix a memory leak in pkcs11_rsa_private_encrypt(), reported by Jan Klemkow.
     While there, be sure to buffer_clear() between send_msg() and recv_msg().
     ok markus@@
   - dtucker@@cvs.openbsd.org 2012/01/18 21:46:43
     [clientloop.c]
     Ensure that $DISPLAY contains only valid characters before using it to
     extract xauth data so that it can't be used to play local shell
     metacharacter games.  Report from r00t_ati at ihteam.net, ok markus.
   - markus@@cvs.openbsd.org 2012/01/25 19:26:43
     [packet.c]
     do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying;
     ok dtucker@@, djm@@
   - markus@@cvs.openbsd.org 2012/01/25 19:36:31
     [authfile.c]
     memleak in key_load_file(); from Jan Klemkow
   - markus@@cvs.openbsd.org 2012/01/25 19:40:09
     [packet.c packet.h]
     packet_read_poll() is not used anymore.
   - markus@@cvs.openbsd.org 2012/02/09 20:00:18
     [version.h]
     move from 6.0-beta to 6.0

20120206
 - (djm) [ssh-keygen.c] Don't fail in do_gen_all_hostkeys on platforms
   that don't support ECC. Patch from Phil Oleson

20111219
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/12/02 00:41:56
     [mux.c]
     fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     ok dtucker@@
   - djm@@cvs.openbsd.org 2011/12/02 00:43:57
     [mac.c]
     fix bz#1934: newer OpenSSL versions will require HMAC_CTX_Init before
     HMAC_init (this change in policy seems insane to me)
     ok dtucker@@
   - djm@@cvs.openbsd.org 2011/12/04 23:16:12
     [mux.c]
     revert:
     > revision 1.32
     > date: 2011/12/02 00:41:56;  author: djm;  state: Exp;  lines: +4 -1
     > fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     > ok dtucker@@
     it interacts badly with ControlPersist
   - djm@@cvs.openbsd.org 2011/12/07 05:44:38
     [auth2.c dh.c packet.c roaming.h roaming_client.c roaming_common.c]
     fix some harmless and/or unreachable int overflows;
     reported Xi Wang, ok markus@@

20111125
 - OpenBSD CVS Sync
   - oga@@cvs.openbsd.org 2011/11/16 12:24:28
     [sftp.c]
     Don't leak list in complete_cmd_parse if there are no commands found.
     Discovered when I was ``borrowing'' this code for something else.
     ok djm@@

20111121
 - (dtucker) [configure.ac] Set _FORTIFY_SOURCE.  ok djm@@

20111104
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/10/18 05:15:28
     [ssh.c]
     ssh(1): skip attempting to create ~/.ssh when -F is passed; ok markus@@
   - djm@@cvs.openbsd.org 2011/10/18 23:37:42
     [ssh-add.c]
     add -k to usage(); reminded by jmc@@
   - djm@@cvs.openbsd.org 2011/10/19 00:06:10
     [moduli.c]
     s/tmpfile/tmp/ to make this -Wshadow clean
   - djm@@cvs.openbsd.org 2011/10/19 10:39:48
     [umac.c]
     typo in comment; patch from Michael W. Bombardieri
   - djm@@cvs.openbsd.org 2011/10/24 02:10:46
     [ssh.c]
     bz#1943: unbreak stdio forwarding when ControlPersist is in user - ssh
     was incorrectly requesting the forward in both the control master and
     slave. skip requesting it in the master to fix. ok markus@@
   - djm@@cvs.openbsd.org 2011/10/24 02:13:13
     [session.c]
     bz#1859: send tty break to pty master instead of (probably already
     closed) slave side; "looks good" markus@@
   - dtucker@@cvs.openbsd.org 011/11/04 00:09:39
     [moduli]
     regenerated moduli file; ok deraadt
 - (dtucker) [INSTALL LICENCE configure.ac openbsd-compat/Makefile.in
   openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/getrrsetbyname.c]
   bz 1320: Add optional support for LDNS, a BSD licensed DNS resolver library
   which supports DNSSEC.  Patch from Simon Vallet (svallet at genoscope cns fr)
   with some rework from myself and djm.  ok djm.

20111025
 - (dtucker) [contrib/cygwin/Makefile] Continue if installing a doc file
   fails.  Patch from Corinna Vinschen.

20111018
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/10/04 14:17:32
     [sftp-glob.c]
     silence error spam for "ls */foo" in directory with files; bz#1683
   - dtucker@@cvs.openbsd.org 2011/10/16 11:02:46
     [moduli.c ssh-keygen.1 ssh-keygen.c]
     Add optional checkpoints for moduli screening.  feedback & ok deraadt
   - jmc@@cvs.openbsd.org 2011/10/16 15:02:41
     [ssh-keygen.c]
     put -K in the right place (usage());
   - stsp@@cvs.openbsd.org 2011/10/16 15:51:39
     [moduli.c]
     add missing includes to unbreak tree; fix from rpointel
   - djm@@cvs.openbsd.org 2011/10/18 04:58:26
     [auth-options.c key.c]
     remove explict search for \0 in packet strings, this job is now done
     implicitly by buffer_get_cstring; ok markus
   - djm@@cvs.openbsd.org 2011/10/18 05:00:48
     [ssh-add.1 ssh-add.c]
     new "ssh-add -k" option to load plain keys (skipping certificates);
     "looks ok" markus@@

20111001
 - (dtucker) [openbsd-compat/mktemp.c] Fix compiler warning.  ok djm
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2011/09/23 00:22:04
     [channels.c auth-options.c servconf.c channels.h sshd.8]
     Add wildcard support to PermitOpen, allowing things like "PermitOpen
     localhost:*".  bz #1857, ok djm markus.
   - markus@@cvs.openbsd.org 2011/09/23 07:45:05
     [mux.c readconf.h channels.h compat.h compat.c ssh.c readconf.c channels.c
     version.h]
     unbreak remote portforwarding with dynamic allocated listen ports:
     1) send the actual listen port in the open message (instead of 0).
        this allows multiple forwardings with a dynamic listen port
     2) update the matching permit-open entry, so we can identify where
        to connect to
     report: den at skbkontur.ru and P. Szczygielski
     feedback and ok djm@@
   - djm@@cvs.openbsd.org 2011/09/25 05:44:47
     [auth2-pubkey.c]
     improve the AuthorizedPrincipalsFile debug log message to include
     file and line number
   - dtucker@@cvs.openbsd.org 2011/09/30 00:47:37
     [sshd.c]
     don't attempt privsep cleanup when not using privsep; ok markus@@
   - djm@@cvs.openbsd.org 2011/09/30 21:22:49
     [sshd.c]
     fix inverted test that caused logspam; spotted by henning@@

20110929
 - (djm) [configure.ac defines.h] No need to detect sizeof(char); patch
   from des AT des.no
 - (dtucker) [configure.ac openbsd-compat/Makefile.in
   openbsd-compat/strnlen.c] Add strnlen to the compat library.

20110923
 - (djm) [openbsd-compat/getcwd.c] Remove OpenBSD rcsid marker since we no
   longer want to sync this file (OpenBSD uses a __getcwd syscall now, we
   want this longhand version)
 - (djm) [openbsd-compat/getgrouplist.c] Remove OpenBSD rcsid marker: the
   upstream version is YPified and we don't want this
 - (djm) [openbsd-compat/mktemp.c] forklift upgrade to -current version.
   The file was totally rewritten between what we had in tree and -current.
 - (djm) [openbsd-compat/sha2.c openbsd-compat/sha2.h] Remove OpenBSD rcsid
   marker. The upstream API has changed (function and structure names)
   enough to put it out of sync with other providers of this interface.
 - (djm) [openbsd-compat/setenv.c] Forklift upgrade, including inclusion
   of static __findenv() function from upstream setenv.c
 - OpenBSD CVS Sync
   - millert@@cvs.openbsd.org 2006/05/05 15:27:38
     [openbsd-compat/strlcpy.c]
     Convert do {} while loop -> while {} for clarity.  No binary change
     on most architectures.  From Oliver Smith.  OK deraadt@@ and henning@@
   - tobias@@cvs.openbsd.org 2007/10/21 11:09:30
     [openbsd-compat/mktemp.c]
     Comment fix about time consumption of _gettemp.
     FreeBSD did this in revision 1.20.
     OK deraadt@@, krw@@
   - deraadt@@cvs.openbsd.org 2008/07/22 21:47:45
     [openbsd-compat/mktemp.c]
     use arc4random_uniform(); ok djm millert
   - millert@@cvs.openbsd.org 2008/08/21 16:54:44
     [openbsd-compat/mktemp.c]
     Remove useless code, the kernel will set errno appropriately if an
     element in the path does not exist.  OK deraadt@@ pvalchev@@
   - otto@@cvs.openbsd.org 2008/12/09 19:38:38
     [openbsd-compat/inet_ntop.c]
     fix inet_ntop(3) prototype; ok millert@@ libc to be bumbed very soon

20110922
 - OpenBSD CVS Sync
   - pyr@@cvs.openbsd.org 2011/05/12 07:15:10
     [openbsd-compat/glob.c]
     When the max number of items for a directory has reached GLOB_LIMIT_READDIR
     an error is returned but closedir() is not called.
     spotted and fix provided by Frank Denis obsd-tech@@pureftpd.org
     ok otto@@, millert@@
   - stsp@@cvs.openbsd.org 2011/09/20 10:18:46
     [glob.c]
     In glob(3), limit recursion during matching attempts. Similar to
     fnmatch fix. Also collapse consecutive '*' (from NetBSD).
     ok miod deraadt
   - djm@@cvs.openbsd.org 2011/09/22 06:27:29
     [glob.c]
     fix GLOB_KEEPSTAT without GLOB_NOSORT; the implicit sort was being
     applied only to the gl_pathv vector and not the corresponding gl_statv
     array. reported in OpenSSH bz#1935; feedback and okay matthew@@
   - djm@@cvs.openbsd.org 2011/08/26 01:45:15
     [ssh.1]
     Add some missing ssh_config(5) options that can be used in ssh(1)'s
     -o argument. Patch from duclare AT guu.fi
   - djm@@cvs.openbsd.org 2011/09/05 05:56:13
     [scp.1 sftp.1]
     mention ControlPersist and KbdInteractiveAuthentication in the -o
     verbiage in these pages too (prompted by jmc@@)
   - djm@@cvs.openbsd.org 2011/09/05 05:59:08
     [misc.c]
     fix typo in IPQoS parsing: there is no "AF14" class, but there is
     an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
   - jmc@@cvs.openbsd.org 2011/09/05 07:01:44
     [scp.1]
     knock out a useless Ns;
   - deraadt@@cvs.openbsd.org 2011/09/07 02:18:31
     [ssh-keygen.1]
     typo (they vs the) found by Lawrence Teo
   - djm@@cvs.openbsd.org 2011/09/09 00:43:00
     [ssh_config.5 sshd_config.5]
     fix typo in IPQoS parsing: there is no "AF14" class, but there is
     an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
   - djm@@cvs.openbsd.org 2011/09/09 00:44:07
     [PROTOCOL.mux]
     MUX_C_CLOSE_FWD includes forward type in message (though it isn't
     implemented anyway)
   - djm@@cvs.openbsd.org 2011/09/09 22:37:01
     [scp.c]
     suppress adding '--' to remote commandlines when the first argument
     does not start with '-'. saves breakage on some difficult-to-upgrade
     embedded/router platforms; feedback & ok dtucker ok markus
   - djm@@cvs.openbsd.org 2011/09/09 22:38:21
     [sshd.c]
     kill the preauth privsep child on fatal errors in the monitor;
     ok markus@@
   - djm@@cvs.openbsd.org 2011/09/09 22:46:44
     [channels.c channels.h clientloop.h mux.c ssh.c]
     support for cancelling local and remote port forwards via the multiplex
     socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@@host" to request
     the cancellation of the specified forwardings; ok markus@@
   - markus@@cvs.openbsd.org 2011/09/10 22:26:34
     [channels.c channels.h clientloop.c ssh.1]
     support cancellation of local/dynamic forwardings from ~C commandline;
     ok & feedback djm@@
   - okan@@cvs.openbsd.org 2011/09/11 06:59:05
     [ssh.1]
     document new -O cancel command; ok djm@@
   - markus@@cvs.openbsd.org 2011/09/11 16:07:26
     [sftp-client.c]
     fix leaks in do_hardlink() and do_readlink(); bz#1921
     from Loganaden Velvindron
   - markus@@cvs.openbsd.org 2011/09/12 08:46:15
     [sftp-client.c]
     fix leak in do_lsreaddir(); ok djm
   - djm@@cvs.openbsd.org 2011/09/22 06:29:03
     [sftp.c]
     don't let remote_glob() implicitly sort its results in do_globbed_ls() -
     in all likelihood, they will be resorted anyway

20110909
 - (dtucker) [entropy.h] Bug #1932: remove old definition of init_rng.  From
   Colin Watson.

20110906
 - (djm) [README version.h] Correct version
 - (djm) [contrib/redhat/openssh.spec] Correct restorcon => restorecon
 - (djm) Respin OpenSSH-5.9p1 release

20110905
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Update version numbers.

20110904
 - (djm) [regress/connect-privsep.sh regress/test-exec.sh] demote fatal
   regress errors for the sandbox to warnings. ok tim dtucker
 - (dtucker) [ssh-keygen.c ssh-pkcs11.c] Bug #1929: add null implementations
   ofsh-pkcs11.cpkcs_init and pkcs_terminate for building without dlopen
   support.

20110829
 - (djm) [openbsd-compat/port-linux.c] Suppress logging when attempting
   to switch SELinux context away from unconfined_t, based on patch from
   Jan Chadima; bz#1919 ok dtucker@@

20110827
 - (dtucker) [auth-skey.c] Add log.h to fix build --with-skey.

20110818
 - (tim) [configure.ac] Typo in error message spotted by Andy Tsouladze

20110817
 - (tim) [mac.c myproposal.h] Wrap SHA256 and SHA512 in ifdefs for
   OpenSSL 0.9.7. ok djm
 - (djm) [ openbsd-compat/bsd-cygwin_util.c openbsd-compat/bsd-cygwin_util.h]
   binary_pipe is no longer required on Cygwin; patch from Corinna Vinschen
 - (djm) [configure.ac] error out if the host lacks the necessary bits for
   an explicitly requested sandbox type
 - (djm) [contrib/ssh-copy-id] Missing backlslash; spotted by
   bisson AT archlinux.org
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2011/06/03 05:35:10
     [regress/cfgmatch.sh]
     use OBJ to find test configs, patch from Tim Rice
   - markus@@cvs.openbsd.org 2011/06/30 22:44:43
     [regress/connect-privsep.sh]
     test with sandbox enabled; ok djm@@
   - djm@@cvs.openbsd.org 2011/08/02 01:23:41
     [regress/cipher-speed.sh regress/try-ciphers.sh]
     add SHA256/SHA512 based HMAC modes
 - (djm) [regress/cipher-speed.sh regress/try-ciphers.sh] disable HMAC-SHA2
   MAC tests for platforms that hack EVP_SHA2 support

20110812
 - (dtucker) [openbsd-compat/port-linux.c] Bug 1924: Improve selinux context
   change error by reporting old and new context names  Patch from
   jchadima at redhat.
 - (djm) [contrib/redhat/openssh.spec contrib/redhat/sshd.init]
   [contrib/suse/openssh.spec contrib/suse/rc.sshd] Updated RHEL and SLES
   init scrips from imorgan AT nas.nasa.gov; bz#1920
 - (djm) [contrib/ssh-copy-id] Fix failure for cases where the path to the
   identify file contained whitespace. bz#1828 patch from gwenael.lambrouin
   AT gmail.com; ok dtucker@@

20110807
 - (dtucker) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2008/06/26 06:59:39
     [moduli.5]
     tweak previous;
   - sobrado@@cvs.openbsd.org 2009/10/28 08:56:54
     [moduli.5]
     "Diffie-Hellman" is the usual spelling for the cryptographic protocol
     first published by Whitfield Diffie and Martin Hellman in 1976.
     ok jmc@@
   - jmc@@cvs.openbsd.org 2010/10/14 20:41:28
     [moduli.5]
     probabalistic -> probabilistic; from naddy
   - dtucker@@cvs.openbsd.org 2011/08/07 12:55:30
     [sftp.1]
     typo, fix from Laurent Gautrot

20110805
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/06/23 23:35:42
     [monitor.c]
     ignore EINTR errors from poll()
   - tedu@@cvs.openbsd.org 2011/07/06 18:09:21
     [authfd.c]
     bzero the agent address.  the kernel was for a while very cranky about
     these things.  evne though that's fixed, always good to initialize
     memory.  ok deraadt djm
   - djm@@cvs.openbsd.org 2011/07/29 14:42:45
     [sandbox-systrace.c]
     fail open(2) with EPERM rather than SIGKILLing the whole process. libc
     will call open() to do strerror() when NLS is enabled;
     feedback and ok markus@@
   - markus@@cvs.openbsd.org 2011/08/01 19:18:15
     [gss-serv.c]
     prevent post-auth resource exhaustion (int overflow leading to 4GB malloc);
     report Adam Zabrock; ok djm@@, deraadt@@
   - djm@@cvs.openbsd.org 2011/08/02 01:22:11
     [mac.c myproposal.h ssh.1 ssh_config.5 sshd.8 sshd_config.5]
     Add new SHA256 and SHA512 based HMAC modes from
     http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt
     Patch from mdb AT juniper.net; feedback and ok markus@@
   - djm@@cvs.openbsd.org 2011/08/02 23:13:01
     [version.h]
     crank now, release later
   - djm@@cvs.openbsd.org 2011/08/02 23:15:03
     [ssh.c]
     typo in comment

20110624
 - (djm) [configure.ac Makefile.in sandbox-darwin.c] Add a sandbox for
   Darwin/OS X using sandbox_init() + setrlimit(); feedback and testing
   markus@@

20110623
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/06/22 21:47:28
     [servconf.c]
     reuse the multistate option arrays to pretty-print options for "sshd -T"
   - djm@@cvs.openbsd.org 2011/06/22 21:57:01
     [servconf.c servconf.h sshd.c sshd_config.5]
     [configure.ac Makefile.in]
     introduce sandboxing of the pre-auth privsep child using systrace(4).
     
     This introduces a new "UsePrivilegeSeparation=sandbox" option for
     sshd_config that applies mandatory restrictions on the syscalls the
     privsep child can perform. This prevents a compromised privsep child
     from being used to attack other hosts (by opening sockets and proxying)
     or probing local kernel attack surface.
     
     The sandbox is implemented using systrace(4) in unsupervised "fast-path"
     mode, where a list of permitted syscalls is supplied. Any syscall not
     on the list results in SIGKILL being sent to the privsep child. Note
     that this requires a kernel with the new SYSTR_POLICY_KILL option.
     
     UsePrivilegeSeparation=sandbox will become the default in the future
     so please start testing it now.
     
     feedback dtucker@@; ok markus@@
   - djm@@cvs.openbsd.org 2011/06/22 22:08:42
     [channels.c channels.h clientloop.c clientloop.h mux.c ssh.c]
     hook up a channel confirm callback to warn the user then requested X11
     forwarding was refused by the server; ok markus@@
   - djm@@cvs.openbsd.org 2011/06/23 09:34:13
     [sshd.c ssh-sandbox.h sandbox.h sandbox-rlimit.c sandbox-systrace.c]
     [sandbox-null.c]
     rename sandbox.h => ssh-sandbox.h to make things easier for portable
 - (djm) [sandbox-null.c] Dummy sandbox for platforms that don't support
   setrlimit(2)

20110620
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/06/04 00:10:26
     [ssh_config.5]
     explain IdentifyFile's semantics a little better, prompted by bz#1898
     ok dtucker jmc
   - markus@@cvs.openbsd.org 2011/06/14 22:49:18
     [authfile.c]
     make sure key_parse_public/private_rsa1() no longer consumes its input
     buffer.  fixes ssh-add for passphrase-protected ssh1-keys;
     noted by naddy@@; ok djm@@
   - djm@@cvs.openbsd.org 2011/06/17 21:44:31
     [log.c log.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h sshd.c]
     make the pre-auth privsep slave log via a socketpair shared with the
     monitor rather than /var/empty/dev/log; ok dtucker@@ deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2011/06/17 21:46:16
     [sftp-server.c]
     the protocol version should be unsigned; bz#1913 reported by mb AT
     smartftp.com
   - djm@@cvs.openbsd.org 2011/06/17 21:47:35
     [servconf.c]
     factor out multi-choice option parsing into a parse_multistate label
     and some support structures; ok dtucker@@
   - djm@@cvs.openbsd.org 2011/06/17 21:57:25
     [clientloop.c]
     setproctitle for a mux master that has been gracefully stopped;
     bz#1911 from Bert.Wesarg AT googlemail.com

20110603
 - (dtucker) [README version.h contrib/caldera/openssh.spec
   contrib/redhat/openssh.spec contrib/suse/openssh.spec] Pull the version
   bumps from the 5.8p2 branch into HEAD.  ok djm.
 - (tim) [configure.ac defines.h] Run test program to detect system mail
   directory. Add --with-maildir option to override. Fixed OpenServer 6
   getting it wrong. Fixed many systems having MAIL=/var/mail//username
   ok dtucker
 - (dtucker) [monitor.c] Remove the !HAVE_SOCKETPAIR case.  We use socketpair
   unconditionally in other places and the survey data we have does not show
   any systems that use it.  "nuke it" djm@@
 - (djm) [configure.ac] enable setproctitle emulation for OS X
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/06/03 00:54:38
     [ssh.c]
     bz#1883 - setproctitle() to identify mux master; patch from Bert.Wesarg
     AT googlemail.com; ok dtucker@@
     NB. includes additional portability code to enable setproctitle emulation
     on platforms that don't support it.
   - dtucker@@cvs.openbsd.org 2011/06/03 01:37:40
     [ssh-agent.c]
     Check current parent process ID against saved one to determine if the parent
     has exited, rather than attempting to send a zero signal, since the latter
     won't work if the parent has changed privs.  bz#1905, patch from Daniel Kahn
     Gillmor, ok djm@@
    - dtucker@@cvs.openbsd.org 2011/05/31 02:01:58
     [regress/dynamic-forward.sh]
     back out revs 1.6 and 1.5 since it's not reliable
   - dtucker@@cvs.openbsd.org 2011/05/31 02:03:34
     [regress/dynamic-forward.sh]
     work around startup and teardown races; caught by deraadt
   - dtucker@@cvs.openbsd.org 2011/06/03 00:29:52
     [regress/dynamic-forward.sh]
     Retry establishing the port forwarding after a small delay, should make
     the tests less flaky when the previous test is slow to shut down and free
     up the port.
 - (tim) [regress/cfgmatch.sh] Build/test out of tree fix.

20110529
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/05/23 03:30:07
     [auth-rsa.c auth.c auth.h auth2-pubkey.c monitor.c monitor_wrap.c]
     [pathnames.h servconf.c servconf.h sshd.8 sshd_config sshd_config.5]
     allow AuthorizedKeysFile to specify multiple files, separated by spaces.
     Bring back authorized_keys2 as a default search path (to avoid breaking
     existing users of this file), but override this in sshd_config so it will
     be no longer used on fresh installs. Maybe in 2015 we can remove it
     entierly :)
     
     feedback and ok markus@@ dtucker@@
   - djm@@cvs.openbsd.org 2011/05/23 03:33:38
     [auth.c]
     make secure_filename() spam debug logs less
   - djm@@cvs.openbsd.org 2011/05/23 03:52:55
     [sshconnect.c]
     remove extra newline
   - jmc@@cvs.openbsd.org 2011/05/23 07:10:21
     [sshd.8 sshd_config.5]
     tweak previous; ok djm
   - djm@@cvs.openbsd.org 2011/05/23 07:24:57
     [authfile.c]
     read in key comments for v.2 keys (though note that these are not
     passed over the agent protocol); bz#439, based on patch from binder
     AT arago.de; ok markus@@
   - djm@@cvs.openbsd.org 2011/05/24 07:15:47
     [readconf.c readconf.h ssh.c ssh_config.5 sshconnect.c sshconnect2.c]
     Remove undocumented legacy options UserKnownHostsFile2 and
     GlobalKnownHostsFile2 by making UserKnownHostsFile/GlobalKnownHostsFile
     accept multiple paths per line and making their defaults include
     known_hosts2; ok markus
   - djm@@cvs.openbsd.org 2011/05/23 03:31:31
     [regress/cfgmatch.sh]
     include testing of multiple/overridden AuthorizedKeysFiles
     refactor to simply daemon start/stop and get rid of racy constructs

20110520
 - (djm) [session.c] call setexeccon() before executing passwd for pw
   changes; bz#1891 reported by jchadima AT redhat.com; ok dtucker@@
 - (djm) [aclocal.m4 configure.ac] since gcc-4.x ignores all -Wno-options
   options, we should corresponding -W-option when trying to determine
   whether it is accepted.  Also includes a warning fix on the program
   fragment uses (bad main() return type).
   bz#1900 and bz#1901 reported by g.esp AT free.fr; ok dtucker@@
 - (djm) [servconf.c] remove leftover droppings of AuthorizedKeysFile2
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/05/15 08:09:01
     [authfd.c monitor.c serverloop.c]
     use FD_CLOEXEC consistently; patch from zion AT x96.org
   - djm@@cvs.openbsd.org 2011/05/17 07:13:31
     [key.c]
     fatal() if asked to generate a legacy ECDSA cert (these don't exist)
     and fix the regress test that was trying to generate them :)
   - djm@@cvs.openbsd.org 2011/05/20 00:55:02
     [servconf.c]
     the options TrustedUserCAKeys, RevokedKeysFile, AuthorizedKeysFile
     and AuthorizedPrincipalsFile were not being correctly applied in
     Match blocks, despite being overridable there; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2011/05/20 02:00:19
     [servconf.c]
     Add comment documenting what should be after the preauth check.  ok djm
   - djm@@cvs.openbsd.org 2011/05/20 03:25:45
     [monitor.c monitor_wrap.c servconf.c servconf.h]
     use a macro to define which string options to copy between configs
     for Match. This avoids problems caused by forgetting to keep three
     code locations in perfect sync and ordering
     
     "this is at once beautiful and horrible" + ok dtucker@@
   - djm@@cvs.openbsd.org 2011/05/17 07:13:31
     [regress/cert-userkey.sh]
     fatal() if asked to generate a legacy ECDSA cert (these don't exist)
     and fix the regress test that was trying to generate them :)
   - djm@@cvs.openbsd.org 2011/05/20 02:43:36
     [cert-hostkey.sh]
     another attempt to generate a v00 ECDSA key that broke the test
     ID sync only - portable already had this somehow
   - dtucker@@cvs.openbsd.org 2011/05/20 05:19:50
     [dynamic-forward.sh]
     Prevent races in dynamic forwarding test; ok djm
   - dtucker@@cvs.openbsd.org 2011/05/20 06:32:30
     [dynamic-forward.sh]
     fix dumb error in dynamic-forward test

20110515
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/05/05 05:12:08
     [mux.c]
     gracefully fall back when ControlPath is too large for a
     sockaddr_un. ok markus@@ as part of a larger diff
   - dtucker@@cvs.openbsd.org 2011/05/06 01:03:35
     [sshd_config]
     clarify language about overriding defaults.  bz#1892, from Petr Cerny
   - djm@@cvs.openbsd.org 2011/05/06 01:09:53
     [sftp.1]
     mention that IPv6 addresses must be enclosed in square brackets;
     bz#1845
   - djm@@cvs.openbsd.org 2011/05/06 02:05:41
     [sshconnect2.c]
     fix memory leak; bz#1849 ok dtucker@@
   - djm@@cvs.openbsd.org 2011/05/06 21:14:05
     [packet.c packet.h]
     set traffic class for IPv6 traffic as we do for IPv4 TOS;
     patch from lionel AT mamane.lu via Colin Watson in bz#1855;
     ok markus@@
   - djm@@cvs.openbsd.org 2011/05/06 21:18:02
     [ssh.c ssh_config.5]
     add a %L expansion (short-form of the local host name) for ControlPath;
     sync some more expansions with LocalCommand; ok markus@@
   - djm@@cvs.openbsd.org 2011/05/06 21:31:38
     [readconf.c ssh_config.5]
     support negated Host matching, e.g.
     
     Host *.example.org !c.example.org
        User mekmitasdigoat
     
     Will match "a.example.org", "b.example.org", but not "c.example.org"
     ok markus@@
   - djm@@cvs.openbsd.org 2011/05/06 21:34:32
     [clientloop.c mux.c readconf.c readconf.h ssh.c ssh_config.5]
     Add a RequestTTY ssh_config option to allow configuration-based
     control over tty allocation (like -t/-T); ok markus@@
   - djm@@cvs.openbsd.org 2011/05/06 21:38:58
     [ssh.c]
     fix dropping from previous diff
   - djm@@cvs.openbsd.org 2011/05/06 22:20:10
     [PROTOCOL.mux]
     fix numbering; from bert.wesarg AT googlemail.com
   - jmc@@cvs.openbsd.org 2011/05/07 23:19:39
     [ssh_config.5]
     - tweak previous
     - come consistency fixes
     ok djm
   - jmc@@cvs.openbsd.org 2011/05/07 23:20:25
     [ssh.1]
     +.It RequestTTY
   - djm@@cvs.openbsd.org 2011/05/08 12:52:01
     [PROTOCOL.mux clientloop.c clientloop.h mux.c]
     improve our behaviour when TTY allocation fails: if we are in
     RequestTTY=auto mode (the default), then do not treat at TTY
     allocation error as fatal but rather just restore the local TTY
     to cooked mode and continue. This is more graceful on devices that
     never allocate TTYs.
     
     If RequestTTY is set to "yes" or "force", then failure to allocate
     a TTY is fatal.
     
     ok markus@@
   - djm@@cvs.openbsd.org 2011/05/10 05:46:46
     [authfile.c]
     despam debug() logs by detecting that we are trying to load a private key
     in key_try_load_public() and returning early; ok markus@@
   - djm@@cvs.openbsd.org 2011/05/11 04:47:06
     [auth.c auth.h auth2-pubkey.c pathnames.h servconf.c servconf.h]
     remove support for authorized_keys2; it is a relic from the early days
     of protocol v.2 support and has been undocumented for many years;
     ok markus@@
   - djm@@cvs.openbsd.org 2011/05/13 00:05:36
     [authfile.c]
     warn on unexpected key type in key_parse_private_type()
 - (djm) [packet.c] unbreak portability #endif

20110510
 - (dtucker) [openbsd-compat/openssl-compat.{c,h}] Bug #1882: fix
   --with-ssl-engine which was broken with the change from deprecated
   SSLeay_add_all_algorithms().  ok djm

20110506
 - (dtucker) [openbsd-compat/regress/closefromtest.c] Bug #1875: add prototype
   for closefrom() in test code.  Report from Dan Wallis via Gentoo.

20110505
 - (djm) [defines.h] Move up include of netinet/ip.h for IPTOS
   definitions. From des AT des.no
 - (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac]
   [entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c]
   [ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c]
   [ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh]
   [regress/README.regress] Remove ssh-rand-helper and all its
   tentacles. PRNGd seeding has been rolled into entropy.c directly.
   Thanks to tim@@ for testing on affected platforms.
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/03/10 02:52:57
     [auth2-gss.c auth2.c auth.h]
     allow GSSAPI authentication to detect when a server-side failure causes
     authentication failure and don't count such failures against MaxAuthTries;
     bz#1244 from simon AT sxw.org.uk; ok markus@@ before lock
   - okan@@cvs.openbsd.org 2011/03/15 10:36:02
     [ssh-keyscan.c]
     use timerclear macro
     ok djm@@
   - stevesk@@cvs.openbsd.org 2011/03/23 15:16:22
     [ssh-keygen.1 ssh-keygen.c]
     Add -A option.  For each of the key types (rsa1, rsa, dsa and ecdsa)
     for which host keys do not exist, generate the host keys with the
     default key file path, an empty passphrase, default bits for the key
     type, and default comment.  This will be used by /etc/rc to generate
     new host keys.  Idea from deraadt.
     ok deraadt
   - stevesk@@cvs.openbsd.org 2011/03/23 16:24:56
     [ssh-keygen.1]
     -q not used in /etc/rc now so remove statement.
   - stevesk@@cvs.openbsd.org 2011/03/23 16:50:04
     [ssh-keygen.c]
     remove -d, documentation removed >10 years ago; ok markus
   - jmc@@cvs.openbsd.org 2011/03/24 15:29:30
     [ssh-keygen.1]
     zap trailing whitespace;
   - stevesk@@cvs.openbsd.org 2011/03/24 22:14:54
     [ssh-keygen.c]
     use strcasecmp() for "clear" cert permission option also; ok djm
   - stevesk@@cvs.openbsd.org 2011/03/29 18:54:17
     [misc.c misc.h servconf.c]
     print ipqos friendly string for sshd -T; ok markus
     # sshd -Tf sshd_config|grep ipqos
     ipqos lowdelay throughput
   - djm@@cvs.openbsd.org 2011/04/12 04:23:50
     [ssh-keygen.c]
     fix -Wshadow
   - djm@@cvs.openbsd.org 2011/04/12 05:32:49
     [sshd.c]
     exit with 0 status on SIGTERM; bz#1879
   - djm@@cvs.openbsd.org 2011/04/13 04:02:48
     [ssh-keygen.1]
     improve wording; bz#1861
   - djm@@cvs.openbsd.org 2011/04/13 04:09:37
     [ssh-keygen.1]
     mention valid -b sizes for ECDSA keys; bz#1862
   - djm@@cvs.openbsd.org 2011/04/17 22:42:42
     [PROTOCOL.mux clientloop.c clientloop.h mux.c ssh.1 ssh.c]
     allow graceful shutdown of multiplexing: request that a mux server
     removes its listener socket and refuse future multiplexing requests;
     ok markus@@
   - djm@@cvs.openbsd.org 2011/04/18 00:46:05
     [ssh-keygen.c]
     certificate options are supposed to be packed in lexical order of
     option name (though we don't actually enforce this at present).
     Move one up that was out of sequence
   - djm@@cvs.openbsd.org 2011/05/04 21:15:29
     [authfile.c authfile.h ssh-add.c]
     allow "ssh-add - < key"; feedback and ok markus@@
 - (tim) [configure.ac] Add AC_LANG_SOURCE to OPENSSH_CHECK_CFLAG_COMPILE
   so autoreconf 2.68 is happy.
 - (tim) [defines.h] Deal with platforms that do not have S_IFSOCK ok djm@@

20110221
 - (dtucker) [contrib/cygwin/ssh-host-config] From Corinna: revamp of the
   Cygwin-specific service installer script ssh-host-config.  The actual
   functionality is the same, the revisited version is just more
   exact when it comes to check for problems which disallow to run
   certain aspects of the script.  So, part of this script and the also
   rearranged service helper script library "csih" is to check if all
   the tools required to run the script are available on the system.
   The new script also is more thorough to inform the user why the
   script failed.  Patch from vinschen at redhat com.

20110218
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/02/16 00:31:14
     [ssh-keysign.c]
     make hostbased auth with ECDSA keys work correctly. Based on patch
     by harvey.eneman AT oracle.com in bz#1858; ok markus@@ (pre-lock)

20110206
 - (dtucker) [openbsd-compat/port-linux.c] Bug #1851: fix syntax error in
   selinux code.  Patch from Leonardo Chiquitto 
 - (dtucker) [contrib/cygwin/ssh-{host,user}-config]  Add ECDSA key
   generation and simplify.  Patch from Corinna Vinschen.

20110204
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/01/31 21:42:15
     [PROTOCOL.mux]
     cut'n'pasto; from bert.wesarg AT googlemail.com
   - djm@@cvs.openbsd.org 2011/02/04 00:44:21
     [key.c]
     fix uninitialised nonce variable; reported by Mateusz Kocielski
   - djm@@cvs.openbsd.org 2011/02/04 00:44:43
     [version.h]
     openssh-5.8
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] update versions in docs and spec files.
 - Release OpenSSH 5.8p1

20110128
 - (djm) [openbsd-compat/port-linux.c] Check whether SELinux is enabled
   before attempting setfscreatecon(). Check whether matchpathcon()
   succeeded before using its result. Patch from cjwatson AT debian.org;
   bz#1851

20110127
 - (tim) [config.guess config.sub] Sync with upstream.
 - (tim) [configure.ac] Consistent M4 quoting throughout, updated obsolete
   AC_TRY_COMPILE with AC_COMPILE_IFELSE, updated obsolete AC_TRY_LINK with
   AC_LINK_IFELSE, updated obsolete AC_TRY_RUN with AC_RUN_IFELSE, misc white
   space changes for consistency/readability. Makes autoconf 2.68 happy.
   "Nice work" djm

20110125
 - (djm) [configure.ac Makefile.in ssh.c openbsd-compat/port-linux.c
   openbsd-compat/port-linux.h] Move SELinux-specific code from ssh.c to
   port-linux.c to avoid compilation errors. Add -lselinux to ssh when
   building with SELinux support to avoid linking failure; report from
   amk AT spamfence.net; ok dtucker

20110122
 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add
   RSA_get_default_method() for the benefit of openssl versions that don't
   have it (at least openssl-engine-0.9.6b).  Found and tested by Kevin Brott,
   ok djm@@.
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/01/22 09:18:53
     [version.h]
     crank to OpenSSH-5.7
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] update versions in docs and spec files.
 - (djm) Release 5.7p1

20110119
 - (tim) [contrib/caldera/openssh.spec] Use CFLAGS from Makefile instead
   of RPM so build completes. Signatures were changed to .asc since 4.1p1.
 - (djm) [configure.ac] Disable ECC on OpenSSL <0.9.8g. Releases prior to
   0.9.8 lacked it, and 0.9.8a through 0.9.8d have proven buggy in pre-
   release testing (random crashes and failure to load ECC keys).
   ok dtucker@@

20110117
 - (djm) [regress/Makefile] use $TEST_SSH_KEYGEN instead of the one in
   $PATH, fix cleanup of droppings; reported by openssh AT
   roumenpetrov.info; ok dtucker@@
 - (djm) [regress/agent-ptrace.sh] Fix false failure on OS X by adding
   its unique snowflake of a gdb error to the ones we look for.
 - (djm) [regress/agent-getpeereid.sh] leave stdout attached when running
   ssh-add to avoid $SUDO failures on Linux
 - (dtucker) [openbsd-compat/port-linux.c] Bug #1838: Add support for the new
   Linux OOM-killer magic values that changed in 2.6.36 kernels, with fallback
   to the old values.  Feedback from vapier at gentoo org and djm, ok djm.
 - (djm) [configure.ac regress/agent-getpeereid.sh regress/multiplex.sh]
   [regress/sftp-glob.sh regress/test-exec.sh] Rework how feature tests are
   disabled on platforms that do not support them; add a "config_defined()"
   shell function that greps for defines in config.h and use them to decide
   on feature tests.
   Convert a couple of existing grep's over config.h to use the new function
   Add a define "FILESYSTEM_NO_BACKSLASH" for filesystem that can't represent
   backslash characters in filenames, enable it for Cygwin and use it to turn
   of tests for quotes backslashes in sftp-glob.sh.
   based on discussion with vinschen AT redhat.com and dtucker@@; ok dtucker@@
 - (tim) [regress/agent-getpeereid.sh] shell portability fix.
 - (dtucker) [openbsd-compat/port-linux.c] Fix minor bug caught by -Werror on
   the tinderbox.
 - (dtucker) [LICENCE Makefile.in audit-bsm.c audit-linux.c audit.c audit.h
   configure.ac defines.h loginrec.c]  Bug #1402: add linux audit subsystem
   support, based on patches from Tomas Mraz and jchadima at redhat.

20110116
 - (dtucker) [Makefile.in configure.ac regress/kextype.sh] Skip sha256-based
   on configurations that don't have it.
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/01/16 11:50:05
     [clientloop.c]
     Use atomicio when flushing protocol 1 std{out,err} buffers at
     session close. This was a latent bug exposed by setting a SIGCHLD
     handler and spotted by kevin.brott AT gmail.com; ok dtucker@@
   - djm@@cvs.openbsd.org 2011/01/16 11:50:36
     [sshconnect.c]
     reset the SIGPIPE handler when forking to execute child processes;
     ok dtucker@@
   - djm@@cvs.openbsd.org 2011/01/16 12:05:59
     [clientloop.c]
     a couple more tweaks to the post-close protocol 1 stderr/stdout flush:
     now that we use atomicio(), convert them from while loops to if statements
     add test and cast to compile cleanly with -Wsigned

20110114
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/01/13 21:54:53
     [mux.c]
     correct error messages; patch from bert.wesarg AT googlemail.com
   - djm@@cvs.openbsd.org 2011/01/13 21:55:25
     [PROTOCOL.mux]
     correct protocol names and add a couple of missing protocol number
     defines; patch from bert.wesarg AT googlemail.com
 - (djm) [Makefile.in] Use shell test to disable ecdsa key generating in
   host-key-force target rather than a substitution that is replaced with a
   comment so that the Makefile.in is still a syntactically valid Makefile
   (useful to run the distprep target)
 - (tim) [regress/cert-hostkey.sh] Typo. Missing $ on variable name.
 - (tim) [regress/cert-hostkey.sh] Add missing TEST_SSH_ECC guard around some
   ecdsa bits.

20110113
 - (djm) [misc.c] include time.h for nanosleep() prototype
 - (tim) [Makefile.in] test the ECC bits if we have the capability. ok djm
 - (tim) [Makefile.in configure.ac opensshd.init.in] Add support for generating
   ecdsa keys. ok djm.
 - (djm) [entropy.c] cast OPENSSL_VERSION_NUMBER to u_long to avoid
   gcc warning on platforms where it defaults to int
 - (djm) [regress/Makefile] add a few more generated files to the clean
   target
 - (djm) [myproposal.h] Fix reversed OPENSSL_VERSION_NUMBER test and bad
   #define that was causing diffie-hellman-group-exchange-sha256 to be
   incorrectly disabled
 - (djm) [regress/kextype.sh] Testing diffie-hellman-group-exchange-sha256
   should not depend on ECC support

20110112
 - OpenBSD CVS Sync
   - nicm@@cvs.openbsd.org 2010/10/08 21:48:42
     [openbsd-compat/glob.c]
     Extend GLOB_LIMIT to cover readdir and stat and bump the malloc limit
     from ARG_MAX to 64K.
     Fixes glob-using programs (notably ftp) able to be triggered to hit
     resource limits.
     Idea from a similar NetBSD change, original problem reported by jasper@@.
     ok millert tedu jasper
   - djm@@cvs.openbsd.org 2011/01/12 01:53:14
     avoid some integer overflows mostly with GLOB_APPEND and GLOB_DOOFFS
     and sanity check arguments (these will be unnecessary when we switch
     struct glob members from being type into to size_t in the future);
     "looks ok" tedu@@ feedback guenther@@
 - (djm) [configure.ac] Turn on -Wno-unused-result for gcc >= 4.4 to avoid
   silly warnings on write() calls we don't care succeed or not.
 - (djm) [configure.ac] Fix broken test for gcc >= 4.4 with per-compiler
   flag tests that don't depend on gcc version at all; suggested by and
   ok dtucker@@

20110111
 - (tim) [regress/host-expand.sh] Fix for building outside of read only
   source tree.
 - (djm) [platform.c] Some missing includes that show up under -Werror
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/01/08 10:51:51
     [clientloop.c]
     use host and not options.hostname, as the latter may have unescaped
     substitution characters
   - djm@@cvs.openbsd.org 2011/01/11 06:06:09
     [sshlogin.c]
     fd leak on error paths; from zinovik@@
     NB. Id sync only; we use loginrec.c that was also audited and fixed
     recently
   - djm@@cvs.openbsd.org 2011/01/11 06:13:10
     [clientloop.c ssh-keygen.c sshd.c]
     some unsigned long long casts that make things a bit easier for
     portable without resorting to dropping PRIu64 formats everywhere

20110109
 - (djm) [Makefile.in] list ssh_host_ecdsa key in PATHSUBS; spotted by
   openssh AT roumenpetrov.info

20110108
 - (djm) [regress/keytype.sh] s/echo -n/echon/ to repair failing regress
   test on OSX and others. Reported by imorgan AT nas.nasa.gov

20110107
 - (djm) [regress/cert-hostkey.sh regress/cert-userkey.sh] fix shell test
   for no-ECC case. Patch from cristian.ionescu-idbohrn AT axis.com
   - djm@@cvs.openbsd.org 2011/01/06 22:23:53
     [ssh.c]
     unbreak %n expansion in LocalCommand; patch from bert.wesarg AT
     googlemail.com; ok markus@@
   - djm@@cvs.openbsd.org 2011/01/06 22:23:02
     [clientloop.c]
     when exiting due to ServerAliveTimeout, mention the hostname that caused
     it (useful with backgrounded controlmaster)
   - djm@@cvs.openbsd.org 2011/01/06 22:46:21
     [regress/Makefile regress/host-expand.sh]
     regress test for LocalCommand %n expansion from bert.wesarg AT
     googlemail.com; ok markus@@
   - djm@@cvs.openbsd.org 2011/01/06 23:01:35
     [sshconnect.c]
     reset SIGCHLD handler to SIG_DFL when execuring LocalCommand;
     ok markus@@

20110106
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2010/12/08 22:46:03
     [scp.1 scp.c]
     add a new -3 option to scp: Copies between two remote hosts are
     transferred through the local host.  Without this option the data
     is copied directly between the two remote hosts. ok djm@@ (bugzilla #1837)
   - jmc@@cvs.openbsd.org 2010/12/09 14:13:33
     [scp.1 scp.c]
     scp.1: grammer fix
     scp.c: add -3 to usage()
   - markus@@cvs.openbsd.org 2010/12/14 11:59:06
     [sshconnect.c]
     don't mention key type in key-changed-warning, since we also print
     this warning if a new key type appears. ok djm@@
   - djm@@cvs.openbsd.org 2010/12/15 00:49:27
     [readpass.c]
     fix ControlMaster=ask regression
     reset SIGCHLD handler before fork (and restore it after) so we don't miss
     the the askpass child's exit status. Correct test for exit status/signal to
     account for waitpid() failure; with claudio@@ ok claudio@@ markus@@
   - djm@@cvs.openbsd.org 2010/12/24 21:41:48
     [auth-options.c]
     don't send the actual forced command in a debug message; ok markus deraadt
   - otto@@cvs.openbsd.org 2011/01/04 20:44:13
     [ssh-keyscan.c]
     handle ecdsa-sha2 with various key lengths; hint and ok djm@@

20110104
 - (djm) [configure.ac Makefile.in] Use mandoc as preferred manpage
   formatter if it is present, followed by nroff and groff respectively.
   Fixes distprep target on OpenBSD (which has bumped groff/nroff to ports
   in favour of mandoc). feedback and ok tim

20110103
 - (djm) [Makefile.in] revert local hack I didn't intend to commit

20110102
 - (djm) [loginrec.c] Fix some fd leaks on error paths. ok dtucker
 - (djm) [configure.ac] Check whether libdes is needed when building
   with Heimdal krb5 support. On OpenBSD this library no longer exists,
   so linking it unconditionally causes a build failure; ok dtucker

20101226
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/12/08 04:02:47
     [ssh_config.5 sshd_config.5]
     explain that IPQoS arguments are separated by whitespace; iirc requested
     by jmc@@ a while back

20101205
 - (dtucker) openbsd-compat/openssl-compat.c] remove sleep leftover from
   debugging.  Spotted by djm.
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/12/03 23:49:26
     [schnorr.c]
     check that g^x^q === 1 mod p; recommended by JPAKE author Feng Hao
     (this code is still disabled, but apprently people are treating it as
     a reference implementation)
   - djm@@cvs.openbsd.org 2010/12/03 23:55:27
     [auth-rsa.c]
     move check for revoked keys to run earlier (in auth_rsa_key_allowed)
     bz#1829; patch from ldv AT altlinux.org; ok markus@@
   - djm@@cvs.openbsd.org 2010/12/04 00:18:01
     [sftp-server.c sftp.1 sftp-client.h sftp.c PROTOCOL sftp-client.c]
     add a protocol extension to support a hard link operation. It is
     available through the "ln" command in the client. The old "ln"
     behaviour of creating a symlink is available using its "-s" option
     or through the preexisting "symlink" command; based on a patch from
     miklos AT szeredi.hu in bz#1555; ok markus@@
   - djm@@cvs.openbsd.org 2010/12/04 13:31:37
     [hostfile.c]
     fix fd leak; spotted and ok dtucker
   - djm@@cvs.openbsd.org 2010/12/04 00:21:19
     [regress/sftp-cmds.sh]
     adjust for hard-link support
 - (dtucker) [regress/Makefile] Id sync.

20101204
 - (djm) [openbsd-compat/bindresvport.c] Use arc4random_uniform(range)
   instead of (arc4random() % range)
 - (dtucker) [configure.ac moduli.c openbsd-compat/openssl-compat.{c,h}]  Add
   shims for the new, non-deprecated OpenSSL key generation functions for
   platforms that don't have the new interfaces.

20101201
 - OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2010/11/20 05:12:38
     [auth2-pubkey.c]
     clean up cases of ;;
   - djm@@cvs.openbsd.org 2010/11/21 01:01:13
     [clientloop.c misc.c misc.h ssh-agent.1 ssh-agent.c]
     honour $TMPDIR for client xauth and ssh-agent temporary directories;
     feedback and ok markus@@
   - djm@@cvs.openbsd.org 2010/11/21 10:57:07
     [authfile.c]
     Refactor internals of private key loading and saving to work on memory
     buffers rather than directly on files. This will make a few things
     easier to do in the future; ok markus@@
   - djm@@cvs.openbsd.org 2010/11/23 02:35:50
     [auth.c]
     use strict_modes already passed as function argument over referencing
     global options.strict_modes
   - djm@@cvs.openbsd.org 2010/11/23 23:57:24
     [clientloop.c]
     avoid NULL deref on receiving a channel request on an unknown or invalid
     channel; report bz#1842 from jchadima AT redhat.com; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/11/24 01:24:14
     [channels.c]
     remove a debug() that pollutes stderr on client connecting to a server
     in debug mode (channel_close_fds is called transitively from the session
     code post-fork); bz#1719, ok dtucker
   - djm@@cvs.openbsd.org 2010/11/25 04:10:09
     [session.c]
     replace close() loop for fds 3->64 with closefrom();
     ok markus deraadt dtucker
   - djm@@cvs.openbsd.org 2010/11/26 05:52:49
     [scp.c]
     Pass through ssh command-line flags and options when doing remote-remote
     transfers, e.g. to enable agent forwarding which is particularly useful
     in this case; bz#1837 ok dtucker@@
   - markus@@cvs.openbsd.org 2010/11/29 18:57:04
     [authfile.c]
     correctly load comment for encrypted rsa1 keys;
     report/fix Joachim Schipper; ok djm@@
   - djm@@cvs.openbsd.org 2010/11/29 23:45:51
     [auth.c hostfile.c hostfile.h ssh.c ssh_config.5 sshconnect.c]
     [sshconnect.h sshconnect2.c]
     automatically order the hostkeys requested by the client based on
     which hostkeys are already recorded in known_hosts. This avoids
     hostkey warnings when connecting to servers with new ECDSA keys
     that are preferred by default; with markus@@

20101124
 - (dtucker) [platform.c session.c] Move the getluid call out of session.c and
   into the platform-specific code  Only affects SCO, tested by and ok tim@@.
 - (djm) [loginrec.c] Relax permission requirement on btmp logs to allow
   group read/write. ok dtucker@@
 - (dtucker) [packet.c] Remove redundant local declaration of "int tos".
 - (djm) [defines.h] Add IP DSCP defines

20101122
 - (dtucker) Bug #1840: fix warning when configuring --with-ssl-engine, patch
   from vapier at gentoo org.

20101120
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/11/05 02:46:47
     [packet.c]
     whitespace KNF
   - djm@@cvs.openbsd.org 2010/11/10 01:33:07
     [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c moduli.c]
     use only libcrypto APIs that are retained with OPENSSL_NO_DEPRECATED.
     these have been around for years by this time. ok markus
   - djm@@cvs.openbsd.org 2010/11/13 23:27:51
     [clientloop.c misc.c misc.h packet.c packet.h readconf.c readconf.h]
     [servconf.c servconf.h session.c ssh.c ssh_config.5 sshd_config.5]
     allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead of
     hardcoding lowdelay/throughput.
     
     bz#1733 patch from philipp AT redfish-solutions.com; ok markus@@ deraadt@@
   - jmc@@cvs.openbsd.org 2010/11/15 07:40:14
     [ssh_config.5]
     libary -> library;
   - jmc@@cvs.openbsd.org 2010/11/18 15:01:00
     [scp.1 sftp.1 ssh.1 sshd_config.5]
     add IPQoS to the various -o lists, and zap some trailing whitespace;

20101111
 - (djm) [servconf.c ssh-add.c ssh-keygen.c] don't look for ECDSA keys on
   platforms that don't support ECC. Fixes some spurious warnings reported
   by tim@@

20101109
 - (tim) [regress/kextype.sh] Not all platforms have time in /usr/bin.
   Feedback from dtucker@@
 - (tim) [configure.ac openbsd-compat/bsd-misc.h openbsd-compat/bsd-misc.c] Add
   support for platforms missing isblank(). ok djm@@

20101108
 - (tim) [regress/Makefile] Fixes to allow building/testing outside source
   tree.
 - (tim) [regress/kextype.sh] Shell portability fix.

20101107
 - (dtucker) [platform.c] includes.h instead of defines.h so that we get
   the correct typedefs.

20101105
 - (djm) [loginrec.c loginrec.h] Use correct uid_t/pid_t types instead of
   int. Should fix bz#1817 cleanly; ok dtucker@@
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/09/22 12:26:05
     [regress/Makefile regress/kextype.sh]
     regress test for each of the key exchange algorithms that we support
   - djm@@cvs.openbsd.org 2010/10/28 11:22:09
     [authfile.c key.c key.h ssh-keygen.c]
     fix a possible NULL deref on loading a corrupt ECDH key
     
     store ECDH group information in private keys files as "named groups"
     rather than as a set of explicit group parameters (by setting
     the OPENSSL_EC_NAMED_CURVE flag). This makes for shorter key files and
     retrieves the group's OpenSSL NID that we need for various things.
   - jmc@@cvs.openbsd.org 2010/10/28 18:33:28
     [scp.1 ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5]
     knock out some "-*- nroff -*-" lines;
   - djm@@cvs.openbsd.org 2010/11/04 02:45:34
     [sftp-server.c]
     umask should be parsed as octal. reported by candland AT xmission.com;
     ok markus@@
 - (dtucker) [configure.ac platform.{c,h} session.c
   openbsd-compat/port-solaris.{c,h}] Bug #1824: Add Solaris Project support.
   Patch from cory.erickson at csu mnscu edu with a bit of rework from me.
   ok djm@@
 - (dtucker) [platform.c platform.h session.c] Add a platform hook to run
   after the user's groups are established and move the selinux calls into it.
 - (dtucker) [platform.c session.c] Move the AIX setpcred+chroot hack into
   platform.c
 - (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c.
 - (dtucker) [platform.c] Only call setpgrp on BSDI if running as root to
   retain previous behavior.
 - (dtucker) [platform.c session.c] Move the PAM credential establishment for
   the LOGIN_CAP case into platform.c.
 - (dtucker) platform.c session.c] Move the USE_LIBIAF fragment into
   platform.c
 - (dtucker) [platform.c session.c] Move aix_usrinfo frament into platform.c.
 - (dtucker) [platform.c session.c] Move irix setusercontext fragment into
   platform.c.
 - (dtucker) [platform.c session.c] Move PAM credential establishment for the
   non-LOGIN_CAP case into platform.c.
 - (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case
   check into platform.c
 - (dtucker) [regress/keytype.sh] Import new test.
 - (dtucker) [Makefile configure.ac regress/Makefile regress/keytype.sh]
   Import recent changes to regress/Makefile, pass a flag to enable ECC tests
   from configure through to regress/Makefile and use it in the tests.
 - (dtucker) [regress/kextype.sh] Add missing "test".
 - (dtucker) [regress/kextype.sh] Make sha256 test depend on ECC.  This is not
   strictly correct since while ECC requires sha256 the reverse is not true
   however it does prevent spurious test failures.
 - (dtucker) [platform.c] Need servconf.h and extern options.

20101025
 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with
   1.12 to unbreak Solaris build.
   ok djm@@
 - (dtucker) [defines.h] Use SIZE_T_MAX for SIZE_MAX for platforms that have a
   native one.

20101024
 - (dtucker) [includes.h] Add missing ifdef GLOB_HAS_GL_STATV to fix build.
 - (dtucker) [regress/cert-hostkey.sh] Disable ECC-based tests on platforms
   which don't have ECC support in libcrypto.
 - (dtucker) [regress/cert-userkey.sh] Disable ECC-based tests on platforms
   which don't have ECC support in libcrypto.
 - (dtucker) [defines.h] Add SIZE_MAX for the benefit of platforms that don't
   have it.
 - (dtucker) OpenBSD CVS Sync
   - sthen@@cvs.openbsd.org 2010/10/23 22:06:12
     [sftp.c]
     escape '[' in filename tab-completion; fix a type while there.
     ok djm@@

20101021
 - OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2010/10/12 02:22:24
     [mux.c]
     Typo in confirmation message.  bz#1827, patch from imorgan at
     nas nasa gov
   - djm@@cvs.openbsd.org 2010/08/31 12:24:09
     [regress/cert-hostkey.sh regress/cert-userkey.sh]
     tests for ECDSA certificates

20101011
 - (djm) [canohost.c] Zero a4 instead of addr to better match type.
   bz#1825, reported by foo AT mailinator.com
 - (djm) [sshconnect.c] Need signal.h for prototype for kill(2)

20101011
 - (djm) [configure.ac] Use = instead of == in shell tests. Patch from
   dr AT vasco.com

20101007
 - (djm) [ssh-agent.c] Fix type for curve name.
 - (djm) OpenBSD CVS Sync
   - matthew@@cvs.openbsd.org 2010/09/24 13:33:00
     [misc.c misc.h configure.ac openbsd-compat/openbsd-compat.h]
     [openbsd-compat/timingsafe_bcmp.c]
     Add timingsafe_bcmp(3) to libc, mention that it's already in the
     kernel in kern(9), and remove it from OpenSSH.
     ok deraadt@@, djm@@
     NB. re-added under openbsd-compat/ for portable OpenSSH
   - djm@@cvs.openbsd.org 2010/09/25 09:30:16
     [sftp.c configure.ac openbsd-compat/glob.c openbsd-compat/glob.h]
     make use of new glob(3) GLOB_KEEPSTAT extension to save extra server
     rountrips to fetch per-file stat(2) information.
     NB. update openbsd-compat/ glob(3) implementation from OpenBSD libc to
     match.
   - djm@@cvs.openbsd.org 2010/09/26 22:26:33
     [sftp.c]
     when performing an "ls" in columnated (short) mode, only call
     ioctl(TIOCGWINSZ) once to get the window width instead of per-
     filename
   - djm@@cvs.openbsd.org 2010/09/30 11:04:51
     [servconf.c]
     prevent free() of string in .rodata when overriding AuthorizedKeys in
     a Match block; patch from rein AT basefarm.no
   - djm@@cvs.openbsd.org 2010/10/01 23:05:32
     [cipher-3des1.c cipher-bf1.c cipher-ctr.c openbsd-compat/openssl-compat.h]
     adapt to API changes in openssl-1.0.0a
     NB. contains compat code to select correct API for older OpenSSL
   - djm@@cvs.openbsd.org 2010/10/05 05:13:18
     [sftp.c sshconnect.c]
     use default shell /bin/sh if $SHELL is ""; ok markus@@
   - djm@@cvs.openbsd.org 2010/10/06 06:39:28
     [clientloop.c ssh.c sshconnect.c sshconnect.h]
     kill proxy command on fatal() (we already kill it on clean exit);
     ok markus@@
   - djm@@cvs.openbsd.org 2010/10/06 21:10:21
     [sshconnect.c]
     swapped args to kill(2)
 - (djm) [openbsd-compat/glob.c] restore ARG_MAX compat code.
 - (djm) [cipher-acss.c] Add missing header.
 - (djm) [openbsd-compat/Makefile.in] Actually link timingsafe_bcmp

20100924
 - (djm) OpenBSD CVS Sync
   - naddy@@cvs.openbsd.org 2010/09/10 15:19:29
     [ssh-keygen.1]
     * mention ECDSA in more places
     * less repetition in FILES section
     * SSHv1 keys are still encrypted with 3DES
     help and ok jmc@@
   - djm@@cvs.openbsd.org 2010/09/11 21:44:20
     [ssh.1]
     mention RFC 5656 for ECC stuff
   - jmc@@cvs.openbsd.org 2010/09/19 21:30:05
     [sftp.1]
     more wacky macro fixing;
   - djm@@cvs.openbsd.org 2010/09/20 04:41:47
     [ssh.c]
     install a SIGCHLD handler to reap expiried child process; ok markus@@
   - djm@@cvs.openbsd.org 2010/09/20 04:50:53
     [jpake.c schnorr.c]
     check that received values are smaller than the group size in the
     disabled and unfinished J-PAKE code.
     avoids catastrophic security failure found by Sebastien Martini
   - djm@@cvs.openbsd.org 2010/09/20 04:54:07
     [jpake.c]
     missing #include
   - djm@@cvs.openbsd.org 2010/09/20 07:19:27
     [mux.c]
     "atomically" create the listening mux socket by binding it on a temorary
     name and then linking it into position after listen() has succeeded.
     this allows the mux clients to determine that the server socket is
     either ready or stale without races. stale server sockets are now
     automatically removed
     ok deraadt
   - djm@@cvs.openbsd.org 2010/09/22 05:01:30
     [kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c readconf.c readconf.h]
     [servconf.c servconf.h ssh_config.5 sshconnect2.c sshd.c sshd_config.5]
     add a KexAlgorithms knob to the client and server configuration to allow
     selection of which key exchange methods are used by ssh(1) and sshd(8)
     and their order of preference.
     ok markus@@
   - jmc@@cvs.openbsd.org 2010/09/22 08:30:08
     [ssh.1 ssh_config.5]
     ssh.1: add kexalgorithms to the -o list
     ssh_config.5: format the kexalgorithms in a more consistent
     (prettier!) way
     ok djm
   - djm@@cvs.openbsd.org 2010/09/22 22:58:51
     [atomicio.c atomicio.h misc.c misc.h scp.c sftp-client.c]
     [sftp-client.h sftp.1 sftp.c]
     add an option per-read/write callback to atomicio

     factor out bandwidth limiting code from scp(1) into a generic bandwidth
     limiter that can be attached using the atomicio callback mechanism

     add a bandwidth limit option to sftp(1) using the above
     "very nice" markus@@
   - jmc@@cvs.openbsd.org 2010/09/23 13:34:43
     [sftp.c]
     add [-l limit] to usage();
   - jmc@@cvs.openbsd.org 2010/09/23 13:36:46
     [scp.1 sftp.1]
     add KexAlgorithms to the -o list;

20100910
 - (dtucker) [openbsd-compat/port-linux.c] Check is_selinux_enabled for exact
   return code since it can apparently return -1 under some conditions.  From
   openssh bugs werbittewas de, ok djm@@
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/08/31 12:33:38
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     reintroduce commit from tedu@@, which I pulled out for release
     engineering:
       OpenSSL_add_all_algorithms is the name of the function we have a
       man page for, so use that.  ok djm
   - jmc@@cvs.openbsd.org 2010/08/31 17:40:54
     [ssh-agent.1]
     fix some macro abuse;
   - jmc@@cvs.openbsd.org 2010/08/31 21:14:58
     [ssh.1]
     small text tweak to accommodate previous;
   - naddy@@cvs.openbsd.org 2010/09/01 15:21:35
     [servconf.c]
     pick up ECDSA host key by default; ok djm@@
   - markus@@cvs.openbsd.org 2010/09/02 16:07:25
     [ssh-keygen.c]
     permit -b 256, 384 or 521 as key size for ECDSA; ok djm@@
   - markus@@cvs.openbsd.org 2010/09/02 16:08:39
     [ssh.c]
     unbreak ControlPersist=yes for ControlMaster=yes; ok djm@@
   - naddy@@cvs.openbsd.org 2010/09/02 17:21:50
     [ssh-keygen.c]
     Switch ECDSA default key size to 256 bits, which according to RFC5656
     should still be better than our current RSA-2048 default.
     ok djm@@, markus@@
   - jmc@@cvs.openbsd.org 2010/09/03 11:09:29
     [scp.1]
     add an EXIT STATUS section for /usr/bin;
   - jmc@@cvs.openbsd.org 2010/09/04 09:38:34
     [ssh-add.1 ssh.1]
     two more EXIT STATUS sections;
   - naddy@@cvs.openbsd.org 2010/09/06 17:10:19
     [sshd_config]
     add ssh_host_ecdsa_key to /etc; from Mattieu Baptiste
     <mattieu.b@@gmail.com>
     ok deraadt@@
   - djm@@cvs.openbsd.org 2010/09/08 03:54:36
     [authfile.c]
     typo
   - deraadt@@cvs.openbsd.org 2010/09/08 04:13:31
     [compress.c]
     work around name-space collisions some buggy compilers (looking at you
     gcc, at least in earlier versions, but this does not forgive your current
     transgressions) seen between zlib and openssl
     ok djm
   - djm@@cvs.openbsd.org 2010/09/09 10:45:45
     [kex.c kex.h kexecdh.c key.c key.h monitor.c ssh-ecdsa.c]
     ECDH/ECDSA compliance fix: these methods vary the hash function they use
     (SHA256/384/512) depending on the length of the curve in use. The previous
     code incorrectly used SHA256 in all cases.
     
     This fix will cause authentication failure when using 384 or 521-bit curve
     keys if one peer hasn't been upgraded and the other has. (256-bit curve
     keys work ok). In particular you may need to specify HostkeyAlgorithms
     when connecting to a server that has not been upgraded from an upgraded
     client.
     
     ok naddy@@
 - (djm) [authfd.c authfile.c bufec.c buffer.h configure.ac kex.h kexecdh.c]
   [kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c]
   [ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on
   platforms that don't have the requisite OpenSSL support. ok dtucker@@
 - (dtucker) [kex.h key.c packet.h ssh-agent.c ssh.c] A few more ECC ifdefs
   for missing headers and compiler warnings.

20100831
 - OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2010/08/08 19:36:30
     [ssh-keysign.8 ssh.1 sshd.8]
     use the same template for all FILES sections; i.e. -compact/.Pp where we
     have multiple items, and .Pa for path names;
   - tedu@@cvs.openbsd.org 2010/08/12 23:34:39
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     OpenSSL_add_all_algorithms is the name of the function we have a man page
     for, so use that.  ok djm
   - djm@@cvs.openbsd.org 2010/08/16 04:06:06
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     backout previous temporarily; discussed with deraadt@@
   - djm@@cvs.openbsd.org 2010/08/31 09:58:37
     [auth-options.c auth1.c auth2.c bufaux.c buffer.h kex.c key.c packet.c]
     [packet.h ssh-dss.c ssh-rsa.c]
     Add buffer_get_cstring() and related functions that verify that the
     string extracted from the buffer contains no embedded \0 characters*
     This prevents random (possibly malicious) crap from being appended to
     strings where it would not be noticed if the string is used with
     a string(3) function.
     
     Use the new API in a few sensitive places.
     
     * actually, we allow a single one at the end of the string for now because
     we don't know how many deployed implementations get this wrong, but don't
     count on this to remain indefinitely.
   - djm@@cvs.openbsd.org 2010/08/31 11:54:45
     [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c]
     [authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c]
     [monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c]
     [ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c]
     [ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h]
     [ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5]
     [uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c]
     Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and
     host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
     better performance than plain DH and DSA at the same equivalent symmetric
     key length, as well as much shorter keys.
     
     Only the mandatory sections of RFC5656 are implemented, specifically the
     three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and
     ECDSA. Point compression (optional in RFC5656 is NOT implemented).
     
     Certificate host and user keys using the new ECDSA key types are supported.
     
     Note that this code has not been tested for interoperability and may be
     subject to change.
     
     feedback and ok markus@@
 - (djm) [Makefile.in] Add new ECC files
 - (djm) [bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c] include
   includes.h

20100827
 - (dtucker) [contrib/redhat/sshd.init] Bug #1810: initlog is deprecated,
   remove.  Patch from martynas at venck us 

20100823
 - (djm) Release OpenSSH-5.6p1

20100816
 - (dtucker) [configure.ac openbsd-compat/Makefile.in
   openbsd-compat/openbsd-compat.h openbsd-compat/strptime.c] Add strptime to
   the compat library which helps on platforms like old IRIX.  Based on work
   by djm, tested by Tom Christensen.
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/08/12 21:49:44
     [ssh.c]
     close any extra file descriptors inherited from parent at start and
     reopen stdin/stdout to /dev/null when forking for ControlPersist.
     
     prevents tools that fork and run a captive ssh for communication from
     failing to exit when the ssh completes while they wait for these fds to
     close. The inherited fds may persist arbitrarily long if a background
     mux master has been started by ControlPersist. cvs and scp were effected
     by this.
     
     "please commit" markus@@
 - (djm) [regress/README.regress] typo

20100812
 - (tim) [regress/login-timeout.sh regress/reconfigure.sh regress/reexec.sh
   regress/test-exec.sh] Under certain conditions when testing with sudo
   tests would fail because the pidfile could not be read by a regular user.
   "cat: cannot open ...../regress/pidfile: Permission denied (error 13)"
   Make sure cat is run by $SUDO.  no objection from me. djm@@
 - (tim) [auth.c] add cast to quiet compiler. Change only affects SVR5 systems.

20100809
 - (djm) bz#1561: don't bother setting IFF_UP on tun(4) device if it is
   already set. Makes FreeBSD user openable tunnels useful; patch from
   richard.burakowski+ossh AT mrburak.net, ok dtucker@@
 - (dtucker) bug #1530: strip trailing ":" from hostname in ssh-copy-id.
   based in part on a patch from Colin Watson, ok djm@@

20100809
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/08/08 16:26:42
     [version.h]
     crank to 5.6
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Crank version numbers

20100805
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/08/04 05:37:01
     [ssh.1 ssh_config.5 sshd.8]
     Remove mentions of weird "addr/port" alternate address format for IPv6
     addresses combinations. It hasn't worked for ages and we have supported
     the more commen "[addr]:port" format for a long time. ok jmc@@ markus@@
   - djm@@cvs.openbsd.org 2010/08/04 05:40:39
     [PROTOCOL.certkeys ssh-keygen.c]
     tighten the rules for certificate encoding by requiring that options
     appear in lexical order and make our ssh-keygen comply. ok markus@@
   - djm@@cvs.openbsd.org 2010/08/04 05:42:47
     [auth.c auth2-hostbased.c authfile.c authfile.h ssh-keysign.8]
     [ssh-keysign.c ssh.c]
     enable certificates for hostbased authentication, from Iain Morgan;
     "looks ok" markus@@
   - djm@@cvs.openbsd.org 2010/08/04 05:49:22
     [authfile.c]
     commited the wrong version of the hostbased certificate diff; this
     version replaces some strlc{py,at} verbosity with xasprintf() at
     the request of markus@@
   - djm@@cvs.openbsd.org 2010/08/04 06:07:11
     [ssh-keygen.1 ssh-keygen.c]
     Support CA keys in PKCS#11 tokens; feedback and ok markus@@
   - djm@@cvs.openbsd.org 2010/08/04 06:08:40
     [ssh-keysign.c]
     clean for -Wuninitialized (Id sync only; portable had this change)
   - djm@@cvs.openbsd.org 2010/08/05 13:08:42
     [channels.c]
     Fix a trio of bugs in the local/remote window calculation for datagram
     data channels (i.e. TunnelForward):
     
     Calculate local_consumed correctly in channel_handle_wfd() by measuring
     the delta to buffer_len(c->output) from when we start to when we finish.
     The proximal problem here is that the output_filter we use in portable
     modified the length of the dequeued datagram (to futz with the headers
     for !OpenBSD).
     
     In channel_output_poll(), don't enqueue datagrams that won't fit in the
     peer's advertised packet size (highly unlikely to ever occur) or which
     won't fit in the peer's remaining window (more likely).
     
     In channel_input_data(), account for the 4-byte string header in
     datagram packets that we accept from the peer and enqueue in c->output.
     
     report, analysis and testing 2/3 cases from wierbows AT us.ibm.com;
     "looks good" markus@@

20100803
 - (dtucker) [monitor.c] Bug #1795: Initialize the values to be returned from
   PAM to sane values in case the PAM method doesn't write to them.  Spotted by
   Bitman Zhou, ok djm@@.
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/07/16 04:45:30
     [ssh-keygen.c]
     avoid bogus compiler warning
   - djm@@cvs.openbsd.org 2010/07/16 14:07:35
     [ssh-rsa.c]
     more timing paranoia - compare all parts of the expected decrypted
     data before returning. AFAIK not exploitable in the SSH protocol.
     "groovy" deraadt@@
   - djm@@cvs.openbsd.org 2010/07/19 03:16:33
     [sftp-client.c]
     bz#1797: fix swapped args in upload_dir_internal(), breaking recursive
     upload depth checks and causing verbose printing of transfers to always
     be turned on; patch from imorgan AT nas.nasa.gov
   - djm@@cvs.openbsd.org 2010/07/19 09:15:12
     [clientloop.c readconf.c readconf.h ssh.c ssh_config.5]
     add a "ControlPersist" option that automatically starts a background
     ssh(1) multiplex master when connecting. This connection can stay alive
     indefinitely, or can be set to automatically close after a user-specified
     duration of inactivity. bz#1330 - patch by dwmw2 AT infradead.org, but
     further hacked on by wmertens AT cisco.com, apb AT cequrux.com,
     martin-mindrot-bugzilla AT earth.li and myself; "looks ok" markus@@
   - djm@@cvs.openbsd.org 2010/07/21 02:10:58
     [misc.c]
     sync timingsafe_bcmp() with the one dempsky@@ committed to sys/lib/libkern
   - dtucker@@cvs.openbsd.org 2010/07/23 08:49:25
     [ssh.1]
     Ciphers is documented in ssh_config(5) these days

20100819
 - (dtucker) [contrib/ssh-copy-ud.1] Bug #1786: update ssh-copy-id.1 with more
   details about its behaviour WRT existing directories.  Patch from
   asguthrie at gmail com, ok djm.

20100716
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/07/02 04:32:44
     [misc.c]
     unbreak strdelim() skipping past quoted strings, e.g.
     AllowUsers "blah blah" blah
     was broken; report and fix in bz#1757 from bitman.zhou AT centrify.com
     ok dtucker;
   - djm@@cvs.openbsd.org 2010/07/12 22:38:52
     [ssh.c]
     Make ExitOnForwardFailure work with fork-after-authentication ("ssh -f")
     for protocol 2. ok markus@@
   - djm@@cvs.openbsd.org 2010/07/12 22:41:13
     [ssh.c ssh_config.5]
     expand %h to the hostname in ssh_config Hostname options. While this
     sounds useless, it is actually handy for working with unqualified
     hostnames:
     
     Host *.*
        Hostname %h
     Host *
        Hostname %h.example.org
     
     "I like it" markus@@
   - djm@@cvs.openbsd.org 2010/07/13 11:52:06
     [auth-rsa.c channels.c jpake.c key.c misc.c misc.h monitor.c]
     [packet.c ssh-rsa.c]
     implement a timing_safe_cmp() function to compare memory without leaking
     timing information by short-circuiting like memcmp() and use it for
     some of the more sensitive comparisons (though nothing high-value was
     readily attackable anyway); "looks ok" markus@@
   - djm@@cvs.openbsd.org 2010/07/13 23:13:16
     [auth-rsa.c channels.c jpake.c key.c misc.c misc.h monitor.c packet.c]
     [ssh-rsa.c]
     s/timing_safe_cmp/timingsafe_bcmp/g
   - jmc@@cvs.openbsd.org 2010/07/14 17:06:58
     [ssh.1]
     finally ssh synopsis looks nice again! this commit just removes a ton of
     hacks we had in place to make it work with old groff;
   - schwarze@@cvs.openbsd.org 2010/07/15 21:20:38
     [ssh-keygen.1]
     repair incorrect block nesting, which screwed up indentation;
     problem reported and fix OK by jmc@@

20100714
 - (tim) [contrib/redhat/openssh.spec] Bug 1796: Test for skip_x11_askpass
   (line 77) should have been for no_x11_askpass. 

20100702
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2010/06/26 00:57:07
     [ssh_config.5]
     tweak previous;
   - djm@@cvs.openbsd.org 2010/06/26 23:04:04
     [ssh.c]
     oops, forgot to #include <canohost.h>; spotted and patch from chl@@
   - djm@@cvs.openbsd.org 2010/06/29 23:15:30
     [ssh-keygen.1 ssh-keygen.c]
     allow import (-i) and export (-e) of PEM and PKCS#8 encoded keys;
     bz#1749; ok markus@@
   - djm@@cvs.openbsd.org 2010/06/29 23:16:46
     [auth2-pubkey.c sshd_config.5]
     allow key options (command="..." and friends) in AuthorizedPrincipals;
     ok markus@@
   - jmc@@cvs.openbsd.org 2010/06/30 07:24:25
     [ssh-keygen.1]
     tweak previous;
   - jmc@@cvs.openbsd.org 2010/06/30 07:26:03
     [ssh-keygen.c]
     sort usage();
   - jmc@@cvs.openbsd.org 2010/06/30 07:28:34
     [sshd_config.5]
     tweak previous;
   - millert@@cvs.openbsd.org 2010/07/01 13:06:59
     [scp.c]
     Fix a longstanding problem where if you suspend scp at the
     password/passphrase prompt the terminal mode is not restored.
     OK djm@@
   - phessler@@cvs.openbsd.org 2010/06/27 19:19:56
     [regress/Makefile]
     fix how we run the tests so we can successfully use SUDO='sudo -E'
     in our env
   - djm@@cvs.openbsd.org 2010/06/29 23:59:54
     [cert-userkey.sh]
     regress tests for key options in AuthorizedPrincipals

20100627
 - (tim) [openbsd-compat/port-uw.c] Reorder includes. auth-options.h now needs
   key.h.

20100626
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/05/21 05:00:36
     [misc.c]
     colon() returns char*, so s/return (0)/return NULL/
   - markus@@cvs.openbsd.org 2010/06/08 21:32:19
     [ssh-pkcs11.c]
     check length of value returned  C_GetAttributValue for != 0
     from mdrtbugzilla@@codefive.co.uk; bugzilla #1773; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/06/17 07:07:30
     [mux.c]
     Correct sizing of object to be allocated by calloc(), replacing
     sizeof(state) with sizeof(*state). This worked by accident since
     the struct contained a single int at present, but could have broken
     in the future. patch from hyc AT symas.com
   - djm@@cvs.openbsd.org 2010/06/18 00:58:39
     [sftp.c]
     unbreak ls in working directories that contains globbing characters in
     their pathnames. bz#1655 reported by vgiffin AT apple.com
   - djm@@cvs.openbsd.org 2010/06/18 03:16:03
     [session.c]
     Missing check for chroot_director == "none" (we already checked against
     NULL); bz#1564 from Jan.Pechanec AT Sun.COM
   - djm@@cvs.openbsd.org 2010/06/18 04:43:08
     [sftp-client.c]
     fix memory leak in do_realpath() error path; bz#1771, patch from
     anicka AT suse.cz
   - djm@@cvs.openbsd.org 2010/06/22 04:22:59
     [servconf.c sshd_config.5]
     expose some more sshd_config options inside Match blocks:
       AuthorizedKeysFile AuthorizedPrincipalsFile
       HostbasedUsesNameFromPacketOnly PermitTunnel
     bz#1764; feedback from imorgan AT nas.nasa.gov; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/06/22 04:32:06
     [ssh-keygen.c]
     standardise error messages when attempting to open private key
     files to include "progname: filename: error reason"
     bz#1783; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/06/22 04:49:47
     [auth.c]
     queue auth debug messages for bad ownership or permissions on the user's
     keyfiles. These messages will be sent after the user has successfully
     authenticated (where our client will display them with LogLevel=debug).
     bz#1554; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/06/22 04:54:30
     [ssh-keyscan.c]
     replace verbose and overflow-prone Linebuf code with read_keyfile_line()
     based on patch from joachim AT joachimschipper.nl; bz#1565; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/06/22 04:59:12
     [session.c]
     include the user name on "subsystem request for ..." log messages;
     bz#1571; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/06/23 02:59:02
     [ssh-keygen.c]
     fix printing of extensions in v01 certificates that I broke in r1.190
   - djm@@cvs.openbsd.org 2010/06/25 07:14:46
     [channels.c mux.c readconf.c readconf.h ssh.h]
     bz#1327: remove hardcoded limit of 100 permitopen clauses and port
     forwards per direction; ok markus@@ stevesk@@
   - djm@@cvs.openbsd.org 2010/06/25 07:20:04
     [channels.c session.c]
     bz#1750: fix requirement for /dev/null inside ChrootDirectory for
     internal-sftp accidentally introduced in r1.253 by removing the code
     that opens and dup /dev/null to stderr and modifying the channels code
     to read stderr but discard it instead; ok markus@@
   - djm@@cvs.openbsd.org 2010/06/25 08:46:17
     [auth1.c auth2-none.c]
     skip the initial check for access with an empty password when
     PermitEmptyPasswords=no; bz#1638; ok markus@@
   - djm@@cvs.openbsd.org 2010/06/25 23:10:30
     [ssh.c]
     log the hostname and address that we connected to at LogLevel=verbose
     after authentication is successful to mitigate "phishing" attacks by
     servers with trusted keys that accept authentication silently and
     automatically before presenting fake password/passphrase prompts;
     "nice!" markus@@
   - djm@@cvs.openbsd.org 2010/06/25 23:10:30
     [ssh.c]
     log the hostname and address that we connected to at LogLevel=verbose
     after authentication is successful to mitigate "phishing" attacks by
     servers with trusted keys that accept authentication silently and
     automatically before presenting fake password/passphrase prompts;
     "nice!" markus@@

20100622
 - (djm) [loginrec.c] crank LINFO_NAMESIZE (username length) to 512
   bz#1579; ok dtucker

20100618
 - (djm) [contrib/ssh-copy-id] Update key file explicitly under ~
   rather than assuming that $CWD == $HOME. bz#1500, patch from
   timothy AT gelter.com

20100617
 - (tim) [contrib/cygwin/README] Remove a reference to the obsolete
   minires-devel package, and to add the reference to the libedit-devel
   package since CYgwin now provides libedit. Patch from Corinna Vinschen.

20100521
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/05/07 11:31:26
     [regress/Makefile regress/cert-userkey.sh]
     regress tests for AuthorizedPrincipalsFile and "principals=" key option.
     feedback and ok markus@@
   - djm@@cvs.openbsd.org 2010/05/11 02:58:04
     [auth-rsa.c]
     don't accept certificates marked as "cert-authority" here; ok markus@@
   - djm@@cvs.openbsd.org 2010/05/14 00:47:22
     [ssh-add.c]
     check that the certificate matches the corresponding private key before
     grafting it on
   - djm@@cvs.openbsd.org 2010/05/14 23:29:23
     [channels.c channels.h mux.c ssh.c]
     Pause the mux channel while waiting for reply from aynch callbacks.
     Prevents misordering of replies if new requests arrive while waiting.
     
     Extend channel open confirm callback to allow signalling failure
     conditions as well as success. Use this to 1) fix a memory leak, 2)
     start using the above pause mechanism and 3) delay sending a success/
     failure message on mux slave session open until we receive a reply from
     the server.
     
     motivated by and with feedback from markus@@
   - markus@@cvs.openbsd.org 2010/05/16 12:55:51
     [PROTOCOL.mux clientloop.h mux.c readconf.c readconf.h ssh.1 ssh.c]
     mux support for remote forwarding with dynamic port allocation,
     use with
        LPORT=`ssh -S muxsocket -R0:localhost:25 -O forward somehost`
     feedback and ok djm@@
   - djm@@cvs.openbsd.org 2010/05/20 11:25:26
     [auth2-pubkey.c]
     fix logspam when key options (from="..." especially) deny non-matching
     keys; reported by henning@@ also bz#1765; ok markus@@ dtucker@@
   - djm@@cvs.openbsd.org 2010/05/20 23:46:02
     [PROTOCOL.certkeys auth-options.c ssh-keygen.c]
     Move the permit-* options to the non-critical "extensions" field for v01
     certificates. The logic is that if another implementation fails to
     implement them then the connection just loses features rather than fails
     outright.
     
     ok markus@@

20100511
 - (dtucker) [Makefile.in] Bug #1770: Link libopenbsd-compat twice to solve
   circular dependency problem on old or odd platforms.  From Tom Lane, ok
   djm@@.
 - (djm) [openbsd-compat/openssl-compat.h] Fix build breakage on older
   libcrypto by defining OPENSSL_[DR]SA_MAX_MODULUS_BITS if they aren't
   already. ok dtucker@@

20100510
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/04/23 01:47:41
     [ssh-keygen.c]
     bz#1740: display a more helpful error message when $HOME is
     inaccessible while trying to create .ssh directory. Based on patch
     from jchadima AT redhat.com; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/04/23 22:27:38
     [mux.c]
     set "detach_close" flag when registering channel cleanup callbacks.
     This causes the channel to close normally when its fds close and
     hangs when terminating a mux slave using ~. bz#1758; ok markus@@
   - djm@@cvs.openbsd.org 2010/04/23 22:42:05
     [session.c]
     set stderr to /dev/null for subsystems rather than just closing it.
     avoids hangs if a subsystem or shell initialisation writes to stderr.
     bz#1750; ok markus@@
   - djm@@cvs.openbsd.org 2010/04/23 22:48:31
     [ssh-keygen.c]
     refuse to generate keys longer than OPENSSL_[RD]SA_MAX_MODULUS_BITS,
     since we would refuse to use them anyway. bz#1516; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/04/26 22:28:24
     [sshconnect2.c]
     bz#1502: authctxt.success is declared as an int, but passed by
     reference to function that accepts sig_atomic_t*. Convert it to
     the latter; ok markus@@ dtucker@@
   - djm@@cvs.openbsd.org 2010/05/01 02:50:50
     [PROTOCOL.certkeys]
     typo; jmeltzer@@
   - dtucker@@cvs.openbsd.org 2010/05/05 04:22:09
     [sftp.c]
     restore mput and mget which got lost in the tab-completion changes.
     found by Kenneth Whitaker, ok djm@@
   - djm@@cvs.openbsd.org 2010/05/07 11:30:30
     [auth-options.c auth-options.h auth.c auth.h auth2-pubkey.c]
     [key.c servconf.c servconf.h sshd.8 sshd_config.5]
     add some optional indirection to matching of principal names listed
     in certificates. Currently, a certificate must include the a user's name
     to be accepted for authentication. This change adds the ability to
     specify a list of certificate principal names that are acceptable.
     
     When authenticating using a CA trusted through ~/.ssh/authorized_keys,
     this adds a new principals="name1[,name2,...]" key option.
     
     For CAs listed through sshd_config's TrustedCAKeys option, a new config
     option "AuthorizedPrincipalsFile" specifies a per-user file containing
     the list of acceptable names.
     
     If either option is absent, the current behaviour of requiring the
     username to appear in principals continues to apply.
     
     These options are useful for role accounts, disjoint account namespaces
     and "user@@realm"-style naming policies in certificates.
     
     feedback and ok markus@@
   - jmc@@cvs.openbsd.org 2010/05/07 12:49:17
     [sshd_config.5]
     tweak previous;

20100423
 - (dtucker) [configure.ac] Bug #1756: Check for the existence of a lib64 dir
   in the openssl install directory (some newer openssl versions do this on at
   least some amd64 platforms).

20100418
 - OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2010/04/16 06:45:01
     [ssh_config.5]
     tweak previous; ok djm
   - jmc@@cvs.openbsd.org 2010/04/16 06:47:04
     [ssh-keygen.1 ssh-keygen.c]
     tweak previous; ok djm
   - djm@@cvs.openbsd.org 2010/04/16 21:14:27
     [sshconnect.c]
     oops, %r => remote username, not %u
   - djm@@cvs.openbsd.org 2010/04/16 01:58:45
     [regress/cert-hostkey.sh regress/cert-userkey.sh]
     regression tests for v01 certificate format
     includes interop tests for v00 certs
 - (dtucker) [contrib/aix/buildbff.sh] Fix creation of ssh_prng_cmds.default
   file.

20100416
 - (djm) Release openssh-5.5p1
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/03/26 03:13:17
     [bufaux.c]
     allow buffer_get_int_ret/buffer_get_int64_ret to take a NULL pointer
     argument to allow skipping past values in a buffer
   - jmc@@cvs.openbsd.org 2010/03/26 06:54:36
     [ssh.1]
     tweak previous;
   - jmc@@cvs.openbsd.org 2010/03/27 14:26:55
     [ssh_config.5]
     tweak previous; ok dtucker
   - djm@@cvs.openbsd.org 2010/04/10 00:00:16
     [ssh.c]
     bz#1746 - suppress spurious tty warning when using -O and stdin
     is not a tty; ok dtucker@@ markus@@
   - djm@@cvs.openbsd.org 2010/04/10 00:04:30
     [sshconnect.c]
     fix terminology: we didn't find a certificate in known_hosts, we found
     a CA key
   - djm@@cvs.openbsd.org 2010/04/10 02:08:44
     [clientloop.c]
     bz#1698: kill channel when pty allocation requests fail. Fixed
     stuck client if the server refuses pty allocation.
     ok dtucker@@ "think so" markus@@
   - djm@@cvs.openbsd.org 2010/04/10 02:10:56
     [sshconnect2.c]
     show the key type that we are offering in debug(), helps distinguish
     between certs and plain keys as the path to the private key is usually
     the same.
   - djm@@cvs.openbsd.org 2010/04/10 05:48:16
     [mux.c]
     fix NULL dereference; from matthew.haub AT alumni.adelaide.edu.au
   - djm@@cvs.openbsd.org 2010/04/14 22:27:42
     [ssh_config.5 sshconnect.c]
     expand %r => remote username in ssh_config:ProxyCommand;
     ok deraadt markus
   - markus@@cvs.openbsd.org 2010/04/15 20:32:55
     [ssh-pkcs11.c]
     retry lookup for private key if there's no matching key with CKA_SIGN
     attribute enabled; this fixes fixes MuscleCard support (bugzilla #1736)
     ok djm@@
   - djm@@cvs.openbsd.org 2010/04/16 01:47:26
     [PROTOCOL.certkeys auth-options.c auth-options.h auth-rsa.c]
     [auth2-pubkey.c authfd.c key.c key.h myproposal.h ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.1 ssh-keygen.c ssh-rsa.c]
     [sshconnect.c sshconnect2.c sshd.c]
     revised certificate format ssh-{dss,rsa}-cert-v01@@openssh.com with the
     following changes:
     
     move the nonce field to the beginning of the certificate where it can
     better protect against chosen-prefix attacks on the signature hash
     
     Rename "constraints" field to "critical options"
     
     Add a new non-critical "extensions" field
     
     Add a serial number
     
     The older format is still support for authentication and cert generation
     (use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate)
     
     ok markus@@
@


1.11
log
@SVN rev 240075 on 2012-09-03 16:51:41Z by des

Upgrade OpenSSH to 6.1p1.
@
text
@d1 670
d845 1
@


1.10
log
@SVN rev 226046 on 2011-10-05 22:08:17Z by des

Upgrade to OpenSSH 5.9p1.

MFC after:	3 months
@
text
@d1 626
@


1.9
log
@SVN rev 221487 on 2011-05-05 08:08:18Z by des

Merge two upstream patches from vendor branch.  No functional changes.
@
text
@d1 6
a6 1
20110403
d8 453
a460 8
   [contrib/suse/openssh.spec] Prepare for 5.8p2 release.
 - (djm) [version.h] crank version
 - Release 5.8p2

20110329
 - (djm) [entropy.c] closefrom() before running ssh-rand-helper; leftover fds
   noticed by tmraz AT redhat.com
 
d472 7
d506 8
a1723 1

@


1.9.2.1
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/247485
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d1 1
a1 9
20120828
 - (djm) Release openssh-6.1

20120828
 - (dtucker) [openbsd-compat/bsd-cygwin_util.h] define WIN32_LEAN_AND_MEAN
   for compatibility with future mingw-w64 headers.  Patch from vinschen at
   redhat com.

20120822
d3 8
a10 1076
   [contrib/suse/openssh.spec] Update version numbers

20120731
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2012/07/06 06:38:03
     [ssh-keygen.c]
     missing full stop in usage();
   - djm@@cvs.openbsd.org 2012/07/10 02:19:15
     [servconf.c servconf.h sshd.c sshd_config]
     Turn on systrace sandboxing of pre-auth sshd by default for new installs
     by shipping a config that overrides the current UsePrivilegeSeparation=yes
     default. Make it easier to flip the default in the future by adding too.
     prodded markus@@ feedback dtucker@@ "get it in" deraadt@@
   - dtucker@@cvs.openbsd.org 2012/07/13 01:35:21
     [servconf.c]
     handle long comments in config files better.  bz#2025, ok markus
   - markus@@cvs.openbsd.org 2012/07/22 18:19:21
     [version.h]
     openssh 6.1

20120720
 - (dtucker) Import regened moduli file.

20120706
 - (djm) [sandbox-seccomp-filter.c] fallback to rlimit if seccomp filter is
   not available. Allows use of sshd compiled on host with a filter-capable
   kernel on hosts that lack the support. bz#2011 ok dtucker@@
 - (djm) [configure.ac] Recursively expand $(bindir) to ensure it has no
   unexpanded $(prefix) embedded. bz#2007 patch from nix-corp AT
   esperi.org.uk; ok dtucker@@
- (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/07/06 00:41:59
     [moduli.c ssh-keygen.1 ssh-keygen.c]
     Add options to specify starting line number and number of lines to process
     when screening moduli candidates.  This allows processing of different
     parts of a candidate moduli file in parallel.  man page help jmc@@, ok djm@@
   - djm@@cvs.openbsd.org 2012/07/06 01:37:21
     [mux.c]
     fix memory leak of passed-in environment variables and connection
     context when new session message is malformed; bz#2003 from Bert.Wesarg
     AT googlemail.com
   - djm@@cvs.openbsd.org 2012/07/06 01:47:38
     [ssh.c]
     move setting of tty_flag to after config parsing so RequestTTY options
     are correctly picked up. bz#1995 patch from przemoc AT gmail.com;
     ok dtucker@@

20120704
 - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] Add setlinebuf for
   platforms that don't have it.  "looks good" tim@@

20120703
 - (dtucker) [configure.ac] Detect platforms that can't use select(2) with
   setrlimit(RLIMIT_NOFILE, rl_zero) and disable the rlimit sandbox on those.
 - (dtucker) [configure.ac sandbox-rlimit.c] Test whether or not
   setrlimit(RLIMIT_FSIZE, rl_zero) and skip it if it's not supported.  Its
   benefit is minor, so it's not worth disabling the sandbox if it doesn't
   work.

20120702
- (dtucker) OpenBSD CVS Sync
   - naddy@@cvs.openbsd.org 2012/06/29 13:57:25
     [ssh_config.5 sshd_config.5]
     match the documented MAC order of preference to the actual one;
     ok dtucker@@
   - markus@@cvs.openbsd.org 2012/06/30 14:35:09
     [sandbox-systrace.c sshd.c]
     fix a during the load of the sandbox policies (child can still make
     the read-syscall and wait forever for systrace-answers) by replacing
     the read/write synchronisation with SIGSTOP/SIGCONT;
     report and help hshoexer@@; ok djm@@, dtucker@@
   - dtucker@@cvs.openbsd.org 2012/07/02 08:50:03
     [ssh.c]
     set interactive ToS for forwarded X11 sessions.  ok djm@@
   - dtucker@@cvs.openbsd.org 2012/07/02 12:13:26
     [ssh-pkcs11-helper.c sftp-client.c]
     fix a couple of "assigned but not used" warnings.  ok markus@@
   - dtucker@@cvs.openbsd.org 2012/07/02 14:37:06
     [regress/connect-privsep.sh]
     remove exit from end of test since it prevents reporting failure
 - (dtucker) [regress/reexec.sh regress/sftp-cmds.sh regress/test-exec.sh]
   Move cygwin detection to test-exec and use to skip reexec test on cygwin.
 - (dtucker) [regress/test-exec.sh] Correct uname for cygwin/w2k.

20120629
 - OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/06/21 00:16:07
     [addrmatch.c]
     fix strlcpy truncation check.  from carsten at debian org, ok markus
   - dtucker@@cvs.openbsd.org 2012/06/22 12:30:26
     [monitor.c sshconnect2.c]
     remove dead code following 'for (;;)' loops.
     From Steve.McClellan at radisys com, ok markus@@
   - dtucker@@cvs.openbsd.org 2012/06/22 14:36:33
     [sftp.c]
     Remove unused variable leftover from tab-completion changes.
     From Steve.McClellan at radisys com, ok markus@@
   - dtucker@@cvs.openbsd.org 2012/06/26 11:02:30
     [sandbox-systrace.c]
     Add mquery to the list of allowed syscalls for "UsePrivilegeSeparation
     sandbox" since malloc now uses it.  From johnw.mail at gmail com.
   - dtucker@@cvs.openbsd.org 2012/06/28 05:07:45
     [mac.c myproposal.h ssh_config.5 sshd_config.5]
     Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
     from draft6 of the spec and will not be in the RFC when published.  Patch
     from mdb at juniper net via bz#2023, ok markus.
   - naddy@@cvs.openbsd.org 2012/06/29 13:57:25
     [ssh_config.5 sshd_config.5]
     match the documented MAC order of preference to the actual one; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2012/05/13 01:42:32
     [regress/addrmatch.sh]
     Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests
     to match.  Feedback and ok djm@@ markus@@.
   - djm@@cvs.openbsd.org 2012/06/01 00:47:35
     [regress/multiplex.sh regress/forwarding.sh]
     append to rather than truncate test log; bz#2013 from openssh AT
     roumenpetrov.info
   - djm@@cvs.openbsd.org 2012/06/01 00:52:52
     [regress/sftp-cmds.sh]
     don't delete .* on cleanup due to unintended env expansion; pointed out in
     bz#2014 by openssh AT roumenpetrov.info
   - dtucker@@cvs.openbsd.org 2012/06/26 12:06:59
     [regress/connect-privsep.sh]
     test sandbox with every malloc option
   - dtucker@@cvs.openbsd.org 2012/06/28 05:07:45
     [regress/try-ciphers.sh regress/cipher-speed.sh]
     Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
     from draft6 of the spec and will not be in the RFC when published.  Patch
     from mdb at juniper net via bz#2023, ok markus.
 - (dtucker) [myproposal.h] Remove trailing backslash to fix compile error.
 - (dtucker) [key.c] ifdef out sha256 key types on platforms that don't have
   the required functions in libcrypto.

20120628
 - (dtucker) [openbsd-compat/getrrsetbyname-ldns.c] bz #2022: prevent null
   pointer deref in the client when built with LDNS and using DNSSEC with a
   CNAME.  Patch from gregdlg+mr at hochet info.

20120622
 - (dtucker) [contrib/cygwin/ssh-host-config] Ensure that user sshd runs as
   can logon as a service.  Patch from vinschen at redhat com.

20120620
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/12/02 00:41:56
     [mux.c]
     fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     ok dtucker@@
   - djm@@cvs.openbsd.org 2011/12/04 23:16:12
     [mux.c]
     revert:
     > revision 1.32
     > date: 2011/12/02 00:41:56;  author: djm;  state: Exp;  lines: +4 -1
     > fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     > ok dtucker@@
     it interacts badly with ControlPersist
   - djm@@cvs.openbsd.org 2012/01/07 21:11:36
     [mux.c]
     fix double-free in new session handler
     NB. Id sync only
   - djm@@cvs.openbsd.org 2012/05/23 03:28:28
     [dns.c dns.h key.c key.h ssh-keygen.c]
     add support for RFC6594 SSHFP DNS records for ECDSA key types.
     patch from bugzilla-m67 AT nulld.me in bz#1978; ok + tweak markus@@
   - djm@@cvs.openbsd.org 2012/06/01 00:49:35
     [PROTOCOL.mux]
     correct types of port numbers (integers, not strings); bz#2004 from
     bert.wesarg AT googlemail.com
   - djm@@cvs.openbsd.org 2012/06/01 01:01:22
     [mux.c]
     fix memory leak when mux socket creation fails; bz#2002 from bert.wesarg
     AT googlemail.com
   - dtucker@@cvs.openbsd.org 2012/06/18 11:43:53
     [jpake.c]
     correct sizeof usage.  patch from saw at online.de, ok deraadt
   - dtucker@@cvs.openbsd.org 2012/06/18 11:49:58
     [ssh_config.5]
     RSA instead of DSA twice.  From Steve.McClellan at radisys com
   - dtucker@@cvs.openbsd.org 2012/06/18 12:07:07
     [ssh.1 sshd.8]
     Remove mention of 'three' key files since there are now four.  From
     Steve.McClellan at radisys com.
   - dtucker@@cvs.openbsd.org 2012/06/18 12:17:18
     [ssh.1]
     Clarify description of -W.  Noted by Steve.McClellan at radisys com,
     ok jmc
   - markus@@cvs.openbsd.org 2012/06/19 18:25:28
     [servconf.c servconf.h sshd_config.5]
     sshd_config: extend Match to allow AcceptEnv and {Allow,Deny}{Users,Groups}
     this allows 'Match LocalPort 1022' combined with 'AllowUser bauer'
     ok djm@@ (back in March)
   - jmc@@cvs.openbsd.org 2012/06/19 21:35:54
     [sshd_config.5]
     tweak previous; ok markus
   - djm@@cvs.openbsd.org 2012/06/20 04:42:58
     [clientloop.c serverloop.c]
     initialise accept() backoff timer to avoid EINVAL from select(2) in
     rekeying

20120519
 - (dtucker) [configure.ac] bz#2010: fix non-portable shell construct.  Patch
   from cjwatson at debian org.
 - (dtucker) [configure.ac contrib/Makefile] bz#1996: use AC_PATH_TOOL to find
   pkg-config so it does the right thing when cross-compiling.  Patch from
   cjwatson at debian org.
- (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/05/13 01:42:32
     [servconf.h servconf.c sshd.8 sshd.c auth.c sshd_config.5]
     Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests
     to match.  Feedback and ok djm@@ markus@@.
   - dtucker@@cvs.openbsd.org 2012/05/19 06:30:30
     [sshd_config.5]
     Document PermitOpen none.  bz#2001, patch from Loganaden Velvindron

20120504
 - (dtucker) [configure.ac] Include <sys/param.h> rather than <sys/types.h>
   to fix building on some plaforms.  Fom bowman at math utah edu and
   des at des no.

20120427
 - (dtucker) [regress/addrmatch.sh] skip tests when running on a non-ipv6
   platform rather than exiting early, so that we still clean up and return
   success or failure to test-exec.sh

20120426
 - (djm) [auth-passwd.c] Handle crypt() returning NULL; from Paul Wouters
   via Niels
 - (djm) [auth-krb5.c] Save errno across calls that might modify it;
   ok dtucker@@

20120423
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2012/04/23 08:18:17
     [channels.c]
     fix function proto/source mismatch

20120422
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2012/02/29 11:21:26
     [ssh-keygen.c]
     allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@@
   - guenther@@cvs.openbsd.org 2012/03/15 03:10:27
     [session.c]
     root should always be excluded from the test for /etc/nologin instead
     of having it always enforced even when marked as ignorenologin.  This
     regressed when the logic was incompletely flipped around in rev 1.251
     ok halex@@ millert@@
   - djm@@cvs.openbsd.org 2012/03/28 07:23:22
     [PROTOCOL.certkeys]
     explain certificate extensions/crit split rationale. Mention requirement
     that each appear at most once per cert.
   - dtucker@@cvs.openbsd.org 2012/03/29 23:54:36
     [channels.c channels.h servconf.c]
     Add PermitOpen none option based on patch from Loganaden Velvindron
     (bz #1949).  ok djm@@
   - djm@@cvs.openbsd.org 2012/04/11 13:16:19
     [channels.c channels.h clientloop.c serverloop.c]
     don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
     while; ok deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2012/04/11 13:17:54
     [auth.c]
     Support "none" as an argument for AuthorizedPrincipalsFile to indicate
     no file should be read.
   - djm@@cvs.openbsd.org 2012/04/11 13:26:40
     [sshd.c]
     don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
     while; ok deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2012/04/11 13:34:17
     [ssh-keyscan.1 ssh-keyscan.c]
     now that sshd defaults to offering ECDSA keys, ssh-keyscan should also
     look for them by default; bz#1971
   - djm@@cvs.openbsd.org 2012/04/12 02:42:32
     [servconf.c servconf.h sshd.c sshd_config sshd_config.5]
     VersionAddendum option to allow server operators to append some arbitrary
     text to the SSH-... banner; ok deraadt@@ "don't care" markus@@
   - djm@@cvs.openbsd.org 2012/04/12 02:43:55
     [sshd_config sshd_config.5]
     mention AuthorizedPrincipalsFile=none default
   - djm@@cvs.openbsd.org 2012/04/20 03:24:23
     [sftp.c]
     setlinebuf(3) is more readable than setvbuf(.., _IOLBF, ...)
   - jmc@@cvs.openbsd.org 2012/04/20 16:26:22
     [ssh.1]
     use "brackets" instead of "braces", for consistency;

20120420
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Update for release 6.0
 - (djm) [README] Update URL to release notes.
 - (djm) Release openssh-6.0

20120419
 - (djm) [configure.ac] Fix compilation error on FreeBSD, whose libutil
   contains openpty() but not login()

20120404
 - (djm) [Makefile.in configure.ac sandbox-seccomp-filter.c] Add sandbox
   mode for Linux's new seccomp filter; patch from Will Drewry; feedback
   and ok dtucker@@

20120330
 - (dtucker) [contrib/redhat/openssh.spec] Bug #1992: remove now-gone WARNING
   file from spec file.  From crighter at nuclioss com.
 - (djm) [entropy.c] bz#1991: relax OpenSSL version test to allow running
   openssh binaries on a newer fix release than they were compiled on.
   with and ok dtucker@@
 - (djm) [openbsd-compat/bsd-cygwin_util.h] #undef _WIN32 to avoid incorrect
   assumptions when building on Cygwin; patch from Corinna Vinschen

20120309
 - (djm) [openbsd-compat/port-linux.c] bz#1960: fix crash on SELinux 
   systems where sshd is run in te wrong context. Patch from Sven
   Vermeulen; ok dtucker@@
 - (djm) [packet.c] bz#1963: Fix IPQoS not being set on non-mapped v4-in-v6
   addressed connections. ok dtucker@@

20120224
 - (dtucker) [audit-bsm.c configure.ac] bug #1968: enable workarounds for BSM
   audit breakage in Solaris 11.  Patch from Magnus Johansson.

20120215
 - (tim) [openbsd-compat/bsd-misc.h sshd.c] Fix conflicting return type for
   unsetenv due to rev 1.14 change to setenv.c. Cast unsetenv to void in sshd.c
   ok dtucker@@
 - (tim) [defines.h] move chunk introduced in 1.125 before MAXPATHLEN so
   it actually works.
 - (tim) [regress/keytype.sh] stderr redirection needs to be inside back quote
   to work. Spotted by Angel Gonzalez

20120214
 - (djm) [openbsd-compat/bsd-cygwin_util.c] Add PROGRAMFILES to list of
   preserved Cygwin environment variables; from Corinna Vinschen

20120211
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2012/01/05 00:16:56
     [monitor.c]
     memleak on error path
   - djm@@cvs.openbsd.org 2012/01/07 21:11:36
     [mux.c]
     fix double-free in new session handler
   - miod@@cvs.openbsd.org 2012/01/08 13:17:11
     [ssh-ecdsa.c]
     Fix memory leak in ssh_ecdsa_verify(); from Loganaden Velvindron,
     ok markus@@
   - miod@@cvs.openbsd.org 2012/01/16 20:34:09
     [ssh-pkcs11-client.c]
     Fix a memory leak in pkcs11_rsa_private_encrypt(), reported by Jan Klemkow.
     While there, be sure to buffer_clear() between send_msg() and recv_msg().
     ok markus@@
   - dtucker@@cvs.openbsd.org 2012/01/18 21:46:43
     [clientloop.c]
     Ensure that $DISPLAY contains only valid characters before using it to
     extract xauth data so that it can't be used to play local shell
     metacharacter games.  Report from r00t_ati at ihteam.net, ok markus.
   - markus@@cvs.openbsd.org 2012/01/25 19:26:43
     [packet.c]
     do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying;
     ok dtucker@@, djm@@
   - markus@@cvs.openbsd.org 2012/01/25 19:36:31
     [authfile.c]
     memleak in key_load_file(); from Jan Klemkow
   - markus@@cvs.openbsd.org 2012/01/25 19:40:09
     [packet.c packet.h]
     packet_read_poll() is not used anymore.
   - markus@@cvs.openbsd.org 2012/02/09 20:00:18
     [version.h]
     move from 6.0-beta to 6.0

20120206
 - (djm) [ssh-keygen.c] Don't fail in do_gen_all_hostkeys on platforms
   that don't support ECC. Patch from Phil Oleson

20111219
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/12/02 00:41:56
     [mux.c]
     fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     ok dtucker@@
   - djm@@cvs.openbsd.org 2011/12/02 00:43:57
     [mac.c]
     fix bz#1934: newer OpenSSL versions will require HMAC_CTX_Init before
     HMAC_init (this change in policy seems insane to me)
     ok dtucker@@
   - djm@@cvs.openbsd.org 2011/12/04 23:16:12
     [mux.c]
     revert:
     > revision 1.32
     > date: 2011/12/02 00:41:56;  author: djm;  state: Exp;  lines: +4 -1
     > fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     > ok dtucker@@
     it interacts badly with ControlPersist
   - djm@@cvs.openbsd.org 2011/12/07 05:44:38
     [auth2.c dh.c packet.c roaming.h roaming_client.c roaming_common.c]
     fix some harmless and/or unreachable int overflows;
     reported Xi Wang, ok markus@@

20111125
 - OpenBSD CVS Sync
   - oga@@cvs.openbsd.org 2011/11/16 12:24:28
     [sftp.c]
     Don't leak list in complete_cmd_parse if there are no commands found.
     Discovered when I was ``borrowing'' this code for something else.
     ok djm@@

20111121
 - (dtucker) [configure.ac] Set _FORTIFY_SOURCE.  ok djm@@

20111104
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/10/18 05:15:28
     [ssh.c]
     ssh(1): skip attempting to create ~/.ssh when -F is passed; ok markus@@
   - djm@@cvs.openbsd.org 2011/10/18 23:37:42
     [ssh-add.c]
     add -k to usage(); reminded by jmc@@
   - djm@@cvs.openbsd.org 2011/10/19 00:06:10
     [moduli.c]
     s/tmpfile/tmp/ to make this -Wshadow clean
   - djm@@cvs.openbsd.org 2011/10/19 10:39:48
     [umac.c]
     typo in comment; patch from Michael W. Bombardieri
   - djm@@cvs.openbsd.org 2011/10/24 02:10:46
     [ssh.c]
     bz#1943: unbreak stdio forwarding when ControlPersist is in user - ssh
     was incorrectly requesting the forward in both the control master and
     slave. skip requesting it in the master to fix. ok markus@@
   - djm@@cvs.openbsd.org 2011/10/24 02:13:13
     [session.c]
     bz#1859: send tty break to pty master instead of (probably already
     closed) slave side; "looks good" markus@@
   - dtucker@@cvs.openbsd.org 011/11/04 00:09:39
     [moduli]
     regenerated moduli file; ok deraadt
 - (dtucker) [INSTALL LICENCE configure.ac openbsd-compat/Makefile.in
   openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/getrrsetbyname.c]
   bz 1320: Add optional support for LDNS, a BSD licensed DNS resolver library
   which supports DNSSEC.  Patch from Simon Vallet (svallet at genoscope cns fr)
   with some rework from myself and djm.  ok djm.

20111025
 - (dtucker) [contrib/cygwin/Makefile] Continue if installing a doc file
   fails.  Patch from Corinna Vinschen.

20111018
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/10/04 14:17:32
     [sftp-glob.c]
     silence error spam for "ls */foo" in directory with files; bz#1683
   - dtucker@@cvs.openbsd.org 2011/10/16 11:02:46
     [moduli.c ssh-keygen.1 ssh-keygen.c]
     Add optional checkpoints for moduli screening.  feedback & ok deraadt
   - jmc@@cvs.openbsd.org 2011/10/16 15:02:41
     [ssh-keygen.c]
     put -K in the right place (usage());
   - stsp@@cvs.openbsd.org 2011/10/16 15:51:39
     [moduli.c]
     add missing includes to unbreak tree; fix from rpointel
   - djm@@cvs.openbsd.org 2011/10/18 04:58:26
     [auth-options.c key.c]
     remove explict search for \0 in packet strings, this job is now done
     implicitly by buffer_get_cstring; ok markus
   - djm@@cvs.openbsd.org 2011/10/18 05:00:48
     [ssh-add.1 ssh-add.c]
     new "ssh-add -k" option to load plain keys (skipping certificates);
     "looks ok" markus@@

20111001
 - (dtucker) [openbsd-compat/mktemp.c] Fix compiler warning.  ok djm
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2011/09/23 00:22:04
     [channels.c auth-options.c servconf.c channels.h sshd.8]
     Add wildcard support to PermitOpen, allowing things like "PermitOpen
     localhost:*".  bz #1857, ok djm markus.
   - markus@@cvs.openbsd.org 2011/09/23 07:45:05
     [mux.c readconf.h channels.h compat.h compat.c ssh.c readconf.c channels.c
     version.h]
     unbreak remote portforwarding with dynamic allocated listen ports:
     1) send the actual listen port in the open message (instead of 0).
        this allows multiple forwardings with a dynamic listen port
     2) update the matching permit-open entry, so we can identify where
        to connect to
     report: den at skbkontur.ru and P. Szczygielski
     feedback and ok djm@@
   - djm@@cvs.openbsd.org 2011/09/25 05:44:47
     [auth2-pubkey.c]
     improve the AuthorizedPrincipalsFile debug log message to include
     file and line number
   - dtucker@@cvs.openbsd.org 2011/09/30 00:47:37
     [sshd.c]
     don't attempt privsep cleanup when not using privsep; ok markus@@
   - djm@@cvs.openbsd.org 2011/09/30 21:22:49
     [sshd.c]
     fix inverted test that caused logspam; spotted by henning@@

20110929
 - (djm) [configure.ac defines.h] No need to detect sizeof(char); patch
   from des AT des.no
 - (dtucker) [configure.ac openbsd-compat/Makefile.in
   openbsd-compat/strnlen.c] Add strnlen to the compat library.

20110923
 - (djm) [openbsd-compat/getcwd.c] Remove OpenBSD rcsid marker since we no
   longer want to sync this file (OpenBSD uses a __getcwd syscall now, we
   want this longhand version)
 - (djm) [openbsd-compat/getgrouplist.c] Remove OpenBSD rcsid marker: the
   upstream version is YPified and we don't want this
 - (djm) [openbsd-compat/mktemp.c] forklift upgrade to -current version.
   The file was totally rewritten between what we had in tree and -current.
 - (djm) [openbsd-compat/sha2.c openbsd-compat/sha2.h] Remove OpenBSD rcsid
   marker. The upstream API has changed (function and structure names)
   enough to put it out of sync with other providers of this interface.
 - (djm) [openbsd-compat/setenv.c] Forklift upgrade, including inclusion
   of static __findenv() function from upstream setenv.c
 - OpenBSD CVS Sync
   - millert@@cvs.openbsd.org 2006/05/05 15:27:38
     [openbsd-compat/strlcpy.c]
     Convert do {} while loop -> while {} for clarity.  No binary change
     on most architectures.  From Oliver Smith.  OK deraadt@@ and henning@@
   - tobias@@cvs.openbsd.org 2007/10/21 11:09:30
     [openbsd-compat/mktemp.c]
     Comment fix about time consumption of _gettemp.
     FreeBSD did this in revision 1.20.
     OK deraadt@@, krw@@
   - deraadt@@cvs.openbsd.org 2008/07/22 21:47:45
     [openbsd-compat/mktemp.c]
     use arc4random_uniform(); ok djm millert
   - millert@@cvs.openbsd.org 2008/08/21 16:54:44
     [openbsd-compat/mktemp.c]
     Remove useless code, the kernel will set errno appropriately if an
     element in the path does not exist.  OK deraadt@@ pvalchev@@
   - otto@@cvs.openbsd.org 2008/12/09 19:38:38
     [openbsd-compat/inet_ntop.c]
     fix inet_ntop(3) prototype; ok millert@@ libc to be bumbed very soon

20110922
 - OpenBSD CVS Sync
   - pyr@@cvs.openbsd.org 2011/05/12 07:15:10
     [openbsd-compat/glob.c]
     When the max number of items for a directory has reached GLOB_LIMIT_READDIR
     an error is returned but closedir() is not called.
     spotted and fix provided by Frank Denis obsd-tech@@pureftpd.org
     ok otto@@, millert@@
   - stsp@@cvs.openbsd.org 2011/09/20 10:18:46
     [glob.c]
     In glob(3), limit recursion during matching attempts. Similar to
     fnmatch fix. Also collapse consecutive '*' (from NetBSD).
     ok miod deraadt
   - djm@@cvs.openbsd.org 2011/09/22 06:27:29
     [glob.c]
     fix GLOB_KEEPSTAT without GLOB_NOSORT; the implicit sort was being
     applied only to the gl_pathv vector and not the corresponding gl_statv
     array. reported in OpenSSH bz#1935; feedback and okay matthew@@
   - djm@@cvs.openbsd.org 2011/08/26 01:45:15
     [ssh.1]
     Add some missing ssh_config(5) options that can be used in ssh(1)'s
     -o argument. Patch from duclare AT guu.fi
   - djm@@cvs.openbsd.org 2011/09/05 05:56:13
     [scp.1 sftp.1]
     mention ControlPersist and KbdInteractiveAuthentication in the -o
     verbiage in these pages too (prompted by jmc@@)
   - djm@@cvs.openbsd.org 2011/09/05 05:59:08
     [misc.c]
     fix typo in IPQoS parsing: there is no "AF14" class, but there is
     an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
   - jmc@@cvs.openbsd.org 2011/09/05 07:01:44
     [scp.1]
     knock out a useless Ns;
   - deraadt@@cvs.openbsd.org 2011/09/07 02:18:31
     [ssh-keygen.1]
     typo (they vs the) found by Lawrence Teo
   - djm@@cvs.openbsd.org 2011/09/09 00:43:00
     [ssh_config.5 sshd_config.5]
     fix typo in IPQoS parsing: there is no "AF14" class, but there is
     an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
   - djm@@cvs.openbsd.org 2011/09/09 00:44:07
     [PROTOCOL.mux]
     MUX_C_CLOSE_FWD includes forward type in message (though it isn't
     implemented anyway)
   - djm@@cvs.openbsd.org 2011/09/09 22:37:01
     [scp.c]
     suppress adding '--' to remote commandlines when the first argument
     does not start with '-'. saves breakage on some difficult-to-upgrade
     embedded/router platforms; feedback & ok dtucker ok markus
   - djm@@cvs.openbsd.org 2011/09/09 22:38:21
     [sshd.c]
     kill the preauth privsep child on fatal errors in the monitor;
     ok markus@@
   - djm@@cvs.openbsd.org 2011/09/09 22:46:44
     [channels.c channels.h clientloop.h mux.c ssh.c]
     support for cancelling local and remote port forwards via the multiplex
     socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@@host" to request
     the cancellation of the specified forwardings; ok markus@@
   - markus@@cvs.openbsd.org 2011/09/10 22:26:34
     [channels.c channels.h clientloop.c ssh.1]
     support cancellation of local/dynamic forwardings from ~C commandline;
     ok & feedback djm@@
   - okan@@cvs.openbsd.org 2011/09/11 06:59:05
     [ssh.1]
     document new -O cancel command; ok djm@@
   - markus@@cvs.openbsd.org 2011/09/11 16:07:26
     [sftp-client.c]
     fix leaks in do_hardlink() and do_readlink(); bz#1921
     from Loganaden Velvindron
   - markus@@cvs.openbsd.org 2011/09/12 08:46:15
     [sftp-client.c]
     fix leak in do_lsreaddir(); ok djm
   - djm@@cvs.openbsd.org 2011/09/22 06:29:03
     [sftp.c]
     don't let remote_glob() implicitly sort its results in do_globbed_ls() -
     in all likelihood, they will be resorted anyway

20110909
 - (dtucker) [entropy.h] Bug #1932: remove old definition of init_rng.  From
   Colin Watson.

20110906
 - (djm) [README version.h] Correct version
 - (djm) [contrib/redhat/openssh.spec] Correct restorcon => restorecon
 - (djm) Respin OpenSSH-5.9p1 release

20110905
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Update version numbers.

20110904
 - (djm) [regress/connect-privsep.sh regress/test-exec.sh] demote fatal
   regress errors for the sandbox to warnings. ok tim dtucker
 - (dtucker) [ssh-keygen.c ssh-pkcs11.c] Bug #1929: add null implementations
   ofsh-pkcs11.cpkcs_init and pkcs_terminate for building without dlopen
   support.

20110829
 - (djm) [openbsd-compat/port-linux.c] Suppress logging when attempting
   to switch SELinux context away from unconfined_t, based on patch from
   Jan Chadima; bz#1919 ok dtucker@@

20110827
 - (dtucker) [auth-skey.c] Add log.h to fix build --with-skey.

20110818
 - (tim) [configure.ac] Typo in error message spotted by Andy Tsouladze

20110817
 - (tim) [mac.c myproposal.h] Wrap SHA256 and SHA512 in ifdefs for
   OpenSSL 0.9.7. ok djm
 - (djm) [ openbsd-compat/bsd-cygwin_util.c openbsd-compat/bsd-cygwin_util.h]
   binary_pipe is no longer required on Cygwin; patch from Corinna Vinschen
 - (djm) [configure.ac] error out if the host lacks the necessary bits for
   an explicitly requested sandbox type
 - (djm) [contrib/ssh-copy-id] Missing backlslash; spotted by
   bisson AT archlinux.org
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2011/06/03 05:35:10
     [regress/cfgmatch.sh]
     use OBJ to find test configs, patch from Tim Rice
   - markus@@cvs.openbsd.org 2011/06/30 22:44:43
     [regress/connect-privsep.sh]
     test with sandbox enabled; ok djm@@
   - djm@@cvs.openbsd.org 2011/08/02 01:23:41
     [regress/cipher-speed.sh regress/try-ciphers.sh]
     add SHA256/SHA512 based HMAC modes
 - (djm) [regress/cipher-speed.sh regress/try-ciphers.sh] disable HMAC-SHA2
   MAC tests for platforms that hack EVP_SHA2 support

20110812
 - (dtucker) [openbsd-compat/port-linux.c] Bug 1924: Improve selinux context
   change error by reporting old and new context names  Patch from
   jchadima at redhat.
 - (djm) [contrib/redhat/openssh.spec contrib/redhat/sshd.init]
   [contrib/suse/openssh.spec contrib/suse/rc.sshd] Updated RHEL and SLES
   init scrips from imorgan AT nas.nasa.gov; bz#1920
 - (djm) [contrib/ssh-copy-id] Fix failure for cases where the path to the
   identify file contained whitespace. bz#1828 patch from gwenael.lambrouin
   AT gmail.com; ok dtucker@@

20110807
 - (dtucker) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2008/06/26 06:59:39
     [moduli.5]
     tweak previous;
   - sobrado@@cvs.openbsd.org 2009/10/28 08:56:54
     [moduli.5]
     "Diffie-Hellman" is the usual spelling for the cryptographic protocol
     first published by Whitfield Diffie and Martin Hellman in 1976.
     ok jmc@@
   - jmc@@cvs.openbsd.org 2010/10/14 20:41:28
     [moduli.5]
     probabalistic -> probabilistic; from naddy
   - dtucker@@cvs.openbsd.org 2011/08/07 12:55:30
     [sftp.1]
     typo, fix from Laurent Gautrot

20110805
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/06/23 23:35:42
     [monitor.c]
     ignore EINTR errors from poll()
   - tedu@@cvs.openbsd.org 2011/07/06 18:09:21
     [authfd.c]
     bzero the agent address.  the kernel was for a while very cranky about
     these things.  evne though that's fixed, always good to initialize
     memory.  ok deraadt djm
   - djm@@cvs.openbsd.org 2011/07/29 14:42:45
     [sandbox-systrace.c]
     fail open(2) with EPERM rather than SIGKILLing the whole process. libc
     will call open() to do strerror() when NLS is enabled;
     feedback and ok markus@@
   - markus@@cvs.openbsd.org 2011/08/01 19:18:15
     [gss-serv.c]
     prevent post-auth resource exhaustion (int overflow leading to 4GB malloc);
     report Adam Zabrock; ok djm@@, deraadt@@
   - djm@@cvs.openbsd.org 2011/08/02 01:22:11
     [mac.c myproposal.h ssh.1 ssh_config.5 sshd.8 sshd_config.5]
     Add new SHA256 and SHA512 based HMAC modes from
     http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt
     Patch from mdb AT juniper.net; feedback and ok markus@@
   - djm@@cvs.openbsd.org 2011/08/02 23:13:01
     [version.h]
     crank now, release later
   - djm@@cvs.openbsd.org 2011/08/02 23:15:03
     [ssh.c]
     typo in comment

20110624
 - (djm) [configure.ac Makefile.in sandbox-darwin.c] Add a sandbox for
   Darwin/OS X using sandbox_init() + setrlimit(); feedback and testing
   markus@@

20110623
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/06/22 21:47:28
     [servconf.c]
     reuse the multistate option arrays to pretty-print options for "sshd -T"
   - djm@@cvs.openbsd.org 2011/06/22 21:57:01
     [servconf.c servconf.h sshd.c sshd_config.5]
     [configure.ac Makefile.in]
     introduce sandboxing of the pre-auth privsep child using systrace(4).
     
     This introduces a new "UsePrivilegeSeparation=sandbox" option for
     sshd_config that applies mandatory restrictions on the syscalls the
     privsep child can perform. This prevents a compromised privsep child
     from being used to attack other hosts (by opening sockets and proxying)
     or probing local kernel attack surface.
     
     The sandbox is implemented using systrace(4) in unsupervised "fast-path"
     mode, where a list of permitted syscalls is supplied. Any syscall not
     on the list results in SIGKILL being sent to the privsep child. Note
     that this requires a kernel with the new SYSTR_POLICY_KILL option.
     
     UsePrivilegeSeparation=sandbox will become the default in the future
     so please start testing it now.
     
     feedback dtucker@@; ok markus@@
   - djm@@cvs.openbsd.org 2011/06/22 22:08:42
     [channels.c channels.h clientloop.c clientloop.h mux.c ssh.c]
     hook up a channel confirm callback to warn the user then requested X11
     forwarding was refused by the server; ok markus@@
   - djm@@cvs.openbsd.org 2011/06/23 09:34:13
     [sshd.c ssh-sandbox.h sandbox.h sandbox-rlimit.c sandbox-systrace.c]
     [sandbox-null.c]
     rename sandbox.h => ssh-sandbox.h to make things easier for portable
 - (djm) [sandbox-null.c] Dummy sandbox for platforms that don't support
   setrlimit(2)

20110620
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/06/04 00:10:26
     [ssh_config.5]
     explain IdentifyFile's semantics a little better, prompted by bz#1898
     ok dtucker jmc
   - markus@@cvs.openbsd.org 2011/06/14 22:49:18
     [authfile.c]
     make sure key_parse_public/private_rsa1() no longer consumes its input
     buffer.  fixes ssh-add for passphrase-protected ssh1-keys;
     noted by naddy@@; ok djm@@
   - djm@@cvs.openbsd.org 2011/06/17 21:44:31
     [log.c log.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h sshd.c]
     make the pre-auth privsep slave log via a socketpair shared with the
     monitor rather than /var/empty/dev/log; ok dtucker@@ deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2011/06/17 21:46:16
     [sftp-server.c]
     the protocol version should be unsigned; bz#1913 reported by mb AT
     smartftp.com
   - djm@@cvs.openbsd.org 2011/06/17 21:47:35
     [servconf.c]
     factor out multi-choice option parsing into a parse_multistate label
     and some support structures; ok dtucker@@
   - djm@@cvs.openbsd.org 2011/06/17 21:57:25
     [clientloop.c]
     setproctitle for a mux master that has been gracefully stopped;
     bz#1911 from Bert.Wesarg AT googlemail.com

20110603
 - (dtucker) [README version.h contrib/caldera/openssh.spec
   contrib/redhat/openssh.spec contrib/suse/openssh.spec] Pull the version
   bumps from the 5.8p2 branch into HEAD.  ok djm.
 - (tim) [configure.ac defines.h] Run test program to detect system mail
   directory. Add --with-maildir option to override. Fixed OpenServer 6
   getting it wrong. Fixed many systems having MAIL=/var/mail//username
   ok dtucker
 - (dtucker) [monitor.c] Remove the !HAVE_SOCKETPAIR case.  We use socketpair
   unconditionally in other places and the survey data we have does not show
   any systems that use it.  "nuke it" djm@@
 - (djm) [configure.ac] enable setproctitle emulation for OS X
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/06/03 00:54:38
     [ssh.c]
     bz#1883 - setproctitle() to identify mux master; patch from Bert.Wesarg
     AT googlemail.com; ok dtucker@@
     NB. includes additional portability code to enable setproctitle emulation
     on platforms that don't support it.
   - dtucker@@cvs.openbsd.org 2011/06/03 01:37:40
     [ssh-agent.c]
     Check current parent process ID against saved one to determine if the parent
     has exited, rather than attempting to send a zero signal, since the latter
     won't work if the parent has changed privs.  bz#1905, patch from Daniel Kahn
     Gillmor, ok djm@@
    - dtucker@@cvs.openbsd.org 2011/05/31 02:01:58
     [regress/dynamic-forward.sh]
     back out revs 1.6 and 1.5 since it's not reliable
   - dtucker@@cvs.openbsd.org 2011/05/31 02:03:34
     [regress/dynamic-forward.sh]
     work around startup and teardown races; caught by deraadt
   - dtucker@@cvs.openbsd.org 2011/06/03 00:29:52
     [regress/dynamic-forward.sh]
     Retry establishing the port forwarding after a small delay, should make
     the tests less flaky when the previous test is slow to shut down and free
     up the port.
 - (tim) [regress/cfgmatch.sh] Build/test out of tree fix.

20110529
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/05/23 03:30:07
     [auth-rsa.c auth.c auth.h auth2-pubkey.c monitor.c monitor_wrap.c]
     [pathnames.h servconf.c servconf.h sshd.8 sshd_config sshd_config.5]
     allow AuthorizedKeysFile to specify multiple files, separated by spaces.
     Bring back authorized_keys2 as a default search path (to avoid breaking
     existing users of this file), but override this in sshd_config so it will
     be no longer used on fresh installs. Maybe in 2015 we can remove it
     entierly :)
     
     feedback and ok markus@@ dtucker@@
   - djm@@cvs.openbsd.org 2011/05/23 03:33:38
     [auth.c]
     make secure_filename() spam debug logs less
   - djm@@cvs.openbsd.org 2011/05/23 03:52:55
     [sshconnect.c]
     remove extra newline
   - jmc@@cvs.openbsd.org 2011/05/23 07:10:21
     [sshd.8 sshd_config.5]
     tweak previous; ok djm
   - djm@@cvs.openbsd.org 2011/05/23 07:24:57
     [authfile.c]
     read in key comments for v.2 keys (though note that these are not
     passed over the agent protocol); bz#439, based on patch from binder
     AT arago.de; ok markus@@
   - djm@@cvs.openbsd.org 2011/05/24 07:15:47
     [readconf.c readconf.h ssh.c ssh_config.5 sshconnect.c sshconnect2.c]
     Remove undocumented legacy options UserKnownHostsFile2 and
     GlobalKnownHostsFile2 by making UserKnownHostsFile/GlobalKnownHostsFile
     accept multiple paths per line and making their defaults include
     known_hosts2; ok markus
   - djm@@cvs.openbsd.org 2011/05/23 03:31:31
     [regress/cfgmatch.sh]
     include testing of multiple/overridden AuthorizedKeysFiles
     refactor to simply daemon start/stop and get rid of racy constructs

20110520
 - (djm) [session.c] call setexeccon() before executing passwd for pw
   changes; bz#1891 reported by jchadima AT redhat.com; ok dtucker@@
 - (djm) [aclocal.m4 configure.ac] since gcc-4.x ignores all -Wno-options
   options, we should corresponding -W-option when trying to determine
   whether it is accepted.  Also includes a warning fix on the program
   fragment uses (bad main() return type).
   bz#1900 and bz#1901 reported by g.esp AT free.fr; ok dtucker@@
 - (djm) [servconf.c] remove leftover droppings of AuthorizedKeysFile2
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/05/15 08:09:01
     [authfd.c monitor.c serverloop.c]
     use FD_CLOEXEC consistently; patch from zion AT x96.org
   - djm@@cvs.openbsd.org 2011/05/17 07:13:31
     [key.c]
     fatal() if asked to generate a legacy ECDSA cert (these don't exist)
     and fix the regress test that was trying to generate them :)
   - djm@@cvs.openbsd.org 2011/05/20 00:55:02
     [servconf.c]
     the options TrustedUserCAKeys, RevokedKeysFile, AuthorizedKeysFile
     and AuthorizedPrincipalsFile were not being correctly applied in
     Match blocks, despite being overridable there; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2011/05/20 02:00:19
     [servconf.c]
     Add comment documenting what should be after the preauth check.  ok djm
   - djm@@cvs.openbsd.org 2011/05/20 03:25:45
     [monitor.c monitor_wrap.c servconf.c servconf.h]
     use a macro to define which string options to copy between configs
     for Match. This avoids problems caused by forgetting to keep three
     code locations in perfect sync and ordering
     
     "this is at once beautiful and horrible" + ok dtucker@@
   - djm@@cvs.openbsd.org 2011/05/17 07:13:31
     [regress/cert-userkey.sh]
     fatal() if asked to generate a legacy ECDSA cert (these don't exist)
     and fix the regress test that was trying to generate them :)
   - djm@@cvs.openbsd.org 2011/05/20 02:43:36
     [cert-hostkey.sh]
     another attempt to generate a v00 ECDSA key that broke the test
     ID sync only - portable already had this somehow
   - dtucker@@cvs.openbsd.org 2011/05/20 05:19:50
     [dynamic-forward.sh]
     Prevent races in dynamic forwarding test; ok djm
   - dtucker@@cvs.openbsd.org 2011/05/20 06:32:30
     [dynamic-forward.sh]
     fix dumb error in dynamic-forward test

20110515
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/05/05 05:12:08
     [mux.c]
     gracefully fall back when ControlPath is too large for a
     sockaddr_un. ok markus@@ as part of a larger diff
   - dtucker@@cvs.openbsd.org 2011/05/06 01:03:35
     [sshd_config]
     clarify language about overriding defaults.  bz#1892, from Petr Cerny
   - djm@@cvs.openbsd.org 2011/05/06 01:09:53
     [sftp.1]
     mention that IPv6 addresses must be enclosed in square brackets;
     bz#1845
   - djm@@cvs.openbsd.org 2011/05/06 02:05:41
     [sshconnect2.c]
     fix memory leak; bz#1849 ok dtucker@@
   - djm@@cvs.openbsd.org 2011/05/06 21:14:05
     [packet.c packet.h]
     set traffic class for IPv6 traffic as we do for IPv4 TOS;
     patch from lionel AT mamane.lu via Colin Watson in bz#1855;
     ok markus@@
   - djm@@cvs.openbsd.org 2011/05/06 21:18:02
     [ssh.c ssh_config.5]
     add a %L expansion (short-form of the local host name) for ControlPath;
     sync some more expansions with LocalCommand; ok markus@@
   - djm@@cvs.openbsd.org 2011/05/06 21:31:38
     [readconf.c ssh_config.5]
     support negated Host matching, e.g.
     
     Host *.example.org !c.example.org
        User mekmitasdigoat
     
     Will match "a.example.org", "b.example.org", but not "c.example.org"
     ok markus@@
   - djm@@cvs.openbsd.org 2011/05/06 21:34:32
     [clientloop.c mux.c readconf.c readconf.h ssh.c ssh_config.5]
     Add a RequestTTY ssh_config option to allow configuration-based
     control over tty allocation (like -t/-T); ok markus@@
   - djm@@cvs.openbsd.org 2011/05/06 21:38:58
     [ssh.c]
     fix dropping from previous diff
   - djm@@cvs.openbsd.org 2011/05/06 22:20:10
     [PROTOCOL.mux]
     fix numbering; from bert.wesarg AT googlemail.com
   - jmc@@cvs.openbsd.org 2011/05/07 23:19:39
     [ssh_config.5]
     - tweak previous
     - come consistency fixes
     ok djm
   - jmc@@cvs.openbsd.org 2011/05/07 23:20:25
     [ssh.1]
     +.It RequestTTY
   - djm@@cvs.openbsd.org 2011/05/08 12:52:01
     [PROTOCOL.mux clientloop.c clientloop.h mux.c]
     improve our behaviour when TTY allocation fails: if we are in
     RequestTTY=auto mode (the default), then do not treat at TTY
     allocation error as fatal but rather just restore the local TTY
     to cooked mode and continue. This is more graceful on devices that
     never allocate TTYs.
     
     If RequestTTY is set to "yes" or "force", then failure to allocate
     a TTY is fatal.
     
     ok markus@@
   - djm@@cvs.openbsd.org 2011/05/10 05:46:46
     [authfile.c]
     despam debug() logs by detecting that we are trying to load a private key
     in key_try_load_public() and returning early; ok markus@@
   - djm@@cvs.openbsd.org 2011/05/11 04:47:06
     [auth.c auth.h auth2-pubkey.c pathnames.h servconf.c servconf.h]
     remove support for authorized_keys2; it is a relic from the early days
     of protocol v.2 support and has been undocumented for many years;
     ok markus@@
   - djm@@cvs.openbsd.org 2011/05/13 00:05:36
     [authfile.c]
     warn on unexpected key type in key_parse_private_type()
 - (djm) [packet.c] unbreak portability #endif

20110510
 - (dtucker) [openbsd-compat/openssl-compat.{c,h}] Bug #1882: fix
   --with-ssl-engine which was broken with the change from deprecated
   SSLeay_add_all_algorithms().  ok djm

20110506
 - (dtucker) [openbsd-compat/regress/closefromtest.c] Bug #1875: add prototype
   for closefrom() in test code.  Report from Dan Wallis via Gentoo.

20110505
 - (djm) [defines.h] Move up include of netinet/ip.h for IPTOS
   definitions. From des AT des.no
 - (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac]
   [entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c]
   [ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c]
   [ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh]
   [regress/README.regress] Remove ssh-rand-helper and all its
   tentacles. PRNGd seeding has been rolled into entropy.c directly.
   Thanks to tim@@ for testing on affected platforms.
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/03/10 02:52:57
     [auth2-gss.c auth2.c auth.h]
     allow GSSAPI authentication to detect when a server-side failure causes
     authentication failure and don't count such failures against MaxAuthTries;
     bz#1244 from simon AT sxw.org.uk; ok markus@@ before lock
   - okan@@cvs.openbsd.org 2011/03/15 10:36:02
     [ssh-keyscan.c]
     use timerclear macro
     ok djm@@
   - stevesk@@cvs.openbsd.org 2011/03/23 15:16:22
     [ssh-keygen.1 ssh-keygen.c]
     Add -A option.  For each of the key types (rsa1, rsa, dsa and ecdsa)
     for which host keys do not exist, generate the host keys with the
     default key file path, an empty passphrase, default bits for the key
     type, and default comment.  This will be used by /etc/rc to generate
     new host keys.  Idea from deraadt.
     ok deraadt
   - stevesk@@cvs.openbsd.org 2011/03/23 16:24:56
     [ssh-keygen.1]
     -q not used in /etc/rc now so remove statement.
   - stevesk@@cvs.openbsd.org 2011/03/23 16:50:04
     [ssh-keygen.c]
     remove -d, documentation removed >10 years ago; ok markus
   - jmc@@cvs.openbsd.org 2011/03/24 15:29:30
     [ssh-keygen.1]
     zap trailing whitespace;
   - stevesk@@cvs.openbsd.org 2011/03/24 22:14:54
     [ssh-keygen.c]
     use strcasecmp() for "clear" cert permission option also; ok djm
   - stevesk@@cvs.openbsd.org 2011/03/29 18:54:17
     [misc.c misc.h servconf.c]
     print ipqos friendly string for sshd -T; ok markus
     # sshd -Tf sshd_config|grep ipqos
     ipqos lowdelay throughput
   - djm@@cvs.openbsd.org 2011/04/12 04:23:50
     [ssh-keygen.c]
     fix -Wshadow
   - djm@@cvs.openbsd.org 2011/04/12 05:32:49
     [sshd.c]
     exit with 0 status on SIGTERM; bz#1879
   - djm@@cvs.openbsd.org 2011/04/13 04:02:48
     [ssh-keygen.1]
     improve wording; bz#1861
   - djm@@cvs.openbsd.org 2011/04/13 04:09:37
     [ssh-keygen.1]
     mention valid -b sizes for ECDSA keys; bz#1862
   - djm@@cvs.openbsd.org 2011/04/17 22:42:42
     [PROTOCOL.mux clientloop.c clientloop.h mux.c ssh.1 ssh.c]
     allow graceful shutdown of multiplexing: request that a mux server
     removes its listener socket and refuse future multiplexing requests;
     ok markus@@
   - djm@@cvs.openbsd.org 2011/04/18 00:46:05
     [ssh-keygen.c]
     certificate options are supposed to be packed in lexical order of
     option name (though we don't actually enforce this at present).
     Move one up that was out of sequence
   - djm@@cvs.openbsd.org 2011/05/04 21:15:29
     [authfile.c authfile.h ssh-add.c]
     allow "ssh-add - < key"; feedback and ok markus@@
 - (tim) [configure.ac] Add AC_LANG_SOURCE to OPENSSH_CHECK_CFLAG_COMPILE
   so autoreconf 2.68 is happy.
 - (tim) [defines.h] Deal with platforms that do not have S_IFSOCK ok djm@@

a21 7
20110218
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/02/16 00:31:14
     [ssh-keysign.c]
     make hostbased auth with ECDSA keys work correctly. Based on patch
     by harvey.eneman AT oracle.com in bz#1858; ok markus@@ (pre-lock)

a48 8
20110127
 - (tim) [config.guess config.sub] Sync with upstream.
 - (tim) [configure.ac] Consistent M4 quoting throughout, updated obsolete
   AC_TRY_COMPILE with AC_COMPILE_IFELSE, updated obsolete AC_TRY_LINK with
   AC_LINK_IFELSE, updated obsolete AC_TRY_RUN with AC_RUN_IFELSE, misc white
   space changes for consistency/readability. Makes autoconf 2.68 happy.
   "Nice work" djm

d1259 1
@


1.9.2.2
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/251135
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a0 706
20130510
 - (djm) OpenBSD CVS Cherrypick
   - djm@@cvs.openbsd.org 2013/04/11 02:27:50
     [packet.c]
     quiet disconnect notifications on the server from error() back to logit()
     if it is a normal client closure; bz#2057 ok+feedback dtucker@@
 - (djm) [version.h contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Crank version numbers for release.

20130404
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2013/02/17 23:16:57
     [readconf.c ssh.c readconf.h sshconnect2.c]
     Keep track of which IndentityFile options were manually supplied and which
     were default options, and don't warn if the latter are missing.
     ok markus@@
   - dtucker@@cvs.openbsd.org 2013/02/19 02:12:47
     [krl.c]
     Remove bogus include.  ok djm
   - dtucker@@cvs.openbsd.org 2013/02/22 04:45:09
     [ssh.c readconf.c readconf.h]
     Don't complain if IdentityFiles specified in system-wide configs are
     missing.  ok djm, deraadt.
   - markus@@cvs.openbsd.org 2013/02/22 19:13:56
     [sshconnect.c]
     support ProxyCommand=- (stdin/out already point to the proxy); ok djm@@
   - djm@@cvs.openbsd.org 2013/02/22 22:09:01
     [ssh.c]
     Allow IdenityFile=none; ok markus deraadt (and dtucker for an earlier
     version)

20130401
 - (dtucker) [openbsd-compat/bsd-cygwin_util.{c,h}] Don't include windows.h
   to avoid conflicting definitions of __int64, adding the required bits.
   Patch from Corinna Vinschen.

20120322
 - (djm) [contrib/ssh-copy-id contrib/ssh-copy-id.1] Updated to Phil
   Hands' greatly revised version.
 - (djm) Release 6.2p1

20120318
 - (djm) [configure.ac log.c scp.c sshconnect2.c openbsd-compat/vis.c]
   [openbsd-compat/vis.h] FreeBSD's strnvis isn't compatible with OpenBSD's
   so mark it as broken. Patch from des AT des.no

20120317
 - (tim) [configure.ac] OpenServer 5 wants lastlog even though it has none
   of the bits the configure test looks for.

20120316
 - (djm) [configure.ac] Disable utmp, wtmp and/or lastlog if the platform
   is unable to successfully compile them. Based on patch from des AT
   des.no
 - (djm) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
   Add a usleep replacement for platforms that lack it; ok dtucker
 - (djm) [session.c] FreeBSD needs setusercontext(..., LOGIN_SETUMASK) to
   occur after UID switch; patch from John Marshall via des AT des.no;
   ok dtucker@@

20120312
 - (dtucker) [regress/Makefile regress/cipher-speed.sh regress/test-exec.sh]
   Improve portability of cipher-speed test, based mostly on a patch from
   Iain Morgan.
 - (dtucker) [auth.c configure.ac platform.c platform.h] Accept uid 2 ("bin")
   in addition to root as an owner of system directories on AIX and HP-UX.
   ok djm@@

20130307
 - (dtucker) [INSTALL] Bump documented autoconf version to what we're
   currently using.
 - (dtucker) [defines.h] Remove SIZEOF_CHAR bits since the test for it
   was removed in configure.ac rev 1.481 as it was redundant.
 - (tim) [Makefile.in] Add another missing $(EXEEXT) I should have seen 3 days
   ago.
 - (djm) [configure.ac] Add a timeout to the select/rlimit test to give it a
   chance to complete on broken systems; ok dtucker@@

20130306
 - (dtucker) [regress/forward-control.sh] Wait longer for the forwarding
  connection to start so that the test works on slower machines.
 - (dtucker) [configure.ac] test that we can set number of file descriptors
   to zero with setrlimit before enabling the rlimit sandbox.  This affects
   (at least) HPUX 11.11.

20130305
 - (djm) [regress/modpipe.c] Compilation fix for AIX and parsing fix for
   HP/UX. Spotted by Kevin Brott
 - (dtucker) [configure.ac] use "=" for shell test and not "==".  Spotted by
   Amit Kulkarni and Kevin Brott.
 - (dtucker) [Makefile.in] Remove trailing "\" on PATHS, which caused obscure
   build breakage on (at least) HP-UX 11.11.  Found by Amit Kulkarni and Kevin
   Brott.
 - (tim) [Makefile.in] Add missing $(EXEEXT). Found by Roumen Petrov.

20130227
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Crank version numbers
 - (tim) [regress/forward-control.sh] use sh in case login shell is csh.
 - (tim) [regress/integrity.sh] shell portability fix.
 - (tim) [regress/integrity.sh] keep old solaris awk from hanging.
 - (tim) [regress/krl.sh] keep old solaris awk from hanging.

20130226
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/02/20 08:27:50
     [integrity.sh]
     Add an option to modpipe that warns if the modification offset it not
     reached in it's stream and turn it on for t-integrity. This should catch
     cases where the session is not fuzzed for being too short (cf. my last
     "oops" commit)
 - (djm) [regress/integrity.sh] Run sshd via $SUDO; fixes tinderbox breakage
   for UsePAM=yes configuration

20130225
 - (dtucker) [configure.ac ssh-gss.h] bz#2073: additional #includes needed
   to use Solaris native GSS libs.  Patch from Pierre Ossman.

20130223
 - (djm) [configure.ac includes.h loginrec.c mux.c sftp.c] Prefer
   bsd/libutil.h to libutil.h to avoid deprecation warnings on Ubuntu.
   ok tim

20130222
 - (dtucker) [Makefile.in configure.ac] bz#2072: don't link krb5 libs to
   ssh(1) since they're not needed.  Patch from Pierre Ossman, ok djm.
 - (dtucker) [configure.ac] bz#2073: look for Solaris' differently-named
   libgss too.  Patch from Pierre Ossman, ok djm.
 - (djm) [configure.ac sandbox-seccomp-filter.c] Support for Linux
   seccomp-bpf sandbox on ARM. Patch from shawnlandden AT gmail.com;
   ok dtucker

20130221
 - (tim) [regress/forward-control.sh] shell portability fix.

20130220
 - (tim) [regress/cipher-speed.sh regress/try-ciphers.sh] shell portability fix.
 - (tim) [krl.c Makefile.in regress/Makefile regress/modpipe.c] remove unneeded
   err.h include from krl.c. Additional portability fixes for modpipe. OK djm
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/02/20 08:27:50
     [regress/integrity.sh regress/modpipe.c]
     Add an option to modpipe that warns if the modification offset it not
     reached in it's stream and turn it on for t-integrity. This should catch
     cases where the session is not fuzzed for being too short (cf. my last
     "oops" commit)
   - djm@@cvs.openbsd.org 2013/02/20 08:29:27
     [regress/modpipe.c]
     s/Id/OpenBSD/ in RCS tag

20130219
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/02/18 22:26:47
     [integrity.sh]
     crank the offset yet again; it was still fuzzing KEX one of Darren's
     portable test hosts at 2800
   - djm@@cvs.openbsd.org 2013/02/19 02:14:09
     [integrity.sh]
     oops, forgot to increase the output of the ssh command to ensure that
     we actually reach $offset
 - (djm) [regress/integrity.sh] Skip SHA2-based MACs on configurations that
   lack support for SHA2.
 - (djm) [regress/modpipe.c] Add local err, and errx functions for platforms
   that do not have them.

20130217
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/02/17 23:16:55
     [integrity.sh]
     make the ssh command generates some output to ensure that there are at
     least offset+tries bytes in the stream.

20130216
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/02/16 06:08:45
     [integrity.sh]
     make sure the fuzz offset is actually past the end of KEX for all KEX
     types. diffie-hellman-group-exchange-sha256 requires an offset around
     2700. Noticed via test failures in portable OpenSSH on platforms that
     lack ECC and this the more byte-frugal ECDH KEX algorithms.

20130215
 - (djm) [contrib/suse/rc.sshd] Use SSHD_BIN consistently; bz#2056 from
   Iain Morgan
 - (dtucker) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
   Use getpgrp() if we don't have getpgid() (old BSDs, maybe others).
 - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoull.c
   openbsd-compat/openbsd-compat.h] Add strtoull to compat library for
   platforms that don't have it.
 - (dtucker) [openbsd-compat/openbsd-compat.h] Add prototype for strtoul,
   group strto* function prototypes together.
 - (dtucker) [openbsd-compat/bsd-misc.c] Handle the case where setpgrp() takes
   an argument.  Pointed out by djm.
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/02/14 21:35:59
     [auth2-pubkey.c]
     Correct error message that had a typo and was logging the wrong thing;
     patch from Petr Lautrbach
   - dtucker@@cvs.openbsd.org 2013/02/15 00:21:01
     [sshconnect2.c]
     Warn more loudly if an IdentityFile provided by the user cannot be read.
     bz #1981, ok djm@@

20130214
 - (djm) [regress/krl.sh] Don't use ecdsa keys in environment that lack ECC.
 - (djm) [regress/krl.sh] typo; found by Iain Morgan
 - (djm) [regress/integrity.sh] Start fuzzing from offset 2500 (instead
   of 2300) to avoid clobbering the end of (non-MAC'd) KEX. Verified by
   Iain Morgan

20130212
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/01/24 21:45:37
     [krl.c]
     fix handling of (unused) KRL signatures; skip string in correct buffer
   - djm@@cvs.openbsd.org 2013/01/24 22:08:56
     [krl.c]
     skip serial lookup when cert's serial number is zero
   - krw@@cvs.openbsd.org 2013/01/25 05:00:27
     [krl.c]
     Revert last. Breaks due to likely typo. Let djm@@ fix later.
     ok djm@@ via dlg@@
   - djm@@cvs.openbsd.org 2013/01/25 10:22:19
     [krl.c]
     redo last commit without the vi-vomit that snuck in:
     skip serial lookup when cert's serial number is zero
     (now with 100% better comment)
   - djm@@cvs.openbsd.org 2013/01/26 06:11:05
     [Makefile.in acss.c acss.h cipher-acss.c cipher.c]
     [openbsd-compat/openssl-compat.h]
     remove ACSS, now that it is gone from libcrypto too
   - djm@@cvs.openbsd.org 2013/01/27 10:06:12
     [krl.c]
     actually use the xrealloc() return value; spotted by xi.wang AT gmail.com
   - dtucker@@cvs.openbsd.org 2013/02/06 00:20:42
     [servconf.c sshd_config sshd_config.5]
     Change default of MaxStartups to 10:30:100 to start doing random early
     drop at 10 connections up to 100 connections.  This will make it harder
     to DoS as CPUs have come a long way since the original value was set
     back in 2000.  Prompted by nion at debian org, ok markus@@
   - dtucker@@cvs.openbsd.org 2013/02/06 00:22:21
     [auth.c]
     Fix comment, from jfree.e1 at gmail
   - djm@@cvs.openbsd.org 2013/02/08 00:41:12
     [sftp.c]
     fix NULL deref when built without libedit and control characters
     entered as command; debugging and patch from Iain Morgan an
     Loganaden Velvindron in bz#1956
   - markus@@cvs.openbsd.org 2013/02/10 21:19:34
     [version.h]
     openssh 6.2
   - djm@@cvs.openbsd.org 2013/02/10 23:32:10
     [ssh-keygen.c]
     append to moduli file when screening candidates rather than overwriting.
     allows resumption of interrupted screen; patch from Christophe Garault
     in bz#1957; ok dtucker@@
   - djm@@cvs.openbsd.org 2013/02/10 23:35:24
     [packet.c]
     record "Received disconnect" messages at ERROR rather than INFO priority,
     since they are abnormal and result in a non-zero ssh exit status; patch
     from Iain Morgan in bz#2057; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2013/02/11 21:21:58
     [sshd.c]
     Add openssl version to debug output similar to the client.  ok markus@@
   - djm@@cvs.openbsd.org 2013/02/11 23:58:51
     [regress/try-ciphers.sh]
     remove acss here too
 - (djm) [regress/try-ciphers.sh] clean up CVS merge botch

20130211
 - (djm) [configure.ac openbsd-compat/openssl-compat.h] Repair build on old
   libcrypto that lacks EVP_CIPHER_CTX_ctrl

20130208
 - (djm) [contrib/redhat/sshd.init] treat RETVAL as an integer;
   patch from Iain Morgan in bz#2059
 - (dtucker) [configure.ac openbsd-compat/sys-tree.h] Test if compiler allows
   __attribute__ on return values and work around if necessary.  ok djm@@

20130207
 - (djm) [configure.ac] Don't probe seccomp capability of running kernel
   at configure time; the seccomp sandbox will fall back to rlimit at
   runtime anyway. Patch from plautrba AT redhat.com in bz#2011

20130120
 - (djm) [cipher-aes.c cipher-ctr.c openbsd-compat/openssl-compat.h]
   Move prototypes for replacement ciphers to openssl-compat.h; fix EVP
   prototypes for openssl-1.0.0-fips.
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2013/01/18 07:57:47
     [ssh-keygen.1]
     tweak previous;
   - jmc@@cvs.openbsd.org 2013/01/18 07:59:46
     [ssh-keygen.c]
     -u before -V in usage();
   - jmc@@cvs.openbsd.org 2013/01/18 08:00:49
     [sshd_config.5]
     tweak previous;
   - jmc@@cvs.openbsd.org 2013/01/18 08:39:04
     [ssh-keygen.1]
     add -Q to the options list; ok djm
   - jmc@@cvs.openbsd.org 2013/01/18 21:48:43
     [ssh-keygen.1]
     command-line (adj.) -> command line (n.);
   - jmc@@cvs.openbsd.org 2013/01/19 07:13:25
     [ssh-keygen.1]
     fix some formatting; ok djm
   - markus@@cvs.openbsd.org 2013/01/19 12:34:55
     [krl.c]
     RB_INSERT does not remove existing elments; ok djm@@
 - (djm) [openbsd-compat/sys-tree.h] Sync with OpenBSD. krl.c needs newer
   version.
 - (djm) [regress/krl.sh] replacement for jot; most platforms lack it

20130118
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/01/17 23:00:01
     [auth.c key.c key.h ssh-keygen.1 ssh-keygen.c sshd_config.5]
     [krl.c krl.h PROTOCOL.krl]
     add support for Key Revocation Lists (KRLs). These are a compact way to
     represent lists of revoked keys and certificates, taking as little as
     a single bit of incremental cost to revoke a certificate by serial number.
     KRLs are loaded via the existing RevokedKeys sshd_config option.
     feedback and ok markus@@
   - djm@@cvs.openbsd.org 2013/01/18 00:45:29
     [regress/Makefile regress/cert-userkey.sh regress/krl.sh]
     Tests for Key Revocation Lists (KRLs)
   - djm@@cvs.openbsd.org 2013/01/18 03:00:32
     [krl.c]
     fix KRL generation bug for list sections

20130117
 - (djm) [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh]
   check for GCM support before testing GCM ciphers.

20130112
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/01/12 11:22:04
     [cipher.c]
     improve error message for integrity failure in AES-GCM modes; ok markus@@
   - djm@@cvs.openbsd.org 2013/01/12 11:23:53
     [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh]
     test AES-GCM modes; feedback markus@@
 - (djm) [regress/integrity.sh] repair botched merge

20130109
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/12/14 05:26:43
     [auth.c]
     use correct string in error message; from rustybsd at gmx.fr
   - djm@@cvs.openbsd.org 2013/01/02 00:32:07
     [clientloop.c mux.c]
     channel_setup_local_fwd_listener() returns 0 on failure, not -ve
     bz#2055 reported by mathieu.lacage AT gmail.com
   - djm@@cvs.openbsd.org 2013/01/02 00:33:49
     [PROTOCOL.agent]
     correct format description for SSH_AGENTC_ADD_RSA_ID_CONSTRAINED
     bz#2051 from david AT lechnology.com
   - djm@@cvs.openbsd.org 2013/01/03 05:49:36
     [servconf.h]
     add a couple of ServerOptions members that should be copied to the privsep
     child (for consistency, in this case they happen only to be accessed in
     the monitor); ok dtucker@@
   - djm@@cvs.openbsd.org 2013/01/03 12:49:01
     [PROTOCOL]
     fix description of MAC calculation for EtM modes; ok markus@@
   - djm@@cvs.openbsd.org 2013/01/03 12:54:49
     [sftp-server.8 sftp-server.c]
     allow specification of an alternate start directory for sftp-server(8)
     "I like this" markus@@
   - djm@@cvs.openbsd.org 2013/01/03 23:22:58
     [ssh-keygen.c]
     allow fingerprinting of keys hosted in PKCS#11 tokens: ssh-keygen -lD ...
     ok markus@@
   - jmc@@cvs.openbsd.org 2013/01/04 19:26:38
     [sftp-server.8 sftp-server.c]
     sftp-server.8: add argument name to -d
     sftp-server.c: add -d to usage()
     ok djm
   - markus@@cvs.openbsd.org 2013/01/08 18:49:04
     [PROTOCOL authfile.c cipher.c cipher.h kex.c kex.h monitor_wrap.c]
     [myproposal.h packet.c ssh_config.5 sshd_config.5]
     support AES-GCM as defined in RFC 5647 (but with simpler KEX handling)
     ok and feedback djm@@
   - djm@@cvs.openbsd.org 2013/01/09 05:40:17
     [ssh-keygen.c]
     correctly initialise fingerprint type for fingerprinting PKCS#11 keys
 - (djm) [cipher.c configure.ac openbsd-compat/openssl-compat.h]
   Fix merge botch, automatically detect AES-GCM in OpenSSL, move a little
   cipher compat code to openssl-compat.h

20121217
 - (dtucker) [Makefile.in] Add some scaffolding so that the new regress
   tests will work with VPATH directories.

20121213
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2012/12/12 16:45:52
     [packet.c]
     reset incoming_packet buffer for each new packet in EtM-case, too;
     this happens if packets are parsed only parially (e.g. ignore
     messages sent when su/sudo turn off echo); noted by sthen/millert
   - naddy@@cvs.openbsd.org 2012/12/12 16:46:10
     [cipher.c]
     use OpenSSL's EVP_aes_{128,192,256}_ctr() API and remove our hand-rolled
     counter mode code; ok djm@@
 - (djm) [configure.ac cipher-ctr.c] Adapt EVP AES CTR change to retain our
   compat code for older OpenSSL
 - (djm) [cipher.c] Fix missing prototype for compat code

20121212
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2012/12/11 22:16:21
     [monitor.c]
     drain the log messages after receiving the keystate from the unpriv
     child. otherwise it might block while sending. ok djm@@
   - markus@@cvs.openbsd.org 2012/12/11 22:31:18
     [PROTOCOL authfile.c cipher.c cipher.h kex.h mac.c myproposal.h]
     [packet.c ssh_config.5 sshd_config.5]
     add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms
     that change the packet format and compute the MAC over the encrypted
     message (including the packet size) instead of the plaintext data;
     these EtM modes are considered more secure and used by default.
     feedback and ok djm@@
   - sthen@@cvs.openbsd.org 2012/12/11 22:51:45
     [mac.c]
     fix typo, s/tem/etm in hmac-ripemd160-tem. ok markus@@
   - markus@@cvs.openbsd.org 2012/12/11 22:32:56
     [regress/try-ciphers.sh]
     add etm modes
   - markus@@cvs.openbsd.org 2012/12/11 22:42:11
     [regress/Makefile regress/modpipe.c regress/integrity.sh]
     test the integrity of the packets; with djm@@
   - markus@@cvs.openbsd.org 2012/12/11 23:12:13
     [try-ciphers.sh]
     add hmac-ripemd160-etm@@openssh.com
 - (djm) [mac.c] fix merge botch
 - (djm) [regress/Makefile regress/integrity.sh] Make the integrity.sh test
   work on platforms without 'jot'
 - (djm) [regress/integrity.sh] Fix awk quoting, packet length skip
 - (djm) [regress/Makefile] fix t-exec rule

20121207
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/12/06 06:06:54
     [regress/keys-command.sh]
     Fix some problems with the keys-command test:
      - use string comparison rather than numeric comparison
      - check for existing KEY_COMMAND file and don't clobber if it exists
      - clean up KEY_COMMAND file if we do create it.
      - check that KEY_COMMAND is executable (which it won't be if eg /var/run
        is mounted noexec).
     ok djm.
   - jmc@@cvs.openbsd.org 2012/12/03 08:33:03
     [ssh-add.1 sshd_config.5]
     tweak previous;
   - markus@@cvs.openbsd.org 2012/12/05 15:42:52
     [ssh-add.c]
     prevent double-free of comment; ok djm@@
   - dtucker@@cvs.openbsd.org 2012/12/07 01:51:35
     [serverloop.c]
     Cast signal to int for logging.  A no-op on openbsd (they're always ints)
     but will prevent warnings in portable.  ok djm@@

20121205
 - (tim) [defines.h] Some platforms are missing ULLONG_MAX. Feedback djm@@.

20121203
 - (djm) [openbsd-compat/sys-queue.h] Sync with OpenBSD to get
   TAILQ_FOREACH_SAFE needed for upcoming changes.
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2012/12/02 20:26:11
     [ssh_config.5 sshconnect2.c]
     Make IdentitiesOnly apply to keys obtained from a PKCS11Provider.
     This allows control of which keys are offered from tokens using
     IdentityFile. ok markus@@
   - djm@@cvs.openbsd.org 2012/12/02 20:42:15
     [ssh-add.1 ssh-add.c]
     make deleting explicit keys "ssh-add -d" symmetric with adding keys -
     try to delete the corresponding certificate too and respect the -k option
     to allow deleting of the key only; feedback and ok markus@@
   - djm@@cvs.openbsd.org 2012/12/02 20:46:11
     [auth-options.c channels.c servconf.c servconf.h serverloop.c session.c]
     [sshd_config.5]
     make AllowTcpForwarding accept "local" and "remote" in addition to its
     current "yes"/"no" to allow the server to specify whether just local or
     remote TCP forwarding is enabled. ok markus@@
   - dtucker@@cvs.openbsd.org 2012/10/05 02:20:48
     [regress/cipher-speed.sh regress/try-ciphers.sh]
     Add umac-128@@openssh.com to the list of MACs to be tested
   - djm@@cvs.openbsd.org 2012/10/19 05:10:42
     [regress/cert-userkey.sh]
     include a serial number when generating certs
   - djm@@cvs.openbsd.org 2012/11/22 22:49:30
     [regress/Makefile regress/keys-command.sh]
     regress for AuthorizedKeysCommand; hints from markus@@
   - djm@@cvs.openbsd.org 2012/12/02 20:47:48
     [Makefile regress/forward-control.sh]
     regress for AllowTcpForwarding local/remote; ok markus@@
   - djm@@cvs.openbsd.org 2012/12/03 00:14:06
     [auth2-chall.c ssh-keygen.c]
     Fix compilation with -Wall -Werror (trivial type fixes)
 - (djm) [configure.ac] Turn on -g for gcc compilers. Helps pre-installation
   debugging. ok dtucker@@
 - (djm) [configure.ac] Revert previous. configure.ac already does this
   for us.

20121114
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2012/11/14 02:24:27
     [auth2-pubkey.c]
     fix username passed to helper program
     prepare stdio fds before closefrom()
     spotted by landry@@
   - djm@@cvs.openbsd.org 2012/11/14 02:32:15
     [ssh-keygen.c]
     allow the full range of unsigned serial numbers; 'fine' deraadt@@
   - djm@@cvs.openbsd.org 2012/12/02 20:34:10
     [auth.c auth.h auth1.c auth2-chall.c auth2-gss.c auth2-jpake.c auth2.c]
     [monitor.c monitor.h]
     Fixes logging of partial authentication when privsep is enabled
     Previously, we recorded "Failed xxx" since we reset authenticated before
     calling auth_log() in auth2.c. This adds an explcit "Partial" state.
     
     Add a "submethod" to auth_log() to report which submethod is used
     for keyboard-interactive.
     
     Fix multiple authentication when one of the methods is
     keyboard-interactive.
     
     ok markus@@
   - dtucker@@cvs.openbsd.org 2012/10/05 02:05:30
     [regress/multiplex.sh]
     Use 'kill -0' to test for the presence of a pid since it's more portable

20121107
 - (djm) OpenBSD CVS Sync
   - eric@@cvs.openbsd.org 2011/11/28 08:46:27
     [moduli.5]
     fix formula
     ok djm@@
   - jmc@@cvs.openbsd.org 2012/09/26 17:34:38
     [moduli.5]
     last stage of rfc changes, using consistent Rs/Re blocks, and moving the
     references into a STANDARDS section;

20121105
 - (dtucker) [uidswap.c openbsd-compat/Makefile.in
   openbsd-compat/bsd-setres_id.c openbsd-compat/bsd-setres_id.h
   openbsd-compat/openbsd-compat.h]  Move the fallback code for setting uids
   and gids from uidswap.c to the compat library, which allows it to work with
   the new setresuid calls in auth2-pubkey.  with tim@@, ok djm@@
 - (dtucker) [auth2-pubkey.c] wrap paths.h in an ifdef for platforms that
   don't have it.  Spotted by tim@@.

20121104
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2012/10/31 08:04:50
     [sshd_config.5]
     tweak previous;
   - djm@@cvs.openbsd.org 2012/11/04 10:38:43
     [auth2-pubkey.c sshd.c sshd_config.5]
     Remove default of AuthorizedCommandUser. Administrators are now expected
     to explicitly specify a user. feedback and ok markus@@
   - djm@@cvs.openbsd.org 2012/11/04 11:09:15
     [auth.h auth1.c auth2.c monitor.c servconf.c servconf.h sshd.c]
     [sshd_config.5]
     Support multiple required authentication via an AuthenticationMethods
     option. This option lists one or more comma-separated lists of
     authentication method names. Successful completion of all the methods in
     any list is required for authentication to complete;
     feedback and ok markus@@

20121030
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2012/10/05 12:34:39
     [sftp.c]
     fix signed vs unsigned warning; feedback & ok: djm@@
   - djm@@cvs.openbsd.org 2012/10/30 21:29:55
     [auth-rsa.c auth.c auth.h auth2-pubkey.c servconf.c servconf.h]
     [sshd.c sshd_config sshd_config.5]
     new sshd_config option AuthorizedKeysCommand to support fetching
     authorized_keys from a command in addition to (or instead of) from
     the filesystem. The command is run as the target server user unless
     another specified via a new AuthorizedKeysCommandUser option.
     
     patch originally by jchadima AT redhat.com, reworked by me; feedback
     and ok markus@@

20121019
 - (tim) [buildpkg.sh.in] Double up on some backslashes so they end up in
   the generated file as intended.

20121005
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2012/09/17 09:54:44
     [sftp.c]
     an XXX for later
   - markus@@cvs.openbsd.org 2012/09/17 13:04:11
     [packet.c]
     clear old keys on rekeing; ok djm
   - dtucker@@cvs.openbsd.org 2012/09/18 10:36:12
     [sftp.c]
     Add bounds check on sftp tab-completion.  Part of a patch from from
     Jean-Marc Robert via tech@@, ok djm
   - dtucker@@cvs.openbsd.org 2012/09/21 10:53:07
     [sftp.c]
     Fix improper handling of absolute paths when PWD is part of the completed
     path.  Patch from Jean-Marc Robert via tech@@, ok djm.
  - dtucker@@cvs.openbsd.org 2012/09/21 10:55:04
     [sftp.c]
     Fix handling of filenames containing escaped globbing characters and
     escape "#" and "*".  Patch from Jean-Marc Robert via tech@@, ok djm.
   - jmc@@cvs.openbsd.org 2012/09/26 16:12:13
     [ssh.1]
     last stage of rfc changes, using consistent Rs/Re blocks, and moving the
     references into a STANDARDS section;
   - naddy@@cvs.openbsd.org 2012/10/01 13:59:51
     [monitor_wrap.c]
     pasto; ok djm@@
   - djm@@cvs.openbsd.org 2012/10/02 07:07:45
     [ssh-keygen.c]
     fix -z option, broken in revision 1.215
   - markus@@cvs.openbsd.org 2012/10/04 13:21:50
     [myproposal.h ssh_config.5 umac.h sshd_config.5 ssh.1 sshd.8 mac.c]
     add umac128 variant; ok djm@@ at n2k12
  - dtucker@@cvs.openbsd.org 2012/09/06 04:11:07
     [regress/try-ciphers.sh]
     Restore missing space.  (Id sync only).
   - dtucker@@cvs.openbsd.org 2012/09/09 11:51:25
     [regress/multiplex.sh]
     Add test for ssh -Ostop
   - dtucker@@cvs.openbsd.org 2012/09/10 00:49:21
     [regress/multiplex.sh]
     Log -O cmd output to the log file and make logging consistent with the
     other tests.  Test clean shutdown of an existing channel when testing
     "stop".
   - dtucker@@cvs.openbsd.org 2012/09/10 01:51:19
     [regress/multiplex.sh]
     use -Ocheck and waiting for completions by PID to make multiplexing test
     less racy and (hopefully) more reliable on slow hardware.
 - [Makefile umac.c] Add special-case target to build umac128.o.
 - [umac.c] Enforce allowed umac output sizes.  From djm@@.
 - [Makefile.in] "Using $< in a non-suffix rule context is a GNUmake idiom".

20120917
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/09/13 23:37:36
     [servconf.c]
     Fix comment line length
   - markus@@cvs.openbsd.org 2012/09/14 16:51:34
     [sshconnect.c]
     remove unused variable

20120907
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/09/06 09:50:13
     [clientloop.c]
     Make the escape command help (~?) context sensitive so that only commands
     that will work in the current session are shown.  ok markus@@
   - jmc@@cvs.openbsd.org 2012/09/06 13:57:42
     [ssh.1]
     missing letter in previous;
   - dtucker@@cvs.openbsd.org 2012/09/07 00:30:19
     [clientloop.c]
     Print '^Z' instead of a raw ^Z when the sequence is not supported.  ok djm@@
   - dtucker@@cvs.openbsd.org 2012/09/07 01:10:21
     [clientloop.c]
     Merge escape help text for ~v and ~V; ok djm@@
   - dtucker@@cvs.openbsd.org 2012/09/07 06:34:21
     [clientloop.c]
     when muxmaster is run with -N, make it shut down gracefully when a client
     sends it "-O stop" rather than hanging around (bz#1985).  ok djm@@

20120906
 - (dtucker) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2012/08/15 18:25:50
     [ssh-keygen.1]
     a little more info on certificate validity;
     requested by Ross L Richardson, and provided by djm
   - dtucker@@cvs.openbsd.org 2012/08/17 00:45:45
     [clientloop.c clientloop.h mux.c]
     Force a clean shutdown of ControlMaster client sessions when the ~. escape
     sequence is used.  This means that ~. should now work in mux clients even
     if the server is no longer responding.  Found by tedu, ok djm.
   - djm@@cvs.openbsd.org 2012/08/17 01:22:56
     [kex.c]
     add some comments about better handling first-KEX-follows notifications
     from the server. Nothing uses these right now. No binary change
   - djm@@cvs.openbsd.org 2012/08/17 01:25:58
     [ssh-keygen.c]
     print details of which host lines were deleted when using
     "ssh-keygen -R host"; ok markus@@
   - djm@@cvs.openbsd.org 2012/08/17 01:30:00
     [compat.c sshconnect.c]
     Send client banner immediately, rather than waiting for the server to
     move first for SSH protocol 2 connections (the default). Patch based on
     one in bz#1999 by tls AT panix.com, feedback dtucker@@ ok markus@@
   - dtucker@@cvs.openbsd.org 2012/09/06 04:37:39
     [clientloop.c log.c ssh.1 log.h]
     Add ~v and ~V escape sequences to raise and lower the logging level
     respectively. Man page help from jmc, ok deraadt jmc

20120830
 - (dtucker) [moduli] Import new moduli file.

a174 1
     (Original authors Ondřej Surý,  Ondřej Caletka and Daniel Black)
@


1.9.2.3
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/263970
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d1 8
a8 2
20140313
 - (djm) Release OpenSSH 6.6
d10 21
a30 6
20140304
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2014/03/03 22:22:30
     [session.c]
     ignore enviornment variables with embedded '=' or '\0' characters;
     spotted by Jann Horn; ok deraadt@@
d32 4
a35 52
20140301
 - (djm) [regress/Makefile] Disable dhgex regress test; it breaks when
   no moduli file exists at the expected location.

20140228
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2014/02/27 00:41:49
     [bufbn.c]
     fix unsigned overflow that could lead to reading a short ssh protocol
     1 bignum value; found by Ben Hawkes; ok deraadt@@
   - djm@@cvs.openbsd.org 2014/02/27 08:25:09
     [bufbn.c]
     off by one in range check
   - djm@@cvs.openbsd.org 2014/02/27 22:47:07
     [sshd_config.5]
     bz#2184 clarify behaviour of a keyword that appears in multiple
     matching Match blocks; ok dtucker@@
   - djm@@cvs.openbsd.org 2014/02/27 22:57:40
     [version.h]
     openssh-6.6
   - dtucker@@cvs.openbsd.org 2014/01/19 23:43:02
     [regress/sftp-chroot.sh]
     Don't use -q on sftp as it suppresses logging, instead redirect the
     output to the regress logfile.
   - dtucker@@cvs.openbsd.org 2014/01/20 00:00:30
     [sregress/ftp-chroot.sh]
     append to rather than truncating the log file
   - dtucker@@cvs.openbsd.org 2014/01/25 04:35:32
     [regress/Makefile regress/dhgex.sh]
     Add a test for DH GEX sizes
   - djm@@cvs.openbsd.org 2014/01/26 10:22:10
     [regress/cert-hostkey.sh]
     automatically generate revoked keys from listed keys rather than
     manually specifying each type; from portable
     (Id sync only)
   - djm@@cvs.openbsd.org 2014/01/26 10:49:17
     [scp-ssh-wrapper.sh scp.sh]
     make sure $SCP is tested on the remote end rather than whichever one
     happens to be in $PATH; from portable
     (Id sync only)
   - djm@@cvs.openbsd.org 2014/02/27 20:04:16
     [login-timeout.sh]
     remove any existing LoginGraceTime from sshd_config before adding
     a specific one for the test back in
   - djm@@cvs.openbsd.org 2014/02/27 21:21:25
     [agent-ptrace.sh agent.sh]
     keep return values that are printed in error messages;
     from portable
     (Id sync only)
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Crank version numbers
 - (djm) [regress/host-expand.sh] Add RCS Id
d37 4
a40 18
20140227
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2014/02/26 20:18:37
     [ssh.c]
     bz#2205: avoid early hostname lookups unless canonicalisation is enabled;
     ok dtucker@@ markus@@
   - djm@@cvs.openbsd.org 2014/02/26 20:28:44
     [auth2-gss.c gss-serv.c ssh-gss.h sshd.c]
     bz#2107 - cache OIDs of supported GSSAPI mechanisms before privsep
     sandboxing, as running this code in the sandbox can cause violations;
     ok markus@@
   - djm@@cvs.openbsd.org 2014/02/26 20:29:29
     [channels.c]
     don't assume that the socks4 username is \0 terminated;
     spotted by Ben Hawkes; ok markus@@
   - markus@@cvs.openbsd.org 2014/02/26 21:53:37
     [sshd.c]
     ssh_gssapi_prepare_supported_oids needs GSSAPI
d42 4
a45 34
20140224
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2014/02/07 06:55:54
     [cipher.c mac.c]
     remove some logging that makes ssh debugging output very verbose;
     ok markus
   - djm@@cvs.openbsd.org 2014/02/15 23:05:36
     [channels.c]
     avoid spurious "getsockname failed: Bad file descriptor" errors in ssh -W;
     bz#2200, debian#738692 via Colin Watson; ok dtucker@@
   - djm@@cvs.openbsd.org 2014/02/22 01:32:19
     [readconf.c]
     when processing Match blocks, skip 'exec' clauses if previous predicates
     failed to match; ok markus@@
   - djm@@cvs.openbsd.org 2014/02/23 20:03:42
     [ssh-ed25519.c]
     check for unsigned overflow; not reachable in OpenSSH but others might
     copy our code...
   - djm@@cvs.openbsd.org 2014/02/23 20:11:36
     [readconf.c readconf.h ssh.c ssh_config.5]
     reparse ssh_config and ~/.ssh/config if hostname canonicalisation changes
     the hostname. This allows users to write configurations that always
     refer to canonical hostnames, e.g.
     
     CanonicalizeHostname yes
     CanonicalDomains int.example.org example.org
     CanonicalizeFallbackLocal no
     
     Host *.int.example.org
         Compression off
     Host *.example.org
         User djm
     
     ok markus@@
d47 3
a49 3
20140213
 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}]  Add compat
   code for older OpenSSL versions that don't have EVP_MD_CTX_copy_ex.
d51 8
a58 103
20140207
 - OpenBSD CVS Sync
   - naddy@@cvs.openbsd.org 2014/02/05 20:13:25
     [ssh-keygen.1 ssh-keygen.c]
     tweak synopsis: calling ssh-keygen without any arguments is fine; ok jmc@@
     while here, fix ordering in usage(); requested by jmc@@
   - djm@@cvs.openbsd.org 2014/02/06 22:21:01
     [sshconnect.c]
     in ssh_create_socket(), only do the getaddrinfo for BindAddress when
     BindAddress is actually specified. Fixes regression in 6.5 for
     UsePrivilegedPort=yes; patch from Corinna Vinschen

20140206
 - (dtucker) [openbsd-compat/bsd-poll.c] Don't bother checking for non-NULL
   before freeing since free(NULL) is a no-op.  ok djm.
 - (djm) [sandbox-seccomp-filter.c] Not all Linux architectures define
   __NR_shutdown; some go via the socketcall(2) multiplexer.

20140205
 - (djm) [sandbox-capsicum.c] Don't fatal if Capsicum is offered by
   headers/libc but not supported by the kernel. Patch from Loganaden
   Velvindron @@ AfriNIC

20140204
 - OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2014/01/27 18:58:14
     [Makefile.in digest.c digest.h hostfile.c kex.h mac.c hmac.c hmac.h]
     replace openssl HMAC with an implementation based on our ssh_digest_*
     ok and feedback djm@@
   - markus@@cvs.openbsd.org 2014/01/27 19:18:54
     [auth-rsa.c cipher.c ssh-agent.c sshconnect1.c sshd.c]
     replace openssl MD5 with our ssh_digest_*; ok djm@@
   - markus@@cvs.openbsd.org 2014/01/27 20:13:46
     [digest.c digest-openssl.c digest-libc.c Makefile.in]
     rename digest.c to digest-openssl.c and add libc variant; ok djm@@
   - jmc@@cvs.openbsd.org 2014/01/28 14:13:39
     [ssh-keyscan.1]
     kill some bad Pa;
     From: Jan Stary
   - djm@@cvs.openbsd.org 2014/01/29 00:19:26
     [sshd.c]
     use kill(0, ...) instead of killpg(0, ...); on most operating systems
     they are equivalent, but SUSv2 describes the latter as having undefined
     behaviour; from portable; ok dtucker
     (Id sync only; change is already in portable)
   - djm@@cvs.openbsd.org 2014/01/29 06:18:35
     [Makefile.in auth.h auth2-jpake.c auth2.c jpake.c jpake.h monitor.c]
     [monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h]
     [schnorr.c schnorr.h servconf.c servconf.h ssh2.h sshconnect2.c]
     remove experimental, never-enabled JPAKE code; ok markus@@
   - jmc@@cvs.openbsd.org 2014/01/29 14:04:51
     [sshd_config.5]
     document kbdinteractiveauthentication;
     requested From: Ross L Richardson
     
     dtucker/markus helped explain its workings;
   - djm@@cvs.openbsd.org 2014/01/30 22:26:14
     [sandbox-systrace.c]
     allow shutdown(2) syscall in sandbox - it may be called by packet_close()
     from portable
     (Id sync only; change is already in portable)
   - tedu@@cvs.openbsd.org 2014/01/31 16:39:19
     [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c]
     [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c]
     [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c]
     [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c]
     [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h]
     replace most bzero with explicit_bzero, except a few that cna be memset
     ok djm dtucker
   - djm@@cvs.openbsd.org 2014/02/02 03:44:32
     [auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c]
     [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c]
     [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c]
     [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c]
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c]
     [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c]
     [sshd.c]
     convert memset of potentially-private data to explicit_bzero()
   - djm@@cvs.openbsd.org 2014/02/03 23:28:00
     [ssh-ecdsa.c]
     fix memory leak; ECDSA_SIG_new() allocates 'r' and 's' for us, unlike
     DSA_SIG_new. Reported by Batz Spear; ok markus@@
   - djm@@cvs.openbsd.org 2014/02/02 03:44:31
     [digest-libc.c digest-openssl.c]
     convert memset of potentially-private data to explicit_bzero()
   - djm@@cvs.openbsd.org 2014/02/04 00:24:29
     [ssh.c]
     delay lowercasing of hostname until right before hostname
     canonicalisation to unbreak case-sensitive matching of ssh_config;
     reported by Ike Devolder; ok markus@@
 - (djm) [openbsd-compat/Makefile.in] Add missing explicit_bzero.o
 - (djm) [regress/setuid-allowed.c] Missing string.h for strerror()

20140131
 - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2)
   syscall from sandboxes; it may be called by packet_close.
 - (dtucker) [readconf.c] Include <arpa/inet.h> for the hton macros.  Fixes
   build with HP-UX's compiler.  Patch from Kevin Brott.
 - (tim) [Makefile.in] build regress/setuid-allow.

20140130
 - (djm) [configure.ac] Only check for width-specified integer types
   in headers that actually exist. patch from Tom G. Christensen;
a59 9
 - (djm) [configure.ac atomicio.c] Kludge around NetBSD offering
   different symbols for 'read' when various compiler flags are
   in use, causing atomicio.c comparisons against it to break and
   read/write operations to hang; ok dtucker
 - (djm) Release openssh-6.5p1

20140129
 - (djm) [configure.ac] Fix broken shell test '==' vs '='; patch from
   Tom G. Christensen
d61 34
a94 42
20140128
 - (djm) [configure.ac] Search for inet_ntop in libnsl and libresovl;
   ok dtucker
 - (djm) [sshd.c] Use kill(0, ...) instead of killpg(0, ...); the
   latter being specified to have undefined behaviour in SUSv3;
   ok dtucker
 - (tim) [regress/agent.sh regress/agent-ptrace.sh] Assign $? to a variable
   when used as an error message inside an if statement so we display the
   correct into. agent.sh patch from Petr Lautrbach.

20140127
 - (dtucker) [Makefile.in] Remove trailing backslash which some make
   implementations (eg older Solaris) do not cope with.

20140126
 - OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2014/01/25 10:12:50
     [cipher.c cipher.h kex.c kex.h kexgexc.c]
     Add a special case for the DH group size for 3des-cbc, which has an
     effective strength much lower than the key size.  This causes problems
     with some cryptlib implementations, which don't support group sizes larger
     than 4k but also don't use the largest group size it does support as
     specified in the RFC.  Based on a patch from Petr Lautrbach at Redhat,
     reduced by me with input from Markus.  ok djm@@ markus@@
   - markus@@cvs.openbsd.org 2014/01/25 20:35:37
     [kex.c]
     dh_need needs to be set to max(seclen, blocksize, ivlen, mac_len)
     ok dtucker@@, noted by mancha
  - (djm) [configure.ac sandbox-capsicum.c sandbox-rlimit.c] Disable
    RLIMIT_NOFILE pseudo-sandbox on FreeBSD. In some configurations,
    libc will attempt to open additional file descriptors for crypto
    offload and crash if they cannot be opened.
 - (djm) [configure.ac] correct AC_DEFINE for previous.

20140125
 - (djm) [configure.ac] Fix detection of capsicum sandbox on FreeBSD
 - (djm) [configure.ac] Do not attempt to use capsicum sandbox unless
   sys/capability.h exists and cap_rights_limit is in libc. Fixes
   build on FreeBSD9x which provides the header but not the libc
   support.
 - (djm) [configure.ac] autoconf sets finds to 'yes' not '1', so test
   against the correct thing.
d96 7
a102 46
20140124
 - (djm) [Makefile.in regress/scp-ssh-wrapper.sh regress/scp.sh] Make
   the scp regress test actually test the built scp rather than the one
   in $PATH. ok dtucker@@

20140123
 - (tim) [session.c] Improve error reporting on set_id().
 - (dtucker) [configure.ac] NetBSD's (and FreeBSD's) strnvis is gratuitously
   incompatible with OpenBSD's despite post-dating it by more than a decade.
   Declare it as broken, and document FreeBSD's as the same.  ok djm@@

20140122
 - (djm) [openbsd-compat/setproctitle.c] Don't fail to compile if a
   platform that is expected to use the reuse-argv style setproctitle
   hack surprises us by providing a setproctitle in libc; ok dtucker
 - (djm) [configure.ac] Unless specifically requested, only attempt
   to build Position Independent Executables on gcc >= 4.x; ok dtucker
 - (djm) [configure.ac aclocal.m4] More tests to detect fallout from
   platform hardening options: include some long long int arithmatic
   to detect missing support functions for -ftrapv in libgcc and
   equivalents, actually test linking when -ftrapv is supplied and
   set either both -pie/-fPIE or neither. feedback and ok dtucker@@

20140121
 - (dtucker) [configure.ac] Make PIE a configure-time option which defaults
   to on platforms where it's known to be reliably detected and off elsewhere.
   Works around platforms such as FreeBSD 9.1 where it does not interop with
   -ftrapv (it seems to work but fails when trying to link ssh).  ok djm@@
 - (dtucker) [aclocal.m4] Differentiate between compile-time and link-time
   tests in the configure output.  ok djm.
 - (tim) [platform.c session.c] Fix bug affecting SVR5 platforms introduced
   with sftp chroot support. Move set_id call after chroot.
 - (djm) [aclocal.m4] Flesh out the code run in the OSSH_CHECK_CFLAG_COMPILE
   and OSSH_CHECK_LDFLAG_LINK tests to give them a better chance of
   detecting toolchain-related problems; ok dtucker

20140120
 - (dtucker) [gss-serv-krb5.c] Fall back to krb5_cc_gen_new if the Kerberos
   implementation does not have krb5_cc_new_unique, similar to what we do
   in auth-krb5.c.
 - (djm) [regress/cert-hostkey.sh] Fix regress failure on platforms that
   skip one or more key types (e.g. RHEL/CentOS 6.5); ok dtucker@@
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2014/01/20 00:08:48
     [digest.c]
     memleak; found by Loganaden Velvindron @@ AfriNIC; ok markus@@
d104 10
a113 22
20140119
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2014/01/17 06:23:24
     [sftp-server.c]
     fix log message statvfs.  ok djm
   - dtucker@@cvs.openbsd.org 2014/01/18 09:36:26
     [session.c]
     explicitly define USE_PIPES to 1 to prevent redefinition warnings in
     portable on platforms that use pipes for everything.  From vinschen at
     redhat.
   - dtucker@@cvs.openbsd.org 2014/01/19 04:17:29
     [canohost.c addrmatch.c]
     Cast socklen_t when comparing to size_t and use socklen_t to iterate over
     the ip options, both to prevent signed/unsigned comparison warnings.
     Patch from vinschen at redhat via portable openssh, begrudging ok deraadt.
   - djm@@cvs.openbsd.org 2014/01/19 04:48:08
     [ssh_config.5]
     fix inverted meaning of 'no' and 'yes' for CanonicalizeFallbackLocal
   - dtucker@@cvs.openbsd.org 2014/01/19 11:21:51
     [addrmatch.c]
     Cast the sizeof to socklen_t so it'll work even if the supplied len is
     negative.  Suggested by and ok djm, ok deraadt.
d115 3
a117 68
20140118
 - (dtucker) [uidswap.c] Prevent unused variable warnings on Cygwin.  Patch
   from vinschen at redhat.com
 - (dtucker) [openbsd-compat/bsd-cygwin_util.h] Add missing function
   declarations that stopped being included when we stopped including
   <windows.h> from openbsd-compat/bsd-cygwin_util.h.  Patch from vinschen at
   redhat.com.
 - (dtucker) [configure.ac] On Cygwin the getopt variables (like optargs,
   optind) are defined in getopt.h already.  Unfortunately they are defined as
   "declspec(dllimport)" for historical reasons, because the GNU linker didn't
   allow auto-import on PE/COFF targets way back when.  The problem is the
   dllexport attributes collide with the definitions in the various source
   files in OpenSSH, which obviousy define the variables without
   declspec(dllimport).  The least intrusive way to get rid of these warnings
   is to disable warnings for GCC compiler attributes when building on Cygwin.
   Patch from vinschen at redhat.com.
 - (dtucker) [sandbox-capsicum.c] Correct some error messages and make the
   return value check for cap_enter() consistent with the other uses in
   FreeBSD.  From by Loganaden Velvindron @@ AfriNIC via bz#2140.

20140117
 - (dtucker) [aclocal.m4 configure.ac] Add some additional compiler/toolchain
   hardening flags including -fstack-protector-strong.  These default to on
   if the toolchain supports them, but there is a configure-time knob
   (--without-hardening) to disable them if necessary.  ok djm@@
 - (djm) [sftp-client.c] signed/unsigned comparison fix
 - (dtucker) [loginrec.c] Cast to the types specfied in the format
    specification to prevent warnings.
 - (dtucker) [crypto_api.h] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H.
 - (dtucker) [poly1305.c] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H.
 - (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c] Include
   includes.h to pull in all of the compatibility stuff.
 - (dtucker) [openbsd-compat/bcrypt_pbkdf.c] Wrap stdlib.h include inside
   #ifdef HAVE_STDINT_H.
 - (dtucker) [defines.h] Add typedefs for uintXX_t types for platforms that
   don't have them.
 - (dtucker) [configure.ac] Split AC_CHECK_FUNCS for OpenSSL functions into
   separate lines and alphabetize for easier diffing of changes.
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2014/01/17 00:21:06
     [sftp-client.c]
     signed/unsigned comparison warning fix; from portable (Id sync only)
   - dtucker@@cvs.openbsd.org 2014/01/17 05:26:41
     [digest.c]
     remove unused includes.  ok djm@@
 - (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c]
   [sandbox-null.c sandbox-rlimit.c sandbox-seccomp-filter.c]
   [sandbox-systrace.c ssh-sandbox.h sshd.c] Support preauth sandboxing
   using the Capsicum API introduced in FreeBSD 10. Patch by Dag-Erling
   Smorgrav, updated by Loganaden Velvindron @@ AfriNIC; ok dtucker@@
 - (dtucker) [configure.ac digest.c openbsd-compat/openssl-compat.c
   openbsd-compat/openssl-compat.h]  Add compatibility layer for older
   openssl versions.  ok djm@@
 - (dtucker) Fix typo in #ifndef.
 - (dtucker) [configure.ac openbsd-compat/bsd-statvfs.c
   openbsd-compat/bsd-statvfs.h] Implement enough of statvfs on top of statfs
   to be useful (and for the regression tests to pass) on platforms that
   have statfs and fstatfs.  ok djm@@
 - (dtucker) [openbsd-compat/bsd-statvfs.h] Only start including headers if we
   need them to cut down on the name collisions.
 - (dtucker) [configure.ac] Also look in inttypes.h for uintXX_t types.
 - (dtucker) [configure.ac] Have --without-hardening not turn off
   stack-protector since that has a separate flag that's been around a while.
 - (dtucker) [readconf.c] Wrap paths.h inside an ifdef.  Allows building on
   Solaris.
 - (dtucker) [defines.h] Move our definitions of uintXX_t types down to after
   they're defined if we have to define them ourselves.  Fixes builds on old
   AIX.
d119 4
a122 12
20140118
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2014/01/16 07:31:09
     [sftp-client.c]
     needless and incorrect cast to size_t can break resumption of
     large download; patch from tobias@@
   - djm@@cvs.openbsd.org 2014/01/16 07:32:00
     [version.h]
     openssh-6.5
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Crank RPM spec version numbers.
 - (djm) [README] update release notes URL.
d124 8
a131 13
20140112
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2014/01/10 05:59:19
     [sshd_config]
     the /etc/ssh/ssh_host_ed25519_key is loaded by default too
   - djm@@cvs.openbsd.org 2014/01/12 08:13:13
     [bufaux.c buffer.h kex.c kex.h kexc25519.c kexc25519c.c kexc25519s.c]
     [kexdhc.c kexdhs.c kexecdhc.c kexecdhs.c kexgexc.c kexgexs.c]
     avoid use of OpenSSL BIGNUM type and functions for KEX with
     Curve25519 by adding a buffer_put_bignum2_from_string() that stores
     a string using the bignum encoding rules. Will make it easier to
     build a reduced-feature OpenSSH without OpenSSL in the future;
     ok markus@@
d133 2
a134 24
20140110
 - (djm) OpenBSD CVS Sync
   - tedu@@cvs.openbsd.org 2014/01/04 17:50:55
     [mac.c monitor_mm.c monitor_mm.h xmalloc.c]
     use standard types and formats for size_t like variables. ok dtucker
   - guenther@@cvs.openbsd.org 2014/01/09 03:26:00
     [sftp-common.c]
     When formating the time for "ls -l"-style output, show dates in the future
     with the year, and rearrange a comparison to avoid a potentional signed
     arithmetic overflow that would give the wrong result.
     ok djm@@
   - djm@@cvs.openbsd.org 2014/01/09 23:20:00
     [digest.c digest.h hostfile.c kex.c kex.h kexc25519.c kexc25519c.c]
     [kexc25519s.c kexdh.c kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c]
     [kexgexs.c key.c key.h roaming_client.c roaming_common.c schnorr.c]
     [schnorr.h ssh-dss.c ssh-ecdsa.c ssh-rsa.c sshconnect2.c]
     Introduce digest API and use it to perform all hashing operations
     rather than calling OpenSSL EVP_Digest* directly. Will make it easier
     to build a reduced-feature OpenSSH without OpenSSL in future;
     feedback, ok markus@@
   - djm@@cvs.openbsd.org 2014/01/09 23:26:48
     [sshconnect.c sshd.c]
     ban clients/servers that suffer from SSH_BUG_DERIVEKEY, they are ancient,
     deranged and might make some attacks on KEX easier; ok markus@@
d136 14
a149 2
20140108
 - (djm) [regress/.cvsignore] Ignore regress test droppings; ok dtucker@@
d151 14
a164 82
20131231
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/12/30 23:52:28
     [auth2-hostbased.c auth2-pubkey.c compat.c compat.h ssh-rsa.c]
     [sshconnect.c sshconnect2.c sshd.c]
     refuse RSA keys from old proprietary clients/servers that use the
     obsolete RSA+MD5 signature scheme. it will still be possible to connect
     with these clients/servers but only DSA keys will be accepted, and we'll
     deprecate them entirely in a future release. ok markus@@

20131229
 - (djm) [loginrec.c] Check for username truncation when looking up lastlog
   entries
 - (djm) [regress/Makefile] Add some generated files for cleaning
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/12/19 00:10:30
     [ssh-add.c]
     skip requesting smartcard PIN when removing keys from agent; bz#2187
     patch from jay AT slushpupie.com; ok dtucker
   - dtucker@@cvs.openbsd.org 2013/12/19 00:19:12
     [serverloop.c]
     Cast client_alive_interval to u_int64_t before assinging to
     max_time_milliseconds to avoid potential integer overflow in the timeout.
     bz#2170, patch from Loganaden Velvindron, ok djm@@
   - djm@@cvs.openbsd.org 2013/12/19 00:27:57
     [auth-options.c]
     simplify freeing of source-address certificate restriction
   - djm@@cvs.openbsd.org 2013/12/19 01:04:36
     [channels.c]
     bz#2147: fix multiple remote forwardings with dynamically assigned
     listen ports. In the s->c message to open the channel we were sending
     zero (the magic number to request a dynamic port) instead of the actual
     listen port. The client therefore had no way of discriminating between
     them.
     
     Diagnosis and fix by ronf AT timeheart.net
   - djm@@cvs.openbsd.org 2013/12/19 01:19:41
     [ssh-agent.c]
     bz#2186: don't crash (NULL deref) when deleting PKCS#11 keys from an agent
     that has a mix of normal and PKCS#11 keys; fix from jay AT slushpupie.com;
     ok dtucker
   - djm@@cvs.openbsd.org 2013/12/19 22:57:13
     [poly1305.c poly1305.h]
     use full name for author, with his permission
   - tedu@@cvs.openbsd.org 2013/12/21 07:10:47
     [ssh-keygen.1]
     small typo
   - djm@@cvs.openbsd.org 2013/12/27 22:30:17
     [ssh-dss.c ssh-ecdsa.c ssh-rsa.c]
     make the original RSA and DSA signing/verification code look more like
     the ECDSA/Ed25519 ones: use key_type_plain() when checking the key type
     rather than tediously listing all variants, use __func__ for debug/
     error messages
   - djm@@cvs.openbsd.org 2013/12/27 22:37:18
     [ssh-rsa.c]
     correct comment
   - djm@@cvs.openbsd.org 2013/12/29 02:28:10
     [key.c]
     allow ed25519 keys to appear as certificate authorities
   - djm@@cvs.openbsd.org 2013/12/29 02:37:04
     [key.c]
     correct comment for key_to_certified()
   - djm@@cvs.openbsd.org 2013/12/29 02:49:52
     [key.c]
     correct comment for key_drop_cert()
   - djm@@cvs.openbsd.org 2013/12/29 04:20:04
     [key.c]
     to make sure we don't omit any key types as valid CA keys again,
     factor the valid key type check into a key_type_is_valid_ca()
     function
   - djm@@cvs.openbsd.org 2013/12/29 04:29:25
     [authfd.c]
     allow deletion of ed25519 keys from the agent
   - djm@@cvs.openbsd.org 2013/12/29 04:35:50
     [authfile.c]
     don't refuse to load Ed25519 certificates
   - djm@@cvs.openbsd.org 2013/12/29 05:42:16
     [ssh.c]
     don't forget to load Ed25519 certs too
   - djm@@cvs.openbsd.org 2013/12/29 05:57:02
     [sshconnect.c]
     when showing other hostkeys, don't forget Ed25519 keys
d166 6
a171 2
20131221
 - (dtucker) [regress/keytype.sh] Actually test ecdsa key types.
d173 8
a180 5
20131219
 - (dtucker) [configure.ac] bz#2178: Don't try to use BSM on Solaris versions
   greater than 11 either rather than just 11.  Patch from Tomas Kuthan.
 - (dtucker) [auth-pam.c] bz#2163: check return value from pam_get_item().
   Patch from Loganaden Velvindron.
d182 12
a193 1
20131218
d195 8
a202 39
   - djm@@cvs.openbsd.org 2013/12/07 08:08:26
     [ssh-keygen.1]
     document -a and -o wrt new key format
   - naddy@@cvs.openbsd.org 2013/12/07 11:58:46
     [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8 ssh.1]
     [ssh_config.5 sshd.8 sshd_config.5]
     add missing mentions of ed25519; ok djm@@
   - dtucker@@cvs.openbsd.org 2013/12/08 09:53:27
     [sshd_config.5]
     Use a literal for the default value of KEXAlgorithms.  ok deraadt jmc
   - markus@@cvs.openbsd.org 2013/12/09 11:03:45
     [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h]
     [ge25519_base.data hash.c sc25519.c sc25519.h verify.c]
     Add Authors for the public domain ed25519/nacl code.
     see also http://nacl.cr.yp.to/features.html
        All of the NaCl software is in the public domain.
     and http://ed25519.cr.yp.to/software.html
        The Ed25519 software is in the public domain.
   - markus@@cvs.openbsd.org 2013/12/09 11:08:17
     [crypto_api.h]
     remove unused defines
   - pascal@@cvs.openbsd.org 2013/12/15 18:17:26
     [ssh-add.c]
     Make ssh-add also add .ssh/id_ed25519; fixes lie in manual page.
     ok markus@@
   - djm@@cvs.openbsd.org 2013/12/15 21:42:35
     [cipher-chachapoly.c]
     add some comments and constify a constant
   - markus@@cvs.openbsd.org 2013/12/17 10:36:38
     [crypto_api.h]
     I've assempled the header file by cut&pasting from generated headers
     and the source files.

20131208
 - (djm) [openbsd-compat/bsd-setres_id.c] Missing header; from Corinna
   Vinschen
 - (djm) [Makefile.in regress/Makefile regress/agent-ptrace.sh]
   [regress/setuid-allowed.c] Check that ssh-agent is not on a no-setuid
   filesystem before running agent-ptrace.sh; ok dtucker
d204 6
a209 53
20131207
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/12/05 22:59:45
     [sftp-client.c]
     fix memory leak in error path in do_readdir(); pointed out by
     Loganaden Velvindron @@ AfriNIC in bz#2163
   - djm@@cvs.openbsd.org 2013/12/06 03:40:51
     [ssh-keygen.c]
     remove duplicated character ('g') in getopt() string;
     document the (few) remaining option characters so we don't have to
     rummage next time.
   - markus@@cvs.openbsd.org 2013/12/06 13:30:08
     [authfd.c key.c key.h ssh-agent.c]
     move private key (de)serialization to key.c; ok djm
   - markus@@cvs.openbsd.org 2013/12/06 13:34:54
     [authfile.c authfile.h cipher.c cipher.h key.c packet.c ssh-agent.c]
     [ssh-keygen.c PROTOCOL.key] new private key format, bcrypt as KDF by
     default; details in PROTOCOL.key; feedback and lots help from djm;
     ok djm@@
   - markus@@cvs.openbsd.org 2013/12/06 13:39:49
     [authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c]
     [servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c]
     [ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c]
     [sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c]
     [fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c]
     support ed25519 keys (hostkeys and user identities) using the public
     domain ed25519 reference code from SUPERCOP, see
     http://ed25519.cr.yp.to/software.html
     feedback, help & ok djm@@
   - jmc@@cvs.openbsd.org 2013/12/06 15:29:07
     [sshd.8]
     missing comma;
   - djm@@cvs.openbsd.org 2013/12/07 00:19:15
     [key.c]
     set k->cert = NULL after freeing it
   - markus@@cvs.openbsd.org 2013/12/06 13:52:46
     [regress/Makefile regress/agent.sh regress/cert-hostkey.sh]
     [regress/cert-userkey.sh regress/keytype.sh]
     test ed25519 support; from djm@@
 - (djm) [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h]
   [ge25519_base.data hash.c sc25519.c sc25519.h verify.c] Fix RCS idents
 - (djm) [Makefile.in] Add ed25519 sources
 - (djm) [authfile.c] Conditionalise inclusion of util.h
 - (djm) [configure.ac openbsd-compat/Makefile.in openbsd-compat/bcrypt_pbkdf.c]
   [openbsd-compat/blf.h openbsd-compat/blowfish.c]
   [openbsd-compat/openbsd-compat.h] Start at supporting bcrypt_pbkdf in
   portable.
 - (djm) [ed25519.c ssh-ed25519.c openbsd-compat/Makefile.in]
   [openbsd-compat/bcrypt_pbkdf.c] Make ed25519/new key format compile on
   Linux
 - (djm) [regress/cert-hostkey.sh] Fix merge botch
 - (djm) [Makefile.in] PATHSUBS and keygen bits for Ed25519; from
   Loganaden Velvindron @@ AfriNIC in bz#2179
d211 1
a211 1
20131205
d213 50
a262 60
   - jmc@@cvs.openbsd.org 2013/11/21 08:05:09
     [ssh_config.5 sshd_config.5]
     no need for .Pp before displays;
   - deraadt@@cvs.openbsd.org 2013/11/25 18:04:21
     [ssh.1 ssh.c]
     improve -Q usage and such.  One usage change is that the option is now
     case-sensitive
     ok dtucker markus djm
   - jmc@@cvs.openbsd.org 2013/11/26 12:14:54
     [ssh.1 ssh.c]
     - put -Q in the right place
     - Ar was a poor choice for the arguments to -Q. i've chosen an
       admittedly equally poor Cm, at least consistent with the rest
       of the docs. also no need for multiple instances
     - zap a now redundant Nm
     - usage() sync
   - deraadt@@cvs.openbsd.org 2013/11/26 19:15:09
     [pkcs11.h]
     cleanup 1 << 31 idioms.  Resurrection of this issue pointed out by
     Eitan Adler ok markus for ssh, implies same change in kerberosV
   - djm@@cvs.openbsd.org 2013/12/01 23:19:05
     [PROTOCOL]
     mention curve25519-sha256@@libssh.org key exchange algorithm
   - djm@@cvs.openbsd.org 2013/12/02 02:50:27
     [PROTOCOL.chacha20poly1305]
     typo; from Jon Cave
   - djm@@cvs.openbsd.org 2013/12/02 02:56:17
     [ssh-pkcs11-helper.c]
     use-after-free; bz#2175 patch from Loganaden Velvindron @@ AfriNIC
   - djm@@cvs.openbsd.org 2013/12/02 03:09:22
     [key.c]
     make key_to_blob() return a NULL blob on failure; part of
     bz#2175 from Loganaden Velvindron @@ AfriNIC
   - djm@@cvs.openbsd.org 2013/12/02 03:13:14
     [cipher.c]
     correct bzero of chacha20+poly1305 key context. bz#2177 from
     Loganaden Velvindron @@ AfriNIC
     
     Also make it a memset for consistency with the rest of cipher.c
   - djm@@cvs.openbsd.org 2013/12/04 04:20:01
     [sftp-client.c]
     bz#2171: don't leak local_fd on error; from Loganaden Velvindron @@
     AfriNIC
   - djm@@cvs.openbsd.org 2013/12/05 01:16:41
     [servconf.c servconf.h]
     bz#2161 - fix AuthorizedKeysCommand inside a Match block and
     rearrange things so the same error is harder to make next time;
     with and ok dtucker@@
 - (dtucker) [configure.ac] bz#2173: use pkg-config --libs to include correct
   -L location for libedit.  Patch from Serge van den Boom.

20131121
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2013/11/08 11:15:19
     [bufaux.c bufbn.c buffer.c sftp-client.c sftp-common.c sftp-glob.c]
     [uidswap.c] Include stdlib.h for free() as per the man page.
   - markus@@cvs.openbsd.org 2013/11/13 13:48:20
     [ssh-pkcs11.c]
     add missing braces found by pedro
   - djm@@cvs.openbsd.org 2013/11/20 02:19:01
d264 2
a265 41
     delay closure of in/out fds until after "Bad protocol version
     identification..." message, as get_remote_ipaddr/get_remote_port
     require them open.
   - deraadt@@cvs.openbsd.org 2013/11/20 20:53:10
     [scp.c]
     unsigned casts for ctype macros where neccessary
     ok guenther millert markus
   - deraadt@@cvs.openbsd.org 2013/11/20 20:54:10
     [canohost.c clientloop.c match.c readconf.c sftp.c]
     unsigned casts for ctype macros where neccessary
     ok guenther millert markus
   - djm@@cvs.openbsd.org 2013/11/21 00:45:44
     [Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c]
     [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h]
     [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1]
     [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport
     cipher "chacha20-poly1305@@openssh.com" that combines Daniel
     Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an
     authenticated encryption mode.
     
     Inspired by and similar to Adam Langley's proposal for TLS:
     http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03
     but differs in layout used for the MAC calculation and the use of a
     second ChaCha20 instance to separately encrypt packet lengths.
     Details are in the PROTOCOL.chacha20poly1305 file.
     
     Feedback markus@@, naddy@@; manpage bits Loganden Velvindron @@ AfriNIC
     ok markus@@ naddy@@
   - naddy@@cvs.openbsd.org 2013/11/18 05:09:32
     [regress/forward-control.sh]
     bump timeout to 10 seconds to allow slow machines (e.g. Alpha PC164)
     to successfully run this; ok djm@@
   - djm@@cvs.openbsd.org 2013/11/21 03:15:46
     [regress/krl.sh]
     add some reminders for additional tests that I'd like to implement
   - djm@@cvs.openbsd.org 2013/11/21 03:16:47
     [regress/modpipe.c]
     use unsigned long long instead of u_int64_t here to avoid warnings
     on some systems portable OpenSSH is built on.
   - djm@@cvs.openbsd.org 2013/11/21 03:18:51
     [regress/cipher-speed.sh regress/integrity.sh regress/rekey.sh]
d267 6
a272 10
     use new "ssh -Q cipher-auth" query to obtain lists of authenticated
     encryption ciphers instead of specifying them manually; ensures that
     the new chacha20poly1305@@openssh.com mode is tested;
     
     ok markus@@ and naddy@@ as part of the diff to add
     chacha20poly1305@@openssh.com

20131110
 - (dtucker) [regress/keytype.sh] Populate ECDSA key types to be tested by
   querying the ones that are compiled in.
d274 5
a278 13
20131109
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2013/11/09 05:41:34
     [regress/test-exec.sh regress/rekey.sh]
     Use smaller test data files to speed up tests.  Grow test datafiles
     where necessary for a specific test.
 - (dtucker) [configure.ac kex.c key.c myproposal.h] Test for the presence of
   NID_X9_62_prime256v1, NID_secp384r1 and NID_secp521r1 and test that the
   latter actually works before using it.  Fedora (at least) has NID_secp521r1
   that doesn't work (see https://bugzilla.redhat.com/show_bug.cgi?id=1021897).
 - (dtucker) [configure.ac] Fix brackets in NID_secp521r1 test.
 - (dtucker) [configure.ac] Add missing "test".
 - (dtucker) [key.c] Check for the correct defines for NID_secp521r1.
d280 4
a283 88
20131108
 - (dtucker) OpenBSD CVS Sync
    - dtucker@@cvs.openbsd.org 2013/11/08 01:06:14
      [regress/rekey.sh]
      Rekey less frequently during tests to speed them up
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2013/11/07 11:58:27
     [cipher.c cipher.h kex.c kex.h mac.c mac.h servconf.c ssh.c]
     Output the effective values of Ciphers, MACs and KexAlgorithms when
     the default has not been overridden.  ok markus@@
   - djm@@cvs.openbsd.org 2013/11/08 00:39:15
     [auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c]
     [clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c]
     [sftp-client.c sftp-glob.c]
     use calloc for all structure allocations; from markus@@
   - djm@@cvs.openbsd.org 2013/11/08 01:38:11
     [version.h]
     openssh-6.4
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Update version numbers following release.
 - (dtucker) [openbsd-compat/openbsd-compat.h] Add null implementation of
   arc4random_stir for platforms that have arc4random but don't have
   arc4random_stir (right now this is only OpenBSD -current).
 - (dtucker) [kex.c] Only enable CURVE25519_SHA256 if we actually have
   EVP_sha256.
 - (dtucker) [myproposal.h] Conditionally enable CURVE25519_SHA256.
 - (dtucker) [openbsd-compat/bsd-poll.c] Add headers to prevent compile
   warnings.
 - (dtucker) [Makefile.in configure.ac] Set MALLOC_OPTIONS per platform
   and pass in TEST_ENV.  use stderr to get polluted
   and the stderr-data test to fail.
 - (dtucker) [contrib/cygwin/ssh-host-config] Simplify host key generation:
   rather than testing and generating each key, call ssh-keygen -A.
   Patch from vinschen at redhat.com.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2013/11/09 05:41:34
     [regress/test-exec.sh regress/rekey.sh]
     Use smaller test data files to speed up tests.  Grow test datafiles
     where necessary for a specific test.

20131107
 - (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5)
   that got lost in recent merge.
 - (djm) [Makefile.in monitor.c] Missed chunks of curve25519 KEX diff
 - (djm) [regress/modpipe.c regress/rekey.sh] Never intended to commit these
 - (djm) [configure.ac defines.h] Skip arc4random_stir() calls on platforms
   that lack it but have arc4random_uniform()
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2013/11/04 11:51:16
     [monitor.c]
     fix rekeying for KEX_C25519_SHA256; noted by dtucker@@
     RCSID sync only; I thought this was a merge botch and fixed it already
   - markus@@cvs.openbsd.org 2013/11/06 16:52:11
     [monitor_wrap.c]
     fix rekeying for AES-GCM modes; ok deraadt
   - djm@@cvs.openbsd.org 2013/11/06 23:05:59
     [ssh-pkcs11.c]
     from portable: s/true/true_val/ to avoid name collisions on dump platforms
     RCSID sync only
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/10/09 23:44:14
     [regress/Makefile] (ID sync only)
     regression test for sftp request white/blacklisting and readonly mode.
   - markus@@cvs.openbsd.org 2013/11/02 22:39:53
     [regress/kextype.sh]
     add curve25519-sha256@@libssh.org
   - dtucker@@cvs.openbsd.org 2013/11/04 12:27:42
     [regress/rekey.sh]
     Test rekeying with all KexAlgorithms.
   - dtucker@@cvs.openbsd.org 2013/11/07 00:12:05
     [regress/rekey.sh]
     Test rekeying for every Cipher, MAC and KEX, plus test every KEX with
     the GCM ciphers.
   - dtucker@@cvs.openbsd.org 2013/11/07 01:12:51
     [regress/rekey.sh]
     Factor out the data transfer rekey tests
   - dtucker@@cvs.openbsd.org 2013/11/07 02:48:38
     [regress/integrity.sh regress/cipher-speed.sh regress/try-ciphers.sh]
     Use ssh -Q instead of hardcoding lists of ciphers or MACs.
   - dtucker@@cvs.openbsd.org 2013/11/07 03:55:41
     [regress/kextype.sh]
     Use ssh -Q to get kex types instead of a static list.
   - dtucker@@cvs.openbsd.org 2013/11/07 04:26:56
     [regress/kextype.sh]
     trailing space
 - (dtucker) [Makefile.in configure.ac] Remove TEST_SSH_SHA256 environment
   variable.  It's no longer used now that we get the supported MACs from
   ssh -Q.
d285 4
a288 1
20131104
d290 7
a296 48
   - markus@@cvs.openbsd.org 2013/11/02 20:03:54
     [ssh-pkcs11.c]
     support pkcs#11 tokes that only provide x509 zerts instead of raw pubkeys;
     fixes bz#1908; based on patch from Laurent Barbe; ok djm
   - markus@@cvs.openbsd.org 2013/11/02 21:59:15
     [kex.c kex.h myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
     use curve25519 for default key exchange (curve25519-sha256@@libssh.org);
     initial patch from Aris Adamantiadis; ok djm@@
   - markus@@cvs.openbsd.org 2013/11/02 22:10:15
     [kexdhs.c kexecdhs.c]
     no need to include monitor_wrap.h
   - markus@@cvs.openbsd.org 2013/11/02 22:24:24
     [kexdhs.c kexecdhs.c]
     no need to include ssh-gss.h
   - markus@@cvs.openbsd.org 2013/11/02 22:34:01
     [auth-options.c]
     no need to include monitor_wrap.h and ssh-gss.h
   - markus@@cvs.openbsd.org 2013/11/02 22:39:19
     [ssh_config.5 sshd_config.5]
     the default kex is now curve25519-sha256@@libssh.org
   - djm@@cvs.openbsd.org 2013/11/03 10:37:19
     [roaming_common.c]
     fix a couple of function definitions foo() -> foo(void)
     (-Wold-style-definition)
 - (djm) [kexc25519.c kexc25519c.c kexc25519s.c] Import missed files from
   KEX/curve25519 change

20131103
 - (dtucker) [openbsd-compat/bsd-misc.c] Include time.h for nanosleep.
   From OpenSMTPD where it prevents "implicit declaration" warnings (it's
   a no-op in OpenSSH).  From chl at openbsd.
 - (dtucker) [openbsd-compat/setproctitle.c] Handle error case form the 2nd
   vsnprintf.  From eric at openbsd via chl@@.
 - (dtucker) [configure.ac defines.h] Add typedefs for intmax_t and uintmax_t
   for platforms that don't have them.

20131030
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/10/29 09:42:11
     [key.c key.h]
     fix potential stack exhaustion caused by nested certificates;
     report by Mateusz Kocielski; ok dtucker@@ markus@@
   - djm@@cvs.openbsd.org 2013/10/29 09:48:02
     [servconf.c servconf.h session.c sshd_config sshd_config.5]
     shd_config PermitTTY to disallow TTY allocation, mirroring the
     longstanding no-pty authorized_keys option;
     bz#2070, patch from Teran McKinney; ok markus@@
   - jmc@@cvs.openbsd.org 2013/10/29 18:49:32
d298 16
a313 1
     pty(4), not pty(7);
d315 1
a315 1
20131026
d317 14
a330 4
   - djm@@cvs.openbsd.org 2013/10/25 23:04:51
     [ssh.c]
     fix crash when using ProxyCommand caused by previous commit - was calling
     freeaddrinfo(NULL); spotted by sthen@@ and Tim Ruehsen, patch by sthen@@
d332 3
a334 32
20131025
 - (djm) [ssh-keygen.c ssh-keysign.c sshconnect1.c sshd.c] Remove
   unnecessary arc4random_stir() calls. The only ones left are to ensure
   that the PRNG gets a different state after fork() for platforms that
   have broken the API.

20131024
 - (djm) [auth-krb5.c] bz#2032 - use local username in krb5_kuserok check
   rather than full client name which may be of form user@@REALM;
   patch from Miguel Sanders; ok dtucker@@
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2013/10/23 05:40:58
     [servconf.c]
     fix comment
   - djm@@cvs.openbsd.org 2013/10/23 23:35:32
     [sshd.c]
     include local address and port in "Connection from ..." message (only
     shown at loglevel>=verbose)
   - dtucker@@cvs.openbsd.org 2013/10/24 00:49:49
     [moduli.c]
     Periodically print progress and, if possible, expected time to completion
     when screening moduli for DH groups.  ok deraadt djm
   - dtucker@@cvs.openbsd.org 2013/10/24 00:51:48
     [readconf.c servconf.c ssh_config.5 sshd_config.5]
     Disallow empty Match statements and add "Match all" which matches
     everything.  ok djm, man page help jmc@@
   - djm@@cvs.openbsd.org 2013/10/24 08:19:36
     [ssh.c]
     fix bug introduced in hostname canonicalisation commit: don't try to
     resolve hostnames when a ProxyCommand is set unless the user has forced
     canonicalisation; spotted by Iain Morgan
 - (tim) [regress/sftp-perm.sh] We need a shell that understands "! somecmd"
d336 1
a336 1
20131023
d338 7
a344 39
   - djm@@cvs.openbsd.org 2013/10/20 04:39:28
     [ssh_config.5]
     document % expansions performed by "Match command ..."
   - djm@@cvs.openbsd.org 2013/10/20 06:19:28
     [readconf.c ssh_config.5]
     rename "command" subclause of the recently-added "Match" keyword to
     "exec"; it's shorter, clearer in intent and we might want to add the
     ability to match against the command being executed at the remote end in
     the future.
   - djm@@cvs.openbsd.org 2013/10/20 09:51:26
     [scp.1 sftp.1]
     add canonicalisation options to -o lists
   - jmc@@cvs.openbsd.org 2013/10/20 18:00:13
     [ssh_config.5]
     tweak the "exec" description, as worded by djm;
   - djm@@cvs.openbsd.org 2013/10/23 03:03:07
     [readconf.c]
     Hostname may have %h sequences that should be expanded prior to Match
     evaluation; spotted by Iain Morgan
   - djm@@cvs.openbsd.org 2013/10/23 03:05:19
     [readconf.c ssh.c]
     comment
   - djm@@cvs.openbsd.org 2013/10/23 04:16:22
     [ssh-keygen.c]
     Make code match documentation: relative-specified certificate expiry time
     should be relative to current time and not the validity start time.
     Reported by Petr Lautrbach; ok deraadt@@

20131018
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/10/09 23:44:14
     [regress/Makefile regress/sftp-perm.sh]
     regression test for sftp request white/blacklisting and readonly mode.
   - jmc@@cvs.openbsd.org 2013/10/17 07:35:48
     [sftp.1 sftp.c]
     tweak previous;
   - djm@@cvs.openbsd.org 2013/10/17 22:08:04
     [sshd.c]
     include remote port in bad banner message; bz#2162
d346 1
a346 1
20131017
d348 20
a367 37
   - jmc@@cvs.openbsd.org 2013/10/15 14:10:25
     [ssh.1 ssh_config.5]
     tweak previous;
   - djm@@cvs.openbsd.org 2013/10/16 02:31:47
     [readconf.c readconf.h roaming_client.c ssh.1 ssh.c ssh_config.5]
     [sshconnect.c sshconnect.h]
     Implement client-side hostname canonicalisation to allow an explicit
     search path of domain suffixes to use to convert unqualified host names
     to fully-qualified ones for host key matching.
     This is particularly useful for host certificates, which would otherwise
     need to list unqualified names alongside fully-qualified ones (and this
     causes a number of problems).
     "looks fine" markus@@
   - jmc@@cvs.openbsd.org 2013/10/16 06:42:25
     [ssh_config.5]
     tweak previous;
   - djm@@cvs.openbsd.org 2013/10/16 22:49:39
     [readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
     s/canonicalise/canonicalize/ for consistency with existing spelling,
     e.g. authorized_keys; pointed out by naddy@@
   - djm@@cvs.openbsd.org 2013/10/16 22:58:01
     [ssh.c ssh_config.5]
     one I missed in previous: s/isation/ization/
   - djm@@cvs.openbsd.org 2013/10/17 00:30:13
     [PROTOCOL sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c]
     fsync@@openssh.com protocol extension for sftp-server
     client support to allow calling fsync() faster successful transfer
     patch mostly by imorgan AT nas.nasa.gov; bz#1798
     "fine" markus@@ "grumble OK" deraadt@@ "doesn't sound bad to me" millert@@
   - djm@@cvs.openbsd.org 2013/10/17 00:46:49
     [ssh.c]
     rearrange check to reduce diff against -portable
     (Id sync only)

20131015
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/10/09 23:42:17
d369 7
a375 24
     Add ability to whitelist and/or blacklist sftp protocol requests by name.
     Refactor dispatch loop and consolidate read-only mode checks.
     Make global variables static, since sftp-server is linked into sshd(8).
     ok dtucker@@
   - djm@@cvs.openbsd.org 2013/10/10 00:53:25
     [sftp-server.c]
     add -Q, -P and -p to usage() before jmc@@ catches me
   - djm@@cvs.openbsd.org 2013/10/10 01:43:03
     [sshd.c]
     bz#2139: fix re-exec fallback by ensuring that startup_pipe is correctly
     updated; ok dtucker@@
   - djm@@cvs.openbsd.org 2013/10/11 02:45:36
     [sftp-client.c]
     rename flag arguments to be more clear and consistent.
     reorder some internal function arguments to make adding additional flags
     easier.
     no functional change
   - djm@@cvs.openbsd.org 2013/10/11 02:52:23
     [sftp-client.c]
     missed one arg reorder
   - djm@@cvs.openbsd.org 2013/10/11 02:53:45
     [sftp-client.h]
     obsolete comment
   - jmc@@cvs.openbsd.org 2013/10/14 14:18:56
d377 2
a378 1
     tweak previous;
d380 11
a390 21
   - djm@@cvs.openbsd.org 2013/10/14 21:20:52
     [session.c session.h]
     Add logging of session starts in a useful format; ok markus@@ feedback and
     ok dtucker@@
   - djm@@cvs.openbsd.org 2013/10/14 22:22:05
     [readconf.c readconf.h ssh-keysign.c ssh.c ssh_config.5]
     add a "Match" keyword to ssh_config that allows matching on hostname,
     user and result of arbitrary commands. "nice work" markus@@
   - djm@@cvs.openbsd.org 2013/10/14 23:28:23
     [canohost.c misc.c misc.h readconf.c sftp-server.c ssh.c]
     refactor client config code a little:
     add multistate option partsing to readconf.c, similar to servconf.c's
     existing code.
     move checking of options that accept "none" as an argument to readconf.c
     add a lowercase() function and use it instead of explicit tolower() in
     loops
     part of a larger diff that was ok markus@@
   - djm@@cvs.openbsd.org 2013/10/14 23:31:01
     [ssh.c]
     whitespace at EOL; pointed out by markus@@
 - [ssh.c] g/c unused variable.
d392 3
a394 43
20131010
 - (dtucker) OpenBSD CVS Sync
   - sthen@@cvs.openbsd.org 2013/09/16 11:35:43
     [ssh_config]
     Remove gssapi config parts from ssh_config, as was already done for
     sshd_config.  Req by/ok ajacoutot@@
     ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular
   - djm@@cvs.openbsd.org 2013/09/19 00:24:52
     [progressmeter.c]
     store the initial file offset so the progress meter doesn't freak out
     when resuming sftp transfers. bz#2137; patch from Iain Morgan; ok dtucker@@`
   - djm@@cvs.openbsd.org 2013/09/19 00:49:12
     [sftp-client.c]
     fix swapped pflag and printflag in sftp upload_dir; from Iain Morgan
   - djm@@cvs.openbsd.org 2013/09/19 01:24:46
     [channels.c]
     bz#1297 - tell the client (via packet_send_debug) when their preferred
     listen address has been overridden by the server's GatewayPorts;
     ok dtucker@@
   - djm@@cvs.openbsd.org 2013/09/19 01:26:29
     [sshconnect.c]
     bz#1211: make BindAddress work with UsePrivilegedPort=yes; patch from
     swp AT swp.pp.ru; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2013/10/08 11:42:13
     [dh.c dh.h]
     Increase the size of the Diffie-Hellman groups requested for a each
     symmetric key size.  New values from NIST Special Publication 800-57 with
     the upper limit specified by RFC4419.  Pointed out by Peter Backes, ok
     djm@@.

20131009
 - (djm) [openbsd-compat/arc4random.c openbsd-compat/chacha_private.h] Pull
   in OpenBSD implementation of arc4random, shortly to replace the existing
   bsd-arc4random.c
 - (djm) [openbsd-compat/Makefile.in openbsd-compat/arc4random.c]
   [openbsd-compat/bsd-arc4random.c] Replace old RC4-based arc4random
   implementation with recent OpenBSD's ChaCha-based PRNG. ok dtucker@@,
   tested tim@@

20130922
 - (dtucker) [platform.c platform.h sshd.c] bz#2156: restore Linux oom_adj
   setting when handling SIGHUP to maintain behaviour over retart.  Patch
   from Matthew Ife.
d396 1
a396 4
20130918
 - (dtucker) [sshd_config] Trailing whitespace; from jstjohn at purdue edu.

20130914
d398 12
a409 44
   - djm@@cvs.openbsd.org 2013/08/22 19:02:21
     [sshd.c]
     Stir PRNG after post-accept fork. The child gets a different PRNG state
     anyway via rexec and explicit privsep reseeds, but it's good to be sure.
     ok markus@@
   - mikeb@@cvs.openbsd.org 2013/08/28 12:34:27
     [ssh-keygen.c]
     improve batch processing a bit by making use of the quite flag a bit
     more often and exit with a non zero code if asked to find a hostname
     in a known_hosts file and it wasn't there;
     originally from reyk@@,  ok djm
   - djm@@cvs.openbsd.org 2013/08/31 00:13:54
     [sftp.c]
     make ^w match ksh behaviour (delete previous word instead of entire line)
   - deraadt@@cvs.openbsd.org 2013/09/02 22:00:34
     [ssh-keygen.c sshconnect1.c sshd.c]
     All the instances of arc4random_stir() are bogus, since arc4random()
     does this itself, inside itself, and has for a very long time..  Actually,
     this was probably reducing the entropy available.
     ok djm
     ID SYNC ONLY for portable; we don't trust other arc4random implementations
     to do this right.
   - sthen@@cvs.openbsd.org 2013/09/07 13:53:11
     [sshd_config]
     Remove commented-out kerberos/gssapi config options from sample config,
     kerberos support is currently not enabled in ssh in OpenBSD. Discussed with
     various people; ok deraadt@@
     ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular
   - djm@@cvs.openbsd.org 2013/09/12 01:41:12
     [clientloop.c]
     fix connection crash when sending break (~B) on ControlPersist'd session;
     ok dtucker@@
   - djm@@cvs.openbsd.org 2013/09/13 06:54:34
     [channels.c]
     avoid unaligned access in code that reused a buffer to send a
     struct in_addr in a reply; simpler just use use buffer_put_int();
     from portable; spotted by and ok dtucker@@

20130828
 - (djm) [openbsd-compat/bsd-snprintf.c] teach our local snprintf code the
   'j' (intmax_t/uintmax_t) and 'z' (size_t/ssize_t) conversions in case we
   start to use them in the future.
 - (djm) [openbsd-compat/bsd-snprintf.c] #ifdef noytet for intmax_t bits
   until we have configure support.
d411 1
a411 1
20130821
d413 29
a441 24
   - djm@@cvs.openbsd.org 2013/08/06 23:03:49
     [sftp.c]
     fix some whitespace at EOL
     make list of commands an enum rather than a long list of defines
     add -a to usage()
   - djm@@cvs.openbsd.org 2013/08/06 23:05:01
     [sftp.1]
     document top-level -a option (the -a option to 'get' was already
     documented)
   - djm@@cvs.openbsd.org 2013/08/06 23:06:01
     [servconf.c]
     add cast to avoid format warning; from portable
   - jmc@@cvs.openbsd.org 2013/08/07 06:24:51
     [sftp.1 sftp.c]
     sort -a;
   - djm@@cvs.openbsd.org 2013/08/08 04:52:04
     [sftp.c]
     fix two year old regression: symlinking a file would incorrectly
     canonicalise the target path. bz#2129 report from delphij AT freebsd.org
   - djm@@cvs.openbsd.org 2013/08/08 05:04:03
     [sftp-client.c sftp-client.h sftp.c]
     add a "-l" flag for the rename command to force it to use the silly
     standard SSH_FXP_RENAME command instead of the POSIX-rename- like
     posix-rename@@openssh.com extension.
d443 21
a463 36
     intended for use in regress tests, so no documentation.
   - djm@@cvs.openbsd.org 2013/08/09 03:37:25
     [sftp.c]
     do getopt parsing for all sftp commands (with an empty optstring for
     commands without arguments) to ensure consistent behaviour
   - djm@@cvs.openbsd.org 2013/08/09 03:39:13
     [sftp-client.c]
     two problems found by a to-be-committed regress test: 1) msg_id was not
     being initialised so was starting at a random value from the heap
     (harmless, but confusing). 2) some error conditions were not being
     propagated back to the caller
   - djm@@cvs.openbsd.org 2013/08/09 03:56:42
     [sftp.c]
     enable ctrl-left-arrow and ctrl-right-arrow to move forward/back a word;
     matching ksh's relatively recent change.
   - djm@@cvs.openbsd.org 2013/08/13 18:32:08
     [ssh-keygen.c]
     typo in error message; from Stephan Rickauer
   - djm@@cvs.openbsd.org 2013/08/13 18:33:08
     [ssh-keygen.c]
     another of the same typo
   - jmc@@cvs.openbsd.org 2013/08/14 08:39:27
     [scp.1 ssh.1]
     some Bx/Ox conversion;
     From: Jan Stary
   - djm@@cvs.openbsd.org 2013/08/20 00:11:38
     [readconf.c readconf.h ssh_config.5 sshconnect.c]
     Add a ssh_config ProxyUseFDPass option that supports the use of
     ProxyCommands that establish a connection and then pass a connected
     file descriptor back to ssh(1). This allows the ProxyCommand to exit
     rather than have to shuffle data back and forth and enables ssh to use
     getpeername, etc. to obtain address information just like it does with
     regular directly-connected sockets. ok markus@@
   - jmc@@cvs.openbsd.org 2013/08/20 06:56:07
     [ssh.1 ssh_config.5]
     some proxyusefdpass tweaks;
d465 2
a466 26
20130808
 - (dtucker) [regress/Makefile regress/test-exec.sh] Don't try to use test -nt
   since some platforms (eg really old FreeBSD) don't have it.  Instead,
   run "make clean" before a complete regress run.  ok djm.
 - (dtucker) [misc.c] Fall back to time(2) at runtime if clock_gettime(
   CLOCK_MONOTONIC...) fails.  Some older versions of RHEL have the
   CLOCK_MONOTONIC define but don't actually support it.  Found and tested
   by Kevin Brott, ok djm.
 - (dtucker) [misc.c] Remove define added for fallback testing that was
   mistakenly included in the previous commit.
 - (dtucker) [regress/Makefile regress/test-exec.sh] Roll back the -nt
   removal.  The "make clean" removes modpipe which is built by the top-level
   directory before running the tests.  Spotted by tim@@
 - (djm) Release 6.3p1

20130804
 - (dtucker) [auth-krb5.c configure.ac openbsd-compat/bsd-misc.h] Add support
   for building with older Heimdal versions.  ok djm.

20130801
 - (djm) [channels.c channels.h] bz#2135: On Solaris, isatty() on a non-
   blocking connecting socket will clear any stored errno that might
   otherwise have been retrievable via getsockopt(). A hack to limit writes
   to TTYs on AIX was triggering this. Since only AIX needs the hack, wrap
   it in an #ifdef. Diagnosis and patch from Ivo Raisr.
 - (djm) [sshlogin.h] Fix prototype merge botch from 2006; bz#2134
d468 3
a470 1
20130725
d472 12
a483 460
   - djm@@cvs.openbsd.org 2013/07/20 22:20:42
     [krl.c]
     fix verification error in (as-yet usused) KRL signature checking path
   - djm@@cvs.openbsd.org 2013/07/22 05:00:17
     [umac.c]
     make MAC key, data to be hashed and nonce for final hash const;
     checked with -Wcast-qual
   - djm@@cvs.openbsd.org 2013/07/22 12:20:02
     [umac.h]
     oops, forgot to commit corresponding header change;
     spotted by jsg and jasper
   - djm@@cvs.openbsd.org 2013/07/25 00:29:10
     [ssh.c]
     daemonise backgrounded (ControlPersist'ed) multiplexing master to ensure
     it is fully detached from its controlling terminal. based on debugging
   - djm@@cvs.openbsd.org 2013/07/25 00:56:52
     [sftp-client.c sftp-client.h sftp.1 sftp.c]
     sftp support for resuming partial downloads; patch mostly by Loganaden
     Velvindron/AfriNIC with some tweaks by me; feedback and ok dtucker@@
     "Just be careful" deraadt@@
   - djm@@cvs.openbsd.org 2013/07/25 00:57:37
     [version.h]
     openssh-6.3 for release
   - dtucker@@cvs.openbsd.org 2013/05/30 20:12:32
     [regress/test-exec.sh]
     use ssh and sshd as testdata since it needs to be >256k for the rekey test
   - dtucker@@cvs.openbsd.org 2013/06/10 21:56:43
     [regress/forwarding.sh]
     Add test for forward config parsing
   - djm@@cvs.openbsd.org 2013/06/21 02:26:26
     [regress/sftp-cmds.sh regress/test-exec.sh]
     unbreak sftp-cmds for renamed test data (s/ls/data/)
 - (tim) [sftp-client.c] Use of a gcc extension trips up native compilers on
   Solaris and UnixWare. Feedback and OK djm@@
 - (tim) [regress/forwarding.sh] Fix for building outside source tree.

20130720
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2013/07/19 07:37:48
     [auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c]
     [servconf.h session.c sshd.c sshd_config.5]
     add ssh-agent(1) support to sshd(8); allows encrypted hostkeys,
     or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974
     ok djm@@
   - djm@@cvs.openbsd.org 2013/07/20 01:43:46
     [umac.c]
     use a union to ensure correct alignment; ok deraadt
   - djm@@cvs.openbsd.org 2013/07/20 01:44:37
     [ssh-keygen.c ssh.c]
     More useful error message on missing current user in /etc/passwd
   - djm@@cvs.openbsd.org 2013/07/20 01:50:20
     [ssh-agent.c]
     call cleanup_handler on SIGINT when in debug mode to ensure sockets
     are cleaned up on manual exit; bz#2120
   - djm@@cvs.openbsd.org 2013/07/20 01:55:13
     [auth-krb5.c gss-serv-krb5.c gss-serv.c]
     fix kerberos/GSSAPI deprecation warnings and linking; "looks okay" millert@@

20130718
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2013/06/10 19:19:44
     [readconf.c]
     revert 1.203 while we investigate crashes reported by okan@@
   - guenther@@cvs.openbsd.org 2013/06/17 04:48:42
     [scp.c]
     Handle time_t values as long long's when formatting them and when
     parsing them from remote servers.
     Improve error checking in parsing of 'T' lines.
     ok dtucker@@ deraadt@@
   - markus@@cvs.openbsd.org 2013/06/20 19:15:06
     [krl.c]
     don't leak the rdata blob on errors; ok djm@@
   - djm@@cvs.openbsd.org 2013/06/21 00:34:49
     [auth-rsa.c auth.h auth2-hostbased.c auth2-pubkey.c monitor.c]
     for hostbased authentication, print the client host and user on
     the auth success/failure line; bz#2064, ok dtucker@@
   - djm@@cvs.openbsd.org 2013/06/21 00:37:49
     [ssh_config.5]
     explicitly mention that IdentitiesOnly can be used with IdentityFile
     to control which keys are offered from an agent.
   - djm@@cvs.openbsd.org 2013/06/21 05:42:32
     [dh.c]
     sprinkle in some error() to explain moduli(5) parse failures
   - djm@@cvs.openbsd.org 2013/06/21 05:43:10
     [scp.c]
     make this -Wsign-compare clean after time_t conversion
   - djm@@cvs.openbsd.org 2013/06/22 06:31:57
     [scp.c]
     improved time_t overflow check suggested by guenther@@
   - jmc@@cvs.openbsd.org 2013/06/27 14:05:37
     [ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5]
     do not use Sx for sections outwith the man page - ingo informs me that
     stuff like html will render with broken links;
     issue reported by Eric S. Raymond, via djm
   - markus@@cvs.openbsd.org 2013/07/02 12:31:43
     [dh.c]
     remove extra whitespace
   - djm@@cvs.openbsd.org 2013/07/12 00:19:59
     [auth-options.c auth-rsa.c bufaux.c buffer.h channels.c hostfile.c]
     [hostfile.h mux.c packet.c packet.h roaming_common.c serverloop.c]
     fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@@
   - djm@@cvs.openbsd.org 2013/07/12 00:20:00
     [sftp.c ssh-keygen.c ssh-pkcs11.c]
     fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@@
   - djm@@cvs.openbsd.org 2013/07/12 00:43:50
     [misc.c]
     in ssh_gai_strerror() don't fallback to strerror for EAI_SYSTEM when
     errno == 0. Avoids confusing error message in some broken resolver
     cases. bz#2122 patch from plautrba AT redhat.com; ok dtucker
   - djm@@cvs.openbsd.org 2013/07/12 05:42:03
     [ssh-keygen.c]
     do_print_resource_record() can never be called with a NULL filename, so
     don't attempt (and bungle) asking for one if it has not been specified
     bz#2127 ok dtucker@@
   - djm@@cvs.openbsd.org 2013/07/12 05:48:55
     [ssh.c]
     set TCP nodelay for connections started with -N; bz#2124 ok dtucker@@
   - schwarze@@cvs.openbsd.org 2013/07/16 00:07:52
     [scp.1 sftp-server.8 ssh-keyscan.1 ssh-keysign.8 ssh-pkcs11-helper.8]
     use .Mt for email addresses; from Jan Stary <hans at stare dot cz>; ok jmc@@
   - djm@@cvs.openbsd.org 2013/07/18 01:12:26
     [ssh.1]
     be more exact wrt perms for ~/.ssh/config; bz#2078

20130702
 - (dtucker) [contrib/cygwin/README contrib/cygwin/ssh-host-config
   contrib/cygwin/ssh-user-config] Modernizes and improve readability of
   the Cygwin README file (which hasn't been updated for ages), drop
   unsupported OSes from the ssh-host-config help text, and drop an
   unneeded option from ssh-user-config.  Patch from vinschen at redhat com.

20130610
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2013/06/07 15:37:52
     [channels.c channels.h clientloop.c]
     Add an "ABANDONED" channel state and use for mux sessions that are
     disconnected via the ~. escape sequence.  Channels in this state will
     be able to close if the server responds, but do not count as active channels.
     This means that if you ~. all of the mux clients when using ControlPersist
     on a broken network, the backgrounded mux master will exit when the
     Control Persist time expires rather than hanging around indefinitely.
     bz#1917, also reported and tested by tedu@@.  ok djm@@ markus@@.
 - (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupported
   algorithms (Ciphers, MACs and HostKeyAlgorithms) from man pages.
 - (dtucker) [myproposal.h] Do not advertise AES GSM ciphers if we don't have
   the required OpenSSL support.  Patch from naddy at freebsd.
 - (dtucker) [myproposal.h] Make the conditional algorithm support consistent
   and add some comments so it's clear what goes where.

20130605
 - (dtucker) [myproposal.h] Enable sha256 kex methods based on the presence of
   the necessary functions, not from the openssl version.
 - (dtucker) [contrib/ssh-copy-id] bz#2117: Use portable operator in test.
   Patch from cjwatson at debian.
 - (dtucker) [regress/forwarding.sh] For (as yet unknown) reason, the
   forwarding test is extremely slow copying data on some machines so switch
   back to copying the much smaller ls binary until we can figure out why
   this is.
 - (dtucker) [Makefile.in] append $CFLAGS to compiler options when building
   modpipe in case there's anything in there we need.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2013/06/02 21:01:51
     [channels.h]
     typo in comment
   - dtucker@@cvs.openbsd.org 2013/06/02 23:36:29
     [clientloop.h clientloop.c mux.c]
     No need for the mux cleanup callback to be visible so restore it to static
     and call it through the detach_user function pointer.  ok djm@@
   - dtucker@@cvs.openbsd.org 2013/06/03 00:03:18
     [mac.c]
     force the MAC output to be 64-bit aligned so umac won't see unaligned
     accesses on strict-alignment architectures.  bz#2101, patch from
     tomas.kuthan at oracle.com, ok djm@@
   - dtucker@@cvs.openbsd.org 2013/06/04 19:12:23
     [scp.c]
     use MAXPATHLEN for buffer size instead of fixed value.  ok markus
   - dtucker@@cvs.openbsd.org 2013/06/04 20:42:36
     [sftp.c]
     Make sftp's libedit interface marginally multibyte aware by building up
     the quoted string by character instead of by byte.  Prevents failures
     when linked against a libedit built with wide character support (bz#1990).
     "looks ok" djm
   - dtucker@@cvs.openbsd.org 2013/06/05 02:07:29
     [mux.c]
     fix leaks in mux error paths, from Zhenbo Xu, found by Melton. bz#1967,
     ok djm
   - dtucker@@cvs.openbsd.org 2013/06/05 02:27:50
     [sshd.c]
     When running sshd -D, close stderr unless we have explicitly requesting
     logging to stderr. From james.hunt at ubuntu.com via bz#1976, djm's patch
     so, err, ok dtucker.
   - dtucker@@cvs.openbsd.org 2013/06/05 12:52:38
     [sshconnect2.c]
     Fix memory leaks found by Zhenbo Xu and the Melton tool.  bz#1967, ok djm
   - dtucker@@cvs.openbsd.org 2013/06/05 22:00:28
     [readconf.c]
     plug another memleak.  bz#1967, from Zhenbo Xu, detected by Melton, ok djm
 - (dtucker) [configure.ac sftp.c openbsd-compat/openbsd-compat.h] Cater for
    platforms that don't have multibyte character support (specifically,
    mblen).

20130602
 - (tim) [Makefile.in] Make Solaris, UnixWare, & OpenServer linkers happy
   linking regress/modpipe.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2013/06/02 13:33:05
     [progressmeter.c]
     Add misc.h for monotime prototype. (ID sync only).
   - dtucker@@cvs.openbsd.org 2013/06/02 13:35:58
     [ssh-agent.c]
     Make parent_alive_interval time_t to avoid signed/unsigned comparison
 - (dtucker) [configure.ac]  sys/un.h needs sys/socket.h on some platforms
   to prevent noise from configure. Patch from Nathan Osman. (bz#2114).
 - (dtucker) [configure.ac] bz#2111: don't try to use lastlog on Android.
   Patch from Nathan Osman.
 - (tim) [configure.ac regress/Makefile] With rev 1.47 of test-exec.sh we
   need a shell that can handle "[ file1 -nt file2 ]". Rather than keep
   dealing with shell portability issues in regression tests, we let
   configure find us a capable shell on those platforms with an old /bin/sh.
 - (tim) [aclocal.m4] Enhance OSSH_CHECK_CFLAG_COMPILE to check stderr.
   feedback and ok dtucker
 - (tim) [regress/sftp-chroot.sh] skip if no sudo. ok dtucker
 - (dtucker) [configure.ac] Some platforms need sys/types.h before sys/un.h.
 - (dtucker) [configure.ac] Some other platforms need sys/types.h before
   sys/socket.h.

20130601
 - (dtucker) [configure.ac openbsd-compat/xcrypt.c] bz#2112: fall back to
   using openssl's DES_crypt function on platorms that don't have a native
   one, eg Android.  Based on a patch from Nathan Osman.
 - (dtucker) [configure.ac defines.h] Test for fd_mask, howmany and NFDBITS
   rather than trying to enumerate the plaforms that don't have them.
   Based on a patch from Nathan Osman, with help from tim@@.
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/05/17 00:13:13
     [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
     ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
     gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
     auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
     servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
     auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
     sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
     kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
     kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
     monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
     ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
     sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
     ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
     dns.c packet.c readpass.c authfd.c moduli.c]
     bye, bye xfree(); ok markus@@
   - djm@@cvs.openbsd.org 2013/05/19 02:38:28
     [auth2-pubkey.c]
     fix failure to recognise cert-authority keys if a key of a different type
     appeared in authorized_keys before it; ok markus@@
   - djm@@cvs.openbsd.org 2013/05/19 02:42:42
     [auth.h auth.c key.c monitor.c auth-rsa.c auth2.c auth1.c key.h]
     Standardise logging of supplemental information during userauth. Keys
     and ruser is now logged in the auth success/failure message alongside
     the local username, remote host/port and protocol in use. Certificates
     contents and CA are logged too.
     Pushing all logging onto a single line simplifies log analysis as it is
     no longer necessary to relate information scattered across multiple log
     entries. "I like it" markus@@
   - dtucker@@cvs.openbsd.org 2013/05/31 12:28:10
     [ssh-agent.c]
     Use time_t where appropriate.  ok djm
   - dtucker@@cvs.openbsd.org 2013/06/01 13:15:52
     [ssh-agent.c clientloop.c misc.h packet.c progressmeter.c misc.c
     channels.c sandbox-systrace.c]
     Use clock_gettime(CLOCK_MONOTONIC ...) for ssh timers so that things like
     keepalives and rekeying will work properly over clock steps.  Suggested by
     markus@@, "looks good" djm@@.
   - dtucker@@cvs.openbsd.org 2013/06/01 20:59:25
     [scp.c sftp-client.c]
     Replace S_IWRITE, which isn't standardized, with S_IWUSR, which is.  Patch
     from Nathan Osman via bz#2085.  ok deraadt.
   - dtucker@@cvs.openbsd.org 2013/06/01 22:34:50
     [sftp-client.c]
     Update progressmeter when data is acked, not when it's sent.  bz#2108, from
     Debian via Colin Watson, ok djm@@
 - (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c cipher-ctr.c
   groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c
   sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c
   openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c
   openbsd-compat/port-linux.c] Replace portable-specific instances of xfree
   with the equivalent calls to free.
 - (dtucker) [configure.ac misc.c] Look for clock_gettime in librt and fall
   back to time(NULL) if we can't find it anywhere.
 - (dtucker) [sandbox-seccomp-filter.c] Allow clock_gettimeofday.

20130529
  - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] bz#2087: Add a null
    implementation of endgrent for platforms that don't have it (eg Android).
    Loosely based on a patch from Nathan Osman, ok djm

 20130517
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/03/07 00:20:34
     [regress/proxy-connect.sh]
     repeat test with a style appended to the username
   - dtucker@@cvs.openbsd.org 2013/03/23 11:09:43
     [regress/test-exec.sh]
     Only regenerate host keys if they don't exist or if ssh-keygen has changed
     since they were.  Reduces test runtime by 5-30% depending on machine
     speed.
   - dtucker@@cvs.openbsd.org 2013/04/06 06:00:22
     [regress/rekey.sh regress/test-exec.sh regress/integrity.sh
     regress/multiplex.sh Makefile regress/cfgmatch.sh]
     Split the regress log into 3 parts: the debug output from ssh, the debug
     log from sshd and the output from the client command (ssh, scp or sftp).
     Somewhat functional now, will become more useful when ssh/sshd -E is added.
   - dtucker@@cvs.openbsd.org 2013/04/07 02:16:03
     [regress/Makefile regress/rekey.sh regress/integrity.sh
     regress/sshd-log-wrapper.sh regress/forwarding.sh regress/test-exec.sh]
     use -E option for ssh and sshd to write debuging logs to ssh{,d}.log and
     save the output from any failing tests.  If a test fails the debug output
     from ssh and sshd for the failing tests (and only the failing tests) should
     be available in failed-ssh{,d}.log.
   - djm@@cvs.openbsd.org 2013/04/18 02:46:12
     [regress/Makefile regress/sftp-chroot.sh]
     test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@@
   - dtucker@@cvs.openbsd.org 2013/04/22 07:23:08
     [regress/multiplex.sh]
     Write mux master logs to regress.log instead of ssh.log to keep separate
   - djm@@cvs.openbsd.org 2013/05/10 03:46:14
     [regress/modpipe.c]
     sync some portability changes from portable OpenSSH (id sync only)
   - dtucker@@cvs.openbsd.org 2013/05/16 02:10:35
     [regress/rekey.sh]
     Add test for time-based rekeying
   - dtucker@@cvs.openbsd.org 2013/05/16 03:33:30
     [regress/rekey.sh]
     test rekeying when there's no data being transferred
   - dtucker@@cvs.openbsd.org 2013/05/16 04:26:10
     [regress/rekey.sh]
     add server-side rekey test
   - dtucker@@cvs.openbsd.org 2013/05/16 05:48:31
     [regress/rekey.sh]
     add tests for RekeyLimit parsing
   - dtucker@@cvs.openbsd.org 2013/05/17 00:37:40
     [regress/agent.sh regress/keytype.sh regress/cfgmatch.sh
     regress/forcecommand.sh regress/proto-version.sh regress/test-exec.sh
     regress/cipher-speed.sh regress/cert-hostkey.sh regress/cert-userkey.sh
     regress/ssh-com.sh]
     replace 'echo -n' with 'printf' since it's more portable
     also remove "echon" hack.
   - dtucker@@cvs.openbsd.org 2013/05/17 01:16:09
     [regress/agent-timeout.sh]
     Pull back some portability changes from -portable:
      - TIMEOUT is a read-only variable in some shells
      - not all greps have -q so redirect to /dev/null instead.
     (ID sync only)
   - dtucker@@cvs.openbsd.org 2013/05/17 01:32:11
     [regress/integrity.sh]
     don't print output from ssh before getting it (it's available in ssh.log)
   - dtucker@@cvs.openbsd.org 2013/05/17 04:29:14
     [regress/sftp.sh regress/putty-ciphers.sh regress/cipher-speed.sh
     regress/test-exec.sh regress/sftp-batch.sh regress/dynamic-forward.sh
     regress/putty-transfer.sh regress/conch-ciphers.sh regress/sftp-cmds.sh
     regress/scp.sh regress/ssh-com-sftp.sh regress/rekey.sh
     regress/putty-kex.sh regress/stderr-data.sh regress/stderr-after-eof.sh
     regress/sftp-badcmds.sh regress/reexec.sh regress/ssh-com-client.sh
     regress/sftp-chroot.sh regress/forwarding.sh regress/transfer.sh
     regress/multiplex.sh]
     Move the setting of DATA and COPY into test-exec.sh
   - dtucker@@cvs.openbsd.org 2013/05/17 10:16:26
     [regress/try-ciphers.sh]
     use expr for math to keep diffs vs portable down
     (id sync only)
   - dtucker@@cvs.openbsd.org 2013/05/17 10:23:52
     [regress/login-timeout.sh regress/reexec.sh regress/test-exec.sh]
     Use SUDO when cat'ing pid files and running the sshd log wrapper so that
     it works with a restrictive umask and the pid files are not world readable.
     Changes from -portable.  (id sync only)
   - dtucker@@cvs.openbsd.org 2013/05/17 10:24:48
     [regress/localcommand.sh]
     use backticks for portability. (id sync only)
   - dtucker@@cvs.openbsd.org 2013/05/17 10:26:26
     [regress/sftp-badcmds.sh]
     remove unused BATCH variable. (id sync only)
   - dtucker@@cvs.openbsd.org 2013/05/17 10:28:11
     [regress/sftp.sh]
     only compare copied data if sftp succeeds.  from portable (id sync only)
   - dtucker@@cvs.openbsd.org 2013/05/17 10:30:07
     [regress/test-exec.sh]
     wait a bit longer for startup and use case for absolute path.
     from portable (id sync only)
   - dtucker@@cvs.openbsd.org 2013/05/17 10:33:09
     [regress/agent-getpeereid.sh]
     don't redirect stdout from sudo.  from portable (id sync only)
   - dtucker@@cvs.openbsd.org 2013/05/17 10:34:30
     [regress/portnum.sh]
     use a more portable negated if structure.  from portable (id sync only)
   - dtucker@@cvs.openbsd.org 2013/05/17 10:35:43
     [regress/scp.sh]
     use a file extention that's not special on some platforms.  from portable
     (id sync only)
 - (dtucker) [regress/bsd.regress.mk] Remove unused file.  We've never used it
   in portable and it's long gone in openbsd.
 - (dtucker) [regress/integrity.sh].  Force fixed Diffie-Hellman key exchange
   methods.  When the openssl version doesn't support ECDH then next one on
   the list is DH group exchange, but that causes a bit more traffic which can
   mean that the tests flip bits in the initial exchange rather than the MACed
   traffic and we get different errors to what the tests look for.
 - (dtucker) [openbsd-compat/getopt.h] Remove unneeded bits.
 - (dtucker) [regress/cfgmatch.sh] Resync config file setup with openbsd.
 - (dtucker) [regress/agent-getpeereid.sh] Resync spaces with openbsd.
 - (dtucker) [regress/integrity.sh regress/krl.sh regress/test-exec.sh]
   Move the jot helper function to portable-specific part of test-exec.sh.
 - (dtucker) [regress/test-exec.sh] Move the portable-specific functions
   together and add a couple of missing lines from openbsd.
 - (dtucker) [regress/stderr-after-eof.sh regress/test-exec.sh] Move the md5
   helper function to the portable part of test-exec.sh.
 - (dtucker) [regress/runtests.sh] Remove obsolete test driver script.
 - (dtucker) [regress/cfgmatch.sh] Remove unneeded sleep renderd obsolete by
   rev 1.6 which calls wait.

20130516
 - (djm) [contrib/ssh-copy-id] Fix bug that could cause "rm *" to be 
    executed if mktemp failed; bz#2105 ok dtucker@@
 - (dtucker) OpenBSD CVS Sync
   - tedu@@cvs.openbsd.org 2013/04/23 17:49:45
     [misc.c]
     use xasprintf instead of a series of strlcats and strdup. ok djm
   - tedu@@cvs.openbsd.org 2013/04/24 16:01:46
     [misc.c]
     remove extra parens noticed by nicm
   - dtucker@@cvs.openbsd.org 2013/05/06 07:35:12
     [sftp-server.8]
     Reference the version of the sftp draft we actually implement.  ok djm@@
   - djm@@cvs.openbsd.org 2013/05/10 03:40:07
     [sshconnect2.c]
     fix bzero(ptr_to_struct, sizeof(ptr_to_struct)); bz#2100 from
     Colin Watson
   - djm@@cvs.openbsd.org 2013/05/10 04:08:01
     [key.c]
     memleak in cert_free(), wasn't actually freeing the struct;
     bz#2096 from shm AT digitalsun.pl
   - dtucker@@cvs.openbsd.org 2013/05/10 10:13:50
     [ssh-pkcs11-helper.c]
     remove unused extern optarg.  ok markus@@
   - dtucker@@cvs.openbsd.org 2013/05/16 02:00:34
     [ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c
     ssh_config.5 packet.h]
     Add an optional second argument to RekeyLimit in the client to allow
     rekeying based on elapsed time in addition to amount of traffic.
     with djm@@ jmc@@, ok djm
   - dtucker@@cvs.openbsd.org 2013/05/16 04:09:14
     [sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config
     sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing
     rekeying based on traffic volume or time.  ok djm@@, help & ok jmc@@ for the man
     page.
   - djm@@cvs.openbsd.org 2013/05/16 04:27:50
     [ssh_config.5 readconf.h readconf.c]
     add the ability to ignore specific unrecognised ssh_config options;
     bz#866; ok markus@@
   - jmc@@cvs.openbsd.org 2013/05/16 06:28:45
     [ssh_config.5]
     put IgnoreUnknown in the right place;
   - jmc@@cvs.openbsd.org 2013/05/16 06:30:06
d485 22
a506 16
     oops! avoid Xr to self;
   - dtucker@@cvs.openbsd.org 2013/05/16 09:08:41
     [log.c scp.c sshd.c serverloop.c schnorr.c sftp.c]
     Fix some "unused result" warnings found via clang and -portable.
     ok markus@@
   - dtucker@@cvs.openbsd.org 2013/05/16 09:12:31
     [readconf.c servconf.c]
     switch RekeyLimit traffic volume parsing to scan_scaled.  ok djm@@
   - dtucker@@cvs.openbsd.org 2013/05/16 10:43:34
     [servconf.c readconf.c]
     remove now-unused variables
   - dtucker@@cvs.openbsd.org 2013/05/16 10:44:06
     [servconf.c]
     remove another now-unused variable
 - (dtucker) [configure.ac readconf.c servconf.c
     openbsd-compat/openbsd-compat.h] Add compat bits for scan_scaled.
d508 1
a508 25
20130510
 - (dtucker) [configure.ac] Enable -Wsizeof-pointer-memaccess if the compiler
   supports it.  Mentioned by Colin Watson in bz#2100, ok djm.
 - (dtucker) [openbsd-compat/getopt.c] Factor out portibility changes to
   getopt.c.  Preprocessed source is identical other than line numbers.
 - (dtucker) [openbsd-compat/getopt_long.c] Import from OpenBSD.  No
   portability changes yet.
 - (dtucker) [openbsd-compat/Makefile.in openbsd-compat/getopt.c
   openbsd-compat/getopt_long.c regress/modpipe.c] Remove getopt.c, add
   portability code to getopt_long.c and switch over Makefile and the ugly
   hack in modpipe.c.  Fixes bz#1448.
 - (dtucker) [openbsd-compat/getopt.h openbsd-compat/getopt_long.c
   openbsd-compat/openbsd-compat.h] pull in getopt.h from openbsd and plumb
   in to use it when we're using our own getopt.
 - (dtucker) [kex.c] Only include sha256 and ECC key exchange methods when the
   underlying libraries support them.
 - (dtucker) [configure.ac] Add -Werror to the -Qunused-arguments test so
   we don't get a warning on compilers that *don't* support it.  Add
   -Wno-unknown-warning-option.  Move both to the start of the list for
   maximum noise suppression.  Tested with gcc 4.6.3, gcc 2.95.4 and clang 2.9.

20130423
 - (djm) [auth.c configure.ac misc.c monitor.c monitor_wrap.c] Support
   platforms, such as Android, that lack struct passwd.pw_gecos. Report
   and initial patch from Nathan Osman bz#2086; feedback tim@@ ok dtucker@@
d510 6
a515 59
   - markus@@cvs.openbsd.org 2013/03/05 20:16:09
     [sshconnect2.c]
     reset pubkey order on partial success; ok djm@@
   - djm@@cvs.openbsd.org 2013/03/06 23:35:23
     [session.c]
     fatal() when ChrootDirectory specified by running without root privileges;
     ok markus@@
   - djm@@cvs.openbsd.org 2013/03/06 23:36:53
     [readconf.c]
     g/c unused variable (-Wunused)
   - djm@@cvs.openbsd.org 2013/03/07 00:19:59
     [auth2-pubkey.c monitor.c]
     reconstruct the original username that was sent by the client, which may
     have included a style (e.g. "root:skey") when checking public key
     signatures. Fixes public key and hostbased auth when the client specified
     a style; ok markus@@
   - markus@@cvs.openbsd.org 2013/03/07 19:27:25
     [auth.h auth2-chall.c auth2.c monitor.c sshd_config.5]
     add submethod support to AuthenticationMethods; ok and freedback djm@@
   - djm@@cvs.openbsd.org 2013/03/08 06:32:58
     [ssh.c]
     allow "ssh -f none ..." ok markus@@
   - djm@@cvs.openbsd.org 2013/04/05 00:14:00
     [auth2-gss.c krl.c sshconnect2.c]
     hush some {unused, printf type} warnings
   - djm@@cvs.openbsd.org 2013/04/05 00:31:49
     [pathnames.h]
     use the existing _PATH_SSH_USER_RC define to construct the other
     pathnames; bz#2077, ok dtucker@@ (no binary change)
   - djm@@cvs.openbsd.org 2013/04/05 00:58:51
     [mux.c]
     cleanup mux-created channels that are in SSH_CHANNEL_OPENING state too
     (in addition to ones already in OPEN); bz#2079, ok dtucker@@
   - markus@@cvs.openbsd.org 2013/04/06 16:07:00
     [channels.c sshd.c]
     handle ECONNABORTED for accept(); ok deraadt some time ago...
   - dtucker@@cvs.openbsd.org 2013/04/07 02:10:33
     [log.c log.h ssh.1 ssh.c sshd.8 sshd.c]
     Add -E option to ssh and sshd to append debugging logs to a specified file
     instead of stderr or syslog.  ok markus@@, man page help jmc@@
   - dtucker@@cvs.openbsd.org 2013/04/07 09:40:27
     [sshd.8]
     clarify -e text. suggested by & ok jmc@@
   - djm@@cvs.openbsd.org 2013/04/11 02:27:50
     [packet.c]
     quiet disconnect notifications on the server from error() back to logit()
     if it is a normal client closure; bz#2057 ok+feedback dtucker@@
   - dtucker@@cvs.openbsd.org 2013/04/17 09:04:09
     [session.c]
     revert rev 1.262; it fails because uid is already set here.  ok djm@@
   - djm@@cvs.openbsd.org 2013/04/18 02:16:07
     [sftp.c]
     make "sftp -q" do what it says on the sticker: hush everything but errors;
     ok dtucker@@
   - djm@@cvs.openbsd.org 2013/04/19 01:00:10
     [sshd_config.5]
     document the requirment that the AuthorizedKeysCommand be owned by root;
     ok dtucker@@ markus@@
   - djm@@cvs.openbsd.org 2013/04/19 01:01:00
d517 14
a530 5
     fix some memory leaks; bz#2088 ok dtucker@@
   - djm@@cvs.openbsd.org 2013/04/19 01:03:01
     [session.c]
     reintroduce 1.262 without the connection-killing bug:
     fatal() when ChrootDirectory specified by running without root privileges;
d532 3
a534 15
   - djm@@cvs.openbsd.org 2013/04/19 01:06:50
     [authfile.c cipher.c cipher.h kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c]
     [key.c key.h mac.c mac.h packet.c ssh.1 ssh.c]
     add the ability to query supported ciphers, MACs, key type and KEX
     algorithms to ssh. Includes some refactoring of KEX and key type handling
     to be table-driven; ok markus@@
   - djm@@cvs.openbsd.org 2013/04/19 11:10:18
     [ssh.c]
     add -Q to usage; reminded by jmc@@
   - djm@@cvs.openbsd.org 2013/04/19 12:07:08
     [kex.c]
     remove duplicated list entry pointed out by naddy@@
   - dtucker@@cvs.openbsd.org 2013/04/22 01:17:18
     [mux.c]
     typo in debug output: evitval->exitval
d536 10
a545 5
20130418
 - (djm) [config.guess config.sub] Update to last versions before they switch
   to GPL3. ok dtucker@@
 - (dtucker) [configure.ac] Use -Qunused-arguments to suppress warnings from
   unused argument warnings (in particular, -fno-builtin-memset) from clang.
d547 8
a554 21
20130404
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2013/02/17 23:16:57
     [readconf.c ssh.c readconf.h sshconnect2.c]
     Keep track of which IndentityFile options were manually supplied and which
     were default options, and don't warn if the latter are missing.
     ok markus@@
   - dtucker@@cvs.openbsd.org 2013/02/19 02:12:47
     [krl.c]
     Remove bogus include.  ok djm
   - dtucker@@cvs.openbsd.org 2013/02/22 04:45:09
     [ssh.c readconf.c readconf.h]
     Don't complain if IdentityFiles specified in system-wide configs are
     missing.  ok djm, deraadt.
   - markus@@cvs.openbsd.org 2013/02/22 19:13:56
     [sshconnect.c]
     support ProxyCommand=- (stdin/out already point to the proxy); ok djm@@
   - djm@@cvs.openbsd.org 2013/02/22 22:09:01
     [ssh.c]
     Allow IdenityFile=none; ok markus deraadt (and dtucker for an earlier
     version)
d556 17
a572 4
20130401
 - (dtucker) [openbsd-compat/bsd-cygwin_util.{c,h}] Don't include windows.h
   to avoid conflicting definitions of __int64, adding the required bits.
   Patch from Corinna Vinschen.
d574 15
a588 2
20130323
 - (tim) [Makefile.in] remove some duplication introduced in 20130220 commit.
d590 3
a592 7
20130322
 - (djm) [contrib/ssh-copy-id contrib/ssh-copy-id.1] Updated to Phil
   Hands' greatly revised version.
 - (djm) Release 6.2p1
 - (dtucker) [configure.ac] Add stdlib.h to zlib check for exit() prototype.
 - (dtucker) [includes.h] Check if _GNU_SOURCE is already defined before
   defining it again.  Prevents warnings if someone, eg, sets it in CFLAGS.
d594 51
a644 4
20130318
 - (djm) [configure.ac log.c scp.c sshconnect2.c openbsd-compat/vis.c]
   [openbsd-compat/vis.h] FreeBSD's strnvis isn't compatible with OpenBSD's
   so mark it as broken. Patch from des AT des.no
d646 8
a653 3
20130317
 - (tim) [configure.ac] OpenServer 5 wants lastlog even though it has none
   of the bits the configure test looks for.
d655 19
a673 9
20130316
 - (djm) [configure.ac] Disable utmp, wtmp and/or lastlog if the platform
   is unable to successfully compile them. Based on patch from des AT
   des.no
 - (djm) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
   Add a usleep replacement for platforms that lack it; ok dtucker
 - (djm) [session.c] FreeBSD needs setusercontext(..., LOGIN_SETUMASK) to
   occur after UID switch; patch from John Marshall via des AT des.no;
   ok dtucker@@
d675 28
a702 7
20130312
 - (dtucker) [regress/Makefile regress/cipher-speed.sh regress/test-exec.sh]
   Improve portability of cipher-speed test, based mostly on a patch from
   Iain Morgan.
 - (dtucker) [auth.c configure.ac platform.c platform.h] Accept uid 2 ("bin")
   in addition to root as an owner of system directories on AIX and HP-UX.
   ok djm@@
d704 2
a705 9
20130307
 - (dtucker) [INSTALL] Bump documented autoconf version to what we're
   currently using.
 - (dtucker) [defines.h] Remove SIZEOF_CHAR bits since the test for it
   was removed in configure.ac rev 1.481 as it was redundant.
 - (tim) [Makefile.in] Add another missing $(EXEEXT) I should have seen 3 days
   ago.
 - (djm) [configure.ac] Add a timeout to the select/rlimit test to give it a
   chance to complete on broken systems; ok dtucker@@
d707 2
a708 6
20130306
 - (dtucker) [regress/forward-control.sh] Wait longer for the forwarding
  connection to start so that the test works on slower machines.
 - (dtucker) [configure.ac] test that we can set number of file descriptors
   to zero with setrlimit before enabling the rlimit sandbox.  This affects
   (at least) HPUX 11.11.
d710 4
a713 9
20130305
 - (djm) [regress/modpipe.c] Compilation fix for AIX and parsing fix for
   HP/UX. Spotted by Kevin Brott
 - (dtucker) [configure.ac] use "=" for shell test and not "==".  Spotted by
   Amit Kulkarni and Kevin Brott.
 - (dtucker) [Makefile.in] Remove trailing "\" on PATHS, which caused obscure
   build breakage on (at least) HP-UX 11.11.  Found by Amit Kulkarni and Kevin
   Brott.
 - (tim) [Makefile.in] Add missing $(EXEEXT). Found by Roumen Petrov.
d715 1
a715 1
20130227
d717 1
a717 5
   [contrib/suse/openssh.spec] Crank version numbers
 - (tim) [regress/forward-control.sh] use sh in case login shell is csh.
 - (tim) [regress/integrity.sh] shell portability fix.
 - (tim) [regress/integrity.sh] keep old solaris awk from hanging.
 - (tim) [regress/krl.sh] keep old solaris awk from hanging.
d719 17
a735 10
20130226
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/02/20 08:27:50
     [integrity.sh]
     Add an option to modpipe that warns if the modification offset it not
     reached in it's stream and turn it on for t-integrity. This should catch
     cases where the session is not fuzzed for being too short (cf. my last
     "oops" commit)
 - (djm) [regress/integrity.sh] Run sshd via $SUDO; fixes tinderbox breakage
   for UsePAM=yes configuration
d737 2
a738 3
20130225
 - (dtucker) [configure.ac ssh-gss.h] bz#2073: additional #includes needed
   to use Solaris native GSS libs.  Patch from Pierre Ossman.
d740 23
a762 4
20130223
 - (djm) [configure.ac includes.h loginrec.c mux.c sftp.c] Prefer
   bsd/libutil.h to libutil.h to avoid deprecation warnings on Ubuntu.
   ok tim
d764 3
a766 8
20130222
 - (dtucker) [Makefile.in configure.ac] bz#2072: don't link krb5 libs to
   ssh(1) since they're not needed.  Patch from Pierre Ossman, ok djm.
 - (dtucker) [configure.ac] bz#2073: look for Solaris' differently-named
   libgss too.  Patch from Pierre Ossman, ok djm.
 - (djm) [configure.ac sandbox-seccomp-filter.c] Support for Linux
   seccomp-bpf sandbox on ARM. Patch from shawnlandden AT gmail.com;
   ok dtucker
d768 7
a774 2
20130221
 - (tim) [regress/forward-control.sh] shell portability fix.
d776 24
a799 14
20130220
 - (tim) [regress/cipher-speed.sh regress/try-ciphers.sh] shell portability fix.
 - (tim) [krl.c Makefile.in regress/Makefile regress/modpipe.c] remove unneeded
   err.h include from krl.c. Additional portability fixes for modpipe. OK djm
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/02/20 08:27:50
     [regress/integrity.sh regress/modpipe.c]
     Add an option to modpipe that warns if the modification offset it not
     reached in it's stream and turn it on for t-integrity. This should catch
     cases where the session is not fuzzed for being too short (cf. my last
     "oops" commit)
   - djm@@cvs.openbsd.org 2013/02/20 08:29:27
     [regress/modpipe.c]
     s/Id/OpenBSD/ in RCS tag
d801 1
a801 1
20130219
d803 46
a848 12
   - djm@@cvs.openbsd.org 2013/02/18 22:26:47
     [integrity.sh]
     crank the offset yet again; it was still fuzzing KEX one of Darren's
     portable test hosts at 2800
   - djm@@cvs.openbsd.org 2013/02/19 02:14:09
     [integrity.sh]
     oops, forgot to increase the output of the ssh command to ensure that
     we actually reach $offset
 - (djm) [regress/integrity.sh] Skip SHA2-based MACs on configurations that
   lack support for SHA2.
 - (djm) [regress/modpipe.c] Add local err, and errx functions for platforms
   that do not have them.
d850 4
a853 6
20130217
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/02/17 23:16:55
     [integrity.sh]
     make the ssh command generates some output to ensure that there are at
     least offset+tries bytes in the stream.
d855 3
a857 8
20130216
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/02/16 06:08:45
     [integrity.sh]
     make sure the fuzz offset is actually past the end of KEX for all KEX
     types. diffie-hellman-group-exchange-sha256 requires an offset around
     2700. Noticed via test failures in portable OpenSSH on platforms that
     lack ECC and this the more byte-frugal ECDH KEX algorithms.
d859 1
a859 12
20130215
 - (djm) [contrib/suse/rc.sshd] Use SSHD_BIN consistently; bz#2056 from
   Iain Morgan
 - (dtucker) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
   Use getpgrp() if we don't have getpgid() (old BSDs, maybe others).
 - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoull.c
   openbsd-compat/openbsd-compat.h] Add strtoull to compat library for
   platforms that don't have it.
 - (dtucker) [openbsd-compat/openbsd-compat.h] Add prototype for strtoul,
   group strto* function prototypes together.
 - (dtucker) [openbsd-compat/bsd-misc.c] Handle the case where setpgrp() takes
   an argument.  Pointed out by djm.
d861 86
a946 8
   - djm@@cvs.openbsd.org 2013/02/14 21:35:59
     [auth2-pubkey.c]
     Correct error message that had a typo and was logging the wrong thing;
     patch from Petr Lautrbach
   - dtucker@@cvs.openbsd.org 2013/02/15 00:21:01
     [sshconnect2.c]
     Warn more loudly if an IdentityFile provided by the user cannot be read.
     bz #1981, ok djm@@
d948 5
a952 6
20130214
 - (djm) [regress/krl.sh] Don't use ecdsa keys in environment that lack ECC.
 - (djm) [regress/krl.sh] typo; found by Iain Morgan
 - (djm) [regress/integrity.sh] Start fuzzing from offset 2500 (instead
   of 2300) to avoid clobbering the end of (non-MAC'd) KEX. Verified by
   Iain Morgan
d954 24
a977 31
20130212
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/01/24 21:45:37
     [krl.c]
     fix handling of (unused) KRL signatures; skip string in correct buffer
   - djm@@cvs.openbsd.org 2013/01/24 22:08:56
     [krl.c]
     skip serial lookup when cert's serial number is zero
   - krw@@cvs.openbsd.org 2013/01/25 05:00:27
     [krl.c]
     Revert last. Breaks due to likely typo. Let djm@@ fix later.
     ok djm@@ via dlg@@
   - djm@@cvs.openbsd.org 2013/01/25 10:22:19
     [krl.c]
     redo last commit without the vi-vomit that snuck in:
     skip serial lookup when cert's serial number is zero
     (now with 100% better comment)
   - djm@@cvs.openbsd.org 2013/01/26 06:11:05
     [Makefile.in acss.c acss.h cipher-acss.c cipher.c]
     [openbsd-compat/openssl-compat.h]
     remove ACSS, now that it is gone from libcrypto too
   - djm@@cvs.openbsd.org 2013/01/27 10:06:12
     [krl.c]
     actually use the xrealloc() return value; spotted by xi.wang AT gmail.com
   - dtucker@@cvs.openbsd.org 2013/02/06 00:20:42
     [servconf.c sshd_config sshd_config.5]
     Change default of MaxStartups to 10:30:100 to start doing random early
     drop at 10 connections up to 100 connections.  This will make it harder
     to DoS as CPUs have come a long way since the original value was set
     back in 2000.  Prompted by nion at debian org, ok markus@@
   - dtucker@@cvs.openbsd.org 2013/02/06 00:22:21
d979 3
a981 20
     Fix comment, from jfree.e1 at gmail
   - djm@@cvs.openbsd.org 2013/02/08 00:41:12
     [sftp.c]
     fix NULL deref when built without libedit and control characters
     entered as command; debugging and patch from Iain Morgan an
     Loganaden Velvindron in bz#1956
   - markus@@cvs.openbsd.org 2013/02/10 21:19:34
     [version.h]
     openssh 6.2
   - djm@@cvs.openbsd.org 2013/02/10 23:32:10
     [ssh-keygen.c]
     append to moduli file when screening candidates rather than overwriting.
     allows resumption of interrupted screen; patch from Christophe Garault
     in bz#1957; ok dtucker@@
   - djm@@cvs.openbsd.org 2013/02/10 23:35:24
     [packet.c]
     record "Received disconnect" messages at ERROR rather than INFO priority,
     since they are abnormal and result in a non-zero ssh exit status; patch
     from Iain Morgan in bz#2057; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2013/02/11 21:21:58
d983 19
a1001 5
     Add openssl version to debug output similar to the client.  ok markus@@
   - djm@@cvs.openbsd.org 2013/02/11 23:58:51
     [regress/try-ciphers.sh]
     remove acss here too
 - (djm) [regress/try-ciphers.sh] clean up CVS merge botch
d1003 5
a1007 3
20130211
 - (djm) [configure.ac openbsd-compat/openssl-compat.h] Repair build on old
   libcrypto that lacks EVP_CIPHER_CTX_ctrl
d1009 41
a1049 5
20130208
 - (djm) [contrib/redhat/sshd.init] treat RETVAL as an integer;
   patch from Iain Morgan in bz#2059
 - (dtucker) [configure.ac openbsd-compat/sys-tree.h] Test if compiler allows
   __attribute__ on return values and work around if necessary.  ok djm@@
d1051 35
a1085 4
20130207
 - (djm) [configure.ac] Don't probe seccomp capability of running kernel
   at configure time; the seccomp sandbox will fall back to rlimit at
   runtime anyway. Patch from plautrba AT redhat.com in bz#2011
d1087 3
a1089 29
20130120
 - (djm) [cipher-aes.c cipher-ctr.c openbsd-compat/openssl-compat.h]
   Move prototypes for replacement ciphers to openssl-compat.h; fix EVP
   prototypes for openssl-1.0.0-fips.
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2013/01/18 07:57:47
     [ssh-keygen.1]
     tweak previous;
   - jmc@@cvs.openbsd.org 2013/01/18 07:59:46
     [ssh-keygen.c]
     -u before -V in usage();
   - jmc@@cvs.openbsd.org 2013/01/18 08:00:49
     [sshd_config.5]
     tweak previous;
   - jmc@@cvs.openbsd.org 2013/01/18 08:39:04
     [ssh-keygen.1]
     add -Q to the options list; ok djm
   - jmc@@cvs.openbsd.org 2013/01/18 21:48:43
     [ssh-keygen.1]
     command-line (adj.) -> command line (n.);
   - jmc@@cvs.openbsd.org 2013/01/19 07:13:25
     [ssh-keygen.1]
     fix some formatting; ok djm
   - markus@@cvs.openbsd.org 2013/01/19 12:34:55
     [krl.c]
     RB_INSERT does not remove existing elments; ok djm@@
 - (djm) [openbsd-compat/sys-tree.h] Sync with OpenBSD. krl.c needs newer
   version.
 - (djm) [regress/krl.sh] replacement for jot; most platforms lack it
d1091 23
a1113 16
20130118
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/01/17 23:00:01
     [auth.c key.c key.h ssh-keygen.1 ssh-keygen.c sshd_config.5]
     [krl.c krl.h PROTOCOL.krl]
     add support for Key Revocation Lists (KRLs). These are a compact way to
     represent lists of revoked keys and certificates, taking as little as
     a single bit of incremental cost to revoke a certificate by serial number.
     KRLs are loaded via the existing RevokedKeys sshd_config option.
     feedback and ok markus@@
   - djm@@cvs.openbsd.org 2013/01/18 00:45:29
     [regress/Makefile regress/cert-userkey.sh regress/krl.sh]
     Tests for Key Revocation Lists (KRLs)
   - djm@@cvs.openbsd.org 2013/01/18 03:00:32
     [krl.c]
     fix KRL generation bug for list sections
d1115 7
a1121 3
20130117
 - (djm) [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh]
   check for GCM support before testing GCM ciphers.
d1123 2
a1124 9
20130112
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2013/01/12 11:22:04
     [cipher.c]
     improve error message for integrity failure in AES-GCM modes; ok markus@@
   - djm@@cvs.openbsd.org 2013/01/12 11:23:53
     [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh]
     test AES-GCM modes; feedback markus@@
 - (djm) [regress/integrity.sh] repair botched merge
d1126 45
a1170 26
20130109
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/12/14 05:26:43
     [auth.c]
     use correct string in error message; from rustybsd at gmx.fr
   - djm@@cvs.openbsd.org 2013/01/02 00:32:07
     [clientloop.c mux.c]
     channel_setup_local_fwd_listener() returns 0 on failure, not -ve
     bz#2055 reported by mathieu.lacage AT gmail.com
   - djm@@cvs.openbsd.org 2013/01/02 00:33:49
     [PROTOCOL.agent]
     correct format description for SSH_AGENTC_ADD_RSA_ID_CONSTRAINED
     bz#2051 from david AT lechnology.com
   - djm@@cvs.openbsd.org 2013/01/03 05:49:36
     [servconf.h]
     add a couple of ServerOptions members that should be copied to the privsep
     child (for consistency, in this case they happen only to be accessed in
     the monitor); ok dtucker@@
   - djm@@cvs.openbsd.org 2013/01/03 12:49:01
     [PROTOCOL]
     fix description of MAC calculation for EtM modes; ok markus@@
   - djm@@cvs.openbsd.org 2013/01/03 12:54:49
     [sftp-server.8 sftp-server.c]
     allow specification of an alternate start directory for sftp-server(8)
     "I like this" markus@@
   - djm@@cvs.openbsd.org 2013/01/03 23:22:58
d1172 133
a1304 1
     allow fingerprinting of keys hosted in PKCS#11 tokens: ssh-keygen -lD ...
d1306 32
a1337 16
   - jmc@@cvs.openbsd.org 2013/01/04 19:26:38
     [sftp-server.8 sftp-server.c]
     sftp-server.8: add argument name to -d
     sftp-server.c: add -d to usage()
     ok djm
   - markus@@cvs.openbsd.org 2013/01/08 18:49:04
     [PROTOCOL authfile.c cipher.c cipher.h kex.c kex.h monitor_wrap.c]
     [myproposal.h packet.c ssh_config.5 sshd_config.5]
     support AES-GCM as defined in RFC 5647 (but with simpler KEX handling)
     ok and feedback djm@@
   - djm@@cvs.openbsd.org 2013/01/09 05:40:17
     [ssh-keygen.c]
     correctly initialise fingerprint type for fingerprinting PKCS#11 keys
 - (djm) [cipher.c configure.ac openbsd-compat/openssl-compat.h]
   Fix merge botch, automatically detect AES-GCM in OpenSSL, move a little
   cipher compat code to openssl-compat.h
d1339 3
a1341 3
20121217
 - (dtucker) [Makefile.in] Add some scaffolding so that the new regress
   tests will work with VPATH directories.
d1343 6
a1348 14
20121213
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2012/12/12 16:45:52
     [packet.c]
     reset incoming_packet buffer for each new packet in EtM-case, too;
     this happens if packets are parsed only parially (e.g. ignore
     messages sent when su/sudo turn off echo); noted by sthen/millert
   - naddy@@cvs.openbsd.org 2012/12/12 16:46:10
     [cipher.c]
     use OpenSSL's EVP_aes_{128,192,256}_ctr() API and remove our hand-rolled
     counter mode code; ok djm@@
 - (djm) [configure.ac cipher-ctr.c] Adapt EVP AES CTR change to retain our
   compat code for older OpenSSL
 - (djm) [cipher.c] Fix missing prototype for compat code
d1350 43
a1392 31
20121212
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2012/12/11 22:16:21
     [monitor.c]
     drain the log messages after receiving the keystate from the unpriv
     child. otherwise it might block while sending. ok djm@@
   - markus@@cvs.openbsd.org 2012/12/11 22:31:18
     [PROTOCOL authfile.c cipher.c cipher.h kex.h mac.c myproposal.h]
     [packet.c ssh_config.5 sshd_config.5]
     add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms
     that change the packet format and compute the MAC over the encrypted
     message (including the packet size) instead of the plaintext data;
     these EtM modes are considered more secure and used by default.
     feedback and ok djm@@
   - sthen@@cvs.openbsd.org 2012/12/11 22:51:45
     [mac.c]
     fix typo, s/tem/etm in hmac-ripemd160-tem. ok markus@@
   - markus@@cvs.openbsd.org 2012/12/11 22:32:56
     [regress/try-ciphers.sh]
     add etm modes
   - markus@@cvs.openbsd.org 2012/12/11 22:42:11
     [regress/Makefile regress/modpipe.c regress/integrity.sh]
     test the integrity of the packets; with djm@@
   - markus@@cvs.openbsd.org 2012/12/11 23:12:13
     [try-ciphers.sh]
     add hmac-ripemd160-etm@@openssh.com
 - (djm) [mac.c] fix merge botch
 - (djm) [regress/Makefile regress/integrity.sh] Make the integrity.sh test
   work on platforms without 'jot'
 - (djm) [regress/integrity.sh] Fix awk quoting, packet length skip
 - (djm) [regress/Makefile] fix t-exec rule
d1394 1
a1394 1
20121207
d1396 2
a1397 11
   - dtucker@@cvs.openbsd.org 2012/12/06 06:06:54
     [regress/keys-command.sh]
     Fix some problems with the keys-command test:
      - use string comparison rather than numeric comparison
      - check for existing KEY_COMMAND file and don't clobber if it exists
      - clean up KEY_COMMAND file if we do create it.
      - check that KEY_COMMAND is executable (which it won't be if eg /var/run
        is mounted noexec).
     ok djm.
   - jmc@@cvs.openbsd.org 2012/12/03 08:33:03
     [ssh-add.1 sshd_config.5]
d1399 83
a1481 7
   - markus@@cvs.openbsd.org 2012/12/05 15:42:52
     [ssh-add.c]
     prevent double-free of comment; ok djm@@
   - dtucker@@cvs.openbsd.org 2012/12/07 01:51:35
     [serverloop.c]
     Cast signal to int for logging.  A no-op on openbsd (they're always ints)
     but will prevent warnings in portable.  ok djm@@
d1483 27
a1509 2
20121205
 - (tim) [defines.h] Some platforms are missing ULLONG_MAX. Feedback djm@@.
d1511 12
a1522 3
20121203
 - (djm) [openbsd-compat/sys-queue.h] Sync with OpenBSD to get
   TAILQ_FOREACH_SAFE needed for upcoming changes.
d1524 95
a1618 20
   - djm@@cvs.openbsd.org 2012/12/02 20:26:11
     [ssh_config.5 sshconnect2.c]
     Make IdentitiesOnly apply to keys obtained from a PKCS11Provider.
     This allows control of which keys are offered from tokens using
     IdentityFile. ok markus@@
   - djm@@cvs.openbsd.org 2012/12/02 20:42:15
     [ssh-add.1 ssh-add.c]
     make deleting explicit keys "ssh-add -d" symmetric with adding keys -
     try to delete the corresponding certificate too and respect the -k option
     to allow deleting of the key only; feedback and ok markus@@
   - djm@@cvs.openbsd.org 2012/12/02 20:46:11
     [auth-options.c channels.c servconf.c servconf.h serverloop.c session.c]
     [sshd_config.5]
     make AllowTcpForwarding accept "local" and "remote" in addition to its
     current "yes"/"no" to allow the server to specify whether just local or
     remote TCP forwarding is enabled. ok markus@@
   - dtucker@@cvs.openbsd.org 2012/10/05 02:20:48
     [regress/cipher-speed.sh regress/try-ciphers.sh]
     Add umac-128@@openssh.com to the list of MACs to be tested
   - djm@@cvs.openbsd.org 2012/10/19 05:10:42
d1620 12
a1631 14
     include a serial number when generating certs
   - djm@@cvs.openbsd.org 2012/11/22 22:49:30
     [regress/Makefile regress/keys-command.sh]
     regress for AuthorizedKeysCommand; hints from markus@@
   - djm@@cvs.openbsd.org 2012/12/02 20:47:48
     [Makefile regress/forward-control.sh]
     regress for AllowTcpForwarding local/remote; ok markus@@
   - djm@@cvs.openbsd.org 2012/12/03 00:14:06
     [auth2-chall.c ssh-keygen.c]
     Fix compilation with -Wall -Werror (trivial type fixes)
 - (djm) [configure.ac] Turn on -g for gcc compilers. Helps pre-installation
   debugging. ok dtucker@@
 - (djm) [configure.ac] Revert previous. configure.ac already does this
   for us.
d1633 1
a1633 1
20121114
d1635 29
a1663 14
   - djm@@cvs.openbsd.org 2012/11/14 02:24:27
     [auth2-pubkey.c]
     fix username passed to helper program
     prepare stdio fds before closefrom()
     spotted by landry@@
   - djm@@cvs.openbsd.org 2012/11/14 02:32:15
     [ssh-keygen.c]
     allow the full range of unsigned serial numbers; 'fine' deraadt@@
   - djm@@cvs.openbsd.org 2012/12/02 20:34:10
     [auth.c auth.h auth1.c auth2-chall.c auth2-gss.c auth2-jpake.c auth2.c]
     [monitor.c monitor.h]
     Fixes logging of partial authentication when privsep is enabled
     Previously, we recorded "Failed xxx" since we reset authenticated before
     calling auth_log() in auth2.c. This adds an explcit "Partial" state.
d1665 27
a1691 2
     Add a "submethod" to auth_log() to report which submethod is used
     for keyboard-interactive.
d1693 2
a1694 2
     Fix multiple authentication when one of the methods is
     keyboard-interactive.
d1697 13
a1709 3
   - dtucker@@cvs.openbsd.org 2012/10/05 02:05:30
     [regress/multiplex.sh]
     Use 'kill -0' to test for the presence of a pid since it's more portable
d1711 28
a1738 5
20121107
 - (djm) OpenBSD CVS Sync
   - eric@@cvs.openbsd.org 2011/11/28 08:46:27
     [moduli.5]
     fix formula
d1740 64
a1803 4
   - jmc@@cvs.openbsd.org 2012/09/26 17:34:38
     [moduli.5]
     last stage of rfc changes, using consistent Rs/Re blocks, and moving the
     references into a STANDARDS section;
d1805 12
a1816 8
20121105
 - (dtucker) [uidswap.c openbsd-compat/Makefile.in
   openbsd-compat/bsd-setres_id.c openbsd-compat/bsd-setres_id.h
   openbsd-compat/openbsd-compat.h]  Move the fallback code for setting uids
   and gids from uidswap.c to the compat library, which allows it to work with
   the new setresuid calls in auth2-pubkey.  with tim@@, ok djm@@
 - (dtucker) [auth2-pubkey.c] wrap paths.h in an ifdef for platforms that
   don't have it.  Spotted by tim@@.
d1818 14
a1831 17
20121104
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2012/10/31 08:04:50
     [sshd_config.5]
     tweak previous;
   - djm@@cvs.openbsd.org 2012/11/04 10:38:43
     [auth2-pubkey.c sshd.c sshd_config.5]
     Remove default of AuthorizedCommandUser. Administrators are now expected
     to explicitly specify a user. feedback and ok markus@@
   - djm@@cvs.openbsd.org 2012/11/04 11:09:15
     [auth.h auth1.c auth2.c monitor.c servconf.c servconf.h sshd.c]
     [sshd_config.5]
     Support multiple required authentication via an AuthenticationMethods
     option. This option lists one or more comma-separated lists of
     authentication method names. Successful completion of all the methods in
     any list is required for authentication to complete;
     feedback and ok markus@@
d1833 33
a1865 71
20121030
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2012/10/05 12:34:39
     [sftp.c]
     fix signed vs unsigned warning; feedback & ok: djm@@
   - djm@@cvs.openbsd.org 2012/10/30 21:29:55
     [auth-rsa.c auth.c auth.h auth2-pubkey.c servconf.c servconf.h]
     [sshd.c sshd_config sshd_config.5]
     new sshd_config option AuthorizedKeysCommand to support fetching
     authorized_keys from a command in addition to (or instead of) from
     the filesystem. The command is run as the target server user unless
     another specified via a new AuthorizedKeysCommandUser option.
     
     patch originally by jchadima AT redhat.com, reworked by me; feedback
     and ok markus@@

20121019
 - (tim) [buildpkg.sh.in] Double up on some backslashes so they end up in
   the generated file as intended.

20121005
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2012/09/17 09:54:44
     [sftp.c]
     an XXX for later
   - markus@@cvs.openbsd.org 2012/09/17 13:04:11
     [packet.c]
     clear old keys on rekeing; ok djm
   - dtucker@@cvs.openbsd.org 2012/09/18 10:36:12
     [sftp.c]
     Add bounds check on sftp tab-completion.  Part of a patch from from
     Jean-Marc Robert via tech@@, ok djm
   - dtucker@@cvs.openbsd.org 2012/09/21 10:53:07
     [sftp.c]
     Fix improper handling of absolute paths when PWD is part of the completed
     path.  Patch from Jean-Marc Robert via tech@@, ok djm.
  - dtucker@@cvs.openbsd.org 2012/09/21 10:55:04
     [sftp.c]
     Fix handling of filenames containing escaped globbing characters and
     escape "#" and "*".  Patch from Jean-Marc Robert via tech@@, ok djm.
   - jmc@@cvs.openbsd.org 2012/09/26 16:12:13
     [ssh.1]
     last stage of rfc changes, using consistent Rs/Re blocks, and moving the
     references into a STANDARDS section;
   - naddy@@cvs.openbsd.org 2012/10/01 13:59:51
     [monitor_wrap.c]
     pasto; ok djm@@
   - djm@@cvs.openbsd.org 2012/10/02 07:07:45
     [ssh-keygen.c]
     fix -z option, broken in revision 1.215
   - markus@@cvs.openbsd.org 2012/10/04 13:21:50
     [myproposal.h ssh_config.5 umac.h sshd_config.5 ssh.1 sshd.8 mac.c]
     add umac128 variant; ok djm@@ at n2k12
  - dtucker@@cvs.openbsd.org 2012/09/06 04:11:07
     [regress/try-ciphers.sh]
     Restore missing space.  (Id sync only).
   - dtucker@@cvs.openbsd.org 2012/09/09 11:51:25
     [regress/multiplex.sh]
     Add test for ssh -Ostop
   - dtucker@@cvs.openbsd.org 2012/09/10 00:49:21
     [regress/multiplex.sh]
     Log -O cmd output to the log file and make logging consistent with the
     other tests.  Test clean shutdown of an existing channel when testing
     "stop".
   - dtucker@@cvs.openbsd.org 2012/09/10 01:51:19
     [regress/multiplex.sh]
     use -Ocheck and waiting for completions by PID to make multiplexing test
     less racy and (hopefully) more reliable on slow hardware.
 - [Makefile umac.c] Add special-case target to build umac128.o.
 - [umac.c] Enforce allowed umac output sizes.  From djm@@.
 - [Makefile.in] "Using $< in a non-suffix rule context is a GNUmake idiom".
d1867 7
a1873 8
20120917
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/09/13 23:37:36
     [servconf.c]
     Fix comment line length
   - markus@@cvs.openbsd.org 2012/09/14 16:51:34
     [sshconnect.c]
     remove unused variable
d1875 33
a1907 3
20120907
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/09/06 09:50:13
d1909 8
a1916 6
     Make the escape command help (~?) context sensitive so that only commands
     that will work in the current session are shown.  ok markus@@
   - jmc@@cvs.openbsd.org 2012/09/06 13:57:42
     [ssh.1]
     missing letter in previous;
   - dtucker@@cvs.openbsd.org 2012/09/07 00:30:19
d1918 63
a1980 2
     Print '^Z' instead of a raw ^Z when the sequence is not supported.  ok djm@@
   - dtucker@@cvs.openbsd.org 2012/09/07 01:10:21
d1982 28
a2009 2
     Merge escape help text for ~v and ~V; ok djm@@
   - dtucker@@cvs.openbsd.org 2012/09/07 06:34:21
d2011 60
a2070 2
     when muxmaster is run with -N, make it shut down gracefully when a client
     sends it "-O stop" rather than hanging around (bz#1985).  ok djm@@
d2072 3
a2074 1
20120906
d2076 23
a2098 26
   - jmc@@cvs.openbsd.org 2012/08/15 18:25:50
     [ssh-keygen.1]
     a little more info on certificate validity;
     requested by Ross L Richardson, and provided by djm
   - dtucker@@cvs.openbsd.org 2012/08/17 00:45:45
     [clientloop.c clientloop.h mux.c]
     Force a clean shutdown of ControlMaster client sessions when the ~. escape
     sequence is used.  This means that ~. should now work in mux clients even
     if the server is no longer responding.  Found by tedu, ok djm.
   - djm@@cvs.openbsd.org 2012/08/17 01:22:56
     [kex.c]
     add some comments about better handling first-KEX-follows notifications
     from the server. Nothing uses these right now. No binary change
   - djm@@cvs.openbsd.org 2012/08/17 01:25:58
     [ssh-keygen.c]
     print details of which host lines were deleted when using
     "ssh-keygen -R host"; ok markus@@
   - djm@@cvs.openbsd.org 2012/08/17 01:30:00
     [compat.c sshconnect.c]
     Send client banner immediately, rather than waiting for the server to
     move first for SSH protocol 2 connections (the default). Patch based on
     one in bz#1999 by tls AT panix.com, feedback dtucker@@ ok markus@@
   - dtucker@@cvs.openbsd.org 2012/09/06 04:37:39
     [clientloop.c log.c ssh.1 log.h]
     Add ~v and ~V escape sequences to raise and lower the logging level
     respectively. Man page help from jmc, ok deraadt jmc
d2100 6
a2105 2
20120830
 - (dtucker) [moduli] Import new moduli file.
d2107 59
a2165 2
20120828
 - (djm) Release openssh-6.1
d2167 103
a2269 4
20120828
 - (dtucker) [openbsd-compat/bsd-cygwin_util.h] define WIN32_LEAN_AND_MEAN
   for compatibility with future mingw-w64 headers.  Patch from vinschen at
   redhat com.
d2271 13
a2283 3
20120822
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Update version numbers
d2285 41
a2325 12
20120731
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2012/07/06 06:38:03
     [ssh-keygen.c]
     missing full stop in usage();
   - djm@@cvs.openbsd.org 2012/07/10 02:19:15
     [servconf.c servconf.h sshd.c sshd_config]
     Turn on systrace sandboxing of pre-auth sshd by default for new installs
     by shipping a config that overrides the current UsePrivilegeSeparation=yes
     default. Make it easier to flip the default in the future by adding too.
     prodded markus@@ feedback dtucker@@ "get it in" deraadt@@
   - dtucker@@cvs.openbsd.org 2012/07/13 01:35:21
d2327 19
a2345 4
     handle long comments in config files better.  bz#2025, ok markus
   - markus@@cvs.openbsd.org 2012/07/22 18:19:21
     [version.h]
     openssh 6.1
d2347 62
a2408 2
20120720
 - (dtucker) Import regened moduli file.
d2410 24
a2433 19
20120706
 - (djm) [sandbox-seccomp-filter.c] fallback to rlimit if seccomp filter is
   not available. Allows use of sshd compiled on host with a filter-capable
   kernel on hosts that lack the support. bz#2011 ok dtucker@@
 - (djm) [configure.ac] Recursively expand $(bindir) to ensure it has no
   unexpanded $(prefix) embedded. bz#2007 patch from nix-corp AT
   esperi.org.uk; ok dtucker@@
- (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/07/06 00:41:59
     [moduli.c ssh-keygen.1 ssh-keygen.c]
     Add options to specify starting line number and number of lines to process
     when screening moduli candidates.  This allows processing of different
     parts of a candidate moduli file in parallel.  man page help jmc@@, ok djm@@
   - djm@@cvs.openbsd.org 2012/07/06 01:37:21
     [mux.c]
     fix memory leak of passed-in environment variables and connection
     context when new session message is malformed; bz#2003 from Bert.Wesarg
     AT googlemail.com
   - djm@@cvs.openbsd.org 2012/07/06 01:47:38
d2435 45
a2479 3
     move setting of tty_flag to after config parsing so RequestTTY options
     are correctly picked up. bz#1995 patch from przemoc AT gmail.com;
     ok dtucker@@
d2481 80
a2560 3
20120704
 - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] Add setlinebuf for
   platforms that don't have it.  "looks good" tim@@
d2562 14
a2575 7
20120703
 - (dtucker) [configure.ac] Detect platforms that can't use select(2) with
   setrlimit(RLIMIT_NOFILE, rl_zero) and disable the rlimit sandbox on those.
 - (dtucker) [configure.ac sandbox-rlimit.c] Test whether or not
   setrlimit(RLIMIT_FSIZE, rl_zero) and skip it if it's not supported.  Its
   benefit is minor, so it's not worth disabling the sandbox if it doesn't
   work.
d2577 7
a2583 24
20120702
- (dtucker) OpenBSD CVS Sync
   - naddy@@cvs.openbsd.org 2012/06/29 13:57:25
     [ssh_config.5 sshd_config.5]
     match the documented MAC order of preference to the actual one;
     ok dtucker@@
   - markus@@cvs.openbsd.org 2012/06/30 14:35:09
     [sandbox-systrace.c sshd.c]
     fix a during the load of the sandbox policies (child can still make
     the read-syscall and wait forever for systrace-answers) by replacing
     the read/write synchronisation with SIGSTOP/SIGCONT;
     report and help hshoexer@@; ok djm@@, dtucker@@
   - dtucker@@cvs.openbsd.org 2012/07/02 08:50:03
     [ssh.c]
     set interactive ToS for forwarded X11 sessions.  ok djm@@
   - dtucker@@cvs.openbsd.org 2012/07/02 12:13:26
     [ssh-pkcs11-helper.c sftp-client.c]
     fix a couple of "assigned but not used" warnings.  ok markus@@
   - dtucker@@cvs.openbsd.org 2012/07/02 14:37:06
     [regress/connect-privsep.sh]
     remove exit from end of test since it prevents reporting failure
 - (dtucker) [regress/reexec.sh regress/sftp-cmds.sh regress/test-exec.sh]
   Move cygwin detection to test-exec and use to skip reexec test on cygwin.
 - (dtucker) [regress/test-exec.sh] Correct uname for cygwin/w2k.
d2585 1
a2585 1
20120629
d2587 45
a2631 46
   - dtucker@@cvs.openbsd.org 2012/06/21 00:16:07
     [addrmatch.c]
     fix strlcpy truncation check.  from carsten at debian org, ok markus
   - dtucker@@cvs.openbsd.org 2012/06/22 12:30:26
     [monitor.c sshconnect2.c]
     remove dead code following 'for (;;)' loops.
     From Steve.McClellan at radisys com, ok markus@@
   - dtucker@@cvs.openbsd.org 2012/06/22 14:36:33
     [sftp.c]
     Remove unused variable leftover from tab-completion changes.
     From Steve.McClellan at radisys com, ok markus@@
   - dtucker@@cvs.openbsd.org 2012/06/26 11:02:30
     [sandbox-systrace.c]
     Add mquery to the list of allowed syscalls for "UsePrivilegeSeparation
     sandbox" since malloc now uses it.  From johnw.mail at gmail com.
   - dtucker@@cvs.openbsd.org 2012/06/28 05:07:45
     [mac.c myproposal.h ssh_config.5 sshd_config.5]
     Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
     from draft6 of the spec and will not be in the RFC when published.  Patch
     from mdb at juniper net via bz#2023, ok markus.
   - naddy@@cvs.openbsd.org 2012/06/29 13:57:25
     [ssh_config.5 sshd_config.5]
     match the documented MAC order of preference to the actual one; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2012/05/13 01:42:32
     [regress/addrmatch.sh]
     Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests
     to match.  Feedback and ok djm@@ markus@@.
   - djm@@cvs.openbsd.org 2012/06/01 00:47:35
     [regress/multiplex.sh regress/forwarding.sh]
     append to rather than truncate test log; bz#2013 from openssh AT
     roumenpetrov.info
   - djm@@cvs.openbsd.org 2012/06/01 00:52:52
     [regress/sftp-cmds.sh]
     don't delete .* on cleanup due to unintended env expansion; pointed out in
     bz#2014 by openssh AT roumenpetrov.info
   - dtucker@@cvs.openbsd.org 2012/06/26 12:06:59
     [regress/connect-privsep.sh]
     test sandbox with every malloc option
   - dtucker@@cvs.openbsd.org 2012/06/28 05:07:45
     [regress/try-ciphers.sh regress/cipher-speed.sh]
     Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
     from draft6 of the spec and will not be in the RFC when published.  Patch
     from mdb at juniper net via bz#2023, ok markus.
 - (dtucker) [myproposal.h] Remove trailing backslash to fix compile error.
 - (dtucker) [key.c] ifdef out sha256 key types on platforms that don't have
   the required functions in libcrypto.
d2633 32
a2664 4
20120628
 - (dtucker) [openbsd-compat/getrrsetbyname-ldns.c] bz #2022: prevent null
   pointer deref in the client when built with LDNS and using DNSSEC with a
   CNAME.  Patch from gregdlg+mr at hochet info.
d2666 4
a2669 3
20120622
 - (dtucker) [contrib/cygwin/ssh-host-config] Ensure that user sshd runs as
   can logon as a service.  Patch from vinschen at redhat com.
d2671 1
a2671 1
20120620
d2673 34
a2706 40
   - djm@@cvs.openbsd.org 2011/12/02 00:41:56
     [mux.c]
     fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     ok dtucker@@
   - djm@@cvs.openbsd.org 2011/12/04 23:16:12
     [mux.c]
     revert:
     > revision 1.32
     > date: 2011/12/02 00:41:56;  author: djm;  state: Exp;  lines: +4 -1
     > fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     > ok dtucker@@
     it interacts badly with ControlPersist
   - djm@@cvs.openbsd.org 2012/01/07 21:11:36
     [mux.c]
     fix double-free in new session handler
     NB. Id sync only
   - djm@@cvs.openbsd.org 2012/05/23 03:28:28
     [dns.c dns.h key.c key.h ssh-keygen.c]
     add support for RFC6594 SSHFP DNS records for ECDSA key types.
     patch from bugzilla-m67 AT nulld.me in bz#1978; ok + tweak markus@@
     (Original authors Ondřej Surý,  Ondřej Caletka and Daniel Black)
   - djm@@cvs.openbsd.org 2012/06/01 00:49:35
     [PROTOCOL.mux]
     correct types of port numbers (integers, not strings); bz#2004 from
     bert.wesarg AT googlemail.com
   - djm@@cvs.openbsd.org 2012/06/01 01:01:22
     [mux.c]
     fix memory leak when mux socket creation fails; bz#2002 from bert.wesarg
     AT googlemail.com
   - dtucker@@cvs.openbsd.org 2012/06/18 11:43:53
     [jpake.c]
     correct sizeof usage.  patch from saw at online.de, ok deraadt
   - dtucker@@cvs.openbsd.org 2012/06/18 11:49:58
     [ssh_config.5]
     RSA instead of DSA twice.  From Steve.McClellan at radisys com
   - dtucker@@cvs.openbsd.org 2012/06/18 12:07:07
     [ssh.1 sshd.8]
     Remove mention of 'three' key files since there are now four.  From
     Steve.McClellan at radisys com.
   - dtucker@@cvs.openbsd.org 2012/06/18 12:17:18
d2708 10
a2717 14
     Clarify description of -W.  Noted by Steve.McClellan at radisys com,
     ok jmc
   - markus@@cvs.openbsd.org 2012/06/19 18:25:28
     [servconf.c servconf.h sshd_config.5]
     sshd_config: extend Match to allow AcceptEnv and {Allow,Deny}{Users,Groups}
     this allows 'Match LocalPort 1022' combined with 'AllowUser bauer'
     ok djm@@ (back in March)
   - jmc@@cvs.openbsd.org 2012/06/19 21:35:54
     [sshd_config.5]
     tweak previous; ok markus
   - djm@@cvs.openbsd.org 2012/06/20 04:42:58
     [clientloop.c serverloop.c]
     initialise accept() backoff timer to avoid EINVAL from select(2) in
     rekeying
d2719 23
a2741 12
20120519
 - (dtucker) [configure.ac] bz#2010: fix non-portable shell construct.  Patch
   from cjwatson at debian org.
 - (dtucker) [configure.ac contrib/Makefile] bz#1996: use AC_PATH_TOOL to find
   pkg-config so it does the right thing when cross-compiling.  Patch from
   cjwatson at debian org.
- (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/05/13 01:42:32
     [servconf.h servconf.c sshd.8 sshd.c auth.c sshd_config.5]
     Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests
     to match.  Feedback and ok djm@@ markus@@.
   - dtucker@@cvs.openbsd.org 2012/05/19 06:30:30
d2743 17
a2759 1
     Document PermitOpen none.  bz#2001, patch from Loganaden Velvindron
d2761 141
a2901 15
20120504
 - (dtucker) [configure.ac] Include <sys/param.h> rather than <sys/types.h>
   to fix building on some plaforms.  Fom bowman at math utah edu and
   des at des no.

20120427
 - (dtucker) [regress/addrmatch.sh] skip tests when running on a non-ipv6
   platform rather than exiting early, so that we still clean up and return
   success or failure to test-exec.sh

20120426
 - (djm) [auth-passwd.c] Handle crypt() returning NULL; from Paul Wouters
   via Niels
 - (djm) [auth-krb5.c] Save errno across calls that might modify it;
   ok dtucker@@
d2903 7
a2909 5
20120423
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2012/04/23 08:18:17
     [channels.c]
     fix function proto/source mismatch
d2911 1
a2911 1
20120422
d2913 1
a2913 1
   - djm@@cvs.openbsd.org 2012/02/29 11:21:26
d2915 9
a2923 2
     allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@@
   - guenther@@cvs.openbsd.org 2012/03/15 03:10:27
d2925 13
a2937 5
     root should always be excluded from the test for /etc/nologin instead
     of having it always enforced even when marked as ignorenologin.  This
     regressed when the logic was incompletely flipped around in rev 1.251
     ok halex@@ millert@@
   - djm@@cvs.openbsd.org 2012/03/28 07:23:22
d2939 2
a2940 30
     explain certificate extensions/crit split rationale. Mention requirement
     that each appear at most once per cert.
   - dtucker@@cvs.openbsd.org 2012/03/29 23:54:36
     [channels.c channels.h servconf.c]
     Add PermitOpen none option based on patch from Loganaden Velvindron
     (bz #1949).  ok djm@@
   - djm@@cvs.openbsd.org 2012/04/11 13:16:19
     [channels.c channels.h clientloop.c serverloop.c]
     don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
     while; ok deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2012/04/11 13:17:54
     [auth.c]
     Support "none" as an argument for AuthorizedPrincipalsFile to indicate
     no file should be read.
   - djm@@cvs.openbsd.org 2012/04/11 13:26:40
     [sshd.c]
     don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
     while; ok deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2012/04/11 13:34:17
     [ssh-keyscan.1 ssh-keyscan.c]
     now that sshd defaults to offering ECDSA keys, ssh-keyscan should also
     look for them by default; bz#1971
   - djm@@cvs.openbsd.org 2012/04/12 02:42:32
     [servconf.c servconf.h sshd.c sshd_config sshd_config.5]
     VersionAddendum option to allow server operators to append some arbitrary
     text to the SSH-... banner; ok deraadt@@ "don't care" markus@@
   - djm@@cvs.openbsd.org 2012/04/12 02:43:55
     [sshd_config sshd_config.5]
     mention AuthorizedPrincipalsFile=none default
   - djm@@cvs.openbsd.org 2012/04/20 03:24:23
d2942 32
a2973 4
     setlinebuf(3) is more readable than setvbuf(.., _IOLBF, ...)
   - jmc@@cvs.openbsd.org 2012/04/20 16:26:22
     [ssh.1]
     use "brackets" instead of "braces", for consistency;
d2975 17
a2991 5
20120420
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Update for release 6.0
 - (djm) [README] Update URL to release notes.
 - (djm) Release openssh-6.0
d2993 64
@


1.8
log
@SVN rev 221420 on 2011-05-04 07:34:44Z by des

Upgrade to OpenSSH 5.8p2.
@
text
@d4 1
@


1.7
log
@SVN rev 215116 on 2010-11-11 11:46:19Z by des

Upgrade to OpenSSH 5.6p1.
@
text
@d1 739
a1258 2743
20100410
 - (dtucker) [configure.ac] Put the check for the existence of getaddrinfo
   back so we disable the IPv6 tests if we don't have it.

20100409
 - (dtucker) [contrib/cygwin/Makefile] Don't overwrite files with the wrong
   ones.  Based on a patch from Roumen Petrov.
 - (dtucker) [configure.ac] Bug #1744: use pkg-config for libedit flags if we
   have it and the path is not provided to --with-libedit.  Based on a patch
   from Iain Morgan.
 - (dtucker) [configure.ac defines.h loginrec.c logintest.c] Bug #1732: enable
   utmpx support on FreeBSD where possible.  Patch from Ed Schouten, ok djm@@

20100326
 - (djm) [openbsd-compat/bsd-arc4random.c] Fix preprocessor detection
   for arc4random_buf() and arc4random_uniform(); from Josh Gilkerson
 - (dtucker) [configure.ac] Bug #1741: Add section for Haiku, patch originally
   by Ingo Weinhold via Scott McCreary, ok djm@@
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/03/25 23:38:28
     [servconf.c]
     from portable: getcwd(NULL, 0) doesn't work on all platforms, so
     use a stack buffer; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/03/26 00:26:58
     [ssh.1]
     mention that -S none disables connection sharing; from Colin Watson
 - (djm) [session.c] Allow ChrootDirectory to work on SELinux platforms -
   set up SELinux execution context before chroot() call. From Russell
   Coker via Colin watson; bz#1726 ok dtucker@@
 - (djm) [channels.c] Check for EPFNOSUPPORT as a socket() errno; bz#1721
   ok dtucker@@
 - (dtucker) Bug #1725: explicitly link libX11 into gnome-ssh-askpass2 using
   pkg-config, patch from Colin Watson.  Needed for newer linkers (ie gold).
 - (djm) [contrib/ssh-copy-id] Don't blow up when the agent has no keys;
   bz#1723 patch from Adeodato Simóvia Colin Watson; ok dtucker@@
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2010/03/26 01:06:13
     [ssh_config.5]
     Reformat default value of PreferredAuthentications entry (current
     formatting implies ", " is acceptable as a separator, which it's not.
     ok djm@@

20100324
 - (dtucker) [contrib/cygwin/ssh-host-config] Mount the Windows directory
   containing the services file explicitely case-insensitive.  This allows to
   tweak the Windows services file reliably.  Patch from vinschen at redhat.

20100321
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2010/03/08 09:41:27
     [ssh-keygen.1]
     sort the list of constraints (to -O); ok djm
   - jmc@@cvs.openbsd.org 2010/03/10 07:40:35
     [ssh-keygen.1]
     typos; from Ross Richardson
     closes prs 6334 and 6335
   - djm@@cvs.openbsd.org 2010/03/10 23:27:17
     [auth2-pubkey.c]
     correct certificate logging and make it more consistent between
     authorized_keys and TrustedCAKeys; ok markus@@
   - djm@@cvs.openbsd.org 2010/03/12 01:06:25
     [servconf.c]
     unbreak AuthorizedKeys option with a $HOME-relative path; reported by
     vinschen AT redhat.com, ok dtucker@@
   - markus@@cvs.openbsd.org 2010/03/12 11:37:40
     [servconf.c]
     do not prepend AuthorizedKeysFile with getcwd(), unbreaks relative paths
     free() (not xfree()) the buffer returned by getcwd()
   - djm@@cvs.openbsd.org 2010/03/13 21:10:38
     [clientloop.c]
     protocol conformance fix: send language tag when disconnecting normally;
     spotted by 1.41421 AT gmail.com, ok markus@@ deraadt@@
   - djm@@cvs.openbsd.org 2010/03/13 21:45:46
     [ssh-keygen.1]
     Certificates are named *-cert.pub, not *_cert.pub; committing a diff
     from stevesk@@ ok me
   - jmc@@cvs.openbsd.org 2010/03/13 23:38:13
     [ssh-keygen.1]
     fix a formatting error (args need quoted); noted by stevesk
   - stevesk@@cvs.openbsd.org 2010/03/15 19:40:02
     [key.c key.h ssh-keygen.c]
     also print certificate type (user or host) for ssh-keygen -L
     ok djm kettenis
   - stevesk@@cvs.openbsd.org 2010/03/16 15:46:52
     [auth-options.c]
     spelling in error message. ok djm kettenis
   - djm@@cvs.openbsd.org 2010/03/16 16:36:49
     [version.h]
     crank version to openssh-5.5 since we have a few fixes since 5.4;
     requested deraadt@@ kettenis@@
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Crank version numbers

20100314
 - (djm) [ssh-pkcs11-helper.c] Move #ifdef to after #defines to fix
   compilation failure when !HAVE_DLOPEN. Reported by felix-mindrot
   AT fefe.de
 - (djm) [Makefile.in] Respecify -lssh after -lopenbsd-compat for
   ssh-pkcs11-helper to repair static builds (we do the same for
   ssh-keyscan). Reported by felix-mindrot AT fefe.de

20100312
 - (tim) [Makefile.in] Now that scard is gone, no need to make $(datadir)
 - (tim) [Makefile.in] Add missing $(EXEEXT) to install targets.
   Patch from Corinna Vinschen.
 - (tim) [contrib/cygwin/Makefile] Fix list of documentation files to install
   on a Cygwin installation. Patch from Corinna Vinschen.

20100311
 - (tim) [contrib/suse/openssh.spec] crank version number here too.
   report by imorgan AT nas.nasa.gov

20100309
 - (dtucker) [configure.ac] Use a proper AC_CHECK_DECL for BROKEN_GETADDRINFO
   so setting it in CFLAGS correctly skips IPv6 tests.

20100428
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/03/07 22:16:01
     [ssh-keygen.c]
     make internal strptime string match strftime format;
     suggested by vinschen AT redhat.com and markus@@
   - djm@@cvs.openbsd.org 2010/03/08 00:28:55
     [ssh-keygen.1]
     document permit-agent-forwarding certificate constraint; patch from
     stevesk@@
   - djm@@cvs.openbsd.org 2010/03/07 22:01:32
     [version.h]
     openssh-5.4
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   crank version numbers
 - (djm) Release OpenSSH-5.4p1

20100307
 - (dtucker) [auth.c] Bug #1710: call setauthdb on AIX before getpwuid so that
   it gets the passwd struct from the LAM that knows about the user which is
   not necessarily the default.  Patch from Alexandre Letourneau.
 - (dtucker) [session.c] Bug #1567: move setpcred call to before chroot and
   do not set real uid, since that's needed for the chroot, and will be set
   by permanently_set_uid.
 - (dtucker) [session.c] Also initialize creds to NULL for handing to
    setpcred.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2010/03/07 11:57:13
     [auth-rhosts.c monitor.c monitor_wrap.c session.c auth-options.c sshd.c]
     Hold authentication debug messages until after successful authentication.
     Fixes an info leak of environment variables specified in authorized_keys,
     reported by Jacob Appelbaum.  ok djm@@

20100305
 - OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2010/03/04 12:51:25
     [ssh.1 sshd_config.5]
     tweak previous;
   - djm@@cvs.openbsd.org 2010/03/04 20:35:08
     [ssh-keygen.1 ssh-keygen.c]
     Add a -L flag to print the contents of a certificate; ok markus@@
   - jmc@@cvs.openbsd.org 2010/03/04 22:52:40
     [ssh-keygen.1]
     fix Bk/Ek;
   - djm@@cvs.openbsd.org 2010/03/04 23:17:25
     [sshd_config.5]
     missing word; spotted by jmc@@
   - djm@@cvs.openbsd.org 2010/03/04 23:19:29
     [ssh.1 sshd.8]
     move section on CA and revoked keys from ssh.1 to sshd.8's known hosts
     format section and rework it a bit; requested by jmc@@
   - djm@@cvs.openbsd.org 2010/03/04 23:27:25
     [auth-options.c ssh-keygen.c]
     "force-command" is not spelled "forced-command"; spotted by
     imorgan AT nas.nasa.gov
   - djm@@cvs.openbsd.org 2010/03/05 02:58:11
     [auth.c]
     make the warning for a revoked key louder and more noticable
   - jmc@@cvs.openbsd.org 2010/03/05 06:50:35
     [ssh.1 sshd.8]
     tweak previous;
   - jmc@@cvs.openbsd.org 2010/03/05 08:31:20
     [ssh.1]
     document certificate authentication; help/ok djm
   - djm@@cvs.openbsd.org 2010/03/05 10:28:21
     [ssh-add.1 ssh.1 ssh_config.5]
     mention loading of certificate files from [private]-cert.pub when
     they are present; feedback and ok jmc@@
 - (tim) [ssh-pkcs11.c] Fix "non-constant initializer" errors in older
   compilers. OK djm@@
 - (djm) [ssh-rand-helper.c] declare optind, avoiding compilation failure
   on some platforms
 - (djm) [configure.ac] set -fno-strict-aliasing for gcc4; ok dtucker@@

20100304
 - (djm) [ssh-keygen.c] Use correct local variable, instead of
   maybe-undefined global "optarg"
 - (djm) [contrib/redhat/openssh.spec] Replace obsolete BuildPreReq
   on XFree86-devel with neutral /usr/include/X11/Xlib.h;
   imorgan AT nas.nasa.gov in bz#1731
 - (djm) [.cvsignore] Ignore ssh-pkcs11-helper
 - (djm) [regress/Makefile] Cleanup sshd_proxy_orig
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/03/03 01:44:36
     [auth-options.c key.c]
     reject strings with embedded ASCII nul chars in certificate key IDs,
     principal names and constraints
   - djm@@cvs.openbsd.org 2010/03/03 22:49:50
     [sshd.8]
     the authorized_keys option for CA keys is "cert-authority", not
     "from=cert-authority". spotted by imorgan AT nas.nasa.gov
   - djm@@cvs.openbsd.org 2010/03/03 22:50:40
     [PROTOCOL.certkeys]
     s/similar same/similar/; from imorgan AT nas.nasa.gov
   - djm@@cvs.openbsd.org 2010/03/04 01:44:57
     [key.c]
     use buffer_get_string_ptr_ret() where we are checking the return
     value explicitly instead of the fatal()-causing buffer_get_string_ptr()
   - djm@@cvs.openbsd.org 2010/03/04 10:36:03
     [auth-rh-rsa.c auth-rsa.c auth.c auth.h auth2-hostbased.c auth2-pubkey.c]
     [authfile.c authfile.h hostfile.c hostfile.h servconf.c servconf.h]
     [ssh-keygen.c ssh.1 sshconnect.c sshd_config.5]
     Add a TrustedUserCAKeys option to sshd_config to specify CA keys that
     are trusted to authenticate users (in addition than doing it per-user
     in authorized_keys).
     
     Add a RevokedKeys option to sshd_config and a @@revoked marker to
     known_hosts to allow keys to me revoked and banned for user or host
     authentication.
     
     feedback and ok markus@@
   - djm@@cvs.openbsd.org 2010/03/03 00:47:23
     [regress/cert-hostkey.sh regress/cert-userkey.sh]
     add an extra test to ensure that authentication with the wrong
     certificate fails as it should (and it does)
   - djm@@cvs.openbsd.org 2010/03/04 10:38:23
     [regress/cert-hostkey.sh regress/cert-userkey.sh]
     additional regression tests for revoked keys and TrustedUserCAKeys

20100303
 - (djm) [PROTOCOL.certkeys] Add RCS Ident
 - OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2010/02/26 22:09:28
     [ssh-keygen.1 ssh.1 sshd.8]
     tweak previous;
   - otto@@cvs.openbsd.org 2010/03/01 11:07:06
     [ssh-add.c]
     zap what seems to be a left-over debug message; ok markus@@
   - djm@@cvs.openbsd.org 2010/03/02 23:20:57
     [ssh-keygen.c]
     POSIX strptime is stricter than OpenBSD's so do a little dance to
     appease it.
 - (djm) [regress/cert-userkey.sh] s/echo -n/echon/ here too

20100302
 - (tim) [config.guess config.sub] Bug 1722: Update to latest versions from
   http://git.savannah.gnu.org/gitweb/ (2009-12-30 and 2010-01-22
   respectively).

20100301
 - (dtucker) [regress/{cert-hostkey,cfgmatch,cipher-speed}.sh} Replace
   "echo -n" with "echon" for portability.
 - (dtucker) [openbsd-compat/port-linux.c] Make failure to write to the OOM
   adjust log at verbose only, since according to cjwatson in bug #1470
   some virtualization platforms don't allow writes.

20100228
 - (djm) [auth.c] On Cygwin, refuse usernames that have differences in
   case from that matched in the system password database. On this
   platform, passwords are stored case-insensitively, but sshd requires
   exact case matching for Match blocks in sshd_config(5). Based on
   a patch from vinschen AT redhat.com.
 - (tim) [ssh-pkcs11-helper.c] Move declarations before calling functions
   to make older compilers (gcc 2.95) happy.

20100227
 - (djm) [ssh-pkcs11-helper.c ] Ensure RNG is initialised and seeded
 - (djm) [openbsd-compat/bsd-cygwin_util.c] Reduce the set of environment
   variables copied into sshd child processes. From vinschen AT redhat.com

20100226
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/02/26 20:29:54
     [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys addrmatch.c auth-options.c]
     [auth-options.h auth.h auth2-pubkey.c authfd.c dns.c dns.h hostfile.c]
     [hostfile.h kex.h kexdhs.c kexgexs.c key.c key.h match.h monitor.c]
     [myproposal.h servconf.c servconf.h ssh-add.c ssh-agent.c ssh-dss.c]
     [ssh-keygen.1 ssh-keygen.c ssh-rsa.c ssh.1 ssh.c ssh2.h sshconnect.c]
     [sshconnect2.c sshd.8 sshd.c sshd_config.5]
     Add support for certificate key types for users and hosts.
     
     OpenSSH certificate key types are not X.509 certificates, but a much
     simpler format that encodes a public key, identity information and
     some validity constraints and signs it with a CA key. CA keys are
     regular SSH keys. This certificate style avoids the attack surface
     of X.509 certificates and is very easy to deploy.
     
     Certified host keys allow automatic acceptance of new host keys
     when a CA certificate is marked as trusted in ~/.ssh/known_hosts.
     see VERIFYING HOST KEYS in ssh(1) for details.
     
     Certified user keys allow authentication of users when the signing
     CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS
     FILE FORMAT" in sshd(8) for details.
     
     Certificates are minted using ssh-keygen(1), documentation is in
     the "CERTIFICATES" section of that manpage.
     
     Documentation on the format of certificates is in the file
     PROTOCOL.certkeys
     
     feedback and ok markus@@
   - djm@@cvs.openbsd.org 2010/02/26 20:33:21
     [Makefile regress/cert-hostkey.sh regress/cert-userkey.sh]
     regression tests for certified keys

20100224
 - (djm) [pkcs11.h ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]
   [ssh-pkcs11.h] Add $OpenBSD$ RCS idents so we can sync portable
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/02/11 20:37:47
     [pathnames.h]
     correct comment
   - dtucker@@cvs.openbsd.org 2009/11/09 04:20:04
     [regress/Makefile]
     add regression test for ssh-keygen pubkey conversions
   - dtucker@@cvs.openbsd.org 2010/01/11 02:53:44
     [regress/forwarding.sh]
     regress test for stdio forwarding
   - djm@@cvs.openbsd.org 2010/02/09 04:57:36
     [regress/addrmatch.sh]
     clean up droppings
   - djm@@cvs.openbsd.org 2010/02/09 06:29:02
     [regress/Makefile]
     turn on all the malloc(3) checking options when running regression
     tests. this has caught a few bugs for me in the past; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/02/24 06:21:56
     [regress/test-exec.sh]
     wait for sshd to fully stop in cleanup() function; avoids races in tests
     that do multiple start_sshd/cleanup cycles; "I hate pidfiles" deraadt@@
   - markus@@cvs.openbsd.org 2010/02/08 10:52:47
     [regress/agent-pkcs11.sh]
     test for PKCS#11 support (currently disabled)
 - (djm) [Makefile.in ssh-pkcs11-helper.8] Add manpage for PKCS#11 helper
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Add PKCS#11 helper binary and manpage

20100212
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/02/02 22:49:34
     [bufaux.c]
     make buffer_get_string_ret() really non-fatal in all cases (it was
     using buffer_get_int(), which could fatal() on buffer empty);
     ok markus dtucker
   - markus@@cvs.openbsd.org 2010/02/08 10:50:20
     [pathnames.h readconf.c readconf.h scp.1 sftp.1 ssh-add.1 ssh-add.c]
     [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config.5]
     replace our obsolete smartcard code with PKCS#11.
        ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf
     ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11
     provider (shared library) while ssh-agent(1) delegates PKCS#11 to
     a forked a ssh-pkcs11-helper process.
     PKCS#11 is currently a compile time option.
     feedback and ok djm@@; inspired by patches from Alon Bar-Lev
   - jmc@@cvs.openbsd.org 2010/02/08 22:03:05
     [ssh-add.1 ssh-keygen.1 ssh.1 ssh.c]
     tweak previous; ok markus
   - djm@@cvs.openbsd.org 2010/02/09 00:50:36
     [ssh-agent.c]
     fallout from PKCS#11: unbreak -D
   - djm@@cvs.openbsd.org 2010/02/09 00:50:59
     [ssh-keygen.c]
     fix -Wall
   - djm@@cvs.openbsd.org 2010/02/09 03:56:28
     [buffer.c buffer.h]
     constify the arguments to buffer_len, buffer_ptr and buffer_dump
   - djm@@cvs.openbsd.org 2010/02/09 06:18:46
     [auth.c]
     unbreak ChrootDirectory+internal-sftp by skipping check for executable
     shell when chrooting; reported by danh AT wzrd.com; ok dtucker@@
   - markus@@cvs.openbsd.org 2010/02/10 23:20:38
     [ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5]
     pkcs#11 is no longer optional; improve wording; ok jmc@@
   - jmc@@cvs.openbsd.org 2010/02/11 13:23:29
     [ssh.1]
     libarary -> library;
 - (djm) [INSTALL Makefile.in README.smartcard configure.ac scard-opensc.c]
   [scard.c scard.h pkcs11.h scard/Makefile.in scard/Ssh.bin.uu scard/Ssh.java]
   Remove obsolete smartcard support
 - (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]
   Make it compile on OSX
 - (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]
   Use ssh_get_progname to fill __progname
 - (djm) [configure.ac] Enable PKCS#11 support only when we find a working
   dlopen()

20100210
 - (djm) add -lselinux to LIBS before calling AC_CHECK_FUNCS for
   getseuserbyname; patch from calebcase AT gmail.com via
   cjwatson AT debian.org

20100202
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/01/30 21:08:33
     [sshd.8]
     debug output goes to stderr, not "the system log"; ok markus dtucker
   - djm@@cvs.openbsd.org 2010/01/30 21:12:08
     [channels.c]
     fake local addr:port when stdio fowarding as some servers (Tectia at
     least) validate that they are well-formed;
     reported by imorgan AT nas.nasa.gov
     ok dtucker

20100130
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/01/28 00:21:18
     [clientloop.c]
     downgrade an error() to a debug() - this particular case can be hit in
     normal operation for certain sequences of mux slave vs session closure
     and is harmless
   - djm@@cvs.openbsd.org 2010/01/29 00:20:41
     [sshd.c]
     set FD_CLOEXEC on sock_in/sock_out; bz#1706 from jchadima AT redhat.com
     ok dtucker@@
   - djm@@cvs.openbsd.org 2010/01/29 20:16:17
     [mux.c]
     kill correct channel (was killing already-dead mux channel, not
     its session channel)
   - djm@@cvs.openbsd.org 2010/01/30 02:54:53
     [mux.c]
     don't mark channel as read failed if it is already closing; suppresses
     harmless error messages when connecting to SSH.COM Tectia server
     report by imorgan AT nas.nasa.gov

20100129
 - (dtucker) [openbsd-compat/openssl-compat.c] Bug #1707: Call OPENSSL_config()
   after registering the hardware engines, which causes the openssl.cnf file to
   be processed.  See OpenSSL's man page for OPENSSL_config(3) for details.
   Patch from Solomon Peachy, ok djm@@.

20100128
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/01/26 02:15:20
     [mux.c]
     -Wuninitialized and remove a // comment; from portable
     (Id sync only)
   - djm@@cvs.openbsd.org 2010/01/27 13:26:17
     [mux.c]
     fix bug introduced in mux rewrite:
     
     In a mux master, when a socket to a mux slave closes before its server
     session (as may occur when the slave has been signalled), gracefully
     close the server session rather than deleting its channel immediately.
     A server may have more messages on that channel to send (e.g. an exit
     message) that will fatal() the client if they are sent to a channel that
     has been prematurely deleted.
     
     spotted by imorgan AT nas.nasa.gov
   - djm@@cvs.openbsd.org 2010/01/27 19:21:39
     [sftp.c]
     add missing "p" flag to getopt optstring;
     bz#1704 from imorgan AT nas.nasa.gov

20100126
 - (djm) OpenBSD CVS Sync
   - tedu@@cvs.openbsd.org 2010/01/17 21:49:09
     [ssh-agent.1]
     Correct and clarify ssh-add's password asking behavior.
     Improved text dtucker and ok jmc
   - dtucker@@cvs.openbsd.org 2010/01/18 01:50:27
     [roaming_client.c]
     s/long long unsigned/unsigned long long/, from tim via portable
     (Id sync only, change already in portable)
   - djm@@cvs.openbsd.org 2010/01/26 01:28:35
     [channels.c channels.h clientloop.c clientloop.h mux.c nchan.c ssh.c]
     rewrite ssh(1) multiplexing code to a more sensible protocol.
     
     The new multiplexing code uses channels for the listener and
     accepted control sockets to make the mux master non-blocking, so
     no stalls when processing messages from a slave.
     
     avoid use of fatal() in mux master protocol parsing so an errant slave
     process cannot take down a running master.
     
     implement requesting of port-forwards over multiplexed sessions. Any
     port forwards requested by the slave are added to those the master has
     established.
     
     add support for stdio forwarding ("ssh -W host:port ...") in mux slaves.
     
     document master/slave mux protocol so that other tools can use it to
     control a running ssh(1). Note: there are no guarantees that this
     protocol won't be incompatibly changed (though it is versioned).
     
     feedback Salvador Fandino, dtucker@@
     channel changes ok markus@@

20100122
 - (tim) [configure.ac] Due to constraints in Windows Sockets in terms of
   socket inheritance, reduce the default SO_RCVBUF/SO_SNDBUF buffer size
   in Cygwin to 65535. Patch from Corinna Vinschen.

20100117
 - (tim) [configure.ac] OpenServer 5 needs BROKEN_GETADDRINFO too.
 - (tim) [configure.ac] On SVR5 systems, use the C99-conforming functions
   snprintf() and vsnprintf() named _xsnprintf() and _xvsnprintf().

20100116
 - (dtucker) [openbsd-compat/pwcache.c] Pull in includes.h and thus defines.h
   so we correctly detect whether or not we have a native user_from_uid.
 - (dtucker) [openbsd-compat/openbsd-compat.h] Prototypes for user_from_uid
   and group_from_gid.
 - (dtucker) [openbsd-compat/openbsd-compat.h] Fix prototypes, spotted by
   Tim.
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2010/01/15 09:24:23
     [sftp-common.c]
     unused
 - (dtucker) [openbsd-compat/pwcache.c] Shrink ifdef area to prevent unused
   variable warnings.
 - (dtucker) [openbsd-compat/openbsd-compat.h] Typo.
 - (tim) [regress/portnum.sh] Shell portability fix.
 - (tim) [configure.ac] Define BROKEN_GETADDRINFO on SVR5 systems. The native
   getaddrinfo() is too old and limited for addr_pton() in addrmatch.c.
 - (tim) [roaming_client.c] Use of <sys/queue.h> is not really portable so we
   use "openbsd-compat/sys-queue.h". s/long long unsigned/unsigned long long/
   to keep USL compilers happy.

20100115
 - (dtucker) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2010/01/13 12:48:34
     [sftp.1 sftp.c]
     sftp.1: put ls -h in the right place
     sftp.c: as above, plus add -p to get/put, and shorten their arg names
     to keep the help usage nicely aligned
     ok djm
   - djm@@cvs.openbsd.org 2010/01/13 23:47:26
     [auth.c]
     when using ChrootDirectory, make sure we test for the existence of the
     user's shell inside the chroot; bz #1679, patch from alex AT rtfs.hu;
     ok dtucker
   - dtucker@@cvs.openbsd.org 2010/01/14 23:41:49
     [sftp-common.c]
     use user_from{uid,gid} to lookup up ids since it keeps a small cache.
     ok djm
   - guenther@@cvs.openbsd.org 2010/01/15 00:05:22
     [sftp.c]
     Reset SIGTERM to SIG_DFL before executing ssh, so that even if sftp
     inherited SIGTERM as ignored it will still be able to kill the ssh it
     starts.
     ok dtucker@@
 - (dtucker) [openbsd-compat/pwcache.c] Pull in pwcache.c from OpenBSD (no
   changes yet but there will be some to come).
 - (dtucker) [configure.ac openbsd-compat/{Makefile.in,pwcache.c} Portability
   for pwcache.  Also, added caching of negative hits.

20100114
 - (djm) [platform.h] Add missing prototype for
   platform_krb5_get_principal_name

20100113
 - (dtucker) [monitor_fdpass.c] Wrap poll.h include in ifdefs.
 - (dtucker) [openbsd-compat/readpassphrase.c] Resync against OpenBSD's r1.18:
   missing restore of SIGTTOU and some whitespace.
 - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.21.
 - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.22.
   Fixes bz #1590, where sometimes you could not interrupt a connection while
   ssh was prompting for a passphrase or password.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2010/01/13 00:19:04
     [sshconnect.c auth.c]
     Fix a couple of typos/mispellings in comments
   - dtucker@@cvs.openbsd.org 2010/01/13 01:10:56
     [key.c]
     Ignore and log any Protocol 1 keys where the claimed size is not equal to
     the actual size.  Noted by Derek Martin, ok djm@@
   - dtucker@@cvs.openbsd.org 2010/01/13 01:20:20
     [canohost.c ssh-keysign.c sshconnect2.c]
     Make HostBased authentication work with a ProxyCommand.  bz #1569, patch
     from imorgan at nas nasa gov, ok djm@@
   - djm@@cvs.openbsd.org 2010/01/13 01:40:16
     [sftp.c sftp-server.c sftp.1 sftp-common.c sftp-common.h]
     support '-h' (human-readable units) for sftp's ls command, just like
     ls(1); ok dtucker@@
   - djm@@cvs.openbsd.org 2010/01/13 03:48:13
     [servconf.c servconf.h sshd.c]
     avoid run-time failures when specifying hostkeys via a relative
     path by prepending the cwd in these cases; bz#1290; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/01/13 04:10:50
     [sftp.c]
     don't append a space after inserting a completion of a directory (i.e.
     a path ending in '/') for a slightly better user experience; ok dtucker@@
 - (dtucker) [sftp-common.c] Wrap include of util.h in an ifdef.
 - (tim) [defines.h] openbsd-compat/readpassphrase.c now needs _NSIG. 
   feedback and ok dtucker@@

20100112
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2010/01/11 01:39:46
     [ssh_config channels.c ssh.1 channels.h ssh.c]
     Add a 'netcat mode' (ssh -W).  This connects stdio on the client to a
     single port forward on the server.  This allows, for example, using ssh as
     a ProxyCommand to route connections via intermediate servers.
     bz #1618, man page help from jmc@@, ok markus@@
   - dtucker@@cvs.openbsd.org 2010/01/11 04:46:45
     [authfile.c sshconnect2.c]
     Do not prompt for a passphrase if we fail to open a keyfile, and log the
     reason the open failed to debug.
     bz #1693, found by tj AT castaglia org, ok djm@@
   - djm@@cvs.openbsd.org 2010/01/11 10:51:07
     [ssh-keygen.c]
     when converting keys, truncate key comments at 72 chars as per RFC4716;
     bz#1630 reported by tj AT castaglia.org; ok markus@@
   - dtucker@@cvs.openbsd.org 2010/01/12 00:16:47
     [authfile.c]
     Fix bug introduced in r1.78 (incorrect brace location) that broke key auth.
     Patch from joachim joachimschipper nl.
   - djm@@cvs.openbsd.org 2010/01/12 00:58:25
     [monitor_fdpass.c]
     avoid spinning when fd passing on nonblocking sockets by calling poll()
     in the EINTR/EAGAIN path, much like we do in atomicio; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/01/12 00:59:29
     [roaming_common.c]
     delete with extreme prejudice a debug() that fired with every keypress;
     ok dtucker deraadt
   - dtucker@@cvs.openbsd.org 2010/01/12 01:31:05
     [session.c]
     Do not allow logins if /etc/nologin exists but is not readable by the user
     logging in.  Noted by Jan.Pechanec at Sun, ok djm@@ deraadt@@
   - djm@@cvs.openbsd.org 2010/01/12 01:36:08
     [buffer.h bufaux.c]
     add a buffer_get_string_ptr_ret() that does the same as
     buffer_get_string_ptr() but does not fatal() on error; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2010/01/12 08:33:17
     [session.c]
     Add explicit stat so we reliably detect nologin with bad perms.
     ok djm markus

20100110
 - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c]
   Remove hacks add for RoutingDomain in preparation for its removal.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2010/01/09 23:04:13
     [channels.c ssh.1 servconf.c sshd_config.5 sshd.c channels.h servconf.h
     ssh-keyscan.1 ssh-keyscan.c readconf.c sshconnect.c misc.c ssh.c
     readconf.h scp.1 sftp.1 ssh_config.5 misc.h]
     Remove RoutingDomain from ssh since it's now not needed.  It can be
     replaced with "route exec" or "nc -V" as a proxycommand.  "route exec"
     also ensures that trafic such as DNS lookups stays withing the specified
     routingdomain.  For example (from reyk):
     # route -T 2 exec /usr/sbin/sshd
     or inherited from the parent process
     $ route -T 2 exec sh
     $ ssh 10.1.2.3
     ok deraadt@@ markus@@ stevesk@@ reyk@@
   - dtucker@@cvs.openbsd.org 2010/01/10 03:51:17
     [servconf.c]
     Add ChrootDirectory to sshd.c test-mode output
   - dtucker@@cvs.openbsd.org 2010/01/10 07:15:56
     [auth.c]
     Output a debug if we can't open an existing keyfile.  bz#1694, ok djm@@

20100109
 - (dtucker) Wrap use of IPPROTO_IPV6 in an ifdef for platforms that don't
   have it.
 - (dtucker) [defines.h] define PRIu64 for platforms that don't have it.
 - (dtucker) [roaming_client.c] Wrap inttypes.h in an ifdef.
 - (dtucker) [loginrec.c] Use the SUSv3 specified name for the user name
   when using utmpx.  Patch from Ed Schouten.
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/01/09 00:20:26
     [sftp-server.c sftp-server.8]
     add a 'read-only' mode to sftp-server(8) that disables open in write mode
     and all other fs-modifying protocol methods. bz#430 ok dtucker@@
   - djm@@cvs.openbsd.org 2010/01/09 00:57:10
     [PROTOCOL]
     tweak language
   - jmc@@cvs.openbsd.org 2010/01/09 03:36:00
     [sftp-server.8]
     bad place to forget a comma...
   - djm@@cvs.openbsd.org 2010/01/09 05:04:24
     [mux.c sshpty.h clientloop.c sshtty.c]
     quell tc[gs]etattr warnings when forcing a tty (ssh -tt), since we
     usually don't actually have a tty to read/set; bz#1686 ok dtucker@@
   - dtucker@@cvs.openbsd.org 2010/01/09 05:17:00
     [roaming_client.c]
     Remove a PRIu64 format string that snuck in with roaming.  ok djm@@
   - dtucker@@cvs.openbsd.org 2010/01/09 11:13:02
     [sftp.c]
     Prevent sftp from derefing a null pointer when given a "-" without a
     command.  Also, allow whitespace to follow a "-".  bz#1691, path from
     Colin Watson via Debian.  ok djm@@ deraadt@@
   - dtucker@@cvs.openbsd.org 2010/01/09 11:17:56
     [sshd.c]
     Afer sshd receives a SIGHUP, ignore subsequent HUPs while sshd re-execs
     itself.  Prevents two HUPs in quick succession from resulting in sshd
     dying.  bz#1692, patch from Colin Watson via Ubuntu.
 - (dtucker) [defines.h] Remove now-undeeded PRIu64 define.

20100108
 - (dtucker) OpenBSD CVS Sync
   - andreas@@cvs.openbsd.org 2009/10/24 11:11:58
     [roaming.h]
     Declarations needed for upcoming changes.
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/10/24 11:13:54
     [sshconnect2.c kex.h kex.c]
     Let the client detect if the server supports roaming by looking
     for the resume@@appgate.com kex algorithm.
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/10/24 11:15:29
     [clientloop.c]
     client_loop() must detect if the session has been suspended and resumed,
     and take appropriate action in that case.
     From Martin Forssen, maf at appgate dot com
   - andreas@@cvs.openbsd.org 2009/10/24 11:19:17
     [ssh2.h]
     Define the KEX messages used when resuming a suspended connection.
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/10/24 11:22:37
     [roaming_common.c]
     Do the actual suspend/resume in the client. This won't be useful until
     the server side supports roaming.
     Most code from Martin Forssen, maf at appgate dot com. Some changes by
     me and markus@@
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/10/24 11:23:42
     [ssh.c]
     Request roaming to be enabled if UseRoaming is true and the server
     supports it.
     ok markus@@
   - reyk@@cvs.openbsd.org 2009/10/28 16:38:18
     [ssh_config.5 sshd.c misc.h ssh-keyscan.1 readconf.h sshconnect.c
     channels.c channels.h servconf.h servconf.c ssh.1 ssh-keyscan.c scp.1
     sftp.1 sshd_config.5 readconf.c ssh.c misc.c]
     Allow to set the rdomain in ssh/sftp/scp/sshd and ssh-keyscan.
     ok markus@@
   - jmc@@cvs.openbsd.org 2009/10/28 21:45:08
     [sshd_config.5 sftp.1]
     tweak previous;
   - djm@@cvs.openbsd.org 2009/11/10 02:56:22
     [ssh_config.5]
     explain the constraints on LocalCommand some more so people don't
     try to abuse it.
   - djm@@cvs.openbsd.org 2009/11/10 02:58:56
     [sshd_config.5]
     clarify that StrictModes does not apply to ChrootDirectory. Permissions
     and ownership are always checked when chrooting. bz#1532
   - dtucker@@cvs.openbsd.org 2009/11/10 04:30:45
     [sshconnect2.c channels.c sshconnect.c]
     Set close-on-exec on various descriptors so they don't get leaked to
     child processes.  bz #1643, patch from jchadima at redhat, ok deraadt.
   - markus@@cvs.openbsd.org 2009/11/11 21:37:03
     [channels.c channels.h]
     fix race condition in x11/agent channel allocation: don't read after
     the end of the select read/write fdset and make sure a reused FD
     is not touched before the pre-handlers are called.
     with and ok djm@@
   - djm@@cvs.openbsd.org 2009/11/17 05:31:44
     [clientloop.c]
     fix incorrect exit status when multiplexing and channel ID 0 is recycled
     bz#1570 reported by peter.oliver AT eon-is.co.uk; ok dtucker
   - djm@@cvs.openbsd.org 2009/11/19 23:39:50
     [session.c]
     bz#1606: error when an attempt is made to connect to a server
     with ForceCommand=internal-sftp with a shell session (i.e. not a
     subsystem session). Avoids stuck client when attempting to ssh to such a
     service. ok dtucker@@
   - dtucker@@cvs.openbsd.org 2009/11/20 00:15:41
     [session.c]
     Warn but do not fail if stat()ing the subsystem binary fails.  This helps
     with chrootdirectory+forcecommand=sftp-server and restricted shells.
     bz #1599, ok djm.
   - djm@@cvs.openbsd.org 2009/11/20 00:54:01
     [sftp.c]
     bz#1588 change "Connecting to host..." message to "Connected to host."
     and delay it until after the sftp protocol connection has been established.
     Avoids confusing sequence of messages when the underlying ssh connection
     experiences problems. ok dtucker@@
   - dtucker@@cvs.openbsd.org 2009/11/20 00:59:36
     [sshconnect2.c]
     Use the HostKeyAlias when prompting for passwords.  bz#1039, ok djm@@
   - djm@@cvs.openbsd.org 2009/11/20 03:24:07
     [misc.c]
     correct off-by-one in percent_expand(): we would fatal() when trying
     to expand EXPAND_MAX_KEYS, allowing only EXPAND_MAX_KEYS-1 to actually
     work.  Note that nothing in OpenSSH actually uses close to this limit at
     present.  bz#1607 from Jan.Pechanec AT Sun.COM
   - halex@@cvs.openbsd.org 2009/11/22 13:18:00
     [sftp.c]
     make passing of zero-length arguments to ssh safe by
     passing "-<switch>" "<value>" rather than "-<switch><value>"
     ok dtucker@@, guenther@@, djm@@
   - dtucker@@cvs.openbsd.org 2009/12/06 23:41:15
     [sshconnect2.c]
     zap unused variable and strlen; from Steve McClellan, ok djm
   - djm@@cvs.openbsd.org 2009/12/06 23:53:45
     [roaming_common.c]
     use socklen_t for getsockopt optlen parameter; reported by
     Steve.McClellan AT radisys.com, ok dtucker@@
   - dtucker@@cvs.openbsd.org 2009/12/06 23:53:54
     [sftp.c]
     fix potential divide-by-zero in sftp's "df" output when talking to a server
     that reports zero files on the filesystem (Unix filesystems always have at
     least the root inode).  From Steve McClellan at radisys, ok djm@@
   - markus@@cvs.openbsd.org 2009/12/11 18:16:33
     [key.c]
     switch from 35 to the more common value of RSA_F4 == (2**16)+1 == 65537
     for the RSA public exponent; discussed with provos; ok djm@@
   - guenther@@cvs.openbsd.org 2009/12/20 07:28:36
     [ssh.c sftp.c scp.c]
     When passing user-controlled options with arguments to other programs,
     pass the option and option argument as separate argv entries and
     not smashed into one (e.g., as -l foo and not -lfoo).  Also, always
     pass a "--" argument to stop option parsing, so that a positional
     argument that starts with a '-' isn't treated as an option.  This
     fixes some error cases as well as the handling of hostnames and
     filenames that start with a '-'.
     Based on a diff by halex@@
     ok halex@@ djm@@ deraadt@@
   - djm@@cvs.openbsd.org 2009/12/20 23:20:40
     [PROTOCOL]
     fix an incorrect magic number and typo in PROTOCOL; bz#1688
     report and fix from ueno AT unixuser.org
   - stevesk@@cvs.openbsd.org 2009/12/25 19:40:21
     [readconf.c servconf.c misc.h ssh-keyscan.c misc.c]
     validate routing domain is in range 0-RT_TABLEID_MAX.
     'Looks right' deraadt@@
   - stevesk@@cvs.openbsd.org 2009/12/29 16:38:41
     [sshd_config.5 readconf.c ssh_config.5 scp.1 servconf.c sftp.1 ssh.1]
     Rename RDomain config option to RoutingDomain to be more clear and
     consistent with other options.
     NOTE: if you currently use RDomain in the ssh client or server config,
     or ssh/sshd -o, you must update to use RoutingDomain.
     ok markus@@ djm@@
   - jmc@@cvs.openbsd.org 2009/12/29 18:03:32
     [sshd_config.5 ssh_config.5]
     sort previous;
   - dtucker@@cvs.openbsd.org 2010/01/04 01:45:30
     [sshconnect2.c]
     Don't escape backslashes in the SSH2 banner.  bz#1533, patch from
     Michal Gorny via Gentoo.
   - djm@@cvs.openbsd.org 2010/01/04 02:03:57
     [sftp.c]
     Implement tab-completion of commands, local and remote filenames for sftp.
     Hacked on and off for some time by myself, mouring, Carlos Silva (via 2009
     Google Summer of Code) and polished to a fine sheen by myself again.
     It should deal more-or-less correctly with the ikky corner-cases presented
     by quoted filenames, but the UI could still be slightly improved.
     In particular, it is quite slow for remote completion on large directories.
     bz#200; ok markus@@
   - djm@@cvs.openbsd.org 2010/01/04 02:25:15
     [sftp-server.c]
     bz#1566 don't unnecessarily dup() in and out fds for sftp-server;
     ok markus@@
   - dtucker@@cvs.openbsd.org 2010/01/08 21:50:49
     [sftp.c]
     Fix two warnings: possibly used unitialized and use a nul byte instead of
     NULL pointer.  ok djm@@
 - (dtucker) [Makefile.in added roaming_client.c roaming_serv.c] Import new
   files for roaming and add to Makefile.
 - (dtucker) [Makefile.in] .c files do not belong in the OBJ lines.
 - (dtucker) [sftp.c] ifdef out the sftp completion bits for platforms that
   don't have libedit.
 - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c] Make
   RoutingDomain an unsupported option on platforms that don't have it.
 - (dtucker) [sftp.c] Expand ifdef for libedit to cover complete_is_remote
   too.
 - (dtucker) [misc.c] Move the routingdomain ifdef to allow the socket to
   be created.
 - (dtucker] [misc.c] Shrink the area covered by USE_ROUTINGDOMAIN more
   to eliminate an unused variable warning.
 - (dtucker) [roaming_serv.c] Include includes.h for u_intXX_t types.

20091226
 - (tim) [contrib/cygwin/Makefile] Install ssh-copy-id and ssh-copy-id.1
   Gzip all man pages. Patch from Corinna Vinschen.

20091221
 - (dtucker) [auth-krb5.c platform.{c,h} openbsd-compat/port-aix.{c,h}]
   Bug #1583: Use system's kerberos principal name on AIX if it's available.
   Based on a patch from and tested by Miguel Sanders 

20091208
 - (dtucker) Bug #1470: Disable OOM-killing of the listening sshd on Linux,
   based on a patch from Vaclav Ovsik and Colin Watson.  ok djm.

20091207
 - (dtucker) Bug #1160: use pkg-config for opensc config if it's available.
   Tested by Martin Paljak.
 - (dtucker) Bug #1677: add conditionals around the source for ssh-askpass.

20091121
 - (tim) [opensshd.init.in] If PidFile is set in sshd_config, use it.
   Bug 1628. OK dtucker@@

20091120
 - (djm) [ssh-rand-helper.c] Print error and usage() when passed command-
   line arguments as none are supported. Exit when passed unrecognised
   commandline flags. bz#1568 from gson AT araneus.fi

20091118
 - (djm) [channels.c misc.c misc.h sshd.c] add missing setsockopt() to
   set IPV6_V6ONLY for local forwarding with GatwayPorts=yes. Unify
   setting IPV6_V6ONLY behind a new function misc.c:sock_set_v6only()
   bz#1648, report and fix from jan.kratochvil AT redhat.com
 - (djm) [contrib/gnome-ssh-askpass2.c] Make askpass dialog desktop-modal.
   bz#1645, patch from jchadima AT redhat.com

20091107
 - (dtucker) [authfile.c] Fall back to 3DES for the encryption of private
    keys when built with OpenSSL versions that don't do AES.

20091105
 - (dtucker) [authfile.c] Add OpenSSL compat header so this still builds with
   older versions of OpenSSL.

20091024
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2009/10/11 23:03:15
     [hostfile.c]
     mention the host name that we are looking for in check_host_in_hostfile()
   - sobrado@@cvs.openbsd.org 2009/10/17 12:10:39
     [sftp-server.c]
     sort flags.
   - sobrado@@cvs.openbsd.org 2009/10/22 12:35:53
     [ssh.1 ssh-agent.1 ssh-add.1]
     use the UNIX-related macros (.At and .Ux) where appropriate.
     ok jmc@@
   - sobrado@@cvs.openbsd.org 2009/10/22 15:02:12
     [ssh-agent.1 ssh-add.1 ssh.1]
     write UNIX-domain in a more consistent way; while here, replace a
     few remaining ".Tn UNIX" macros with ".Ux" ones.
     pointed out by ratchov@@, thanks!
     ok jmc@@
   - djm@@cvs.openbsd.org 2009/10/22 22:26:13
     [authfile.c]
     switch from 3DES to AES-128 for encryption of passphrase-protected
     SSH protocol 2 private keys; ok several
   - djm@@cvs.openbsd.org 2009/10/23 01:57:11
     [sshconnect2.c]
     disallow a hostile server from checking jpake auth by sending an
     out-of-sequence success message. (doesn't affect code enabled by default)
   - dtucker@@cvs.openbsd.org 2009/10/24 00:48:34
     [ssh-keygen.1]
     ssh-keygen now uses AES-128 for private keys
 - (dtucker) [mdoc2man.awk] Teach it to understand the .Ux macro.
 - (dtucker) [session.c openbsd-compat/port-linux.{c,h}] Bug #1637: if selinux
   is enabled set the security context to "sftpd_t" before running the
   internal sftp server   Based on a patch from jchadima at redhat.

20091011
 - (dtucker) [configure.ac sftp-client.c] Remove the gyrations required for
   dirent d_type and DTTOIF as we've switched OpenBSD to the more portable
   lstat.
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2009/10/08 14:03:41
     [sshd_config readconf.c ssh_config.5 servconf.c sshd_config.5]
     disable protocol 1 by default (after a transition period of about 10 years)
     ok deraadt
   - jmc@@cvs.openbsd.org 2009/10/08 20:42:12
     [sshd_config.5 ssh_config.5 sshd.8 ssh.1]
     some tweaks now that protocol 1 is not offered by default; ok markus
   - dtucker@@cvs.openbsd.org 2009/10/11 10:41:26
     [sftp-client.c]
     d_type isn't portable so use lstat to get dirent modes.  Suggested by and
     "looks sane" deraadt@@
   - markus@@cvs.openbsd.org 2009/10/08 18:04:27
     [regress/test-exec.sh]
     re-enable protocol v1 for the tests.

20091007
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2009/08/12 00:13:00
     [sftp.c sftp.1]
     support most of scp(1)'s commandline arguments in sftp(1), as a first
     step towards making sftp(1) a drop-in replacement for scp(1).
     One conflicting option (-P) has not been changed, pending further
     discussion.
     Patch from carlosvsilvapt@@gmail.com as part of his work in the
     Google Summer of Code
  - jmc@@cvs.openbsd.org 2009/08/12 06:31:42
     [sftp.1]
     sort options;
   - djm@@cvs.openbsd.org 2009/08/13 01:11:19
     [sftp.1 sftp.c]
     Swizzle options: "-P sftp_server_path" moves to "-D sftp_server_path",
     add "-P port" to match scp(1). Fortunately, the -P option is only really
     used by our regression scripts.
     part of larger patch from carlosvsilvapt@@gmail.com for his Google Summer
     of Code work; ok deraadt markus
   - jmc@@cvs.openbsd.org 2009/08/13 13:39:54
     [sftp.1 sftp.c]
     sync synopsis and usage();
   - djm@@cvs.openbsd.org 2009/08/14 18:17:49
     [sftp-client.c]
     make the "get_handle: ..." error messages vaguely useful by allowing
     callers to specify their own error message strings.
   - fgsch@@cvs.openbsd.org 2009/08/15 18:56:34
     [auth.h]
     remove unused define. markus@@ ok.
     (Id sync only, Portable still uses this.)
   - dtucker@@cvs.openbsd.org 2009/08/16 23:29:26
     [sshd_config.5]
     Add PubkeyAuthentication to the list allowed in a Match block (bz #1577)
   - djm@@cvs.openbsd.org 2009/08/18 18:36:21
     [sftp-client.h sftp.1 sftp-client.c sftp.c]
     recursive transfer support for get/put and on the commandline
     work mostly by carlosvsilvapt@@gmail.com for the Google Summer of Code
     with some tweaks by me; "go for it" deraadt@@
  - djm@@cvs.openbsd.org 2009/08/18 21:15:59
     [sftp.1]
     fix "get" command usage, spotted by jmc@@
   - jmc@@cvs.openbsd.org 2009/08/19 04:56:03
     [sftp.1]
     ether -> either;
   - dtucker@@cvs.openbsd.org 2009/08/20 23:54:28
     [mux.c]
     subsystem_flag is defined in ssh.c so it's extern; ok djm
   - djm@@cvs.openbsd.org 2009/08/27 17:28:52
     [sftp-server.c]
     allow setting an explicit umask on the commandline to override whatever
     default the user has. bz#1229; ok dtucker@@ deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2009/08/27 17:33:49
     [ssh-keygen.c]
     force use of correct hash function for random-art signature display
     as it was inheriting the wrong one when bubblebabble signatures were
     activated; bz#1611 report and patch from fwojcik+openssh AT besh.com;
     ok markus@@
   - djm@@cvs.openbsd.org 2009/08/27 17:43:00
     [sftp-server.8]
     allow setting an explicit umask on the commandline to override whatever
     default the user has. bz#1229; ok dtucker@@ deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2009/08/27 17:44:52
     [authfd.c ssh-add.c authfd.h]
     Do not fall back to adding keys without contraints (ssh-add -c / -t ...)
     when the agent refuses the constrained add request. This was a useful
     migration measure back in 2002 when constraints were new, but just
     adds risk now.
     bz #1612, report and patch from dkg AT fifthhorseman.net; ok markus@@
   - djm@@cvs.openbsd.org 2009/08/31 20:56:02
     [sftp-server.c]
     check correct variable for error message, spotted by martynas@@
   - djm@@cvs.openbsd.org 2009/08/31 21:01:29
     [sftp-server.8]
     document -e and -h; prodded by jmc@@
   - djm@@cvs.openbsd.org 2009/09/01 14:43:17
     [ssh-agent.c]
     fix a race condition in ssh-agent that could result in a wedged or
     spinning agent: don't read off the end of the allocated fd_sets, and
     don't issue blocking read/write on agent sockets - just fall back to
     select() on retriable read/write errors. bz#1633 reported and tested
     by "noodle10000 AT googlemail.com"; ok dtucker@@ markus@@
   - grunk@@cvs.openbsd.org 2009/10/01 11:37:33
     [dh.c]
     fix a cast
     ok djm@@ markus@@
   - djm@@cvs.openbsd.org 2009/10/06 04:46:40
     [session.c]
     bz#1596: fflush(NULL) before exec() to ensure that everying (motd
     in particular) has made it out before the streams go away.
   - djm@@cvs.openbsd.org 2008/12/07 22:17:48
     [regress/addrmatch.sh]
     match string "passwordauthentication" only at start of line, not anywhere
     in sshd -T output
   - dtucker@@cvs.openbsd.org 2009/05/05 07:51:36
     [regress/multiplex.sh]
     Always specify ssh_config for multiplex tests: prevents breakage caused
     by options in ~/.ssh/config.  From Dan Peterson.
   - djm@@cvs.openbsd.org 2009/08/13 00:57:17
     [regress/Makefile]
     regression test for port number parsing. written as part of the a2port
     change that went into 5.2 but I forgot to commit it at the time...
   - djm@@cvs.openbsd.org 2009/08/13 01:11:55
     [regress/sftp-batch.sh regress/sftp-badcmds.sh regress/sftp.sh
     regress/sftp-cmds.sh regres/sftp-glob.sh]
     date: 2009/08/13 01:11:19;  author: djm;  state: Exp;  lines: +10 -7
     Swizzle options: "-P sftp_server_path" moves to "-D sftp_server_path",
     add "-P port" to match scp(1). Fortunately, the -P option is only really
     used by our regression scripts.
     part of larger patch from carlosvsilvapt@@gmail.com for his Google Summer
     of Code work; ok deraadt markus
   - djm@@cvs.openbsd.org 2009/08/20 18:43:07
     [regress/ssh-com-sftp.sh]
     fix one sftp -D ... => sftp -P ... conversion that I missed; from Carlos
     Silva for Google Summer of Code
   - dtucker@@cvs.openbsd.org 2009/10/06 23:51:49
     [regress/ssh2putty.sh]
     Add OpenBSD tag to make syncs easier
 - (dtucker) [regress/portnum.sh] Import new test.
 - (dtucker) [configure.ac sftp-client.c] DTOTIF is in fs/ffs/dir.h on at
   least dragonflybsd.
 - (dtucker) d_type is not mandated by POSIX, so add fallback code using
    stat(), needed on at least cygwin.

20091002
 - (djm) [Makefile.in] Mention readconf.o in ssh-keysign's make deps.
   spotted by des AT des.no

20090926
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
         [contrib/suse/openssh.spec] Update for release
 - (djm) [README] update relnotes URL
 - (djm) [packet.c] Restore EWOULDBLOCK handling that got lost somewhere
 - (djm) Release 5.3p1

20090911
 - (dtucker) [configure.ac] Change the -lresolv check so it works on Mac OS X
   10.6 (which doesn't have BIND8_COMPAT and thus uses res_9_query).  Patch
   from jbasney at ncsa uiuc edu.

20090908
 - (djm) [serverloop.c] Fix test for server-assigned remote forwarding port
   (-R 0:...); bz#1578, spotted and fix by gavin AT emf.net; ok dtucker@@

20090901
 - (dtucker) [configure.ac] Bug #1639: use AC_PATH_PROG to search the path for
   krb5-config if it's not in the location specified by --with-kerberos5.
   Patch from jchadima at redhat.

20090829
 - (dtucker) [README.platform] Add text about development packages, based on
   text from Chris Pepper in bug #1631.

20090828
 - dtucker [auth-sia.c] Roll back the change for bug #1241 as it apparently
   causes problems in some Tru64 configurations.
 - (djm) [sshd_config.5] downgrade mention of login.conf to be an example
   and mention PAM as another provider for ChallengeResponseAuthentication;
   bz#1408; ok dtucker@@
 - (djm) [sftp-server.c] bz#1535: accept ENOSYS as a fallback error when
   attempting atomic rename(); ok dtucker@@
 - (djm) [Makefile.in] bz#1505: Solaris make(1) doesn't accept make variables
   in argv, so pass them in the environment; ok dtucker@@
 - (dtucker) [channels.c configure.ac] Bug #1528: skip the tcgetattr call on
    the pty master on Solaris, since it never succeeds and can hang if large
    amounts of data is sent to the slave (eg a copy-paste).  Based on a patch
    originally from Doke Scott, ok djm@@
 - (dtucker) [clientloop.c configure.ac defines.h] Make the client's IO buffer
   size a compile-time option and set it to 64k on Cygwin, since Corinna
   reports that it makes a significant difference to performance.  ok djm@@
 - (dtucker) [configure.ac] Fix the syntax of the Solaris tcgetattr entry.

20090820
 - (dtucker) [includes.h] Bug #1634: do not include system glob.h if we're not
   using it since the type conflicts can cause problems on FreeBSD.  Patch
   from Jonathan Chen.
 - (dtucker) [session.c openbsd-compat/port-aix.h] Bugs #1249 and #1567: move
   the setpcred call on AIX to immediately before the permanently_set_uid().
   Ensures that we still have privileges when we call chroot and
   pam_open_sesson.  Based on a patch from David Leonard.

20090817
 - (dtucker) [configure.ac] Check for headers before libraries for openssl an
   zlib, which should make the errors slightly more meaningful on platforms
   where there's separate "-devel" packages for those.
 - (dtucker) [sshlogin.c openbsd-compat/port-aix.{c,h}] Bug #1595: make
   PrintLastLog work on AIX.  Based in part on a patch from Miguel Sanders.

20090729
 - (tim) [contrib/cygwin/ssh-user-config] Change script to call correct error
   function. Patch from Corinna Vinschen.

20090713
 - (dtucker) [openbsd-compat/getrrsetbyname.c] Reduce answer buffer size so it
   fits into 16 bits to work around a bug in glibc's resolver where it masks
   off the buffer size at 16 bits.  Patch from Hauke Lampe, ok djm jakob.

20090712
 - (dtucker) [configure.ac] Include sys/param.h for the sys/mount.h test,
   prevents configure complaining on older BSDs.
 - (dtucker [contrib/cygwin/ssh-{host,user}-config] Add license text. Patch
   from Corinna Vinschen.
 - (dtucker) [auth-pam.c] Bug #1534: move the deletion of PAM credentials on
   logout to after the session close.  Patch from Anicka Bernathova,
   originally from Andreas Schwab via Novelll ok djm.

20090707
 - (dtucker) [contrib/cygwin/ssh-host-config] better support for automated
   scripts and fix usage of eval.  Patch from Corinna Vinschen.

20090705
 - (dtucker) OpenBSD CVS Sync
   - andreas@@cvs.openbsd.org 2009/06/27 09:29:06
     [packet.h packet.c]
     packet_bacup_state() and packet_restore_state() will be used to
     temporarily save the current state ren resuming a suspended connection.
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/06/27 09:32:43
     [roaming_common.c roaming.h]
     It may be necessary to retransmit some data when resuming, so add it
     to a buffer when roaming is enabled.
     Most of this code was written by Martin Forssen, maf at appgate dot com.
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/06/27 09:35:06
     [readconf.h readconf.c]
     Add client option UseRoaming. It doesn't do anything yet but will
     control whether the client tries to use roaming if enabled on the
     server. From Martin Forssen.
     ok markus@@
   - markus@@cvs.openbsd.org 2009/06/30 14:54:40
     [version.h]
     crank version; ok deraadt
   - dtucker@@cvs.openbsd.org 2009/07/02 02:11:47
     [ssh.c]
     allow for long home dir paths (bz #1615).  ok deraadt
     (based in part on a patch from jchadima at redhat)
   - stevesk@@cvs.openbsd.org 2009/07/05 19:28:33
     [clientloop.c]
     only send SSH2_MSG_DISCONNECT if we're in compat20; from dtucker@@
     ok deraadt@@ markus@@

20090622
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2009/06/22 05:39:28
     [monitor_wrap.c monitor_mm.c ssh-keygen.c auth2.c gss-genr.c sftp-client.c]
     alphabetize includes; reduces diff vs portable and style(9).
     ok stevesk djm
     (Id sync only; these were already in order in -portable)

20090621
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2009/03/17 21:37:00
     [ssh.c]
     pass correct argv[0] to openlog(); ok djm@@
  - jmc@@cvs.openbsd.org 2009/03/19 15:15:09
     [ssh.1]
     for "Ciphers", just point the reader to the keyword in ssh_config(5), just
     as we do for "MACs": this stops us getting out of sync when the lists
     change;
     fixes documentation/6102, submitted by Peter J. Philipp
     alternative fix proposed by djm
     ok markus
   - tobias@@cvs.openbsd.org 2009/03/23 08:31:19
     [ssh-agent.c]
     Fixed a possible out-of-bounds memory access if the environment variable
     SHELL is shorter than 3 characters.
     with input by and ok dtucker
   - tobias@@cvs.openbsd.org 2009/03/23 19:38:04
     [ssh-agent.c]
     My previous commit didn't fix the problem at all, so stick at my first
     version of the fix presented to dtucker.
     Issue notified by Matthias Barkhoff (matthias dot barkhoff at gmx dot de).
     ok dtucker
   - sobrado@@cvs.openbsd.org 2009/03/26 08:38:39
     [sftp-server.8 sshd.8 ssh-agent.1]
     fix a few typographical errors found by spell(1).
     ok dtucker@@, jmc@@
   - stevesk@@cvs.openbsd.org 2009/04/13 19:07:44
     [sshd_config.5]
     fix possessive; ok djm@@
   - stevesk@@cvs.openbsd.org 2009/04/14 16:33:42
     [sftp-server.c]
     remove unused option character from getopt() optstring; ok markus@@
   - jj@@cvs.openbsd.org 2009/04/14 21:10:54
     [servconf.c]
     Fixed a few the-the misspellings in comments. Skipped a bunch in
     binutils,gcc and so on. ok jmc@@
   - stevesk@@cvs.openbsd.org 2009/04/17 19:23:06
     [session.c]
     use INTERNAL_SFTP_NAME for setproctitle() of in-process sftp-server;
     ok djm@@ markus@@
   - stevesk@@cvs.openbsd.org 2009/04/17 19:40:17
     [sshd_config.5]
     clarify that even internal-sftp needs /dev/log for logging to work; ok
     markus@@
   - jmc@@cvs.openbsd.org 2009/04/18 18:39:10
     [sshd_config.5]
     tweak previous; ok stevesk
   - stevesk@@cvs.openbsd.org 2009/04/21 15:13:17
     [sshd_config.5]
     clarify we cd to user's home after chroot; ok markus@@ on
     earlier version; tweaks and ok jmc@@
   - andreas@@cvs.openbsd.org 2009/05/25 06:48:01
     [channels.c packet.c clientloop.c packet.h serverloop.c monitor_wrap.c
     monitor.c]
     Put the globals in packet.c into a struct and don't access it directly
     from other files. No functional changes.
     ok markus@@ djm@@
   - andreas@@cvs.openbsd.org 2009/05/27 06:31:25
     [canohost.h canohost.c]
     Add clear_cached_addr(), needed for upcoming changes allowing the peer
     address to change.
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/05/27 06:33:39
     [clientloop.c]
     Send SSH2_MSG_DISCONNECT when the client disconnects. From a larger
     change from Martin Forssen, maf at appgate dot com.
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/05/27 06:34:36
     [kex.c kex.h]
     Move the KEX_COOKIE_LEN define to kex.h
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/05/27 06:36:07
     [packet.h packet.c]
     Add packet_put_int64() and packet_get_int64(), part of a larger change
     from Martin Forssen.
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/05/27 06:38:16
     [sshconnect.h sshconnect.c]
     Un-static ssh_exchange_identification(), part of a larger change from
     Martin Forssen and needed for upcoming changes.
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/05/28 16:50:16
     [sshd.c packet.c serverloop.c monitor_wrap.c clientloop.c sshconnect.c
     monitor.c Added roaming.h roaming_common.c roaming_dummy.c]
     Keep track of number of bytes read and written. Needed for upcoming
     changes. Most code from Martin Forssen, maf at appgate dot com.
     ok markus@@
     Also, applied appropriate changes to Makefile.in
   - andreas@@cvs.openbsd.org 2009/06/12 20:43:22
     [monitor.c packet.c]
     Fix warnings found by chl@@ and djm@@ and change roaming_atomicio's
     return type to match atomicio's
     Diff from djm@@, ok markus@@
   - andreas@@cvs.openbsd.org 2009/06/12 20:58:32
     [packet.c]
     Move some more statics into session_state
     ok markus@@ djm@@
   - dtucker@@cvs.openbsd.org 2009/06/21 07:37:15
     [kexdhs.c kexgexs.c]
     abort if key_sign fails, preventing possible null deref.  Based on report
     from Paolo Ganci, ok markus@@ djm@@
   - dtucker@@cvs.openbsd.org 2009/06/21 09:04:03
     [roaming.h roaming_common.c roaming_dummy.c]
     Add  tags for the benefit of the sync scripts
     Also: pull in the changes for 1.1->1.2 missed in the previous sync.
 - (dtucker) [auth2-jpake.c auth2.c canohost.h session.c] Whitespace and
   header-order changes to reduce diff vs OpenBSD.
 - (dtucker) [servconf.c sshd.c] More whitespace sync.
 - (dtucker) [roaming_common.c roaming_dummy.c] Wrap #include <inttypes.h> in
   ifdef.

20090616
 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t
   is a struct with a __val member.  Fixes build on, eg, Redhat 6.2.

20090504
 - (dtucker) [sshlogin.c] Move the NO_SSH_LASTLOG #ifndef line to include
   variable declarations.  Should prevent unused warnings anywhere it's set
   (only Crays as far as I can tell) and be a no-op everywhere else.

20090318
 - (tim) [configure.ac] Remove setting IP_TOS_IS_BROKEN for Cygwin. The problem
   that setsockopt(IP_TOS) doesn't work on Cygwin has been fixed since 2005.
   Based on patch from vinschen at redhat com.

20090308
 - (dtucker) [auth-passwd.c auth1.c auth2-kbdint.c auth2-none.c auth2-passwd.c
   auth2-pubkey.c session.c openbsd-compat/bsd-cygwin_util.{c,h}
   openbsd-compat/daemon.c] Remove support for Windows 95/98/ME and very old
   version of Cygwin.  Patch from vinschen at redhat com.

20090307
 - (dtucker) [contrib/aix/buildbff.sh] Only try to rename ssh_prng_cmds if it
   exists (it's not created if OpenSSL's PRNG is self-seeded, eg if the OS
   has a /dev/random).
 - (dtucker) [schnorr.c openbsd-compat/openssl-compat.{c,h}] Add
   EVP_DigestUpdate to the OLD_EVP compatibility functions and tell schnorr.c
   to use them.  Allows building with older OpenSSL versions.
 - (dtucker) [configure.ac defines.h] Check for in_port_t and typedef if needed.
 - (dtucker) [configure.ac] Missing comma in type list.
 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}]
   EVP_DigestUpdate does not exactly match the other OLD_EVP functions (eg
   in openssl 0.9.6) so add an explicit test for it.

20090306
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2009/03/05 07:18:19
     [auth2-jpake.c jpake.c jpake.h monitor_wrap.c monitor_wrap.h schnorr.c]
     [sshconnect2.c]
     refactor the (disabled) Schnorr proof code to make it a little more
     generally useful
   - djm@@cvs.openbsd.org 2009/03/05 11:30:50
     [uuencode.c]
     document what these functions do so I don't ever have to recuse into
     b64_pton/ntop to remember their return values

20090223
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2009/02/22 23:50:57
     [ssh_config.5 sshd_config.5]
     don't advertise experimental options
   - djm@@cvs.openbsd.org 2009/02/22 23:59:25
     [sshd_config.5]
     missing period
   - djm@@cvs.openbsd.org 2009/02/23 00:06:15
     [version.h]
     openssh-5.2
 - (djm) [README] update for 5.2
 - (djm) Release openssh-5.2p1

20090222
 - (djm) OpenBSD CVS Sync
   - tobias@@cvs.openbsd.org 2009/02/21 19:32:04
     [misc.c sftp-server-main.c ssh-keygen.c]
     Added missing newlines in error messages.
     ok dtucker

20090221
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2009/02/17 01:28:32
     [ssh_config]
     sync with revised default ciphers; pointed out by dkrause@@
   - djm@@cvs.openbsd.org 2009/02/18 04:31:21
     [schnorr.c]
     signature should hash over the entire group, not just the generator
     (this is still disabled code)
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Prepare for 5.2p1

20090216
 - (djm) [regress/conch-ciphers.sh regress/putty-ciphers.sh]
   [regress/putty-kex.sh regress/putty-transfer.sh] Downgrade disabled
   interop tests from FATAL error to a warning. Allows some interop
   tests to proceed if others are missing necessary prerequisites.
 - (djm) [configure.ac] support GNU/kFreeBSD and GNU/kOpensolaris
   systems; patch from Aurelien Jarno via rmh AT aybabtu.com

20090214
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2009/02/02 11:15:14
     [sftp.c]
     Initialize a few variables to prevent spurious "may be used
     uninitialized" warnings from newer gcc's.  ok djm@@
   - djm@@cvs.openbsd.org 2009/02/12 03:00:56
     [canohost.c canohost.h channels.c channels.h clientloop.c readconf.c]
     [readconf.h serverloop.c ssh.c]
     support remote port forwarding with a zero listen port (-R0:...) to
     dyamically allocate a listen port at runtime (this is actually
     specified in rfc4254); bz#1003 ok markus@@
   - djm@@cvs.openbsd.org 2009/02/12 03:16:01
     [serverloop.c]
     tighten check for -R0:... forwarding: only allow dynamic allocation
     if want_reply is set in the packet
   - djm@@cvs.openbsd.org 2009/02/12 03:26:22
     [monitor.c]
     some paranoia: check that the serialised key is really KEY_RSA before
     diddling its internals
   - djm@@cvs.openbsd.org 2009/02/12 03:42:09
     [ssh.1]
     document -R0:... usage
   - djm@@cvs.openbsd.org 2009/02/12 03:44:25
     [ssh.1]
     consistency: Dq => Ql
   - djm@@cvs.openbsd.org 2009/02/12 03:46:17
     [ssh_config.5]
     document RemoteForward usage with 0 listen port
   - jmc@@cvs.openbsd.org 2009/02/12 07:34:20
     [ssh_config.5]
     kill trailing whitespace;
   - markus@@cvs.openbsd.org 2009/02/13 11:50:21
     [packet.c]
     check for enc !=NULL in packet_start_discard
   - djm@@cvs.openbsd.org 2009/02/14 06:35:49
     [PROTOCOL]
     mention that eow and no-more-sessions extensions are sent only to
     OpenSSH peers

20090212
 - (djm) [sshpty.c] bz#1419: OSX uses cloning ptys that automagically
   set ownership and modes, so avoid explicitly setting them
 - (djm) [configure.ac loginrec.c] bz#1421: fix lastlog support for OSX.
   OSX provides a getlastlogxbyname function that automates the reading of
   a lastlog file. Also, the pututxline function will update lastlog so
   there is no need for loginrec.c to do it explicitly. Collapse some
   overly verbose code while I'm in there.

20090201
 - (dtucker) [defines.h sshconnect.c] INET6_ADDRSTRLEN is now needed in
   channels.c too, so move the definition for non-IP6 platforms to defines.h
   where it can be shared.

20090129
 - (tim) [contrib/cygwin/ssh-host-config] Patch from Corinna Vinschen.
   If the CYGWIN environment variable is empty, the installer script
   should not install the service with an empty CYGWIN variable, but
   rather without setting CYGWNI entirely.
 - (tim) [contrib/cygwin/ssh-host-config] Whitespace cleanup. No code changes.

20090128
 - (tim) [contrib/cygwin/ssh-host-config] Patch from Corinna Vinschen.
   Changes to work on Cygwin 1.5.x as well as on the new Cygwin 1.7.x.
   The information given for the setting of the CYGWIN environment variable
   is wrong for both releases so I just removed it, together with the
   unnecessary (Cygwin 1.5.x) or wrong (Cygwin 1.7.x) default setting.

20081228
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2008/12/09 03:20:42
     [channels.c servconf.c]
     channel_print_adm_permitted_opens() should deal with all the printing
     for that config option.  suggested by markus@@; ok markus@@ djm@@
     dtucker@@
   - djm@@cvs.openbsd.org 2008/12/09 04:32:22
     [auth2-chall.c]
     replace by-hand string building with xasprinf(); ok deraadt@@
   - sobrado@@cvs.openbsd.org 2008/12/09 15:35:00
     [sftp.1 sftp.c]
     update for the synopses displayed by the 'help' command, there are a
     few missing flags; add 'bye' to the output of 'help'; sorting and spacing.
     jmc@@ suggested replacing .Oo/.Oc with a single .Op macro.
     ok jmc@@
   - stevesk@@cvs.openbsd.org 2008/12/09 22:37:33
     [clientloop.c]
     fix typo in error message
   - stevesk@@cvs.openbsd.org 2008/12/10 03:55:20
     [addrmatch.c]
     o cannot be NULL here but use xfree() to be consistent; ok djm@@
   - stevesk@@cvs.openbsd.org 2008/12/29 01:12:36
     [ssh-keyscan.1]
     fix example, default key type is rsa for 3+ years; from
     frederic.perrin@@resel.fr
   - stevesk@@cvs.openbsd.org 2008/12/29 02:23:26
     [pathnames.h]
     no need to escape single quotes in comments
   - okan@@cvs.openbsd.org 2008/12/30 00:46:56
     [sshd_config.5]
     add AllowAgentForwarding to available Match keywords list
     ok djm
   - djm@@cvs.openbsd.org 2009/01/01 21:14:35
     [channels.c]
     call channel destroy callbacks on receipt of open failure messages.
     fixes client hangs when connecting to a server that has MaxSessions=0
     set spotted by imorgan AT nas.nasa.gov; ok markus@@
   - djm@@cvs.openbsd.org 2009/01/01 21:17:36
     [kexgexs.c]
     fix hash calculation for KEXGEX: hash over the original client-supplied
     values and not the sanity checked versions that we acutally use;
     bz#1540 reported by john.smith AT arrows.demon.co.uk
     ok markus@@
   - djm@@cvs.openbsd.org 2009/01/14 01:38:06
     [channels.c]
     support SOCKS4A protocol, from dwmw2 AT infradead.org via bz#1482;
     "looks ok" markus@@
   - stevesk@@cvs.openbsd.org 2009/01/15 17:38:43
     [readconf.c]
     1) use obsolete instead of alias for consistency
     2) oUserKnownHostsFile not obsolete but oGlobalKnownHostsFile2 is
        so move the comment.
     3) reorder so like options are together
     ok djm@@
   - djm@@cvs.openbsd.org 2009/01/22 09:46:01
     [channels.c channels.h session.c]
     make Channel->path an allocated string, saving a few bytes here and
     there and fixing bz#1380 in the process; ok markus@@
   - djm@@cvs.openbsd.org 2009/01/22 09:49:57
     [channels.c]
     oops! I committed the wrong version of the Channel->path diff,
     it was missing some tweaks suggested by stevesk@@
   - djm@@cvs.openbsd.org 2009/01/22 10:02:34
     [clientloop.c misc.c readconf.c readconf.h servconf.c servconf.h]
     [serverloop.c ssh-keyscan.c ssh.c sshd.c]
     make a2port() return -1 when it encounters an invalid port number
     rather than 0, which it will now treat as valid (needed for future work)
     adjust current consumers of a2port() to check its return value is <= 0,
     which in turn required some things to be converted from u_short => int
     make use of int vs. u_short consistent in some other places too
     feedback & ok markus@@
   - djm@@cvs.openbsd.org 2009/01/22 10:09:16
     [auth-options.c]
     another chunk of a2port() diff that got away. wtfdjm??
   - djm@@cvs.openbsd.org 2009/01/23 07:58:11
     [myproposal.h]
     prefer CTR modes and revised arcfour (i.e w/ discard) modes to CBC
     modes; ok markus@@
   - naddy@@cvs.openbsd.org 2009/01/24 17:10:22
     [ssh_config.5 sshd_config.5]
     sync list of preferred ciphers; ok djm@@
   - markus@@cvs.openbsd.org 2009/01/26 09:58:15
     [cipher.c cipher.h packet.c]
     Work around the CPNI-957037 Plaintext Recovery Attack by always
     reading 256K of data on packet size or HMAC errors (in CBC mode only).
     Help, feedback and ok djm@@
     Feedback from Martin Albrecht and Paterson Kenny

20090107
 - (djm) [uidswap.c] bz#1412: Support >16 supplemental groups in OS X.
   Patch based on one from vgiffin AT apple.com; ok dtucker@@
 - (djm) [channels.c] bz#1419: support "on demand" X11 forwarding via
   launchd on OS X; patch from vgiffin AT apple.com, slightly tweaked;
   ok dtucker@@
 - (djm) [contrib/ssh-copy-id.1 contrib/ssh-copy-id] bz#1492: Make
   ssh-copy-id copy id_rsa.pub by default (instead of the legacy "identity"
   key). Patch from cjwatson AT debian.org

20090107
 - (tim) [configure.ac defines.h openbsd-compat/port-uw.c
   openbsd-compat/xcrypt.c] Add SECUREWARE support to OpenServer 6 SVR5 ABI.
   OK djm@@ dtucker@@
 - (tim) [configure.ac] Move check_for_libcrypt_later=1 in *-*-sysv5*) section.
   OpenServer 6 doesn't need libcrypt.

20081209
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/12/09 02:38:18
     [clientloop.c]
     The ~C escape handler does not work correctly for multiplexed sessions -
     it opens a commandline on the master session, instead of on the slave
     that requested it. Disable it on slave sessions until such time as it
     is fixed; bz#1543 report from Adrian Bridgett via Colin Watson
     ok markus@@
   - djm@@cvs.openbsd.org 2008/12/09 02:39:59
     [sftp.c]
     Deal correctly with failures in remote stat() operation in sftp,
     correcting fail-on-error behaviour in batchmode. bz#1541 report and
     fix from anedvedicky AT gmail.com; ok markus@@
   - djm@@cvs.openbsd.org 2008/12/09 02:58:16
     [readconf.c]
     don't leave junk (free'd) pointers around in Forward *fwd argument on
     failure; avoids double-free in ~C -L handler when given an invalid
     forwarding specification; bz#1539 report from adejong AT debian.org
     via Colin Watson; ok markus@@ dtucker@@
   - djm@@cvs.openbsd.org 2008/12/09 03:02:37
     [sftp.1 sftp.c]
     correct sftp(1) and corresponding usage syntax;
     bz#1518 patch from imorgan AT nas.nasa.gov; ok deraadt@@ improved diff jmc@@

20081208
 - (djm) [configure.ac] bz#1538: better test for ProPolice/SSP: actually
   use some stack in main().
   Report and suggested fix from vapier AT gentoo.org
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2008/12/02 19:01:07
     [clientloop.c]
     we have to use the recipient's channel number (RFC 4254) for
     SSH2_MSG_CHANNEL_SUCCESS/SSH2_MSG_CHANNEL_FAILURE messages,
     otherwise we trigger 'Non-public channel' error messages on sshd
     systems with clientkeepalive enabled; noticed by sturm; ok djm;
   - markus@@cvs.openbsd.org 2008/12/02 19:08:59
     [serverloop.c]
     backout 1.149, since it's not necessary and openssh clients send
     broken CHANNEL_FAILURE/SUCCESS messages since about 2004; ok djm@@
   - markus@@cvs.openbsd.org 2008/12/02 19:09:38
     [channels.c]
     s/remote_id/id/ to be more consistent with other code; ok djm@@

20081201
 - (dtucker) [contrib/cygwin/{Makefile,ssh-host-config}]  Add new doc files
   and tweak the is-sshd-running check in ssh-host-config.  Patch from
   vinschen at redhat com.
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2008/11/21 15:47:38
     [packet.c]
     packet_disconnect() on padding error, too.  should reduce the success
     probability for the CPNI-957037 Plaintext Recovery Attack to 2^-18
     ok djm@@
   - dtucker@@cvs.openbsd.org 2008/11/30 11:59:26
     [monitor_fdpass.c]
     Retry sendmsg/recvmsg on EAGAIN and EINTR; ok djm@@

20081123
 - (dtucker) [monitor_fdpass.c] Reduce diff vs OpenBSD by moving some
    declarations, removing an unnecessary union member and adding whitespace.
    cmsgbuf.tmp thing spotted by des at des no, ok djm some time ago.

20081118
 - (tim) [addrmatch.c configure.ac] Some platforms do not have sin6_scope_id
   member of sockaddr_in6. Also reported in Bug 1491 by David Leonard. OK and
   feedback by djm@@

20081111
 - (dtucker) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2008/11/05 11:22:54
     [servconf.c]
     passord -> password;
     fixes user/5975 from Rene Maroufi
   - stevesk@@cvs.openbsd.org 2008/11/07 00:42:12
     [ssh-keygen.c]
     spelling/typo in comment
   - stevesk@@cvs.openbsd.org 2008/11/07 18:50:18
     [nchan.c]
     add space to some log/debug messages for readability; ok djm@@ markus@@
   - dtucker@@cvs.openbsd.org 2008/11/07 23:34:48
     [auth2-jpake.c]
     Move JPAKE define to make life easier for portable.  ok djm@@
   - tobias@@cvs.openbsd.org 2008/11/09 12:34:47
     [session.c ssh.1]
     typo fixed (overriden -> overridden)
     ok espie, jmc
   - stevesk@@cvs.openbsd.org 2008/11/11 02:58:09
     [servconf.c]
     USE_AFS not referenced so remove #ifdef.  fixes sshd -T not printing
     kerberosgetafstoken. ok dtucker@@
     (Id sync only, we still want the ifdef in portable)
   - stevesk@@cvs.openbsd.org 2008/11/11 03:55:11
     [channels.c]
     for sshd -T print 'permitopen any' vs. 'permitopen' for case of no
     permitopen's; ok and input dtucker@@
   - djm@@cvs.openbsd.org 2008/11/10 02:06:35
     [regress/putty-ciphers.sh]
     PuTTY supports AES CTR modes, so interop test against them too

20081105
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/11/03 08:59:41
     [servconf.c]
     include MaxSessions in sshd -T output; patch from imorgan AT nas.nasa.gov
   - djm@@cvs.openbsd.org 2008/11/04 07:58:09
     [auth.c]
     need unistd.h for close() prototype
     (ID sync only)
   - djm@@cvs.openbsd.org 2008/11/04 08:22:13
     [auth.h auth2.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h]
     [readconf.c readconf.h servconf.c servconf.h ssh2.h ssh_config.5]
     [sshconnect2.c sshd_config.5 jpake.c jpake.h schnorr.c auth2-jpake.c]
     [Makefile.in]
     Add support for an experimental zero-knowledge password authentication
     method using the J-PAKE protocol described in F. Hao, P. Ryan,
     "Password Authenticated Key Exchange by Juggling", 16th Workshop on
     Security Protocols, Cambridge, April 2008.
     
     This method allows password-based authentication without exposing
     the password to the server. Instead, the client and server exchange
     cryptographic proofs to demonstrate of knowledge of the password while
     revealing nothing useful to an attacker or compromised endpoint.
     
     This is experimental, work-in-progress code and is presently
     compiled-time disabled (turn on -DJPAKE in Makefile.inc).
     
     "just commit it.  It isn't too intrusive." deraadt@@
   - stevesk@@cvs.openbsd.org 2008/11/04 19:18:00
     [readconf.c]
     because parse_forward() is now used to parse all forward types (DLR),
     and it malloc's space for host variables, we don't need to malloc
     here.  fixes small memory leaks.
     
     previously dynamic forwards were not parsed in parse_forward() and
     space was not malloc'd in that case.
     
     ok djm@@
   - stevesk@@cvs.openbsd.org 2008/11/05 03:23:09
     [clientloop.c ssh.1]
     add dynamic forward escape command line; ok djm@@

20081103
 - OpenBSD CVS Sync
   - sthen@@cvs.openbsd.org 2008/07/24 23:55:30
     [ssh-keygen.1]
     Add "ssh-keygen -F -l" to synopsis (displays fingerprint from
     known_hosts).  ok djm@@
   - grunk@@cvs.openbsd.org 2008/07/25 06:56:35
     [ssh_config]
     Add VisualHostKey to example file, ok djm@@
   - grunk@@cvs.openbsd.org 2008/07/25 07:05:16
     [key.c]
     In random art visualization, make sure to use the end marker only at the
     end.  Initial diff by Dirk Loss, tweaks and ok djm@@
  - markus@@cvs.openbsd.org 2008/07/31 14:48:28
     [sshconnect2.c]
     don't allocate space for empty banners; report t8m at centrum.cz;
     ok deraadt
   - krw@@cvs.openbsd.org 2008/08/02 04:29:51
     [ssh_config.5]
     whitepsace -> whitespace. From Matthew Clarke via bugs@@.
   - djm@@cvs.openbsd.org 2008/08/21 04:09:57
     [session.c]
     allow ForceCommand internal-sftp with arguments. based on patch from
     michael.barabanov AT gmail.com; ok markus@@
   - djm@@cvs.openbsd.org 2008/09/06 12:24:13
     [kex.c]
     OpenSSL 0.9.8h supplies a real EVP_sha256 so we do not need our
     replacement anymore
     (ID sync only for portable - we still need this)
   - markus@@cvs.openbsd.org 2008/09/11 14:22:37
     [compat.c compat.h nchan.c ssh.c]
     only send eow and no-more-sessions requests to openssh 5 and newer;
     fixes interop problems with broken ssh v2 implementations; ok djm@@
   - millert@@cvs.openbsd.org 2008/10/02 14:39:35
     [session.c]
     Convert an unchecked strdup to xstrdup.  OK deraadt@@
  - jmc@@cvs.openbsd.org 2008/10/03 13:08:12
     [sshd.8]
     do not give an example of how to chmod files: we can presume the user
     knows that. removes an ambiguity in the permission of authorized_keys;
     ok deraadt
   - deraadt@@cvs.openbsd.org 2008/10/03 23:56:28
     [sshconnect2.c]
     Repair strnvis() buffersize of 4*n+1, with termination gauranteed by the
     function.
     spotted by des@@freebsd, who commited an incorrect fix to the freebsd tree
     and (as is fairly typical) did not report the problem to us.  But this fix
     is correct.
     ok djm
   - djm@@cvs.openbsd.org 2008/10/08 23:34:03
     [ssh.1 ssh.c]
     Add -y option to force logging via syslog rather than stderr.
     Useful for daemonised ssh connection (ssh -f). Patch originally from
     and ok'd by markus@@
   - djm@@cvs.openbsd.org 2008/10/09 03:50:54
     [servconf.c sshd_config.5]
     support setting PermitEmptyPasswords in a Match block
     requested in PR3891; ok dtucker@@
   - jmc@@cvs.openbsd.org 2008/10/09 06:54:22
     [ssh.c]
     add -y to usage();
   - stevesk@@cvs.openbsd.org 2008/10/10 04:55:16
     [scp.c]
     spelling in comment; ok djm@@
   - stevesk@@cvs.openbsd.org 2008/10/10 05:00:12
     [key.c]
     typo in error message; ok djm@@
   - stevesk@@cvs.openbsd.org 2008/10/10 16:43:27
     [ssh_config.5]
     use 'Privileged ports can be forwarded only when logging in as root on
     the remote machine.' for RemoteForward just like ssh.1 -R.
     ok djm@@ jmc@@
   - stevesk@@cvs.openbsd.org 2008/10/14 18:11:33
     [sshconnect.c]
     use #define ROQUIET here; no binary change. ok dtucker@@
   - stevesk@@cvs.openbsd.org 2008/10/17 18:36:24
     [ssh_config.5]
     correct and clarify VisualHostKey; ok jmc@@
   - stevesk@@cvs.openbsd.org 2008/10/30 19:31:16
     [clientloop.c sshd.c]
     don't need to #include "monitor_fdpass.h"
   - stevesk@@cvs.openbsd.org 2008/10/31 15:05:34
     [dispatch.c]
     remove unused #define DISPATCH_MIN; ok markus@@
   - djm@@cvs.openbsd.org 2008/11/01 04:50:08
     [sshconnect2.c]
     sprinkle ARGSUSED on dispatch handlers
     nuke stale unusued prototype
   - stevesk@@cvs.openbsd.org 2008/11/01 06:43:33
     [channels.c]
     fix some typos in log messages; ok djm@@
   - sobrado@@cvs.openbsd.org 2008/11/01 11:14:36
     [ssh-keyscan.1 ssh-keyscan.c]
     the ellipsis is not an optional argument; while here, improve spacing.
   - stevesk@@cvs.openbsd.org 2008/11/01 17:40:33
     [clientloop.c readconf.c readconf.h ssh.c]
     merge dynamic forward parsing into parse_forward();
     'i think this is OK' djm@@
   - stevesk@@cvs.openbsd.org 2008/11/02 00:16:16
     [ttymodes.c]
     protocol 2 tty modes support is now 7.5 years old so remove these
     debug3()s; ok deraadt@@
   - stevesk@@cvs.openbsd.org 2008/11/03 01:07:02
     [readconf.c]
     remove valueless comment
   - stevesk@@cvs.openbsd.org 2008/11/03 02:44:41
     [readconf.c]
     fix comment
 - (djm) [contrib/caldera/ssh-host-keygen contrib/suse/rc.sshd]
   Make example scripts generate keys with default sizes rather than fixed,
   non-default 1024 bits; patch from imorgan AT nas.nasa.gov
 - (djm) [contrib/sshd.pam.generic contrib/caldera/sshd.pam]
   [contrib/redhat/sshd.pam] Move pam_nologin to account group from
   incorrect auth group in example files;
   patch from imorgan AT nas.nasa.gov

20080906
 - (dtucker) [config.guess config.sub] Update to latest versions from
   http://git.savannah.gnu.org/gitweb/ (2008-04-14 and 2008-06-16
   respectively).

20080830
 - (dtucker) [openbsd-compat/bsd-poll.c] correctly check for number of FDs
   larger than FD_SETSIZE (OpenSSH only ever uses poll with one fd).  Patch
   from Nicholas Marriott.

20080721
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/07/23 07:36:55
     [servconf.c]
     do not try to print options that have been compile-time disabled
     in config test mode (sshd -T); report from nix-corp AT esperi.org.uk
     ok dtucker@@
 - (djm) [servconf.c] Print UsePAM option in config test mode (when it
   has been compiled in); report from nix-corp AT esperi.org.uk
   ok dtucker@@

20080721
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2008/07/18 22:51:01
     [sftp-server.8]
     no need for .Pp before or after .Sh;
   - djm@@cvs.openbsd.org 2008/07/21 08:19:07
     [version.h]
     openssh-5.1
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Update version number in README and RPM specs
 - (djm) Release OpenSSH-5.1

20080717
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/07/17 08:48:00
     [sshconnect2.c]
     strnvis preauth banner; pointed out by mpf@@ ok markus@@
   - djm@@cvs.openbsd.org 2008/07/17 08:51:07
     [auth2-hostbased.c]
     strip trailing '.' from hostname when HostbasedUsesNameFromPacketOnly=yes
     report and patch from res AT qoxp.net (bz#1200); ok markus@@
 - (dtucker) [openbsd-compat/bsd-cygwin_util.c]  Remove long-unneeded compat
   code, replace with equivalent cygwin library call.  Patch from vinschen
   at redhat.com, ok djm@@.
 - (djm) [sshconnect2.c] vis.h isn't available everywhere

20080716
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/07/15 02:23:14
     [sftp.1]
     number of pipelined requests is now 64;
     prodded by Iain.Morgan AT nasa.gov
   - djm@@cvs.openbsd.org 2008/07/16 11:51:14
     [clientloop.c]
     rename variable first_gc -> last_gc (since it is actually the last
     in the list).
   - djm@@cvs.openbsd.org 2008/07/16 11:52:19
     [channels.c]
     this loop index should be automatic, not static

20080714
 - (djm) OpenBSD CVS Sync
   - sthen@@cvs.openbsd.org 2008/07/13 21:22:52
     [ssh-keygen.c]
     Change "ssh-keygen -F [host] -l" to not display random art unless
     -v is also specified, making it consistent with the manual and other
     uses of -l.
     ok grunk@@
   - djm@@cvs.openbsd.org 2008/07/13 22:13:07
     [channels.c]
     use struct sockaddr_storage instead of struct sockaddr for accept(2)
     address argument. from visibilis AT yahoo.com in bz#1485; ok markus@@
   - djm@@cvs.openbsd.org 2008/07/13 22:16:03
     [sftp.c]
     increase number of piplelined requests so they properly fill the
     (recently increased) channel window. prompted by rapier AT psc.edu;
     ok markus@@
   - djm@@cvs.openbsd.org 2008/07/14 01:55:56
     [sftp-server.8]
     mention requirement for /dev/log inside chroot when using sftp-server
     with ChrootDirectory
 - (djm) [openbsd-compat/bindresvport.c] Rename variables s/sin/in/ to
   avoid clash with sin(3) function; reported by
   cristian.ionescu-idbohrn AT axis.com
 - (djm) [openbsd-compat/rresvport.c] Add unistd.h for missing close()
   prototype; reported by cristian.ionescu-idbohrn AT axis.com
 - (djm) [umac.c] Rename variable s/buffer_ptr/bufp/ to avoid clash;
   reported by cristian.ionescu-idbohrn AT axis.com
 - (djm) [contrib/cygwin/Makefile contrib/cygwin/ssh-host-config]
   [contrib/cygwin/ssh-user-config contrib/cygwin/sshd-inetd]
   Revamped and simplified Cygwin ssh-host-config script that uses
   unified csih configuration tool. Requires recent Cygwin.
   Patch from vinschen AT redhat.com

20080712
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/07/12 04:52:50
     [channels.c]
     unbreak; move clearing of cctx struct to before first use
     reported by dkrause@@
   - djm@@cvs.openbsd.org 2008/07/12 05:33:41
     [scp.1]
     better description for -i flag:
     s/RSA authentication/public key authentication/
 - (djm) [openbsd-compat/fake-rfc2553.c openbsd-compat/fake-rfc2553.h]
   return EAI_FAMILY when trying to lookup unsupported address family;
   from vinschen AT redhat.com

20080711
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2008/07/07 00:31:41
     [ttymodes.c]
     we don't need arg after the debug3() was removed.  from lint.
     ok djm@@
   - stevesk@@cvs.openbsd.org 2008/07/07 23:32:51
     [key.c]
     /*NOTREACHED*/ for lint warning:
       warning: function key_equal falls off bottom without returning value
     ok djm@@
   - markus@@cvs.openbsd.org 2008/07/10 18:05:58
     [channels.c]
     missing bzero; from mickey; ok djm@@
   - markus@@cvs.openbsd.org 2008/07/10 18:08:11
     [clientloop.c monitor.c monitor_wrap.c packet.c packet.h sshd.c]
     sync v1 and v2 traffic accounting; add it to sshd, too;
     ok djm@@, dtucker@@

20080709
 - (djm) [Makefile.in] Print "all tests passed" when all regress tests pass
 - (djm) [auth1.c] Fix format string vulnerability in protocol 1 PAM
   account check failure path. The vulnerable format buffer is supplied
   from PAM and should not contain attacker-supplied data.
 - (djm) [auth.c] Missing unistd.h for close()
 - (djm) [configure.ac] Add -Wformat-security to CFLAGS for gcc 3.x and 4.x

20080705
 - (djm) [auth.c] Fixed test for locked account on HP/UX with shadowed
   passwords disabled. bz#1083 report & patch from senthilkumar_sen AT
   hotpop.com, w/ dtucker@@
 - (djm) [atomicio.c configure.ac] Disable poll() fallback in atomiciov for
   Tru64. readv doesn't seem to be a comparable object there.
   bz#1386, patch from dtucker@@ ok me
 - (djm) [Makefile.in] Pass though pass to conch for interop tests
 - (djm) [configure.ac] unbreak: remove extra closing brace
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/07/04 23:08:25
     [packet.c]
     handle EINTR in packet_write_poll()l ok dtucker@@
   - djm@@cvs.openbsd.org 2008/07/04 23:30:16
     [auth1.c auth2.c]
     Make protocol 1 MaxAuthTries logic match protocol 2's.
     Do not treat the first protocol 2 authentication attempt as
     a failure IFF it is for method "none".
     Makes MaxAuthTries' user-visible behaviour identical for
     protocol 1 vs 2.
     ok dtucker@@
   - djm@@cvs.openbsd.org 2008/07/05 05:16:01
     [PROTOCOL]
     grammar

20080704
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/07/02 13:30:34
     [auth2.c]
     really really remove the freebie "none" auth try for protocol 2
   - djm@@cvs.openbsd.org 2008/07/02 13:47:39
     [ssh.1 ssh.c]
     When forking after authentication ("ssh -f") with ExitOnForwardFailure
     enabled, delay the fork until after replies for any -R forwards have
     been seen. Allows for robust detection of -R forward failure when
     using -f (similar to bz#92); ok dtucker@@
   - otto@@cvs.openbsd.org 2008/07/03 21:46:58
     [auth2-pubkey.c]
     avoid nasty double free; ok dtucker@@ djm@@
   - djm@@cvs.openbsd.org 2008/07/04 03:44:59
     [servconf.c groupaccess.h groupaccess.c]
     support negation of groups in "Match group" block (bz#1315); ok dtucker@@
   - dtucker@@cvs.openbsd.org 2008/07/04 03:47:02
     [monitor.c]
     Make debug a little clearer.  ok djm@@
   - djm@@cvs.openbsd.org 2008/06/30 08:07:34
     [regress/key-options.sh]
     shell portability: use "=" instead of "==" in test(1) expressions,
     double-quote string with backslash escaped /
   - djm@@cvs.openbsd.org 2008/06/30 10:31:11
     [regress/{putty-transfer,putty-kex,putty-ciphers}.sh]
     remove "set -e" left over from debugging
   - djm@@cvs.openbsd.org 2008/06/30 10:43:03
     [regress/conch-ciphers.sh]
     explicitly disable conch options that could interfere with the test
 - (dtucker) [sftp-server.c] Bug #1447: fall back to racy rename if link
   returns EXDEV.  Patch from Mike Garrison, ok djm@@
 - (djm) [atomicio.c channels.c clientloop.c defines.h includes.h]
   [packet.c scp.c serverloop.c sftp-client.c ssh-agent.c ssh-keyscan.c]
   [sshd.c] Explicitly handle EWOULDBLOCK wherever we handle EAGAIN, on
   some platforms (HP nonstop) it is a distinct errno;
   bz#1467 reported by sconeu AT yahoo.com; ok dtucker@@

20080702
 - (dtucker) OpenBSD CVS Sync
    - djm@@cvs.openbsd.org 2008/06/30 08:05:59
      [PROTOCOL.agent]
      typo: s/constraint_date/constraint_data/
   - djm@@cvs.openbsd.org 2008/06/30 12:15:39
     [serverloop.c]
     only pass channel requests on session channels through to the session
     channel handler, avoiding spurious log messages; ok! markus@@
   - djm@@cvs.openbsd.org 2008/06/30 12:16:02
     [nchan.c]
     only send eow@@openssh.com notifications for session channels; ok! markus@@
   - djm@@cvs.openbsd.org 2008/06/30 12:18:34
     [PROTOCOL]
     clarify that eow@@openssh.com is only sent on session channels
   - dtucker@@cvs.openbsd.org 2008/07/01 07:20:52
     [sshconnect.c]
     Check ExitOnForwardFailure if forwardings are disabled due to a failed
     host key check.  ok djm@@
   - dtucker@@cvs.openbsd.org 2008/07/01 07:24:22
     [sshconnect.c sshd.c]
     Send CR LF during protocol banner exchanges, but only for Protocol 2 only,
     in order to comply with RFC 4253.  bz #1443, ok djm@@
   - stevesk@@cvs.openbsd.org 2008/07/01 23:12:47
     [PROTOCOL.agent]
     fix some typos; ok djm@@
   - djm@@cvs.openbsd.org 2008/07/02 02:24:18
     [sshd_config sshd_config.5 sshd.8 servconf.c]
     increase default size of ssh protocol 1 ephemeral key from 768 to 1024
     bits; prodded by & ok dtucker@@ ok deraadt@@
   - dtucker@@cvs.openbsd.org 2008/07/02 12:03:51
     [auth-rsa.c auth.c auth2-pubkey.c auth.h]
     Merge duplicate host key file checks, based in part on a patch from Rob
     Holland via bz #1348 .  Also checks for non-regular files during protocol
     1 RSA auth.  ok djm@@
   - djm@@cvs.openbsd.org 2008/07/02 12:36:39
     [auth2-none.c auth2.c]
     Make protocol 2 MaxAuthTries behaviour a little more sensible:
     Check whether client has exceeded MaxAuthTries before running
     an authentication method and skip it if they have, previously it
     would always allow one try (for "none" auth).
     Preincrement failure count before post-auth test - previously this
     checked and postincremented, also to allow one "none" try.
     Together, these two changes always count the "none" auth method
     which could be skipped by a malicious client (e.g. an SSH worm)
     to get an extra attempt at a real auth method. They also make
     MaxAuthTries=0 a useful way to block users entirely (esp. in a
     sshd_config Match block).
     Also, move sending of any preauth banner from "none" auth method
     to the first call to input_userauth_request(), so worms that skip
     the "none" method get to see it too.

20080630
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2008/06/10 23:13:43
     [regress/Makefile regress/key-options.sh]
     Add regress test for key options.  ok djm@@
   - dtucker@@cvs.openbsd.org 2008/06/11 23:11:40
     [regress/Makefile]
     Don't run cipher-speed test by default; mistakenly enabled by me
   - djm@@cvs.openbsd.org 2008/06/28 13:57:25
     [regress/Makefile regress/test-exec.sh regress/conch-ciphers.sh]
     very basic regress test against Twisted Conch in "make interop"
     target (conch is available in ports/devel/py-twisted/conch);
     ok markus@@
 - (djm) [regress/Makefile] search for conch by path, like we do putty

20080629
 - (djm) OpenBSD CVS Sync
   - martynas@@cvs.openbsd.org 2008/06/21 07:46:46
     [sftp.c]
     use optopt to get invalid flag, instead of return value of getopt,
     which is always '?';  ok djm@@
   - otto@@cvs.openbsd.org 2008/06/25 11:13:43
     [key.c]
     add key length to visual fingerprint; zap magical constants;
     ok grunk@@ djm@@
   - djm@@cvs.openbsd.org 2008/06/26 06:10:09
     [sftp-client.c sftp-server.c]
     allow the sftp chmod(2)-equivalent operation to set set[ug]id/sticky
     bits. Note that this only affects explicit setting of modes (e.g. via
     sftp(1)'s chmod command) and not file transfers. (bz#1310)
     ok deraadt@@ at c2k8
   - djm@@cvs.openbsd.org 2008/06/26 09:19:40
     [dh.c dh.h moduli.c]
     when loading moduli from /etc/moduli in sshd(8), check that they
     are of the expected "safe prime" structure and have had
     appropriate primality tests performed;
     feedback and ok dtucker@@
   - grunk@@cvs.openbsd.org 2008/06/26 11:46:31
     [readconf.c readconf.h ssh.1 ssh_config.5 sshconnect.c]
     Move SSH Fingerprint Visualization away from sharing the config option
     CheckHostIP to an own config option named VisualHostKey.
     While there, fix the behaviour that ssh would draw a random art picture
     on every newly seen host even when the option was not enabled.
     prodded by deraadt@@, discussions,
     help and ok markus@@ djm@@ dtucker@@
   - jmc@@cvs.openbsd.org 2008/06/26 21:11:46
     [ssh.1]
     add VisualHostKey to the list of options listed in -o;
   - djm@@cvs.openbsd.org 2008/06/28 07:25:07
     [PROTOCOL]
     spelling fixes
   - djm@@cvs.openbsd.org 2008/06/28 13:58:23
     [ssh-agent.c]
     refuse to add a key that has unknown constraints specified;
     ok markus
   - djm@@cvs.openbsd.org 2008/06/28 14:05:15
     [ssh-agent.c]
     reset global compat flag after processing a protocol 2 signature
     request with the legacy DSA encoding flag set; ok markus
   - djm@@cvs.openbsd.org 2008/06/28 14:08:30
     [PROTOCOL PROTOCOL.agent]
     document the protocol used by ssh-agent; "looks ok" markus@@

20080628
 - (djm) [RFC.nroff contrib/cygwin/Makefile contrib/suse/openssh.spec]
   RFC.nroff lacks a license, remove it (it is long gone in OpenBSD).

20080626
 - (djm) [Makefile.in moduli.5] Include moduli(5) manpage from OpenBSD.
   (bz#1372)
 - (djm) [ contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Include moduli.5 in RPM spec files.

20080616
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2008/06/16 13:22:53
     [session.c channels.c]
     Rename the isatty argument to is_tty so we don't shadow
     isatty(3).  ok markus@@
 - (dtucker) [channels.c] isatty -> is_tty here too.

20080615
 - (dtucker) [configure.ac] Enable -fno-builtin-memset when using gcc.
 - OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2008/06/14 15:49:48
     [sshd.c]
     wrap long line at 80 chars
   - dtucker@@cvs.openbsd.org 2008/06/14 17:07:11
     [sshd.c]
     ensure default umask disallows at least group and world write; ok djm@@
   - djm@@cvs.openbsd.org 2008/06/14 18:33:43
     [session.c]
     suppress the warning message from chdir(homedir) failures
     when chrooted (bz#1461); ok dtucker
   - dtucker@@cvs.openbsd.org 2008/06/14 19:42:10
     [scp.1]
     Mention that scp follows symlinks during -r.  bz #1466,
     from nectar at apple
   - dtucker@@cvs.openbsd.org 2008/06/15 16:55:38
     [sshd_config.5]
     MaxSessions is allowed in a Match block too
   - dtucker@@cvs.openbsd.org 2008/06/15 16:58:40
     [servconf.c sshd_config.5]
     Allow MaxAuthTries within a Match block.  ok djm@@
   - djm@@cvs.openbsd.org 2008/06/15 20:06:26
     [channels.c channels.h session.c]
     don't call isatty() on a pty master, instead pass a flag down to
     channel_set_fds() indicating that te fds refer to a tty. Fixes a
     hang on exit on Solaris (bz#1463) in portable but is actually
     a generic bug; ok dtucker deraadt markus

20080614
 - (djm) [openbsd-compat/sigact.c] Avoid NULL derefs in ancient sigaction
   replacement code; patch from ighighi AT gmail.com in bz#1240;
   ok dtucker

20080613
 - (dtucker) OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2008/06/13 09:44:36
     [packet.c]
     compile on older gcc; no decl after code
   - dtucker@@cvs.openbsd.org 2008/06/13 13:56:59
     [monitor.c]
     Clear key options in the monitor on failed authentication, prevents
     applying additional restrictions to non-pubkey authentications in
     the case where pubkey fails but another method subsequently succeeds.
     bz #1472, found by Colin Watson, ok markus@@ djm@@
   - dtucker@@cvs.openbsd.org 2008/06/13 14:18:51
     [auth2-pubkey.c auth-rhosts.c]
     Include unistd.h for close(), prevents warnings in -portable
   - dtucker@@cvs.openbsd.org 2008/06/13 17:21:20
     [mux.c]
     Friendlier error messages for mux fallback.  ok djm@@
   - dtucker@@cvs.openbsd.org 2008/06/13 18:55:22
     [scp.c]
     Prevent -Wsign-compare warnings on LP64 systems.  bz #1192, ok deraadt@@
   - grunk@@cvs.openbsd.org 2008/06/13 20:13:26
     [ssh.1]
     Explain the use of SSH fpr visualization using random art, and cite the
     original scientific paper inspiring that technique.
     Much help with English and nroff by jmc@@, thanks.
 - (dtucker) [configure.ac] Bug #1276: avoid linking against libgssapi, which
   despite its name doesn't seem to implement all of GSSAPI.  Patch from
   Jan Engelhardt, sanity checked by Simon Wilkinson.

20080612
 - (dtucker) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2008/06/11 07:30:37
     [sshd.8]
     kill trailing whitespace;
   - grunk@@cvs.openbsd.org 2008/06/11 21:01:35
     [ssh_config.5 key.h readconf.c readconf.h ssh-keygen.1 ssh-keygen.c key.c
      sshconnect.c]
     Introduce SSH Fingerprint ASCII Visualization, a technique inspired by the
     graphical hash visualization schemes known as "random art", and by
     Dan Kaminsky's musings on the subject during a BlackOp talk at the
     23C3 in Berlin.
     Scientific publication (original paper):
     "Hash Visualization: a New Technique to improve Real-World Security",
     Perrig A. and Song D., 1999, International Workshop on Cryptographic
     Techniques and E-Commerce (CrypTEC '99)
     http://sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf
     The algorithm used here is a worm crawling over a discrete plane,
     leaving a trace (augmenting the field) everywhere it goes.
     Movement is taken from dgst_raw 2bit-wise.  Bumping into walls
     makes the respective movement vector be ignored for this turn,
     thus switching to the other color of the chessboard.
     Graphs are not unambiguous for now, because circles in graphs can be
     walked in either direction.
     discussions with several people,
     help, corrections and ok markus@@ djm@@
   - grunk@@cvs.openbsd.org 2008/06/11 21:38:25
     [ssh-keygen.c]
     ssh-keygen -lv -f /etc/ssh/ssh_host_rsa_key.pub
     would not display you the random art as intended, spotted by canacar@@
   - grunk@@cvs.openbsd.org 2008/06/11 22:20:46
     [ssh-keygen.c ssh-keygen.1]
     ssh-keygen would write fingerprints to STDOUT, and random art to STDERR,
     that is not how it was envisioned.
     Also correct manpage saying that -v is needed along with -l for it to work.
     spotted by naddy@@
   - otto@@cvs.openbsd.org 2008/06/11 23:02:22
     [key.c]
     simpler way of computing the augmentations; ok grunk@@
   - grunk@@cvs.openbsd.org 2008/06/11 23:03:56
     [ssh_config.5]
     CheckHostIP set to ``fingerprint'' will display both hex and random art
     spotted by naddy@@
   - grunk@@cvs.openbsd.org 2008/06/11 23:51:57
     [key.c]
     #define statements that are not atoms need braces around them, else they
     will cause trouble in some cases.
     Also do a computation of -1 once, and not in a loop several times.
     spotted by otto@@
   - dtucker@@cvs.openbsd.org 2008/06/12 00:03:49
     [dns.c canohost.c sshconnect.c]
     Do not pass "0" strings as ports to getaddrinfo because the lookups
     can slow things down and we never use the service info anyway. bz
     #859, patch from YOSHIFUJI Hideaki and John Devitofranceschi.  ok
     deraadt@@ djm@@
     djm belives that the reason for the "0" strings is to ensure that
     it's not possible to call getaddrinfo with both host and port being
     NULL.  In the case of canohost.c host is a local array.  In the
     case of sshconnect.c, it's checked for null immediately before use.
     In dns.c it ultimately comes from ssh.c:main() and is guaranteed to
     be non-null but it's not obvious, so I added a warning message in
     case it is ever passed a null.
   - grunk@@cvs.openbsd.org 2008/06/12 00:13:55
     [sshconnect.c]
     Make ssh print the random art also when ssh'ing to a host using IP only.
     spotted by naddy@@, ok and help djm@@ dtucker@@
   - otto@@cvs.openbsd.org 2008/06/12 00:13:13
     [key.c]
     use an odd number of rows and columns and a separate start marker, looks
     better; ok grunk@@
   - djm@@cvs.openbsd.org 2008/06/12 03:40:52
     [clientloop.h mux.c channels.c clientloop.c channels.h]
     Enable ~ escapes for multiplex slave sessions; give each channel
     its own escape state and hook the escape filters up to muxed
     channels. bz #1331
     Mux slaves do not currently support the ~^Z and ~& escapes.
     NB. this change cranks the mux protocol version, so a new ssh
     mux client will not be able to connect to a running old ssh
     mux master.
     ok dtucker@@
   - djm@@cvs.openbsd.org 2008/06/12 04:06:00
     [clientloop.h ssh.c clientloop.c]
     maintain an ordered queue of outstanding global requests that we
     expect replies to, similar to the per-channel confirmation queue.
     Use this queue to verify success or failure for remote forward
     establishment in a race free way.
     ok dtucker@@
   - djm@@cvs.openbsd.org 2008/06/12 04:17:47
     [clientloop.c]
     thall shalt not code past the eightieth column
   - djm@@cvs.openbsd.org 2008/06/12 04:24:06
     [ssh.c]
     thal shalt not code past the eightieth column
   - djm@@cvs.openbsd.org 2008/06/12 05:15:41
     [PROTOCOL]
     document tun@@openssh.com forwarding method
   - djm@@cvs.openbsd.org 2008/06/12 05:32:30
     [mux.c]
     some more TODO for me
   - grunk@@cvs.openbsd.org 2008/06/12 05:42:46
     [key.c]
     supply the key type (rsa1, rsa, dsa) as a caption in the frame of the
     random art.  while there, stress the fact that the field base should at
     least be 8 characters for the pictures to make sense.
     comment and ok djm@@
   - grunk@@cvs.openbsd.org 2008/06/12 06:32:59
     [key.c]
     We already mark the start of the worm, now also mark the end of the worm
     in our random art drawings.
     ok djm@@
   - djm@@cvs.openbsd.org 2008/06/12 15:19:17
     [clientloop.h channels.h clientloop.c channels.c mux.c]
     The multiplexing escape char handler commit last night introduced a
     small memory leak per session; plug it.
   - dtucker@@cvs.openbsd.org 2008/06/12 16:35:31
     [ssh_config.5 ssh.c]
     keyword expansion for localcommand.  ok djm@@
   - jmc@@cvs.openbsd.org 2008/06/12 19:10:09
     [ssh_config.5 ssh-keygen.1]
     tweak the ascii art text; ok grunk
   - dtucker@@cvs.openbsd.org 2008/06/12 20:38:28
     [sshd.c sshconnect.c packet.h misc.c misc.h packet.c]
     Make keepalive timeouts apply while waiting for a packet, particularly
     during key renegotiation (bz #1363).  With djm and Matt Day, ok djm@@
   - djm@@cvs.openbsd.org 2008/06/12 20:47:04
     [sftp-client.c]
     print extension revisions for extensions that we understand
   - djm@@cvs.openbsd.org 2008/06/12 21:06:25
     [clientloop.c]
     I was coalescing expected global request confirmation replies at
     the wrong end of the queue - fix; prompted by markus@@
   - grunk@@cvs.openbsd.org 2008/06/12 21:14:46
     [ssh-keygen.c]
     make ssh-keygen -lf show the key type just as ssh-add -l would do it
     ok djm@@ markus@@
   - grunk@@cvs.openbsd.org 2008/06/12 22:03:36
     [key.c]
     add my copyright, ok djm@@
   - ian@@cvs.openbsd.org 2008/06/12 23:24:58
     [sshconnect.c]
     tweak wording in message, ok deraadt@@ jmc@@
   - dtucker@@cvs.openbsd.org 2008/06/13 00:12:02
     [sftp.h log.h]
     replace __dead with __attribute__((noreturn)), makes things
     a little easier to port.  Also, add it to sigdie().  ok djm@@
   - djm@@cvs.openbsd.org 2008/06/13 00:16:49
     [mux.c]
     fall back to creating a new TCP connection on most multiplexing errors
     (socket connect fail, invalid version, refused permittion, corrupted
     messages, etc.); bz #1329 ok dtucker@@
   - dtucker@@cvs.openbsd.org 2008/06/13 00:47:53
     [mux.c]
     upcast size_t to u_long to match format arg; ok djm@@
   - dtucker@@cvs.openbsd.org 2008/06/13 00:51:47
     [mac.c]
     upcast another size_t to u_long to match format
   - dtucker@@cvs.openbsd.org 2008/06/13 01:38:23
     [misc.c]
     upcast uid to long with matching %ld, prevents warnings in portable
   - djm@@cvs.openbsd.org 2008/06/13 04:40:22
     [auth2-pubkey.c auth-rhosts.c]
     refuse to read ~/.shosts or ~/.ssh/authorized_keys that are not
     regular files; report from Solar Designer via Colin Watson in bz#1471
     ok dtucker@@ deraadt
  - (dtucker) [clientloop.c serverloop.c]  channel_register_filter now
    takes 2 more args.  with djm@@
  - (dtucker) [defines.h] Bug #1112: __dead is, well dead. Based on a patch
    from Todd Vierling.
  - (dtucker) [auth-sia.c] Bug #1241: support password expiry on Tru64 SIA
    systems.  Patch from R. Scott Bailey.
  - (dtucker) [umac.c] STORE_UINT32_REVERSED and endian_convert are never used
    on big endian machines, so ifdef them for little-endian only to prevent
    unused function warnings on big-endians.
  - (dtucker) [openbsd-compat/setenv.c] Make offsets size_t to prevent
    compiler warnings on some platforms.  Based on a discussion with otto@@

20080611
 - (djm) [channels.c configure.ac]
   Do not set SO_REUSEADDR on wildcard X11 listeners (X11UseLocalhost=no)
   bz#1464; ok dtucker 

20080610
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/06/10 03:57:27
     [servconf.c match.h sshd_config.5]
     support CIDR address matching in sshd_config "Match address" blocks, with
     full support for negation and fall-back to classic wildcard matching.
     For example:
     Match address 192.0.2.0/24,3ffe:ffff::/32,!10.*
         PasswordAuthentication yes
     addrmatch.c code mostly lifted from flowd's addr.c
     feedback and ok dtucker@@
   - djm@@cvs.openbsd.org 2008/06/10 04:17:46
     [sshd_config.5]
     better reference for pattern-list
   - dtucker@@cvs.openbsd.org 2008/06/10 04:50:25
     [sshd.c channels.h channels.c log.c servconf.c log.h servconf.h sshd.8]
     Add extended test mode (-T) and connection parameters for test mode (-C).
     -T causes sshd to write its effective configuration to stdout and exit.
     -C causes any relevant Match rules to be applied before output.  The
     combination allows tesing of the parser and config files.  ok deraadt djm
   - jmc@@cvs.openbsd.org 2008/06/10 07:12:00
     [sshd_config.5]
     tweak previous;
   - jmc@@cvs.openbsd.org 2008/06/10 08:17:40
     [sshd.8 sshd.c]
     - update usage()
     - fix SYNOPSIS, and sort options
     - some minor additional fixes
   - dtucker@@cvs.openbsd.org 2008/06/09 18:06:32
     [regress/test-exec.sh]
     Don't generate putty keys if we're not going to use them.  ok djm
   - dtucker@@cvs.openbsd.org 2008/06/10 05:23:32
     [regress/addrmatch.sh regress/Makefile]
     Regress test for Match CIDR rules.  ok djm@@
   - dtucker@@cvs.openbsd.org 2008/06/10 15:21:41
     [test-exec.sh]
     Use a more portable construct for checking if we're running a putty test
   - dtucker@@cvs.openbsd.org 2008/06/10 15:28:49
     [test-exec.sh]
     Add quotes
   - dtucker@@cvs.openbsd.org 2008/06/10 18:21:24
     [ssh_config.5]
     clarify that Host patterns are space-separated.  ok deraadt
   - djm@@cvs.openbsd.org 2008/06/10 22:15:23
     [PROTOCOL ssh.c serverloop.c]
     Add a no-more-sessions@@openssh.com global request extension that the
     client sends when it knows that it will never request another session
     (i.e. when session multiplexing is disabled). This allows a server to
     disallow further session requests and terminate the session.
     Why would a non-multiplexing client ever issue additional session
     requests? It could have been attacked with something like SSH'jack:
     http://www.storm.net.nz/projects/7
     feedback & ok markus
   - djm@@cvs.openbsd.org 2008/06/10 23:06:19
     [auth-options.c match.c servconf.c addrmatch.c sshd.8]
     support CIDR address matching in .ssh/authorized_keys from="..." stanzas
     ok and extensive testing dtucker@@
   - dtucker@@cvs.openbsd.org 2008/06/10 23:21:34
     [bufaux.c]
     Use '\0' for a nul byte rather than unadorned 0.  ok djm@@
   - dtucker@@cvs.openbsd.org 2008/06/10 23:13:43
     [Makefile regress/key-options.sh]
     Add regress test for key options.  ok djm@@
 - (dtucker) [openbsd-compat/fake-rfc2553.h] Add sin6_scope_id to sockaddr_in6
   since the new CIDR code in addmatch.c references it.
 - (dtucker) [Makefile.in configure.ac regress/addrmatch.sh] Skip IPv6
   specific tests on platforms that don't do IPv6.
 - (dtucker) [Makefile.in] Define TEST_SSH_IPV6 in make's arguments as well
   as environment.
 - (dtucker) [Makefile.in] Move addrmatch.o to libssh.a where it's needed now.

20080609
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2008/06/08 17:04:41
     [sftp-server.c]
     Add case for ENOSYS in errno_to_portable; ok deraadt
   - dtucker@@cvs.openbsd.org 2008/06/08 20:15:29
     [sftp.c sftp-client.c sftp-client.h]
     Have the sftp client store the statvfs replies in wire format,
     which prevents problems when the server's native sizes exceed the
     client's.
     Also extends the sizes of the remaining 32bit wire format to 64bit,
     they're specified as unsigned long in the standard.
   - dtucker@@cvs.openbsd.org 2008/06/09 13:02:39
     [sftp-server.c]
     Extend 32bit -> 64bit values for statvfs extension missed in previous
     commit.
   - dtucker@@cvs.openbsd.org 2008/06/09 13:38:46
     [PROTOCOL]
     Use a $OpenBSD tag so our scripts will sync changes.

20080608
 - (dtucker) [configure.ac defines.h sftp-client.c sftp-server.c sftp.c
   openbsd-compat/Makefile.in openbsd-compat/openbsd-compat.h
   openbsd-compat/bsd-statvfs.{c,h}] Add a null implementation of statvfs and
   fstatvfs and remove #defines around statvfs code.  ok djm@@
 - (dtucker) [configure.ac defines.h sftp-client.c M sftp-server.c] Add a
   macro to convert fsid to unsigned long for platforms where fsid is a
   2-member array.

20080607
 - (dtucker) [mux.c] Include paths.h inside ifdef HAVE_PATHS_H.
 - (dtucker) [configure.ac defines.h sftp-client.c sftp-server.c sftp.c]
   Do not enable statvfs extensions on platforms that do not have statvfs.
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/05/19 06:14:02
     [packet.c] unbreak protocol keepalive timeouts bz#1465; ok dtucker@@
   - djm@@cvs.openbsd.org 2008/05/19 15:45:07
     [sshtty.c ttymodes.c sshpty.h]
     Fix sending tty modes when stdin is not a tty (bz#1199). Previously
     we would send the modes corresponding to a zeroed struct termios,
     whereas we should have been sending an empty list of modes.
     Based on patch from daniel.ritz AT alcatel.ch; ok dtucker@@ markus@@
   - djm@@cvs.openbsd.org 2008/05/19 15:46:31
     [ssh-keygen.c]
     support -l (print fingerprint) in combination with -F (find host) to
     search for a host in ~/.ssh/known_hosts and display its fingerprint;
     ok markus@@
   - djm@@cvs.openbsd.org 2008/05/19 20:53:52
     [clientloop.c]
     unbreak tree by committing this bit that I missed from:
     Fix sending tty modes when stdin is not a tty (bz#1199). Previously
     we would send the modes corresponding to a zeroed struct termios,
     whereas we should have been sending an empty list of modes.
     Based on patch from daniel.ritz AT alcatel.ch; ok dtucker@@ markus@@ 

20080604
 - (djm) [openbsd-compat/bsd-arc4random.c] Fix math bug that caused bias
   in arc4random_uniform with upper_bound in (2^30,2*31). Note that 
   OpenSSH did not make requests with upper bounds in this range.

20080519
 - (djm) [configure.ac mux.c sftp.c openbsd-compat/Makefile.in]
   [openbsd-compat/fmt_scaled.c openbsd-compat/openbsd-compat.h]
   Fix compilation on Linux, including pulling in fmt_scaled(3)
   implementation from OpenBSD's libutil.

20080518
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/04/04 05:14:38
     [sshd_config.5]
     ChrootDirectory is supported in Match blocks (in fact, it is most useful
     there). Spotted by Minstrel AT minstrel.org.uk
   - djm@@cvs.openbsd.org 2008/04/04 06:44:26
     [sshd_config.5]
     oops, some unrelated stuff crept into that commit - backout.
     spotted by jmc@@
   - djm@@cvs.openbsd.org 2008/04/05 02:46:02
     [sshd_config.5]
     HostbasedAuthentication is supported under Match too
 - (djm) [openbsd-compat/bsd-arc4random.c openbsd-compat/openbsd-compat.c]
     [configure.ac] Implement arc4random_buf(), import implementation of
     arc4random_uniform() from OpenBSD
 - (djm) [openbsd-compat/bsd-arc4random.c] Warning fixes
 - (djm) [openbsd-compat/port-tun.c] needs sys/queue.h
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/04/13 00:22:17
     [dh.c sshd.c]
     Use arc4random_buf() when requesting more than a single word of output
     Use arc4random_uniform() when the desired random number upper bound
     is not a power of two
     ok deraadt@@ millert@@
   - djm@@cvs.openbsd.org 2008/04/18 12:32:11
     [sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c sftp.h]
     introduce sftp extension methods statvfs@@openssh.com and
     fstatvfs@@openssh.com that implement statvfs(2)-like operations,
     based on a patch from miklos AT szeredi.hu (bz#1399)
     also add a "df" command to the sftp client that uses the
     statvfs@@openssh.com to produce a df(1)-like display of filesystem
     space and inode utilisation
     ok markus@@
   - jmc@@cvs.openbsd.org 2008/04/18 17:15:47
     [sftp.1]
     macro fixage;
   - djm@@cvs.openbsd.org 2008/04/18 22:01:33
     [session.c]
     remove unneccessary parentheses
   - otto@@cvs.openbsd.org 2008/04/29 11:20:31
     [monitor_mm.h]
     garbage collect two unused fields in struct mm_master; ok markus@@
   - djm@@cvs.openbsd.org 2008/04/30 10:14:03
     [ssh-keyscan.1 ssh-keyscan.c]
     default to rsa (protocol 2) keys, instead of rsa1 keys; spotted by
     larsnooden AT openoffice.org
   - pyr@@cvs.openbsd.org 2008/05/07 05:49:37
     [servconf.c servconf.h session.c sshd_config.5]
     Enable the AllowAgentForwarding option in sshd_config (global and match
     context), to specify if agents should be permitted on the server.
     As the man page states:
     ``Note that disabling Agent forwarding does not improve security
     unless users are also denied shell access, as they can always install
     their own forwarders.''
     ok djm@@, ok and a mild frown markus@@
   - pyr@@cvs.openbsd.org 2008/05/07 06:43:35
     [sshd_config]
     push the sshd_config bits in, spotted by ajacoutot@@
   - jmc@@cvs.openbsd.org 2008/05/07 08:00:14
     [sshd_config.5]
     sort;
   - markus@@cvs.openbsd.org 2008/05/08 06:59:01
     [bufaux.c buffer.h channels.c packet.c packet.h]
     avoid extra malloc/copy/free when receiving data over the net;
     ~10% speedup for localhost-scp; ok djm@@
   - djm@@cvs.openbsd.org 2008/05/08 12:02:23
     [auth-options.c auth1.c channels.c channels.h clientloop.c gss-serv.c]
     [monitor.c monitor_wrap.c nchan.c servconf.c serverloop.c session.c]
     [ssh.c sshd.c]
     Implement a channel success/failure status confirmation callback
     mechanism. Each channel maintains a queue of callbacks, which will
     be drained in order (RFC4253 guarantees confirm messages are not
     reordered within an channel).
     Also includes a abandonment callback to clean up if a channel is
     closed without sending confirmation messages. This probably
     shouldn't happen in compliant implementations, but it could be
     abused to leak memory.
     ok markus@@ (as part of a larger diff)
   - djm@@cvs.openbsd.org 2008/05/08 12:21:16
     [monitor.c monitor_wrap.c session.h servconf.c servconf.h session.c]
     [sshd_config sshd_config.5]
     Make the maximum number of sessions run-time controllable via
     a sshd_config MaxSessions knob. This is useful for disabling
     login/shell/subsystem access while leaving port-forwarding working
     (MaxSessions 0), disabling connection multiplexing (MaxSessions 1) or
     simply increasing the number of allows multiplexed sessions.
     Because some bozos are sure to configure MaxSessions in excess of the
     number of available file descriptors in sshd (which, at peak, might be
     as many as 9*MaxSessions), audit sshd to ensure that it doesn't leak fds
     on error paths, and make it fail gracefully on out-of-fd conditions -
     sending channel errors instead of than exiting with fatal().
     bz#1090; MaxSessions config bits and manpage from junyer AT gmail.com
     ok markus@@
   - djm@@cvs.openbsd.org 2008/05/08 13:06:11
     [clientloop.c clientloop.h ssh.c]
     Use new channel status confirmation callback system to properly deal
     with "important" channel requests that fail, in particular command exec,
     shell and subsystem requests. Previously we would optimistically assume
     that the requests would always succeed, which could cause hangs if they
     did not (e.g. when the server runs out of fds) or were unimplemented by
     the server (bz #1384)
     Also, properly report failing multiplex channel requests via the mux
     client stderr (subject to LogLevel in the mux master) - better than
     silently failing.
     most bits ok markus@@ (as part of a larger diff)
   - djm@@cvs.openbsd.org 2008/05/09 04:55:56
     [channels.c channels.h clientloop.c serverloop.c]
     Try additional addresses when connecting to a port forward destination
     whose DNS name resolves to more than one address. The previous behaviour
     was to try the first address and give up.
     Reported by stig AT venaas.com in bz#343
     great feedback and ok markus@@
   - djm@@cvs.openbsd.org 2008/05/09 14:18:44
     [clientloop.c clientloop.h ssh.c mux.c]
     tidy up session multiplexing code, moving it into its own file and
     making the function names more consistent - making ssh.c and
     clientloop.c a fair bit more readable.
     ok markus@@
   - djm@@cvs.openbsd.org 2008/05/09 14:26:08
     [ssh.c]
     dingo stole my diff hunk
   - markus@@cvs.openbsd.org 2008/05/09 16:16:06
     [session.c]
     re-add the USE_PIPES code and enable it.
     without pipes shutdown-read from the sshd does not trigger
     a SIGPIPE when the forked program does a write.
     ok djm@@
     (Id sync only, USE_PIPES never left portable OpenSSH)
   - markus@@cvs.openbsd.org 2008/05/09 16:17:51
     [channels.c]
     error-fd race: don't enable the error fd in the select bitmask
     for channels with both in- and output closed, since the channel
     will go away before we call select();
     report, lots of debugging help and ok djm@@
   - markus@@cvs.openbsd.org 2008/05/09 16:21:13
     [channels.h clientloop.c nchan.c serverloop.c]
     unbreak
        ssh -2 localhost od /bin/ls | true
     ignoring SIGPIPE by adding a new channel message (EOW) that signals
     the peer that we're not interested in any data it might send.
     fixes bz #85; discussion, debugging and ok djm@@
   - pvalchev@@cvs.openbsd.org 2008/05/12 20:52:20
     [umac.c]
     Ensure nh_result lies on a 64-bit boundary (fixes warnings observed
     on Itanium on Linux); from Dale Talcott (bug #1462); ok djm@@
   - djm@@cvs.openbsd.org 2008/05/15 23:52:24
     [nchan2.ms]
     document eow message in ssh protocol 2 channel state machine;
     feedback and ok markus@@
   - djm@@cvs.openbsd.org 2008/05/18 21:29:05
     [sftp-server.c]
     comment extension announcement
   - djm@@cvs.openbsd.org 2008/05/16 08:30:42
     [PROTOCOL]
     document our protocol extensions and deviations; ok markus@@
   - djm@@cvs.openbsd.org 2008/05/17 01:31:56
     [PROTOCOL]
     grammar and correctness fixes from stevesk@@

20080403
 - (djm) [openbsd-compat/bsd-poll.c] Include stdlib.h to avoid compile-
   time warnings on LynxOS. Patch from ops AT iki.fi
 - (djm) Force string arguments to replacement setproctitle() though
   strnvis first. Ok dtucker@@

20080403
 - (djm) OpenBSD CVS sync:
   - markus@@cvs.openbsd.org 2008/04/02 15:36:51
     [channels.c]
     avoid possible hijacking of x11-forwarded connections (back out 1.183)
     CVE-2008-1483; ok djm@@
   - jmc@@cvs.openbsd.org 2008/03/27 22:37:57
     [sshd.8]
     remove trailing whitespace;
   - djm@@cvs.openbsd.org 2008/04/03 09:50:14
     [version.h]
     openssh-5.0
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Crank version numbers in RPM spec files
 - (djm) [README] Update link to release notes
 - (djm) Release 5.0p1
@


1.6
log
@SVN rev 207319 on 2010-04-28 10:36:33Z by des

Upgrade to OpenSSH 5.5p1.
@
text
@d1 519
@


1.5
log
@SVN rev 204917 on 2010-03-09 19:16:43Z by des

Upgrade to OpenSSH 5.4p1.

MFC after:	1 month
@
text
@d1 117
a117 1
20100307
@


1.4
log
@SVN rev 197679 on 2009-10-01 17:12:52Z by des

Upgrade to OpenSSH 5.3p1.
@
text
@d1 979
@


1.3
log
@SVN rev 192595 on 2009-05-22 18:46:28Z by des

Upgrade to OpenSSH 5.2p1.

MFC after:	3 months
@
text
@d1 279
@


1.3.2.1
log
@SVN rev 206984 on 2010-04-21 06:33:10Z by des

MFH OpenSSH 5.4p1
@
text
@a0 1258
20100307
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/03/07 22:16:01
     [ssh-keygen.c]
     make internal strptime string match strftime format;
     suggested by vinschen AT redhat.com and markus@@
   - djm@@cvs.openbsd.org 2010/03/08 00:28:55
     [ssh-keygen.1]
     document permit-agent-forwarding certificate constraint; patch from
     stevesk@@
   - djm@@cvs.openbsd.org 2010/03/07 22:01:32
     [version.h]
     openssh-5.4
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   crank version numbers
 - (djm) Release OpenSSH-5.4p1

20100307
 - (dtucker) [auth.c] Bug #1710: call setauthdb on AIX before getpwuid so that
   it gets the passwd struct from the LAM that knows about the user which is
   not necessarily the default.  Patch from Alexandre Letourneau.
 - (dtucker) [session.c] Bug #1567: move setpcred call to before chroot and
   do not set real uid, since that's needed for the chroot, and will be set
   by permanently_set_uid.
 - (dtucker) [session.c] Also initialize creds to NULL for handing to
    setpcred.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2010/03/07 11:57:13
     [auth-rhosts.c monitor.c monitor_wrap.c session.c auth-options.c sshd.c]
     Hold authentication debug messages until after successful authentication.
     Fixes an info leak of environment variables specified in authorized_keys,
     reported by Jacob Appelbaum.  ok djm@@

20100305
 - OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2010/03/04 12:51:25
     [ssh.1 sshd_config.5]
     tweak previous;
   - djm@@cvs.openbsd.org 2010/03/04 20:35:08
     [ssh-keygen.1 ssh-keygen.c]
     Add a -L flag to print the contents of a certificate; ok markus@@
   - jmc@@cvs.openbsd.org 2010/03/04 22:52:40
     [ssh-keygen.1]
     fix Bk/Ek;
   - djm@@cvs.openbsd.org 2010/03/04 23:17:25
     [sshd_config.5]
     missing word; spotted by jmc@@
   - djm@@cvs.openbsd.org 2010/03/04 23:19:29
     [ssh.1 sshd.8]
     move section on CA and revoked keys from ssh.1 to sshd.8's known hosts
     format section and rework it a bit; requested by jmc@@
   - djm@@cvs.openbsd.org 2010/03/04 23:27:25
     [auth-options.c ssh-keygen.c]
     "force-command" is not spelled "forced-command"; spotted by
     imorgan AT nas.nasa.gov
   - djm@@cvs.openbsd.org 2010/03/05 02:58:11
     [auth.c]
     make the warning for a revoked key louder and more noticable
   - jmc@@cvs.openbsd.org 2010/03/05 06:50:35
     [ssh.1 sshd.8]
     tweak previous;
   - jmc@@cvs.openbsd.org 2010/03/05 08:31:20
     [ssh.1]
     document certificate authentication; help/ok djm
   - djm@@cvs.openbsd.org 2010/03/05 10:28:21
     [ssh-add.1 ssh.1 ssh_config.5]
     mention loading of certificate files from [private]-cert.pub when
     they are present; feedback and ok jmc@@
 - (tim) [ssh-pkcs11.c] Fix "non-constant initializer" errors in older
   compilers. OK djm@@
 - (djm) [ssh-rand-helper.c] declare optind, avoiding compilation failure
   on some platforms
 - (djm) [configure.ac] set -fno-strict-aliasing for gcc4; ok dtucker@@

20100304
 - (djm) [ssh-keygen.c] Use correct local variable, instead of
   maybe-undefined global "optarg"
 - (djm) [contrib/redhat/openssh.spec] Replace obsolete BuildPreReq
   on XFree86-devel with neutral /usr/include/X11/Xlib.h;
   imorgan AT nas.nasa.gov in bz#1731
 - (djm) [.cvsignore] Ignore ssh-pkcs11-helper
 - (djm) [regress/Makefile] Cleanup sshd_proxy_orig
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/03/03 01:44:36
     [auth-options.c key.c]
     reject strings with embedded ASCII nul chars in certificate key IDs,
     principal names and constraints
   - djm@@cvs.openbsd.org 2010/03/03 22:49:50
     [sshd.8]
     the authorized_keys option for CA keys is "cert-authority", not
     "from=cert-authority". spotted by imorgan AT nas.nasa.gov
   - djm@@cvs.openbsd.org 2010/03/03 22:50:40
     [PROTOCOL.certkeys]
     s/similar same/similar/; from imorgan AT nas.nasa.gov
   - djm@@cvs.openbsd.org 2010/03/04 01:44:57
     [key.c]
     use buffer_get_string_ptr_ret() where we are checking the return
     value explicitly instead of the fatal()-causing buffer_get_string_ptr()
   - djm@@cvs.openbsd.org 2010/03/04 10:36:03
     [auth-rh-rsa.c auth-rsa.c auth.c auth.h auth2-hostbased.c auth2-pubkey.c]
     [authfile.c authfile.h hostfile.c hostfile.h servconf.c servconf.h]
     [ssh-keygen.c ssh.1 sshconnect.c sshd_config.5]
     Add a TrustedUserCAKeys option to sshd_config to specify CA keys that
     are trusted to authenticate users (in addition than doing it per-user
     in authorized_keys).
     
     Add a RevokedKeys option to sshd_config and a @@revoked marker to
     known_hosts to allow keys to me revoked and banned for user or host
     authentication.
     
     feedback and ok markus@@
   - djm@@cvs.openbsd.org 2010/03/03 00:47:23
     [regress/cert-hostkey.sh regress/cert-userkey.sh]
     add an extra test to ensure that authentication with the wrong
     certificate fails as it should (and it does)
   - djm@@cvs.openbsd.org 2010/03/04 10:38:23
     [regress/cert-hostkey.sh regress/cert-userkey.sh]
     additional regression tests for revoked keys and TrustedUserCAKeys

20100303
 - (djm) [PROTOCOL.certkeys] Add RCS Ident
 - OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2010/02/26 22:09:28
     [ssh-keygen.1 ssh.1 sshd.8]
     tweak previous;
   - otto@@cvs.openbsd.org 2010/03/01 11:07:06
     [ssh-add.c]
     zap what seems to be a left-over debug message; ok markus@@
   - djm@@cvs.openbsd.org 2010/03/02 23:20:57
     [ssh-keygen.c]
     POSIX strptime is stricter than OpenBSD's so do a little dance to
     appease it.
 - (djm) [regress/cert-userkey.sh] s/echo -n/echon/ here too

20100302
 - (tim) [config.guess config.sub] Bug 1722: Update to latest versions from
   http://git.savannah.gnu.org/gitweb/ (2009-12-30 and 2010-01-22
   respectively).

20100301
 - (dtucker) [regress/{cert-hostkey,cfgmatch,cipher-speed}.sh} Replace
   "echo -n" with "echon" for portability.
 - (dtucker) [openbsd-compat/port-linux.c] Make failure to write to the OOM
   adjust log at verbose only, since according to cjwatson in bug #1470
   some virtualization platforms don't allow writes.

20100228
 - (djm) [auth.c] On Cygwin, refuse usernames that have differences in
   case from that matched in the system password database. On this
   platform, passwords are stored case-insensitively, but sshd requires
   exact case matching for Match blocks in sshd_config(5). Based on
   a patch from vinschen AT redhat.com.
 - (tim) [ssh-pkcs11-helper.c] Move declarations before calling functions
   to make older compilers (gcc 2.95) happy.

20100227
 - (djm) [ssh-pkcs11-helper.c ] Ensure RNG is initialised and seeded
 - (djm) [openbsd-compat/bsd-cygwin_util.c] Reduce the set of environment
   variables copied into sshd child processes. From vinschen AT redhat.com

20100226
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/02/26 20:29:54
     [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys addrmatch.c auth-options.c]
     [auth-options.h auth.h auth2-pubkey.c authfd.c dns.c dns.h hostfile.c]
     [hostfile.h kex.h kexdhs.c kexgexs.c key.c key.h match.h monitor.c]
     [myproposal.h servconf.c servconf.h ssh-add.c ssh-agent.c ssh-dss.c]
     [ssh-keygen.1 ssh-keygen.c ssh-rsa.c ssh.1 ssh.c ssh2.h sshconnect.c]
     [sshconnect2.c sshd.8 sshd.c sshd_config.5]
     Add support for certificate key types for users and hosts.
     
     OpenSSH certificate key types are not X.509 certificates, but a much
     simpler format that encodes a public key, identity information and
     some validity constraints and signs it with a CA key. CA keys are
     regular SSH keys. This certificate style avoids the attack surface
     of X.509 certificates and is very easy to deploy.
     
     Certified host keys allow automatic acceptance of new host keys
     when a CA certificate is marked as trusted in ~/.ssh/known_hosts.
     see VERIFYING HOST KEYS in ssh(1) for details.
     
     Certified user keys allow authentication of users when the signing
     CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS
     FILE FORMAT" in sshd(8) for details.
     
     Certificates are minted using ssh-keygen(1), documentation is in
     the "CERTIFICATES" section of that manpage.
     
     Documentation on the format of certificates is in the file
     PROTOCOL.certkeys
     
     feedback and ok markus@@
   - djm@@cvs.openbsd.org 2010/02/26 20:33:21
     [Makefile regress/cert-hostkey.sh regress/cert-userkey.sh]
     regression tests for certified keys

20100224
 - (djm) [pkcs11.h ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]
   [ssh-pkcs11.h] Add $OpenBSD$ RCS idents so we can sync portable
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/02/11 20:37:47
     [pathnames.h]
     correct comment
   - dtucker@@cvs.openbsd.org 2009/11/09 04:20:04
     [regress/Makefile]
     add regression test for ssh-keygen pubkey conversions
   - dtucker@@cvs.openbsd.org 2010/01/11 02:53:44
     [regress/forwarding.sh]
     regress test for stdio forwarding
   - djm@@cvs.openbsd.org 2010/02/09 04:57:36
     [regress/addrmatch.sh]
     clean up droppings
   - djm@@cvs.openbsd.org 2010/02/09 06:29:02
     [regress/Makefile]
     turn on all the malloc(3) checking options when running regression
     tests. this has caught a few bugs for me in the past; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/02/24 06:21:56
     [regress/test-exec.sh]
     wait for sshd to fully stop in cleanup() function; avoids races in tests
     that do multiple start_sshd/cleanup cycles; "I hate pidfiles" deraadt@@
   - markus@@cvs.openbsd.org 2010/02/08 10:52:47
     [regress/agent-pkcs11.sh]
     test for PKCS#11 support (currently disabled)
 - (djm) [Makefile.in ssh-pkcs11-helper.8] Add manpage for PKCS#11 helper
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Add PKCS#11 helper binary and manpage

20100212
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/02/02 22:49:34
     [bufaux.c]
     make buffer_get_string_ret() really non-fatal in all cases (it was
     using buffer_get_int(), which could fatal() on buffer empty);
     ok markus dtucker
   - markus@@cvs.openbsd.org 2010/02/08 10:50:20
     [pathnames.h readconf.c readconf.h scp.1 sftp.1 ssh-add.1 ssh-add.c]
     [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config.5]
     replace our obsolete smartcard code with PKCS#11.
        ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf
     ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11
     provider (shared library) while ssh-agent(1) delegates PKCS#11 to
     a forked a ssh-pkcs11-helper process.
     PKCS#11 is currently a compile time option.
     feedback and ok djm@@; inspired by patches from Alon Bar-Lev
   - jmc@@cvs.openbsd.org 2010/02/08 22:03:05
     [ssh-add.1 ssh-keygen.1 ssh.1 ssh.c]
     tweak previous; ok markus
   - djm@@cvs.openbsd.org 2010/02/09 00:50:36
     [ssh-agent.c]
     fallout from PKCS#11: unbreak -D
   - djm@@cvs.openbsd.org 2010/02/09 00:50:59
     [ssh-keygen.c]
     fix -Wall
   - djm@@cvs.openbsd.org 2010/02/09 03:56:28
     [buffer.c buffer.h]
     constify the arguments to buffer_len, buffer_ptr and buffer_dump
   - djm@@cvs.openbsd.org 2010/02/09 06:18:46
     [auth.c]
     unbreak ChrootDirectory+internal-sftp by skipping check for executable
     shell when chrooting; reported by danh AT wzrd.com; ok dtucker@@
   - markus@@cvs.openbsd.org 2010/02/10 23:20:38
     [ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5]
     pkcs#11 is no longer optional; improve wording; ok jmc@@
   - jmc@@cvs.openbsd.org 2010/02/11 13:23:29
     [ssh.1]
     libarary -> library;
 - (djm) [INSTALL Makefile.in README.smartcard configure.ac scard-opensc.c]
   [scard.c scard.h pkcs11.h scard/Makefile.in scard/Ssh.bin.uu scard/Ssh.java]
   Remove obsolete smartcard support
 - (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]
   Make it compile on OSX
 - (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]
   Use ssh_get_progname to fill __progname
 - (djm) [configure.ac] Enable PKCS#11 support only when we find a working
   dlopen()

20100210
 - (djm) add -lselinux to LIBS before calling AC_CHECK_FUNCS for
   getseuserbyname; patch from calebcase AT gmail.com via
   cjwatson AT debian.org

20100202
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/01/30 21:08:33
     [sshd.8]
     debug output goes to stderr, not "the system log"; ok markus dtucker
   - djm@@cvs.openbsd.org 2010/01/30 21:12:08
     [channels.c]
     fake local addr:port when stdio fowarding as some servers (Tectia at
     least) validate that they are well-formed;
     reported by imorgan AT nas.nasa.gov
     ok dtucker

20100130
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/01/28 00:21:18
     [clientloop.c]
     downgrade an error() to a debug() - this particular case can be hit in
     normal operation for certain sequences of mux slave vs session closure
     and is harmless
   - djm@@cvs.openbsd.org 2010/01/29 00:20:41
     [sshd.c]
     set FD_CLOEXEC on sock_in/sock_out; bz#1706 from jchadima AT redhat.com
     ok dtucker@@
   - djm@@cvs.openbsd.org 2010/01/29 20:16:17
     [mux.c]
     kill correct channel (was killing already-dead mux channel, not
     its session channel)
   - djm@@cvs.openbsd.org 2010/01/30 02:54:53
     [mux.c]
     don't mark channel as read failed if it is already closing; suppresses
     harmless error messages when connecting to SSH.COM Tectia server
     report by imorgan AT nas.nasa.gov

20100129
 - (dtucker) [openbsd-compat/openssl-compat.c] Bug #1707: Call OPENSSL_config()
   after registering the hardware engines, which causes the openssl.cnf file to
   be processed.  See OpenSSL's man page for OPENSSL_config(3) for details.
   Patch from Solomon Peachy, ok djm@@.

20100128
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/01/26 02:15:20
     [mux.c]
     -Wuninitialized and remove a // comment; from portable
     (Id sync only)
   - djm@@cvs.openbsd.org 2010/01/27 13:26:17
     [mux.c]
     fix bug introduced in mux rewrite:
     
     In a mux master, when a socket to a mux slave closes before its server
     session (as may occur when the slave has been signalled), gracefully
     close the server session rather than deleting its channel immediately.
     A server may have more messages on that channel to send (e.g. an exit
     message) that will fatal() the client if they are sent to a channel that
     has been prematurely deleted.
     
     spotted by imorgan AT nas.nasa.gov
   - djm@@cvs.openbsd.org 2010/01/27 19:21:39
     [sftp.c]
     add missing "p" flag to getopt optstring;
     bz#1704 from imorgan AT nas.nasa.gov

20100126
 - (djm) OpenBSD CVS Sync
   - tedu@@cvs.openbsd.org 2010/01/17 21:49:09
     [ssh-agent.1]
     Correct and clarify ssh-add's password asking behavior.
     Improved text dtucker and ok jmc
   - dtucker@@cvs.openbsd.org 2010/01/18 01:50:27
     [roaming_client.c]
     s/long long unsigned/unsigned long long/, from tim via portable
     (Id sync only, change already in portable)
   - djm@@cvs.openbsd.org 2010/01/26 01:28:35
     [channels.c channels.h clientloop.c clientloop.h mux.c nchan.c ssh.c]
     rewrite ssh(1) multiplexing code to a more sensible protocol.
     
     The new multiplexing code uses channels for the listener and
     accepted control sockets to make the mux master non-blocking, so
     no stalls when processing messages from a slave.
     
     avoid use of fatal() in mux master protocol parsing so an errant slave
     process cannot take down a running master.
     
     implement requesting of port-forwards over multiplexed sessions. Any
     port forwards requested by the slave are added to those the master has
     established.
     
     add support for stdio forwarding ("ssh -W host:port ...") in mux slaves.
     
     document master/slave mux protocol so that other tools can use it to
     control a running ssh(1). Note: there are no guarantees that this
     protocol won't be incompatibly changed (though it is versioned).
     
     feedback Salvador Fandino, dtucker@@
     channel changes ok markus@@

20100122
 - (tim) [configure.ac] Due to constraints in Windows Sockets in terms of
   socket inheritance, reduce the default SO_RCVBUF/SO_SNDBUF buffer size
   in Cygwin to 65535. Patch from Corinna Vinschen.

20100117
 - (tim) [configure.ac] OpenServer 5 needs BROKEN_GETADDRINFO too.
 - (tim) [configure.ac] On SVR5 systems, use the C99-conforming functions
   snprintf() and vsnprintf() named _xsnprintf() and _xvsnprintf().

20100116
 - (dtucker) [openbsd-compat/pwcache.c] Pull in includes.h and thus defines.h
   so we correctly detect whether or not we have a native user_from_uid.
 - (dtucker) [openbsd-compat/openbsd-compat.h] Prototypes for user_from_uid
   and group_from_gid.
 - (dtucker) [openbsd-compat/openbsd-compat.h] Fix prototypes, spotted by
   Tim.
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2010/01/15 09:24:23
     [sftp-common.c]
     unused
 - (dtucker) [openbsd-compat/pwcache.c] Shrink ifdef area to prevent unused
   variable warnings.
 - (dtucker) [openbsd-compat/openbsd-compat.h] Typo.
 - (tim) [regress/portnum.sh] Shell portability fix.
 - (tim) [configure.ac] Define BROKEN_GETADDRINFO on SVR5 systems. The native
   getaddrinfo() is too old and limited for addr_pton() in addrmatch.c.
 - (tim) [roaming_client.c] Use of <sys/queue.h> is not really portable so we
   use "openbsd-compat/sys-queue.h". s/long long unsigned/unsigned long long/
   to keep USL compilers happy.

20100115
 - (dtucker) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2010/01/13 12:48:34
     [sftp.1 sftp.c]
     sftp.1: put ls -h in the right place
     sftp.c: as above, plus add -p to get/put, and shorten their arg names
     to keep the help usage nicely aligned
     ok djm
   - djm@@cvs.openbsd.org 2010/01/13 23:47:26
     [auth.c]
     when using ChrootDirectory, make sure we test for the existence of the
     user's shell inside the chroot; bz #1679, patch from alex AT rtfs.hu;
     ok dtucker
   - dtucker@@cvs.openbsd.org 2010/01/14 23:41:49
     [sftp-common.c]
     use user_from{uid,gid} to lookup up ids since it keeps a small cache.
     ok djm
   - guenther@@cvs.openbsd.org 2010/01/15 00:05:22
     [sftp.c]
     Reset SIGTERM to SIG_DFL before executing ssh, so that even if sftp
     inherited SIGTERM as ignored it will still be able to kill the ssh it
     starts.
     ok dtucker@@
 - (dtucker) [openbsd-compat/pwcache.c] Pull in pwcache.c from OpenBSD (no
   changes yet but there will be some to come).
 - (dtucker) [configure.ac openbsd-compat/{Makefile.in,pwcache.c} Portability
   for pwcache.  Also, added caching of negative hits.

20100114
 - (djm) [platform.h] Add missing prototype for
   platform_krb5_get_principal_name

20100113
 - (dtucker) [monitor_fdpass.c] Wrap poll.h include in ifdefs.
 - (dtucker) [openbsd-compat/readpassphrase.c] Resync against OpenBSD's r1.18:
   missing restore of SIGTTOU and some whitespace.
 - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.21.
 - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.22.
   Fixes bz #1590, where sometimes you could not interrupt a connection while
   ssh was prompting for a passphrase or password.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2010/01/13 00:19:04
     [sshconnect.c auth.c]
     Fix a couple of typos/mispellings in comments
   - dtucker@@cvs.openbsd.org 2010/01/13 01:10:56
     [key.c]
     Ignore and log any Protocol 1 keys where the claimed size is not equal to
     the actual size.  Noted by Derek Martin, ok djm@@
   - dtucker@@cvs.openbsd.org 2010/01/13 01:20:20
     [canohost.c ssh-keysign.c sshconnect2.c]
     Make HostBased authentication work with a ProxyCommand.  bz #1569, patch
     from imorgan at nas nasa gov, ok djm@@
   - djm@@cvs.openbsd.org 2010/01/13 01:40:16
     [sftp.c sftp-server.c sftp.1 sftp-common.c sftp-common.h]
     support '-h' (human-readable units) for sftp's ls command, just like
     ls(1); ok dtucker@@
   - djm@@cvs.openbsd.org 2010/01/13 03:48:13
     [servconf.c servconf.h sshd.c]
     avoid run-time failures when specifying hostkeys via a relative
     path by prepending the cwd in these cases; bz#1290; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/01/13 04:10:50
     [sftp.c]
     don't append a space after inserting a completion of a directory (i.e.
     a path ending in '/') for a slightly better user experience; ok dtucker@@
 - (dtucker) [sftp-common.c] Wrap include of util.h in an ifdef.
 - (tim) [defines.h] openbsd-compat/readpassphrase.c now needs _NSIG. 
   feedback and ok dtucker@@

20100112
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2010/01/11 01:39:46
     [ssh_config channels.c ssh.1 channels.h ssh.c]
     Add a 'netcat mode' (ssh -W).  This connects stdio on the client to a
     single port forward on the server.  This allows, for example, using ssh as
     a ProxyCommand to route connections via intermediate servers.
     bz #1618, man page help from jmc@@, ok markus@@
   - dtucker@@cvs.openbsd.org 2010/01/11 04:46:45
     [authfile.c sshconnect2.c]
     Do not prompt for a passphrase if we fail to open a keyfile, and log the
     reason the open failed to debug.
     bz #1693, found by tj AT castaglia org, ok djm@@
   - djm@@cvs.openbsd.org 2010/01/11 10:51:07
     [ssh-keygen.c]
     when converting keys, truncate key comments at 72 chars as per RFC4716;
     bz#1630 reported by tj AT castaglia.org; ok markus@@
   - dtucker@@cvs.openbsd.org 2010/01/12 00:16:47
     [authfile.c]
     Fix bug introduced in r1.78 (incorrect brace location) that broke key auth.
     Patch from joachim joachimschipper nl.
   - djm@@cvs.openbsd.org 2010/01/12 00:58:25
     [monitor_fdpass.c]
     avoid spinning when fd passing on nonblocking sockets by calling poll()
     in the EINTR/EAGAIN path, much like we do in atomicio; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/01/12 00:59:29
     [roaming_common.c]
     delete with extreme prejudice a debug() that fired with every keypress;
     ok dtucker deraadt
   - dtucker@@cvs.openbsd.org 2010/01/12 01:31:05
     [session.c]
     Do not allow logins if /etc/nologin exists but is not readable by the user
     logging in.  Noted by Jan.Pechanec at Sun, ok djm@@ deraadt@@
   - djm@@cvs.openbsd.org 2010/01/12 01:36:08
     [buffer.h bufaux.c]
     add a buffer_get_string_ptr_ret() that does the same as
     buffer_get_string_ptr() but does not fatal() on error; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2010/01/12 08:33:17
     [session.c]
     Add explicit stat so we reliably detect nologin with bad perms.
     ok djm markus

20100110
 - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c]
   Remove hacks add for RoutingDomain in preparation for its removal.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2010/01/09 23:04:13
     [channels.c ssh.1 servconf.c sshd_config.5 sshd.c channels.h servconf.h
     ssh-keyscan.1 ssh-keyscan.c readconf.c sshconnect.c misc.c ssh.c
     readconf.h scp.1 sftp.1 ssh_config.5 misc.h]
     Remove RoutingDomain from ssh since it's now not needed.  It can be
     replaced with "route exec" or "nc -V" as a proxycommand.  "route exec"
     also ensures that trafic such as DNS lookups stays withing the specified
     routingdomain.  For example (from reyk):
     # route -T 2 exec /usr/sbin/sshd
     or inherited from the parent process
     $ route -T 2 exec sh
     $ ssh 10.1.2.3
     ok deraadt@@ markus@@ stevesk@@ reyk@@
   - dtucker@@cvs.openbsd.org 2010/01/10 03:51:17
     [servconf.c]
     Add ChrootDirectory to sshd.c test-mode output
   - dtucker@@cvs.openbsd.org 2010/01/10 07:15:56
     [auth.c]
     Output a debug if we can't open an existing keyfile.  bz#1694, ok djm@@

20100109
 - (dtucker) Wrap use of IPPROTO_IPV6 in an ifdef for platforms that don't
   have it.
 - (dtucker) [defines.h] define PRIu64 for platforms that don't have it.
 - (dtucker) [roaming_client.c] Wrap inttypes.h in an ifdef.
 - (dtucker) [loginrec.c] Use the SUSv3 specified name for the user name
   when using utmpx.  Patch from Ed Schouten.
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/01/09 00:20:26
     [sftp-server.c sftp-server.8]
     add a 'read-only' mode to sftp-server(8) that disables open in write mode
     and all other fs-modifying protocol methods. bz#430 ok dtucker@@
   - djm@@cvs.openbsd.org 2010/01/09 00:57:10
     [PROTOCOL]
     tweak language
   - jmc@@cvs.openbsd.org 2010/01/09 03:36:00
     [sftp-server.8]
     bad place to forget a comma...
   - djm@@cvs.openbsd.org 2010/01/09 05:04:24
     [mux.c sshpty.h clientloop.c sshtty.c]
     quell tc[gs]etattr warnings when forcing a tty (ssh -tt), since we
     usually don't actually have a tty to read/set; bz#1686 ok dtucker@@
   - dtucker@@cvs.openbsd.org 2010/01/09 05:17:00
     [roaming_client.c]
     Remove a PRIu64 format string that snuck in with roaming.  ok djm@@
   - dtucker@@cvs.openbsd.org 2010/01/09 11:13:02
     [sftp.c]
     Prevent sftp from derefing a null pointer when given a "-" without a
     command.  Also, allow whitespace to follow a "-".  bz#1691, path from
     Colin Watson via Debian.  ok djm@@ deraadt@@
   - dtucker@@cvs.openbsd.org 2010/01/09 11:17:56
     [sshd.c]
     Afer sshd receives a SIGHUP, ignore subsequent HUPs while sshd re-execs
     itself.  Prevents two HUPs in quick succession from resulting in sshd
     dying.  bz#1692, patch from Colin Watson via Ubuntu.
 - (dtucker) [defines.h] Remove now-undeeded PRIu64 define.

20100108
 - (dtucker) OpenBSD CVS Sync
   - andreas@@cvs.openbsd.org 2009/10/24 11:11:58
     [roaming.h]
     Declarations needed for upcoming changes.
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/10/24 11:13:54
     [sshconnect2.c kex.h kex.c]
     Let the client detect if the server supports roaming by looking
     for the resume@@appgate.com kex algorithm.
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/10/24 11:15:29
     [clientloop.c]
     client_loop() must detect if the session has been suspended and resumed,
     and take appropriate action in that case.
     From Martin Forssen, maf at appgate dot com
   - andreas@@cvs.openbsd.org 2009/10/24 11:19:17
     [ssh2.h]
     Define the KEX messages used when resuming a suspended connection.
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/10/24 11:22:37
     [roaming_common.c]
     Do the actual suspend/resume in the client. This won't be useful until
     the server side supports roaming.
     Most code from Martin Forssen, maf at appgate dot com. Some changes by
     me and markus@@
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/10/24 11:23:42
     [ssh.c]
     Request roaming to be enabled if UseRoaming is true and the server
     supports it.
     ok markus@@
   - reyk@@cvs.openbsd.org 2009/10/28 16:38:18
     [ssh_config.5 sshd.c misc.h ssh-keyscan.1 readconf.h sshconnect.c
     channels.c channels.h servconf.h servconf.c ssh.1 ssh-keyscan.c scp.1
     sftp.1 sshd_config.5 readconf.c ssh.c misc.c]
     Allow to set the rdomain in ssh/sftp/scp/sshd and ssh-keyscan.
     ok markus@@
   - jmc@@cvs.openbsd.org 2009/10/28 21:45:08
     [sshd_config.5 sftp.1]
     tweak previous;
   - djm@@cvs.openbsd.org 2009/11/10 02:56:22
     [ssh_config.5]
     explain the constraints on LocalCommand some more so people don't
     try to abuse it.
   - djm@@cvs.openbsd.org 2009/11/10 02:58:56
     [sshd_config.5]
     clarify that StrictModes does not apply to ChrootDirectory. Permissions
     and ownership are always checked when chrooting. bz#1532
   - dtucker@@cvs.openbsd.org 2009/11/10 04:30:45
     [sshconnect2.c channels.c sshconnect.c]
     Set close-on-exec on various descriptors so they don't get leaked to
     child processes.  bz #1643, patch from jchadima at redhat, ok deraadt.
   - markus@@cvs.openbsd.org 2009/11/11 21:37:03
     [channels.c channels.h]
     fix race condition in x11/agent channel allocation: don't read after
     the end of the select read/write fdset and make sure a reused FD
     is not touched before the pre-handlers are called.
     with and ok djm@@
   - djm@@cvs.openbsd.org 2009/11/17 05:31:44
     [clientloop.c]
     fix incorrect exit status when multiplexing and channel ID 0 is recycled
     bz#1570 reported by peter.oliver AT eon-is.co.uk; ok dtucker
   - djm@@cvs.openbsd.org 2009/11/19 23:39:50
     [session.c]
     bz#1606: error when an attempt is made to connect to a server
     with ForceCommand=internal-sftp with a shell session (i.e. not a
     subsystem session). Avoids stuck client when attempting to ssh to such a
     service. ok dtucker@@
   - dtucker@@cvs.openbsd.org 2009/11/20 00:15:41
     [session.c]
     Warn but do not fail if stat()ing the subsystem binary fails.  This helps
     with chrootdirectory+forcecommand=sftp-server and restricted shells.
     bz #1599, ok djm.
   - djm@@cvs.openbsd.org 2009/11/20 00:54:01
     [sftp.c]
     bz#1588 change "Connecting to host..." message to "Connected to host."
     and delay it until after the sftp protocol connection has been established.
     Avoids confusing sequence of messages when the underlying ssh connection
     experiences problems. ok dtucker@@
   - dtucker@@cvs.openbsd.org 2009/11/20 00:59:36
     [sshconnect2.c]
     Use the HostKeyAlias when prompting for passwords.  bz#1039, ok djm@@
   - djm@@cvs.openbsd.org 2009/11/20 03:24:07
     [misc.c]
     correct off-by-one in percent_expand(): we would fatal() when trying
     to expand EXPAND_MAX_KEYS, allowing only EXPAND_MAX_KEYS-1 to actually
     work.  Note that nothing in OpenSSH actually uses close to this limit at
     present.  bz#1607 from Jan.Pechanec AT Sun.COM
   - halex@@cvs.openbsd.org 2009/11/22 13:18:00
     [sftp.c]
     make passing of zero-length arguments to ssh safe by
     passing "-<switch>" "<value>" rather than "-<switch><value>"
     ok dtucker@@, guenther@@, djm@@
   - dtucker@@cvs.openbsd.org 2009/12/06 23:41:15
     [sshconnect2.c]
     zap unused variable and strlen; from Steve McClellan, ok djm
   - djm@@cvs.openbsd.org 2009/12/06 23:53:45
     [roaming_common.c]
     use socklen_t for getsockopt optlen parameter; reported by
     Steve.McClellan AT radisys.com, ok dtucker@@
   - dtucker@@cvs.openbsd.org 2009/12/06 23:53:54
     [sftp.c]
     fix potential divide-by-zero in sftp's "df" output when talking to a server
     that reports zero files on the filesystem (Unix filesystems always have at
     least the root inode).  From Steve McClellan at radisys, ok djm@@
   - markus@@cvs.openbsd.org 2009/12/11 18:16:33
     [key.c]
     switch from 35 to the more common value of RSA_F4 == (2**16)+1 == 65537
     for the RSA public exponent; discussed with provos; ok djm@@
   - guenther@@cvs.openbsd.org 2009/12/20 07:28:36
     [ssh.c sftp.c scp.c]
     When passing user-controlled options with arguments to other programs,
     pass the option and option argument as separate argv entries and
     not smashed into one (e.g., as -l foo and not -lfoo).  Also, always
     pass a "--" argument to stop option parsing, so that a positional
     argument that starts with a '-' isn't treated as an option.  This
     fixes some error cases as well as the handling of hostnames and
     filenames that start with a '-'.
     Based on a diff by halex@@
     ok halex@@ djm@@ deraadt@@
   - djm@@cvs.openbsd.org 2009/12/20 23:20:40
     [PROTOCOL]
     fix an incorrect magic number and typo in PROTOCOL; bz#1688
     report and fix from ueno AT unixuser.org
   - stevesk@@cvs.openbsd.org 2009/12/25 19:40:21
     [readconf.c servconf.c misc.h ssh-keyscan.c misc.c]
     validate routing domain is in range 0-RT_TABLEID_MAX.
     'Looks right' deraadt@@
   - stevesk@@cvs.openbsd.org 2009/12/29 16:38:41
     [sshd_config.5 readconf.c ssh_config.5 scp.1 servconf.c sftp.1 ssh.1]
     Rename RDomain config option to RoutingDomain to be more clear and
     consistent with other options.
     NOTE: if you currently use RDomain in the ssh client or server config,
     or ssh/sshd -o, you must update to use RoutingDomain.
     ok markus@@ djm@@
   - jmc@@cvs.openbsd.org 2009/12/29 18:03:32
     [sshd_config.5 ssh_config.5]
     sort previous;
   - dtucker@@cvs.openbsd.org 2010/01/04 01:45:30
     [sshconnect2.c]
     Don't escape backslashes in the SSH2 banner.  bz#1533, patch from
     Michal Gorny via Gentoo.
   - djm@@cvs.openbsd.org 2010/01/04 02:03:57
     [sftp.c]
     Implement tab-completion of commands, local and remote filenames for sftp.
     Hacked on and off for some time by myself, mouring, Carlos Silva (via 2009
     Google Summer of Code) and polished to a fine sheen by myself again.
     It should deal more-or-less correctly with the ikky corner-cases presented
     by quoted filenames, but the UI could still be slightly improved.
     In particular, it is quite slow for remote completion on large directories.
     bz#200; ok markus@@
   - djm@@cvs.openbsd.org 2010/01/04 02:25:15
     [sftp-server.c]
     bz#1566 don't unnecessarily dup() in and out fds for sftp-server;
     ok markus@@
   - dtucker@@cvs.openbsd.org 2010/01/08 21:50:49
     [sftp.c]
     Fix two warnings: possibly used unitialized and use a nul byte instead of
     NULL pointer.  ok djm@@
 - (dtucker) [Makefile.in added roaming_client.c roaming_serv.c] Import new
   files for roaming and add to Makefile.
 - (dtucker) [Makefile.in] .c files do not belong in the OBJ lines.
 - (dtucker) [sftp.c] ifdef out the sftp completion bits for platforms that
   don't have libedit.
 - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c] Make
   RoutingDomain an unsupported option on platforms that don't have it.
 - (dtucker) [sftp.c] Expand ifdef for libedit to cover complete_is_remote
   too.
 - (dtucker) [misc.c] Move the routingdomain ifdef to allow the socket to
   be created.
 - (dtucker] [misc.c] Shrink the area covered by USE_ROUTINGDOMAIN more
   to eliminate an unused variable warning.
 - (dtucker) [roaming_serv.c] Include includes.h for u_intXX_t types.

20091226
 - (tim) [contrib/cygwin/Makefile] Install ssh-copy-id and ssh-copy-id.1
   Gzip all man pages. Patch from Corinna Vinschen.

20091221
 - (dtucker) [auth-krb5.c platform.{c,h} openbsd-compat/port-aix.{c,h}]
   Bug #1583: Use system's kerberos principal name on AIX if it's available.
   Based on a patch from and tested by Miguel Sanders 

20091208
 - (dtucker) Bug #1470: Disable OOM-killing of the listening sshd on Linux,
   based on a patch from Vaclav Ovsik and Colin Watson.  ok djm.

20091207
 - (dtucker) Bug #1160: use pkg-config for opensc config if it's available.
   Tested by Martin Paljak.
 - (dtucker) Bug #1677: add conditionals around the source for ssh-askpass.

20091121
 - (tim) [opensshd.init.in] If PidFile is set in sshd_config, use it.
   Bug 1628. OK dtucker@@

20091120
 - (djm) [ssh-rand-helper.c] Print error and usage() when passed command-
   line arguments as none are supported. Exit when passed unrecognised
   commandline flags. bz#1568 from gson AT araneus.fi

20091118
 - (djm) [channels.c misc.c misc.h sshd.c] add missing setsockopt() to
   set IPV6_V6ONLY for local forwarding with GatwayPorts=yes. Unify
   setting IPV6_V6ONLY behind a new function misc.c:sock_set_v6only()
   bz#1648, report and fix from jan.kratochvil AT redhat.com
 - (djm) [contrib/gnome-ssh-askpass2.c] Make askpass dialog desktop-modal.
   bz#1645, patch from jchadima AT redhat.com

20091107
 - (dtucker) [authfile.c] Fall back to 3DES for the encryption of private
    keys when built with OpenSSL versions that don't do AES.

20091105
 - (dtucker) [authfile.c] Add OpenSSL compat header so this still builds with
   older versions of OpenSSL.

20091024
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2009/10/11 23:03:15
     [hostfile.c]
     mention the host name that we are looking for in check_host_in_hostfile()
   - sobrado@@cvs.openbsd.org 2009/10/17 12:10:39
     [sftp-server.c]
     sort flags.
   - sobrado@@cvs.openbsd.org 2009/10/22 12:35:53
     [ssh.1 ssh-agent.1 ssh-add.1]
     use the UNIX-related macros (.At and .Ux) where appropriate.
     ok jmc@@
   - sobrado@@cvs.openbsd.org 2009/10/22 15:02:12
     [ssh-agent.1 ssh-add.1 ssh.1]
     write UNIX-domain in a more consistent way; while here, replace a
     few remaining ".Tn UNIX" macros with ".Ux" ones.
     pointed out by ratchov@@, thanks!
     ok jmc@@
   - djm@@cvs.openbsd.org 2009/10/22 22:26:13
     [authfile.c]
     switch from 3DES to AES-128 for encryption of passphrase-protected
     SSH protocol 2 private keys; ok several
   - djm@@cvs.openbsd.org 2009/10/23 01:57:11
     [sshconnect2.c]
     disallow a hostile server from checking jpake auth by sending an
     out-of-sequence success message. (doesn't affect code enabled by default)
   - dtucker@@cvs.openbsd.org 2009/10/24 00:48:34
     [ssh-keygen.1]
     ssh-keygen now uses AES-128 for private keys
 - (dtucker) [mdoc2man.awk] Teach it to understand the .Ux macro.
 - (dtucker) [session.c openbsd-compat/port-linux.{c,h}] Bug #1637: if selinux
   is enabled set the security context to "sftpd_t" before running the
   internal sftp server   Based on a patch from jchadima at redhat.

20091011
 - (dtucker) [configure.ac sftp-client.c] Remove the gyrations required for
   dirent d_type and DTTOIF as we've switched OpenBSD to the more portable
   lstat.
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2009/10/08 14:03:41
     [sshd_config readconf.c ssh_config.5 servconf.c sshd_config.5]
     disable protocol 1 by default (after a transition period of about 10 years)
     ok deraadt
   - jmc@@cvs.openbsd.org 2009/10/08 20:42:12
     [sshd_config.5 ssh_config.5 sshd.8 ssh.1]
     some tweaks now that protocol 1 is not offered by default; ok markus
   - dtucker@@cvs.openbsd.org 2009/10/11 10:41:26
     [sftp-client.c]
     d_type isn't portable so use lstat to get dirent modes.  Suggested by and
     "looks sane" deraadt@@
   - markus@@cvs.openbsd.org 2009/10/08 18:04:27
     [regress/test-exec.sh]
     re-enable protocol v1 for the tests.

20091007
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2009/08/12 00:13:00
     [sftp.c sftp.1]
     support most of scp(1)'s commandline arguments in sftp(1), as a first
     step towards making sftp(1) a drop-in replacement for scp(1).
     One conflicting option (-P) has not been changed, pending further
     discussion.
     Patch from carlosvsilvapt@@gmail.com as part of his work in the
     Google Summer of Code
  - jmc@@cvs.openbsd.org 2009/08/12 06:31:42
     [sftp.1]
     sort options;
   - djm@@cvs.openbsd.org 2009/08/13 01:11:19
     [sftp.1 sftp.c]
     Swizzle options: "-P sftp_server_path" moves to "-D sftp_server_path",
     add "-P port" to match scp(1). Fortunately, the -P option is only really
     used by our regression scripts.
     part of larger patch from carlosvsilvapt@@gmail.com for his Google Summer
     of Code work; ok deraadt markus
   - jmc@@cvs.openbsd.org 2009/08/13 13:39:54
     [sftp.1 sftp.c]
     sync synopsis and usage();
   - djm@@cvs.openbsd.org 2009/08/14 18:17:49
     [sftp-client.c]
     make the "get_handle: ..." error messages vaguely useful by allowing
     callers to specify their own error message strings.
   - fgsch@@cvs.openbsd.org 2009/08/15 18:56:34
     [auth.h]
     remove unused define. markus@@ ok.
     (Id sync only, Portable still uses this.)
   - dtucker@@cvs.openbsd.org 2009/08/16 23:29:26
     [sshd_config.5]
     Add PubkeyAuthentication to the list allowed in a Match block (bz #1577)
   - djm@@cvs.openbsd.org 2009/08/18 18:36:21
     [sftp-client.h sftp.1 sftp-client.c sftp.c]
     recursive transfer support for get/put and on the commandline
     work mostly by carlosvsilvapt@@gmail.com for the Google Summer of Code
     with some tweaks by me; "go for it" deraadt@@
  - djm@@cvs.openbsd.org 2009/08/18 21:15:59
     [sftp.1]
     fix "get" command usage, spotted by jmc@@
   - jmc@@cvs.openbsd.org 2009/08/19 04:56:03
     [sftp.1]
     ether -> either;
   - dtucker@@cvs.openbsd.org 2009/08/20 23:54:28
     [mux.c]
     subsystem_flag is defined in ssh.c so it's extern; ok djm
   - djm@@cvs.openbsd.org 2009/08/27 17:28:52
     [sftp-server.c]
     allow setting an explicit umask on the commandline to override whatever
     default the user has. bz#1229; ok dtucker@@ deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2009/08/27 17:33:49
     [ssh-keygen.c]
     force use of correct hash function for random-art signature display
     as it was inheriting the wrong one when bubblebabble signatures were
     activated; bz#1611 report and patch from fwojcik+openssh AT besh.com;
     ok markus@@
   - djm@@cvs.openbsd.org 2009/08/27 17:43:00
     [sftp-server.8]
     allow setting an explicit umask on the commandline to override whatever
     default the user has. bz#1229; ok dtucker@@ deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2009/08/27 17:44:52
     [authfd.c ssh-add.c authfd.h]
     Do not fall back to adding keys without contraints (ssh-add -c / -t ...)
     when the agent refuses the constrained add request. This was a useful
     migration measure back in 2002 when constraints were new, but just
     adds risk now.
     bz #1612, report and patch from dkg AT fifthhorseman.net; ok markus@@
   - djm@@cvs.openbsd.org 2009/08/31 20:56:02
     [sftp-server.c]
     check correct variable for error message, spotted by martynas@@
   - djm@@cvs.openbsd.org 2009/08/31 21:01:29
     [sftp-server.8]
     document -e and -h; prodded by jmc@@
   - djm@@cvs.openbsd.org 2009/09/01 14:43:17
     [ssh-agent.c]
     fix a race condition in ssh-agent that could result in a wedged or
     spinning agent: don't read off the end of the allocated fd_sets, and
     don't issue blocking read/write on agent sockets - just fall back to
     select() on retriable read/write errors. bz#1633 reported and tested
     by "noodle10000 AT googlemail.com"; ok dtucker@@ markus@@
   - grunk@@cvs.openbsd.org 2009/10/01 11:37:33
     [dh.c]
     fix a cast
     ok djm@@ markus@@
   - djm@@cvs.openbsd.org 2009/10/06 04:46:40
     [session.c]
     bz#1596: fflush(NULL) before exec() to ensure that everying (motd
     in particular) has made it out before the streams go away.
   - djm@@cvs.openbsd.org 2008/12/07 22:17:48
     [regress/addrmatch.sh]
     match string "passwordauthentication" only at start of line, not anywhere
     in sshd -T output
   - dtucker@@cvs.openbsd.org 2009/05/05 07:51:36
     [regress/multiplex.sh]
     Always specify ssh_config for multiplex tests: prevents breakage caused
     by options in ~/.ssh/config.  From Dan Peterson.
   - djm@@cvs.openbsd.org 2009/08/13 00:57:17
     [regress/Makefile]
     regression test for port number parsing. written as part of the a2port
     change that went into 5.2 but I forgot to commit it at the time...
   - djm@@cvs.openbsd.org 2009/08/13 01:11:55
     [regress/sftp-batch.sh regress/sftp-badcmds.sh regress/sftp.sh
     regress/sftp-cmds.sh regres/sftp-glob.sh]
     date: 2009/08/13 01:11:19;  author: djm;  state: Exp;  lines: +10 -7
     Swizzle options: "-P sftp_server_path" moves to "-D sftp_server_path",
     add "-P port" to match scp(1). Fortunately, the -P option is only really
     used by our regression scripts.
     part of larger patch from carlosvsilvapt@@gmail.com for his Google Summer
     of Code work; ok deraadt markus
   - djm@@cvs.openbsd.org 2009/08/20 18:43:07
     [regress/ssh-com-sftp.sh]
     fix one sftp -D ... => sftp -P ... conversion that I missed; from Carlos
     Silva for Google Summer of Code
   - dtucker@@cvs.openbsd.org 2009/10/06 23:51:49
     [regress/ssh2putty.sh]
     Add OpenBSD tag to make syncs easier
 - (dtucker) [regress/portnum.sh] Import new test.
 - (dtucker) [configure.ac sftp-client.c] DTOTIF is in fs/ffs/dir.h on at
   least dragonflybsd.
 - (dtucker) d_type is not mandated by POSIX, so add fallback code using
    stat(), needed on at least cygwin.

20091002
 - (djm) [Makefile.in] Mention readconf.o in ssh-keysign's make deps.
   spotted by des AT des.no

20090926
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
         [contrib/suse/openssh.spec] Update for release
 - (djm) [README] update relnotes URL
 - (djm) [packet.c] Restore EWOULDBLOCK handling that got lost somewhere
 - (djm) Release 5.3p1

20090911
 - (dtucker) [configure.ac] Change the -lresolv check so it works on Mac OS X
   10.6 (which doesn't have BIND8_COMPAT and thus uses res_9_query).  Patch
   from jbasney at ncsa uiuc edu.

20090908
 - (djm) [serverloop.c] Fix test for server-assigned remote forwarding port
   (-R 0:...); bz#1578, spotted and fix by gavin AT emf.net; ok dtucker@@

20090901
 - (dtucker) [configure.ac] Bug #1639: use AC_PATH_PROG to search the path for
   krb5-config if it's not in the location specified by --with-kerberos5.
   Patch from jchadima at redhat.

20090829
 - (dtucker) [README.platform] Add text about development packages, based on
   text from Chris Pepper in bug #1631.

20090828
 - dtucker [auth-sia.c] Roll back the change for bug #1241 as it apparently
   causes problems in some Tru64 configurations.
 - (djm) [sshd_config.5] downgrade mention of login.conf to be an example
   and mention PAM as another provider for ChallengeResponseAuthentication;
   bz#1408; ok dtucker@@
 - (djm) [sftp-server.c] bz#1535: accept ENOSYS as a fallback error when
   attempting atomic rename(); ok dtucker@@
 - (djm) [Makefile.in] bz#1505: Solaris make(1) doesn't accept make variables
   in argv, so pass them in the environment; ok dtucker@@
 - (dtucker) [channels.c configure.ac] Bug #1528: skip the tcgetattr call on
    the pty master on Solaris, since it never succeeds and can hang if large
    amounts of data is sent to the slave (eg a copy-paste).  Based on a patch
    originally from Doke Scott, ok djm@@
 - (dtucker) [clientloop.c configure.ac defines.h] Make the client's IO buffer
   size a compile-time option and set it to 64k on Cygwin, since Corinna
   reports that it makes a significant difference to performance.  ok djm@@
 - (dtucker) [configure.ac] Fix the syntax of the Solaris tcgetattr entry.

20090820
 - (dtucker) [includes.h] Bug #1634: do not include system glob.h if we're not
   using it since the type conflicts can cause problems on FreeBSD.  Patch
   from Jonathan Chen.
 - (dtucker) [session.c openbsd-compat/port-aix.h] Bugs #1249 and #1567: move
   the setpcred call on AIX to immediately before the permanently_set_uid().
   Ensures that we still have privileges when we call chroot and
   pam_open_sesson.  Based on a patch from David Leonard.

20090817
 - (dtucker) [configure.ac] Check for headers before libraries for openssl an
   zlib, which should make the errors slightly more meaningful on platforms
   where there's separate "-devel" packages for those.
 - (dtucker) [sshlogin.c openbsd-compat/port-aix.{c,h}] Bug #1595: make
   PrintLastLog work on AIX.  Based in part on a patch from Miguel Sanders.

20090729
 - (tim) [contrib/cygwin/ssh-user-config] Change script to call correct error
   function. Patch from Corinna Vinschen.

20090713
 - (dtucker) [openbsd-compat/getrrsetbyname.c] Reduce answer buffer size so it
   fits into 16 bits to work around a bug in glibc's resolver where it masks
   off the buffer size at 16 bits.  Patch from Hauke Lampe, ok djm jakob.

20090712
 - (dtucker) [configure.ac] Include sys/param.h for the sys/mount.h test,
   prevents configure complaining on older BSDs.
 - (dtucker [contrib/cygwin/ssh-{host,user}-config] Add license text. Patch
   from Corinna Vinschen.
 - (dtucker) [auth-pam.c] Bug #1534: move the deletion of PAM credentials on
   logout to after the session close.  Patch from Anicka Bernathova,
   originally from Andreas Schwab via Novelll ok djm.

20090707
 - (dtucker) [contrib/cygwin/ssh-host-config] better support for automated
   scripts and fix usage of eval.  Patch from Corinna Vinschen.

20090705
 - (dtucker) OpenBSD CVS Sync
   - andreas@@cvs.openbsd.org 2009/06/27 09:29:06
     [packet.h packet.c]
     packet_bacup_state() and packet_restore_state() will be used to
     temporarily save the current state ren resuming a suspended connection.
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/06/27 09:32:43
     [roaming_common.c roaming.h]
     It may be necessary to retransmit some data when resuming, so add it
     to a buffer when roaming is enabled.
     Most of this code was written by Martin Forssen, maf at appgate dot com.
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/06/27 09:35:06
     [readconf.h readconf.c]
     Add client option UseRoaming. It doesn't do anything yet but will
     control whether the client tries to use roaming if enabled on the
     server. From Martin Forssen.
     ok markus@@
   - markus@@cvs.openbsd.org 2009/06/30 14:54:40
     [version.h]
     crank version; ok deraadt
   - dtucker@@cvs.openbsd.org 2009/07/02 02:11:47
     [ssh.c]
     allow for long home dir paths (bz #1615).  ok deraadt
     (based in part on a patch from jchadima at redhat)
   - stevesk@@cvs.openbsd.org 2009/07/05 19:28:33
     [clientloop.c]
     only send SSH2_MSG_DISCONNECT if we're in compat20; from dtucker@@
     ok deraadt@@ markus@@

20090622
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2009/06/22 05:39:28
     [monitor_wrap.c monitor_mm.c ssh-keygen.c auth2.c gss-genr.c sftp-client.c]
     alphabetize includes; reduces diff vs portable and style(9).
     ok stevesk djm
     (Id sync only; these were already in order in -portable)

20090621
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2009/03/17 21:37:00
     [ssh.c]
     pass correct argv[0] to openlog(); ok djm@@
  - jmc@@cvs.openbsd.org 2009/03/19 15:15:09
     [ssh.1]
     for "Ciphers", just point the reader to the keyword in ssh_config(5), just
     as we do for "MACs": this stops us getting out of sync when the lists
     change;
     fixes documentation/6102, submitted by Peter J. Philipp
     alternative fix proposed by djm
     ok markus
   - tobias@@cvs.openbsd.org 2009/03/23 08:31:19
     [ssh-agent.c]
     Fixed a possible out-of-bounds memory access if the environment variable
     SHELL is shorter than 3 characters.
     with input by and ok dtucker
   - tobias@@cvs.openbsd.org 2009/03/23 19:38:04
     [ssh-agent.c]
     My previous commit didn't fix the problem at all, so stick at my first
     version of the fix presented to dtucker.
     Issue notified by Matthias Barkhoff (matthias dot barkhoff at gmx dot de).
     ok dtucker
   - sobrado@@cvs.openbsd.org 2009/03/26 08:38:39
     [sftp-server.8 sshd.8 ssh-agent.1]
     fix a few typographical errors found by spell(1).
     ok dtucker@@, jmc@@
   - stevesk@@cvs.openbsd.org 2009/04/13 19:07:44
     [sshd_config.5]
     fix possessive; ok djm@@
   - stevesk@@cvs.openbsd.org 2009/04/14 16:33:42
     [sftp-server.c]
     remove unused option character from getopt() optstring; ok markus@@
   - jj@@cvs.openbsd.org 2009/04/14 21:10:54
     [servconf.c]
     Fixed a few the-the misspellings in comments. Skipped a bunch in
     binutils,gcc and so on. ok jmc@@
   - stevesk@@cvs.openbsd.org 2009/04/17 19:23:06
     [session.c]
     use INTERNAL_SFTP_NAME for setproctitle() of in-process sftp-server;
     ok djm@@ markus@@
   - stevesk@@cvs.openbsd.org 2009/04/17 19:40:17
     [sshd_config.5]
     clarify that even internal-sftp needs /dev/log for logging to work; ok
     markus@@
   - jmc@@cvs.openbsd.org 2009/04/18 18:39:10
     [sshd_config.5]
     tweak previous; ok stevesk
   - stevesk@@cvs.openbsd.org 2009/04/21 15:13:17
     [sshd_config.5]
     clarify we cd to user's home after chroot; ok markus@@ on
     earlier version; tweaks and ok jmc@@
   - andreas@@cvs.openbsd.org 2009/05/25 06:48:01
     [channels.c packet.c clientloop.c packet.h serverloop.c monitor_wrap.c
     monitor.c]
     Put the globals in packet.c into a struct and don't access it directly
     from other files. No functional changes.
     ok markus@@ djm@@
   - andreas@@cvs.openbsd.org 2009/05/27 06:31:25
     [canohost.h canohost.c]
     Add clear_cached_addr(), needed for upcoming changes allowing the peer
     address to change.
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/05/27 06:33:39
     [clientloop.c]
     Send SSH2_MSG_DISCONNECT when the client disconnects. From a larger
     change from Martin Forssen, maf at appgate dot com.
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/05/27 06:34:36
     [kex.c kex.h]
     Move the KEX_COOKIE_LEN define to kex.h
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/05/27 06:36:07
     [packet.h packet.c]
     Add packet_put_int64() and packet_get_int64(), part of a larger change
     from Martin Forssen.
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/05/27 06:38:16
     [sshconnect.h sshconnect.c]
     Un-static ssh_exchange_identification(), part of a larger change from
     Martin Forssen and needed for upcoming changes.
     ok markus@@
   - andreas@@cvs.openbsd.org 2009/05/28 16:50:16
     [sshd.c packet.c serverloop.c monitor_wrap.c clientloop.c sshconnect.c
     monitor.c Added roaming.h roaming_common.c roaming_dummy.c]
     Keep track of number of bytes read and written. Needed for upcoming
     changes. Most code from Martin Forssen, maf at appgate dot com.
     ok markus@@
     Also, applied appropriate changes to Makefile.in
   - andreas@@cvs.openbsd.org 2009/06/12 20:43:22
     [monitor.c packet.c]
     Fix warnings found by chl@@ and djm@@ and change roaming_atomicio's
     return type to match atomicio's
     Diff from djm@@, ok markus@@
   - andreas@@cvs.openbsd.org 2009/06/12 20:58:32
     [packet.c]
     Move some more statics into session_state
     ok markus@@ djm@@
   - dtucker@@cvs.openbsd.org 2009/06/21 07:37:15
     [kexdhs.c kexgexs.c]
     abort if key_sign fails, preventing possible null deref.  Based on report
     from Paolo Ganci, ok markus@@ djm@@
   - dtucker@@cvs.openbsd.org 2009/06/21 09:04:03
     [roaming.h roaming_common.c roaming_dummy.c]
     Add  tags for the benefit of the sync scripts
     Also: pull in the changes for 1.1->1.2 missed in the previous sync.
 - (dtucker) [auth2-jpake.c auth2.c canohost.h session.c] Whitespace and
   header-order changes to reduce diff vs OpenBSD.
 - (dtucker) [servconf.c sshd.c] More whitespace sync.
 - (dtucker) [roaming_common.c roaming_dummy.c] Wrap #include <inttypes.h> in
   ifdef.

20090616
 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t
   is a struct with a __val member.  Fixes build on, eg, Redhat 6.2.

20090504
 - (dtucker) [sshlogin.c] Move the NO_SSH_LASTLOG #ifndef line to include
   variable declarations.  Should prevent unused warnings anywhere it's set
   (only Crays as far as I can tell) and be a no-op everywhere else.

20090318
 - (tim) [configure.ac] Remove setting IP_TOS_IS_BROKEN for Cygwin. The problem
   that setsockopt(IP_TOS) doesn't work on Cygwin has been fixed since 2005.
   Based on patch from vinschen at redhat com.

20090308
 - (dtucker) [auth-passwd.c auth1.c auth2-kbdint.c auth2-none.c auth2-passwd.c
   auth2-pubkey.c session.c openbsd-compat/bsd-cygwin_util.{c,h}
   openbsd-compat/daemon.c] Remove support for Windows 95/98/ME and very old
   version of Cygwin.  Patch from vinschen at redhat com.

20090307
 - (dtucker) [contrib/aix/buildbff.sh] Only try to rename ssh_prng_cmds if it
   exists (it's not created if OpenSSL's PRNG is self-seeded, eg if the OS
   has a /dev/random).
 - (dtucker) [schnorr.c openbsd-compat/openssl-compat.{c,h}] Add
   EVP_DigestUpdate to the OLD_EVP compatibility functions and tell schnorr.c
   to use them.  Allows building with older OpenSSL versions.
 - (dtucker) [configure.ac defines.h] Check for in_port_t and typedef if needed.
 - (dtucker) [configure.ac] Missing comma in type list.
 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}]
   EVP_DigestUpdate does not exactly match the other OLD_EVP functions (eg
   in openssl 0.9.6) so add an explicit test for it.

20090306
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2009/03/05 07:18:19
     [auth2-jpake.c jpake.c jpake.h monitor_wrap.c monitor_wrap.h schnorr.c]
     [sshconnect2.c]
     refactor the (disabled) Schnorr proof code to make it a little more
     generally useful
   - djm@@cvs.openbsd.org 2009/03/05 11:30:50
     [uuencode.c]
     document what these functions do so I don't ever have to recuse into
     b64_pton/ntop to remember their return values

@


1.3.2.2
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/247521
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d1 1
a1 13
20120828
 - (djm) Release openssh-6.1

20120828
 - (dtucker) [openbsd-compat/bsd-cygwin_util.h] define WIN32_LEAN_AND_MEAN
   for compatibility with future mingw-w64 headers.  Patch from vinschen at
   redhat com.

20120822
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Update version numbers

20120731
d3 1
a3 1
   - jmc@@cvs.openbsd.org 2012/07/06 06:38:03
d5 7
a11 11
     missing full stop in usage();
   - djm@@cvs.openbsd.org 2012/07/10 02:19:15
     [servconf.c servconf.h sshd.c sshd_config]
     Turn on systrace sandboxing of pre-auth sshd by default for new installs
     by shipping a config that overrides the current UsePrivilegeSeparation=yes
     default. Make it easier to flip the default in the future by adding too.
     prodded markus@@ feedback dtucker@@ "get it in" deraadt@@
   - dtucker@@cvs.openbsd.org 2012/07/13 01:35:21
     [servconf.c]
     handle long comments in config files better.  bz#2025, ok markus
   - markus@@cvs.openbsd.org 2012/07/22 18:19:21
d13 4
a16 1
     openssh 6.1
d18 15
a32 2
20120720
 - (dtucker) Import regened moduli file.
d34 85
a118 60
20120706
 - (djm) [sandbox-seccomp-filter.c] fallback to rlimit if seccomp filter is
   not available. Allows use of sshd compiled on host with a filter-capable
   kernel on hosts that lack the support. bz#2011 ok dtucker@@
 - (djm) [configure.ac] Recursively expand $(bindir) to ensure it has no
   unexpanded $(prefix) embedded. bz#2007 patch from nix-corp AT
   esperi.org.uk; ok dtucker@@
- (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/07/06 00:41:59
     [moduli.c ssh-keygen.1 ssh-keygen.c]
     Add options to specify starting line number and number of lines to process
     when screening moduli candidates.  This allows processing of different
     parts of a candidate moduli file in parallel.  man page help jmc@@, ok djm@@
   - djm@@cvs.openbsd.org 2012/07/06 01:37:21
     [mux.c]
     fix memory leak of passed-in environment variables and connection
     context when new session message is malformed; bz#2003 from Bert.Wesarg
     AT googlemail.com
   - djm@@cvs.openbsd.org 2012/07/06 01:47:38
     [ssh.c]
     move setting of tty_flag to after config parsing so RequestTTY options
     are correctly picked up. bz#1995 patch from przemoc AT gmail.com;
     ok dtucker@@

20120704
 - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] Add setlinebuf for
   platforms that don't have it.  "looks good" tim@@

20120703
 - (dtucker) [configure.ac] Detect platforms that can't use select(2) with
   setrlimit(RLIMIT_NOFILE, rl_zero) and disable the rlimit sandbox on those.
 - (dtucker) [configure.ac sandbox-rlimit.c] Test whether or not
   setrlimit(RLIMIT_FSIZE, rl_zero) and skip it if it's not supported.  Its
   benefit is minor, so it's not worth disabling the sandbox if it doesn't
   work.

20120702
- (dtucker) OpenBSD CVS Sync
   - naddy@@cvs.openbsd.org 2012/06/29 13:57:25
     [ssh_config.5 sshd_config.5]
     match the documented MAC order of preference to the actual one;
     ok dtucker@@
   - markus@@cvs.openbsd.org 2012/06/30 14:35:09
     [sandbox-systrace.c sshd.c]
     fix a during the load of the sandbox policies (child can still make
     the read-syscall and wait forever for systrace-answers) by replacing
     the read/write synchronisation with SIGSTOP/SIGCONT;
     report and help hshoexer@@; ok djm@@, dtucker@@
   - dtucker@@cvs.openbsd.org 2012/07/02 08:50:03
     [ssh.c]
     set interactive ToS for forwarded X11 sessions.  ok djm@@
   - dtucker@@cvs.openbsd.org 2012/07/02 12:13:26
     [ssh-pkcs11-helper.c sftp-client.c]
     fix a couple of "assigned but not used" warnings.  ok markus@@
   - dtucker@@cvs.openbsd.org 2012/07/02 14:37:06
     [regress/connect-privsep.sh]
     remove exit from end of test since it prevents reporting failure
 - (dtucker) [regress/reexec.sh regress/sftp-cmds.sh regress/test-exec.sh]
   Move cygwin detection to test-exec and use to skip reexec test on cygwin.
 - (dtucker) [regress/test-exec.sh] Correct uname for cygwin/w2k.
d120 2
a121 1
20120629
d123 88
a210 24
   - dtucker@@cvs.openbsd.org 2012/06/21 00:16:07
     [addrmatch.c]
     fix strlcpy truncation check.  from carsten at debian org, ok markus
   - dtucker@@cvs.openbsd.org 2012/06/22 12:30:26
     [monitor.c sshconnect2.c]
     remove dead code following 'for (;;)' loops.
     From Steve.McClellan at radisys com, ok markus@@
   - dtucker@@cvs.openbsd.org 2012/06/22 14:36:33
     [sftp.c]
     Remove unused variable leftover from tab-completion changes.
     From Steve.McClellan at radisys com, ok markus@@
   - dtucker@@cvs.openbsd.org 2012/06/26 11:02:30
     [sandbox-systrace.c]
     Add mquery to the list of allowed syscalls for "UsePrivilegeSeparation
     sandbox" since malloc now uses it.  From johnw.mail at gmail com.
   - dtucker@@cvs.openbsd.org 2012/06/28 05:07:45
     [mac.c myproposal.h ssh_config.5 sshd_config.5]
     Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
     from draft6 of the spec and will not be in the RFC when published.  Patch
     from mdb at juniper net via bz#2023, ok markus.
   - naddy@@cvs.openbsd.org 2012/06/29 13:57:25
     [ssh_config.5 sshd_config.5]
     match the documented MAC order of preference to the actual one; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2012/05/13 01:42:32
d212 15
a226 30
     Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests
     to match.  Feedback and ok djm@@ markus@@.
   - djm@@cvs.openbsd.org 2012/06/01 00:47:35
     [regress/multiplex.sh regress/forwarding.sh]
     append to rather than truncate test log; bz#2013 from openssh AT
     roumenpetrov.info
   - djm@@cvs.openbsd.org 2012/06/01 00:52:52
     [regress/sftp-cmds.sh]
     don't delete .* on cleanup due to unintended env expansion; pointed out in
     bz#2014 by openssh AT roumenpetrov.info
   - dtucker@@cvs.openbsd.org 2012/06/26 12:06:59
     [regress/connect-privsep.sh]
     test sandbox with every malloc option
   - dtucker@@cvs.openbsd.org 2012/06/28 05:07:45
     [regress/try-ciphers.sh regress/cipher-speed.sh]
     Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
     from draft6 of the spec and will not be in the RFC when published.  Patch
     from mdb at juniper net via bz#2023, ok markus.
 - (dtucker) [myproposal.h] Remove trailing backslash to fix compile error.
 - (dtucker) [key.c] ifdef out sha256 key types on platforms that don't have
   the required functions in libcrypto.

20120628
 - (dtucker) [openbsd-compat/getrrsetbyname-ldns.c] bz #2022: prevent null
   pointer deref in the client when built with LDNS and using DNSSEC with a
   CNAME.  Patch from gregdlg+mr at hochet info.

20120622
 - (dtucker) [contrib/cygwin/ssh-host-config] Ensure that user sshd runs as
   can logon as a service.  Patch from vinschen at redhat com.
d228 1
a228 1
20120620
d230 17
a246 49
   - djm@@cvs.openbsd.org 2011/12/02 00:41:56
     [mux.c]
     fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     ok dtucker@@
   - djm@@cvs.openbsd.org 2011/12/04 23:16:12
     [mux.c]
     revert:
     > revision 1.32
     > date: 2011/12/02 00:41:56;  author: djm;  state: Exp;  lines: +4 -1
     > fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     > ok dtucker@@
     it interacts badly with ControlPersist
   - djm@@cvs.openbsd.org 2012/01/07 21:11:36
     [mux.c]
     fix double-free in new session handler
     NB. Id sync only
   - djm@@cvs.openbsd.org 2012/05/23 03:28:28
     [dns.c dns.h key.c key.h ssh-keygen.c]
     add support for RFC6594 SSHFP DNS records for ECDSA key types.
     patch from bugzilla-m67 AT nulld.me in bz#1978; ok + tweak markus@@
   - djm@@cvs.openbsd.org 2012/06/01 00:49:35
     [PROTOCOL.mux]
     correct types of port numbers (integers, not strings); bz#2004 from
     bert.wesarg AT googlemail.com
   - djm@@cvs.openbsd.org 2012/06/01 01:01:22
     [mux.c]
     fix memory leak when mux socket creation fails; bz#2002 from bert.wesarg
     AT googlemail.com
   - dtucker@@cvs.openbsd.org 2012/06/18 11:43:53
     [jpake.c]
     correct sizeof usage.  patch from saw at online.de, ok deraadt
   - dtucker@@cvs.openbsd.org 2012/06/18 11:49:58
     [ssh_config.5]
     RSA instead of DSA twice.  From Steve.McClellan at radisys com
   - dtucker@@cvs.openbsd.org 2012/06/18 12:07:07
     [ssh.1 sshd.8]
     Remove mention of 'three' key files since there are now four.  From
     Steve.McClellan at radisys com.
   - dtucker@@cvs.openbsd.org 2012/06/18 12:17:18
     [ssh.1]
     Clarify description of -W.  Noted by Steve.McClellan at radisys com,
     ok jmc
   - markus@@cvs.openbsd.org 2012/06/19 18:25:28
     [servconf.c servconf.h sshd_config.5]
     sshd_config: extend Match to allow AcceptEnv and {Allow,Deny}{Users,Groups}
     this allows 'Match LocalPort 1022' combined with 'AllowUser bauer'
     ok djm@@ (back in March)
   - jmc@@cvs.openbsd.org 2012/06/19 21:35:54
     [sshd_config.5]
d248 4
a251 45
   - djm@@cvs.openbsd.org 2012/06/20 04:42:58
     [clientloop.c serverloop.c]
     initialise accept() backoff timer to avoid EINVAL from select(2) in
     rekeying

20120519
 - (dtucker) [configure.ac] bz#2010: fix non-portable shell construct.  Patch
   from cjwatson at debian org.
 - (dtucker) [configure.ac contrib/Makefile] bz#1996: use AC_PATH_TOOL to find
   pkg-config so it does the right thing when cross-compiling.  Patch from
   cjwatson at debian org.
- (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2012/05/13 01:42:32
     [servconf.h servconf.c sshd.8 sshd.c auth.c sshd_config.5]
     Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests
     to match.  Feedback and ok djm@@ markus@@.
   - dtucker@@cvs.openbsd.org 2012/05/19 06:30:30
     [sshd_config.5]
     Document PermitOpen none.  bz#2001, patch from Loganaden Velvindron

20120504
 - (dtucker) [configure.ac] Include <sys/param.h> rather than <sys/types.h>
   to fix building on some plaforms.  Fom bowman at math utah edu and
   des at des no.

20120427
 - (dtucker) [regress/addrmatch.sh] skip tests when running on a non-ipv6
   platform rather than exiting early, so that we still clean up and return
   success or failure to test-exec.sh

20120426
 - (djm) [auth-passwd.c] Handle crypt() returning NULL; from Paul Wouters
   via Niels
 - (djm) [auth-krb5.c] Save errno across calls that might modify it;
   ok dtucker@@

20120423
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2012/04/23 08:18:17
     [channels.c]
     fix function proto/source mismatch

20120422
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2012/02/29 11:21:26
d253 5
a257 20
     allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@@
   - guenther@@cvs.openbsd.org 2012/03/15 03:10:27
     [session.c]
     root should always be excluded from the test for /etc/nologin instead
     of having it always enforced even when marked as ignorenologin.  This
     regressed when the logic was incompletely flipped around in rev 1.251
     ok halex@@ millert@@
   - djm@@cvs.openbsd.org 2012/03/28 07:23:22
     [PROTOCOL.certkeys]
     explain certificate extensions/crit split rationale. Mention requirement
     that each appear at most once per cert.
   - dtucker@@cvs.openbsd.org 2012/03/29 23:54:36
     [channels.c channels.h servconf.c]
     Add PermitOpen none option based on patch from Loganaden Velvindron
     (bz #1949).  ok djm@@
   - djm@@cvs.openbsd.org 2012/04/11 13:16:19
     [channels.c channels.h clientloop.c serverloop.c]
     don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
     while; ok deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2012/04/11 13:17:54
d259 6
a264 21
     Support "none" as an argument for AuthorizedPrincipalsFile to indicate
     no file should be read.
   - djm@@cvs.openbsd.org 2012/04/11 13:26:40
     [sshd.c]
     don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
     while; ok deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2012/04/11 13:34:17
     [ssh-keyscan.1 ssh-keyscan.c]
     now that sshd defaults to offering ECDSA keys, ssh-keyscan should also
     look for them by default; bz#1971
   - djm@@cvs.openbsd.org 2012/04/12 02:42:32
     [servconf.c servconf.h sshd.c sshd_config sshd_config.5]
     VersionAddendum option to allow server operators to append some arbitrary
     text to the SSH-... banner; ok deraadt@@ "don't care" markus@@
   - djm@@cvs.openbsd.org 2012/04/12 02:43:55
     [sshd_config sshd_config.5]
     mention AuthorizedPrincipalsFile=none default
   - djm@@cvs.openbsd.org 2012/04/20 03:24:23
     [sftp.c]
     setlinebuf(3) is more readable than setvbuf(.., _IOLBF, ...)
   - jmc@@cvs.openbsd.org 2012/04/20 16:26:22
d266 15
a280 1
     use "brackets" instead of "braces", for consistency;
d282 11
a292 47
20120420
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Update for release 6.0
 - (djm) [README] Update URL to release notes.
 - (djm) Release openssh-6.0

20120419
 - (djm) [configure.ac] Fix compilation error on FreeBSD, whose libutil
   contains openpty() but not login()

20120404
 - (djm) [Makefile.in configure.ac sandbox-seccomp-filter.c] Add sandbox
   mode for Linux's new seccomp filter; patch from Will Drewry; feedback
   and ok dtucker@@

20120330
 - (dtucker) [contrib/redhat/openssh.spec] Bug #1992: remove now-gone WARNING
   file from spec file.  From crighter at nuclioss com.
 - (djm) [entropy.c] bz#1991: relax OpenSSL version test to allow running
   openssh binaries on a newer fix release than they were compiled on.
   with and ok dtucker@@
 - (djm) [openbsd-compat/bsd-cygwin_util.h] #undef _WIN32 to avoid incorrect
   assumptions when building on Cygwin; patch from Corinna Vinschen

20120309
 - (djm) [openbsd-compat/port-linux.c] bz#1960: fix crash on SELinux 
   systems where sshd is run in te wrong context. Patch from Sven
   Vermeulen; ok dtucker@@
 - (djm) [packet.c] bz#1963: Fix IPQoS not being set on non-mapped v4-in-v6
   addressed connections. ok dtucker@@

20120224
 - (dtucker) [audit-bsm.c configure.ac] bug #1968: enable workarounds for BSM
   audit breakage in Solaris 11.  Patch from Magnus Johansson.

20120215
 - (tim) [openbsd-compat/bsd-misc.h sshd.c] Fix conflicting return type for
   unsetenv due to rev 1.14 change to setenv.c. Cast unsetenv to void in sshd.c
   ok dtucker@@
 - (tim) [defines.h] move chunk introduced in 1.125 before MAXPATHLEN so
   it actually works.
 - (tim) [regress/keytype.sh] stderr redirection needs to be inside back quote
   to work. Spotted by Angel Gonzalez

20120214
 - (djm) [openbsd-compat/bsd-cygwin_util.c] Add PROGRAMFILES to list of
   preserved Cygwin environment variables; from Corinna Vinschen
d294 1
a294 1
20120211
d296 14
a309 4
   - djm@@cvs.openbsd.org 2012/01/05 00:16:56
     [monitor.c]
     memleak on error path
   - djm@@cvs.openbsd.org 2012/01/07 21:11:36
d311 9
a319 28
     fix double-free in new session handler
   - miod@@cvs.openbsd.org 2012/01/08 13:17:11
     [ssh-ecdsa.c]
     Fix memory leak in ssh_ecdsa_verify(); from Loganaden Velvindron,
     ok markus@@
   - miod@@cvs.openbsd.org 2012/01/16 20:34:09
     [ssh-pkcs11-client.c]
     Fix a memory leak in pkcs11_rsa_private_encrypt(), reported by Jan Klemkow.
     While there, be sure to buffer_clear() between send_msg() and recv_msg().
     ok markus@@
   - dtucker@@cvs.openbsd.org 2012/01/18 21:46:43
     [clientloop.c]
     Ensure that $DISPLAY contains only valid characters before using it to
     extract xauth data so that it can't be used to play local shell
     metacharacter games.  Report from r00t_ati at ihteam.net, ok markus.
   - markus@@cvs.openbsd.org 2012/01/25 19:26:43
     [packet.c]
     do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying;
     ok dtucker@@, djm@@
   - markus@@cvs.openbsd.org 2012/01/25 19:36:31
     [authfile.c]
     memleak in key_load_file(); from Jan Klemkow
   - markus@@cvs.openbsd.org 2012/01/25 19:40:09
     [packet.c packet.h]
     packet_read_poll() is not used anymore.
   - markus@@cvs.openbsd.org 2012/02/09 20:00:18
     [version.h]
     move from 6.0-beta to 6.0
d321 3
a323 7
20120206
 - (djm) [ssh-keygen.c] Don't fail in do_gen_all_hostkeys on platforms
   that don't support ECC. Patch from Phil Oleson

20111219
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/12/02 00:41:56
d325 3
a327 8
     fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     ok dtucker@@
   - djm@@cvs.openbsd.org 2011/12/02 00:43:57
     [mac.c]
     fix bz#1934: newer OpenSSL versions will require HMAC_CTX_Init before
     HMAC_init (this change in policy seems insane to me)
     ok dtucker@@
   - djm@@cvs.openbsd.org 2011/12/04 23:16:12
d329 14
a342 10
     revert:
     > revision 1.32
     > date: 2011/12/02 00:41:56;  author: djm;  state: Exp;  lines: +4 -1
     > fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     > ok dtucker@@
     it interacts badly with ControlPersist
   - djm@@cvs.openbsd.org 2011/12/07 05:44:38
     [auth2.c dh.c packet.c roaming.h roaming_client.c roaming_common.c]
     fix some harmless and/or unreachable int overflows;
     reported Xi Wang, ok markus@@
d344 126
a469 3
20111125
 - OpenBSD CVS Sync
   - oga@@cvs.openbsd.org 2011/11/16 12:24:28
d471 5
a475 3
     Don't leak list in complete_cmd_parse if there are no commands found.
     Discovered when I was ``borrowing'' this code for something else.
     ok djm@@
d477 41
a517 2
20111121
 - (dtucker) [configure.ac] Set _FORTIFY_SOURCE.  ok djm@@
d519 3
a521 1
20111104
d523 19
a541 56
   - djm@@cvs.openbsd.org 2011/10/18 05:15:28
     [ssh.c]
     ssh(1): skip attempting to create ~/.ssh when -F is passed; ok markus@@
   - djm@@cvs.openbsd.org 2011/10/18 23:37:42
     [ssh-add.c]
     add -k to usage(); reminded by jmc@@
   - djm@@cvs.openbsd.org 2011/10/19 00:06:10
     [moduli.c]
     s/tmpfile/tmp/ to make this -Wshadow clean
   - djm@@cvs.openbsd.org 2011/10/19 10:39:48
     [umac.c]
     typo in comment; patch from Michael W. Bombardieri
   - djm@@cvs.openbsd.org 2011/10/24 02:10:46
     [ssh.c]
     bz#1943: unbreak stdio forwarding when ControlPersist is in user - ssh
     was incorrectly requesting the forward in both the control master and
     slave. skip requesting it in the master to fix. ok markus@@
   - djm@@cvs.openbsd.org 2011/10/24 02:13:13
     [session.c]
     bz#1859: send tty break to pty master instead of (probably already
     closed) slave side; "looks good" markus@@
   - dtucker@@cvs.openbsd.org 011/11/04 00:09:39
     [moduli]
     regenerated moduli file; ok deraadt
 - (dtucker) [INSTALL LICENCE configure.ac openbsd-compat/Makefile.in
   openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/getrrsetbyname.c]
   bz 1320: Add optional support for LDNS, a BSD licensed DNS resolver library
   which supports DNSSEC.  Patch from Simon Vallet (svallet at genoscope cns fr)
   with some rework from myself and djm.  ok djm.

20111025
 - (dtucker) [contrib/cygwin/Makefile] Continue if installing a doc file
   fails.  Patch from Corinna Vinschen.

20111018
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/10/04 14:17:32
     [sftp-glob.c]
     silence error spam for "ls */foo" in directory with files; bz#1683
   - dtucker@@cvs.openbsd.org 2011/10/16 11:02:46
     [moduli.c ssh-keygen.1 ssh-keygen.c]
     Add optional checkpoints for moduli screening.  feedback & ok deraadt
   - jmc@@cvs.openbsd.org 2011/10/16 15:02:41
     [ssh-keygen.c]
     put -K in the right place (usage());
   - stsp@@cvs.openbsd.org 2011/10/16 15:51:39
     [moduli.c]
     add missing includes to unbreak tree; fix from rpointel
   - djm@@cvs.openbsd.org 2011/10/18 04:58:26
     [auth-options.c key.c]
     remove explict search for \0 in packet strings, this job is now done
     implicitly by buffer_get_cstring; ok markus
   - djm@@cvs.openbsd.org 2011/10/18 05:00:48
     [ssh-add.1 ssh-add.c]
     new "ssh-add -k" option to load plain keys (skipping certificates);
     "looks ok" markus@@
d543 7
a549 2
20111001
 - (dtucker) [openbsd-compat/mktemp.c] Fix compiler warning.  ok djm
d551 23
a573 19
   - dtucker@@cvs.openbsd.org 2011/09/23 00:22:04
     [channels.c auth-options.c servconf.c channels.h sshd.8]
     Add wildcard support to PermitOpen, allowing things like "PermitOpen
     localhost:*".  bz #1857, ok djm markus.
   - markus@@cvs.openbsd.org 2011/09/23 07:45:05
     [mux.c readconf.h channels.h compat.h compat.c ssh.c readconf.c channels.c
     version.h]
     unbreak remote portforwarding with dynamic allocated listen ports:
     1) send the actual listen port in the open message (instead of 0).
        this allows multiple forwardings with a dynamic listen port
     2) update the matching permit-open entry, so we can identify where
        to connect to
     report: den at skbkontur.ru and P. Szczygielski
     feedback and ok djm@@
   - djm@@cvs.openbsd.org 2011/09/25 05:44:47
     [auth2-pubkey.c]
     improve the AuthorizedPrincipalsFile debug log message to include
     file and line number
   - dtucker@@cvs.openbsd.org 2011/09/30 00:47:37
d575 4
a578 4
     don't attempt privsep cleanup when not using privsep; ok markus@@
   - djm@@cvs.openbsd.org 2011/09/30 21:22:49
     [sshd.c]
     fix inverted test that caused logspam; spotted by henning@@
d580 84
a663 67
20110929
 - (djm) [configure.ac defines.h] No need to detect sizeof(char); patch
   from des AT des.no
 - (dtucker) [configure.ac openbsd-compat/Makefile.in
   openbsd-compat/strnlen.c] Add strnlen to the compat library.

20110923
 - (djm) [openbsd-compat/getcwd.c] Remove OpenBSD rcsid marker since we no
   longer want to sync this file (OpenBSD uses a __getcwd syscall now, we
   want this longhand version)
 - (djm) [openbsd-compat/getgrouplist.c] Remove OpenBSD rcsid marker: the
   upstream version is YPified and we don't want this
 - (djm) [openbsd-compat/mktemp.c] forklift upgrade to -current version.
   The file was totally rewritten between what we had in tree and -current.
 - (djm) [openbsd-compat/sha2.c openbsd-compat/sha2.h] Remove OpenBSD rcsid
   marker. The upstream API has changed (function and structure names)
   enough to put it out of sync with other providers of this interface.
 - (djm) [openbsd-compat/setenv.c] Forklift upgrade, including inclusion
   of static __findenv() function from upstream setenv.c
 - OpenBSD CVS Sync
   - millert@@cvs.openbsd.org 2006/05/05 15:27:38
     [openbsd-compat/strlcpy.c]
     Convert do {} while loop -> while {} for clarity.  No binary change
     on most architectures.  From Oliver Smith.  OK deraadt@@ and henning@@
   - tobias@@cvs.openbsd.org 2007/10/21 11:09:30
     [openbsd-compat/mktemp.c]
     Comment fix about time consumption of _gettemp.
     FreeBSD did this in revision 1.20.
     OK deraadt@@, krw@@
   - deraadt@@cvs.openbsd.org 2008/07/22 21:47:45
     [openbsd-compat/mktemp.c]
     use arc4random_uniform(); ok djm millert
   - millert@@cvs.openbsd.org 2008/08/21 16:54:44
     [openbsd-compat/mktemp.c]
     Remove useless code, the kernel will set errno appropriately if an
     element in the path does not exist.  OK deraadt@@ pvalchev@@
   - otto@@cvs.openbsd.org 2008/12/09 19:38:38
     [openbsd-compat/inet_ntop.c]
     fix inet_ntop(3) prototype; ok millert@@ libc to be bumbed very soon

20110922
 - OpenBSD CVS Sync
   - pyr@@cvs.openbsd.org 2011/05/12 07:15:10
     [openbsd-compat/glob.c]
     When the max number of items for a directory has reached GLOB_LIMIT_READDIR
     an error is returned but closedir() is not called.
     spotted and fix provided by Frank Denis obsd-tech@@pureftpd.org
     ok otto@@, millert@@
   - stsp@@cvs.openbsd.org 2011/09/20 10:18:46
     [glob.c]
     In glob(3), limit recursion during matching attempts. Similar to
     fnmatch fix. Also collapse consecutive '*' (from NetBSD).
     ok miod deraadt
   - djm@@cvs.openbsd.org 2011/09/22 06:27:29
     [glob.c]
     fix GLOB_KEEPSTAT without GLOB_NOSORT; the implicit sort was being
     applied only to the gl_pathv vector and not the corresponding gl_statv
     array. reported in OpenSSH bz#1935; feedback and okay matthew@@
   - djm@@cvs.openbsd.org 2011/08/26 01:45:15
     [ssh.1]
     Add some missing ssh_config(5) options that can be used in ssh(1)'s
     -o argument. Patch from duclare AT guu.fi
   - djm@@cvs.openbsd.org 2011/09/05 05:56:13
     [scp.1 sftp.1]
     mention ControlPersist and KbdInteractiveAuthentication in the -o
     verbiage in these pages too (prompted by jmc@@)
   - djm@@cvs.openbsd.org 2011/09/05 05:59:08
d665 70
a734 24
     fix typo in IPQoS parsing: there is no "AF14" class, but there is
     an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
   - jmc@@cvs.openbsd.org 2011/09/05 07:01:44
     [scp.1]
     knock out a useless Ns;
   - deraadt@@cvs.openbsd.org 2011/09/07 02:18:31
     [ssh-keygen.1]
     typo (they vs the) found by Lawrence Teo
   - djm@@cvs.openbsd.org 2011/09/09 00:43:00
     [ssh_config.5 sshd_config.5]
     fix typo in IPQoS parsing: there is no "AF14" class, but there is
     an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
   - djm@@cvs.openbsd.org 2011/09/09 00:44:07
     [PROTOCOL.mux]
     MUX_C_CLOSE_FWD includes forward type in message (though it isn't
     implemented anyway)
   - djm@@cvs.openbsd.org 2011/09/09 22:37:01
     [scp.c]
     suppress adding '--' to remote commandlines when the first argument
     does not start with '-'. saves breakage on some difficult-to-upgrade
     embedded/router platforms; feedback & ok dtucker ok markus
   - djm@@cvs.openbsd.org 2011/09/09 22:38:21
     [sshd.c]
     kill the preauth privsep child on fatal errors in the monitor;
d736 1
a736 20
   - djm@@cvs.openbsd.org 2011/09/09 22:46:44
     [channels.c channels.h clientloop.h mux.c ssh.c]
     support for cancelling local and remote port forwards via the multiplex
     socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@@host" to request
     the cancellation of the specified forwardings; ok markus@@
   - markus@@cvs.openbsd.org 2011/09/10 22:26:34
     [channels.c channels.h clientloop.c ssh.1]
     support cancellation of local/dynamic forwardings from ~C commandline;
     ok & feedback djm@@
   - okan@@cvs.openbsd.org 2011/09/11 06:59:05
     [ssh.1]
     document new -O cancel command; ok djm@@
   - markus@@cvs.openbsd.org 2011/09/11 16:07:26
     [sftp-client.c]
     fix leaks in do_hardlink() and do_readlink(); bz#1921
     from Loganaden Velvindron
   - markus@@cvs.openbsd.org 2011/09/12 08:46:15
     [sftp-client.c]
     fix leak in do_lsreaddir(); ok djm
   - djm@@cvs.openbsd.org 2011/09/22 06:29:03
d738 59
a796 2
     don't let remote_glob() implicitly sort its results in do_globbed_ls() -
     in all likelihood, they will be resorted anyway
d798 53
a850 8
20110909
 - (dtucker) [entropy.h] Bug #1932: remove old definition of init_rng.  From
   Colin Watson.

20110906
 - (djm) [README version.h] Correct version
 - (djm) [contrib/redhat/openssh.spec] Correct restorcon => restorecon
 - (djm) Respin OpenSSH-5.9p1 release
d852 127
a978 3
20110905
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Update version numbers.
d980 81
a1060 50
20110904
 - (djm) [regress/connect-privsep.sh regress/test-exec.sh] demote fatal
   regress errors for the sandbox to warnings. ok tim dtucker
 - (dtucker) [ssh-keygen.c ssh-pkcs11.c] Bug #1929: add null implementations
   ofsh-pkcs11.cpkcs_init and pkcs_terminate for building without dlopen
   support.

20110829
 - (djm) [openbsd-compat/port-linux.c] Suppress logging when attempting
   to switch SELinux context away from unconfined_t, based on patch from
   Jan Chadima; bz#1919 ok dtucker@@

20110827
 - (dtucker) [auth-skey.c] Add log.h to fix build --with-skey.

20110818
 - (tim) [configure.ac] Typo in error message spotted by Andy Tsouladze

20110817
 - (tim) [mac.c myproposal.h] Wrap SHA256 and SHA512 in ifdefs for
   OpenSSL 0.9.7. ok djm
 - (djm) [ openbsd-compat/bsd-cygwin_util.c openbsd-compat/bsd-cygwin_util.h]
   binary_pipe is no longer required on Cygwin; patch from Corinna Vinschen
 - (djm) [configure.ac] error out if the host lacks the necessary bits for
   an explicitly requested sandbox type
 - (djm) [contrib/ssh-copy-id] Missing backlslash; spotted by
   bisson AT archlinux.org
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2011/06/03 05:35:10
     [regress/cfgmatch.sh]
     use OBJ to find test configs, patch from Tim Rice
   - markus@@cvs.openbsd.org 2011/06/30 22:44:43
     [regress/connect-privsep.sh]
     test with sandbox enabled; ok djm@@
   - djm@@cvs.openbsd.org 2011/08/02 01:23:41
     [regress/cipher-speed.sh regress/try-ciphers.sh]
     add SHA256/SHA512 based HMAC modes
 - (djm) [regress/cipher-speed.sh regress/try-ciphers.sh] disable HMAC-SHA2
   MAC tests for platforms that hack EVP_SHA2 support

20110812
 - (dtucker) [openbsd-compat/port-linux.c] Bug 1924: Improve selinux context
   change error by reporting old and new context names  Patch from
   jchadima at redhat.
 - (djm) [contrib/redhat/openssh.spec contrib/redhat/sshd.init]
   [contrib/suse/openssh.spec contrib/suse/rc.sshd] Updated RHEL and SLES
   init scrips from imorgan AT nas.nasa.gov; bz#1920
 - (djm) [contrib/ssh-copy-id] Fix failure for cases where the path to the
   identify file contained whitespace. bz#1828 patch from gwenael.lambrouin
   AT gmail.com; ok dtucker@@
d1062 1
a1062 1
20110807
d1064 18
a1081 40
   - jmc@@cvs.openbsd.org 2008/06/26 06:59:39
     [moduli.5]
     tweak previous;
   - sobrado@@cvs.openbsd.org 2009/10/28 08:56:54
     [moduli.5]
     "Diffie-Hellman" is the usual spelling for the cryptographic protocol
     first published by Whitfield Diffie and Martin Hellman in 1976.
     ok jmc@@
   - jmc@@cvs.openbsd.org 2010/10/14 20:41:28
     [moduli.5]
     probabalistic -> probabilistic; from naddy
   - dtucker@@cvs.openbsd.org 2011/08/07 12:55:30
     [sftp.1]
     typo, fix from Laurent Gautrot

20110805
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/06/23 23:35:42
     [monitor.c]
     ignore EINTR errors from poll()
   - tedu@@cvs.openbsd.org 2011/07/06 18:09:21
     [authfd.c]
     bzero the agent address.  the kernel was for a while very cranky about
     these things.  evne though that's fixed, always good to initialize
     memory.  ok deraadt djm
   - djm@@cvs.openbsd.org 2011/07/29 14:42:45
     [sandbox-systrace.c]
     fail open(2) with EPERM rather than SIGKILLing the whole process. libc
     will call open() to do strerror() when NLS is enabled;
     feedback and ok markus@@
   - markus@@cvs.openbsd.org 2011/08/01 19:18:15
     [gss-serv.c]
     prevent post-auth resource exhaustion (int overflow leading to 4GB malloc);
     report Adam Zabrock; ok djm@@, deraadt@@
   - djm@@cvs.openbsd.org 2011/08/02 01:22:11
     [mac.c myproposal.h ssh.1 ssh_config.5 sshd.8 sshd_config.5]
     Add new SHA256 and SHA512 based HMAC modes from
     http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt
     Patch from mdb AT juniper.net; feedback and ok markus@@
   - djm@@cvs.openbsd.org 2011/08/02 23:13:01
d1083 2
a1084 2
     crank now, release later
   - djm@@cvs.openbsd.org 2011/08/02 23:15:03
d1086 6
a1091 1
     typo in comment
d1093 7
a1099 4
20110624
 - (djm) [configure.ac Makefile.in sandbox-darwin.c] Add a sandbox for
   Darwin/OS X using sandbox_init() + setrlimit(); feedback and testing
   markus@@
d1101 32
a1132 52
20110623
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/06/22 21:47:28
     [servconf.c]
     reuse the multistate option arrays to pretty-print options for "sshd -T"
   - djm@@cvs.openbsd.org 2011/06/22 21:57:01
     [servconf.c servconf.h sshd.c sshd_config.5]
     [configure.ac Makefile.in]
     introduce sandboxing of the pre-auth privsep child using systrace(4).
     
     This introduces a new "UsePrivilegeSeparation=sandbox" option for
     sshd_config that applies mandatory restrictions on the syscalls the
     privsep child can perform. This prevents a compromised privsep child
     from being used to attack other hosts (by opening sockets and proxying)
     or probing local kernel attack surface.
     
     The sandbox is implemented using systrace(4) in unsupervised "fast-path"
     mode, where a list of permitted syscalls is supplied. Any syscall not
     on the list results in SIGKILL being sent to the privsep child. Note
     that this requires a kernel with the new SYSTR_POLICY_KILL option.
     
     UsePrivilegeSeparation=sandbox will become the default in the future
     so please start testing it now.
     
     feedback dtucker@@; ok markus@@
   - djm@@cvs.openbsd.org 2011/06/22 22:08:42
     [channels.c channels.h clientloop.c clientloop.h mux.c ssh.c]
     hook up a channel confirm callback to warn the user then requested X11
     forwarding was refused by the server; ok markus@@
   - djm@@cvs.openbsd.org 2011/06/23 09:34:13
     [sshd.c ssh-sandbox.h sandbox.h sandbox-rlimit.c sandbox-systrace.c]
     [sandbox-null.c]
     rename sandbox.h => ssh-sandbox.h to make things easier for portable
 - (djm) [sandbox-null.c] Dummy sandbox for platforms that don't support
   setrlimit(2)

20110620
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/06/04 00:10:26
     [ssh_config.5]
     explain IdentifyFile's semantics a little better, prompted by bz#1898
     ok dtucker jmc
   - markus@@cvs.openbsd.org 2011/06/14 22:49:18
     [authfile.c]
     make sure key_parse_public/private_rsa1() no longer consumes its input
     buffer.  fixes ssh-add for passphrase-protected ssh1-keys;
     noted by naddy@@; ok djm@@
   - djm@@cvs.openbsd.org 2011/06/17 21:44:31
     [log.c log.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h sshd.c]
     make the pre-auth privsep slave log via a socketpair shared with the
     monitor rather than /var/empty/dev/log; ok dtucker@@ deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2011/06/17 21:46:16
d1134 2
a1135 3
     the protocol version should be unsigned; bz#1913 reported by mb AT
     smartftp.com
   - djm@@cvs.openbsd.org 2011/06/17 21:47:35
d1137 29
a1165 3
     factor out multi-choice option parsing into a parse_multistate label
     and some support structures; ok dtucker@@
   - djm@@cvs.openbsd.org 2011/06/17 21:57:25
d1167 105
a1271 2
     setproctitle for a mux master that has been gracefully stopped;
     bz#1911 from Bert.Wesarg AT googlemail.com
d1273 8
a1280 12
20110603
 - (dtucker) [README version.h contrib/caldera/openssh.spec
   contrib/redhat/openssh.spec contrib/suse/openssh.spec] Pull the version
   bumps from the 5.8p2 branch into HEAD.  ok djm.
 - (tim) [configure.ac defines.h] Run test program to detect system mail
   directory. Add --with-maildir option to override. Fixed OpenServer 6
   getting it wrong. Fixed many systems having MAIL=/var/mail//username
   ok dtucker
 - (dtucker) [monitor.c] Remove the !HAVE_SOCKETPAIR case.  We use socketpair
   unconditionally in other places and the survey data we have does not show
   any systems that use it.  "nuke it" djm@@
 - (djm) [configure.ac] enable setproctitle emulation for OS X
d1282 17
a1298 108
   - djm@@cvs.openbsd.org 2011/06/03 00:54:38
     [ssh.c]
     bz#1883 - setproctitle() to identify mux master; patch from Bert.Wesarg
     AT googlemail.com; ok dtucker@@
     NB. includes additional portability code to enable setproctitle emulation
     on platforms that don't support it.
   - dtucker@@cvs.openbsd.org 2011/06/03 01:37:40
     [ssh-agent.c]
     Check current parent process ID against saved one to determine if the parent
     has exited, rather than attempting to send a zero signal, since the latter
     won't work if the parent has changed privs.  bz#1905, patch from Daniel Kahn
     Gillmor, ok djm@@
    - dtucker@@cvs.openbsd.org 2011/05/31 02:01:58
     [regress/dynamic-forward.sh]
     back out revs 1.6 and 1.5 since it's not reliable
   - dtucker@@cvs.openbsd.org 2011/05/31 02:03:34
     [regress/dynamic-forward.sh]
     work around startup and teardown races; caught by deraadt
   - dtucker@@cvs.openbsd.org 2011/06/03 00:29:52
     [regress/dynamic-forward.sh]
     Retry establishing the port forwarding after a small delay, should make
     the tests less flaky when the previous test is slow to shut down and free
     up the port.
 - (tim) [regress/cfgmatch.sh] Build/test out of tree fix.

20110529
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/05/23 03:30:07
     [auth-rsa.c auth.c auth.h auth2-pubkey.c monitor.c monitor_wrap.c]
     [pathnames.h servconf.c servconf.h sshd.8 sshd_config sshd_config.5]
     allow AuthorizedKeysFile to specify multiple files, separated by spaces.
     Bring back authorized_keys2 as a default search path (to avoid breaking
     existing users of this file), but override this in sshd_config so it will
     be no longer used on fresh installs. Maybe in 2015 we can remove it
     entierly :)
     
     feedback and ok markus@@ dtucker@@
   - djm@@cvs.openbsd.org 2011/05/23 03:33:38
     [auth.c]
     make secure_filename() spam debug logs less
   - djm@@cvs.openbsd.org 2011/05/23 03:52:55
     [sshconnect.c]
     remove extra newline
   - jmc@@cvs.openbsd.org 2011/05/23 07:10:21
     [sshd.8 sshd_config.5]
     tweak previous; ok djm
   - djm@@cvs.openbsd.org 2011/05/23 07:24:57
     [authfile.c]
     read in key comments for v.2 keys (though note that these are not
     passed over the agent protocol); bz#439, based on patch from binder
     AT arago.de; ok markus@@
   - djm@@cvs.openbsd.org 2011/05/24 07:15:47
     [readconf.c readconf.h ssh.c ssh_config.5 sshconnect.c sshconnect2.c]
     Remove undocumented legacy options UserKnownHostsFile2 and
     GlobalKnownHostsFile2 by making UserKnownHostsFile/GlobalKnownHostsFile
     accept multiple paths per line and making their defaults include
     known_hosts2; ok markus
   - djm@@cvs.openbsd.org 2011/05/23 03:31:31
     [regress/cfgmatch.sh]
     include testing of multiple/overridden AuthorizedKeysFiles
     refactor to simply daemon start/stop and get rid of racy constructs

20110520
 - (djm) [session.c] call setexeccon() before executing passwd for pw
   changes; bz#1891 reported by jchadima AT redhat.com; ok dtucker@@
 - (djm) [aclocal.m4 configure.ac] since gcc-4.x ignores all -Wno-options
   options, we should corresponding -W-option when trying to determine
   whether it is accepted.  Also includes a warning fix on the program
   fragment uses (bad main() return type).
   bz#1900 and bz#1901 reported by g.esp AT free.fr; ok dtucker@@
 - (djm) [servconf.c] remove leftover droppings of AuthorizedKeysFile2
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/05/15 08:09:01
     [authfd.c monitor.c serverloop.c]
     use FD_CLOEXEC consistently; patch from zion AT x96.org
   - djm@@cvs.openbsd.org 2011/05/17 07:13:31
     [key.c]
     fatal() if asked to generate a legacy ECDSA cert (these don't exist)
     and fix the regress test that was trying to generate them :)
   - djm@@cvs.openbsd.org 2011/05/20 00:55:02
     [servconf.c]
     the options TrustedUserCAKeys, RevokedKeysFile, AuthorizedKeysFile
     and AuthorizedPrincipalsFile were not being correctly applied in
     Match blocks, despite being overridable there; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2011/05/20 02:00:19
     [servconf.c]
     Add comment documenting what should be after the preauth check.  ok djm
   - djm@@cvs.openbsd.org 2011/05/20 03:25:45
     [monitor.c monitor_wrap.c servconf.c servconf.h]
     use a macro to define which string options to copy between configs
     for Match. This avoids problems caused by forgetting to keep three
     code locations in perfect sync and ordering
     
     "this is at once beautiful and horrible" + ok dtucker@@
   - djm@@cvs.openbsd.org 2011/05/17 07:13:31
     [regress/cert-userkey.sh]
     fatal() if asked to generate a legacy ECDSA cert (these don't exist)
     and fix the regress test that was trying to generate them :)
   - djm@@cvs.openbsd.org 2011/05/20 02:43:36
     [cert-hostkey.sh]
     another attempt to generate a v00 ECDSA key that broke the test
     ID sync only - portable already had this somehow
   - dtucker@@cvs.openbsd.org 2011/05/20 05:19:50
     [dynamic-forward.sh]
     Prevent races in dynamic forwarding test; ok djm
   - dtucker@@cvs.openbsd.org 2011/05/20 06:32:30
     [dynamic-forward.sh]
     fix dumb error in dynamic-forward test
d1300 1
a1300 1
20110515
d1302 28
a1329 43
   - djm@@cvs.openbsd.org 2011/05/05 05:12:08
     [mux.c]
     gracefully fall back when ControlPath is too large for a
     sockaddr_un. ok markus@@ as part of a larger diff
   - dtucker@@cvs.openbsd.org 2011/05/06 01:03:35
     [sshd_config]
     clarify language about overriding defaults.  bz#1892, from Petr Cerny
   - djm@@cvs.openbsd.org 2011/05/06 01:09:53
     [sftp.1]
     mention that IPv6 addresses must be enclosed in square brackets;
     bz#1845
   - djm@@cvs.openbsd.org 2011/05/06 02:05:41
     [sshconnect2.c]
     fix memory leak; bz#1849 ok dtucker@@
   - djm@@cvs.openbsd.org 2011/05/06 21:14:05
     [packet.c packet.h]
     set traffic class for IPv6 traffic as we do for IPv4 TOS;
     patch from lionel AT mamane.lu via Colin Watson in bz#1855;
     ok markus@@
   - djm@@cvs.openbsd.org 2011/05/06 21:18:02
     [ssh.c ssh_config.5]
     add a %L expansion (short-form of the local host name) for ControlPath;
     sync some more expansions with LocalCommand; ok markus@@
   - djm@@cvs.openbsd.org 2011/05/06 21:31:38
     [readconf.c ssh_config.5]
     support negated Host matching, e.g.
     
     Host *.example.org !c.example.org
        User mekmitasdigoat
     
     Will match "a.example.org", "b.example.org", but not "c.example.org"
     ok markus@@
   - djm@@cvs.openbsd.org 2011/05/06 21:34:32
     [clientloop.c mux.c readconf.c readconf.h ssh.c ssh_config.5]
     Add a RequestTTY ssh_config option to allow configuration-based
     control over tty allocation (like -t/-T); ok markus@@
   - djm@@cvs.openbsd.org 2011/05/06 21:38:58
     [ssh.c]
     fix dropping from previous diff
   - djm@@cvs.openbsd.org 2011/05/06 22:20:10
     [PROTOCOL.mux]
     fix numbering; from bert.wesarg AT googlemail.com
   - jmc@@cvs.openbsd.org 2011/05/07 23:19:39
d1331 69
a1399 2
     - tweak previous
     - come consistency fixes
d1401 10
a1410 14
   - jmc@@cvs.openbsd.org 2011/05/07 23:20:25
     [ssh.1]
     +.It RequestTTY
   - djm@@cvs.openbsd.org 2011/05/08 12:52:01
     [PROTOCOL.mux clientloop.c clientloop.h mux.c]
     improve our behaviour when TTY allocation fails: if we are in
     RequestTTY=auto mode (the default), then do not treat at TTY
     allocation error as fatal but rather just restore the local TTY
     to cooked mode and continue. This is more graceful on devices that
     never allocate TTYs.
     
     If RequestTTY is set to "yes" or "force", then failure to allocate
     a TTY is fatal.
     
d1412 10
a1421 42
   - djm@@cvs.openbsd.org 2011/05/10 05:46:46
     [authfile.c]
     despam debug() logs by detecting that we are trying to load a private key
     in key_try_load_public() and returning early; ok markus@@
   - djm@@cvs.openbsd.org 2011/05/11 04:47:06
     [auth.c auth.h auth2-pubkey.c pathnames.h servconf.c servconf.h]
     remove support for authorized_keys2; it is a relic from the early days
     of protocol v.2 support and has been undocumented for many years;
     ok markus@@
   - djm@@cvs.openbsd.org 2011/05/13 00:05:36
     [authfile.c]
     warn on unexpected key type in key_parse_private_type()
 - (djm) [packet.c] unbreak portability #endif

20110510
 - (dtucker) [openbsd-compat/openssl-compat.{c,h}] Bug #1882: fix
   --with-ssl-engine which was broken with the change from deprecated
   SSLeay_add_all_algorithms().  ok djm

20110506
 - (dtucker) [openbsd-compat/regress/closefromtest.c] Bug #1875: add prototype
   for closefrom() in test code.  Report from Dan Wallis via Gentoo.

20110505
 - (djm) [defines.h] Move up include of netinet/ip.h for IPTOS
   definitions. From des AT des.no
 - (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac]
   [entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c]
   [ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c]
   [ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh]
   [regress/README.regress] Remove ssh-rand-helper and all its
   tentacles. PRNGd seeding has been rolled into entropy.c directly.
   Thanks to tim@@ for testing on affected platforms.
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/03/10 02:52:57
     [auth2-gss.c auth2.c auth.h]
     allow GSSAPI authentication to detect when a server-side failure causes
     authentication failure and don't count such failures against MaxAuthTries;
     bz#1244 from simon AT sxw.org.uk; ok markus@@ before lock
   - okan@@cvs.openbsd.org 2011/03/15 10:36:02
     [ssh-keyscan.c]
     use timerclear macro
d1423 39
a1461 133
   - stevesk@@cvs.openbsd.org 2011/03/23 15:16:22
     [ssh-keygen.1 ssh-keygen.c]
     Add -A option.  For each of the key types (rsa1, rsa, dsa and ecdsa)
     for which host keys do not exist, generate the host keys with the
     default key file path, an empty passphrase, default bits for the key
     type, and default comment.  This will be used by /etc/rc to generate
     new host keys.  Idea from deraadt.
     ok deraadt
   - stevesk@@cvs.openbsd.org 2011/03/23 16:24:56
     [ssh-keygen.1]
     -q not used in /etc/rc now so remove statement.
   - stevesk@@cvs.openbsd.org 2011/03/23 16:50:04
     [ssh-keygen.c]
     remove -d, documentation removed >10 years ago; ok markus
   - jmc@@cvs.openbsd.org 2011/03/24 15:29:30
     [ssh-keygen.1]
     zap trailing whitespace;
   - stevesk@@cvs.openbsd.org 2011/03/24 22:14:54
     [ssh-keygen.c]
     use strcasecmp() for "clear" cert permission option also; ok djm
   - stevesk@@cvs.openbsd.org 2011/03/29 18:54:17
     [misc.c misc.h servconf.c]
     print ipqos friendly string for sshd -T; ok markus
     # sshd -Tf sshd_config|grep ipqos
     ipqos lowdelay throughput
   - djm@@cvs.openbsd.org 2011/04/12 04:23:50
     [ssh-keygen.c]
     fix -Wshadow
   - djm@@cvs.openbsd.org 2011/04/12 05:32:49
     [sshd.c]
     exit with 0 status on SIGTERM; bz#1879
   - djm@@cvs.openbsd.org 2011/04/13 04:02:48
     [ssh-keygen.1]
     improve wording; bz#1861
   - djm@@cvs.openbsd.org 2011/04/13 04:09:37
     [ssh-keygen.1]
     mention valid -b sizes for ECDSA keys; bz#1862
   - djm@@cvs.openbsd.org 2011/04/17 22:42:42
     [PROTOCOL.mux clientloop.c clientloop.h mux.c ssh.1 ssh.c]
     allow graceful shutdown of multiplexing: request that a mux server
     removes its listener socket and refuse future multiplexing requests;
     ok markus@@
   - djm@@cvs.openbsd.org 2011/04/18 00:46:05
     [ssh-keygen.c]
     certificate options are supposed to be packed in lexical order of
     option name (though we don't actually enforce this at present).
     Move one up that was out of sequence
   - djm@@cvs.openbsd.org 2011/05/04 21:15:29
     [authfile.c authfile.h ssh-add.c]
     allow "ssh-add - < key"; feedback and ok markus@@
 - (tim) [configure.ac] Add AC_LANG_SOURCE to OPENSSH_CHECK_CFLAG_COMPILE
   so autoreconf 2.68 is happy.
 - (tim) [defines.h] Deal with platforms that do not have S_IFSOCK ok djm@@

20110221
 - (dtucker) [contrib/cygwin/ssh-host-config] From Corinna: revamp of the
   Cygwin-specific service installer script ssh-host-config.  The actual
   functionality is the same, the revisited version is just more
   exact when it comes to check for problems which disallow to run
   certain aspects of the script.  So, part of this script and the also
   rearranged service helper script library "csih" is to check if all
   the tools required to run the script are available on the system.
   The new script also is more thorough to inform the user why the
   script failed.  Patch from vinschen at redhat com.

20110218
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/02/16 00:31:14
     [ssh-keysign.c]
     make hostbased auth with ECDSA keys work correctly. Based on patch
     by harvey.eneman AT oracle.com in bz#1858; ok markus@@ (pre-lock)

20110206
 - (dtucker) [openbsd-compat/port-linux.c] Bug #1851: fix syntax error in
   selinux code.  Patch from Leonardo Chiquitto 
 - (dtucker) [contrib/cygwin/ssh-{host,user}-config]  Add ECDSA key
   generation and simplify.  Patch from Corinna Vinschen.

20110204
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/01/31 21:42:15
     [PROTOCOL.mux]
     cut'n'pasto; from bert.wesarg AT googlemail.com
   - djm@@cvs.openbsd.org 2011/02/04 00:44:21
     [key.c]
     fix uninitialised nonce variable; reported by Mateusz Kocielski
   - djm@@cvs.openbsd.org 2011/02/04 00:44:43
     [version.h]
     openssh-5.8
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] update versions in docs and spec files.
 - Release OpenSSH 5.8p1

20110128
 - (djm) [openbsd-compat/port-linux.c] Check whether SELinux is enabled
   before attempting setfscreatecon(). Check whether matchpathcon()
   succeeded before using its result. Patch from cjwatson AT debian.org;
   bz#1851

20110127
 - (tim) [config.guess config.sub] Sync with upstream.
 - (tim) [configure.ac] Consistent M4 quoting throughout, updated obsolete
   AC_TRY_COMPILE with AC_COMPILE_IFELSE, updated obsolete AC_TRY_LINK with
   AC_LINK_IFELSE, updated obsolete AC_TRY_RUN with AC_RUN_IFELSE, misc white
   space changes for consistency/readability. Makes autoconf 2.68 happy.
   "Nice work" djm

20110125
 - (djm) [configure.ac Makefile.in ssh.c openbsd-compat/port-linux.c
   openbsd-compat/port-linux.h] Move SELinux-specific code from ssh.c to
   port-linux.c to avoid compilation errors. Add -lselinux to ssh when
   building with SELinux support to avoid linking failure; report from
   amk AT spamfence.net; ok dtucker

20110122
 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add
   RSA_get_default_method() for the benefit of openssl versions that don't
   have it (at least openssl-engine-0.9.6b).  Found and tested by Kevin Brott,
   ok djm@@.
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/01/22 09:18:53
     [version.h]
     crank to OpenSSH-5.7
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] update versions in docs and spec files.
 - (djm) Release 5.7p1

20110119
 - (tim) [contrib/caldera/openssh.spec] Use CFLAGS from Makefile instead
   of RPM so build completes. Signatures were changed to .asc since 4.1p1.
 - (djm) [configure.ac] Disable ECC on OpenSSL <0.9.8g. Releases prior to
   0.9.8 lacked it, and 0.9.8a through 0.9.8d have proven buggy in pre-
   release testing (random crashes and failure to load ECC keys).
d1463 10
d1474 3
a1476 33
20110117
 - (djm) [regress/Makefile] use $TEST_SSH_KEYGEN instead of the one in
   $PATH, fix cleanup of droppings; reported by openssh AT
   roumenpetrov.info; ok dtucker@@
 - (djm) [regress/agent-ptrace.sh] Fix false failure on OS X by adding
   its unique snowflake of a gdb error to the ones we look for.
 - (djm) [regress/agent-getpeereid.sh] leave stdout attached when running
   ssh-add to avoid $SUDO failures on Linux
 - (dtucker) [openbsd-compat/port-linux.c] Bug #1838: Add support for the new
   Linux OOM-killer magic values that changed in 2.6.36 kernels, with fallback
   to the old values.  Feedback from vapier at gentoo org and djm, ok djm.
 - (djm) [configure.ac regress/agent-getpeereid.sh regress/multiplex.sh]
   [regress/sftp-glob.sh regress/test-exec.sh] Rework how feature tests are
   disabled on platforms that do not support them; add a "config_defined()"
   shell function that greps for defines in config.h and use them to decide
   on feature tests.
   Convert a couple of existing grep's over config.h to use the new function
   Add a define "FILESYSTEM_NO_BACKSLASH" for filesystem that can't represent
   backslash characters in filenames, enable it for Cygwin and use it to turn
   of tests for quotes backslashes in sftp-glob.sh.
   based on discussion with vinschen AT redhat.com and dtucker@@; ok dtucker@@
 - (tim) [regress/agent-getpeereid.sh] shell portability fix.
 - (dtucker) [openbsd-compat/port-linux.c] Fix minor bug caught by -Werror on
   the tinderbox.
 - (dtucker) [LICENCE Makefile.in audit-bsm.c audit-linux.c audit.c audit.h
   configure.ac defines.h loginrec.c]  Bug #1402: add linux audit subsystem
   support, based on patches from Tomas Mraz and jchadima at redhat.

20110116
 - (dtucker) [Makefile.in configure.ac regress/kextype.sh] Skip sha256-based
   on configurations that don't have it.
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/01/16 11:50:05
d1478 4
a1481 111
     Use atomicio when flushing protocol 1 std{out,err} buffers at
     session close. This was a latent bug exposed by setting a SIGCHLD
     handler and spotted by kevin.brott AT gmail.com; ok dtucker@@
   - djm@@cvs.openbsd.org 2011/01/16 11:50:36
     [sshconnect.c]
     reset the SIGPIPE handler when forking to execute child processes;
     ok dtucker@@
   - djm@@cvs.openbsd.org 2011/01/16 12:05:59
     [clientloop.c]
     a couple more tweaks to the post-close protocol 1 stderr/stdout flush:
     now that we use atomicio(), convert them from while loops to if statements
     add test and cast to compile cleanly with -Wsigned

20110114
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/01/13 21:54:53
     [mux.c]
     correct error messages; patch from bert.wesarg AT googlemail.com
   - djm@@cvs.openbsd.org 2011/01/13 21:55:25
     [PROTOCOL.mux]
     correct protocol names and add a couple of missing protocol number
     defines; patch from bert.wesarg AT googlemail.com
 - (djm) [Makefile.in] Use shell test to disable ecdsa key generating in
   host-key-force target rather than a substitution that is replaced with a
   comment so that the Makefile.in is still a syntactically valid Makefile
   (useful to run the distprep target)
 - (tim) [regress/cert-hostkey.sh] Typo. Missing $ on variable name.
 - (tim) [regress/cert-hostkey.sh] Add missing TEST_SSH_ECC guard around some
   ecdsa bits.

20110113
 - (djm) [misc.c] include time.h for nanosleep() prototype
 - (tim) [Makefile.in] test the ECC bits if we have the capability. ok djm
 - (tim) [Makefile.in configure.ac opensshd.init.in] Add support for generating
   ecdsa keys. ok djm.
 - (djm) [entropy.c] cast OPENSSL_VERSION_NUMBER to u_long to avoid
   gcc warning on platforms where it defaults to int
 - (djm) [regress/Makefile] add a few more generated files to the clean
   target
 - (djm) [myproposal.h] Fix reversed OPENSSL_VERSION_NUMBER test and bad
   #define that was causing diffie-hellman-group-exchange-sha256 to be
   incorrectly disabled
 - (djm) [regress/kextype.sh] Testing diffie-hellman-group-exchange-sha256
   should not depend on ECC support

20110112
 - OpenBSD CVS Sync
   - nicm@@cvs.openbsd.org 2010/10/08 21:48:42
     [openbsd-compat/glob.c]
     Extend GLOB_LIMIT to cover readdir and stat and bump the malloc limit
     from ARG_MAX to 64K.
     Fixes glob-using programs (notably ftp) able to be triggered to hit
     resource limits.
     Idea from a similar NetBSD change, original problem reported by jasper@@.
     ok millert tedu jasper
   - djm@@cvs.openbsd.org 2011/01/12 01:53:14
     avoid some integer overflows mostly with GLOB_APPEND and GLOB_DOOFFS
     and sanity check arguments (these will be unnecessary when we switch
     struct glob members from being type into to size_t in the future);
     "looks ok" tedu@@ feedback guenther@@
 - (djm) [configure.ac] Turn on -Wno-unused-result for gcc >= 4.4 to avoid
   silly warnings on write() calls we don't care succeed or not.
 - (djm) [configure.ac] Fix broken test for gcc >= 4.4 with per-compiler
   flag tests that don't depend on gcc version at all; suggested by and
   ok dtucker@@

20110111
 - (tim) [regress/host-expand.sh] Fix for building outside of read only
   source tree.
 - (djm) [platform.c] Some missing includes that show up under -Werror
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2011/01/08 10:51:51
     [clientloop.c]
     use host and not options.hostname, as the latter may have unescaped
     substitution characters
   - djm@@cvs.openbsd.org 2011/01/11 06:06:09
     [sshlogin.c]
     fd leak on error paths; from zinovik@@
     NB. Id sync only; we use loginrec.c that was also audited and fixed
     recently
   - djm@@cvs.openbsd.org 2011/01/11 06:13:10
     [clientloop.c ssh-keygen.c sshd.c]
     some unsigned long long casts that make things a bit easier for
     portable without resorting to dropping PRIu64 formats everywhere

20110109
 - (djm) [Makefile.in] list ssh_host_ecdsa key in PATHSUBS; spotted by
   openssh AT roumenpetrov.info

20110108
 - (djm) [regress/keytype.sh] s/echo -n/echon/ to repair failing regress
   test on OSX and others. Reported by imorgan AT nas.nasa.gov

20110107
 - (djm) [regress/cert-hostkey.sh regress/cert-userkey.sh] fix shell test
   for no-ECC case. Patch from cristian.ionescu-idbohrn AT axis.com
   - djm@@cvs.openbsd.org 2011/01/06 22:23:53
     [ssh.c]
     unbreak %n expansion in LocalCommand; patch from bert.wesarg AT
     googlemail.com; ok markus@@
   - djm@@cvs.openbsd.org 2011/01/06 22:23:02
     [clientloop.c]
     when exiting due to ServerAliveTimeout, mention the hostname that caused
     it (useful with backgrounded controlmaster)
   - djm@@cvs.openbsd.org 2011/01/06 22:46:21
     [regress/Makefile regress/host-expand.sh]
     regress test for LocalCommand %n expansion from bert.wesarg AT
     googlemail.com; ok markus@@
   - djm@@cvs.openbsd.org 2011/01/06 23:01:35
     [sshconnect.c]
     reset SIGCHLD handler to SIG_DFL when execuring LocalCommand;
d1483 20
a1502 2

20110106
d1504 13
a1516 40
   - markus@@cvs.openbsd.org 2010/12/08 22:46:03
     [scp.1 scp.c]
     add a new -3 option to scp: Copies between two remote hosts are
     transferred through the local host.  Without this option the data
     is copied directly between the two remote hosts. ok djm@@ (bugzilla #1837)
   - jmc@@cvs.openbsd.org 2010/12/09 14:13:33
     [scp.1 scp.c]
     scp.1: grammer fix
     scp.c: add -3 to usage()
   - markus@@cvs.openbsd.org 2010/12/14 11:59:06
     [sshconnect.c]
     don't mention key type in key-changed-warning, since we also print
     this warning if a new key type appears. ok djm@@
   - djm@@cvs.openbsd.org 2010/12/15 00:49:27
     [readpass.c]
     fix ControlMaster=ask regression
     reset SIGCHLD handler before fork (and restore it after) so we don't miss
     the the askpass child's exit status. Correct test for exit status/signal to
     account for waitpid() failure; with claudio@@ ok claudio@@ markus@@
   - djm@@cvs.openbsd.org 2010/12/24 21:41:48
     [auth-options.c]
     don't send the actual forced command in a debug message; ok markus deraadt
   - otto@@cvs.openbsd.org 2011/01/04 20:44:13
     [ssh-keyscan.c]
     handle ecdsa-sha2 with various key lengths; hint and ok djm@@

20110104
 - (djm) [configure.ac Makefile.in] Use mandoc as preferred manpage
   formatter if it is present, followed by nroff and groff respectively.
   Fixes distprep target on OpenBSD (which has bumped groff/nroff to ports
   in favour of mandoc). feedback and ok tim

20110103
 - (djm) [Makefile.in] revert local hack I didn't intend to commit

20110102
 - (djm) [loginrec.c] Fix some fd leaks on error paths. ok dtucker
 - (djm) [configure.ac] Check whether libdes is needed when building
   with Heimdal krb5 support. On OpenBSD this library no longer exists,
   so linking it unconditionally causes a build failure; ok dtucker
d1518 4
a1521 1
20101226
d1523 18
a1540 4
   - djm@@cvs.openbsd.org 2010/12/08 04:02:47
     [ssh_config.5 sshd_config.5]
     explain that IPQoS arguments are separated by whitespace; iirc requested
     by jmc@@ a while back
d1542 1
a1542 3
20101205
 - (dtucker) openbsd-compat/openssl-compat.c] remove sleep leftover from
   debugging.  Spotted by djm.
d1544 29
a1572 30
   - djm@@cvs.openbsd.org 2010/12/03 23:49:26
     [schnorr.c]
     check that g^x^q === 1 mod p; recommended by JPAKE author Feng Hao
     (this code is still disabled, but apprently people are treating it as
     a reference implementation)
   - djm@@cvs.openbsd.org 2010/12/03 23:55:27
     [auth-rsa.c]
     move check for revoked keys to run earlier (in auth_rsa_key_allowed)
     bz#1829; patch from ldv AT altlinux.org; ok markus@@
   - djm@@cvs.openbsd.org 2010/12/04 00:18:01
     [sftp-server.c sftp.1 sftp-client.h sftp.c PROTOCOL sftp-client.c]
     add a protocol extension to support a hard link operation. It is
     available through the "ln" command in the client. The old "ln"
     behaviour of creating a symlink is available using its "-s" option
     or through the preexisting "symlink" command; based on a patch from
     miklos AT szeredi.hu in bz#1555; ok markus@@
   - djm@@cvs.openbsd.org 2010/12/04 13:31:37
     [hostfile.c]
     fix fd leak; spotted and ok dtucker
   - djm@@cvs.openbsd.org 2010/12/04 00:21:19
     [regress/sftp-cmds.sh]
     adjust for hard-link support
 - (dtucker) [regress/Makefile] Id sync.

20101204
 - (djm) [openbsd-compat/bindresvport.c] Use arc4random_uniform(range)
   instead of (arc4random() % range)
 - (dtucker) [configure.ac moduli.c openbsd-compat/openssl-compat.{c,h}]  Add
   shims for the new, non-deprecated OpenSSL key generation functions for
   platforms that don't have the new interfaces.
d1574 1
a1574 1
20101201
d1576 4
a1579 13
   - deraadt@@cvs.openbsd.org 2010/11/20 05:12:38
     [auth2-pubkey.c]
     clean up cases of ;;
   - djm@@cvs.openbsd.org 2010/11/21 01:01:13
     [clientloop.c misc.c misc.h ssh-agent.1 ssh-agent.c]
     honour $TMPDIR for client xauth and ssh-agent temporary directories;
     feedback and ok markus@@
   - djm@@cvs.openbsd.org 2010/11/21 10:57:07
     [authfile.c]
     Refactor internals of private key loading and saving to work on memory
     buffers rather than directly on files. This will make a few things
     easier to do in the future; ok markus@@
   - djm@@cvs.openbsd.org 2010/11/23 02:35:50
d1581 29
a1609 58
     use strict_modes already passed as function argument over referencing
     global options.strict_modes
   - djm@@cvs.openbsd.org 2010/11/23 23:57:24
     [clientloop.c]
     avoid NULL deref on receiving a channel request on an unknown or invalid
     channel; report bz#1842 from jchadima AT redhat.com; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/11/24 01:24:14
     [channels.c]
     remove a debug() that pollutes stderr on client connecting to a server
     in debug mode (channel_close_fds is called transitively from the session
     code post-fork); bz#1719, ok dtucker
   - djm@@cvs.openbsd.org 2010/11/25 04:10:09
     [session.c]
     replace close() loop for fds 3->64 with closefrom();
     ok markus deraadt dtucker
   - djm@@cvs.openbsd.org 2010/11/26 05:52:49
     [scp.c]
     Pass through ssh command-line flags and options when doing remote-remote
     transfers, e.g. to enable agent forwarding which is particularly useful
     in this case; bz#1837 ok dtucker@@
   - markus@@cvs.openbsd.org 2010/11/29 18:57:04
     [authfile.c]
     correctly load comment for encrypted rsa1 keys;
     report/fix Joachim Schipper; ok djm@@
   - djm@@cvs.openbsd.org 2010/11/29 23:45:51
     [auth.c hostfile.c hostfile.h ssh.c ssh_config.5 sshconnect.c]
     [sshconnect.h sshconnect2.c]
     automatically order the hostkeys requested by the client based on
     which hostkeys are already recorded in known_hosts. This avoids
     hostkey warnings when connecting to servers with new ECDSA keys
     that are preferred by default; with markus@@

20101124
 - (dtucker) [platform.c session.c] Move the getluid call out of session.c and
   into the platform-specific code  Only affects SCO, tested by and ok tim@@.
 - (djm) [loginrec.c] Relax permission requirement on btmp logs to allow
   group read/write. ok dtucker@@
 - (dtucker) [packet.c] Remove redundant local declaration of "int tos".
 - (djm) [defines.h] Add IP DSCP defines

20101122
 - (dtucker) Bug #1840: fix warning when configuring --with-ssl-engine, patch
   from vapier at gentoo org.

20101120
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/11/05 02:46:47
     [packet.c]
     whitespace KNF
   - djm@@cvs.openbsd.org 2010/11/10 01:33:07
     [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c moduli.c]
     use only libcrypto APIs that are retained with OPENSSL_NO_DEPRECATED.
     these have been around for years by this time. ok markus
   - djm@@cvs.openbsd.org 2010/11/13 23:27:51
     [clientloop.c misc.c misc.h packet.c packet.h readconf.c readconf.h]
     [servconf.c servconf.h session.c ssh.c ssh_config.5 sshd_config.5]
     allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead of
     hardcoding lowdelay/throughput.
a1610 101
     bz#1733 patch from philipp AT redfish-solutions.com; ok markus@@ deraadt@@
   - jmc@@cvs.openbsd.org 2010/11/15 07:40:14
     [ssh_config.5]
     libary -> library;
   - jmc@@cvs.openbsd.org 2010/11/18 15:01:00
     [scp.1 sftp.1 ssh.1 sshd_config.5]
     add IPQoS to the various -o lists, and zap some trailing whitespace;

20101111
 - (djm) [servconf.c ssh-add.c ssh-keygen.c] don't look for ECDSA keys on
   platforms that don't support ECC. Fixes some spurious warnings reported
   by tim@@

20101109
 - (tim) [regress/kextype.sh] Not all platforms have time in /usr/bin.
   Feedback from dtucker@@
 - (tim) [configure.ac openbsd-compat/bsd-misc.h openbsd-compat/bsd-misc.c] Add
   support for platforms missing isblank(). ok djm@@

20101108
 - (tim) [regress/Makefile] Fixes to allow building/testing outside source
   tree.
 - (tim) [regress/kextype.sh] Shell portability fix.

20101107
 - (dtucker) [platform.c] includes.h instead of defines.h so that we get
   the correct typedefs.

20101105
 - (djm) [loginrec.c loginrec.h] Use correct uid_t/pid_t types instead of
   int. Should fix bz#1817 cleanly; ok dtucker@@
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/09/22 12:26:05
     [regress/Makefile regress/kextype.sh]
     regress test for each of the key exchange algorithms that we support
   - djm@@cvs.openbsd.org 2010/10/28 11:22:09
     [authfile.c key.c key.h ssh-keygen.c]
     fix a possible NULL deref on loading a corrupt ECDH key
     
     store ECDH group information in private keys files as "named groups"
     rather than as a set of explicit group parameters (by setting
     the OPENSSL_EC_NAMED_CURVE flag). This makes for shorter key files and
     retrieves the group's OpenSSL NID that we need for various things.
   - jmc@@cvs.openbsd.org 2010/10/28 18:33:28
     [scp.1 ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5]
     knock out some "-*- nroff -*-" lines;
   - djm@@cvs.openbsd.org 2010/11/04 02:45:34
     [sftp-server.c]
     umask should be parsed as octal. reported by candland AT xmission.com;
     ok markus@@
 - (dtucker) [configure.ac platform.{c,h} session.c
   openbsd-compat/port-solaris.{c,h}] Bug #1824: Add Solaris Project support.
   Patch from cory.erickson at csu mnscu edu with a bit of rework from me.
   ok djm@@
 - (dtucker) [platform.c platform.h session.c] Add a platform hook to run
   after the user's groups are established and move the selinux calls into it.
 - (dtucker) [platform.c session.c] Move the AIX setpcred+chroot hack into
   platform.c
 - (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c.
 - (dtucker) [platform.c] Only call setpgrp on BSDI if running as root to
   retain previous behavior.
 - (dtucker) [platform.c session.c] Move the PAM credential establishment for
   the LOGIN_CAP case into platform.c.
 - (dtucker) platform.c session.c] Move the USE_LIBIAF fragment into
   platform.c
 - (dtucker) [platform.c session.c] Move aix_usrinfo frament into platform.c.
 - (dtucker) [platform.c session.c] Move irix setusercontext fragment into
   platform.c.
 - (dtucker) [platform.c session.c] Move PAM credential establishment for the
   non-LOGIN_CAP case into platform.c.
 - (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case
   check into platform.c
 - (dtucker) [regress/keytype.sh] Import new test.
 - (dtucker) [Makefile configure.ac regress/Makefile regress/keytype.sh]
   Import recent changes to regress/Makefile, pass a flag to enable ECC tests
   from configure through to regress/Makefile and use it in the tests.
 - (dtucker) [regress/kextype.sh] Add missing "test".
 - (dtucker) [regress/kextype.sh] Make sha256 test depend on ECC.  This is not
   strictly correct since while ECC requires sha256 the reverse is not true
   however it does prevent spurious test failures.
 - (dtucker) [platform.c] Need servconf.h and extern options.

20101025
 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with
   1.12 to unbreak Solaris build.
   ok djm@@
 - (dtucker) [defines.h] Use SIZE_T_MAX for SIZE_MAX for platforms that have a
   native one.

20101024
 - (dtucker) [includes.h] Add missing ifdef GLOB_HAS_GL_STATV to fix build.
 - (dtucker) [regress/cert-hostkey.sh] Disable ECC-based tests on platforms
   which don't have ECC support in libcrypto.
 - (dtucker) [regress/cert-userkey.sh] Disable ECC-based tests on platforms
   which don't have ECC support in libcrypto.
 - (dtucker) [defines.h] Add SIZE_MAX for the benefit of platforms that don't
   have it.
 - (dtucker) OpenBSD CVS Sync
   - sthen@@cvs.openbsd.org 2010/10/23 22:06:12
     [sftp.c]
     escape '[' in filename tab-completion; fix a type while there.
d1612 3
d1616 1
a1616 1
20101021
d1618 1
a1618 63
   - dtucker@@cvs.openbsd.org 2010/10/12 02:22:24
     [mux.c]
     Typo in confirmation message.  bz#1827, patch from imorgan at
     nas nasa gov
   - djm@@cvs.openbsd.org 2010/08/31 12:24:09
     [regress/cert-hostkey.sh regress/cert-userkey.sh]
     tests for ECDSA certificates

20101011
 - (djm) [canohost.c] Zero a4 instead of addr to better match type.
   bz#1825, reported by foo AT mailinator.com
 - (djm) [sshconnect.c] Need signal.h for prototype for kill(2)

20101011
 - (djm) [configure.ac] Use = instead of == in shell tests. Patch from
   dr AT vasco.com

20101007
 - (djm) [ssh-agent.c] Fix type for curve name.
 - (djm) OpenBSD CVS Sync
   - matthew@@cvs.openbsd.org 2010/09/24 13:33:00
     [misc.c misc.h configure.ac openbsd-compat/openbsd-compat.h]
     [openbsd-compat/timingsafe_bcmp.c]
     Add timingsafe_bcmp(3) to libc, mention that it's already in the
     kernel in kern(9), and remove it from OpenSSH.
     ok deraadt@@, djm@@
     NB. re-added under openbsd-compat/ for portable OpenSSH
   - djm@@cvs.openbsd.org 2010/09/25 09:30:16
     [sftp.c configure.ac openbsd-compat/glob.c openbsd-compat/glob.h]
     make use of new glob(3) GLOB_KEEPSTAT extension to save extra server
     rountrips to fetch per-file stat(2) information.
     NB. update openbsd-compat/ glob(3) implementation from OpenBSD libc to
     match.
   - djm@@cvs.openbsd.org 2010/09/26 22:26:33
     [sftp.c]
     when performing an "ls" in columnated (short) mode, only call
     ioctl(TIOCGWINSZ) once to get the window width instead of per-
     filename
   - djm@@cvs.openbsd.org 2010/09/30 11:04:51
     [servconf.c]
     prevent free() of string in .rodata when overriding AuthorizedKeys in
     a Match block; patch from rein AT basefarm.no
   - djm@@cvs.openbsd.org 2010/10/01 23:05:32
     [cipher-3des1.c cipher-bf1.c cipher-ctr.c openbsd-compat/openssl-compat.h]
     adapt to API changes in openssl-1.0.0a
     NB. contains compat code to select correct API for older OpenSSL
   - djm@@cvs.openbsd.org 2010/10/05 05:13:18
     [sftp.c sshconnect.c]
     use default shell /bin/sh if $SHELL is ""; ok markus@@
   - djm@@cvs.openbsd.org 2010/10/06 06:39:28
     [clientloop.c ssh.c sshconnect.c sshconnect.h]
     kill proxy command on fatal() (we already kill it on clean exit);
     ok markus@@
   - djm@@cvs.openbsd.org 2010/10/06 21:10:21
     [sshconnect.c]
     swapped args to kill(2)
 - (djm) [openbsd-compat/glob.c] restore ARG_MAX compat code.
 - (djm) [cipher-acss.c] Add missing header.
 - (djm) [openbsd-compat/Makefile.in] Actually link timingsafe_bcmp

20100924
 - (djm) OpenBSD CVS Sync
   - naddy@@cvs.openbsd.org 2010/09/10 15:19:29
d1620 36
a1655 28
     * mention ECDSA in more places
     * less repetition in FILES section
     * SSHv1 keys are still encrypted with 3DES
     help and ok jmc@@
   - djm@@cvs.openbsd.org 2010/09/11 21:44:20
     [ssh.1]
     mention RFC 5656 for ECC stuff
   - jmc@@cvs.openbsd.org 2010/09/19 21:30:05
     [sftp.1]
     more wacky macro fixing;
   - djm@@cvs.openbsd.org 2010/09/20 04:41:47
     [ssh.c]
     install a SIGCHLD handler to reap expiried child process; ok markus@@
   - djm@@cvs.openbsd.org 2010/09/20 04:50:53
     [jpake.c schnorr.c]
     check that received values are smaller than the group size in the
     disabled and unfinished J-PAKE code.
     avoids catastrophic security failure found by Sebastien Martini
   - djm@@cvs.openbsd.org 2010/09/20 04:54:07
     [jpake.c]
     missing #include
   - djm@@cvs.openbsd.org 2010/09/20 07:19:27
     [mux.c]
     "atomically" create the listening mux socket by binding it on a temorary
     name and then linking it into position after listen() has succeeded.
     this allows the mux clients to determine that the server socket is
     either ready or stale without races. stale server sockets are now
     automatically removed
d1657 7
a1663 12
   - djm@@cvs.openbsd.org 2010/09/22 05:01:30
     [kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c readconf.c readconf.h]
     [servconf.c servconf.h ssh_config.5 sshconnect2.c sshd.c sshd_config.5]
     add a KexAlgorithms knob to the client and server configuration to allow
     selection of which key exchange methods are used by ssh(1) and sshd(8)
     and their order of preference.
     ok markus@@
   - jmc@@cvs.openbsd.org 2010/09/22 08:30:08
     [ssh.1 ssh_config.5]
     ssh.1: add kexalgorithms to the -o list
     ssh_config.5: format the kexalgorithms in a more consistent
     (prettier!) way
d1665 10
a1674 41
   - djm@@cvs.openbsd.org 2010/09/22 22:58:51
     [atomicio.c atomicio.h misc.c misc.h scp.c sftp-client.c]
     [sftp-client.h sftp.1 sftp.c]
     add an option per-read/write callback to atomicio

     factor out bandwidth limiting code from scp(1) into a generic bandwidth
     limiter that can be attached using the atomicio callback mechanism

     add a bandwidth limit option to sftp(1) using the above
     "very nice" markus@@
   - jmc@@cvs.openbsd.org 2010/09/23 13:34:43
     [sftp.c]
     add [-l limit] to usage();
   - jmc@@cvs.openbsd.org 2010/09/23 13:36:46
     [scp.1 sftp.1]
     add KexAlgorithms to the -o list;

20100910
 - (dtucker) [openbsd-compat/port-linux.c] Check is_selinux_enabled for exact
   return code since it can apparently return -1 under some conditions.  From
   openssh bugs werbittewas de, ok djm@@
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/08/31 12:33:38
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     reintroduce commit from tedu@@, which I pulled out for release
     engineering:
       OpenSSL_add_all_algorithms is the name of the function we have a
       man page for, so use that.  ok djm
   - jmc@@cvs.openbsd.org 2010/08/31 17:40:54
     [ssh-agent.1]
     fix some macro abuse;
   - jmc@@cvs.openbsd.org 2010/08/31 21:14:58
     [ssh.1]
     small text tweak to accommodate previous;
   - naddy@@cvs.openbsd.org 2010/09/01 15:21:35
     [servconf.c]
     pick up ECDSA host key by default; ok djm@@
   - markus@@cvs.openbsd.org 2010/09/02 16:07:25
     [ssh-keygen.c]
     permit -b 256, 384 or 521 as key size for ECDSA; ok djm@@
   - markus@@cvs.openbsd.org 2010/09/02 16:08:39
d1676 65
a1740 45
     unbreak ControlPersist=yes for ControlMaster=yes; ok djm@@
   - naddy@@cvs.openbsd.org 2010/09/02 17:21:50
     [ssh-keygen.c]
     Switch ECDSA default key size to 256 bits, which according to RFC5656
     should still be better than our current RSA-2048 default.
     ok djm@@, markus@@
   - jmc@@cvs.openbsd.org 2010/09/03 11:09:29
     [scp.1]
     add an EXIT STATUS section for /usr/bin;
   - jmc@@cvs.openbsd.org 2010/09/04 09:38:34
     [ssh-add.1 ssh.1]
     two more EXIT STATUS sections;
   - naddy@@cvs.openbsd.org 2010/09/06 17:10:19
     [sshd_config]
     add ssh_host_ecdsa_key to /etc; from Mattieu Baptiste
     <mattieu.b@@gmail.com>
     ok deraadt@@
   - djm@@cvs.openbsd.org 2010/09/08 03:54:36
     [authfile.c]
     typo
   - deraadt@@cvs.openbsd.org 2010/09/08 04:13:31
     [compress.c]
     work around name-space collisions some buggy compilers (looking at you
     gcc, at least in earlier versions, but this does not forgive your current
     transgressions) seen between zlib and openssl
     ok djm
   - djm@@cvs.openbsd.org 2010/09/09 10:45:45
     [kex.c kex.h kexecdh.c key.c key.h monitor.c ssh-ecdsa.c]
     ECDH/ECDSA compliance fix: these methods vary the hash function they use
     (SHA256/384/512) depending on the length of the curve in use. The previous
     code incorrectly used SHA256 in all cases.
     
     This fix will cause authentication failure when using 384 or 521-bit curve
     keys if one peer hasn't been upgraded and the other has. (256-bit curve
     keys work ok). In particular you may need to specify HostkeyAlgorithms
     when connecting to a server that has not been upgraded from an upgraded
     client.
     
     ok naddy@@
 - (djm) [authfd.c authfile.c bufec.c buffer.h configure.ac kex.h kexecdh.c]
   [kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c]
   [ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on
   platforms that don't have the requisite OpenSSL support. ok dtucker@@
 - (dtucker) [kex.h key.c packet.h ssh-agent.c ssh.c] A few more ECC ifdefs
   for missing headers and compiler warnings.
d1742 10
a1751 95
20100831
 - OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2010/08/08 19:36:30
     [ssh-keysign.8 ssh.1 sshd.8]
     use the same template for all FILES sections; i.e. -compact/.Pp where we
     have multiple items, and .Pa for path names;
   - tedu@@cvs.openbsd.org 2010/08/12 23:34:39
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     OpenSSL_add_all_algorithms is the name of the function we have a man page
     for, so use that.  ok djm
   - djm@@cvs.openbsd.org 2010/08/16 04:06:06
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     backout previous temporarily; discussed with deraadt@@
   - djm@@cvs.openbsd.org 2010/08/31 09:58:37
     [auth-options.c auth1.c auth2.c bufaux.c buffer.h kex.c key.c packet.c]
     [packet.h ssh-dss.c ssh-rsa.c]
     Add buffer_get_cstring() and related functions that verify that the
     string extracted from the buffer contains no embedded \0 characters*
     This prevents random (possibly malicious) crap from being appended to
     strings where it would not be noticed if the string is used with
     a string(3) function.
     
     Use the new API in a few sensitive places.
     
     * actually, we allow a single one at the end of the string for now because
     we don't know how many deployed implementations get this wrong, but don't
     count on this to remain indefinitely.
   - djm@@cvs.openbsd.org 2010/08/31 11:54:45
     [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c]
     [authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c]
     [monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c]
     [ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c]
     [ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h]
     [ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5]
     [uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c]
     Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and
     host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
     better performance than plain DH and DSA at the same equivalent symmetric
     key length, as well as much shorter keys.
     
     Only the mandatory sections of RFC5656 are implemented, specifically the
     three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and
     ECDSA. Point compression (optional in RFC5656 is NOT implemented).
     
     Certificate host and user keys using the new ECDSA key types are supported.
     
     Note that this code has not been tested for interoperability and may be
     subject to change.
     
     feedback and ok markus@@
 - (djm) [Makefile.in] Add new ECC files
 - (djm) [bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c] include
   includes.h

20100827
 - (dtucker) [contrib/redhat/sshd.init] Bug #1810: initlog is deprecated,
   remove.  Patch from martynas at venck us 

20100823
 - (djm) Release OpenSSH-5.6p1

20100816
 - (dtucker) [configure.ac openbsd-compat/Makefile.in
   openbsd-compat/openbsd-compat.h openbsd-compat/strptime.c] Add strptime to
   the compat library which helps on platforms like old IRIX.  Based on work
   by djm, tested by Tom Christensen.
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/08/12 21:49:44
     [ssh.c]
     close any extra file descriptors inherited from parent at start and
     reopen stdin/stdout to /dev/null when forking for ControlPersist.
     
     prevents tools that fork and run a captive ssh for communication from
     failing to exit when the ssh completes while they wait for these fds to
     close. The inherited fds may persist arbitrarily long if a background
     mux master has been started by ControlPersist. cvs and scp were effected
     by this.
     
     "please commit" markus@@
 - (djm) [regress/README.regress] typo

20100812
 - (tim) [regress/login-timeout.sh regress/reconfigure.sh regress/reexec.sh
   regress/test-exec.sh] Under certain conditions when testing with sudo
   tests would fail because the pidfile could not be read by a regular user.
   "cat: cannot open ...../regress/pidfile: Permission denied (error 13)"
   Make sure cat is run by $SUDO.  no objection from me. djm@@
 - (tim) [auth.c] add cast to quiet compiler. Change only affects SVR5 systems.

20100809
 - (djm) bz#1561: don't bother setting IFF_UP on tun(4) device if it is
   already set. Makes FreeBSD user openable tunnels useful; patch from
   richard.burakowski+ossh AT mrburak.net, ok dtucker@@
 - (dtucker) bug #1530: strip trailing ":" from hostname in ssh-copy-id.
   based in part on a patch from Colin Watson, ok djm@@
d1753 6
a1758 3
20100809
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/08/08 16:26:42
d1760 1
a1760 1
     crank to 5.6
d1762 16
a1777 1
   [contrib/suse/openssh.spec] Crank version numbers
d1779 1
a1779 1
20100805
d1781 9
a1789 26
   - djm@@cvs.openbsd.org 2010/08/04 05:37:01
     [ssh.1 ssh_config.5 sshd.8]
     Remove mentions of weird "addr/port" alternate address format for IPv6
     addresses combinations. It hasn't worked for ages and we have supported
     the more commen "[addr]:port" format for a long time. ok jmc@@ markus@@
   - djm@@cvs.openbsd.org 2010/08/04 05:40:39
     [PROTOCOL.certkeys ssh-keygen.c]
     tighten the rules for certificate encoding by requiring that options
     appear in lexical order and make our ssh-keygen comply. ok markus@@
   - djm@@cvs.openbsd.org 2010/08/04 05:42:47
     [auth.c auth2-hostbased.c authfile.c authfile.h ssh-keysign.8]
     [ssh-keysign.c ssh.c]
     enable certificates for hostbased authentication, from Iain Morgan;
     "looks ok" markus@@
   - djm@@cvs.openbsd.org 2010/08/04 05:49:22
     [authfile.c]
     commited the wrong version of the hostbased certificate diff; this
     version replaces some strlc{py,at} verbosity with xasprintf() at
     the request of markus@@
   - djm@@cvs.openbsd.org 2010/08/04 06:07:11
     [ssh-keygen.1 ssh-keygen.c]
     Support CA keys in PKCS#11 tokens; feedback and ok markus@@
   - djm@@cvs.openbsd.org 2010/08/04 06:08:40
     [ssh-keysign.c]
     clean for -Wuninitialized (Id sync only; portable had this change)
   - djm@@cvs.openbsd.org 2010/08/05 13:08:42
d1791 5
a1795 25
     Fix a trio of bugs in the local/remote window calculation for datagram
     data channels (i.e. TunnelForward):
     
     Calculate local_consumed correctly in channel_handle_wfd() by measuring
     the delta to buffer_len(c->output) from when we start to when we finish.
     The proximal problem here is that the output_filter we use in portable
     modified the length of the dequeued datagram (to futz with the headers
     for !OpenBSD).
     
     In channel_output_poll(), don't enqueue datagrams that won't fit in the
     peer's advertised packet size (highly unlikely to ever occur) or which
     won't fit in the peer's remaining window (more likely).
     
     In channel_input_data(), account for the 4-byte string header in
     datagram packets that we accept from the peer and enqueue in c->output.
     
     report, analysis and testing 2/3 cases from wierbows AT us.ibm.com;
     "looks good" markus@@

20100803
 - (dtucker) [monitor.c] Bug #1795: Initialize the values to be returned from
   PAM to sane values in case the PAM method doesn't write to them.  Spotted by
   Bitman Zhou, ok djm@@.
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/07/16 04:45:30
d1797 29
a1825 25
     avoid bogus compiler warning
   - djm@@cvs.openbsd.org 2010/07/16 14:07:35
     [ssh-rsa.c]
     more timing paranoia - compare all parts of the expected decrypted
     data before returning. AFAIK not exploitable in the SSH protocol.
     "groovy" deraadt@@
   - djm@@cvs.openbsd.org 2010/07/19 03:16:33
     [sftp-client.c]
     bz#1797: fix swapped args in upload_dir_internal(), breaking recursive
     upload depth checks and causing verbose printing of transfers to always
     be turned on; patch from imorgan AT nas.nasa.gov
   - djm@@cvs.openbsd.org 2010/07/19 09:15:12
     [clientloop.c readconf.c readconf.h ssh.c ssh_config.5]
     add a "ControlPersist" option that automatically starts a background
     ssh(1) multiplex master when connecting. This connection can stay alive
     indefinitely, or can be set to automatically close after a user-specified
     duration of inactivity. bz#1330 - patch by dwmw2 AT infradead.org, but
     further hacked on by wmertens AT cisco.com, apb AT cequrux.com,
     martin-mindrot-bugzilla AT earth.li and myself; "looks ok" markus@@
   - djm@@cvs.openbsd.org 2010/07/21 02:10:58
     [misc.c]
     sync timingsafe_bcmp() with the one dempsky@@ committed to sys/lib/libkern
   - dtucker@@cvs.openbsd.org 2010/07/23 08:49:25
     [ssh.1]
     Ciphers is documented in ssh_config(5) these days
d1827 13
a1839 4
20100819
 - (dtucker) [contrib/ssh-copy-ud.1] Bug #1786: update ssh-copy-id.1 with more
   details about its behaviour WRT existing directories.  Patch from
   asguthrie at gmail com, ok djm.
d1841 36
a1876 1
20100716
d1878 52
a1929 41
   - djm@@cvs.openbsd.org 2010/07/02 04:32:44
     [misc.c]
     unbreak strdelim() skipping past quoted strings, e.g.
     AllowUsers "blah blah" blah
     was broken; report and fix in bz#1757 from bitman.zhou AT centrify.com
     ok dtucker;
   - djm@@cvs.openbsd.org 2010/07/12 22:38:52
     [ssh.c]
     Make ExitOnForwardFailure work with fork-after-authentication ("ssh -f")
     for protocol 2. ok markus@@
   - djm@@cvs.openbsd.org 2010/07/12 22:41:13
     [ssh.c ssh_config.5]
     expand %h to the hostname in ssh_config Hostname options. While this
     sounds useless, it is actually handy for working with unqualified
     hostnames:
     
     Host *.*
        Hostname %h
     Host *
        Hostname %h.example.org
     
     "I like it" markus@@
   - djm@@cvs.openbsd.org 2010/07/13 11:52:06
     [auth-rsa.c channels.c jpake.c key.c misc.c misc.h monitor.c]
     [packet.c ssh-rsa.c]
     implement a timing_safe_cmp() function to compare memory without leaking
     timing information by short-circuiting like memcmp() and use it for
     some of the more sensitive comparisons (though nothing high-value was
     readily attackable anyway); "looks ok" markus@@
   - djm@@cvs.openbsd.org 2010/07/13 23:13:16
     [auth-rsa.c channels.c jpake.c key.c misc.c misc.h monitor.c packet.c]
     [ssh-rsa.c]
     s/timing_safe_cmp/timingsafe_bcmp/g
   - jmc@@cvs.openbsd.org 2010/07/14 17:06:58
     [ssh.1]
     finally ssh synopsis looks nice again! this commit just removes a ton of
     hacks we had in place to make it work with old groff;
   - schwarze@@cvs.openbsd.org 2010/07/15 21:20:38
     [ssh-keygen.1]
     repair incorrect block nesting, which screwed up indentation;
     problem reported and fix OK by jmc@@
d1931 51
a1981 3
20100714
 - (tim) [contrib/redhat/openssh.spec] Bug 1796: Test for skip_x11_askpass
   (line 77) should have been for no_x11_askpass. 
d1983 1
a1983 1
20100702
d1985 10
a1994 13
   - jmc@@cvs.openbsd.org 2010/06/26 00:57:07
     [ssh_config.5]
     tweak previous;
   - djm@@cvs.openbsd.org 2010/06/26 23:04:04
     [ssh.c]
     oops, forgot to #include <canohost.h>; spotted and patch from chl@@
   - djm@@cvs.openbsd.org 2010/06/29 23:15:30
     [ssh-keygen.1 ssh-keygen.c]
     allow import (-i) and export (-e) of PEM and PKCS#8 encoded keys;
     bz#1749; ok markus@@
   - djm@@cvs.openbsd.org 2010/06/29 23:16:46
     [auth2-pubkey.c sshd_config.5]
     allow key options (command="..." and friends) in AuthorizedPrincipals;
d1996 1
a1996 25
   - jmc@@cvs.openbsd.org 2010/06/30 07:24:25
     [ssh-keygen.1]
     tweak previous;
   - jmc@@cvs.openbsd.org 2010/06/30 07:26:03
     [ssh-keygen.c]
     sort usage();
   - jmc@@cvs.openbsd.org 2010/06/30 07:28:34
     [sshd_config.5]
     tweak previous;
   - millert@@cvs.openbsd.org 2010/07/01 13:06:59
     [scp.c]
     Fix a longstanding problem where if you suspend scp at the
     password/passphrase prompt the terminal mode is not restored.
     OK djm@@
   - phessler@@cvs.openbsd.org 2010/06/27 19:19:56
     [regress/Makefile]
     fix how we run the tests so we can successfully use SUDO='sudo -E'
     in our env
   - djm@@cvs.openbsd.org 2010/06/29 23:59:54
     [cert-userkey.sh]
     regress tests for key options in AuthorizedPrincipals

20100627
 - (tim) [openbsd-compat/port-uw.c] Reorder includes. auth-options.h now needs
   key.h.
d1998 1
a1998 1
20100626
d2000 1
a2000 14
   - djm@@cvs.openbsd.org 2010/05/21 05:00:36
     [misc.c]
     colon() returns char*, so s/return (0)/return NULL/
   - markus@@cvs.openbsd.org 2010/06/08 21:32:19
     [ssh-pkcs11.c]
     check length of value returned  C_GetAttributValue for != 0
     from mdrtbugzilla@@codefive.co.uk; bugzilla #1773; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/06/17 07:07:30
     [mux.c]
     Correct sizing of object to be allocated by calloc(), replacing
     sizeof(state) with sizeof(*state). This worked by accident since
     the struct contained a single int at present, but could have broken
     in the future. patch from hyc AT symas.com
   - djm@@cvs.openbsd.org 2010/06/18 00:58:39
d2002 53
a2054 124
     unbreak ls in working directories that contains globbing characters in
     their pathnames. bz#1655 reported by vgiffin AT apple.com
   - djm@@cvs.openbsd.org 2010/06/18 03:16:03
     [session.c]
     Missing check for chroot_director == "none" (we already checked against
     NULL); bz#1564 from Jan.Pechanec AT Sun.COM
   - djm@@cvs.openbsd.org 2010/06/18 04:43:08
     [sftp-client.c]
     fix memory leak in do_realpath() error path; bz#1771, patch from
     anicka AT suse.cz
   - djm@@cvs.openbsd.org 2010/06/22 04:22:59
     [servconf.c sshd_config.5]
     expose some more sshd_config options inside Match blocks:
       AuthorizedKeysFile AuthorizedPrincipalsFile
       HostbasedUsesNameFromPacketOnly PermitTunnel
     bz#1764; feedback from imorgan AT nas.nasa.gov; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/06/22 04:32:06
     [ssh-keygen.c]
     standardise error messages when attempting to open private key
     files to include "progname: filename: error reason"
     bz#1783; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/06/22 04:49:47
     [auth.c]
     queue auth debug messages for bad ownership or permissions on the user's
     keyfiles. These messages will be sent after the user has successfully
     authenticated (where our client will display them with LogLevel=debug).
     bz#1554; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/06/22 04:54:30
     [ssh-keyscan.c]
     replace verbose and overflow-prone Linebuf code with read_keyfile_line()
     based on patch from joachim AT joachimschipper.nl; bz#1565; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/06/22 04:59:12
     [session.c]
     include the user name on "subsystem request for ..." log messages;
     bz#1571; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/06/23 02:59:02
     [ssh-keygen.c]
     fix printing of extensions in v01 certificates that I broke in r1.190
   - djm@@cvs.openbsd.org 2010/06/25 07:14:46
     [channels.c mux.c readconf.c readconf.h ssh.h]
     bz#1327: remove hardcoded limit of 100 permitopen clauses and port
     forwards per direction; ok markus@@ stevesk@@
   - djm@@cvs.openbsd.org 2010/06/25 07:20:04
     [channels.c session.c]
     bz#1750: fix requirement for /dev/null inside ChrootDirectory for
     internal-sftp accidentally introduced in r1.253 by removing the code
     that opens and dup /dev/null to stderr and modifying the channels code
     to read stderr but discard it instead; ok markus@@
   - djm@@cvs.openbsd.org 2010/06/25 08:46:17
     [auth1.c auth2-none.c]
     skip the initial check for access with an empty password when
     PermitEmptyPasswords=no; bz#1638; ok markus@@
   - djm@@cvs.openbsd.org 2010/06/25 23:10:30
     [ssh.c]
     log the hostname and address that we connected to at LogLevel=verbose
     after authentication is successful to mitigate "phishing" attacks by
     servers with trusted keys that accept authentication silently and
     automatically before presenting fake password/passphrase prompts;
     "nice!" markus@@
   - djm@@cvs.openbsd.org 2010/06/25 23:10:30
     [ssh.c]
     log the hostname and address that we connected to at LogLevel=verbose
     after authentication is successful to mitigate "phishing" attacks by
     servers with trusted keys that accept authentication silently and
     automatically before presenting fake password/passphrase prompts;
     "nice!" markus@@

20100622
 - (djm) [loginrec.c] crank LINFO_NAMESIZE (username length) to 512
   bz#1579; ok dtucker

20100618
 - (djm) [contrib/ssh-copy-id] Update key file explicitly under ~
   rather than assuming that $CWD == $HOME. bz#1500, patch from
   timothy AT gelter.com

20100617
 - (tim) [contrib/cygwin/README] Remove a reference to the obsolete
   minires-devel package, and to add the reference to the libedit-devel
   package since CYgwin now provides libedit. Patch from Corinna Vinschen.

20100521
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/05/07 11:31:26
     [regress/Makefile regress/cert-userkey.sh]
     regress tests for AuthorizedPrincipalsFile and "principals=" key option.
     feedback and ok markus@@
   - djm@@cvs.openbsd.org 2010/05/11 02:58:04
     [auth-rsa.c]
     don't accept certificates marked as "cert-authority" here; ok markus@@
   - djm@@cvs.openbsd.org 2010/05/14 00:47:22
     [ssh-add.c]
     check that the certificate matches the corresponding private key before
     grafting it on
   - djm@@cvs.openbsd.org 2010/05/14 23:29:23
     [channels.c channels.h mux.c ssh.c]
     Pause the mux channel while waiting for reply from aynch callbacks.
     Prevents misordering of replies if new requests arrive while waiting.
     
     Extend channel open confirm callback to allow signalling failure
     conditions as well as success. Use this to 1) fix a memory leak, 2)
     start using the above pause mechanism and 3) delay sending a success/
     failure message on mux slave session open until we receive a reply from
     the server.
     
     motivated by and with feedback from markus@@
   - markus@@cvs.openbsd.org 2010/05/16 12:55:51
     [PROTOCOL.mux clientloop.h mux.c readconf.c readconf.h ssh.1 ssh.c]
     mux support for remote forwarding with dynamic port allocation,
     use with
        LPORT=`ssh -S muxsocket -R0:localhost:25 -O forward somehost`
     feedback and ok djm@@
   - djm@@cvs.openbsd.org 2010/05/20 11:25:26
     [auth2-pubkey.c]
     fix logspam when key options (from="..." especially) deny non-matching
     keys; reported by henning@@ also bz#1765; ok markus@@ dtucker@@
   - djm@@cvs.openbsd.org 2010/05/20 23:46:02
     [PROTOCOL.certkeys auth-options.c ssh-keygen.c]
     Move the permit-* options to the non-critical "extensions" field for v01
     certificates. The logic is that if another implementation fails to
     implement them then the connection just loses features rather than fails
     outright.
     
     ok markus@@
d2056 7
a2062 7
20100511
 - (dtucker) [Makefile.in] Bug #1770: Link libopenbsd-compat twice to solve
   circular dependency problem on old or odd platforms.  From Tom Lane, ok
   djm@@.
 - (djm) [openbsd-compat/openssl-compat.h] Fix build breakage on older
   libcrypto by defining OPENSSL_[DR]SA_MAX_MODULUS_BITS if they aren't
   already. ok dtucker@@
d2064 2
a2065 1
20100510
d2067 7
a2073 11
   - djm@@cvs.openbsd.org 2010/04/23 01:47:41
     [ssh-keygen.c]
     bz#1740: display a more helpful error message when $HOME is
     inaccessible while trying to create .ssh directory. Based on patch
     from jchadima AT redhat.com; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/04/23 22:27:38
     [mux.c]
     set "detach_close" flag when registering channel cleanup callbacks.
     This causes the channel to close normally when its fds close and
     hangs when terminating a mux slave using ~. bz#1758; ok markus@@
   - djm@@cvs.openbsd.org 2010/04/23 22:42:05
d2075 7
a2081 42
     set stderr to /dev/null for subsystems rather than just closing it.
     avoids hangs if a subsystem or shell initialisation writes to stderr.
     bz#1750; ok markus@@
   - djm@@cvs.openbsd.org 2010/04/23 22:48:31
     [ssh-keygen.c]
     refuse to generate keys longer than OPENSSL_[RD]SA_MAX_MODULUS_BITS,
     since we would refuse to use them anyway. bz#1516; ok dtucker@@
   - djm@@cvs.openbsd.org 2010/04/26 22:28:24
     [sshconnect2.c]
     bz#1502: authctxt.success is declared as an int, but passed by
     reference to function that accepts sig_atomic_t*. Convert it to
     the latter; ok markus@@ dtucker@@
   - djm@@cvs.openbsd.org 2010/05/01 02:50:50
     [PROTOCOL.certkeys]
     typo; jmeltzer@@
   - dtucker@@cvs.openbsd.org 2010/05/05 04:22:09
     [sftp.c]
     restore mput and mget which got lost in the tab-completion changes.
     found by Kenneth Whitaker, ok djm@@
   - djm@@cvs.openbsd.org 2010/05/07 11:30:30
     [auth-options.c auth-options.h auth.c auth.h auth2-pubkey.c]
     [key.c servconf.c servconf.h sshd.8 sshd_config.5]
     add some optional indirection to matching of principal names listed
     in certificates. Currently, a certificate must include the a user's name
     to be accepted for authentication. This change adds the ability to
     specify a list of certificate principal names that are acceptable.
     
     When authenticating using a CA trusted through ~/.ssh/authorized_keys,
     this adds a new principals="name1[,name2,...]" key option.
     
     For CAs listed through sshd_config's TrustedCAKeys option, a new config
     option "AuthorizedPrincipalsFile" specifies a per-user file containing
     the list of acceptable names.
     
     If either option is absent, the current behaviour of requiring the
     username to appear in principals continues to apply.
     
     These options are useful for role accounts, disjoint account namespaces
     and "user@@realm"-style naming policies in certificates.
     
     feedback and ok markus@@
   - jmc@@cvs.openbsd.org 2010/05/07 12:49:17
d2083 15
a2097 1
     tweak previous;
d2099 28
a2126 4
20100423
 - (dtucker) [configure.ac] Bug #1756: Check for the existence of a lib64 dir
   in the openssl install directory (some newer openssl versions do this on at
   least some amd64 platforms).
d2128 40
a2167 3
20100418
 - OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2010/04/16 06:45:01
d2169 98
a2266 5
     tweak previous; ok djm
   - jmc@@cvs.openbsd.org 2010/04/16 06:47:04
     [ssh-keygen.1 ssh-keygen.c]
     tweak previous; ok djm
   - djm@@cvs.openbsd.org 2010/04/16 21:14:27
d2268 40
a2307 7
     oops, %r => remote username, not %u
   - djm@@cvs.openbsd.org 2010/04/16 01:58:45
     [regress/cert-hostkey.sh regress/cert-userkey.sh]
     regression tests for v01 certificate format
     includes interop tests for v00 certs
 - (dtucker) [contrib/aix/buildbff.sh] Fix creation of ssh_prng_cmds.default
   file.
d2309 22
a2330 9
20100416
 - (djm) Release openssh-5.5p1
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2010/03/26 03:13:17
     [bufaux.c]
     allow buffer_get_int_ret/buffer_get_int64_ret to take a NULL pointer
     argument to allow skipping past values in a buffer
   - jmc@@cvs.openbsd.org 2010/03/26 06:54:36
     [ssh.1]
d2332 18
a2349 1
   - jmc@@cvs.openbsd.org 2010/03/27 14:26:55
d2351 215
a2565 2
     tweak previous; ok dtucker
   - djm@@cvs.openbsd.org 2010/04/10 00:00:16
d2567 6
a2572 27
     bz#1746 - suppress spurious tty warning when using -O and stdin
     is not a tty; ok dtucker@@ markus@@
   - djm@@cvs.openbsd.org 2010/04/10 00:04:30
     [sshconnect.c]
     fix terminology: we didn't find a certificate in known_hosts, we found
     a CA key
   - djm@@cvs.openbsd.org 2010/04/10 02:08:44
     [clientloop.c]
     bz#1698: kill channel when pty allocation requests fail. Fixed
     stuck client if the server refuses pty allocation.
     ok dtucker@@ "think so" markus@@
   - djm@@cvs.openbsd.org 2010/04/10 02:10:56
     [sshconnect2.c]
     show the key type that we are offering in debug(), helps distinguish
     between certs and plain keys as the path to the private key is usually
     the same.
   - djm@@cvs.openbsd.org 2010/04/10 05:48:16
     [mux.c]
     fix NULL dereference; from matthew.haub AT alumni.adelaide.edu.au
   - djm@@cvs.openbsd.org 2010/04/14 22:27:42
     [ssh_config.5 sshconnect.c]
     expand %r => remote username in ssh_config:ProxyCommand;
     ok deraadt markus
   - markus@@cvs.openbsd.org 2010/04/15 20:32:55
     [ssh-pkcs11.c]
     retry lookup for private key if there's no matching key with CKA_SIGN
     attribute enabled; this fixes fixes MuscleCard support (bugzilla #1736)
d2574 54
a2627 21
   - djm@@cvs.openbsd.org 2010/04/16 01:47:26
     [PROTOCOL.certkeys auth-options.c auth-options.h auth-rsa.c]
     [auth2-pubkey.c authfd.c key.c key.h myproposal.h ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.1 ssh-keygen.c ssh-rsa.c]
     [sshconnect.c sshconnect2.c sshd.c]
     revised certificate format ssh-{dss,rsa}-cert-v01@@openssh.com with the
     following changes:
     
     move the nonce field to the beginning of the certificate where it can
     better protect against chosen-prefix attacks on the signature hash
     
     Rename "constraints" field to "critical options"
     
     Add a new non-critical "extensions" field
     
     Add a serial number
     
     The older format is still support for authentication and cert generation
     (use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate)
     
     ok markus@@
@


1.2
log
@SVN rev 181111 on 2008-08-01 02:48:36Z by des

Upgrade to OpenSSH 5.1p1.

I have worked hard to reduce diffs against the vendor branch.  One
notable change in that respect is that we no longer prefer DSA over
RSA - the reasons for doing so went away years ago.  This may cause
some surprises, as ssh will warn about unknown host keys even for
hosts whose keys haven't changed.

MFC after:	6 weeks
@
text
@d1 494
a1369 3838

20080315
 - (djm) [regress/test-exec.sh] Quote putty-related variables in case they are
   empty; report and patch from Peter Stuge
 - (djm) [regress/test-exec.sh] Silence noise from detection of putty
   commands; report from Peter Stuge
 - (djm) [session.c] Relocate incorrectly-placed closefrom() that was causing
   crashes when used with ChrootDirectory


20080327
 - (dtucker) Cache selinux status earlier so we know if it's enabled after a
   chroot.  Allows ChrootDirectory to work with selinux support compiled in
   but not enabled.  Using it with selinux enabled will require some selinux
   support inside the chroot.  "looks sane" djm@@
 - (djm) Fix RCS ident in sftp-server-main.c
 - (djm) OpenBSD CVS sync:
   - jmc@@cvs.openbsd.org 2008/02/11 07:58:28
     [ssh.1 sshd.8 sshd_config.5]
     bump Mdocdate for pages committed in "febuary", necessary because
     of a typo in rcs.c;
   - deraadt@@cvs.openbsd.org 2008/03/13 01:49:53
     [monitor_fdpass.c]
     Correct CMSG_SPACE and CMSG_LEN usage everywhere in the tree. Due to
     an extensive discussion with otto, kettenis, millert, and hshoexer
   - deraadt@@cvs.openbsd.org 2008/03/15 16:19:02
     [monitor_fdpass.c]
     Repair the simple cases for msg_controllen where it should just be
     CMSG_SIZE(sizeof(int)), not sizeof(buffer) which may be larger because
     of alignment; ok kettenis hshoexer
   - djm@@cvs.openbsd.org 2008/03/23 12:54:01
     [sftp-client.c]
     prefer POSIX-style file renaming over filexfer rename behaviour if the
     server supports the posix-rename@@openssh.com extension.
     Note that the old (filexfer) behaviour would refuse to clobber an
     existing file. Users who depended on this should adjust their sftp(1)
     usage.
     ok deraadt@@ markus@@
   - deraadt@@cvs.openbsd.org 2008/03/24 16:11:07
     [monitor_fdpass.c]
     msg_controllen has to be CMSG_SPACE so that the kernel can account for
     each cmsg_len (ie. msg_controllen = sum of CMSG_ALIGN(cmsg_len).  This
     works now that kernel fd passing has been fixed to accept a bit of
     sloppiness because of this ABI repair.
     lots of discussion with kettenis
   - djm@@cvs.openbsd.org 2008/03/25 11:58:02
     [session.c sshd_config.5]
     ignore ~/.ssh/rc if a sshd_config ForceCommand is specified;
     from dtucker@@ ok deraadt@@ djm@@
   - djm@@cvs.openbsd.org 2008/03/25 23:01:41
     [session.c]
     last patch had backwards test; spotted by termim AT gmail.com
   - djm@@cvs.openbsd.org 2008/03/26 21:28:14
     [auth-options.c auth-options.h session.c sshd.8]
     add no-user-rc authorized_keys option to disable execution of ~/.ssh/rc
   - djm@@cvs.openbsd.org 2008/03/27 00:16:49
     [version.h]
     openssh-4.9
   - djm@@cvs.openbsd.org 2008/03/24 21:46:54
     [regress/sftp-badcmds.sh]
     disable no-replace rename test now that we prefer a POSIX rename; spotted
     by dkrause@@
 - (djm) [configure.ac] fix alignment of --without-stackprotect description
 - (djm) [configure.ac] --with-selinux too
 - (djm) [regress/Makefile] cleanup PuTTY interop test droppings
 - (djm) [README] Update link to release notes
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Crank version numbers in RPM spec files
 - (djm) Release 4.9p1

20080315
 - (djm) [regress/test-exec.sh] Quote putty-related variables in case they are
   empty; report and patch from Peter Stuge
 - (djm) [regress/test-exec.sh] Silence noise from detection of putty
   commands; report from Peter Stuge
 - (djm) [session.c] Relocate incorrectly-placed closefrom() that was causing
   crashes when used with ChrootDirectory

20080314
 - (tim) [regress/sftp-cmds.sh] s/cd/lcd/ in lls test. Reported by
   vinschen at redhat.com. Add () to put echo commands in subshell for lls test
   I mistakenly left out of last commit.
 - (tim) [regress/localcommand.sh] Shell portability fix. Reported by imorgan at
   nas.nasa.gov

20080313
 - (djm) [Makefile.in regress/Makefile] Fix interop-tests target (note to
   self: make changes to Makefile.in next time, not the generated Makefile).
 - (djm) [Makefile.in regress/test-exec.sh] Find installed plink(1) and
   puttygen(1) by $PATH
 - (tim) [scp.c] Use poll.h if available, fall back to sys/poll.h if not. Patch
   by vinschen at redhat.com.
 - (tim) [regress/sftp-cmds.sh regress/ssh2putty.sh] Shell portability fixes
   from vinschen at redhat.com and imorgan at nas.nasa.gov

20080312
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2007/10/29 06:57:13
     [regress/Makefile regress/localcommand.sh]
     Add simple regress test for LocalCommand; ok djm@@
   - jmc@@cvs.openbsd.org 2007/11/25 15:35:09
     [regress/agent-getpeereid.sh regress/agent.sh]
     more existant -> existent, from Martynas Venckus;
     pfctl changes: ok henning
     ssh changes: ok deraadt
   - djm@@cvs.openbsd.org 2007/12/12 05:04:03
     [regress/sftp-cmds.sh]
     unbreak lls command and add a regress test that would have caught the
     breakage; spotted by mouring@@
     NB. sftp code change already committed.
   - djm@@cvs.openbsd.org 2007/12/21 04:13:53
     [regress/Makefile regress/test-exec.sh regress/putty-ciphers.sh]
     [regress/putty-kex.sh regress/putty-transfer.sh regress/ssh2putty.sh]
     basic (crypto, kex and transfer) interop regression tests against putty
     To run these, install putty and run "make interop-tests" from the build
     directory - the tests aren't run by default yet.

20080311
 - (dtucker) [auth-pam.c monitor.c session.c sshd.c] Bug #926: Move
   pam_open_session and pam_close_session into the privsep monitor, which
   will ensure that pam_session_close is called as root.  Patch from Tomas
   Mraz.

20080309
 - (dtucker) [configure.ac] It turns out gcc's -fstack-protector-all doesn't
   always work for all platforms and versions, so test what we can and
   add a configure flag to turn it of if needed.  ok djm@@
 - (dtucker) [openbsd-compat/port-aix.{c,h}] Remove AIX specific initgroups
   implementation.  It's not needed to fix bug #1081 and breaks the build
   on some AIX configurations.
 - (dtucker) [openbsd-compat/regress/strtonumtest.c] Bug #1347: Use platform's
   equivalent of LLONG_MAX for the compat regression tests, which makes them
   run on AIX and HP-UX.  Patch from David Leonard.
 - (dtucker) [configure.ac] Run stack-protector tests with -Werror to catch
   platforms where gcc understands the option but it's not supported (and
   thus generates a warning).

20080307
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2008/02/11 07:58:28
     [ssh.1 sshd.8 sshd_config.5]
     bump Mdocdate for pages committed in "febuary", necessary because
     of a typo in rcs.c;
   - djm@@cvs.openbsd.org 2008/02/13 22:38:17
     [servconf.h session.c sshd.c]
     rekey arc4random and OpenSSL RNG in postauth child
     closefrom fds > 2 before shell/command execution
     ok markus@@
   - mbalmer@@cvs.openbsd.org 2008/02/14 13:10:31
     [sshd.c]
     When started in configuration test mode (-t) do not check that sshd is
     being started with an absolute path.
     ok djm
   - markus@@cvs.openbsd.org 2008/02/20 15:25:26
     [session.c]
     correct boolean encoding for coredump; der Mouse via dugsong
   - djm@@cvs.openbsd.org 2008/02/22 05:58:56
     [session.c]
     closefrom() call was too early, delay it until just before we execute
     the user's rc files (if any).
   - dtucker@@cvs.openbsd.org 2008/02/22 20:44:02
     [clientloop.c packet.c packet.h serverloop.c]
     Allow all SSH2 packet types, including UNIMPLEMENTED to reset the
     keepalive timer (bz #1307).  ok markus@@
   - djm@@cvs.openbsd.org 2008/02/27 20:21:15
     [sftp-server.c]
     add an extension method "posix-rename@@openssh.com" to perform POSIX atomic
     rename() operations. based on patch from miklos AT szeredi.hu in bz#1400;
     ok dtucker@@ markus@@
   - deraadt@@cvs.openbsd.org 2008/03/02 18:19:35
     [monitor_fdpass.c]
     use a union to ensure alignment of the cmsg (pay attention: various other
     parts of the tree need this treatment too); ok djm
   - deraadt@@cvs.openbsd.org 2008/03/04 21:15:42
     [version.h]
     crank version; from djm
 - (tim) [regress/sftp-glob.sh] Shell portability fix.

20080302
 - (dtucker) [configure.ac] FreeBSD's glob() doesn't behave the way we expect
   either, so use our own.

20080229
 - (dtucker) [openbsd-compat/bsd-poll.c] We don't check for select(2) in
   configure (and there's not much point, as openssh won't work without it)
   so HAVE_SELECT is not defined and the poll(2) compat code doesn't get
   built in.  Remove HAVE_SELECT so we can build on platforms without poll.
 - (dtucker) [scp.c] Include sys/poll.h inside HAVE_SYS_POLL_H.
 - (djm) [contrib/gnome-ssh-askpass2.h] Keep askpass windown on top. From
   Debian patch via bernd AT openbsd.org

20080228
 - (dtucker) [configure.ac] Add -fstack-protector to LDFLAGS too, fixes
   linking problems on AIX with gcc 4.1.x.
 - (dtucker) [includes.h ssh-add.c ssh-agent.c ssh-keygen.c ssh.c sshd.c
   openbsd-compat/openssl-compat.{c,h}] Bug #1437 Move the OpenSSL compat
   header to after OpenSSL headers, since some versions of OpenSSL have
   SSLeay_add_all_algorithms as a macro already.
 - (dtucker) [key.c defines.h openbsd-compat/openssl-compat.h] Move old OpenSSL
   compat glue into openssl-compat.h.
 - (dtucker) [configure.ac openbsd-compat/port-aix.{c,h}] Bug #1081: Implement
   getgrouplist via getgrset on AIX, rather than iterating over getgrent.
   This allows, eg, Match and AllowGroups directives to work with NIS and
   LDAP groups.
 - (dtucker) [sshd.c] Bug #1042: make log messages for tcpwrappers use the
   same SyslogFacility as the rest of sshd.  Patch from William Knox,
   ok djm@@.

20080225
 - (dtucker) [openbsd-compat/fake-rfc2553.h] rename ssh_gai_strerror hack
   since it now conflicts with the helper function in misc.c.  From
   vinschen AT redhat.com.
 - (dtucker) [configure.ac audit-bsm.c] Bug #1420: Add a local implementation
   of aug_get_machine for systems that don't have their own (eg OS X, FreeBSD).
   Help and testing from csjp at FreeBSD org, vgiffin at apple com.  ok djm@@
 - (dtucker) [includes.h openbsd-compat/openssl-compat.c] Bug #1437: reshuffle
   headers so ./configure --with-ssl-engine actually works.  Patch from
   Ian Lister.

20080224
 - (tim) [contrib/cygwin/ssh-host-config]
   Grammar changes on SYSCONFDIR LOCALSTATEDIR messages.
   Check more thoroughly that it's possible to create the /var/empty directory.
   Patch by vinschen AT redhat.com

20080210
 - OpenBSD CVS Sync
   - chl@@cvs.openbsd.org 2008/01/11 07:22:28
     [sftp-client.c sftp-client.h]
     disable unused functions
     initially from tobias@@, but disabled them by placing them in
     "#ifdef notyet" which was asked by djm@@
     ok djm@@ tobias@@
   - djm@@cvs.openbsd.org 2008/01/19 19:13:28
     [ssh.1]
     satisfy the pedants: -q does not suppress all diagnostic messages (e.g.
     some commandline parsing warnings go unconditionally to stdout).
   - djm@@cvs.openbsd.org 2008/01/19 20:48:53
     [clientloop.c]
     fd leak on session multiplexing error path. Report and patch from
     gregory_shively AT fanniemae.com
   - djm@@cvs.openbsd.org 2008/01/19 20:51:26
     [ssh.c]
     ignore SIGPIPE in multiplex client mode - we can receive this if the
     server runs out of fds on us midway. Report and patch from
     gregory_shively AT fanniemae.com
   - djm@@cvs.openbsd.org 2008/01/19 22:04:57
     [sftp-client.c]
     fix remote handle leak in do_download() local file open error path;
     report and fix from sworley AT chkno.net
   - djm@@cvs.openbsd.org 2008/01/19 22:22:58
     [ssh-keygen.c]
     when hashing individual hosts (ssh-keygen -Hf hostname), make sure we
     hash just the specified hostname and not the entire hostspec from the
     keyfile. It may be of the form "hostname,ipaddr", which would lead to
     a hash that never matches. report and fix from jp AT devnull.cz
   - djm@@cvs.openbsd.org 2008/01/19 22:37:19
     [ssh-keygen.c]
     unbreak line numbering (broken in revision 1.164), fix error message
   - djm@@cvs.openbsd.org 2008/01/19 23:02:40
     [channels.c]
     When we added support for specified bind addresses for port forwards, we
     added a quirk SSH_OLD_FORWARD_ADDR. There is a bug in our handling of
     this for -L port forwards that causes the client to listen on both v4
     and v6 addresses when connected to a server with this quirk, despite
     having set 0.0.0.0 as a bind_address.
     report and patch from Jan.Pechanec AT Sun.COM; ok dtucker@@
   - djm@@cvs.openbsd.org 2008/01/19 23:09:49
     [readconf.c readconf.h sshconnect2.c]
     promote rekeylimit to a int64 so it can hold the maximum useful limit
     of 2^32; report and patch from Jan.Pechanec AT Sun.COM, ok dtucker@@
   - djm@@cvs.openbsd.org 2008/01/20 00:38:30
     [sftp.c]
     When uploading, correctly handle the case of an unquoted filename with
     glob metacharacters that match a file exactly but not as a glob, e.g. a
     file called "[abcd]". report and test cases from duncan2nd AT gmx.de
   - djm@@cvs.openbsd.org 2008/01/21 17:24:30
     [sftp-server.c]
     Remove the fixed 100 handle limit in sftp-server and allocate as many
     as we have available file descriptors. Patch from miklos AT szeredi.hu;
     ok dtucker@@ markus@@
   - djm@@cvs.openbsd.org 2008/01/21 19:20:17
     [sftp-client.c]
     when a remote write error occurs during an upload, ensure that ACKs for
     all issued requests are properly drained. patch from t8m AT centrum.cz
   - dtucker@@cvs.openbsd.org 2008/01/23 01:56:54
     [clientloop.c packet.c serverloop.c]
     Revert the change for bz #1307 as it causes connection aborts if an IGNORE
     packet arrives while we're waiting in packet_read_expect (and possibly
     elsewhere).
   - jmc@@cvs.openbsd.org 2008/01/31 20:06:50
     [scp.1]
     explain how to handle local file names containing colons;
     requested by Tamas TEVESZ
     ok dtucker
   - markus@@cvs.openbsd.org 2008/02/04 21:53:00
     [session.c sftp-server.c sftp.h]
     link sftp-server into sshd; feedback and ok djm@@
   - mcbride@@cvs.openbsd.org 2008/02/09 12:15:43
     [ssh.1 sshd.8]
     Document the correct permissions for the ~/.ssh/ directory.
     ok jmc
   - djm@@cvs.openbsd.org 2008/02/10 09:55:37
     [sshd_config.5]
     mantion that "internal-sftp" is useful with ForceCommand too
   - djm@@cvs.openbsd.org 2008/02/10 10:54:29
     [servconf.c session.c]
     delay ~ expansion for ChrootDirectory so it expands to the logged-in user's
     home, rather than the user who starts sshd (probably root)

20080119
 - (djm) Silence noice from expr in ssh-copy-id; patch from
   mikel AT mikelward.com
 - (djm) Only listen for IPv6 connections on AF_INET6 sockets; patch from
   tsr2600 AT gmail.com

20080102
 - (dtucker) [configure.ac] Fix message for -fstack-protector-all test.

20080101
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2007/12/31 10:41:31
     [readconf.c servconf.c]
     Prevent strict-aliasing warnings on newer gcc versions.  bz #1355, patch
     from Dmitry V. Levin, ok djm@@
   - dtucker@@cvs.openbsd.org 2007/12/31 15:27:04
     [sshd.c]
     When in inetd mode, have sshd generate a Protocol 1 ephemeral server
     key only for connections where the client chooses Protocol 1 as opposed
     to when it's enabled in the server's config.  Speeds up Protocol 2
     connections to inetd-mode servers that also allow Protocol 1.  bz #440,
     based on a patch from bruno at wolff.to, ok markus@@
   - dtucker@@cvs.openbsd.org 2008/01/01 08:47:04
     [misc.c]
     spaces -> tabs from my previous commit
   - dtucker@@cvs.openbsd.org 2008/01/01 09:06:39
     [scp.c]
     If scp -p encounters a pre-epoch timestamp, use the epoch which is
     as close as we can get given that it's used unsigned.  Add a little
     debugging while there.  bz #828, ok djm@@
   - dtucker@@cvs.openbsd.org 2008/01/01 09:27:33
     [sshd_config.5 servconf.c]
     Allow PermitRootLogin in a Match block.  Allows for, eg, permitting root
     only from the local network.  ok markus@@, man page bit ok jmc@@
   - dtucker@@cvs.openbsd.org 2008/01/01 08:51:20
     [moduli]
     Updated moduli file; ok djm@@

20071231
 - (dtucker) [configure.ac openbsd-compat/glob.{c,h}] Bug #1407: force use of
   builtin glob implementation on Mac OS X.  Based on a patch from
   vgiffin at apple.

20071229
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2007/12/12 05:04:03
     [sftp.c]
     unbreak lls command and add a regress test that would have caught the
     breakage; spotted by mouring@@
   - dtucker@@cvs.openbsd.org 2007/12/27 14:22:08
     [servconf.c canohost.c misc.c channels.c sshconnect.c misc.h ssh-keyscan.c
      sshd.c]
     Add a small helper function to consistently handle the EAI_SYSTEM error
     code of getaddrinfo.  Prompted by vgiffin at apple com via bz #1417.
     ok markus@@ stevesk@@
   - dtucker@@cvs.openbsd.org 2007/12/28 15:32:24
     [clientloop.c serverloop.c packet.c]
     Make SSH2_MSG_UNIMPLEMENTED and SSH2_MSG_IGNORE messages reset the
     ServerAlive and ClientAlive timers.  Prevents dropping a connection
     when these are enabled but the peer does not support our keepalives.
     bz #1307, ok djm@@.
   - dtucker@@cvs.openbsd.org 2007/12/28 22:34:47
     [clientloop.c]
     Use the correct packet maximum sizes for remote port and agent forwarding.
     Prevents the server from killing the connection if too much data is queued
     and an excessively large packet gets sent.  bz #1360, ok djm@@.

20071202
 - (dtucker) [configure.ac] Enable -fstack-protector-all on systems where
   gcc supports it.  ok djm@@
 - (dtucker) [scp.c] Update $OpenBSD tag missing from rev 1.175 and remove
   leftover debug code.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2007/10/29 00:52:45
     [auth2-gss.c]
     Allow build without -DGSSAPI; ok deraadt@@
     (Id sync only, Portable already has the ifdefs)
   - dtucker@@cvs.openbsd.org 2007/10/29 01:55:04
     [ssh.c]
     Plug tiny mem leaks in ControlPath and ProxyCommand option processing;
     ok djm@@
   - dtucker@@cvs.openbsd.org 2007/10/29 04:08:08
     [monitor_wrap.c monitor.c]
     Send config block back to slave for invalid users too so options
     set by a Match block (eg Banner) behave the same for non-existent
     users.  Found by and ok djm@@
   - dtucker@@cvs.openbsd.org 2007/10/29 06:51:59
     [ssh_config.5]
     ProxyCommand and LocalCommand use the user's shell, not /bin/sh; ok djm@@
   - dtucker@@cvs.openbsd.org 2007/10/29 06:54:50
     [ssh.c]
     Make LocalCommand work for Protocol 1 too; ok djm@@
   - jmc@@cvs.openbsd.org 2007/10/29 07:48:19
     [ssh_config.5]
     clean up after previous macro removal;
   - djm@@cvs.openbsd.org 2007/11/03 00:36:14
     [clientloop.c]
     fix memory leak in process_cmdline(), patch from Jan.Pechanec AT Sun.COM;
     ok dtucker@@
   - deraadt@@cvs.openbsd.org 2007/11/03 01:24:06
     [ssh.c]
     bz #1377: getpwuid results were being clobbered by another getpw* call
     inside tilde_expand_filename(); save the data we need carefully
     ok djm
   - dtucker@@cvs.openbsd.org 2007/11/03 02:00:32
     [ssh.c]
     Use xstrdup/xfree when saving pwname and pwdir; ok deraadt@@
   - deraadt@@cvs.openbsd.org 2007/11/03 02:03:49
     [ssh.c]
     avoid errno trashing in signal handler; ok dtucker

20071030
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2007/10/29 23:49:41
     [openbsd-compat/sys-tree.h]
     remove extra backslash at the end of RB_PROTOTYPE, report from
     Jan.Pechanec AT Sun.COM; ok deraadt@@

20071026
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2007/09/11 23:49:09
     [sshpty.c]
     remove #if defined block not needed; ok markus@@ dtucker@@
     (NB. RCD ID sync only for portable)
   - djm@@cvs.openbsd.org 2007/09/21 03:05:23
     [ssh_config.5]
     document KbdInteractiveAuthentication in ssh_config.5;
     patch from dkg AT fifthhorseman.net
   - djm@@cvs.openbsd.org 2007/09/21 08:15:29
     [auth-bsdauth.c auth-passwd.c auth.c auth.h auth1.c auth2-chall.c]
     [monitor.c monitor_wrap.c]
     unifdef -DBSD_AUTH
     unifdef -USKEY
     These options have been in use for some years;
     ok markus@@ "no objection" millert@@
     (NB. RCD ID sync only for portable)
   - canacar@@cvs.openbsd.org 2007/09/25 23:48:57
     [ssh-agent.c]
     When adding a key that already exists, update the properties
     (time, confirm, comment) instead of discarding them. ok djm@@ markus@@
   - ray@@cvs.openbsd.org 2007/09/27 00:15:57
     [dh.c]
     Don't return -1 on error in dh_pub_is_valid(), since it evaluates
     to true.
     Also fix a typo.
     Initial diff from Matthew Dempsky, input from djm.
     OK djm, markus.
   - dtucker@@cvs.openbsd.org 2007/09/29 00:25:51
     [auth2.c]
     Remove unused prototype.  ok djm@@
   - chl@@cvs.openbsd.org 2007/10/02 17:49:58
     [ssh-keygen.c]
     handles zero-sized strings that fgets can return
     properly removes trailing newline
     removes an unused variable
     correctly counts line number
     "looks ok" ray@@ markus@@
   - markus@@cvs.openbsd.org 2007/10/22 19:10:24
     [readconf.c]
     make sure that both the local and remote port are correct when
     parsing -L; Jan Pechanec (bz #1378)
   - djm@@cvs.openbsd.org 2007/10/24 03:30:02
     [sftp.c]
     rework argument splitting and parsing to cope correctly with common
     shell escapes and make handling of escaped characters consistent
     with sh(1) and between sftp commands (especially between ones that
     glob their arguments and ones that don't).
     parse command flags using getopt(3) rather than hand-rolled parsers.
     ok dtucker@@
  - djm@@cvs.openbsd.org 2007/10/24 03:44:02
     [scp.c]
     factor out network read/write into an atomicio()-like function, and
     use it to handle short reads, apply bandwidth limits and update
     counters. make network IO non-blocking, so a small trickle of
     reads/writes has a chance of updating the progress meter; bz #799
     ok dtucker@@
   - djm@@cvs.openbsd.org 2006/08/29 09:44:00
     [regress/sftp-cmds.sh]
     clean up our mess
   - markus@@cvs.openbsd.org 2006/11/06 09:27:43
     [regress/cfgmatch.sh]
     fix quoting for non-(c)sh login shells.
   - dtucker@@cvs.openbsd.org 2006/12/13 08:36:36
     [regress/cfgmatch.sh]
     Additional test for multiple PermitOpen entries.  ok djm@@
   - pvalchev@@cvs.openbsd.org 2007/06/07 19:41:46
     [regress/cipher-speed.sh regress/try-ciphers.sh]
     test umac-64@@openssh.com
     ok djm@@
   - djm@@cvs.openbsd.org 2007/10/24 03:32:35
     [regress/sftp-cmds.sh regress/sftp-glob.sh regress/test-exec.sh]
     comprehensive tests for sftp escaping its interaction with globbing;
     ok dtucker@@
   - djm@@cvs.openbsd.org 2007/10/26 05:30:01
     [regress/sftp-glob.sh regress/test-exec.sh]
     remove "echo -E" crap that I added in last commit and use printf(1) for
     cases where we strictly require echo not to reprocess escape characters.
   - deraadt@@cvs.openbsd.org 2005/11/28 17:50:12
     [openbsd-compat/glob.c]
     unused arg in internal static API
   - jakob@@cvs.openbsd.org 2007/10/11 18:36:41
     [openbsd-compat/getrrsetbyname.c openbsd-compat/getrrsetbyname.h]
     use RRSIG instead of SIG for DNSSEC. ok djm@@
   - otto@@cvs.openbsd.org 2006/10/21 09:55:03
     [openbsd-compat/base64.c]
     remove calls to abort(3) that can't happen anyway; from
     <bret dot lambert at gmail.com>; ok millert@@ deraadt@@
   - frantzen@@cvs.openbsd.org 2004/04/24 18:11:46
     [openbsd-compat/sys-tree.h]
     sync to Niels Provos' version.  avoid unused variable warning in
     RB_NEXT()
   - tdeval@@cvs.openbsd.org 2004/11/24 18:10:42
     [openbsd-compat/sys-tree.h]
     typo
   - grange@@cvs.openbsd.org 2004/05/04 16:59:32
     [openbsd-compat/sys-queue.h]
     Remove useless ``elm'' argument from the SIMPLEQ_REMOVE_HEAD macro.
     This matches our SLIST behaviour and NetBSD's SIMPLEQ as well.
     ok millert krw deraadt
   - deraadt@@cvs.openbsd.org 2005/02/25 13:29:30
     [openbsd-compat/sys-queue.h]
     minor white spacing
   - otto@@cvs.openbsd.org 2005/10/17 20:19:42
     [openbsd-compat/sys-queue.h]
     Performing certain operations on queue.h data structurs produced
     funny results.  An example is calling  LIST_REMOVE on the same
     element twice. This will not fail, but result in a data structure
     referencing who knows what. Prevent these accidents by NULLing some
     fields on remove and replace. This way, either a panic or segfault
     will be produced on the faulty operation.
   - otto@@cvs.openbsd.org 2005/10/24 20:25:14
     [openbsd-compat/sys-queue.h]
     Partly backout. NOLIST, used in LISTs is probably interfering.
     requested by deraadt@@
   - otto@@cvs.openbsd.org 2005/10/25 06:37:47
     [openbsd-compat/sys-queue.h]
     Some uvm problem is being exposed with the more strict macros.
     Revert until we've found out what's causing the panics.
   - otto@@cvs.openbsd.org 2005/11/25 08:06:25
     [openbsd-compat/sys-queue.h]
     Introduce debugging aid for queue macros. Disabled by default; but
     developers are encouraged to run with this enabled.
     ok krw@@ fgsch@@ deraadt@@
   - otto@@cvs.openbsd.org 2007/04/30 18:42:34
     [openbsd-compat/sys-queue.h]
     Enable QUEUE_MACRO_DEBUG on DIAGNOSTIC kernels.
     Input and okays from krw@@, millert@@, otto@@, deraadt@@, miod@@.
   - millert@@cvs.openbsd.org 2004/10/07 16:56:11
     GLOB_NOESCAPE is POSIX so move it out of the #ifndef _POSIX_SOURCE
     block.
     (NB. mostly an RCS ID sync, as portable strips out the conditionals)
 - (djm) [regress/sftp-cmds.sh]
   Use more restrictive glob to pick up test files from /bin - some platforms
   ship broken symlinks there which could spoil the test.
 - (djm) [openbsd-compat/bindresvport.c]
   Sync RCS ID after irrelevant (for portable OpenSSH) header shuffling

20070927
 - (dtucker) [configure.ac atomicio.c] Fall back to including <sys/poll.h> if
   we don't have <poll.h> (eq QNX).  From bacon at cs nyu edu.
 - (dtucker) [configure.ac defines.h] Shadow expiry does not work on QNX6
   so disable it for that platform.  From bacon at cs nyu edu.

20070921
 - (djm) [atomicio.c] Fix spin avoidance for platforms that define
   EWOULDBLOCK; patch from ben AT psc.edu

20070917
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2007/08/23 02:49:43
     [auth-passwd.c auth.c session.c]
     unifdef HAVE_LOGIN_CAP; ok deraadt@@ millert@@
     NB. RCS ID sync only for portable
   - djm@@cvs.openbsd.org 2007/08/23 02:55:51
     [auth-passwd.c auth.c session.c]
     missed include bits from last commit
     NB. RCS ID sync only for portable
   - djm@@cvs.openbsd.org 2007/08/23 03:06:10
     [auth.h]
     login_cap.h doesn't belong here
     NB. RCS ID sync only for portable
   - djm@@cvs.openbsd.org 2007/08/23 03:22:16
     [auth2-none.c sshd_config sshd_config.5]
     Support "Banner=none" to disable displaying of the pre-login banner;
     ok dtucker@@ deraadt@@
   - djm@@cvs.openbsd.org 2007/08/23 03:23:26
     [sshconnect.c]
     Execute ProxyCommands with $SHELL rather than /bin/sh unconditionally
   - djm@@cvs.openbsd.org 2007/09/04 03:21:03
     [clientloop.c monitor.c monitor_fdpass.c monitor_fdpass.h]
     [monitor_wrap.c ssh.c]
     make file descriptor passing code return an error rather than call fatal()
     when it encounters problems, and use this to make session multiplexing
     masters survive slaves failing to pass all stdio FDs; ok markus@@
   - djm@@cvs.openbsd.org 2007/09/04 11:15:56
     [ssh.c sshconnect.c sshconnect.h]
     make ssh(1)'s ConnectTimeout option apply to both the TCP connection and
     SSH banner exchange (previously it just covered the TCP connection).
     This allows callers of ssh(1) to better detect and deal with stuck servers
     that accept a TCP connection but don't progress the protocol, and also
     makes ConnectTimeout useful for connections via a ProxyCommand;
     feedback and "looks ok" markus@@
   - sobrado@@cvs.openbsd.org 2007/09/09 11:38:01
     [ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.c]
     sort synopsis and options in ssh-agent(1); usage is lowercase
     ok jmc@@
   - stevesk@@cvs.openbsd.org 2007/09/11 04:36:29
     [sshpty.c]
     sort #include
     NB. RCS ID sync only
   - gilles@@cvs.openbsd.org 2007/09/11 15:47:17
     [session.c ssh-keygen.c sshlogin.c]
     use strcspn to properly overwrite '\n' in fgets returned buffer
     ok pyr@@, ray@@, millert@@, moritz@@, chl@@
   - stevesk@@cvs.openbsd.org 2007/09/11 23:49:09
     [sshpty.c]
     remove #if defined block not needed; ok markus@@ dtucker@@
     NB. RCS ID sync only
   - stevesk@@cvs.openbsd.org 2007/09/12 19:39:19
     [umac.c]
     use xmalloc() and xfree(); ok markus@@ pvalchev@@
   - djm@@cvs.openbsd.org 2007/09/13 04:39:04
     [sftp-server.c]
     fix incorrect test when setting syslog facility; from Jan Pechanec
   - djm@@cvs.openbsd.org 2007/09/16 00:55:52
     [sftp-client.c]
     use off_t instead of u_int64_t for file offsets, matching what the
     progressmeter code expects; bz #842
 - (tim) [defines.h] Fix regression in long password support on OpenServer 6.
   Problem report and additional testing rac AT tenzing.org.

20070914
 - (dtucker) [openbsd-compat/bsd-asprintf.c] Plug mem leak in error path.
   Patch from Jan.Pechanec at sun com.

20070910
 - (dtucker) [openbsd-compat/regress/closefromtest.c] Bug #1358: Always
   return 0 on successful test.  From David.Leonard at quest com.
 - (tim) [configure.ac] Autoconf didn't define HAVE_LIBIAF because we
   did a AC_CHECK_FUNCS within the AC_CHECK_LIB test.

20070817
 - (dtucker) [sshd.8] Many Linux variants use a single "!" to denote locked
   accounts and that's what the code looks for, so make man page and code
   agree.  Pointed out by Roumen Petrov.
 - (dtucker) [INSTALL] Group the parts describing random options and PAM
   implementations together which is hopefully more coherent.
 - (dtucker) [INSTALL] the pid file is sshd.pid not ssh.pid.
 - (dtucker) [INSTALL] Give PAM its own heading.
 - (dtucker) [INSTALL] Link to tcpwrappers.

20070816
 - (dtucker) [session.c] Call PAM cleanup functions for unauthenticated
   connections too.  Based on a patch from Sandro Wefel, with & ok djm@@

20070815
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2007/08/15 08:14:46
     [clientloop.c]
     do NOT fall back to the trused x11 cookie if generation of an untrusted
     cookie fails; from Jan Pechanec, via security-alert at sun.com;
     ok dtucker
   - markus@@cvs.openbsd.org 2007/08/15 08:16:49
     [version.h]
     openssh 4.7
   - stevesk@@cvs.openbsd.org 2007/08/15 12:13:41
     [ssh_config.5]
     tun device forwarding now honours ExitOnForwardFailure; ok markus@@
 - (dtucker) [openbsd-compat/bsd-cray.c] Remove debug from signal handler.
   ok djm@@
 - (dtucker) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec
   contrib/suse/openssh.spec] Crank version.

20070813
 - (dtucker) [session.c] Bug #1339: ensure that pam_setcred() is always
   called with PAM_ESTABLISH_CRED at least once, which resolves a problem
   with pam_dhkeys.  Patch from David Leonard, ok djm@@

20070810
 - (dtucker) [auth-pam.c] Use sigdie here too.  ok djm@@
 - (dtucker) [configure.ac] Bug #1343: Set DISABLE_FD_PASSING for QNX6. From 
   Matt Kraai, ok djm@@ 

20070809
 - (dtucker) [openbsd-compat/port-aix.c] Comment typo.
 - (dtucker) [README.platform] Document the interaction between PermitRootLogin
   and the AIX native login restrictions.
 - (dtucker) [defines.h] Remove _PATH_{CSHELL,SHELLS} which aren't
   used anywhere and are a potential source of warnings.

20070808
 - (djm) OpenBSD CVS Sync
   - ray@@cvs.openbsd.org 2007/07/12 05:48:05
     [key.c]
     Delint: remove some unreachable statements, from Bret Lambert.
     OK markus@@ and dtucker@@.
   - sobrado@@cvs.openbsd.org 2007/08/06 19:16:06
     [scp.1 scp.c]
     the ellipsis is not an optional argument; while here, sync the usage
     and synopsis of commands
     lots of good ideas by jmc@@
     ok jmc@@
   - djm@@cvs.openbsd.org 2007/08/07 07:32:53
     [clientloop.c clientloop.h ssh.c]
     bz#1232: ensure that any specified LocalCommand is executed after the
     tunnel device is opened. Also, make failures to open a tunnel device
     fatal when ExitOnForwardFailure is active.
     Reported by h.goebel AT goebel-consult.de; ok dtucker markus reyk deraadt

20070724
 - (tim) [openssh.xml.in] make FMRI match what package scripts use.
 - (tim) [openbsd-compat/regress/closefromtest.c] Bug 1345: fix open() call.
   Report/patch by David.Leonard AT quest.com (and Bernhard Simon)
 - (tim) [buildpkg.sh.in openssh.xml.in] Allow more flexibility where smf(5)
 - (tim) [buildpkg.sh.in] s|$FAKE_ROOT/${sysconfdir}|$FAKE_ROOT${sysconfdir}|

20070628
 - (djm) bz#1325: Fix SELinux in permissive mode where it would
   incorrectly fatal() on errors. patch from cjwatson AT debian.org;
   ok dtucker

20070625
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2007/06/13 00:21:27
     [scp.c]
     don't ftruncate() non-regular files; bz#1236 reported by wood AT
     xmission.com; ok dtucker@@
   - djm@@cvs.openbsd.org 2007/06/14 21:43:25
     [ssh.c]
     handle EINTR when waiting for mux exit status properly
   - djm@@cvs.openbsd.org 2007/06/14 22:48:05
     [ssh.c]
     when waiting for the multiplex exit status, read until the master end
     writes an entire int of data *and* closes the client_fd; fixes mux
     regression spotted by dtucker, ok dtucker@@
   - djm@@cvs.openbsd.org 2007/06/19 02:04:43
     [atomicio.c]
     if the fd passed to atomicio/atomiciov() is non blocking, then poll() to
     avoid a spin if it is not yet ready for reading/writing; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2007/06/25 08:20:03
     [channels.c]
     Correct test for window updates every three packets; prevents sending
     window updates for every single packet.  ok markus@@
   - dtucker@@cvs.openbsd.org 2007/06/25 12:02:27
     [atomicio.c]
     Include <poll.h> like the man page says rather than <sys/poll.h>.  ok djm@@
 - (dtucker) [atomicio.c] Test for EWOULDBLOCK in atomiciov to match
   atomicio.
 - (dtucker) [atomicio.c configure.ac openbsd-compat/Makefile.in
   openbsd-compat/bsd-poll.{c,h} openbsd-compat/openbsd-compat.h]
   Add an implementation of poll() built on top of select(2).  Code from
   OpenNTPD with changes suggested by djm.  ok djm@@

20070614
 - (dtucker) [cipher-ctr.c umac.c openbsd-compat/openssl-compat.h] Move the
   USE_BUILTIN_RIJNDAEL compat goop to openssl-compat.h so it can be
   shared with umac.c.  Allows building with OpenSSL 0.9.5 again including
   umac support.  With tim@@ djm@@, ok djm.
 - (dtucker) [openbsd-compat/openssl-compat.h] Merge USE_BUILTIN_RIJNDAEL
   sections.  Fixes builds with early OpenSSL 0.9.6 versions.
 - (dtucker) [openbsd-compat/openssl-compat.h] Remove redundant definition
   of USE_BUILTIN_RIJNDAEL since the <0.9.6 test is covered by the
   subsequent <0.9.7 test.

20070612
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2007/06/11 09:14:00
     [channels.h]
     increase default channel windows; ok djm
   - djm@@cvs.openbsd.org 2007/06/12 07:41:00
     [ssh-add.1]
     better document ssh-add's -d option (delete identies from agent), bz#1224
     new text based on some provided by andrewmc-debian AT celt.dias.ie;
     ok dtucker@@
   - djm@@cvs.openbsd.org 2007/06/12 08:20:00
     [ssh-gss.h gss-serv.c gss-genr.c]
     relocate server-only GSSAPI code from libssh to server; bz #1225
     patch from simon AT sxw.org.uk; ok markus@@ dtucker@@
   - djm@@cvs.openbsd.org 2007/06/12 08:24:20
     [scp.c]
     make scp try to skip FIFOs rather than blocking when nothing is listening.
     depends on the platform supporting sane O_NONBLOCK semantics for open
     on FIFOs (apparently POSIX does not mandate this), which OpenBSD does.
     bz #856; report by cjwatson AT debian.org; ok markus@@
   - djm@@cvs.openbsd.org 2007/06/12 11:11:08
     [ssh.c]
     fix slave exit value when a control master goes away without passing the
     full exit status by ensuring that the slave reads a full int. bz#1261
     reported by frekko AT gmail.com; ok markus@@ dtucker@@
   - djm@@cvs.openbsd.org 2007/06/12 11:15:17
     [ssh.c ssh.1]
     Add "-K" flag for ssh to set GSSAPIAuthentication=yes and
     GSSAPIDelegateCredentials=yes. This is symmetric with -k (disable GSSAPI)
     and is useful for hosts with /home on Kerberised NFS; bz #1312
     patch from Markus.Kuhn AT cl.cam.ac.uk; ok dtucker@@ markus@@
   - djm@@cvs.openbsd.org 2007/06/12 11:45:27
     [ssh.c]
     improved exit message from multiplex slave sessions; bz #1262
     reported by alexandre.nunes AT gmail.com; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2007/06/12 11:56:15
     [gss-genr.c]
     Pass GSS OID to gss_display_status to provide better information in
     error messages.  Patch from Simon Wilkinson via bz 1220.  ok djm@@
   - jmc@@cvs.openbsd.org 2007/06/12 13:41:03
     [ssh-add.1]
     identies -> identities;
   - jmc@@cvs.openbsd.org 2007/06/12 13:43:55
     [ssh.1]
     add -K to SYNOPSIS;
   - dtucker@@cvs.openbsd.org 2007/06/12 13:54:28
     [scp.c]
     Encode filename with strnvis if the name contains a newline (which can't
     be represented in the scp protocol), from bz #891.  ok markus@@

20070611
 - (djm) Bugzilla #1306: silence spurious error messages from hang-on-exit
   fix; tested by dtucker@@ and jochen.kirn AT gmail.com
   - pvalchev@@cvs.openbsd.org 2007/06/07 19:37:34
     [kex.h mac.c mac.h monitor_wrap.c myproposal.h packet.c ssh.1]
     [ssh_config.5 sshd.8 sshd_config.5]
     Add a new MAC algorithm for data integrity, UMAC-64 (not default yet,
     must specify umac-64@@openssh.com). Provides about 20% end-to-end speedup
     compared to hmac-md5. Represents a different approach to message
     authentication to that of HMAC that may be beneficial if HMAC based on
     one of its underlying hash algorithms is found to be vulnerable to a
     new attack.  http://www.ietf.org/rfc/rfc4418.txt
     in conjunction with and OK djm@@
   - pvalchev@@cvs.openbsd.org 2007/06/08 04:40:40
     [ssh_config]
     Add a "MACs" line after "Ciphers" with the default MAC algorithms,
     to ease people who want to tweak both (eg. for performance reasons).
     ok deraadt@@ djm@@ dtucker@@
   - jmc@@cvs.openbsd.org 2007/06/08 07:43:46
     [ssh_config.5]
     put the MAC list into a display, like we do for ciphers,
     since groff has trouble handling wide lines;
   - jmc@@cvs.openbsd.org 2007/06/08 07:48:09
     [sshd_config.5]
     oops, here too: put the MAC list into a display, like we do for
     ciphers, since groff has trouble with wide lines;
   - markus@@cvs.openbsd.org 2007/06/11 08:04:44
     [channels.c]
     send 'window adjust' messages every tree packets and do not wait
     until 50% of the window is consumed.  ok djm dtucker
 - (djm) [configure.ac umac.c] If platform doesn't provide swap32(3), then
   fallback to provided bit-swizzing functions
 - (dtucker) [openbsd-compat/bsd-misc.c] According to the spec the "remainder"
   argument to nanosleep may be NULL.  Currently this never happens in OpenSSH,
   but check anyway in case this changes or the code gets used elsewhere.
 - (dtucker) [includes.h] Bug #1243: HAVE_PATHS -> HAVE_PATHS_H.  Should
   prevent warnings about redefinitions of various things in paths.h.
   Spotted by cartmanltd at hotmail.com.

20070605
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2007/05/22 10:18:52
     [sshd.c]
     zap double include; from p_nowaczyk AT o2.pl
     (not required in -portable, Id sync only)
   - djm@@cvs.openbsd.org 2007/05/30 05:58:13
     [kex.c]
     tidy: KNF, ARGSUSED and u_int
   - jmc@@cvs.openbsd.org 2007/05/31 19:20:16
     [scp.1 ssh_config.5 sftp-server.8 ssh-agent.1 sshd_config.5 sftp.1
     ssh-keygen.1 ssh-keyscan.1 ssh-add.1 sshd.8 ssh.1 ssh-keysign.8]
     convert to new .Dd format;
     (We will need to teach mdoc2man.awk to understand this too.)
   - djm@@cvs.openbsd.org 2007/05/31 23:34:29
     [packet.c]
     gc unreachable code; spotted by Tavis Ormandy
   - djm@@cvs.openbsd.org 2007/06/02 09:04:58
     [bufbn.c]
     memory leak on error path; from arnaud.lacombe.1 AT ulaval.ca
   - djm@@cvs.openbsd.org 2007/06/05 06:52:37
     [kex.c monitor_wrap.c packet.c mac.h kex.h mac.c]
     Preserve MAC ctx between packets, saving 2xhash calls per-packet.
     Yields around a 12-16% end-to-end speedup for arcfour256/hmac-md5
     patch from markus@@ tested dtucker@@ and myself, ok markus@@ and me (I'm
     committing at his request)
 - (dtucker) [mdoc2man.awk] Teach it to deal with $Mdocdate tags that
   OpenBSD's cvs now adds.
 - (dtucker) [mdoc2man.awk] Remove trailing "$" from Mdocdate regex so
   mindrot's cvs doesn't expand it on us.
 - (dtucker) [mdoc2man.awk] Add support for %R references, used for RFCs.

20070520
 - (dtucker) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2007/04/14 22:01:58
     [auth2.c]
     remove unused macro; from Dmitry V. Levin <ldv@@altlinux.org>
   - stevesk@@cvs.openbsd.org 2007/04/18 01:12:43
     [sftp-server.c]
     cast "%llu" format spec to (unsigned long long); do not assume a
     u_int64_t arg is the same as 'unsigned long long'.
     from Dmitry V. Levin <ldv@@altlinux.org>
     ok markus@@ 'Yes, that looks correct' millert@@
   - dtucker@@cvs.openbsd.org 2007/04/23 10:15:39
     [servconf.c]
     Remove debug() left over from development.  ok deraadt@@
   - djm@@cvs.openbsd.org 2007/05/17 07:50:31
     [log.c]
     save and restore errno when logging; ok deraadt@@
   - djm@@cvs.openbsd.org 2007/05/17 07:55:29
     [sftp-server.c]
     bz#1286 stop reading and processing commands when input or output buffer
     is nearly full, otherwise sftp-server would happily try to grow the
     input/output buffers past the maximum supported by the buffer API and
     promptly fatal()
     based on patch from Thue Janus Kristensen; feedback & ok dtucker@@
   - djm@@cvs.openbsd.org 2007/05/17 20:48:13
     [sshconnect2.c]
     fall back to gethostname() when the outgoing connection is not
     on a socket, such as is the case when ProxyCommand is used.
     Gives hostbased auth an opportunity to work; bz#616, report
     and feedback stuart AT kaloram.com; ok markus@@
   - djm@@cvs.openbsd.org 2007/05/17 20:52:13
     [monitor.c]
     pass received SIGINT from monitor to postauth child so it can clean
     up properly. bz#1196, patch from senthilkumar_sen AT hotpop.com;
     ok markus@@
   - jolan@@cvs.openbsd.org 2007/05/17 23:53:41
     [sshconnect2.c]
     djm owes me a vb and a tism cd for breaking ssh compilation
 - (dtucker) [auth-pam.c] malloc+memset -> calloc.  Patch from
   ldv at altlinux.org.
 - (dtucker) [auth-pam.c] Return empty string if fgets fails in
   sshpam_tty_conv.  Patch from ldv at altlinux.org.

20070509
 - (tim) [configure.ac] Bug #1287: Add missing test for ucred.h.

20070429
 - (dtucker) [openbsd-compat/bsd-misc.c] Include unistd.h and sys/types.h
   for select(2) prototype.
 - (dtucker) [auth-shadow.c loginrec.c] Include time.h for time(2) prototype.
 - (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Bug #1299: Use the
   platform's _res if it has one.  Should fix problem of DNSSEC record lookups
   on NetBSD as reported by Curt Sampson.
 - (dtucker) [openbsd-compat/xmmap.c] Include stdlib.h for mkstemp prototype.
 - (dtucker) [configure.ac defines.h] Have configure check for MAXSYMLINKS
   so we don't get redefinition warnings.
 - (dtucker) [openbsd-compat/xmmap.c] Include stdlib.h for mkstemp prototype.
 - (dtucker) [configure.ac defines.h] Prevent warnings about __attribute__
   __nonnull__ for versions of GCC that don't support it.
 - (dtucker) [configure.ac defines.h] Have configure check for offsetof
   to prevent redefinition warnings.

20070406
 - (dtucker) [INSTALL] Update the systems that have PAM as standard.  Link
   to OpenPAM too.
 - (dtucker) [INSTALL] prngd lives at sourceforge these days.

20070326
 - (tim) [auth.c configure.ac defines.h session.c openbsd-compat/port-uw.c
   openbsd-compat/port-uw.h openbsd-compat/xcrypt.c] Rework libiaf test/defines
   to account for IRIX having libiaf but not set_id(). Patch with & ok dtucker@@

20070325
 - (dtucker) [Makefile.in configure.ac] Replace single-purpose LIBSELINUX,
   LIBWRAP and LIBPAM variables in Makefile with the general-purpose
   SSHDLIBS.  "I like" djm@@

20070321
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2007/03/09 05:20:06
     [servconf.c sshd.c]
     Move C/R -> kbdint special case to after the defaults have been
     loaded, which makes ChallengeResponse default to yes again.  This
     was broken by the Match changes and not fixed properly subsequently.
     Found by okan at demirmen.com, ok djm@@ "please do it" deraadt@@
   - djm@@cvs.openbsd.org 2007/03/19 01:01:29
     [sshd_config]
     Disable the legacy SSH protocol 1 for new installations via
     a configuration override. In the future, we will change the
     server's default itself so users who need the legacy protocol
     will need to turn it on explicitly
   - dtucker@@cvs.openbsd.org 2007/03/19 12:16:42
     [ssh-agent.c]
     Remove the signal handler that checks if the agent's parent process
     has gone away, instead check when the select loop returns.  Record when
     the next key will expire when scanning for expired keys.  Set the select
     timeout to whichever of these two things happens next.  With djm@@, with &
     ok deraadt@@ markus@@
   - tedu@@cvs.openbsd.org 2007/03/20 03:56:12
     [readconf.c clientloop.c]
     remove some bogus *p tests from charles longeau
     ok deraadt millert
   - jmc@@cvs.openbsd.org 2007/03/20 15:57:15
     [sshd.8]
     - let synopsis and description agree for -f
     - sort FILES
     - +.Xr ssh-keyscan 1 ,
     from Igor Sobrado
 - (dtucker) [configure.ac openbsd-compat/bsd-getpeereid.c] Bug #1287: Use
   getpeerucred to implement getpeereid (currently only Solaris 10 and up).
   Patch by Jan.Pechanec at Sun.
 - (dtucker) [regress/agent-getpeereid.sh] Do peereid test if we have
   HAVE_GETPEERUCRED too.  Also from Jan Pechanec.

20070313
 - (dtucker) [entropy.c scard-opensc.c ssh-rand-helper.c] Bug #1294: include
   string.h to prevent warnings, from vapier at gentoo.org.
 - (dtucker) [LICENCE] Add Daniel Walsh as a copyright holder for the
   selinux bits in -portable.
 - (dtucker) [cipher-3des1.c cipher-bf1.c] The OpenSSL 0.9.8e problem in
   bug #1291 also affects Protocol 1 3des.  While at it, use compat-openssl.h
   in cipher-bf1.c.  Patch from Juan Gallego.
 - (dtucker) [README.platform] Info about blibpath on AIX.

20070306
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2007/03/01 16:19:33
     [sshd_config.5]
     sort the `match' keywords;
   - djm@@cvs.openbsd.org 2007/03/06 10:13:14
     [version.h]
     openssh-4.6; "please" deraadt@@
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] crank spec files for release
 - (djm) [README] correct link to release notes
 - (djm) Release 4.6p1

20070304
 - (djm) [configure.ac] add a --without-openssl-header-check option to
   configure, as some platforms (OS X) ship OpenSSL headers whose version
   does not match that of the shipping library. ok dtucker@@
 - (dtucker) [openbsd-compat/openssl-compat.h] Bug #1291: Work around a
   bug in OpenSSL 0.9.8e that prevents aes256-ctr, aes192-ctr and arcfour256
   ciphers from working correctly (disconnects with "Bad packet length"
   errors) as found by Ben Harris.  ok djm@@

20070303
 - (dtucker) [regress/agent-ptrace.sh] Make ttrace gdb error a little more
   general to cover newer gdb versions on HP-UX.

20070302
 - (dtucker) [configure.ac] For Cygwin, read files in textmode (which allows
   CRLF as well as LF lineendings) and write in binary mode.  Patch from
   vinschen at redhat.com.
 - (dtucker) [INSTALL] Update to autoconf-2.61.

20070301
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2007/03/01 10:28:02
     [auth2.c sshd_config.5 servconf.c]
     Remove ChallengeResponseAuthentication support inside a Match
     block as its interaction with KbdInteractive makes it difficult to
     support.  Also, relocate the CR/kbdint option special-case code into
     servconf.  "please commit" djm@@, ok markus@@ for the relocation.
 - (tim) [buildpkg.sh.in openssh.xml.in] Clean up Solaris 10 smf(5) bits.
   "Looks sane" dtucker@@

20070228
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2007/02/28 00:55:30
     [ssh-agent.c]
     Remove expired keys periodically so they don't remain in memory when
     the agent is entirely idle, as noted by David R. Piegdon.  This is the
     simple fix, a more efficient one will be done later.  With markus,
     deraadt, with & ok djm.

20070225
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2007/02/20 10:25:14
     [clientloop.c]
     set maximum packet and window sizes the same for multiplexed clients
     as normal connections; ok markus@@
   - dtucker@@cvs.openbsd.org 2007/02/21 11:00:05
     [sshd.c]
     Clear alarm() before restarting sshd on SIGHUP.  Without this, if there's
     a SIGALRM pending (for SSH1 key regeneration) when sshd is SIGHUP'ed, the
     newly exec'ed sshd will get the SIGALRM and not have a handler for it,
     and the default action will terminate the listening sshd.  Analysis and
     patch from andrew at gaul.org.
   - dtucker@@cvs.openbsd.org 2007/02/22 12:58:40
     [servconf.c]
     Check activep so Match and GatewayPorts work together; ok markus@@
   - ray@@cvs.openbsd.org 2007/02/24 03:30:11
     [moduli.c]
     - strlen returns size_t, not int.
     - Pass full buffer size to fgets.
     OK djm@@, millert@@, and moritz@@.

20070219
  - (dtucker) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2007/01/10 13:23:22
     [ssh_config.5]
     do not use a list for SYNOPSIS;
     this is actually part of a larger report sent by eric s. raymond
     and forwarded by brad, but i only read half of it. spotted by brad.
   - jmc@@cvs.openbsd.org 2007/01/12 20:20:41
     [ssh-keygen.1 ssh-keygen.c]
     more secsh -> rfc 4716 updates;
     spotted by wiz@@netbsd
     ok markus
   - dtucker@@cvs.openbsd.org 2007/01/17 23:22:52
     [readconf.c]
     Honour activep for times (eg ServerAliveInterval) while parsing
     ssh_config and ~/.ssh/config so they work properly with Host directives.
     From mario.lorenz@@wincor-nixdorf.com via bz #1275.  ok markus@@
   - stevesk@@cvs.openbsd.org 2007/01/21 01:41:54
     [auth-skey.c kex.c ssh-keygen.c session.c clientloop.c]
     spaces
   - stevesk@@cvs.openbsd.org 2007/01/21 01:45:35
     [readconf.c]
     spaces
   - djm@@cvs.openbsd.org 2007/01/22 11:32:50
     [sftp-client.c]
     return error from do_upload() when a write fails. fixes bz#1252: zero
     exit status from sftp when uploading to a full device. report from
     jirkat AT atlas.cz; ok dtucker@@
   - djm@@cvs.openbsd.org 2007/01/22 13:06:21
     [scp.c]
     fix detection of whether we should show progress meter or not: scp
     tested isatty(stderr) but wrote the progress meter to stdout. This patch
     makes it test stdout. bz#1265 reported by junkmail AT bitsculpture.com;
     of dtucker@@
   - stevesk@@cvs.openbsd.org 2007/02/14 14:32:00
     [bufbn.c]
     typos in comments; ok jmc@@
   - dtucker@@cvs.openbsd.org 2007/02/19 10:45:58
     [monitor_wrap.c servconf.c servconf.h monitor.c sshd_config.5]
     Teach Match how handle config directives that are used before
     authentication.  This allows configurations such as permitting password
     authentication from the local net only while requiring pubkey from
     offsite.  ok djm@@, man page bits ok jmc@@
 - (dtucker) [contrib/findssl.sh] Add "which" as a shell function since some
   platforms don't have it.  Patch from dleonard at vintela.com.
 - (dtucker) [openbsd-compat/getrrsetbyname.c] Don't attempt to calloc
   an array for signatures when there are none since "calloc(0, n) returns
   NULL on some platforms (eg Tru64), which is explicitly permitted by
   POSIX.  Diagnosis and patch by svallet genoscope.cns.fr.

20070128
 - (djm) [channels.c serverloop.c] Fix so-called "hang on exit" (bz #52)
   when closing a tty session when a background process still holds tty
   fds open. Great detective work and patch by Marc Aurele La France,
   slightly tweaked by me; ok dtucker@@

20070123
 - (dtucker) [openbsd-compat/bsd-snprintf.c] Static declarations for public
   library interfaces aren't very helpful. Fix up the DOPR_OUTCH macro
   so it works properly and modify its callers so that they don't pre or
   post decrement arguments that are conditionally evaluated. While there,
   put SNPRINTF_CONST back as it prevents build failures in some
   configurations.  ok djm@@ (for most of it)

20070122
 - (djm) [ssh-rand-helper.8] manpage nits;
   from dleonard AT vintela.com (bz#1529)

20070117
 - (dtucker) [packet.c] Re-remove in_systm.h since it's already in includes.h
   and multiple including it causes problems on old IRIXes.  (It snuck back
   in during a sync.)  Found (again) by Georg Schwarz.

20070114
 - (dtucker) [ssh-keygen.c] av -> argv to match earlier sync.
 - (djm) [openbsd-compat/bsd-snprintf.c] Fix integer overflow in return
   value of snprintf replacement, similar to bugs in various libc
   implementations. This overflow is not exploitable in OpenSSH. 
   While I'm fiddling with it, make it a fair bit faster by inlining the
   append-char routine; ok dtucker@@

20070105
 - (djm) OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2006/11/14 19:41:04
     [ssh-keygen.c]
     use argc and argv not some made up short form
   - ray@@cvs.openbsd.org 2006/11/23 01:35:11
     [misc.c sftp.c]
     Don't access buf[strlen(buf) - 1] for zero-length strings.
     ``ok by me'' djm@@.
   - markus@@cvs.openbsd.org 2006/12/11 21:25:46
     [ssh-keygen.1 ssh.1]
     add rfc 4716 (public key format); ok jmc
   - djm@@cvs.openbsd.org 2006/12/12 03:58:42
     [channels.c compat.c compat.h]
     bz #1019: some ssh.com versions apparently can't cope with the
     remote port forwarding bind_address being a hostname, so send
     them an address for cases where they are not explicitly
     specified (wildcard or localhost bind).  reported by daveroth AT
     acm.org; ok dtucker@@ deraadt@@
   - dtucker@@cvs.openbsd.org 2006/12/13 08:34:39
     [servconf.c]
     Make PermitOpen work with multiple values like the man pages says.
     bz #1267 with details from peter at dmtz.com, with & ok djm@@
   - dtucker@@cvs.openbsd.org 2006/12/14 10:01:14
     [servconf.c]
     Make "PermitOpen all" first-match within a block to match the way other
     options work.  ok markus@@ djm@@
   - jmc@@cvs.openbsd.org 2007/01/02 09:57:25
     [sshd_config.5]
     do not use lists for SYNOPSIS;
     from eric s. raymond via brad
   - stevesk@@cvs.openbsd.org 2007/01/03 00:53:38
     [ssh-keygen.c]
     remove small dead code; arnaud.lacombe.1@@ulaval.ca via Coverity scan
   - stevesk@@cvs.openbsd.org 2007/01/03 03:01:40
     [auth2-chall.c channels.c dns.c sftp.c ssh-keygen.c ssh.c]
     spaces
   - stevesk@@cvs.openbsd.org 2007/01/03 04:09:15
     [sftp.c]
     ARGSUSED for lint
   - stevesk@@cvs.openbsd.org 2007/01/03 07:22:36
     [sftp-server.c]
     spaces

20061205
 - (djm) [auth.c] Fix NULL pointer dereference in fakepw().  Crash would
   occur if the server did not have the privsep user and an invalid user
   tried to login and both privsep and krb5 auth are disabled; ok dtucker@@
 - (djm) [bsd-asprintf.c] Better test for bad vsnprintf lengths; ok dtucker@@

20061108
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2006/11/07 13:02:07
     [dh.c]
     BN_hex2bn returns int; from dtucker@@

20061107
 - (dtucker) [sshd.c] Use privsep_pw if we have it, but only require it
   if we absolutely need it.  Pointed out by Corinna, ok djm@@
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2006/11/06 21:25:28
     [auth-rsa.c kexgexc.c kexdhs.c key.c ssh-dss.c sshd.c kexgexs.c
     ssh-keygen.c bufbn.c moduli.c scard.c kexdhc.c sshconnect1.c dh.c rsa.c]
     add missing checks for openssl return codes; with & ok djm@@
   - markus@@cvs.openbsd.org 2006/11/07 10:31:31
     [monitor.c version.h]
     correctly check for bad signatures in the monitor, otherwise the monitor
     and the unpriv process can get out of sync. with dtucker@@, ok djm@@,
     dtucker@@
 - (dtucker) [README contrib/{caldera,redhat,contrib}/openssh.spec] Bump
   versions.
 - (dtucker) Release 4.5p1.

20061105
 - (djm) OpenBSD CVS Sync
   - otto@@cvs.openbsd.org 2006/10/28 18:08:10
     [ssh.1]
     correct/expand example of usage of -w; ok jmc@@ stevesk@@
   - markus@@cvs.openbsd.org 2006/10/31 16:33:12
     [kexdhc.c kexdhs.c kexgexc.c kexgexs.c]
     check DH_compute_key() for -1 even if it should not happen because of
     earlier calls to dh_pub_is_valid(); report krahmer at suse.de; ok djm

20061101
 - (dtucker) [openbsd-compat/port-solaris.c] Bug #1255: Make only hwerr
   events fatal in Solaris process contract support and tell it to signal
   only processes in the same process group when something happens.
   Based on information from andrew.benham at thus.net and similar to
   a patch from Chad Mynhier.  ok djm@@

20061027
- (djm) [auth.c] gc some dead code

20061023
 - (djm) OpenBSD CVS Sync
   - ray@@cvs.openbsd.org 2006/09/30 17:48:22
     [sftp.c]
     Clear errno before calling the strtol functions.
     From Paul Stoeber <x0001 at x dot de1 dot cc>.
     OK deraadt@@.
   - djm@@cvs.openbsd.org 2006/10/06 02:29:19
     [ssh-agent.c ssh-keyscan.c ssh.c]
     sys/resource.h needs sys/time.h; prompted by brad@@
     (NB. Id sync only for portable)
   - djm@@cvs.openbsd.org 2006/10/09 23:36:11
     [session.c]
     xmalloc -> xcalloc that was missed previously, from portable
     (NB. Id sync only for portable, obviously)
   - markus@@cvs.openbsd.org 2006/10/10 10:12:45
     [sshconnect.c]
     sleep before retrying (not after) since sleep changes errno; fixes
     pr 5250; rad@@twig.com; ok dtucker djm
   - markus@@cvs.openbsd.org 2006/10/11 12:38:03
     [clientloop.c serverloop.c]
     exit instead of doing a blocking tcp send if we detect a client/server
     timeout, since the tcp sendqueue might be already full (of alive
     requests); ok dtucker, report mpf
   - djm@@cvs.openbsd.org 2006/10/22 02:25:50
     [sftp-client.c]
     cancel progress meter when upload write fails; ok deraadt@@
 - (tim) [Makefile.in scard/Makefile.in] Add datarootdir= lines to keep
   autoconf 2.60 from complaining.

20061018
 - (dtucker) OpenBSD CVS Sync
   - ray@@cvs.openbsd.org 2006/09/25 04:55:38
     [ssh-keyscan.1 ssh.1]
     Change "a SSH" to "an SSH".  Hurray, I'm not the only one who
     pronounces "SSH" as "ess-ess-aich".
     OK jmc@@ and stevesk@@.
 - (dtucker) [sshd.c] Reshuffle storing of pw struct; prevents warnings
   on older versions of OS X.  ok djm@@

20061016
 - (dtucker) [monitor_fdpass.c] Include sys/in.h, required for cmsg macros
   on older (2.0) Linuxes.  Based on patch from thmo-13 at gmx de.

20061006
 - (tim) [buildpkg.sh.in] Use uname -r instead of -v in OS_VER for Solaris.
   Differentiate between OpenServer 5 and OpenServer 6
 - (dtucker) [configure.ac] Set put -lselinux into $LIBS while testing for
   SELinux functions so they're detected correctly.  Patch from pebenito at
   gentoo.org.
 - (tim) [buildpkg.sh.in] Some systems have really limited nawk (OpenServer).
   Allow setting alternate awk in openssh-config.local.

20061003
 - (tim) [configure.ac] Move CHECK_HEADERS test before platform specific
   section so additional platform specific CHECK_HEADER tests will work
   correctly. Fixes "<net/if_tap.h> on FreeBSD" problem report by des AT des.no
   Feedback and "seems like a good idea" dtucker@@

20061001
 - (dtucker) [audit-bsm.c] Include errno.h.  Pointed out by des at des.no.

20060929
 - (dtucker) [configure.ac] Bug #1239: Fix configure test for OpenSSH engine
   support.  Patch from andrew.benham at thus net.

20060928
 - (dtucker) [entropy.c] Bug #1238: include signal.h to fix compilation error
   on Solaris 8 w/out /dev/random or prngd.  Patch from rl at
   math.technion.ac.il.

20060926
 - (dtucker) [bufaux.h] nuke bufaux.h; it's already gone from OpenBSD and not
   referenced any more.  ok djm@@
 - (dtucker) [sftp-server.8] Resync; spotted by djm@@
 - (dtucker) Release 4.4p1.

20060924
 - (tim) [configure.ac] Remove CFLAGS hack for UnixWare 1.x/2.x (added
   to rev 1.308) to work around broken gcc 2.x header file.

20060923
 - (dtucker) [configure.ac] Bug #1234: Put opensc libs into $LIBS rather than
   $LDFLAGS.  Patch from vapier at gentoo org.

20060922
 - (dtucker) [packet.c canohost.c] Include arpa/inet.h for htonl macros on
   some platforms (eg HP-UX 11.00).  From santhi.amirta at gmail com.

20060921
 - (dtucker) OpenBSD CVS Sync
   - otto@@cvs.openbsd.org 2006/09/19 05:52:23
     [sftp.c]
     Use S_IS* macros insted of masking with S_IF* flags. The latter may
     have multiple bits set, which lead to surprising results. Spotted by
     Paul Stoeber, more to come. ok millert@@ pedro@@ jaredy@@ djm@@
   - markus@@cvs.openbsd.org 2006/09/19 21:14:08
     [packet.c]
     client NULL deref on protocol error; Tavis Ormandy, Google Security Team
 - (dtucker) [defines.h] Include unistd.h before defining getpgrp; fixes
   build error on Ultrix.  From Bernhard Simon.

20060918
 - (dtucker) [configure.ac] On AIX, check to see if the compiler will allow
   macro redefinitions, and if not, remove "-qlanglvl=ansi" from the flags.
   Allows build out of the box with older VAC and XLC compilers.  Found by
   David Bronder and Bernhard Simon.
 - (dtucker) [openbsd-compat/port-aix.{c,h}] Reduce scope of includes.
   Prevents macro redefinition warnings of "RDONLY".

20060916
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2006/09/16 19:53:37
     [deattack.c deattack.h packet.c]
     limit maximum work performed by the CRC compensation attack detector,
     problem reported by Tavis Ormandy, Google Security Team;
     ok markus@@ deraadt@@
 - (djm) Add openssh.xml to .cvsignore and sort it
 - (dtucker) [auth-pam.c] Propogate TZ environment variable to PAM auth
   process so that any logging it does is with the right timezone.  From
   Scott Strickler, ok djm@@.
 - (dtucker) [monitor.c] Correctly handle auditing of single commands when
   using Protocol 1.  From jhb at freebsd.
 - (djm) [sshd.c] Fix warning/API abuse; ok dtucker@@
 - (dtucker) [INSTALL] Add info about audit support.

20060912
 - (djm) [Makefile.in buildpkg.sh.in configure.ac openssh.xml.in]
   Support SMF in Solaris Packages if enabled by configure. Patch from
   Chad Mynhier, tested by dtucker@@

20060911
 - (dtucker) [cipher-aes.c] Include string.h for memcpy and friends.  Noted
   by Pekka Savola.

20060910
 - (dtucker) [contrib/aix/buildbff.sh] Ensure that perl is available.
 - (dtucker) [configure.ac] Add -lcrypt to let DragonFly build OOTB.

20060909
 - (dtucker) [openbsd-compat/bsd-snprintf.c] Add stdarg.h.
 - (dtucker) [contrib/aix/buildbff.sh] Always create privsep user.
 - (dtucker) [buildpkg.sh.in] Always create privsep user.  ok djm@@

20060908
 - (dtucker) [auth-sia.c] Add includes required for build on Tru64.  Patch
   from Chris Adams.
 - (dtucker) [configure.ac] The BSM header test needs time.h in some cases.

20060907
 - (djm) [sshd.c auth.c] Set up fakepw() with privsep uid/gid, so it can
   be used to drop privilege to; fixes Solaris GSSAPI crash reported by
   Magnus Abrante; suggestion and feedback dtucker@@
   NB. this change will require that the privilege separation user must
   exist on all the time, not just when UsePrivilegeSeparation=yes
 - (tim) [configure.ac] s/BROKEN_UPDWTMP/BROKEN_UPDWTMPX/ on SCO OSR6
 - (dtucker) [loginrec.c] Wrap paths.h in HAVE_PATHS_H.
 - (dtucker) [regress/cfgmatch.sh] stop_client is racy, so give us a better
   chance of winning.

20060905
 - (dtucker) [configure.ac] s/AC_DEFINES/AC_DEFINE/ spotted by Roumen Petrov.
 - (dtucker) [loginrec.c] Include paths.h for _PATH_BTMP.

20060904
 - (dtucker) [configure.ac] Define BROKEN_UPDWTMP on SCO OSR6 as the native
   updwdtmp seems to generate invalid wtmp entries.  From Roger Cornelius,
   ok djm@@

20060903
 - (dtucker) [configure.ac openbsd-compat/openbsd-compat.h] Check for
   declaration of writev(2) and declare it ourselves if necessary.  Makes
   the atomiciov() calls build on really old systems.  ok djm@@

20060902
 - (dtucker) [openbsd-compat/port-irix.c] Add errno.h, found by Iain Morgan.
 - (dtucker) [ssh-keyscan.c ssh-rand-helper.c ssh.c sshconnect.c
   openbsd-compat/bindresvport.c openbsd-compat/getrrsetbyname.c
   openbsd-compat/port-tun.c openbsd-compat/rresvport.c] Include <arpa/inet.h>
   for hton* and ntoh* macros.  Required on (at least) HP-UX since we define
   _XOPEN_SOURCE_EXTENDED.  Found by santhi.amirta at gmail com.

20060901
 - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]
   [auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
   [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
   [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
   [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
   [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
   [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
   [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
   [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
   [sshconnect1.c sshconnect2.c sshd.c]
   [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
   [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
   [openbsd-compat/port-uw.c]
   Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
   compile problems reported by rac AT tenzing.org
 - (djm) [includes.h monitor.c openbsd-compat/bindresvport.c]
   [openbsd-compat/rresvport.c] Some more headers: netinet/in.h 
   sys/socket.h and unistd.h in various places
 - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Fix implict declaration
   warnings for binary_open and binary_close.  Patch from Corinna Vinschen.
 - (dtucker) [configure.ac includes.h openbsd-compat/glob.{c,h}] Explicitly
   test for GLOB_NOMATCH and use our glob functions if it's not found.
   Stops sftp from segfaulting when attempting to get a nonexistent file on
   Cygwin (previous versions of OpenSSH didn't use the native glob). Partly
   from and tested by Corinna Vinschen.
 - (dtucker) [README contrib/{caldera,redhat,suse}/openssh.spec]  Crank
   versions.

20060831
 - (djm) [CREDITS LICENCE Makefile.in auth.c configure.ac includes.h ]
   [platform.c platform.h sshd.c openbsd-compat/Makefile.in]
   [openbsd-compat/openbsd-compat.h openbsd-compat/port-solaris.c]
   [openbsd-compat/port-solaris.h] Add support for Solaris process
   contracts, enabled with --use-solaris-contracts. Patch from Chad
   Mynhier, tweaked by dtucker@@ and myself; ok dtucker@@
 - (dtucker) [contrib/cygwin/ssh-host-config] Add SeTcbPrivilege privilege
   while setting up the ssh service account.  Patch from Corinna Vinschen.

20060830
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2006/08/21 08:14:01
     [sshd_config.5]
     Document HostbasedUsesNameFromPacketOnly.  Corrections from jmc@@,
     ok jmc@@ djm@@
   - dtucker@@cvs.openbsd.org 2006/08/21 08:15:57
     [sshd.8]
     Add more detail about what permissions are and aren't accepted for
     authorized_keys files.  Corrections jmc@@, ok djm@@, "looks good" jmc@@
   - djm@@cvs.openbsd.org 2006/08/29 10:40:19
     [channels.c session.c]
     normalise some inconsistent (but harmless) NULL pointer checks
     spotted by the Stanford SATURN tool, via Isil Dillig;
     ok markus@@ deraadt@@
   - dtucker@@cvs.openbsd.org 2006/08/29 12:02:30
     [gss-genr.c]
     Work around a problem in Heimdal that occurs when KRB5CCNAME file is
     missing, by checking whether or not kerberos allocated us a context
     before attempting to free it.  Patch from Simon Wilkinson, tested by
     biorn@@, ok djm@@
   - dtucker@@cvs.openbsd.org 2006/08/30 00:06:51
     [sshconnect2.c]
     Fix regression where SSH2 banner is printed at loglevels ERROR and FATAL
     where previously it weren't.  bz #1221, found by Dean Kopesky, ok djm@@
   - djm@@cvs.openbsd.org 2006/08/30 00:14:37
     [version.h]
     crank to 4.4
 - (djm) [openbsd-compat/xcrypt.c] needs unistd.h
 - (dtucker) [auth.c openbsd-compat/port-aix.c] Bug #1207: always call
   loginsuccess on AIX immediately after authentication to clear the failed
   login count.  Previously this would only happen when an interactive
   session starts (ie when a pty is allocated) but this means that accounts
   that have primarily non-interactive sessions (eg scp's) may gradually
   accumulate enough failures to lock out an account.  This change may have
   a side effect of creating two audit records, one with a tty of "ssh"
   corresponding to the authentication and one with the allocated pty per
   interactive session.

20060824
 - (dtucker) [openbsd-compat/basename.c] Include errno.h.
 - (dtucker) [openbsd-compat/bsd-misc.c] Add includes needed for select(2) on
   older systems.
 - (dtucker) [openbsd-compat/bsd-misc.c] Include <sys/select.h> for select(2)
   on POSIX systems.
 - (dtucker) [openbsd-compat/bsd-openpty.c] Include for ioctl(2).
 - (dtucker) [openbsd-compat/rresvport.c] Include <stdlib.h> for malloc.
 - (dtucker) [openbsd-compat/xmmap.c] Move #define HAVE_MMAP to prevent
   unused variable warning when we have a broken or missing mmap(2).

20060822
 - (dtucker) [Makefile.in] Bug #1177: fix incorrect path for sshrc in
   Makefile.  Patch from santhi.amirta at gmail, ok djm.

20060820
 - (dtucker) [log.c] Move ifdef to prevent unused variable warning.
 - (dtucker) [configure.ac] Save $LIBS during PAM library tests and restore
   afterward.  Removes the need to mangle $LIBS later to remove -lpam and -ldl.
 - (dtucker) [configure.ac] Relocate --with-pam parts in preparation for
   fixing bug #1181.  No changes yet.
 - (dtucker) [configure.ac] Bug #1181: Explicitly test to see if OpenSSL
   (0.9.8a and presumably newer) requires -ldl to successfully link.
 - (dtucker) [configure.ac] Remove errant "-".

20060819
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2006/08/18 22:41:29
     [gss-genr.c]
     GSSAPI error code should be 0 and not -1; from simon@@sxw.org.uk
 - (dtucker) [openbsd-compat/regress/Makefile.in] Add $(EXEEXT) and add a
   single rule for the test progs.

20060818
 - (dtucker) [configure.ac openbsd-compat/bsd-closefrom.c] Resync with
   closefrom.c from sudo.
 - (dtucker) [openbsd-compat/bsd-closefrom.c] Comment out rcsid.
 - (dtucker) [openbsd-compat/regress/snprintftest.c] Newline on error.
 - (dtucker) [openbsd-compat/regress/Makefile.in] Use implicit rules for the
   test progs instead; they work better than what we have.
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2006/08/06 01:13:32
     [compress.c monitor.c monitor_wrap.c]
     "zlib.h" can be <zlib.h>; ok djm@@ markus@@
   - miod@@cvs.openbsd.org 2006/08/12 20:46:46
     [monitor.c monitor_wrap.c]
     Revert previous include file ordering change, for ssh to compile under
     gcc2 (or until openssl include files are cleaned of parameter names
     in function prototypes)
   - dtucker@@cvs.openbsd.org 2006/08/14 12:40:25
     [servconf.c servconf.h sshd_config.5]
     Add ability to match groups to Match keyword in sshd_config.  Feedback
     djm@@, stevesk@@, ok stevesk@@.
   - djm@@cvs.openbsd.org 2006/08/16 11:47:15
     [sshd.c]
     factor inetd connection, TCP listen and main TCP accept loop out of
     main() into separate functions to improve readability; ok markus@@
   - deraadt@@cvs.openbsd.org 2006/08/18 09:13:26
     [log.c log.h sshd.c]
     make signal handler termination path shorter; risky code pointed out by
     mark dowd; ok djm markus
   - markus@@cvs.openbsd.org 2006/08/18 09:15:20
     [auth.h session.c sshd.c]
     delay authentication related cleanups until we're authenticated and
     all alarms have been cancelled; ok deraadt
   - djm@@cvs.openbsd.org 2006/08/18 10:27:16
     [misc.h]
     reorder so prototypes are sorted by the files they refer to; no
     binary change
   - djm@@cvs.openbsd.org 2006/08/18 13:54:54
     [gss-genr.c ssh-gss.h sshconnect2.c]
     bz #1218 - disable SPNEGO as per RFC4462; diff from simon AT sxw.org.uk
     ok markus@@
   - djm@@cvs.openbsd.org 2006/08/18 14:40:34
     [gss-genr.c ssh-gss.h]
     constify host argument to match the rest of the GSSAPI functions and
     unbreak compilation with -Werror
 - (djm) Disable sigdie() for platforms that cannot safely syslog inside
   a signal handler (basically all of them, excepting OpenBSD);
   ok dtucker@@

20060817
 - (dtucker) [openbsd-compat/fake-rfc2553.c openbsd-compat/setproctitle.c]
   Include stdlib.h for malloc and friends.
 - (dtucker) [configure.ac openbsd-compat/bsd-closefrom.c] Use F_CLOSEM fcntl
   for closefrom() on AIX.  Pointed out by William Ahern.
 - (dtucker) [openbsd-compat/regress/{Makefile.in,closefromtest.c}] Regress
   test for closefrom() in compat code.

20060816
 - (djm) [audit-bsm.c] Sprinkle in some headers

20060815
 - (dtucker) [LICENCE] Add Reyk to the list for the compat dir.

20060806
 - (djm) [openbsd-compat/bsd-getpeereid.c] Add some headers to quiet warnings
   on Solaris 10

20060806
 - (dtucker) [defines.h] With the includes.h changes we no longer get the
   name clash on "YES" so we can remove the workaround for it.
 - (dtucker) [openbsd-compat/{bsd-asprintf.c,bsd-openpty.c,bsd-snprintf.c,
   glob.c}] Include stdlib.h for malloc and friends in compat code.

20060805
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2006/07/24 13:58:22
     [sshconnect.c]
     disable tunnel forwarding when no strict host key checking
     and key changed; ok djm@@ markus@@ dtucker@@
   - stevesk@@cvs.openbsd.org 2006/07/25 02:01:34
     [scard.c]
     need #include <string.h>
   - stevesk@@cvs.openbsd.org 2006/07/25 02:59:21
     [channels.c clientloop.c packet.c scp.c serverloop.c sftp-client.c]
     [sftp-server.c ssh-agent.c ssh-keyscan.c sshconnect.c sshd.c]
     move #include <sys/time.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/26 02:35:17
     [atomicio.c auth.c dh.c authfile.c buffer.c clientloop.c kex.c]
     [groupaccess.c gss-genr.c kexgexs.c misc.c monitor.c monitor_mm.c]
     [packet.c scp.c serverloop.c session.c sftp-client.c sftp-common.c]
     [sftp-server.c sftp.c ssh-add.c ssh-agent.c ssh-keygen.c sshlogin.c]
     [uidswap.c xmalloc.c]
     move #include <sys/param.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/26 13:57:17
     [authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c]
     [hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c]
     [scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c]
     [sshconnect1.c sshd.c xmalloc.c]
     move #include <stdlib.h> out of includes.h
   - jmc@@cvs.openbsd.org 2006/07/27 08:00:50
     [ssh_config.5]
     avoid confusing wording in HashKnownHosts:
     originally spotted by alan amesbury;
     ok deraadt
   - jmc@@cvs.openbsd.org 2006/07/27 08:00:50
     [ssh_config.5]
     avoid confusing wording in HashKnownHosts:
     originally spotted by alan amesbury;
     ok deraadt
   - dtucker@@cvs.openbsd.org 2006/08/01 11:34:36
     [sshconnect.c]
     Allow fallback to known_hosts entries without port qualifiers for
     non-standard ports too, so that all existing known_hosts entries will be
     recognised.  Requested by, feedback and ok markus@@
   - stevesk@@cvs.openbsd.org 2006/08/01 23:22:48
     [auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c]
     [auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c]
     [channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c]
     [kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c]
     [monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c]
     [servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c]
     [sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c]
     [uuencode.h xmalloc.c]
     move #include <stdio.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/08/01 23:36:12
     [authfile.c channels.c progressmeter.c scard.c servconf.c ssh.c]
     clean extra spaces
   - deraadt@@cvs.openbsd.org 2006/08/03 03:34:42
     [OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
     [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
     [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
     [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
     [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
     [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
     [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
     [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
     [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
     [serverloop.c session.c session.h sftp-client.c sftp-common.c]
     [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
     [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
     [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
     [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
     almost entirely get rid of the culture of ".h files that include .h files"
     ok djm, sort of ok stevesk
     makes the pain stop in one easy step
     NB. portable commit contains everything *except* removing includes.h, as
     that will take a fair bit more work as we move headers that are required
     for portability workarounds to defines.h. (also, this step wasn't "easy")
   - stevesk@@cvs.openbsd.org 2006/08/04 20:46:05
     [monitor.c session.c ssh-agent.c]
     spaces
 - (djm) [auth-pam.c defines.h] Move PAM related bits to auth-pam.c
 - (djm) [auth-pam.c auth.c bufaux.h entropy.c openbsd-compat/port-tun.c]
   remove last traces of bufaux.h - it was merged into buffer.h in the big
   includes.h commit
 - (djm) [auth.c loginrec.c] Missing netinet/in.h for loginrec
 - (djm) [openbsd-compat/regress/snprintftest.c]
   [openbsd-compat/regress/strduptest.c] Add missing includes so they pass
   compilation with "-Wall -Werror"
 - (djm) [auth-pam.c auth-shadow.c auth2-none.c cleanup.c sshd.c]
   [openbsd-compat/port-tun.c openbsd-compat/port-tun.h] Sprinkle more
   includes for Linux in
 - (dtucker) [cleanup.c] Need defines.h for __dead.
 - (dtucker) [auth2-gss.c] We still need the #ifdef GSSAPI in -portable.
 - (dtucker) [openbsd-compat/{bsd-arc4random.c,port-tun.c,xmmap.c}] Lots of
   #include stdarg.h, needed for log.h.
 - (dtucker) [entropy.c] Needs unistd.h too.
 - (dtucker) [ssh-rand-helper.c] Needs stdarg.h for log.h.
 - (dtucker) [openbsd-compat/getrrsetbyname.c] Nees stdlib.h for malloc.
 - (dtucker) [openbsd-compat/strtonum.c] Include stdlib.h for strtoll,
   otherwise it is implicitly declared as returning an int.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2006/08/05 07:52:52
     [auth2-none.c sshd.c monitor_wrap.c]
     Add headers required to build with KERBEROS5=no.  ok djm@@
   - dtucker@@cvs.openbsd.org 2006/08/05 08:00:33
     [auth-skey.c]
     Add headers required to build with -DSKEY.  ok djm@@
   - dtucker@@cvs.openbsd.org 2006/08/05 08:28:24
     [monitor_wrap.c auth-skey.c auth2-chall.c]
     Zap unused variables in -DSKEY code.  ok djm@@
   - dtucker@@cvs.openbsd.org 2006/08/05 08:34:04
     [packet.c]
     Typo in comment
 - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Add headers required to compile
   on Cygwin.
 - (dtucker) [openbsd-compat/fake-rfc2553.c] Add headers needed for inet_ntoa.
 - (dtucker) [auth-skey.c] monitor_wrap.h needs ssh-gss.h.
 - (dtucker) [audit.c audit.h] Repair headers.
 - (dtucker) [audit-bsm.c] Add additional headers now required.

20060804
 - (dtucker) [configure.ac] The "crippled AES" test does not work on recent
   versions of Solaris, so use AC_LINK_IFELSE to actually link the test program
   rather than just compiling it.  Spotted by dlg@@.

20060802
 - (dtucker) [openbsd-compat/daemon.c] Add unistd.h for fork() prototype.

20060725
 - (dtucker) [openbsd-compat/xmmap.c] Need fcntl.h for O_RDRW.

20060724
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/07/12 13:39:55
     [sshd_config.5]
      - new sentence, new line
      - s/The the/The/
      - kill a bad comma
   - stevesk@@cvs.openbsd.org 2006/07/12 22:28:52
     [auth-options.c canohost.c channels.c includes.h readconf.c]
     [servconf.c ssh-keyscan.c ssh.c sshconnect.c sshd.c]
     move #include <netdb.h> out of includes.h; ok djm@@
   - stevesk@@cvs.openbsd.org 2006/07/12 22:42:32
     [includes.h ssh.c ssh-rand-helper.c]
     move #include <stddef.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/14 01:15:28
     [monitor_wrap.h]
     don't need incompletely-typed 'struct passwd' now with
     #include <pwd.h>; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/07/17 01:31:10
     [authfd.c authfile.c channels.c cleanup.c clientloop.c groupaccess.c]
     [includes.h log.c misc.c msg.c packet.c progressmeter.c readconf.c]
     [readpass.c scp.c servconf.c sftp-client.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c]
     [sshconnect.c sshlogin.c sshpty.c uidswap.c]
     move #include <unistd.h> out of includes.h
   - dtucker@@cvs.openbsd.org 2006/07/17 12:02:24
     [auth-options.c]
     Use '\0' rather than 0 to terminates strings; ok djm@@
   - dtucker@@cvs.openbsd.org 2006/07/17 12:06:00
     [channels.c channels.h servconf.c sshd_config.5]
     Add PermitOpen directive to sshd_config which is equivalent to the
     "permitopen" key option.  Allows server admin to allow TCP port
     forwarding only two specific host/port pairs.  Useful when combined
     with Match.
     If permitopen is used in both sshd_config and a key option, both
     must allow a given connection before it will be permitted.
     Note that users can still use external forwarders such as netcat,
     so to be those must be controlled too for the limits to be effective.
     Feedback & ok djm@@, man page corrections & ok jmc@@.
   - jmc@@cvs.openbsd.org 2006/07/18 07:50:40
     [sshd_config.5]
     tweak; ok dtucker
   - jmc@@cvs.openbsd.org 2006/07/18 07:56:28
     [scp.1]
     replace DIAGNOSTICS with .Ex;
   - jmc@@cvs.openbsd.org 2006/07/18 08:03:09
     [ssh-agent.1 sshd_config.5]
     mark up angle brackets;
   - dtucker@@cvs.openbsd.org 2006/07/18 08:22:23
     [sshd_config.5]
     Clarify description of Match, with minor correction from jmc@@
   - stevesk@@cvs.openbsd.org 2006/07/18 22:27:55
     [dh.c]
     remove unneeded includes; ok djm@@
   - dtucker@@cvs.openbsd.org 2006/07/19 08:56:41
     [servconf.c sshd_config.5]
     Add support for X11Forwaring, X11DisplayOffset and X11UseLocalhost to
     Match.  ok djm@@
   - dtucker@@cvs.openbsd.org 2006/07/19 13:07:10
     [servconf.c servconf.h session.c sshd.8 sshd_config sshd_config.5]
     Add ForceCommand keyword to sshd_config, equivalent to the "command="
     key option, man page entry and example in sshd_config.
     Feedback & ok djm@@, man page corrections & ok jmc@@
   - stevesk@@cvs.openbsd.org 2006/07/20 15:26:15
     [auth1.c serverloop.c session.c sshconnect2.c]
     missed some needed #include <unistd.h> when KERBEROS5=no; issue from
     massimo@@cedoc.mo.it
   - dtucker@@cvs.openbsd.org 2006/07/21 12:43:36
     [channels.c channels.h servconf.c servconf.h sshd_config.5]
     Make PermitOpen take a list of permitted ports and act more like most
     other keywords (ie the first match is the effective setting). This
     also makes it easier to override a previously set PermitOpen. ok djm@@
   - stevesk@@cvs.openbsd.org 2006/07/21 21:13:30
     [channels.c]
     more ARGSUSED (lint) for dispatch table-driven functions; ok djm@@
   - stevesk@@cvs.openbsd.org 2006/07/21 21:26:55
     [progressmeter.c]
     ARGSUSED for signal handler
   - stevesk@@cvs.openbsd.org 2006/07/22 19:08:54
     [includes.h moduli.c progressmeter.c scp.c sftp-common.c]
     [sftp-server.c ssh-agent.c sshlogin.c]
     move #include <time.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/22 20:48:23
     [atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
     [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
     [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
     [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
     [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
     [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
     [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
     move #include <string.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/23 01:11:05
     [auth.h dispatch.c kex.h sftp-client.c]
     #include <signal.h> for sig_atomic_t; need this prior to <sys/param.h>
     move
 - (djm) [acss.c auth-krb5.c auth-options.c auth-pam.c auth-shadow.c]
   [canohost.c channels.c cipher-acss.c defines.h dns.c gss-genr.c]
   [gss-serv-krb5.c gss-serv.c log.h loginrec.c logintest.c readconf.c]
   [servconf.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c]
   [ssh.c sshconnect.c sshd.c openbsd-compat/bindresvport.c]
   [openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-misc.c]
   [openbsd-compat/getrrsetbyname.c openbsd-compat/glob.c]
   [openbsd-compat/mktemp.c openbsd-compat/port-linux.c]
   [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c]
   [openbsd-compat/setproctitle.c openbsd-compat/xmmap.c]
   make the portable tree compile again - sprinkle unistd.h and string.h 
   back in. Don't redefine __unused, as it turned out to be used in
   headers on Linux, and replace its use in auth-pam.c with ARGSUSED
 - (djm) [openbsd-compat/glob.c]
   Move get_arg_max() into the ifdef HAVE_GLOB block so that it compiles
   on OpenBSD (or other platforms with a decent glob implementation) with
   -Werror
 - (djm) [uuencode.c]
   Add resolv.h, is it contains the prototypes for __b64_ntop/__b64_pton on
   some platforms
 - (djm) [session.c]
   fix compile error with -Werror -Wall: 'path' is only used in
   do_setup_env() if HAVE_LOGIN_CAP is not defined
 - (djm) [openbsd-compat/basename.c openbsd-compat/bsd-closefrom.c]
   [openbsd-compat/bsd-cray.c openbsd-compat/bsd-openpty.c]
   [openbsd-compat/bsd-snprintf.c openbsd-compat/fake-rfc2553.c]
   [openbsd-compat/port-aix.c openbsd-compat/port-irix.c]
   [openbsd-compat/rresvport.c]
   These look to need string.h and/or unistd.h (based on a grep for function
   names)
 - (djm) [Makefile.in]
   Remove generated openbsd-compat/regress/Makefile in distclean target
 - (djm) [regress/Makefile regress/agent-getpeereid.sh regress/cfgmatch.sh]
   [regress/cipher-speed.sh regress/forcecommand.sh regress/forwarding.sh]
   Sync regress tests to -current; include dtucker@@'s new cfgmatch and 
   forcecommand tests. Add cipher-speed.sh test (not linked in yet)
 - (dtucker) [cleanup.c] Since config.h defines _LARGE_FILES on AIX, including
   system headers before defines.h will cause conflicting definitions.
 - (dtucker) [regress/forcecommand.sh] Portablize.

20060713
 - (dtucker) [auth-krb5.c auth-pam.c] Still more errno.h

20060712
 - (dtucker) [configure.ac defines.h] Only define SHUT_RD (and friends) and
   O_NONBLOCK if they're really needed.  Fixes build errors on HP-UX, old
   Linuxes and probably more.
 - (dtucker) [configure.ac] OpenBSD needs <sys/types.h> before <sys/socket.h>
   for SHUT_RD.
 - (dtucker) [openbsd-compat/port-tun.c] OpenBSD needs <netinet/in.h> before
   <netinet/ip.h>.
 - (dtucker) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2006/07/10 16:01:57
     [sftp-glob.c sftp-common.h sftp.c]
     buffer.h only needed in sftp-common.h and remove some unneeded
     user includes; ok djm@@
   - jmc@@cvs.openbsd.org 2006/07/10 16:04:21
     [sshd.8]
     s/and and/and/
   - stevesk@@cvs.openbsd.org 2006/07/10 16:37:36
     [readpass.c log.h scp.c fatal.c xmalloc.c includes.h ssh-keyscan.c misc.c
     auth.c packet.c log.c]
     move #include <stdarg.h> out of includes.h; ok markus@@
   - dtucker@@cvs.openbsd.org 2006/07/11 10:12:07
     [ssh.c]
     Only copy the part of environment variable that we actually use.  Prevents
     ssh bailing when SendEnv is used and an environment variable with a really
     long value exists.  ok djm@@
   - markus@@cvs.openbsd.org 2006/07/11 18:50:48
     [clientloop.c ssh.1 ssh.c channels.c ssh_config.5 readconf.h session.c
     channels.h readconf.c]
     add ExitOnForwardFailure: terminate the connection if ssh(1)
     cannot set up all requested dynamic, local, and remote port
     forwardings. ok djm, dtucker, stevesk, jmc
   - stevesk@@cvs.openbsd.org 2006/07/11 20:07:25
     [scp.c auth.c monitor.c serverloop.c sftp-server.c sshpty.c readpass.c
     sshd.c monitor_wrap.c monitor_fdpass.c ssh-agent.c ttymodes.c atomicio.c
     includes.h session.c sshlogin.c monitor_mm.c packet.c sshconnect2.c
     sftp-client.c nchan.c clientloop.c sftp.c misc.c canohost.c channels.c
     ssh-keygen.c progressmeter.c uidswap.c msg.c readconf.c sshconnect.c]
     move #include <errno.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/07/11 20:16:43
     [ssh.c]
     cast asterisk field precision argument to int to remove warning;
     ok markus@@
   - stevesk@@cvs.openbsd.org 2006/07/11 20:27:56
     [authfile.c ssh.c]
     need <errno.h> here also (it's also included in <openssl/err.h>)
   - dtucker@@cvs.openbsd.org 2006/07/12 11:34:58
     [sshd.c servconf.h servconf.c sshd_config.5 auth.c]
     Add support for conditional directives to sshd_config via a "Match"
     keyword, which works similarly to the "Host" directive in ssh_config.
     Lines after a Match line override the default set in the main section
     if the condition on the Match line is true, eg
     AllowTcpForwarding yes
     Match User anoncvs
             AllowTcpForwarding no
     will allow port forwarding by all users except "anoncvs".
     Currently only a very small subset of directives are supported.
     ok djm@@
 - (dtucker) [loginrec.c openbsd-compat/xmmap.c openbsd-compat/bindresvport.c
   openbsd-compat/glob.c openbsd-compat/mktemp.c openbsd-compat/port-tun.c
   openbsd-compat/readpassphrase.c openbsd-compat/strtonum.c] Include <errno.h>.
 - (dtucker) [openbsd-compat/setproctitle.c] Include stdarg.h.
 - (dtucker) [ssh-keyscan.c ssh-rand-helper.c] More errno.h here too.
 - (dtucker) [openbsd-compat/openbsd-compat.h] v*printf needs stdarg.h.
 - (dtucker) [openbsd-compat/bsd-asprintf.c openbsd-compat/port-aix.c
   openbsd-compat/rresvport.c] More errno.h.

20060711
 - (dtucker) [configure.ac ssh-keygen.c openbsd-compat/bsd-openpty.c
   openbsd-compat/daemon.c] Add includes needed by open(2).  Conditionally
   include paths.h.  Fixes build error on Solaris.
 - (dtucker) [entropy.c] More fcntl.h, this time on AIX (and probably
   others).

20060710
 - (dtucker) [INSTALL] New autoconf version: 2.60.
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2006/06/14 10:50:42
     [sshconnect.c]
     limit the number of pre-banner characters we will accept; ok markus@@
   - djm@@cvs.openbsd.org 2006/06/26 10:36:15
     [clientloop.c]
     mention optional bind_address in runtime port forwarding setup
     command-line help. patch from santhi.amirta AT gmail.com
   - stevesk@@cvs.openbsd.org 2006/07/02 17:12:58
     [ssh.1 ssh.c ssh_config.5 sshd_config.5]
     more details and clarity for tun(4) device forwarding; ok and help
     jmc@@
   - stevesk@@cvs.openbsd.org 2006/07/02 18:36:47
     [gss-serv-krb5.c gss-serv.c]
     no "servconf.h" needed here
     (gss-serv-krb5.c change not applied, portable needs the server options)
   - stevesk@@cvs.openbsd.org 2006/07/02 22:45:59
     [groupaccess.c groupaccess.h includes.h session.c sftp-common.c sshpty.c]
     move #include <grp.h> out of includes.h
     (portable needed uidswap.c too)
   - stevesk@@cvs.openbsd.org 2006/07/02 23:01:55
     [clientloop.c ssh.1]
     use -KR[bind_address:]port here; ok djm@@
   - stevesk@@cvs.openbsd.org 2006/07/03 08:54:20
     [includes.h ssh.c sshconnect.c sshd.c]
     move #include "version.h" out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/07/03 17:59:32
     [channels.c includes.h]
     move #include <arpa/inet.h> out of includes.h; old ok djm@@
     (portable needed session.c too)
   - stevesk@@cvs.openbsd.org 2006/07/05 02:42:09
     [canohost.c hostfile.c includes.h misc.c packet.c readconf.c]
     [serverloop.c sshconnect.c uuencode.c]
     move #include <netinet/in.h> out of includes.h; ok deraadt@@
     (also ssh-rand-helper.c logintest.c loginrec.c)
   - djm@@cvs.openbsd.org 2006/07/06 10:47:05
     [servconf.c servconf.h session.c sshd_config.5]
     support arguments to Subsystem commands; ok markus@@
   - djm@@cvs.openbsd.org 2006/07/06 10:47:57
     [sftp-server.8 sftp-server.c]
     add commandline options to enable logging of transactions; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/07/06 16:03:53
     [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c]
     [auth-rhosts.c auth-rsa.c auth.c auth.h auth2-hostbased.c]
     [auth2-pubkey.c auth2.c includes.h misc.c misc.h monitor.c]
     [monitor_wrap.c monitor_wrap.h scp.c serverloop.c session.c]
     [session.h sftp-common.c ssh-add.c ssh-keygen.c ssh-keysign.c]
     [ssh.c sshconnect.c sshconnect.h sshd.c sshpty.c sshpty.h uidswap.c]
     [uidswap.h]
     move #include <pwd.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/07/06 16:22:39
     [ssh-keygen.c]
     move #include "dns.h" up
   - stevesk@@cvs.openbsd.org 2006/07/06 17:36:37
     [monitor_wrap.h]
     typo in comment
   - stevesk@@cvs.openbsd.org 2006/07/08 21:47:12
     [authfd.c canohost.c clientloop.c dns.c dns.h includes.h]
     [monitor_fdpass.c nchan.c packet.c servconf.c sftp.c ssh-agent.c]
     [ssh-keyscan.c ssh.c sshconnect.h sshd.c sshlogin.h]
     move #include <sys/socket.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/08 21:48:53
     [monitor.c session.c]
     missed these from last commit:
     move #include <sys/socket.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/08 23:30:06
     [log.c]
     move user includes after /usr/include files
   - stevesk@@cvs.openbsd.org 2006/07/09 15:15:11
     [auth2-none.c authfd.c authfile.c includes.h misc.c monitor.c]
     [readpass.c scp.c serverloop.c sftp-client.c sftp-server.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     [sshlogin.c sshpty.c]
     move #include <fcntl.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/09 15:27:59
     [ssh-add.c]
     use O_RDONLY vs. 0 in open(); no binary change
   - djm@@cvs.openbsd.org 2006/07/10 11:24:54
     [sftp-server.c]
     remove optind - it isn't used here
   - djm@@cvs.openbsd.org 2006/07/10 11:25:53
     [sftp-server.c]
     don't log variables that aren't yet set
 - (djm) [loginrec.c ssh-rand-helper.c sshd.c openbsd-compat/glob.c]
   [openbsd-compat/mktemp.c openbsd-compat/openbsd-compat.h]
   [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c]
   [openbsd-compat/xcrypt.c] Fix includes.h fallout, mainly fcntl.h
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2006/07/10 12:03:20
     [scp.c]
     duplicate argv at the start of main() because it gets modified later;
     pointed out by deraadt@@ ok markus@@
   - djm@@cvs.openbsd.org 2006/07/10 12:08:08
     [channels.c]
     fix misparsing of SOCKS 5 packets that could result in a crash;
     reported by mk@@ ok markus@@
   - dtucker@@cvs.openbsd.org 2006/07/10 12:46:51
     [misc.c misc.h sshd.8 sshconnect.c]
     Add port identifier to known_hosts for non-default ports, based originally
     on a patch from Devin Nate in bz#910.
     For any connection using the default port or using a HostKeyAlias the
     format is unchanged, otherwise the host name or address is enclosed
     within square brackets in the same format as sshd's ListenAddress.
     Tested by many, ok markus@@.
 - (dtucker) [openbsd-compat/openbsd-compat.h] Need to include <sys/socket.h>
   for struct sockaddr on platforms that use the fake-rfc stuff.

20060706
 - (dtucker) [configure.ac] Try AIX blibpath test in different order when
   compiling with gcc.  gcc 4.1.x will accept (but ignore) -b flags so
   configure would not select the correct libpath linker flags.
 - (dtucker) [INSTALL] A bit more info on autoconf.

20060705
 - (dtucker) [ssh-rand-helper.c] Don't exit if mkdir fails because the
   target already exists.

20060630
 - (dtucker) [openbsd-compat/openbsd-compat.h] SNPRINTF_CONST for snprintf
   declaration too.  Patch from russ at sludge.net.
 - (dtucker) [openbsd-compat/getrrsetbyname.c] Undef _res before defining it,
   prevents warnings on platforms where _res is in the system headers.
 - (dtucker) [INSTALL] Bug #1202: Note when autoconf is required and which
   version.

20060627
 - (dtucker) [configure.ac] Bug #1203: Add missing '[', which causes problems
   with autoconf 2.60.  Patch from vapier at gentoo.org.

20060625
 - (dtucker) [channels.c serverloop.c] Apply the bug #1102 workaround to ptys
   only, otherwise sshd can hang exiting non-interactive sessions.

20060624
 - (dtucker) [configure.ac] Bug #1193: Define PASSWD_NEEDS_USERNAME on Solaris.
   Works around limitation in Solaris' passwd program for changing passwords
   where the username is longer than 8 characters.  ok djm@@
 - (dtucker) [serverloop.c] Get ifdef/ifndef the right way around for the bug
   #1102 workaround.

20060623
 - (dtucker) [README.platform configure.ac openbsd-compat/port-tun.c] Add
   tunnel support for Mac OS X/Darwin via a third-party tun driver.  Patch
   from reyk@@, tested by anil@@
 - (dtucker) [channels.c configure.ac serverloop.c] Bug #1102: Around AIX
   4.3.3 ML3 or so, the AIX pty layer starting passing zero-length writes
   on the pty slave as zero-length reads on the pty master, which sshd
   interprets as the descriptor closing.  Since most things don't do zero
   length writes this rarely matters, but occasionally it happens, and when
   it does the SSH pty session appears to hang, so we add a special case for
   this condition.  ok djm@@

20060613
 - (djm) [getput.h] This file has been replaced by functions in misc.c
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2006/05/08 10:49:48
     [sshconnect2.c]
     uint32_t -> u_int32_t (which we use everywhere else)
     (Id sync only - portable already had this)
   - markus@@cvs.openbsd.org 2006/05/16 09:00:00
     [clientloop.c]
     missing free; from Kylene Hall
   - markus@@cvs.openbsd.org 2006/05/17 12:43:34
     [scp.c sftp.c ssh-agent.c ssh-keygen.c sshconnect.c]
     fix leak; coverity via Kylene Jo Hall
   - miod@@cvs.openbsd.org 2006/05/18 21:27:25
     [kexdhc.c kexgexc.c]
     paramter -> parameter
   - dtucker@@cvs.openbsd.org 2006/05/29 12:54:08
     [ssh_config.5]
     Add gssapi-with-mic to PreferredAuthentications default list; ok jmc
   - dtucker@@cvs.openbsd.org 2006/05/29 12:56:33
     [ssh_config]
     Add GSSAPIAuthentication and GSSAPIDelegateCredentials to examples in
     sample ssh_config.  ok markus@@
   - jmc@@cvs.openbsd.org 2006/05/29 16:10:03
     [ssh_config.5]
     oops - previous was too long; split the list of auths up
   - mk@@cvs.openbsd.org 2006/05/30 11:46:38
     [ssh-add.c]
     Sync usage() with man page and reality.
     ok deraadt dtucker
   - jmc@@cvs.openbsd.org 2006/05/29 16:13:23
     [ssh.1]
     add GSSAPI to the list of authentication methods supported;
   - mk@@cvs.openbsd.org 2006/05/30 11:46:38
     [ssh-add.c]
     Sync usage() with man page and reality.
     ok deraadt dtucker
   - markus@@cvs.openbsd.org 2006/06/01 09:21:48
     [sshd.c]
     call get_remote_ipaddr() early; fixes logging after client disconnects;
     report mpf@@; ok dtucker@@
   - markus@@cvs.openbsd.org 2006/06/06 10:20:20
     [readpass.c sshconnect.c sshconnect.h sshconnect2.c uidswap.c]
     replace remaining setuid() calls with permanently_set_uid() and
     check seteuid() return values; report Marcus Meissner; ok dtucker djm
   - markus@@cvs.openbsd.org 2006/06/08 14:45:49
     [readpass.c sshconnect.c sshconnect2.c uidswap.c uidswap.h]
     do not set the gid, noted by solar; ok djm
   - djm@@cvs.openbsd.org 2006/06/13 01:18:36
     [ssh-agent.c]
     always use a format string, even when printing a constant
   - djm@@cvs.openbsd.org 2006/06/13 02:17:07
     [ssh-agent.c]
     revert; i am on drugs. spotted by alexander AT beard.se

20060521
 - (dtucker) [auth.c monitor.c] Now that we don't log from both the monitor
   and slave, we can remove the special-case handling in the audit hook in
   auth_log.

20060517
 - (dtucker) [ssh-rand-helper.c] Check return code of mkdir and fix file
   pointer leak.  From kjhall at us.ibm.com, found by coverity.

20060515
 - (dtucker) [openbsd-compat/getrrsetbyname.c] Use _compat_res instead of
   _res, prevents problems on some platforms that have _res as a global but
   don't have getrrsetbyname(), eg IRIX 5.3.  Found and tested by
   georg.schwarz at freenet.de, ok djm@@.
 - (dtucker) [defines.h] Find a value for IOV_MAX or use a conservative
   default.  Patch originally from tim@@, ok djm
 - (dtucker) [auth-pam.c] Bug #1188: pass result of do_pam_account back and
   do not allow kbdint again after the PAM account check fails.  ok djm@@

20060506
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2006/04/25 08:02:27
     [authfile.c authfile.h sshconnect2.c ssh.c sshconnect1.c]
     Prevent ssh from trying to open private keys with bad permissions more than
     once or prompting for their passphrases (which it subsequently ignores
     anyway), similar to a previous change in ssh-add.  bz #1186, ok djm@@
   - djm@@cvs.openbsd.org 2006/05/04 14:55:23
     [dh.c]
     tighter DH exponent checks here too; feedback and ok markus@@
   - djm@@cvs.openbsd.org 2006/04/01 05:37:46
     [OVERVIEW]
     $OpenBSD$ in here too
   - dtucker@@cvs.openbsd.org 2006/05/06 08:35:40
     [auth-krb5.c]
     Add $OpenBSD$ in comment here too

20060504
 - (dtucker) [auth-pam.c groupaccess.c monitor.c monitor_wrap.c scard-opensc.c
   session.c ssh-rand-helper.c sshd.c openbsd-compat/bsd-cygwin_util.c
   openbsd-compat/setproctitle.c] Convert malloc(foo*bar) -> calloc(foo,bar)
   in Portable-only code; since calloc zeros, remove now-redundant memsets.
   Also add a couple of sanity checks.  With & ok djm@@

20060503
 - (dtucker) [packet.c] Remove in_systm.h since it's also in includes.h
   and double including it on IRIX 5.3 causes problems.  From Georg Schwarz,
   "no objections" tim@@

20060423
 - (djm) OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2006/04/01 05:42:20
     [scp.c]
     minimal lint cleanup (unused crud, and some size_t); ok djm
   - djm@@cvs.openbsd.org 2006/04/01 05:50:29
     [scp.c]
     xasprintification; ok deraadt@@
   - djm@@cvs.openbsd.org 2006/04/01 05:51:34
     [atomicio.c]
     ANSIfy; requested deraadt@@
   - dtucker@@cvs.openbsd.org 2006/04/02 08:34:52
     [ssh-keysign.c]
     sessionid can be 32 bytes now too when sha256 kex is used; ok djm@@
   - djm@@cvs.openbsd.org 2006/04/03 07:10:38
     [gss-genr.c]
     GSSAPI buffers shouldn't be nul-terminated, spotted in bugzilla #1066
     by dleonard AT vintela.com. use xasprintf() to simplify code while in
     there; "looks right" deraadt@@
   - djm@@cvs.openbsd.org 2006/04/16 00:48:52
     [buffer.c buffer.h channels.c]
     Fix condition where we could exit with a fatal error when an input
     buffer became too large and the remote end had advertised a big window.
     The problem was a mismatch in the backoff math between the channels code
     and the buffer code, so make a buffer_check_alloc() function that the
     channels code can use to propsectivly check whether an incremental
     allocation will succeed.  bz #1131, debugged with the assistance of
     cove AT wildpackets.com; ok dtucker@@ deraadt@@
   - djm@@cvs.openbsd.org 2006/04/16 00:52:55
     [atomicio.c atomicio.h]
     introduce atomiciov() function that wraps readv/writev to retry
     interrupted transfers like atomicio() does for read/write;
     feedback deraadt@@ dtucker@@ stevesk@@ ok deraadt@@
   - djm@@cvs.openbsd.org 2006/04/16 00:54:10
     [sftp-client.c]
     avoid making a tiny 4-byte write to send the packet length of sftp
     commands, which would result in a separate tiny packet on the wire by
     using atomiciov(writev, ...) to write the length and the command in one
     pass; ok deraadt@@
   - djm@@cvs.openbsd.org 2006/04/16 07:59:00
     [atomicio.c]
     reorder sanity test so that it cannot dereference past the end of the
     iov array; well spotted canacar@@!
   - dtucker@@cvs.openbsd.org 2006/04/18 10:44:28
     [bufaux.c bufbn.c Makefile.in]
     Move Buffer bignum functions into their own file, bufbn.c. This means
     that sftp and sftp-server (which use the Buffer functions in bufaux.c 
     but not the bignum ones) no longer need to be linked with libcrypto.
     ok markus@@
   - djm@@cvs.openbsd.org 2006/04/20 09:27:09
     [auth.h clientloop.c dispatch.c dispatch.h kex.h]
     replace the last non-sig_atomic_t flag used in a signal handler with a
     sig_atomic_t, unfortunately with some knock-on effects in other (non-
     signal) contexts in which it is used; ok markus@@
   - markus@@cvs.openbsd.org 2006/04/20 09:47:59
     [sshconnect.c]
     simplify; ok djm@@
   - djm@@cvs.openbsd.org 2006/04/20 21:53:44
     [includes.h session.c sftp.c]
     Switch from using pipes to socketpairs for communication between
     sftp/scp and ssh, and between sshd and its subprocesses. This saves
     a file descriptor per session and apparently makes userland ppp over
     ssh work; ok markus@@ deraadt@@ (ID Sync only - portable makes this
     decision on a per-platform basis)
   - djm@@cvs.openbsd.org 2006/04/22 04:06:51
     [uidswap.c]
     use setres[ug]id() to permanently revoke privileges; ok deraadt@@
     (ID Sync only - portable already uses setres[ug]id() whenever possible)
   - stevesk@@cvs.openbsd.org 2006/04/22 18:29:33
     [crc32.c]
     remove extra spaces
 - (djm) [auth.h dispatch.h kex.h] sprinkle in signal.h to get
   sig_atomic_t

20060421
 - (djm) [Makefile.in configure.ac session.c sshpty.c]
   [contrib/redhat/sshd.init openbsd-compat/Makefile.in]
   [openbsd-compat/openbsd-compat.h openbsd-compat/port-linux.c]
   [openbsd-compat/port-linux.h] Add support for SELinux, setting 
   the execution and TTY contexts. based on patch from Daniel Walsh,
   bz #880; ok dtucker@@

20060418
 - (djm) [canohost.c] Reorder IP options check so that it isn't broken
   by mapped addresses; bz #1179 reported by markw wtech-llc.com;
   ok dtucker@@

20060331
 - OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2006/03/27 01:21:18
     [xmalloc.c]
     we can do the size & nmemb check before the integer overflow check; 
     evol
   - deraadt@@cvs.openbsd.org 2006/03/27 13:03:54
     [dh.c]
     use strtonum() instead of atoi(), limit dhg size to 64k; ok djm
   - djm@@cvs.openbsd.org 2006/03/27 23:15:46
     [sftp.c]
     always use a format string for addargs; spotted by mouring@@
   - deraadt@@cvs.openbsd.org 2006/03/28 00:12:31
     [README.tun ssh.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/28 01:52:28
     [channels.c]
     do not accept unreasonable X ports numbers; ok djm
   - deraadt@@cvs.openbsd.org 2006/03/28 01:53:43
     [ssh-agent.c]
     use strtonum() to parse the pid from the file, and range check it
     better; ok djm
   - djm@@cvs.openbsd.org 2006/03/30 09:41:25
     [channels.c]
     ARGSUSED for dispatch table-driven functions
   - djm@@cvs.openbsd.org 2006/03/30 09:58:16
     [authfd.c bufaux.c deattack.c gss-serv.c mac.c misc.c misc.h]
     [monitor_wrap.c msg.c packet.c sftp-client.c sftp-server.c ssh-agent.c]
     replace {GET,PUT}_XXBIT macros with functionally similar functions,
     silencing a heap of lint warnings. also allows them to use
     __bounded__ checking which can't be applied to macros; requested
     by and feedback from deraadt@@
   - djm@@cvs.openbsd.org 2006/03/30 10:41:25
     [ssh.c ssh_config.5]
     add percent escape chars to the IdentityFile option, bz #1159 based
     on a patch by imaging AT math.ualberta.ca; feedback and ok dtucker@@
   - dtucker@@cvs.openbsd.org 2006/03/30 11:05:17
     [ssh-keygen.c]
     Correctly handle truncated files while converting keys; ok djm@@
   - dtucker@@cvs.openbsd.org 2006/03/30 11:40:21
     [auth.c monitor.c]
     Prevent duplicate log messages when privsep=yes; ok djm@@
   - jmc@@cvs.openbsd.org 2006/03/31 09:09:30
     [ssh_config.5]
     kill trailing whitespace;
   - djm@@cvs.openbsd.org 2006/03/31 09:13:56
     [ssh_config.5]
     remote user escape is %r not %h; spotted by jmc@@

20060326
 - OpenBSD CVS Sync
   - jakob@@cvs.openbsd.org 2006/03/15 08:46:44
     [ssh-keygen.c]
     if no key file are given when printing the DNS host record, use the
     host key file(s) as default. ok djm@@
   - biorn@@cvs.openbsd.org 2006/03/16 10:31:45
     [scp.c]
     Try to display errormessage even if remout == -1
     ok djm@@, markus@@
   - djm@@cvs.openbsd.org 2006/03/17 22:31:50
     [authfd.c]
     another unreachable found by lint
   - djm@@cvs.openbsd.org 2006/03/17 22:31:11
     [authfd.c]
     unreachanble statement, found by lint
   - djm@@cvs.openbsd.org 2006/03/19 02:22:32
     [serverloop.c]
     memory leaks detected by Coverity via elad AT netbsd.org;
     ok deraadt@@ dtucker@@
   - djm@@cvs.openbsd.org 2006/03/19 02:22:56
     [sftp.c]
     more memory leaks detected by Coverity via elad AT netbsd.org;
     deraadt@@ ok
   - djm@@cvs.openbsd.org 2006/03/19 02:23:26
     [hostfile.c]
     FILE* leak detected by Coverity via elad AT netbsd.org;
     ok deraadt@@
   - djm@@cvs.openbsd.org 2006/03/19 02:24:05
     [dh.c readconf.c servconf.c]
     potential NULL pointer dereferences detected by Coverity
     via elad AT netbsd.org; ok deraadt@@
   - djm@@cvs.openbsd.org 2006/03/19 07:41:30
     [sshconnect2.c]
     memory leaks detected by Coverity via elad AT netbsd.org;
     deraadt@@ ok
   - dtucker@@cvs.openbsd.org 2006/03/19 11:51:52
     [servconf.c]
     Correct strdelim null test; ok djm@@
   - deraadt@@cvs.openbsd.org 2006/03/19 18:52:11
     [auth1.c authfd.c channels.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/19 18:53:12
     [kex.c kex.h monitor.c myproposal.h session.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/19 18:56:41
     [clientloop.c progressmeter.c serverloop.c sshd.c]
     ARGSUSED for signal handlers
   - deraadt@@cvs.openbsd.org 2006/03/19 18:59:49
     [ssh-keyscan.c]
     please lint
   - deraadt@@cvs.openbsd.org 2006/03/19 18:59:30
     [ssh.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/19 18:59:09
     [authfile.c]
     whoever thought that break after return was a good idea needs to
     get their head examimed
   - djm@@cvs.openbsd.org 2006/03/20 04:09:44
     [monitor.c]
     memory leaks detected by Coverity via elad AT netbsd.org;
     deraadt@@ ok
     that should be all of them now
   - djm@@cvs.openbsd.org 2006/03/20 11:38:46
     [key.c]
     (really) last of the Coverity diffs: avoid possible NULL deref in
     key_free. via elad AT netbsd.org; markus@@ ok
   - deraadt@@cvs.openbsd.org 2006/03/20 17:10:19
     [auth.c key.c misc.c packet.c ssh-add.c]
     in a switch (), break after return or goto is stupid
   - deraadt@@cvs.openbsd.org 2006/03/20 17:13:16
     [key.c]
     djm did a typo
   - deraadt@@cvs.openbsd.org 2006/03/20 17:17:23
     [ssh-rsa.c]
     in a switch (), break after return or goto is stupid
   - deraadt@@cvs.openbsd.org 2006/03/20 18:14:02
     [channels.c clientloop.c monitor_wrap.c monitor_wrap.h serverloop.c]
     [ssh.c sshpty.c sshpty.h]
     sprinkle u_int throughout pty subsystem, ok markus
   - deraadt@@cvs.openbsd.org 2006/03/20 18:17:20
     [auth1.c auth2.c sshd.c]
     sprinkle some ARGSUSED for table driven functions (which sometimes 
     must ignore their args)
   - deraadt@@cvs.openbsd.org 2006/03/20 18:26:55
     [channels.c monitor.c session.c session.h ssh-agent.c ssh-keygen.c]
     [ssh-rsa.c ssh.c sshlogin.c]
     annoying spacing fixes getting in the way of real diffs
   - deraadt@@cvs.openbsd.org 2006/03/20 18:27:50
     [monitor.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/20 18:35:12
     [channels.c]
     x11_fake_data is only ever used as u_char *
   - deraadt@@cvs.openbsd.org 2006/03/20 18:41:43
     [dns.c]
     cast xstrdup to propert u_char *
   - deraadt@@cvs.openbsd.org 2006/03/20 18:42:27
     [canohost.c match.c ssh.c sshconnect.c]
     be strict with tolower() casting
   - deraadt@@cvs.openbsd.org 2006/03/20 18:48:34
     [channels.c fatal.c kex.c packet.c serverloop.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/20 21:11:53
     [ttymodes.c]
     spacing
   - djm@@cvs.openbsd.org 2006/03/25 00:05:41
     [auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
     [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
     [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
     [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
     [xmalloc.c xmalloc.h]
     introduce xcalloc() and xasprintf() failure-checked allocations 
     functions and use them throughout openssh

     xcalloc is particularly important because malloc(nmemb * size) is a
     dangerous idiom (subject to integer overflow) and it is time for it 
     to die

     feedback and ok deraadt@@
   - djm@@cvs.openbsd.org 2006/03/25 01:13:23
     [buffer.c channels.c deattack.c misc.c scp.c session.c sftp-client.c]
     [sftp-server.c ssh-agent.c ssh-rsa.c xmalloc.c xmalloc.h auth-pam.c]
     [uidswap.c]
     change OpenSSH's xrealloc() function from being xrealloc(p, new_size)
     to xrealloc(p, new_nmemb, new_itemsize).

     realloc is particularly prone to integer overflows because it is
     almost always allocating "n * size" bytes, so this is a far safer 
     API; ok deraadt@@
   - djm@@cvs.openbsd.org 2006/03/25 01:30:23
     [sftp.c]
     "abormally" is a perfectly cromulent word, but "abnormally" is better
   - djm@@cvs.openbsd.org 2006/03/25 13:17:03
     [atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
     [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
     [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
     [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
     [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
     [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
     [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
     [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
     [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c]
     Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
     Theo nuked - our scripts to sync -portable need them in the files
   - deraadt@@cvs.openbsd.org 2006/03/25 18:29:35
     [auth-rsa.c authfd.c packet.c]
     needed casts (always will be needed)
   - deraadt@@cvs.openbsd.org 2006/03/25 18:30:55
     [clientloop.c serverloop.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/25 18:36:15
     [sshlogin.c sshlogin.h]
     nicer size_t and time_t types
   - deraadt@@cvs.openbsd.org 2006/03/25 18:40:14
     [ssh-keygen.c]
     cast strtonum() result to right type
   - deraadt@@cvs.openbsd.org 2006/03/25 18:41:45
     [ssh-agent.c]
     mark two more signal handlers ARGSUSED
   - deraadt@@cvs.openbsd.org 2006/03/25 18:43:30
     [channels.c]
     use strtonum() instead of atoi() [limit X screens to 400, sorry]
   - deraadt@@cvs.openbsd.org 2006/03/25 18:56:55
     [bufaux.c channels.c packet.c]
     remove (char *) casts to a function that accepts void * for the arg
   - deraadt@@cvs.openbsd.org 2006/03/25 18:58:10
     [channels.c]
     delete cast not required
   - djm@@cvs.openbsd.org 2006/03/25 22:22:43
     [atomicio.h auth-options.h auth.h auth2-gss.c authfd.h authfile.h]
     [bufaux.h buffer.h canohost.h channels.h cipher.h clientloop.h]
     [compat.h compress.h crc32.c crc32.h deattack.h dh.h dispatch.h]
     [dns.c dns.h getput.h groupaccess.h gss-genr.c gss-serv-krb5.c]
     [gss-serv.c hostfile.h includes.h kex.h key.h log.h mac.h match.h]
     [misc.h monitor.h monitor_fdpass.h monitor_mm.h monitor_wrap.h msg.h]
     [myproposal.h packet.h pathnames.h progressmeter.h readconf.h rsa.h]
     [scard.h servconf.h serverloop.h session.h sftp-common.h sftp.h]
     [ssh-gss.h ssh.h ssh1.h ssh2.h sshconnect.h sshlogin.h sshpty.h]
     [ttymodes.h uidswap.h uuencode.h xmalloc.h]
     standardise spacing in $OpenBSD$ tags; requested by deraadt@@
   - deraadt@@cvs.openbsd.org 2006/03/26 01:31:48
     [uuencode.c]
     typo

20060325
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2006/03/16 04:24:42
     [ssh.1]
     Add RFC4419 (Diffie-Hellman group exchange KEX) to the list of SSH RFCs
     that OpenSSH supports
   - deraadt@@cvs.openbsd.org 2006/03/19 18:51:18
     [atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
     [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
     [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
     [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
     [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
     [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
     [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
     [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
     [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
     [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
     [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
     [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
     [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
     [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
     [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
     [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
     RCSID() can die
   - deraadt@@cvs.openbsd.org 2006/03/19 18:53:12
     [kex.h myproposal.h]
     spacing
   - djm@@cvs.openbsd.org 2006/03/20 04:07:22
     [auth2-gss.c]
     GSSAPI related leaks detected by Coverity via elad AT netbsd.org;
     reviewed by simon AT sxw.org.uk; deraadt@@ ok
   - djm@@cvs.openbsd.org 2006/03/20 04:07:49
     [gss-genr.c]
     more GSSAPI related leaks detected by Coverity via elad AT netbsd.org;
     reviewed by simon AT sxw.org.uk; deraadt@@ ok
   - djm@@cvs.openbsd.org 2006/03/20 04:08:18
     [gss-serv.c]
     last lot of GSSAPI related leaks detected by Coverity via
     elad AT netbsd.org; reviewed by simon AT sxw.org.uk; deraadt@@ ok
   - deraadt@@cvs.openbsd.org 2006/03/20 18:14:02
     [monitor_wrap.h sshpty.h]
     sprinkle u_int throughout pty subsystem, ok markus
   - deraadt@@cvs.openbsd.org 2006/03/20 18:26:55
     [session.h]
     annoying spacing fixes getting in the way of real diffs
   - deraadt@@cvs.openbsd.org 2006/03/20 18:41:43
     [dns.c]
     cast xstrdup to propert u_char *
   - jakob@@cvs.openbsd.org 2006/03/22 21:16:24
     [ssh.1]
     simplify SSHFP example; ok jmc@@
   - djm@@cvs.openbsd.org 2006/03/22 21:27:15
     [deattack.c deattack.h]
     remove IV support from the CRC attack detector, OpenSSH has never used
     it - it only applied to IDEA-CFB, which we don't support.
     prompted by NetBSD Coverity report via elad AT netbsd.org;
     feedback markus@@ "nuke it" deraadt@@

20060318
 - (djm) [auth-pam.c] Fix memleak in error path, from Coverity via
   elad AT NetBSD.org
 - (dtucker) [openbsd-compat/bsd-snprintf.c] Bug #1173: make fmtint() take
   a LLONG rather than a long.  Fixes scp'ing of large files on platforms
   with missing/broken snprintfs.  Patch from e.borovac at bom.gov.au.

20060316
 - (dtucker) [entropy.c] Add headers for WIFEXITED and friends.
 - (dtucker) [configure.ac md-sha256.c] NetBSD has sha2.h in
   /usr/include/crypto.  Hint from djm@@.
 - (tim) [kex.c myproposal.h md-sha256.c openbsd-compat/sha2.c,h]
   Disable sha256 when openssl < 0.9.7. Patch from djm@@.
 - (djm) [kex.c] Slightly more clean deactivation of dhgex-sha256 on old
   OpenSSL; ok tim

20060315
 - (djm) OpenBSD CVS Sync:
   - msf@@cvs.openbsd.org 2006/02/06 15:54:07
     [ssh.1]
     - typo fix
     ok jmc@@
   - jmc@@cvs.openbsd.org 2006/02/06 21:44:47
     [ssh.1]
     make this a little less ambiguous...
   - stevesk@@cvs.openbsd.org 2006/02/07 01:08:04
     [auth-rhosts.c includes.h]
     move #include <netgroup.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/07 01:18:09
     [includes.h ssh-agent.c ssh-keyscan.c sshconnect2.c]
     move #include <sys/queue.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/07 01:42:00
     [channels.c clientloop.c clientloop.h includes.h packet.h]
     [serverloop.c sshpty.c sshpty.h sshtty.c ttymodes.c]
     move #include <termios.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/07 01:52:50
     [sshtty.c]
     "log.h" not needed
   - stevesk@@cvs.openbsd.org 2006/02/07 03:47:05
     [hostfile.c]
     "packet.h" not needed
   - stevesk@@cvs.openbsd.org 2006/02/07 03:59:20
     [deattack.c]
     duplicate #include
   - stevesk@@cvs.openbsd.org 2006/02/08 12:15:27
     [auth.c clientloop.c includes.h misc.c monitor.c readpass.c]
     [session.c sftp.c ssh-agent.c ssh-keysign.c ssh.c sshconnect.c]
     [sshd.c sshpty.c]
     move #include <paths.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/08 12:32:49
     [includes.h misc.c]
     move #include <netinet/tcp.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/08 13:15:44
     [gss-serv.c monitor.c]
     small KNF
   - stevesk@@cvs.openbsd.org 2006/02/08 14:16:59
     [sshconnect.c]
     <openssl/bn.h> not needed
   - stevesk@@cvs.openbsd.org 2006/02/08 14:31:30
     [includes.h ssh-agent.c ssh-keyscan.c ssh.c]
     move #include <sys/resource.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/08 14:38:18
     [includes.h packet.c]
     move #include <netinet/in_systm.h> and <netinet/ip.h> out of
     includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/08 23:51:24
     [includes.h scp.c sftp-glob.c sftp-server.c]
     move #include <dirent.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/09 00:32:07
     [includes.h]
     #include <sys/endian.h> not needed; ok djm@@
     NB. ID Sync only - we still need this (but it may move later)
   - jmc@@cvs.openbsd.org 2006/02/09 10:10:47
     [sshd.8]
     - move some text into a CAVEATS section
     - merge the COMMAND EXECUTION... section into AUTHENTICATION
   - stevesk@@cvs.openbsd.org 2006/02/10 00:27:13
     [channels.c clientloop.c includes.h misc.c progressmeter.c sftp.c]
     [ssh.c sshd.c sshpty.c]
     move #include <sys/ioctl.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/10 01:44:27
     [includes.h monitor.c readpass.c scp.c serverloop.c session.c]
     [sftp.c sshconnect.c sshconnect2.c sshd.c]
     move #include <sys/wait.h> out of includes.h; ok markus@@
   - otto@@cvs.openbsd.org 2006/02/11 19:31:18
     [atomicio.c]
     type correctness; from Ray Lai in PR 5011; ok millert@@
   - djm@@cvs.openbsd.org 2006/02/12 06:45:34
     [ssh.c ssh_config.5]
     add a %l expansion code to the ControlPath, which is filled in with the
     local hostname at runtime. Requested by henning@@ to avoid some problems
     with /home on NFS; ok dtucker@@
   - djm@@cvs.openbsd.org 2006/02/12 10:44:18
     [readconf.c]
     raise error when the user specifies a RekeyLimit that is smaller than 16
     (the smallest of our cipher's blocksize) or big enough to cause integer
     wraparound; ok & feedback dtucker@@
   - jmc@@cvs.openbsd.org 2006/02/12 10:49:44
     [ssh_config.5]
     slight rewording; ok djm
   - jmc@@cvs.openbsd.org 2006/02/12 10:52:41
     [sshd.8]
     rework the description of authorized_keys a little;
   - jmc@@cvs.openbsd.org 2006/02/12 17:57:19
     [sshd.8]
     sort the list of options permissable w/ authorized_keys;
     ok djm dtucker
   - jmc@@cvs.openbsd.org 2006/02/13 10:16:39
     [sshd.8]
     no need to subsection the authorized_keys examples - instead, convert
     this to look like an actual file. also use proto 2 keys, and use IETF
     example addresses;
   - jmc@@cvs.openbsd.org 2006/02/13 10:21:25
     [sshd.8]
     small tweaks for the ssh_known_hosts section;
   - jmc@@cvs.openbsd.org 2006/02/13 11:02:26
     [sshd.8]
     turn this into an example ssh_known_hosts file; ok djm
   - jmc@@cvs.openbsd.org 2006/02/13 11:08:43
     [sshd.8]
     - avoid nasty line split
     - `*' does not need to be escaped
   - jmc@@cvs.openbsd.org 2006/02/13 11:27:25
     [sshd.8]
     sort FILES and use a -compact list;
   - david@@cvs.openbsd.org 2006/02/15 05:08:24
     [sftp-client.c]
     typo in comment; ok djm@@
   - jmc@@cvs.openbsd.org 2006/02/15 16:53:20
     [ssh.1]
     remove the IETF draft references and replace them with some updated RFCs;
   - jmc@@cvs.openbsd.org 2006/02/15 16:55:33
     [sshd.8]
     remove ietf draft references; RFC list now maintained in ssh.1;
   - jmc@@cvs.openbsd.org 2006/02/16 09:05:34
     [sshd.8]
     sync some of the FILES entries w/ ssh.1;
   - jmc@@cvs.openbsd.org 2006/02/19 19:52:10
     [sshd.8]
     move the sshrc stuff out of FILES, and into its own section:
     FILES is not a good place to document how stuff works;
   - jmc@@cvs.openbsd.org 2006/02/19 20:02:17
     [sshd.8]
     sync the (s)hosts.equiv FILES entries w/ those from ssh.1;
   - jmc@@cvs.openbsd.org 2006/02/19 20:05:00
     [sshd.8]
     grammar;
   - jmc@@cvs.openbsd.org 2006/02/19 20:12:25
     [ssh_config.5]
     add some vertical space;
   - stevesk@@cvs.openbsd.org 2006/02/20 16:36:15
     [authfd.c channels.c includes.h session.c ssh-agent.c ssh.c]
     move #include <sys/un.h> out of includes.h; ok djm@@
   - stevesk@@cvs.openbsd.org 2006/02/20 17:02:44
     [clientloop.c includes.h monitor.c progressmeter.c scp.c]
     [serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
     move #include <signal.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/20 17:19:54
     [auth-rhosts.c auth-rsa.c auth.c auth2-none.c auth2-pubkey.c]
     [authfile.c clientloop.c includes.h readconf.c scp.c session.c]
     [sftp-client.c sftp-common.c sftp-common.h sftp-glob.c]
     [sftp-server.c sftp.c ssh-add.c ssh-keygen.c ssh.c sshconnect.c]
     [sshconnect2.c sshd.c sshpty.c]
     move #include <sys/stat.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/22 00:04:45
     [canohost.c clientloop.c includes.h match.c readconf.c scp.c ssh.c]
     [sshconnect.c]
     move #include <ctype.h> out of includes.h; ok djm@@
   - jmc@@cvs.openbsd.org 2006/02/24 10:25:14
     [ssh_config.5]
     add section on patterns;
     from dtucker + myself
   - jmc@@cvs.openbsd.org 2006/02/24 10:33:54
     [sshd_config.5]
     signpost to PATTERNS;
   - jmc@@cvs.openbsd.org 2006/02/24 10:37:07
     [ssh_config.5]
     tidy up the refs to PATTERNS;
   - jmc@@cvs.openbsd.org 2006/02/24 10:39:52
     [sshd.8]
     signpost to PATTERNS section;
   - jmc@@cvs.openbsd.org 2006/02/24 20:22:16
     [ssh-keysign.8 ssh_config.5 sshd_config.5]
     some consistency fixes;
   - jmc@@cvs.openbsd.org 2006/02/24 20:31:31
     [ssh.1 ssh_config.5 sshd.8 sshd_config.5]
     more consistency fixes;
   - jmc@@cvs.openbsd.org 2006/02/24 23:20:07
     [ssh_config.5]
     some grammar/wording fixes;
   - jmc@@cvs.openbsd.org 2006/02/24 23:43:57
     [sshd_config.5]
     some grammar/wording fixes;
   - jmc@@cvs.openbsd.org 2006/02/24 23:51:17
     [sshd_config.5]
     oops - bits i missed;
   - jmc@@cvs.openbsd.org 2006/02/25 12:26:17
     [ssh_config.5]
     document the possible values for KbdInteractiveDevices;
     help/ok dtucker
   - jmc@@cvs.openbsd.org 2006/02/25 12:28:34
     [sshd_config.5]
     document the order in which allow/deny directives are processed;
     help/ok dtucker
   - jmc@@cvs.openbsd.org 2006/02/26 17:17:18
     [ssh_config.5]
     move PATTERNS to the end of the main body; requested by dtucker
   - jmc@@cvs.openbsd.org 2006/02/26 18:01:13
     [sshd_config.5]
     subsection is pointless here;
   - jmc@@cvs.openbsd.org 2006/02/26 18:03:10
     [ssh_config.5]
     comma;
   - djm@@cvs.openbsd.org 2006/02/28 01:10:21
     [session.c]
     fix logout recording when privilege separation is disabled, analysis and
     patch from vinschen at redhat.com; tested by dtucker@@ ok deraadt@@
     NB. ID sync only - patch already in portable
   - djm@@cvs.openbsd.org 2006/03/04 04:12:58
     [serverloop.c]
     move a debug() outside of a signal handler; ok markus@@ a little while back
   - djm@@cvs.openbsd.org 2006/03/12 04:23:07
     [ssh.c]
     knf nit
   - djm@@cvs.openbsd.org 2006/03/13 08:16:00
     [sshd.c]
     don't log that we are listening on a socket before the listen() call
     actually succeeds, bz #1162 reported by Senthil Kumar; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2006/03/13 08:33:00
     [packet.c]
     Set TCP_NODELAY for all connections not just "interactive" ones.  Fixes
     poor performance and protocol stalls under some network conditions (mindrot
     bugs #556 and #981). Patch originally from markus@@, ok djm@@
   - dtucker@@cvs.openbsd.org 2006/03/13 08:43:16
     [ssh-keygen.c]
     Make ssh-keygen handle CR and CRLF line termination when converting IETF
     format keys, in adition to vanilla LF.  mindrot #1157, tested by Chris
     Pepper, ok djm@@
   - dtucker@@cvs.openbsd.org 2006/03/13 10:14:29
     [misc.c ssh_config.5 sshd_config.5]
     Allow config directives to contain whitespace by surrounding them by double
     quotes.  mindrot #482, man page help from jmc@@, ok djm@@
   - dtucker@@cvs.openbsd.org 2006/03/13 10:26:52
     [authfile.c authfile.h ssh-add.c]
     Make ssh-add check file permissions before attempting to load private
     key files multiple times; it will fail anyway and this prevents confusing
     multiple prompts and warnings.  mindrot #1138, ok djm@@
   - djm@@cvs.openbsd.org 2006/03/14 00:15:39
     [canohost.c]
     log the originating address and not just the name when a reverse
     mapping check fails, requested by linux AT linuon.com
   - markus@@cvs.openbsd.org 2006/03/14 16:32:48
     [ssh_config.5 sshd_config.5]
     *AliveCountMax applies to protcol v2 only; ok dtucker, djm
   - djm@@cvs.openbsd.org 2006/03/07 09:07:40
     [kex.c kex.h monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
     Implement the diffie-hellman-group-exchange-sha256 key exchange method
     using the SHA256 code in libc (and wrapper to make it into an OpenSSL
     EVP), interop tested against CVS PuTTY
     NB. no portability bits committed yet
 - (djm) [configure.ac defines.h kex.c md-sha256.c]
   [openbsd-compat/sha2.h openbsd-compat/openbsd-compat.h]
   [openbsd-compat/sha2.c] First stab at portability glue for SHA256
   KEX support, should work with libc SHA256 support or OpenSSL
   EVP_sha256 if present
 - (djm) [includes.h] Restore accidentally dropped netinet/in.h
 - (djm) [Makefile.in openbsd-compat/Makefile.in] Add added files
 - (djm) [md-sha256.c configure.ac] md-sha256.c needs sha2.h if present
 - (djm) [regress/.cvsignore] Ignore Makefile here
 - (djm) [loginrec.c] Need stat.h
 - (djm) [openbsd-compat/sha2.h] Avoid include macro clash with
   system sha2.h
 - (djm) [ssh-rand-helper.c] Needs a bunch of headers
 - (djm) [ssh-agent.c] Restore dropped stat.h
 - (djm) [openbsd-compat/sha2.h openbsd-compat/sha2.c] Comment out 
   SHA384, which we don't need and doesn't compile without tweaks
 - (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c]
   [sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c]
   [sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c]
   [openbsd-compat/glob.c openbsd-compat/mktemp.c]
   [openbsd-compat/readpassphrase.c] Lots of include fixes for
   OpenSolaris
 - (tim) [includes.h] put sys/stat.h back in to quiet some "macro redefined:"
 - (tim) [openssh/sshpty.c openssh/openbsd-compat/port-tun.c] put in some
   includes removed from includes.h
 - (dtucker) [configure.ac] Fix glob test conversion to AC_TRY_COMPILE
 - (djm) [includes.h] Put back paths.h, it is needed in defines.h
 - (dtucker) [openbsd-compat/openbsd-compat.h] AIX (at least) needs
   sys/ioctl.h for struct winsize.
 - (dtucker) [configure.ac] login_cap.h requires sys/types.h on NetBSD.

20060313
 - (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong)
   since not all platforms support it.  Instead, use internal equivalent while
   computing LLONG_MIN and LLONG_MAX.  Remove special case for alpha-dec-osf*
   as it's no longer required.  Tested by Bernhard Simon, ok djm@@

20060304
 - (dtucker) [contrib/cygwin/ssh-host-config] Require use of lastlog as a
   file rather than directory, required as Cygwin will be importing lastlog(1).
   Also tightens up permissions on the file.  Patch from vinschen@@redhat.com.
 - (dtucker) [gss-serv-krb5.c] Bug #1166: Correct #ifdefs for gssapi_krb5.h
   includes.  Patch from gentoo.riverrat at gmail.com.

20060226
 - (dtucker) [configure.ac] Bug #1156: QNX apparently needs SSHD_ACQUIRES_CTTY
   patch from kraai at ftbfs.org.

20060223
 - (dtucker) [sshd_config sshd_config.5] Update UsePAM to reflect current
   reality.  Pointed out by tryponraj at gmail.com.

20060222
 - (dtucker) [openbsd-compat/openssl-compat.{c,h}] Minor tidy up: only
   compile in compat code if required.

20060221
 - (dtucker) [openbsd-compat/openssl-compat.h] Prevent warning about
   redefinition of SSLeay_add_all_algorithms.

20060220
 - (dtucker) [INSTALL configure.ac openbsd-compat/openssl-compat.{c,h}]
   Add optional enabling of OpenSSL's (hardware) Engine support, via
   configure --with-ssl-engine.  Based in part on a diff by michal at
   logix.cz.

20060219
 - (dtucker) [Makefile.in configure.ac, added openbsd-compat/regress/]
   Add first attempt at regress tests for compat library.  ok djm@@

20060214
 - (tim) [buildpkg.sh.in] Make the names consistent.
   s/pkg_post_make_install_fixes.sh/pkg-post-make-install-fixes.sh/ OK dtucker@@

20060212
 - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Make loop counter unsigned
   to silence compiler warning, from vinschen at redhat.com.
 - (tim) [configure.ac] Bug #1149. Disable /etc/default/login check for QNX.
 - (dtucker) [README version.h contrib/caldera/openssh.spec
   contrib/redhat/openssh.spec contrib/suse/openssh.spec] Bump version
   strings to match 4.3p2 release.

20060208
 - (tim) [session.c] Logout records were not updated on systems with
   post auth privsep disabled due to bug 1086 changes. Analysis and patch
   by vinschen at redhat.com. OK tim@@, dtucker@@.
 - (dtucker) [configure.ac] Typo in Ultrix and NewsOS sections (NEED_SETPRGP
   -> NEED_SETPGRP), reported by Bernhard Simon.  ok tim@@

20060206
 - (tim) [configure.ac] Remove unnecessary tests for net/if.h and 
   netinet/in_systm.h. OK dtucker@@.

20060205
 - (tim) [configure.ac] Add AC_REVISION. Add sys/time.h to lastlog.h test
   for Solaris. OK dtucker@@.
 - (tim) [configure.ac] Bug #1149. Changes in QNX section only. Patch by
   kraai at ftbfs.org.

20060203
 - (tim) [configure.ac] test for egrep (AC_PROG_EGREP) before first
   AC_CHECK_HEADERS test. Without it, if AC_CHECK_HEADERS is first run
   by a platform specific check, builtin standard includes tests will be
   skipped on the other platforms.
   Analysis and suggestion by vinschen at redhat.com, patch by dtucker@@.
   OK tim@@, djm@@.

20060202
 - (dtucker) [configure.ac] Bug #1148: Fix "crippled AES" test so that it
   works with picky compilers.  Patch from alex.kiernan at thus.net.

20060201
 - (djm) [regress/test-exec.sh] Try 'logname' as well as 'whoami' to 
   determine the user's login name - needed for regress tests on Solaris 
   10 and OpenSolaris
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/02/01 09:06:50
     [sshd.8]
     - merge sections on protocols 1 and 2 into a single section
     - remove configuration file section
     ok markus
   - jmc@@cvs.openbsd.org 2006/02/01 09:11:41
     [sshd.8]
     small tweak;
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Update versions ahead of release
   - markus@@cvs.openbsd.org 2006/02/01 11:27:22
     [version.h]
     openssh 4.3
 - (djm) Release OpenSSH 4.3p1

20060131
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/01/20 11:21:45
     [ssh_config.5]
     - word change, agreed w/ markus
     - consistency fixes
   - jmc@@cvs.openbsd.org 2006/01/25 09:04:34
     [sshd.8]
     move the options description up the page, and a few additional tweaks
     whilst in here;
     ok markus
   - jmc@@cvs.openbsd.org 2006/01/25 09:07:22
     [sshd.8]
     move subsections to full sections;
   - jmc@@cvs.openbsd.org 2006/01/26 08:47:56
     [ssh.1]
     add a section on verifying host keys in dns;
     written with a lot of help from jakob;
     feedback dtucker/markus;
     ok markus
   - reyk@@cvs.openbsd.org 2006/01/30 12:22:22
     [channels.c]
     mark channel as write failed or dead instead of read failed on error
     of the channel output filter.
     ok markus@@
   - jmc@@cvs.openbsd.org 2006/01/30 13:37:49
     [ssh.1]
     remove an incorrect sentence;
     reported by roumen petrov;
     ok djm markus
   - djm@@cvs.openbsd.org 2006/01/31 10:19:02
     [misc.c misc.h scp.c sftp.c]
     fix local arbitrary command execution vulnerability on local/local and
     remote/remote copies (CVE-2006-0225, bz #1094), patch by
     t8m AT centrum.cz, polished by dtucker@@ and myself; ok markus@@
   - djm@@cvs.openbsd.org 2006/01/31 10:35:43
     [scp.c]
     "scp a b c" shouldn't clobber "c" when it is not a directory, report and
     fix from biorn@@; ok markus@@
 - (djm) Sync regress tests to OpenBSD:
   - dtucker@@cvs.openbsd.org 2005/03/10 10:20:39
     [regress/forwarding.sh]
     Regress test for ClearAllForwardings (bz #994); ok markus@@
   - dtucker@@cvs.openbsd.org 2005/04/25 09:54:09
     [regress/multiplex.sh]
     Don't call cleanup in multiplex as test-exec will cleanup anyway
     found by tim@@, ok djm@@
     NB. ID sync only, we already had this
   - djm@@cvs.openbsd.org 2005/05/20 23:14:15
     [regress/test-exec.sh]
     force addressfamily=inet for tests, unbreaking dynamic-forward regress for
     recently committed nc SOCKS5 changes
   - djm@@cvs.openbsd.org 2005/05/24 04:10:54
     [regress/try-ciphers.sh]
     oops, new arcfour modes here too
   - markus@@cvs.openbsd.org 2005/06/30 11:02:37
     [regress/scp.sh]
     allow SUDO=sudo; from Alexander Bluhm
   - grunk@@cvs.openbsd.org 2005/11/14 21:25:56
     [regress/agent-getpeereid.sh]
     all other scripts in this dir use $SUDO, not 'sudo', so pull this even
     ok markus@@
   - dtucker@@cvs.openbsd.org 2005/12/14 04:36:39
     [regress/scp-ssh-wrapper.sh]
     Fix assumption about how many args scp will pass; ok djm@@
     NB. ID sync only, we already had this
   - djm@@cvs.openbsd.org 2006/01/27 06:49:21
     [scp.sh]
     regress test for local to local scp copies; ok dtucker@@
   - djm@@cvs.openbsd.org 2006/01/31 10:23:23
     [scp.sh]
     regression test for CVE-2006-0225 written by dtucker@@
   - djm@@cvs.openbsd.org 2006/01/31 10:36:33
     [scp.sh]
     regress test for "scp a b c" where "c" is not a directory

20060129
 - (dtucker) [configure.ac opensshd.init.in] Bug #1144: Use /bin/sh for the
   opensshd.init script interpretter if /sbin/sh does not exist.  ok tim@@

20060120
 - (dtucker) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/01/15 17:37:05
     [ssh.1]
     correction from deraadt
   - jmc@@cvs.openbsd.org 2006/01/18 10:53:29
     [ssh.1]
     add a section on ssh-based vpn, based on reyk's README.tun;
   - dtucker@@cvs.openbsd.org 2006/01/20 00:14:55
     [scp.1 ssh.1 ssh_config.5 sftp.1]
     Document RekeyLimit.  Based on patch from jan.iven at cern.ch from mindrot
     #1056 with feedback from jmc, djm and markus; ok jmc@@ djm@@

20060114
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/01/06 13:27:32
     [ssh.1]
     weed out some duplicate info in the known_hosts FILES entries;
     ok djm
   - jmc@@cvs.openbsd.org 2006/01/06 13:29:10
     [ssh.1]
     final round of whacking FILES for duplicate info, and some consistency
     fixes;
     ok djm
   - jmc@@cvs.openbsd.org 2006/01/12 14:44:12
     [ssh.1]
     split sections on tcp and x11 forwarding into two sections.
     add an example in the tcp section, based on sth i wrote for ssh faq;
     help + ok: djm markus dtucker
   - jmc@@cvs.openbsd.org 2006/01/12 18:48:48
     [ssh.1]
     refer to `TCP' rather than `TCP/IP' in the context of connection
     forwarding;
     ok markus
   - jmc@@cvs.openbsd.org 2006/01/12 22:20:00
     [sshd.8]
     refer to TCP forwarding, rather than TCP/IP forwarding;
   - jmc@@cvs.openbsd.org 2006/01/12 22:26:02
     [ssh_config.5]
     refer to TCP forwarding, rather than TCP/IP forwarding;
   - jmc@@cvs.openbsd.org 2006/01/12 22:34:12
     [ssh.1]
     back out a sentence - AUTHENTICATION already documents this;

20060109
 - (dtucker) [contrib/cygwin/ssh-host-config] Make sshd service depend on
   tcpip service so it's always started after IP is up.  Patch from
   vinschen at redhat.com.

20060106
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/01/03 16:31:10
     [ssh.1]
     move FILES to a -compact list, and make each files an item in that list.
     this avoids nastly line wrap when we have long pathnames, and treats
     each file as a separate item;
     remove the .Pa too, since it is useless.
   - jmc@@cvs.openbsd.org 2006/01/03 16:35:30
     [ssh.1]
     use a larger width for the ENVIRONMENT list;
   - jmc@@cvs.openbsd.org 2006/01/03 16:52:36
     [ssh.1]
     put FILES in some sort of order: sort by pathname
   - jmc@@cvs.openbsd.org 2006/01/03 16:55:18
     [ssh.1]
     tweak the description of ~/.ssh/environment
   - jmc@@cvs.openbsd.org 2006/01/04 18:42:46
     [ssh.1]
     chop out some duplication in the .{r,s}hosts/{h,sh}osts.equiv FILES
     entries;
     ok markus
   - jmc@@cvs.openbsd.org 2006/01/04 18:45:01
     [ssh.1]
     remove .Xr's to rsh(1) and telnet(1): they are hardly needed;
   - jmc@@cvs.openbsd.org 2006/01/04 19:40:24
     [ssh.1]
     +.Xr ssh-keyscan 1 ,
   - jmc@@cvs.openbsd.org 2006/01/04 19:50:09
     [ssh.1]
     -.Xr gzip 1 ,
   - djm@@cvs.openbsd.org 2006/01/05 23:43:53
     [misc.c]
     check that stdio file descriptors are actually closed before clobbering
     them in sanitise_stdfd(). problems occurred when a lower numbered fd was
     closed, but higher ones weren't. spotted by, and patch tested by
     Frdric Olivi

20060103
 - (djm) [channels.c] clean up harmless merge error, from reyk@@

20060103
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/01/02 17:09:49
     [ssh_config.5 sshd_config.5]
     some corrections from michael knudsen;

20060102
 - (djm) [README.tun] Add README.tun, missed during sync of tun(4) support
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2005/12/31 10:46:17
     [ssh.1]
     merge the "LOGIN SESSION AND REMOTE EXECUTION" and "SERVER
     AUTHENTICATION" sections into "AUTHENTICATION";
     some rewording done to make the text read better, plus some
     improvements from djm;
     ok djm
   - jmc@@cvs.openbsd.org 2005/12/31 13:44:04
     [ssh.1]
     clean up ENVIRONMENT a little;
   - jmc@@cvs.openbsd.org 2005/12/31 13:45:19
     [ssh.1]
     .Nm does not require an argument;
   - stevesk@@cvs.openbsd.org 2006/01/01 08:59:27
     [includes.h misc.c]
     move <net/if.h>; ok djm@@
   - stevesk@@cvs.openbsd.org 2006/01/01 10:08:48
     [misc.c]
     no trailing "\n" for debug()
   - djm@@cvs.openbsd.org 2006/01/02 01:20:31
     [sftp-client.c sftp-common.h sftp-server.c]
     use a common max. packet length, no binary change
   - reyk@@cvs.openbsd.org 2006/01/02 07:53:44
     [misc.c]
     clarify tun(4) opening - set the mode and bring the interface up. also
     (re)sets the tun(4) layer 2 LINK0 flag for existing tunnel interfaces.
     suggested and ok by djm@@
   - jmc@@cvs.openbsd.org 2006/01/02 12:31:06
     [ssh.1]
     start to cut some duplicate info from FILES;
     help/ok djm

20060101
 - (djm) [Makefile.in configure.ac includes.h misc.c]
         [openbsd-compat/port-tun.c openbsd-compat/port-tun.h] Add support
         for tunnel forwarding for FreeBSD and NetBSD. NetBSD's support is
         limited to IPv4 tunnels only, and most versions don't support the
         tap(4) device at all.
 - (djm) [configure.ac] Fix linux/if_tun.h test
 - (djm) [openbsd-compat/port-tun.c] Linux needs linux/if.h too

20051229
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2005/12/28 22:46:06
     [canohost.c channels.c clientloop.c]
     use 'break-in' for consistency; ok deraadt@@ ok and input jmc@@
   - reyk@@cvs.openbsd.org 2005/12/30 15:56:37
     [channels.c channels.h clientloop.c]
     add channel output filter interface.
     ok djm@@, suggested by markus@@
   - jmc@@cvs.openbsd.org 2005/12/30 16:59:00
     [sftp.1]
     do not suggest that interactive authentication will work
     with the -b flag;
     based on a diff from john l. scarfone;
     ok djm
   - stevesk@@cvs.openbsd.org 2005/12/31 01:38:45
     [ssh.1]
     document -MM; ok djm@@
 - (djm) [openbsd-compat/port-tun.c openbsd-compat/port-tun.h configure.ac]
   [serverloop.c ssh.c openbsd-compat/Makefile.in]
   [openbsd-compat/openbsd-compat.h] Implement tun(4) forwarding 
   compatability support for Linux, diff from reyk@@
 - (djm) [configure.ac] Disable Linux tun(4) compat code if linux/tun.h does
   not exist
 - (djm) [configure.ac] oops, make that linux/if_tun.h

20051229
 - (tim) [buildpkg.sh.in] grep for $SSHDUID instead of $SSHDGID on /etc/passwd

20051224
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2005/12/20 21:59:43
     [ssh.1]
     merge the sections on protocols 1 and 2 into one section on
     authentication;
     feedback djm dtucker
     ok deraadt markus dtucker
   - jmc@@cvs.openbsd.org 2005/12/20 22:02:50
     [ssh.1]
     .Ss -> .Sh: subsections have not made this page more readable
   - jmc@@cvs.openbsd.org 2005/12/20 22:09:41
     [ssh.1]
     move info on ssh return values and config files up into the main
     description;
   - jmc@@cvs.openbsd.org 2005/12/21 11:48:16
     [ssh.1]
     -L and -R descriptions are now above, not below, ~C description;
   - jmc@@cvs.openbsd.org 2005/12/21 11:57:25
     [ssh.1]
     options now described `above', rather than `later';
   - jmc@@cvs.openbsd.org 2005/12/21 12:53:31
     [ssh.1]
     -Y does X11 forwarding too;
     ok markus
   - stevesk@@cvs.openbsd.org 2005/12/21 22:44:26
     [sshd.8]
     clarify precedence of -p, Port, ListenAddress; ok and help jmc@@
   - jmc@@cvs.openbsd.org 2005/12/22 10:31:40
     [ssh_config.5]
     put the description of "UsePrivilegedPort" in the correct place;
   - jmc@@cvs.openbsd.org 2005/12/22 11:23:42
     [ssh.1]
     expand the description of -w somewhat;
     help/ok reyk
   - jmc@@cvs.openbsd.org 2005/12/23 14:55:53
     [ssh.1]
     - sync the description of -e w/ synopsis
     - simplify the description of -I
     - note that -I is only available if support compiled in, and that it
     isn't by default
     feedback/ok djm@@
   - jmc@@cvs.openbsd.org 2005/12/23 23:46:23
     [ssh.1]
     less mark up for -c;
   - djm@@cvs.openbsd.org 2005/12/24 02:27:41
     [session.c sshd.c]
     eliminate some code duplicated in privsep and non-privsep paths, and
     explicitly clear SIGALRM handler; "groovy" deraadt@@

20051220
 - (dtucker) OpenBSD CVS Sync
   - reyk@@cvs.openbsd.org 2005/12/13 15:03:02
     [serverloop.c]
     if forced_tun_device is not set, it is -1 and not SSH_TUNID_ANY
   - jmc@@cvs.openbsd.org 2005/12/16 18:07:08
     [ssh.1]
     move the option descriptions up the page: start of a restructure;
     ok markus deraadt
   - jmc@@cvs.openbsd.org 2005/12/16 18:08:53
     [ssh.1]
     simplify a sentence;
   - jmc@@cvs.openbsd.org 2005/12/16 18:12:22
     [ssh.1]
     make the description of -c a little nicer;
   - jmc@@cvs.openbsd.org 2005/12/16 18:14:40
     [ssh.1]
     signpost the protocol sections;
   - stevesk@@cvs.openbsd.org 2005/12/17 21:13:05
     [ssh_config.5 session.c]
     spelling: fowarding, fowarded
   - stevesk@@cvs.openbsd.org 2005/12/17 21:36:42
     [ssh_config.5]
     spelling: intented -> intended
   - dtucker@@cvs.openbsd.org 2005/12/20 04:41:07
     [ssh.c]
     exit(255) on error to match description in ssh(1); bz #1137; ok deraadt@@

20051219
 - (dtucker) [cipher-aes.c cipher-ctr.c cipher.c configure.ac
   openbsd-compat/openssl-compat.h] Check for and work around broken AES
   ciphers >128bit on (some) Solaris 10 systems.  ok djm@@

20051217
 - (dtucker) [defines.h] HP-UX system headers define "YES" and "NO" which
   scp.c also uses, so undef them here.
 - (dtucker) [configure.ac openbsd-compat/bsd-snprintf.c] Bug #1133: Our
   snprintf replacement can have a conflicting declaration in HP-UX's system
   headers (const vs. no const) so we now check for and work around it.  Patch
   from the dynamic duo of David Leonard and Ted Percival.

20051214
 - (dtucker) OpenBSD CVS Sync (regress/)
   - dtucker@@cvs.openbsd.org 2005/12/30 04:36:39
     [regress/scp-ssh-wrapper.sh]
     Fix assumption about how many args scp will pass; ok djm@@

20051213
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2005/11/30 11:18:27
     [ssh.1]
     timezone -> time zone
   - jmc@@cvs.openbsd.org 2005/11/30 11:45:20
     [ssh.1]
     avoid ambiguities in describing TZ;
     ok djm@@
   - reyk@@cvs.openbsd.org 2005/12/06 22:38:28
     [auth-options.c auth-options.h channels.c channels.h clientloop.c]
     [misc.c misc.h readconf.c readconf.h scp.c servconf.c servconf.h]
     [serverloop.c sftp.c ssh.1 ssh.c ssh_config ssh_config.5 sshconnect.c]
     [sshconnect.h sshd.8 sshd_config sshd_config.5]
     Add support for tun(4) forwarding over OpenSSH, based on an idea and
     initial channel code bits by markus@@. This is a simple and easy way to
     use OpenSSH for ad hoc virtual private network connections, e.g.
     administrative tunnels or secure wireless access. It's based on a new
     ssh channel and works similar to the existing TCP forwarding support,
     except that it depends on the tun(4) network interface on both ends of
     the connection for layer 2 or layer 3 tunneling. This diff also adds
     support for LocalCommand in the ssh(1) client.
     ok djm@@, markus@@, jmc@@ (manpages), tested and discussed with others
   - djm@@cvs.openbsd.org 2005/12/07 03:52:22
     [clientloop.c]
     reyk forgot to compile with -Werror (missing header)
   - jmc@@cvs.openbsd.org 2005/12/07 10:52:13
     [ssh.1]
     - avoid line split in SYNOPSIS
     - add args to -w
     - kill trailing whitespace
   - jmc@@cvs.openbsd.org 2005/12/08 14:59:44
     [ssh.1 ssh_config.5]
     make `!command' a little clearer;
     ok reyk
   - jmc@@cvs.openbsd.org 2005/12/08 15:06:29
     [ssh_config.5]
     keep options in order;
   - reyk@@cvs.openbsd.org 2005/12/08 18:34:11
     [auth-options.c includes.h misc.c misc.h readconf.c servconf.c]
     [serverloop.c ssh.c ssh_config.5 sshd_config.5 configure.ac]
     two changes to the new ssh tunnel support. this breaks compatibility
     with the initial commit but is required for a portable approach.
     - make the tunnel id u_int and platform friendly, use predefined types.
     - support configuration of layer 2 (ethernet) or layer 3
     (point-to-point, default) modes. configuration is done using the
     Tunnel (yes|point-to-point|ethernet|no) option is ssh_config(5) and
     restricted by the PermitTunnel (yes|point-to-point|ethernet|no) option
     in sshd_config(5).
     ok djm@@, man page bits by jmc@@
   - jmc@@cvs.openbsd.org 2005/12/08 21:37:50
     [ssh_config.5]
     new sentence, new line;
   - markus@@cvs.openbsd.org 2005/12/12 13:46:18
     [channels.c channels.h session.c]
     make sure protocol messages for internal channels are ignored.
     allow adjust messages for non-open channels; with and ok djm@@
 - (djm) [misc.c] Disable tunnel code for non-OpenBSD (for now), enable
   again by providing a sys_tun_open() function for your platform and 
   setting the CUSTOM_SYS_TUN_OPEN define. More work is required to match 
   OpenBSD's tunnel protocol, which prepends the address family to the 
   packet

20051201
 - (djm) [envpass.sh] Remove regress script that was accidentally committed 
   in top level directory and not noticed for over a year :)

20051129
 - (tim) [ssh-keygen.c] Move DSA length test after setting default when
   bits == 0.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2005/11/29 02:04:55
     [ssh-keygen.c]
     Populate default key sizes before checking them; from & ok tim@@
 - (tim) [configure.ac sshd.8] Enable locked account check (a "*LK*" string)
   for UnixWare.

20051128
 - (dtucker) [regress/yes-head.sh] Work around breakage caused by some
   versions of GNU head.  Based on patch from zappaman at buraphalinux.org
 - (dtucker) [includes.h] Bug #1122: __USE_GNU is a glibc internal macro, use
   _GNU_SOURCE instead.  Patch from t8m at centrum.cz.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2005/11/28 05:16:53
     [ssh-keygen.1 ssh-keygen.c]
     Enforce DSA key length of exactly 1024 bits to comply with FIPS-186-2,
     increase minumum RSA key size to 768 bits and update man page to reflect
     these.  Patch originally bz#1119 (senthilkumar_sen at hotpop.com),
     ok djm@@, grudging ok deraadt@@.
   - dtucker@@cvs.openbsd.org 2005/11/28 06:02:56
     [ssh-agent.1]
     Update agent socket path templates to reflect reality, correct xref for
     time formats.  bz#1121, patch from openssh at roumenpetrov.info, ok djm@@

20051126
 - (dtucker) [configure.ac] Bug #1126: AIX 5.2 and 5.3 (and presumably newer,
   when they're available) need the real UID set otherwise pam_chauthtok will
   set ADMCHG after changing the password, forcing the user to change it
   again immediately.

20051125
 - (dtucker) [configure.ac] Apply tim's fix for older systems where the
   resolver state in resolv.h is "state" not "__res_state".  With slight
   modification by me to also work on old AIXes.  ok djm@@
 - (dtucker) [progressmeter.c scp.c sftp-server.c] Use correct casts for
   snprintf formats, fixes warnings on some 64 bit platforms.  Patch from
   shaw at vranix.com, ok djm@@

20051124
 - (djm) [configure.ac openbsd-compat/Makefile.in openbsd-compat/bsd-asprintf.c 
   openbsd-compat/bsd-snprintf.c openbsd-compat/openbsd-compat.h] Add an 
   asprintf() implementation, after syncing our {v,}snprintf() implementation
   with some extra fixes from Samba's version. With help and debugging from 
   dtucker and tim; ok dtucker@@
 - (dtucker) [configure.ac] Fix typos in comments and AC_SEARCH_LIB argument
   order in Reliant Unix block.  Patch from johane at lysator.liu.se.
 - (dtucker) [regress/test-exec.sh] Use 1024 bit keys since we generate so
   many and use them only once.  Speeds up testing on older/slower hardware.

20051122
 - (dtucker) OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2005/11/12 18:37:59
     [ssh-add.c]
     space
   - deraadt@@cvs.openbsd.org 2005/11/12 18:38:15
     [scp.c]
     avoid close(-1), as in rcp; ok cloder
   - millert@@cvs.openbsd.org 2005/11/15 11:59:54
     [includes.h]
     Include sys/queue.h explicitly instead of assuming some other header
     will pull it in.  At the moment it gets pulled in by sys/select.h
     (which ssh has no business including) via event.h.  OK markus@@
     (ID sync only in -portable)
   - dtucker@@cvs.openbsd.org 2005/11/21 09:42:10
     [auth-krb5.c]
     Perform Kerberos calls even for invalid users to prevent leaking
     information about account validity.  bz #975, patch originally from
     Senthil Kumar, sanity checked by Simon Wilkinson, tested by djm@@, biorn@@,
     ok markus@@
   - dtucker@@cvs.openbsd.org 2005/11/22 03:36:03
     [hostfile.c]
     Correct format/arguments to debug call; spotted by shaw at vranix.com
     ok djm@@
 - (dtucker) [loginrec.c] Add casts to prevent compiler warnings, patch
   from shaw at vranix.com.

20051120
 - (dtucker) [openbsd-compat/openssl-compat.h] Add comment explaining what
   is going on.

20051112
 - (dtucker) [openbsd-compat/getrrsetbyname.c] Restore Portable-specific
   ifdef lost during sync.  Spotted by tim@@.
 - (dtucker) [openbsd-compat/{realpath.c,stroll.c,rresvport.c}] $OpenBSD tag.
 - (dtucker) [configure.ac] Use "$AWK" instead of "awk" in gcc version test.
 - (dtucker) [configure.ac] Remove duplicate utimes() check.  ok djm@@
 - (dtucker) [regress/reconfigure.sh] Fix potential race in the reconfigure
   test: if sshd takes too long to reconfigure the subsequent connection will
   fail.  Zap pidfile before HUPing sshd which will rewrite it when it's ready.

20051110
 - (dtucker) [openbsd-compat/setenv.c] Merge changes for __findenv from
   OpenBSD getenv.c revs 1.4 - 1.8 (ANSIfication of arguments, removal of
   "register").
 - (dtucker) [openbsd-compat/setenv.c] Make __findenv static, remove
   unnecessary prototype.
 - (dtucker) [openbsd-compat/setenv.c] Sync changes from OpenBSD setenv.c
   revs 1.7 - 1.9.
 - (dtucker) [auth-krb5.c] Fix -Wsign-compare warning in non-Heimdal path.
   Patch from djm@@.
 - (dtucker) [configure.ac] Disable pointer-sign warnings on gcc 4.0+
   since they're not useful right now.  Patch from djm@@.
 - (dtucker) [openbsd-compat/getgrouplist.c] Sync OpenBSD revs 1.10 - 1.2 (ANSI
   prototypes, removal of "register").
 - (dtucker) [openbsd-compat/strlcat.c] Sync OpenBSD revs 1.11 - 1.12 (removal
   of "register").
 - (dtucker) [openbsd-compat/{LOTS}] Move the "OPENBSD ORIGINAL" markers to
   after the copyright notices.  Having them at the top next to the CVSIDs
   guarantees a conflict for each and every sync.
 - (dtucker) [openbsd-compat/strlcpy.c] Update from OpenBSD 1.8 -> 1.10.
 - (dtucker) [openbsd-compat/sigact.h] Add "OPENBSD ORIGINAL" marker.
 - (dtucker) [openbsd-compat/strmode.c] Update from OpenBSD 1.5 -> 1.7.
   Removal of rcsid, "whiteout" inode type.
 - (dtucker) [openbsd-compat/basename.c] Update from OpenBSD 1.11 -> 1.14.
   Removal of rcsid, will no longer strlcpy parts of the string.
 - (dtucker) [openbsd-compat/strtoll.c] Update from OpenBSD 1.4 -> 1.5.
 - (dtucker) [openbsd-compat/strtoul.c] Update from OpenBSD 1.5 -> 1.7.
 - (dtucker) [openbsd-compat/readpassphrase.c] Update from OpenBSD 1.16 -> 1.18.
 - (dtucker) [openbsd-compat/readpassphrase.h] Update from OpenBSD 1.3 -> 1.5.
 - (dtucker) [openbsd-compat/glob.c] Update from OpenBSD 1.22 -> 1.25.
 - (dtucker) [openbsd-compat/glob.h] Update from OpenBSD 1.8 -> 1.9.
 - (dtucker) [openbsd-compat/getcwd.c] Update from OpenBSD 1.9 -> 1.14.
 - (dtucker) [openbsd-compat/getcwd.c] Replace lstat with fstat to match up
   with OpenBSD code since we don't support platforms without fstat any more.
 - (dtucker) [openbsd-compat/inet_aton.c] Update from OpenBSD 1.7 -> 1.9.
 - (dtucker) [openbsd-compat/inet_ntoa.c] Update from OpenBSD 1.4 -> 1.6.
 - (dtucker) [openbsd-compat/inet_ntop.c] Update from OpenBSD 1.5 -> 1.7.
 - (dtucker) [openbsd-compat/daemon.c] Update from OpenBSD 1.5 -> 1.6.
 - (dtucker) [openbsd-compat/strsep.c] Update from OpenBSD 1.5 -> 1.6.
 - (dtucker) [openbsd-compat/daemon.c] Update from OpenBSD 1.10 -> 1.13.
 - (dtucker) [openbsd-compat/mktemp.c] Update from OpenBSD 1.17 -> 1.19.
 - (dtucker) [openbsd-compat/rresvport.c] Update from OpenBSD 1.6 -> 1.8.
 - (dtucker) [openbsd-compat/bindresvport.c] Add "OPENBSD ORIGINAL" marker.
 - (dtucker) [openbsd-compat/bindresvport.c] Update from OpenBSD 1.16 -> 1.17.
 - (dtucker) [openbsd-compat/sigact.c] Update from OpenBSD 1.3 -> 1.4.
   Id and copyright sync only, there were no substantial changes we need.
 - (dtucker) [openbsd-compat/bsd-closefrom.c openbsd-compat/base64.c]
   -Wsign-compare fixes from djm.
 - (dtucker) [openbsd-compat/sigact.h] Update from OpenBSD 1.2 -> 1.3.
   Id and copyright sync only, there were no substantial changes we need.
 - (dtucker) [configure.ac] Try to get the gcc version number in a way that
   doesn't change between versions, and use a safer default.

20051105
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2005/10/07 11:13:57
     [ssh-keygen.c]
     change DSA default back to 1024, as it's defined for 1024 bits only
     and this causes interop problems with other clients.  moreover,
     in order to improve the security of DSA you need to change more
     components of DSA key generation (e.g. the internal SHA1 hash);
     ok deraadt
   - djm@@cvs.openbsd.org 2005/10/10 10:23:08
     [channels.c channels.h clientloop.c serverloop.c session.c]
     fix regression I introduced in 4.2: X11 forwardings initiated after
     a session has exited (e.g. "(sleep 5; xterm) &") would not start.
     bz #1086 reported by t8m AT centrum.cz; ok markus@@ dtucker@@
   - djm@@cvs.openbsd.org 2005/10/11 23:37:37
     [channels.c]
     bz #1076 set SO_REUSEADDR on X11 forwarding listner sockets, preventing
     bind() failure when a previous connection's listeners are in TIME_WAIT,
     reported by plattner AT inf.ethz.ch; ok dtucker@@
   - stevesk@@cvs.openbsd.org 2005/10/13 14:03:01
     [auth2-gss.c gss-genr.c gss-serv.c]
     remove unneeded #includes; ok markus@@
   - stevesk@@cvs.openbsd.org 2005/10/13 14:20:37
     [gss-serv.c]
     spelling in comments
   - stevesk@@cvs.openbsd.org 2005/10/13 19:08:08
     [gss-serv-krb5.c gss-serv.c]
     unused declarations; ok deraadt@@
     (id sync only for gss-serv-krb5.c)
   - stevesk@@cvs.openbsd.org 2005/10/13 19:13:41
     [dns.c]
     unneeded #include, unused declaration, little knf; ok deraadt@@
   - stevesk@@cvs.openbsd.org 2005/10/13 22:24:31
     [auth2-gss.c gss-genr.c gss-serv.c monitor.c]
     KNF; ok djm@@
   - stevesk@@cvs.openbsd.org 2005/10/14 02:17:59
     [ssh-keygen.c ssh.c sshconnect2.c]
     no trailing "\n" for log functions; ok djm@@
   - stevesk@@cvs.openbsd.org 2005/10/14 02:29:37
     [channels.c clientloop.c]
     free()->xfree(); ok djm@@
   - stevesk@@cvs.openbsd.org 2005/10/15 15:28:12
     [sshconnect.c]
     make external definition static; ok deraadt@@
   - stevesk@@cvs.openbsd.org 2005/10/17 13:45:05
     [dns.c]
     fix memory leaks from 2 sources:
         1) key_fingerprint_raw()
         2) malloc in dns_read_rdata()
     ok jakob@@
   - stevesk@@cvs.openbsd.org 2005/10/17 14:01:28
     [dns.c]
     remove #ifdef LWRES; ok jakob@@
   - stevesk@@cvs.openbsd.org 2005/10/17 14:13:35
     [dns.c dns.h]
     more cleanups; ok jakob@@
   - djm@@cvs.openbsd.org 2005/10/30 01:23:19
     [ssh_config.5]
     mention control socket fallback behaviour, reported by 
     tryponraj AT gmail.com
   - djm@@cvs.openbsd.org 2005/10/30 04:01:03
     [ssh-keyscan.c]
     make ssh-keygen discard junk from server before SSH- ident, spotted by
     dave AT cirt.net; ok dtucker@@
   - djm@@cvs.openbsd.org 2005/10/30 04:03:24
     [ssh.c]
     fix misleading debug message; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2005/10/30 08:29:29
     [canohost.c sshd.c]
     Check for connections with IP options earlier and drop silently.  ok djm@@
   - jmc@@cvs.openbsd.org 2005/10/30 08:43:47
     [ssh_config.5]
     remove trailing whitespace;
   - djm@@cvs.openbsd.org 2005/10/30 08:52:18
     [clientloop.c packet.c serverloop.c session.c ssh-agent.c ssh-keygen.c]
     [ssh.c sshconnect.c sshconnect1.c sshd.c]
     no need to escape single quotes in comments, no binary change
   - dtucker@@cvs.openbsd.org 2005/10/31 06:15:04
     [sftp.c]
     Fix sorting with "ls -1" command. From Robert Tsai, "looks right" deraadt@@
   - djm@@cvs.openbsd.org 2005/10/31 11:12:49
     [ssh-keygen.1 ssh-keygen.c]
     generate a protocol 2 RSA key by default
   - djm@@cvs.openbsd.org 2005/10/31 11:48:29
     [serverloop.c]
     make sure we clean up wtmp, etc. file when we receive a SIGTERM,
     SIGINT or SIGQUIT when running without privilege separation (the
     normal privsep case is already OK). Patch mainly by dtucker@@ and
     senthilkumar_sen AT hotpop.com; ok dtucker@@
   - jmc@@cvs.openbsd.org 2005/10/31 19:55:25
     [ssh-keygen.1]
     grammar;
   - dtucker@@cvs.openbsd.org 2005/11/03 13:38:29
     [canohost.c]
     Cache reverse lookups with and without DNS separately; ok markus@@
   - djm@@cvs.openbsd.org 2005/11/04 05:15:59
     [kex.c kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c]
     remove hardcoded hash lengths in key exchange code, allowing
     implementation of KEX methods with different hashes (e.g. SHA-256);
     ok markus@@ dtucker@@ stevesk@@
   - djm@@cvs.openbsd.org 2005/11/05 05:01:15
     [bufaux.c]
     Fix leaks in error paths, bz #1109 and #1110 reported by kremenek AT
     cs.stanford.edu; ok dtucker@@
 - (dtucker) [README.platform] Add PAM section.
 - (djm) [openbsd-compat/getrrsetbyname.c] Sync to latest OpenBSD version,
   resolving memory leak bz#1111 reported by kremenek AT cs.stanford.edu;
   ok dtucker@@

20051102
 - (dtucker) [openbsd-compat/bsd-misc.c] Bug #1108: fix broken strdup().
   Reported by olavi at ipunplugged.com and antoine.brodin at laposte.net
   via FreeBSD.

20051030
 - (djm) [contrib/suse/openssh.spec contrib/suse/rc.
   sshd contrib/suse/sysconfig.ssh] Bug #1106: Updated SuSE spec and init 
   files from imorgan AT nas.nasa.gov
 - (dtucker) [session.c] Bug #1045do not check /etc/nologin when PAM is
   enabled, instead allow PAM to handle it.  Note that on platforms using PAM,
   the pam_nologin module should be added to sshd's session stack in order to
   maintain exising behaviour.  Based on patch and discussion from t8m at
   centrum.cz, ok djm@@

20051025
 - (dtucker) [configure.ac] Relocate LLONG_MAX calculation to after the
   sizeof(long long) checks, to make fixing bug #1104 easier (no changes
   yet).
 - (dtucker) [configure.ac] Bug #1104: Tru64's printf family doesn't
   understand "%lld", even though the compiler has "long long", so handle
   it as a special case.  Patch tested by mcaskill.scott at epa.gov.
 - (dtucker) [contrib/cygwin/ssh-user-config] Remove duplicate yes/no
   prompt.  Patch from vinschen at redhat.com.

20051017
 - (dtucker) [configure.ac] Bug #1097: Fix configure for cross-compiling.
   /etc/default/login report and testing from aabaker at iee.org, corrections
   from tim@@.

20051009
 - (dtucker) [configure.ac defines.h openbsd-compat/vis.{c,h}] Sync current
   versions from OpenBSD.  ok djm@@

20051008
 - (dtucker) [configure.ac] Bug #1098: define $MAIL for HP-UX; report from
   brian.smith at agilent com.
 - (djm) [configure.ac] missing 'test' call for -with-Werror test

20051005
 - (dtucker) [configure.ac sshd.8] Enable locked account check (a prepended
   "*LOCKED*" string) for FreeBSD.  Patch jeremie at le-hen.org and
   senthilkumar_sen at hotpop.com.

20051003
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2005/09/07 08:53:53
     [channels.c]
     enforce chanid != NULL; ok djm
   - markus@@cvs.openbsd.org 2005/09/09 19:18:05
     [clientloop.c]
     typo; from mark at mcs.vuw.ac.nz, bug #1082
   - djm@@cvs.openbsd.org 2005/09/13 23:40:07
     [sshd.c ssh.c misc.h sftp.c ssh-keygen.c ssh-keysign.c sftp-server.c
     scp.c misc.c ssh-keyscan.c ssh-add.c ssh-agent.c]
     ensure that stdio fds are attached; ok deraadt@@
   - djm@@cvs.openbsd.org 2005/09/19 11:37:34
     [ssh_config.5 ssh.1]
     mention ability to specify bind_address for DynamicForward and -D options;
     bz#1077 spotted by Haruyama Seigo
   - djm@@cvs.openbsd.org 2005/09/19 11:47:09
     [sshd.c]
     stop connection abort on rekey with delayed compression enabled when
     post-auth privsep is disabled (e.g. when root is logged in); ok dtucker@@
   - djm@@cvs.openbsd.org 2005/09/19 11:48:10
     [gss-serv.c]
     typo
   - jmc@@cvs.openbsd.org 2005/09/19 15:38:27
     [ssh.1]
     some more .Bk/.Ek to avoid ugly line split;
   - jmc@@cvs.openbsd.org 2005/09/19 15:42:44
     [ssh.c]
     update -D usage here too;
   - djm@@cvs.openbsd.org 2005/09/19 23:31:31
     [ssh.1]
     spelling nit from stevesk@@
   - djm@@cvs.openbsd.org 2005/09/21 23:36:54
     [sshd_config.5]
     aquire -> acquire, from stevesk@@
   - djm@@cvs.openbsd.org 2005/09/21 23:37:11
     [sshd.c]
     change label at markus@@'s request
   - jaredy@@cvs.openbsd.org 2005/09/30 20:34:26
     [ssh-keyscan.1]
     deploy .An -nosplit; ok jmc
   - dtucker@@cvs.openbsd.org 2005/10/03 07:44:42
     [canohost.c]
     Relocate check_ip_options call to prevent logging of garbage for
     connections with IP options set.  bz#1092 from David Leonard,
     "looks good" deraadt@@
 - (dtucker) [regress/README.regress] Bug #989: Document limitation that scp
   is required in the system path for the multiplex test to work.

20050930
 - (dtucker) [openbsd-compat/openbsd-compat.h] Bug #1096: Add prototype
   for strtoll.  Patch from o.flebbe at science-computing.de.
 - (dtucker) [monitor.c] Bug #1087: Send loginmsg to preauth privsep
   child during PAM account check without clearing it.  This restores the
   post-login warnings such as LDAP password expiry.  Patch from Tomas Mraz
   with help from several others.

20050929
 - (dtucker) [monitor_wrap.c] Remove duplicate definition of loginmsg
   introduced during sync.

20050928
 - (dtucker) [entropy.c] Use u_char for receiving RNG seed for consistency.
 - (dtucker) [auth-pam.c] Bug #1028: send final non-query messages from
   PAM via keyboard-interactive.  Patch tested by the folks at Vintela.

20050927
 - (dtucker) [entropy.c] Remove unnecessary tests for getuid and geteuid
   calls, since they can't possibly fail.  ok djm@@
 - (dtucker) [entropy.c entropy.h sshd.c] Pass RNG seed to the reexec'ed
   process when sshd relies on ssh-random-helper.  Should result in faster
   logins on systems without a real random device or prngd.  ok djm@@

20050924
 - (dtucker) [auth2.c] Move start_pam() calls out of if-else block to remove
   duplicate call.  ok djm@@

20050922
 - (dtucker) [configure.ac] Use -R linker flag for libedit too; patch from
   skeleten at shillest.net.
 - (dtucker) [configure.ac] Fix help for --with-opensc; patch from skeleten at
   shillest.net.

20050919
 - (tim) [aclocal.m4 configure.ac] Delete acconfig.h and add templates to
   AC_DEFINE and AC_DEFINE_UNQUOTED to quiet autoconf 2.59 warning messages.
   ok dtucker@@

20050912
 - (tim) [configure.ac] Bug 1078. Fix --without-kerberos5. Reported by
   Mike Frysinger.

20050908
 - (tim) [defines.h openbsd-compat/port-uw.c] Add long password support to
   OpenServer 6 and add osr5bigcrypt support so when someone migrates
   passwords between UnixWare and OpenServer they will still work. OK dtucker@@

$Id: ChangeLog,v 1.5095 2008/07/21 08:22:25 djm Exp $
@


1.1
log
@Initial revision
@
text
@d1 352
a352 7
20020622
 - (djm) Update README.privsep; spotted by fries@@
 - (djm) Release 3.3p1

20020621
 - (djm) Sync:
   - djm@@cvs.openbsd.org 2002/06/21 05:50:51
d354 558
a911 20
     Don't initialise compression buffers when compression=no in sshd_config;
     ok Niels@@
  - ID sync for auth-passwd.c
 - (djm) Warn and disable compression on platforms which can't handle both
   useprivilegeseparation=yes and compression=yes
 - (djm) contrib/redhat/openssh.spec hacking:
   - Merge in spec changes from seba@@iq.pl (Sebastian Pachuta)
   - Add new {ssh,sshd}_config.5 manpages
   - Add new ssh-keysign program and remove setuid from ssh client

20020620
 - (bal) Fixed AIX environment handling, use setpcred() instead of existing
   code.  (Bugzilla Bug 261)
 - (bal) OpenBSD CVS Sync
   - todd@@cvs.openbsd.org 2002/06/14 21:35:00
     [monitor_wrap.c]
     spelling; from Brian Poole <raj@@cerias.purdue.edu>
   - markus@@cvs.openbsd.org 2002/06/15 00:01:36
     [authfd.c authfd.h ssh-add.c ssh-agent.c]
     break agent key lifetime protocol and allow other contraints for key
d913 443
a1355 12
   - markus@@cvs.openbsd.org 2002/06/15 00:07:38
     [authfd.c authfd.h ssh-add.c ssh-agent.c]
     fix stupid typo
   - markus@@cvs.openbsd.org 2002/06/15 01:27:48
     [authfd.c authfd.h ssh-add.c ssh-agent.c]
     remove the CONSTRAIN_IDENTITY messages and introduce a new
     ADD_ID message with contraints instead. contraints can be
     only added together with the private key.
   - itojun@@cvs.openbsd.org 2002/06/16 21:30:58
     [ssh-keyscan.c]
     use TAILQ_xx macro.  from lukem@@netbsd.  markus ok
   - deraadt@@cvs.openbsd.org 2002/06/17 06:05:56
d1357 124
a1480 85
     make usage like man page
   - deraadt@@cvs.openbsd.org 2002/06/19 00:27:55
     [auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c
      authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1
      ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c
      ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c
      xmalloc.h]
     KNF done automatically while reading....
   - markus@@cvs.openbsd.org 2002/06/19 18:01:00
     [cipher.c monitor.c monitor_wrap.c packet.c packet.h]
     make the monitor sync the transfer ssh1 session key;
     transfer keycontext only for RC4 (this is still depends on EVP
     implementation details and is broken).
   - stevesk@@cvs.openbsd.org 2002/06/20 19:56:07
     [ssh.1 sshd.8]
     move configuration file options from ssh.1/sshd.8 to
     ssh_config.5/sshd_config.5; ok deraadt@@ millert@@
   - stevesk@@cvs.openbsd.org 2002/06/20 20:00:05
     [scp.1 sftp.1]
     ssh_config(5)
   - stevesk@@cvs.openbsd.org 2002/06/20 20:03:34
     [ssh_config sshd_config]
     refer to config file man page
   - markus@@cvs.openbsd.org 2002/06/20 23:05:56
     [servconf.c servconf.h session.c sshd.c]
     allow Compression=yes/no in sshd_config
   - markus@@cvs.openbsd.org 2002/06/20 23:37:12
     [sshd_config]
     add Compression
   - stevesk@@cvs.openbsd.org 2002/05/25 20:40:08
     [LICENCE]
     missed Per Allansson (auth2-chall.c)
 - (bal) Cygwin special handling of empty passwords wrong.  Patch by
   vinschen@@redhat.com
 - (bal) Missed integrating ssh_config.5 and sshd_config.5
 - (bal) Still more Makefile.in updates for ssh{d}_config.5

20020613
 - (bal) typo of setgroup for cygwin.  Patch by vinschen@@redhat.com

20020612
 - (bal) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/06/11 23:03:54
     [ssh.c]
     remove unused cruft.
   - markus@@cvs.openbsd.org 2002/06/12 01:09:52
     [ssh.c]
     ssh_connect returns 0 on success
 - (bal) Build noop setgroups() for cygwin to clean up code (For other
   platforms without the setgroups() requirement, you MUST define
   SETGROUPS_NOOP in the configure.ac) Based on patch by vinschen@@redhat.com
 - (bal) Some platforms don't have ONLCR (Notable Mint)

20020611
 - (bal) ssh-agent.c RCSD fix (|unexpand already done)
 - (bal) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2002/06/09 22:15:15
     [ssh.1]
     update for no setuid root and ssh-keysign; ok deraadt@@
   - itojun@@cvs.openbsd.org 2002/06/09 22:17:21
     [sshconnect.c]
     pass salen to sockaddr_ntop so that we are happy on linux/solaris
   - stevesk@@cvs.openbsd.org 2002/06/10 16:53:06
     [auth-rsa.c ssh-rsa.c]
     display minimum RSA modulus in error(); ok markus@@
   - stevesk@@cvs.openbsd.org 2002/06/10 16:56:30
     [ssh-keysign.8]
     merge in stuff from my man page; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/06/10 17:36:23
     [ssh-add.1 ssh-add.c]
     use convtime() to parse and validate key lifetime.  can now
     use '-t 2h' etc.  ok markus@@ provos@@
   - stevesk@@cvs.openbsd.org 2002/06/10 17:45:20
     [readconf.c ssh.1]
     change RhostsRSAAuthentication and RhostsAuthentication default to no
     since ssh is no longer setuid root by default; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/06/10 21:21:10
     [ssh_config]
     update defaults for RhostsRSAAuthentication and RhostsAuthentication
     here too (all options commented out with default value).
   - markus@@cvs.openbsd.org 2002/06/10 22:28:41
     [channels.c channels.h session.c]
     move creation of agent socket to session.c; no need for uidswapping
     in channel.c.
   - markus@@cvs.openbsd.org 2002/06/11 04:14:26
d1482 135
a1616 17
     no longer use uidswap.[ch] from the ssh client
     run less code with euid==0 if ssh is installed setuid root
     just switch the euid, don't switch the complete set of groups
     (this is only needed by sshd). ok provos@@
   - mpech@@cvs.openbsd.org 2002/06/11 05:46:20
     [auth-krb4.c monitor.h serverloop.c session.c ssh-agent.c sshd.c]
     pid_t cleanup. Markus need this now to keep hacking.
     markus@@, millert@@ ok
   - itojun@@cvs.openbsd.org 2002/06/11 08:11:45
     [canohost.c]
     use "ntop" only after initialized
 - (bal) Cygwin fix up from swap uid clean up in ssh.c patch by
   vinschen@@redhat.com

20020609
 - (bal) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/06/08 05:07:56
d1618 47
a1664 14
     nuke ptrace comment
   - markus@@cvs.openbsd.org 2002/06/08 05:07:09
     [ssh-keysign.c]
     only accept 20 byte session ids
   - markus@@cvs.openbsd.org 2002/06/08 05:17:01
     [readconf.c readconf.h ssh.1 ssh.c]
     deprecate FallBackToRsh and UseRsh; patch from djm@@
   - markus@@cvs.openbsd.org 2002/06/08 05:40:01
     [readconf.c]
     just warn about Deprecated options for now
   - markus@@cvs.openbsd.org 2002/06/08 05:41:18
     [ssh_config]
     remove FallBackToRsh/UseRsh
   - markus@@cvs.openbsd.org 2002/06/08 12:36:53
d1666 16
a1681 45
     remove FallBackToRsh
   - markus@@cvs.openbsd.org 2002/06/08 12:46:14
     [readconf.c]
     silently ignore deprecated options, since FallBackToRsh might be passed
     by remote scp commands.
  - itojun@@cvs.openbsd.org 2002/06/08 21:15:27
     [sshconnect.c]
     always use getnameinfo.  (diag message only)
   - markus@@cvs.openbsd.org 2002/06/09 04:33:27
     [sshconnect.c]
     abort() - > fatal()
 - (bal) RCSID tag updates on channels.c, clientloop.c, nchan.c,
   sftp-client.c, ssh-agenet.c, ssh-keygen.c and connect.h (we did unexpand
   independant of them)

20020607
 - (bal) Removed --{enable/disable}-suid-ssh
 - (bal) Missed __progname in ssh-keysign.c  patch by dtucker@@zip.com.au
 - (bal) use 'LOGIN_PROGRAM'  not '/usr/bin/login' in session.c patch by
   Bertrand.Velle@@apogee-com.fr

20020606
 - (bal) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/05/15 21:56:38
     [servconf.c sshd.8 sshd_config]
     re-enable privsep and disable setuid for post-3.2.2
   - markus@@cvs.openbsd.org 2002/05/16 22:02:50
     [cipher.c kex.h mac.c]
     fix warnings (openssl 0.9.7 requires const)
   - stevesk@@cvs.openbsd.org 2002/05/16 22:09:59
     [session.c ssh.c]
     don't limit xauth pathlen on client side and longer print length on
     server when debug; ok markus@@
   - deraadt@@cvs.openbsd.org 2002/05/19 20:54:52
     [log.h]
     extra commas in enum not 100% portable
   - deraadt@@cvs.openbsd.org 2002/05/22 23:18:25
     [ssh.c sshd.c]
     spelling; abishoff@@arc.nasa.gov
   - markus@@cvs.openbsd.org 2002/05/23 19:24:30
     [authfile.c authfile.h pathnames.h ssh.c sshconnect.c sshconnect.h 
      sshconnect1.c sshconnect2.c ssh-keysign.8 ssh-keysign.c Makefile.in]
     add /usr/libexec/ssh-keysign: a setuid helper program for hostbased 
     authentication in protocol v2 (needs to access the hostkeys).
   - markus@@cvs.openbsd.org 2002/05/23 19:39:34
d1683 59
a1741 28
     add comment about ssh-keysign
   - markus@@cvs.openbsd.org 2002/05/24 08:45:14
     [sshconnect2.c]
     stat ssh-keysign first, print error if stat fails;
     some debug->error; fix comment
   - markus@@cvs.openbsd.org 2002/05/25 08:50:39
     [sshconnect2.c]
     execlp->execl; from stevesk
   - markus@@cvs.openbsd.org 2002/05/25 18:51:07
     [auth.h auth2.c auth2-hostbased.c auth2-kbdint.c auth2-none.c
      auth2-passwd.c auth2-pubkey.c Makefile.in]
     split auth2.c into one file per method; ok provos@@/deraadt@@
   - stevesk@@cvs.openbsd.org 2002/05/26 20:35:10
     [ssh.1]
     sort ChallengeResponseAuthentication; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/05/28 16:45:27
     [monitor_mm.c]
     print strerror(errno) on mmap/munmap error; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/05/28 17:28:02
     [uidswap.c]
     format spec change/casts and some KNF; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/05/28 21:24:00
     [uidswap.c]
     use correct function name in fatal()
   - stevesk@@cvs.openbsd.org 2002/05/29 03:06:30
     [ssh.1 sshd.8]
     spelling
   - markus@@cvs.openbsd.org 2002/05/29 11:21:57
d1743 53
a1795 8
     don't start if privsep is enabled and SSH_PRIVSEP_USER or
     _PATH_PRIVSEP_CHROOT_DIR are missing; ok deraadt@@
   - markus@@cvs.openbsd.org 2002/05/30 08:07:31
     [cipher.c]
     use rijndael/aes from libcrypto (openssl >= 0.9.7) instead of
     our own implementation. allow use of AES hardware via libcrypto, 
     ok deraadt@@
   - markus@@cvs.openbsd.org 2002/05/31 10:30:33
d1797 5
a1801 24
     extent ssh-keysign protocol:
     pass # of socket-fd to ssh-keysign, keysign verfies locally used
     ip-address using this socket-fd, restricts fake local hostnames
     to actual local hostnames; ok stevesk@@
   - markus@@cvs.openbsd.org 2002/05/31 11:35:15
     [auth.h auth2.c]
     move Authmethod definitons to per-method file.
   - markus@@cvs.openbsd.org 2002/05/31 13:16:48
     [key.c]
     add comment:
     key_verify returns 1 for a correct signature, 0 for an incorrect signature
     and -1 on error.
   - markus@@cvs.openbsd.org 2002/05/31 13:20:50
     [ssh-rsa.c]
     pad received signature with leading zeros, because RSA_verify expects
     a signature of RSA_size. the drafts says the signature is transmitted
     unpadded (e.g. putty does not pad), reported by anakin@@pobox.com
   - deraadt@@cvs.openbsd.org 2002/06/03 12:04:07
     [ssh.h]
     compatiblity -> compatibility
     decriptor -> descriptor
     authentciated -> authenticated
     transmition -> transmission
   - markus@@cvs.openbsd.org 2002/06/04 19:42:35
d1803 60
a1862 21
     only allow enabled authentication methods; ok provos@@
   - markus@@cvs.openbsd.org 2002/06/04 19:53:40
     [monitor.c]
     save the session id (hash) for ssh2 (it will be passed with the 
     initial sign request) and verify that this value is used during 
     authentication; ok provos@@
   - markus@@cvs.openbsd.org 2002/06/04 23:02:06
     [packet.c]
     remove __FUNCTION__
   - markus@@cvs.openbsd.org 2002/06/04 23:05:49
     [cipher.c monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c]
     __FUNCTION__ -> __func__
   - markus@@cvs.openbsd.org 2002/06/05 16:08:07
     [ssh-agent.1 ssh-agent.c]
     '-a bind_address' binds the agent to user-specified unix-domain
     socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@@ (some time ago).
   - markus@@cvs.openbsd.org 2002/06/05 16:08:07
     [ssh-agent.1 ssh-agent.c]
     '-a bind_address' binds the agent to user-specified unix-domain
     socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@@ (some time ago).
   - markus@@cvs.openbsd.org 2002/06/05 16:48:54
d1864 30
a1893 198
     copy current request into an extra buffer and just flush this
     request on errors, ok provos@@
   - markus@@cvs.openbsd.org 2002/06/05 19:57:12
     [authfd.c authfd.h ssh-add.1 ssh-add.c ssh-agent.c]
     ssh-add -x for lock and -X for unlocking the agent.
     todo: encrypt private keys with locked...
   - markus@@cvs.openbsd.org 2002/06/05 20:56:39
     [ssh-add.c]
     add -x/-X to usage
   - markus@@cvs.openbsd.org 2002/06/05 21:55:44
     [authfd.c authfd.h ssh-add.1 ssh-add.c ssh-agent.c]
     ssh-add -t life,  Set lifetime (in seconds) when adding identities; 
     ok provos@@
   - stevesk@@cvs.openbsd.org 2002/06/06 01:09:41
     [monitor.h]
     no trailing comma in enum; china@@thewrittenword.com
   - markus@@cvs.openbsd.org 2002/06/06 17:12:44
     [sftp-server.c]
     discard remaining bytes of current request; ok provos@@
   - markus@@cvs.openbsd.org 2002/06/06 17:30:11
     [sftp-server.c]
     use get_int() macro (hide iqueue)
 - (bal) Missed msg.[ch] in merge.  Required for ssh-keysign.
 - (bal) Forgot to add msg.c Makefile.in.
 - (bal) monitor_mm.c typos.
 - (bal) Refixed auth2.c.  It was never fully commited while spliting out
   authentication to different files.
 - (bal) ssh-keysign should build and install correctly now.  Phase two
   would be to clean out any dead wood and disable ssh setuid on install.
 - (bal) Reverse logic, use __func__ first since it's C99

20020604
 - (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed
   setsockopt from debug to error for now).

20020527
 - (tim) [configure.ac.orig monitor_fdpass.c] Enahnce msghdr tests to address
   build problem on Irix reported by Dave Love <d.love@@dl.ac.uk>. Back out
   last monitor_fdpass.c changes that are no longer needed with new tests.
   Patch tested on Irix by Jan-Frode Myklebust <janfrode@@parallab.uib.no>

20020522
 - (djm) Fix spelling mistakes, spotted by Solar Designer i
   <solar@@openwall.com>
 - Sync scard/ (not sure when it drifted)
 - (djm) OpenBSD CVS Sync:
   [auth.c]
   Fix typo/thinko.  Pass in as to auth_approval(), not NULL.
   Closes PR 2659.
 - Crank version
 - Crank RPM spec versions

20020521
 - (stevesk) [sshd.c] bug 245; disable setsid() for now
 - (stevesk) [sshd.c] #ifndef HAVE_CYGWIN for setgroups()

20020517
 - (tim) [configure.ac] remove extra MD5_MSG="no" line.

20020515
 - (bal) CVS ID fix up on auth-passwd.c
 - (bal) OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2002/05/07 19:54:36
     [ssh.h]
     use ssh uid
   - deraadt@@cvs.openbsd.org 2002/05/08 21:06:34
     [ssh.h]
     move to sshd.sshd instead
   - stevesk@@cvs.openbsd.org 2002/05/11 20:24:48
     [ssh.h]
     typo in comment
   - itojun@@cvs.openbsd.org 2002/05/13 02:37:39
     [auth-skey.c auth2.c]
     less warnings.  skey_{respond,query} are public (in auth.h)
   - markus@@cvs.openbsd.org 2002/05/13 20:44:58
     [auth-options.c auth.c auth.h]
     move the packet_send_debug handling from auth-options.c to auth.c; 
     ok provos@@
   - millert@@cvs.openbsd.org 2002/05/13 15:53:19
     [sshd.c]
     Call setsid() in the child after sshd accepts the connection and forks.
     This is needed for privsep which calls setlogin() when it changes uids.
     Without this, there is a race where the login name of an existing 
     connection, as returned by getlogin(), may be changed to the privsep 
     user (sshd).  markus@@ OK
   - markus@@cvs.openbsd.org 2002/05/13 21:26:49
     [auth-rhosts.c]
     handle debug messages during rhosts-rsa and hostbased authentication; 
     ok provos@@
   - mouring@@cvs.openbsd.org 2002/05/15 15:47:49
     [kex.c monitor.c monitor_wrap.c sshd.c]
     'monitor' variable clashes with at least one lame platform (NeXT).  i
     Renamed to 'pmonitor'.  provos@@
   - deraadt@@cvs.openbsd.org 2002/05/04 02:39:35
     [servconf.c sshd.8 sshd_config]
     enable privsep by default; provos ok
   - millert@@cvs.openbsd.org 2002/05/06 23:34:33
     [ssh.1 sshd.8]
     Kill/adjust r(login|exec)d? references now that those are no longer in
     the tree.
   - markus@@cvs.openbsd.org 2002/05/15 21:02:53
     [servconf.c sshd.8 sshd_config]
     disable privsep and enable setuid for the 3.2.2 release
 - (bal) Fixed up PAM case.  I think.
 - (bal) Clarified openbsd-compat/*-cray.* Licence provided by Wendy
 - (bal) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/05/15 21:05:29
     [version.h]
     enter OpenSSH_3.2.2
 - (bal) Caldara, Suse, and Redhat openssh.specs updated.

20020514
 - (stevesk) [README.privsep] PAM+privsep works with Solaris 8.
 - (tim) [sshpty.c] set tty modes when allocating old style bsd ptys to
   match what newer style ptys have when allocated. Based on a patch by
   Roger Cornelius <rac@@tenzing.org>
 - (tim) [README.privsep] UnixWare 7 and OpenUNIX 8 work.
 - (tim) [README.privsep] remove reference to UnixWare 7 and OpenUNIX 8
   from PAM-enabled pragraph. UnixWare has no PAM.
 - (tim) [contrib/caldera/openssh.spec] update version.

20020513
 - (stevesk) add initial README.privsep
 - (stevesk) [configure.ac] nicer message: --with-privsep-user=user
 - (djm) Add --with-superuser-path=xxx configure option to specify 
   what $PATH the superuser receives.
 - (djm) Bug #231: UsePrivilegeSeparation turns off Banner.
 - (djm) Add --with-privsep-path configure option
 - (djm) Update RPM spec file: different superuser path, use
   /var/empty/sshd for privsep
 - (djm) Bug #234: missing readpassphrase declaration and defines
 - (djm) Add INSTALL warning about SSH protocol 1 blowfish w/ 
    OpenSSL < 0.9.6

20020511
 - (tim) [configure.ac] applied a rework of djm's OpenSSL search cleanup patch.
   Now only searches system and /usr/local/ssl (OpenSSL's default install path)
   Others must use --with-ssl-dir=....
 - (tim) [monitor_fdpass.c] fix for systems that have both
   HAVE_ACCRIGHTS_IN_MSGHDR and HAVE_CONTROL_IN_MSGHDR. Ie. sys/socket.h 
   has #define msg_accrights msg_control

20020510
 - (stevesk) [auth.c] Shadow account and expiration cleanup.  Now
   check for root forced expire.  Still don't check for inactive.
 - (djm) Rework RedHat RPM files. Based on spec from Nalin 
   Dahyabhai <nalin@@redhat.com> and patches from 
   Pekka Savola <pekkas@@netcore.fi>
 - (djm) Try to drop supplemental groups at daemon startup. Patch from 
   RedHat
 - (bal) Back all the way out of auth-passwd.c changes.  Breaks too many
   things that don't set pw->pw_passwd.

20020509
 - (tim) [Makefile.in] Unbreak make -f Makefile.in distprep

20020508
 - (tim) [openbsd-compat/bsd-arc4random.c] fix logic on when seed_rng() is
   called. Report by Chris Maxwell <maxwell@@cs.dal.ca>
 - (tim) [Makefile.in configure.ac] set SHELL variable in Makefile
 - (djm) Disable PAM kbd-int auth if privsep is turned on (it doesn't work)

20020507
 - (tim) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
   Add truncate() emulation to address Bug 208

20020506
 - (djm) Unbreak auth-passwd.c for PAM and SIA
 - (djm) Unbreak PAM auth for protocol 1. Report from Pekka Savola 
   <pekkas@@netcore.fi>
 - (djm) Don't reinitialise PAM credentials before we have started PAM.
   Report from Pekka Savola <pekkas@@netcore.fi>
   
20020506
 - (bal) Fixed auth-passwd.c to resolve PermitEmptyPassword issue
 
20020501
 - (djm) Import OpenBSD regression tests. Requires BSD make to run
 - (djm) Fix readpassphase compilation for systems which have it

20020429
 - (tim) [contrib/caldera/openssh.spec] update fixUP to reflect changes in
   sshd_config.
 - (tim) [contrib/cygwin/README] remove reference to regex.
   patch from Corinna Vinschen <vinschen@@redhat.com>

20020426
 - (djm) Bug #137, #209: fix make problems for scard/Ssh.bin, do uudecode
   during distprep only
 - (djm) Disable PAM password expiry until a complete fix for bug #188 
   exists
 - (djm) Bug #180: Set ToS bits on IPv4-in-IPv6 mapped addresses. Based on 
   patch from openssh@@misc.tecq.org

20020425
 - (stevesk) [defines.h] remove USE_TIMEVAL; unused
 - (stevesk) [acconfig.h auth-passwd.c configure.ac sshd.c] HP-UX 10.26
   support.  bug #184.  most from dcole@@keysoftsys.com.
d1895 1
a1895 1
20020424
d1897 4
a1900 1
   - markus@@cvs.openbsd.org 2002/04/23 12:54:10
d1902 52
a1953 2
     3.2.1
   - djm@@cvs.openbsd.org 2002/04/23 22:16:29
d1955 94
a2048 1
     Improve error message; ok markus@@ stevesk@@
d2050 1
a2050 25
20020423
 - (stevesk) [acconfig.h configure.ac session.c] LOGIN_NO_ENDOPT for HP-UX
 - (stevesk) [acconfig.h] NEED_IN_SYSTM_H unused
 - (markus) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/04/23 12:58:26
     [radix.c]
     send complete ticket; semerad@@ss1000.ms.mff.cuni.cz
 - (djm) Trim ChangeLog to include only post-3.1 changes
 - (djm) Update RPM spec file versions
 - (djm) Redhat spec enables KrbV by default
 - (djm) Applied OpenSC smartcard updates from Markus & 
   Antti Tapaninen <aet@@cc.hut.fi>
 - (djm) Define BROKEN_REALPATH for AIX, patch from 
   Antti Tapaninen <aet@@cc.hut.fi>
 - (djm) Bug #214: Fix utmp for Irix (don't strip "tty"). Patch from 
   Kevin Taylor <no@@nowhere.org> (??) via Philipp Grau
   <phgrau@@zedat.fu-berlin.de>
 - (djm) Bug #213: Simplify CMSG_ALIGN macros to avoid symbol clashes. 
   Reported by Doug Manton <dmanton@@emea.att.com>
 - (djm) Bug #222: Fix tests for getaddrinfo on OSF/1. Spotted by
   Robert Urban <urban@@spielwiese.de>
 - (djm) Bug #206 - blibpath isn't always needed for AIX ld, avoid 
   sizeof(long long int) == 4 breakage. Patch from Matthew Clarke
   <Matthew_Clarke@@mindlink.bc.ca>
 - (djm) Make privsep work with PAM (still experimental)
d2052 22
a2073 1
   - deraadt@@cvs.openbsd.org 2002/04/20 09:02:03
d2075 67
a2141 87
     No, afs requires explicit enabling
   - markus@@cvs.openbsd.org 2002/04/20 09:14:58
     [bufaux.c bufaux.h]
     add buffer_{get,put}_short
   - markus@@cvs.openbsd.org 2002/04/20 09:17:19
     [radix.c]
     rewrite using the buffer_* API, fixes overflow; ok deraadt@@
   - stevesk@@cvs.openbsd.org 2002/04/21 16:19:27
     [sshd.8 sshd_config]
     document default AFSTokenPassing no; ok deraadt@@
   - stevesk@@cvs.openbsd.org 2002/04/21 16:25:06
     [sshconnect1.c]
     spelling in error message; ok markus@@
   - markus@@cvs.openbsd.org 2002/04/22 06:15:47
     [radix.c]
     fix check for overflow
   - markus@@cvs.openbsd.org 2002/04/22 16:16:53
     [servconf.c sshd.8 sshd_config]
     do not auto-enable KerberosAuthentication; ok djm@@, provos@@, deraadt@@
   - markus@@cvs.openbsd.org 2002/04/22 21:04:52
     [channels.c clientloop.c clientloop.h ssh.c]
     request reply (success/failure) for -R style fwd in protocol v2,
     depends on ordered replies.
     fixes http://bugzilla.mindrot.org/show_bug.cgi?id=215; ok provos@@

20020421
 - (tim) [entropy.c.] Portability fix for SCO Unix 3.2v4.x (SCO OSR 3.0).
   entropy.c needs seteuid(getuid()) for the setuid(original_uid) to 
   succeed. Patch by gert@@greenie.muc.de. This fixes one part of Bug 208

20020418
 - (djm) Avoid SIGCHLD breakage when run from rsync. Fix from 
   Sturle Sunde <sturle.sunde@@usit.uio.no>

20020417
 - (djm) Tell users to configure /dev/random support into OpenSSL in 
   INSTALL
 - (djm) Fix .Nm in mdoc2man.pl from pspencer@@fields.utoronto.ca
 - (tim) [configure.ac] Issue warning on --with-default-path=/some_path
   if LOGIN_CAP is enabled. Report & testing by Tuc <tuc@@ttsg.com>

20020415
 - (djm) Unbreak "make install". Fix from Darren Tucker 
   <dtucker@@zip.com.au>
 - (stevesk) bsd-cygwin_util.[ch] BSD license from Corinna Vinschen
 - (tim) [configure.ac] add tests for recvmsg and sendmsg.
   [monitor_fdpass.c] add checks for HAVE_SENDMSG and HAVE_RECVMSG for
   systems that HAVE_ACCRIGHTS_IN_MSGHDR but no recvmsg or sendmsg.

20020414
 - (djm) ssh-rand-helper improvements
   - Add commandline debugging options
   - Don't write binary data if stdout is a tty (use hex instead)
   - Give it a manpage
 - (djm) Random number collection doc fixes from Ben

20020413
 - (djm) Add KrbV support patch from Simon Wilkinson <simon@@sxw.org.uk>

20020412
 - (stevesk) [auth-sia.[ch]] add BSD license from Chris Adams
 - (tim) [configure.ac] add <sys/types.h> to msghdr tests. Change -L
   to -h on testing for /bin being symbolic link
 - (bal) Mistaken in Cygwin scripts for ssh starting.  Patch by
   Corinna Vinschen <vinschen@@redhat.com> 
 - (bal) disable privsep if no MAP_ANON.  We can re-enable it
   after the release when we can do more testing.

20020411
 - (stevesk) [auth-sia.c] cleanup
 - (tim) [acconfig.h defines.h includes.h] put includes in includes.h and
   defines in defines.h [rijndael.c openbsd-compat/fake-socket.h
   openbsd-compat/inet_aton.c] include "includes.h" instead of "config.h"
   ok stevesk@@

20020410
 - (stevesk) [configure.ac monitor.c] HAVE_SOCKETPAIR
 - (stevesk) [auth-sia.c] compile fix Chris Adams <cmadams@@hiwaay.net>
 - (bal) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/04/10 08:21:47
     [auth1.c compat.c compat.h]
     strip '@@' from username only for KerbV and known broken clients, 
     bug #204
   - markus@@cvs.openbsd.org 2002/04/10 08:56:01
     [version.h]
     OpenSSH_3.2
 - Added p1 to idenify Portable release version.
d2143 12
a2154 68
20020408
 - (bal) Minor OpenSC updates.  Fix up header locations and update
   README.smartcard provided by Juha Yrjl <jyrjola@@cc.hut.fi>

20020407
 - (stevesk) HAVE_CONTROL_IN_MSGHDR; not used right now.
   Future: we may want to test if fd passing works correctly.
 - (stevesk) [monitor_fdpass.c] fatal() for UsePrivilegeSeparation=yes
   and no fd passing support.
 - (stevesk) HAVE_MMAP and HAVE_SYS_MMAN_H and use them in
   monitor_mm.c
 - (stevesk) remove configure support for poll.h; it was removed
   from sshd.c a long time ago.
 - (stevesk) --with-privsep-user; default sshd
 - (stevesk) wrap munmap() with HAVE_MMAP also.

20020406
 - (djm) Typo in Suse SPEC file. Fix from Carsten Grohmann 
   <carsten.grohmann@@dr-baldeweg.de>
 - (bal) Added MAP_FAILED to allow AIX and Trusted HP to compile.
 - (bal) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2002/04/06 00:30:08
     [sftp-client.c]
     Fix occasional corruption on upload due to bad reuse of request 
     id, spotted by chombier@@mac.com; ok markus@@
   - mouring@@cvs.openbsd.org 2002/04/06 18:24:09
     [scp.c]
     Fixes potental double // within path.
     http://bugzilla.mindrot.org/show_bug.cgi?id=76
 - (bal) Slight update to OpenSC support.  Better version checking. patch
   by Juha Yrjl <jyrjola@@cc.hut.fi> 
 - (bal) Revered out of runtime IRIX detection of joblimits.  Code is
   incomplete.
 - (bal) Quiet down configure.ac if /bin/test does not exist.
 - (bal) We no longer use atexit()/xatexit()/on_exit()

20020405
 - (bal) Patch for OpenSC SmartCard library; ok markus@@; patch by
   Juha Yrjl <jyrjola@@cc.hut.fi>
 - (bal) Minor documentation update to reflect smartcard library
   support changes.
 - (bal) Too many <sys/queue.h> issues.  Remove all workarounds and
   using internal version only.
 - (bal) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2002/04/05 20:56:21
     [sshd.8]
     clarify sshrc some and handle X11UseLocalhost=yes; ok markus@@

20020404
 - (stevesk) [auth-pam.c auth-pam.h auth-passwd.c auth-sia.c auth-sia.h
    auth1.c auth2.c] PAM, OSF_SIA password auth cleanup; from djm.
 - (bal) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/04/03 09:26:11
     [cipher.c myproposal.h]
     re-add rijndael-cbc@@lysator.liu.se for MacSSH; ash@@lab.poc.net

20020402
 - (bal) Hand Sync of scp.c (reverted to upstream code)
   - deraadt@@cvs.openbsd.org 2002/03/30 17:45:46
     [scp.c]
     stretch banners
 - (bal) CVS ID sync of uidswap.c
 - (bal) OpenBSD CVS Sync (now for the real sync)
   - markus@@cvs.openbsd.org 2002/03/27 22:21:45
     [ssh-keygen.c]
     try to import keys with extra trailing === (seen with ssh.com < 
     2.0.12)
   - markus@@cvs.openbsd.org 2002/03/28 15:34:51
d2156 12
a2167 15
     do not call record_login twice (for use_privsep)
   - markus@@cvs.openbsd.org 2002/03/29 18:59:32
     [session.c session.h]
     retrieve last login time before the pty is allocated, store per 
     session
   - stevesk@@cvs.openbsd.org 2002/03/29 19:16:22
     [sshd.8]
     RSA key modulus size minimum 768; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/03/29 19:18:33
     [auth-rsa.c ssh-rsa.c ssh.h]
     make RSA modulus minimum #define; ok markus@@
   - markus@@cvs.openbsd.org 2002/03/30 18:51:15
     [monitor.c serverloop.c sftp-int.c sftp.c sshd.c]
     check waitpid for EINTR; based on patch from peter@@ifm.liu.se
   - markus@@cvs.openbsd.org 2002/04/01 22:02:16
d2169 985
a3153 2
     20480 is an upper limit for older server
   - markus@@cvs.openbsd.org 2002/04/01 22:07:17
d3155 71
a3225 2
     fallback to stat if server does not support lstat
   - markus@@cvs.openbsd.org 2002/04/02 11:49:39
d3227 50
a3276 3
     check $SHELL for -k and -d, too;
     http://bugzilla.mindrot.org/show_bug.cgi?id=199
   - markus@@cvs.openbsd.org 2002/04/02 17:37:48
d3278 52
a3329 2
     always call log_init()
   - markus@@cvs.openbsd.org 2002/04/02 20:11:38
d3331 51
a3381 2
     ignore SSH_BUG_SIGBLOB for ssh-rsa; #187
 - (bal) mispelling in uidswap.c (portable only)
d3383 352
a3734 23
20020401
 - (stevesk) [monitor.c] PAM should work again; will *not* work with
   UsePrivilegeSeparation=yes.
 - (stevesk) [auth1.c] fix password auth for protocol 1 when
   !USE_PAM && !HAVE_OSF_SIA; merge issue.

20020331
 - (tim) [configure.ac] use /bin/test -L to work around broken builtin on
   Solaris 8
 - (tim) [sshconnect2.c] change uint32_t to u_int32_t

20020330
 - (stevesk) [configure.ac] remove header check for sys/ttcompat.h
   bug 167

20020327
 - (bal) 'pw' should be 'authctxt->pw' in auth1.c spotted by 
   kent@@lysator.liu.se
 - (bal) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/03/26 11:34:49
     [ssh.1 sshd.8]
     update to recent drafts
   - markus@@cvs.openbsd.org 2002/03/26 11:37:05
d3736 2
a3737 25
     update Copyright
   - markus@@cvs.openbsd.org 2002/03/26 15:23:40
     [bufaux.c]
     do not talk about packets in bufaux
   - rees@@cvs.openbsd.org 2002/03/26 18:46:59
     [scard.c]
     try_AUT0 in read_pubkey too, for those paranoid few who want to 
     acl 'sh'
   - markus@@cvs.openbsd.org 2002/03/26 22:50:39
     [channels.h]
     CHANNEL_EFD_OUTPUT_ACTIVE is false for CHAN_CLOSE_RCVD, too
   - markus@@cvs.openbsd.org 2002/03/26 23:13:03
     [auth-rsa.c]
     disallow RSA keys < 768 for protocol 1, too (rhosts-rsa and rsa auth)
   - markus@@cvs.openbsd.org 2002/03/26 23:14:51
     [kex.c]
     generate a new cookie for each SSH2_MSG_KEXINIT message we send out
   - mouring@@cvs.openbsd.org 2002/03/27 11:45:42
     [monitor.c]
     monitor_allowed_key() returns int instead of pointer.  ok markus@@
  
20020325
 - (stevesk) import OpenBSD <sys/tree.h> as "openbsd-compat/tree.h"
 - (bal) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2002/03/23 20:57:26
d3739 3
a3741 5
     setproctitle() after preauth child; ok markus@@
   - markus@@cvs.openbsd.org 2002/03/24 16:00:27
     [serverloop.c]
     remove unused debug
   - markus@@cvs.openbsd.org 2002/03/24 16:01:13
d3743 276
a4018 130
     debug->debug3 for extra padding
   - stevesk@@cvs.openbsd.org 2002/03/24 17:27:03
     [kexgex.c]
     typo; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/03/24 17:53:16
     [monitor_fdpass.c]
     minor cleanup and more error checking; ok markus@@
   - markus@@cvs.openbsd.org 2002/03/24 18:05:29
     [scard.c]
     we need to figure out AUT0 for sc_private_encrypt, too
   - stevesk@@cvs.openbsd.org 2002/03/24 23:20:00
     [monitor.c]
     remove "\n" from fatal()
   - markus@@cvs.openbsd.org 2002/03/25 09:21:13
     [auth-rsa.c]
     return 0 (not NULL); tomh@@po.crl.go.jp
   - markus@@cvs.openbsd.org 2002/03/25 09:25:06
     [auth-rh-rsa.c]
     rm bogus comment
   - markus@@cvs.openbsd.org 2002/03/25 17:34:27
     [scard.c scard.h ssh-agent.c ssh-keygen.c ssh.c]
     change sc_get_key to sc_get_keys and hide smartcard details in scard.c
   - stevesk@@cvs.openbsd.org 2002/03/25 20:12:10
     [monitor_mm.c monitor_wrap.c]
     ssize_t args use "%ld" and cast to (long)
     size_t args use "%lu" and cast to (u_long)
     ok markus@@ and thanks millert@@
   - markus@@cvs.openbsd.org 2002/03/25 21:04:02
     [ssh.c]
     simplify num_identity_files handling
   - markus@@cvs.openbsd.org 2002/03/25 21:13:51
     [channels.c channels.h compat.c compat.h nchan.c]
     don't send stderr data after EOF, accept this from older known 
     (broken) sshd servers only, fixes
     http://bugzilla.mindrot.org/show_bug.cgi?id=179
   - stevesk@@cvs.openbsd.org 2002/03/26 03:24:01
     [monitor.h monitor_fdpass.h monitor_mm.h monitor_wrap.h]
     $OpenBSD$

20020324
 - (stevesk) [session.c] disable LOGIN_NEEDS_TERM until we are sure
   it can be removed. only used on solaris. will no longer compile with
   privsep shuffling.

20020322
 - (stevesk) HAVE_ACCRIGHTS_IN_MSGHDR configure support
 - (stevesk) [monitor.c monitor_wrap.c] #ifdef HAVE_PW_CLASS_IN_PASSWD
 - (stevesk) configure and cpp __FUNCTION__ gymnastics to handle nielsisms
 - (stevesk) [monitor_fdpass.c] support for access rights style file
   descriptor passing
 - (stevesk) [auth2.c] merge cleanup/sync
 - (stevesk) [defines.h] hp-ux 11 has ancillary data style fd passing, but
   is missing CMSG_LEN() and CMSG_SPACE() macros.
 - (stevesk) [defines.h] #define MAP_ANON MAP_ANONYMOUS for HP-UX; other
   platforms may need this--I'm not sure.  mmap() issues will need to be
   addressed further.
 - (tim) [cipher.c] fix problem with OpenBSD sync
 - (stevesk) [LICENCE] OpenBSD sync

20020321
 - (bal) OpenBSD CVS Sync
   - itojun@@cvs.openbsd.org 2002/03/08 06:10:16
     [sftp-client.c]
     printf type mismatch
   - itojun@@cvs.openbsd.org 2002/03/11 03:18:49
     [sftp-client.c]
     correct type mismatches (u_int64_t != unsigned long long)
   - itojun@@cvs.openbsd.org 2002/03/11 03:19:53
     [sftp-client.c]
     indent
   - markus@@cvs.openbsd.org 2002/03/14 15:24:27
     [sshconnect1.c]
     don't trust size sent by (rogue) server; noted by 
     s.esser@@e-matters.de
   - markus@@cvs.openbsd.org 2002/03/14 16:38:26
     [sshd.c]
     split out ssh1 session key decryption; ok provos@@
   - markus@@cvs.openbsd.org 2002/03/14 16:56:33
     [auth-rh-rsa.c auth-rsa.c auth.h]
     split auth_rsa() for better readability and privsep; ok provos@@
   - itojun@@cvs.openbsd.org 2002/03/15 11:00:38
     [auth.c]
     fix file type checking (use S_ISREG).  ok by markus
   - markus@@cvs.openbsd.org 2002/03/16 11:24:53
     [compress.c]
     skip inflateEnd if inflate fails; ok provos@@
   - markus@@cvs.openbsd.org 2002/03/16 17:22:09
     [auth-rh-rsa.c auth.h]
     split auth_rhosts_rsa(), ok provos@@
   - stevesk@@cvs.openbsd.org 2002/03/16 17:41:25
     [auth-krb5.c]
     BSD license.  from Daniel Kouril via Dug Song.  ok markus@@
   - provos@@cvs.openbsd.org 2002/03/17 20:25:56
     [auth.c auth.h auth1.c auth2.c]
     getpwnamallow returns struct passwd * only if user valid; 
     okay markus@@
   - provos@@cvs.openbsd.org 2002/03/18 01:12:14
     [auth.h auth1.c auth2.c sshd.c]
     have the authentication functions return the authentication context
     and then do_authenticated; okay millert@@
   - dugsong@@cvs.openbsd.org 2002/03/18 01:30:10
     [auth-krb4.c]
     set client to NULL after xfree(), from Rolf Braun 
     <rbraun+ssh@@andrew.cmu.edu>
   - provos@@cvs.openbsd.org 2002/03/18 03:41:08
     [auth.c session.c]
     move auth_approval into getpwnamallow with help from millert@@
   - markus@@cvs.openbsd.org 2002/03/18 17:13:15
     [cipher.c cipher.h]
     export/import cipher states; needed by ssh-privsep
   - markus@@cvs.openbsd.org 2002/03/18 17:16:38
     [packet.c packet.h]
     export/import cipher state, iv and ssh2 seqnr; needed by ssh-privsep
   - markus@@cvs.openbsd.org 2002/03/18 17:23:31
     [key.c key.h]
     add key_demote() for ssh-privsep
   - provos@@cvs.openbsd.org 2002/03/18 17:25:29
     [bufaux.c bufaux.h]
     buffer_skip_string and extra sanity checking; needed by ssh-privsep
   - provos@@cvs.openbsd.org 2002/03/18 17:31:54
     [compress.c]
     export compression streams for ssh-privsep
   - provos@@cvs.openbsd.org 2002/03/18 17:50:31
     [auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c]
     [auth-skey.c auth.h auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c]
     [kexgex.c servconf.c]
     [session.h servconf.h serverloop.c session.c sshd.c]
     integrate privilege separated openssh; its turned off by default 
     for now. work done by me and markus@@
   - provos@@cvs.openbsd.org 2002/03/18 17:53:08
d4020 159
a4178 2
     credits for privsep
   - provos@@cvs.openbsd.org 2002/03/18 17:59:09
d4180 192
a4371 38
     document UsePrivilegeSeparation
   - stevesk@@cvs.openbsd.org 2002/03/18 23:52:51
     [servconf.c]
     UnprivUser/UnprivGroup usable now--specify numeric user/group; ok
     provos@@
   - stevesk@@cvs.openbsd.org 2002/03/19 03:03:43
     [pathnames.h servconf.c servconf.h sshd.c]
     _PATH_PRIVSEP_CHROOT_DIR; ok provos@@
   - stevesk@@cvs.openbsd.org 2002/03/19 05:23:08
     [sshd.8]
     Banner has no default.
   - mpech@@cvs.openbsd.org 2002/03/19 06:32:56
     [sftp-int.c]
     use xfree() after xstrdup().

     markus@@ ok
   - markus@@cvs.openbsd.org 2002/03/19 10:35:39
     [auth-options.c auth.h session.c session.h sshd.c]
     clean up prototypes
   - markus@@cvs.openbsd.org 2002/03/19 10:49:35
     [auth-krb5.c auth-rh-rsa.c auth.c cipher.c key.c misc.h]
     [packet.c session.c sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c]
     [sshconnect2.c sshd.c ttymodes.c]
     KNF whitespace
   - markus@@cvs.openbsd.org 2002/03/19 14:27:39
     [auth.c auth1.c auth2.c]
     make getpwnamallow() allways call pwcopy()
   - markus@@cvs.openbsd.org 2002/03/19 15:31:47
     [auth.c]
     check for NULL; from provos@@
   - stevesk@@cvs.openbsd.org 2002/03/20 19:12:25
     [servconf.c servconf.h ssh.h sshd.c]
     for unprivileged user, group do:
     pw=getpwnam(SSH_PRIVSEP_USER); do_setusercontext(pw).  ok provos@@
   - stevesk@@cvs.openbsd.org 2002/03/20 21:08:08
     [sshd.c]
     strerror() on chdir() fail; ok provos@@
   - markus@@cvs.openbsd.org 2002/03/21 10:21:20
d4373 249
a4621 16
     ignore errors for nonexisting default keys in ssh-add,
     fixes http://bugzilla.mindrot.org/show_bug.cgi?id=158
   - jakob@@cvs.openbsd.org 2002/03/21 15:17:26
     [clientloop.c ssh.1]
     add built-in command line for adding new port forwardings on the fly.
     based on a patch from brian wellington. ok markus@@.
   - markus@@cvs.openbsd.org 2002/03/21 16:38:06
     [scard.c]
     make compile w/ openssl 0.9.7
   - markus@@cvs.openbsd.org 2002/03/21 16:54:53
     [scard.c scard.h ssh-keygen.c]
     move key upload to scard.[ch]
   - markus@@cvs.openbsd.org 2002/03/21 16:57:15
     [scard.c]
     remove const
   - markus@@cvs.openbsd.org 2002/03/21 16:58:13
d4623 29
a4651 8
     remove unused
   - rees@@cvs.openbsd.org 2002/03/21 18:08:15
     [scard.c]
     In sc_put_key(), sc_reader_id should be id.
   - markus@@cvs.openbsd.org 2002/03/21 20:51:12
     [sshd_config]
     add privsep (off)
   - markus@@cvs.openbsd.org 2002/03/21 21:23:34
d4653 59
a4711 33
     add privsep_preauth() and remove 1 goto; ok provos@@
   - rees@@cvs.openbsd.org 2002/03/21 21:54:34
     [scard.c scard.h ssh-keygen.c]
     Add PIN-protection for secret key.
   - rees@@cvs.openbsd.org 2002/03/21 22:44:05
     [authfd.c authfd.h ssh-add.c ssh-agent.c ssh.c]
     Add PIN-protection for secret key.
   - markus@@cvs.openbsd.org 2002/03/21 23:07:37
     [clientloop.c]
     remove unused, sync w/ cmdline patch in my tree.

20020317
 - (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is 
   wanted, warn if directory does not exist. Put system directories in 
   front of PATH for finding entorpy commands.
 - (tim) [contrib/aix/buildbff.sh contrib/aix/inventory.sh] AIX package
   build fixes.  Patch by Darren Tucker <dtucker@@zip.com.au>
   [contrib/solaris/buildpkg.sh] add missing dirs to SYSTEM_DIR. Have
   postinstall check for $piddir and add if necessary.

20020311
 - (tim) [contrib/solaris/buildpkg.sh, contrib/solaris/README] Updated to
   build on all platforms that support SVR4 style package tools. Now runs
   from build dir. Parts are based on patches from Antonio Navarro, and
   Darren Tucker.

20020308
 - (djm) Revert bits of Markus' OpenSSL compat patch which was 
   accidentally committed.
 - (djm) Add Markus' patch for compat wih OpenSSL < 0.9.6. 
   Known issue: Blowfish for SSH1 does not work
 - (stevesk) entropy.c: typo in debug message
 - (djm) ssh-keygen -i needs seeded RNG; report from markus@@
d4713 1
a4713 1
$Id: ChangeLog,v 1.2240 2002/06/21 15:44:45 djm Exp $
@


1.1.1.1
log
@Vendor import of OpenSSH 3.3p1.
@
text
@@


1.1.1.2
log
@Vendor import of OpenSSH 3.4p1.
@
text
@a0 161
20020626
 - (stevesk) [monitor.c] remove duplicate proto15 dispatch entry for PAM
 - (bal) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/06/23 21:34:07
     [channels.c]
     tcode is u_int
   - markus@@cvs.openbsd.org 2002/06/24 13:12:23
     [ssh-agent.1]
     the socket name contains ssh-agent's ppid; via mpech@@ from form@@
   - markus@@cvs.openbsd.org 2002/06/24 14:33:27
     [channels.c channels.h clientloop.c serverloop.c]
     move channel counter to u_int
   - markus@@cvs.openbsd.org 2002/06/24 14:55:38
     [authfile.c kex.c ssh-agent.c]
     cat to (void) when output from buffer_get_X is ignored
   - itojun@@cvs.openbsd.org 2002/06/24 15:49:22
     [msg.c]
     printf type pedant
   - deraadt@@cvs.openbsd.org 2002/06/24 17:57:20
     [sftp-server.c sshpty.c]
     explicit (u_int) for uid and gid
   - markus@@cvs.openbsd.org 2002/06/25 16:22:42
     [authfd.c]
     unnecessary cast
   - markus@@cvs.openbsd.org 2002/06/25 18:51:04
     [sshd.c]
     lightweight do_setusercontext after chroot()
 - (bal) Updated AIX package build.  Patch by dtucker@@zip.com.au
 - (tim) [Makefile.in] fix test on installing ssh-rand-helper.8
 - (bal) added back in error check for mmap().  I screwed up, Pointed
   out by stevesk@@
 - (tim) [README.privsep] UnixWare tip no longer needed.
 - (bal) fixed NeXTStep missing munmap() issue. It defines HAVE_MMAP,
   but it all damned lies.
 - (stevesk) [README.privsep] more for sshd pseudo-account.
 - (tim) [contrib/caldera/openssh.spec] add support for privsep
 - (djm) setlogin needs pgid==pid on BSD/OS; from itojun@@
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/06/26 08:53:12
     [bufaux.c]
     limit size of BNs to 8KB; ok provos/deraadt
   - markus@@cvs.openbsd.org 2002/06/26 08:54:18
     [buffer.c]
     limit append to 1MB and buffers to 10MB
   - markus@@cvs.openbsd.org 2002/06/26 08:55:02
     [channels.c]
     limit # of channels to 10000
   - markus@@cvs.openbsd.org 2002/06/26 08:58:26
     [session.c]
     limit # of env vars to 1000; ok deraadt/djm
   - deraadt@@cvs.openbsd.org 2002/06/26 13:20:57
     [monitor.c]
     be careful in mm_zalloc
   - deraadt@@cvs.openbsd.org 2002/06/26 13:49:26
     [session.c]
     disclose less information from environment files; based on input 
     from djm, and dschultz@@uclink.Berkeley.EDU
   - markus@@cvs.openbsd.org 2002/06/26 13:55:37
     [auth2-chall.c]
     make sure # of response matches # of queries, fixes int overflow; 
     from ISS
   - markus@@cvs.openbsd.org 2002/06/26 13:56:27
     [version.h]
     3.4
 - (djm) Require krb5 devel for RPM build w/ KrbV 
 - (djm) Improve PAMAuthenticationViaKbdInt text from Nalin Dahyabhai 
   <nalin@@redhat.com>
 - (djm) Update spec files for release 
 - (djm) Fix int overflow in auth2-pam.c, similar to one discovered by ISS
 - (djm) Release 3.4p1

20020625
 - (stevesk) [INSTALL acconfig.h configure.ac defines.h] remove --with-rsh
 - (stevesk) [README.privsep] minor updates
 - (djm) Create privsep directory and warn if privsep user is missing 
   during make install
 - (bal) Started list of PrivSep issues in TODO
 - (bal) if mmap() is substandard, don't allow compression on server side.
   Post 'event' we will add more options.
 - (tim) [contrib/caldera/openssh.spec] Sync with Caldera
 - (bal) moved aix_usrinfo() and noted not setting real TTY.  Patch by
   dtucker@@zip.com.au
 - (tim) [acconfig.h configure.ac sshd.c] BROKEN_FD_PASSING fix from Markus
   for Cygwin, Cray, & SCO

20020624
 - OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2002/06/23 03:25:50
     [tildexpand.c]
     KNF
   - deraadt@@cvs.openbsd.org 2002/06/23 03:26:19
     [cipher.c key.c]
     KNF
   - deraadt@@cvs.openbsd.org 2002/06/23 03:30:58
     [scard.c ssh-dss.c ssh-rsa.c sshconnect.c sshconnect2.c sshd.c sshlogin.c
      sshpty.c]
     various KNF and %d for unsigned
   - deraadt@@cvs.openbsd.org 2002/06/23 09:30:14
     [sftp-client.c sftp-client.h sftp-common.c sftp-int.c sftp-server.c
      sftp.c]
     bunch of u_int vs int stuff
   - deraadt@@cvs.openbsd.org 2002/06/23 09:39:55
     [ssh-keygen.c]
     u_int stuff
   - deraadt@@cvs.openbsd.org 2002/06/23 09:46:51
     [bufaux.c servconf.c]
     minor KNF.  things the fingers do while you read
   - deraadt@@cvs.openbsd.org 2002/06/23 10:29:52
     [ssh-agent.c sshd.c]
     some minor KNF and %u
   - deraadt@@cvs.openbsd.org 2002/06/23 20:39:45
     [session.c]
     compression_level is u_int
   - deraadt@@cvs.openbsd.org 2002/06/23 21:06:13
     [sshpty.c]
     KNF
   - deraadt@@cvs.openbsd.org 2002/06/23 21:06:41
     [channels.c channels.h session.c session.h]
     display, screen, row, col, xpixel, ypixel are u_int; markus ok
   - deraadt@@cvs.openbsd.org 2002/06/23 21:10:02
     [packet.c]
     packet_get_int() returns unsigned for reason & seqnr
  - (bal) Also fixed IPADDR_IN_DISPLAY case where display, screen, row, col,
    xpixel are u_int.


20020623
 - (stevesk) [configure.ac] bug #255 LOGIN_NEEDS_UTMPX for AIX.
 - (bal) removed GNUism for getops in ssh-agent since glibc lacks optreset.
 - (bal) add extern char *getopt.  Based on report by dtucker@@zip.com.au 
 - OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2002/06/22 02:00:29
     [ssh.h]
     correct comment
   - stevesk@@cvs.openbsd.org 2002/06/22 02:40:23
     [ssh.1]
     section 5 not 4 for ssh_config
   - naddy@@cvs.openbsd.org 2002/06/22 11:51:39
     [ssh.1]
     typo
   - stevesk@@cvs.openbsd.org 2002/06/22 16:32:54
     [sshd.8]
     add /var/empty in FILES section
   - stevesk@@cvs.openbsd.org 2002/06/22 16:40:19
     [sshd.c]
     check /var/empty owner mode; ok provos@@
   - stevesk@@cvs.openbsd.org 2002/06/22 16:41:57
     [scp.1]
     typo
   - stevesk@@cvs.openbsd.org 2002/06/22 16:45:29
     [ssh-agent.1 sshd.8 sshd_config.5]
     use process ID vs. pid/PID/process identifier
   - stevesk@@cvs.openbsd.org 2002/06/22 20:05:27
     [sshd.c]
     don't call setsid() if debugging or run from inetd; no "Operation not
     permitted" errors now; ok millert@@ markus@@
   - stevesk@@cvs.openbsd.org 2002/06/22 23:09:51
     [monitor.c]
     save auth method before monitor_reset_key_state(); bugzilla bug #284;
     ok provos@@

a3 2
 - (bal) getopt now can be staticly compiled on those platforms missing
   optreset.  Patch by binder@@arago.de
d1007 1
a1007 1
$Id: ChangeLog,v 1.2301 2002/06/26 13:59:10 djm Exp $
@


1.1.1.3
log
@Vendor import of OpenSSH-portable 3.5p1.
@
text
@a0 596
20021003
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/10/01 20:34:12
     [ssh-agent.c]
     allow root to access the agent, since there is no protection from root.
   - markus@@cvs.openbsd.org 2002/10/01 13:24:50
     [version.h]
     OpenSSH 3.5
 - (djm) Bump RPM spec version numbers
 - (djm) Bug #406 s/msg_send/ssh_msh_send/ for Mac OS X 1.2

20020930
 - (djm) Tidy contrib/, add Makefile for GNOME passphrase dialogs, 
   tweak README
 - (djm) OpenBSD CVS Sync
   - mickey@@cvs.openbsd.org 2002/09/27 10:42:09
     [compat.c compat.h sshd.c]
     add a generic match for a prober, such as sie big brother; 
     idea from stevesk@@; markus@@ ok
   - stevesk@@cvs.openbsd.org 2002/09/27 15:46:21
     [ssh.1]
     clarify compression level protocol 1 only; ok markus@@ deraadt@@

20020927
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/09/25 11:17:16
     [sshd_config]
     sync LoginGraceTime with default
   - markus@@cvs.openbsd.org 2002/09/25 15:19:02
     [sshd.c]
     typo; pilot@@monkey.org
   - markus@@cvs.openbsd.org 2002/09/26 11:38:43
     [auth1.c auth.h auth-krb4.c monitor.c monitor.h monitor_wrap.c]
     [monitor_wrap.h]
     krb4 + privsep; ok dugsong@@, deraadt@@

20020925
 - (bal) Fix issue where successfull login does not clear failure counts
   in AIX.  Patch by dtucker@@zip.com.au ok by djm
 - (tim) Cray fixes (bug 367) based on patch from Wendy Palm @@ cray.
    This does not include the deattack.c fixes.

20020923
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2002/09/23 20:46:27
     [canohost.c]
     change get_peer_ipaddr() and get_local_ipaddr() to not return NULL for
     non-sockets; fixes a problem passing NULL to snprintf(). ok markus@@
   - markus@@cvs.openbsd.org 2002/09/23 22:11:05
     [monitor.c]
     only call auth_krb5 if kerberos is enabled; ok deraadt@@
   - markus@@cvs.openbsd.org 2002/09/24 08:46:04
     [monitor.c]
     only call kerberos code for authctxt->valid
   - todd@@cvs.openbsd.org 2002/09/24 20:59:44
     [sshd.8]
     tweak the example $HOME/.ssh/rc script to not show on any cmdline the
     sensitive data it handles. This fixes bug # 402 as reported by
     kolya@@mit.edu (Nickolai Zeldovich).
     ok markus@@ and stevesk@@

20020923
 - (tim) [configure.ac] s/return/exit/ patch by dtucker@@zip.com.au

20020922
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2002/09/19 14:53:14
     [compat.c]
   - markus@@cvs.openbsd.org 2002/09/19 15:51:23
     [ssh-add.c]
     typo; cd@@kalkatraz.de
   - stevesk@@cvs.openbsd.org 2002/09/19 16:03:15
     [serverloop.c]
     log IP address also; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/09/20 18:41:29
     [auth.c]
     log illegal user here for missing privsep case (ssh2).
     this is executed in the monitor. ok markus@@

20020919
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2002/09/12 19:11:52
     [ssh-agent.c]
     %u for uid print; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/09/12 19:50:36
     [session.c ssh.1]
     add SSH_CONNECTION and deprecate SSH_CLIENT; bug #384.  ok markus@@
   - stevesk@@cvs.openbsd.org 2002/09/13 19:23:09
     [channels.c sshconnect.c sshd.c]
     remove use of SO_LINGER, it should not be needed. error check
     SO_REUSEADDR. fixup comments. ok markus@@
   - stevesk@@cvs.openbsd.org 2002/09/16 19:55:33
     [session.c]
     log when _PATH_NOLOGIN exists; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/09/16 20:12:11
     [sshd_config.5]
     more details on X11Forwarding security issues and threats; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/09/16 22:03:13
     [sshd.8]
     reference moduli(5) in FILES /etc/moduli.
   - itojun@@cvs.openbsd.org 2002/09/17 07:47:02
     [channels.c]
     don't quit while creating X11 listening socket.
     http://mail-index.netbsd.org/current-users/2002/09/16/0005.html
     got from portable.  markus ok
   - djm@@cvs.openbsd.org 2002/09/19 01:58:18
     [ssh.c sshconnect.c]
     bugzilla.mindrot.org #223 - ProxyCommands don't exit.
     Patch from dtucker@@zip.com.au; ok markus@@

20020912
 - (djm) Made GNOME askpass programs return non-zero if cancel button is 
   pressed.
 - (djm) Added getpeereid() replacement. Properly implemented for systems
   with SO_PEERCRED support. Faked for systems which lack it.
 - (djm) Sync sys/tree.h with OpenBSD -current. Rename tree.h and 
   fake-queue.h to sys-tree.h and sys-queue.h
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/09/08 20:24:08
     [hostfile.h]
     no comma at end of enumerator list
   - itojun@@cvs.openbsd.org 2002/09/09 06:48:06
     [auth1.c auth.h auth-krb5.c monitor.c monitor.h]
     [monitor_wrap.c monitor_wrap.h]
     kerberos support for privsep.  confirmed to work by lha@@stacken.kth.se
     patch from markus
   - markus@@cvs.openbsd.org 2002/09/09 14:54:15
     [channels.c kex.h key.c monitor.c monitor_wrap.c radix.c uuencode.c]
     signed vs unsigned from -pedantic; ok henning@@
   - markus@@cvs.openbsd.org 2002/09/10 20:24:47
     [ssh-agent.c]
     check the euid of the connecting process with getpeereid(2); 
     ok provos deraadt stevesk
   - stevesk@@cvs.openbsd.org 2002/09/11 17:55:03
     [ssh.1]
     add agent and X11 forwarding warning text from ssh_config.5; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/09/11 18:27:26
     [authfd.c authfd.h ssh.c]
     don't connect to agent to test for presence if we've previously
     connected; ok markus@@
   - djm@@cvs.openbsd.org 2002/09/11 22:41:50
     [sftp.1 sftp-client.c sftp-client.h sftp-common.c sftp-common.h]
     [sftp-glob.c sftp-glob.h sftp-int.c sftp-server.c]
     support for short/long listings and globbing in "ls"; ok markus@@
   - djm@@cvs.openbsd.org 2002/09/12 00:13:06
     [sftp-int.c]
     zap unused var introduced in last commit

20020911
 - (djm) Sync openbsd-compat with OpenBSD -current

20020910
 - (djm) Bug #365: Read /.ssh/environment properly under CygWin. 
   Patch from Mark Bradshaw <bradshaw@@staff.crosswalk.com>
 - (djm) Bug #138: Make protocol 1 blowfish work with old OpenSSL. 
   Patch from Robert Halubek <rob@@adso.com.pl>

20020905 
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2002/09/04 18:52:42
     [servconf.c sshd.8 sshd_config.5]
     default LoginGraceTime to 2m; 1m may be too short for slow systems.
     ok markus@@
 - (djm) Merge openssh-TODO.patch from Redhat (null) beta
 - (djm) Add gnome-ssh-askpass2.c (gtk2) by merge with patch from 
    Nalin Dahyabhai <nalin@@redhat.com>
 - (djm) Add support for building gtk2 password requestor from Redhat beta

20020903
 - (djm) Patch from itojun@@ for Darwin OS: test getaddrinfo, reorder libcrypt
 - (djm) Fix Redhat RPM build dependancy test
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/08/12 10:46:35
     [ssh-agent.c]
     make ssh-agent setgid, disallow ptrace.
   - espie@@cvs.openbsd.org 2002/08/21 11:20:59
     [sshd.8]
     `RSA' updated to refer to `public key', where it matters.
     okay markus@@
   - stevesk@@cvs.openbsd.org 2002/08/21 19:38:06
     [servconf.c sshd.8 sshd_config sshd_config.5]
     change LoginGraceTime default to 1 minute; ok mouring@@ markus@@
   - stevesk@@cvs.openbsd.org 2002/08/21 20:10:28
     [ssh-agent.c]
     raise listen backlog; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/22 19:27:53
     [ssh-agent.c]
     use common close function; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/22 19:38:42
     [clientloop.c]
     format with current EscapeChar; bugzilla #388 from wknox@@mitre.org.
     ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/22 20:57:19
     [ssh-agent.c]
     shutdown(SHUT_RDWR) not needed before close here; ok markus@@
   - markus@@cvs.openbsd.org 2002/08/22 21:33:58
     [auth1.c auth2.c]
     auth_root_allowed() is handled by the monitor in the privsep case,
     so skip this for use_privsep, ok stevesk@@, fixes bugzilla #387/325
   - markus@@cvs.openbsd.org 2002/08/22 21:45:41
     [session.c]
     send signal name (not signal number) in "exit-signal" message; noticed
     by galb@@vandyke.com
   - stevesk@@cvs.openbsd.org 2002/08/27 17:13:56
     [ssh-rsa.c]
     RSA_public_decrypt() returns -1 on error so len must be signed; 
     ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/27 17:18:40
     [ssh_config.5]
     some warning text for ForwardAgent and ForwardX11; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/29 15:57:25
     [monitor.c session.c sshlogin.c sshlogin.h]
     pass addrlen with sockaddr *; from Hajimu UMEMOTO <ume@@FreeBSD.org>
     NOTE: there are also p-specific parts to this patch. ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/29 16:02:54
     [ssh.1 ssh.c]
     deprecate -P as UsePrivilegedPort defaults to no now; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/29 16:09:02
     [ssh_config.5]
     more on UsePrivilegedPort and setuid root; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/29 19:49:42
     [ssh.c]
     shrink initial privilege bracket for setuid case; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/29 22:54:10
     [ssh_config.5 sshd_config.5]
     state XAuthLocation is a full pathname

20020820
 - OpenBSD CVS Sync
   - millert@@cvs.openbsd.org 2002/08/02 14:43:15
     [monitor.c monitor_mm.c]
     Change mm_zalloc() sanity checks to be more in line with what
     we do in calloc() and add a check to monitor_mm.c.
     OK provos@@ and markus@@
   - marc@@cvs.openbsd.org 2002/08/02 16:00:07
     [ssh.1 sshd.8]
     note that .ssh/environment is only read when
     allowed (PermitUserEnvironment in sshd_config).
     OK markus@@
   - markus@@cvs.openbsd.org 2002/08/02 21:23:41
     [ssh-rsa.c]
     diff is u_int (2x); ok deraadt/provos
   - markus@@cvs.openbsd.org 2002/08/02 22:20:30
     [ssh-rsa.c]
     replace RSA_verify with our own version and avoid the OpenSSL ASN.1 parser
     for authentication; ok deraadt/djm
   - aaron@@cvs.openbsd.org 2002/08/08 13:50:23
     [sshconnect1.c]
     Use & to test if bits are set, not &&; markus@@ ok.
   - stevesk@@cvs.openbsd.org 2002/08/08 23:54:52
     [auth.c]
     typo in comment
   - stevesk@@cvs.openbsd.org 2002/08/09 17:21:42
     [sshd_config.5]
     use Op for mdoc conformance; from esr@@golux.thyrsus.com
     ok aaron@@
   - stevesk@@cvs.openbsd.org 2002/08/09 17:41:12
     [sshd_config.5]
     proxy vs. fake display
   - stevesk@@cvs.openbsd.org 2002/08/12 17:30:35
     [ssh.1 sshd.8 sshd_config.5]
     more PermitUserEnvironment; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/17 23:07:14
     [ssh.1]
     ForwardAgent has defaulted to no for over 2 years; be more clear here.
   - stevesk@@cvs.openbsd.org 2002/08/17 23:55:01
     [ssh_config.5]
     ordered list here
 - (bal) [defines.h] Some platforms don't have SIZE_T_MAX.  So assign 
   it to ULONG_MAX.

20020813
 - (tim) [configure.ac] Display OpenSSL header/library version.
   Patch by dtucker@@zip.com.au

20020731
 - (bal) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/07/24 16:11:18
     [hostfile.c hostfile.h sshconnect.c]
     print out all known keys for a host if we get a unknown host key,
     see discussion at http://marc.theaimsgroup.com/?t=101069210100016&r=1&w=4

     the ssharp mitm tool attacks users in a similar way, so i'd like to
     pointed out again:
        A MITM attack is always possible if the ssh client prints:
        The authenticity of host 'bla' can't be established.
     (protocol version 2 with pubkey authentication allows you to detect
     MITM attacks)
   - mouring@@cvs.openbsd.org 2002/07/25 01:16:59
     [sftp.c]
     FallBackToRsh does not exist anywhere else.  Remove it from here.
     OK deraadt.
   - markus@@cvs.openbsd.org 2002/07/29 18:57:30
     [sshconnect.c]
     print file:line
   - markus@@cvs.openbsd.org 2002/07/30 17:03:55
     [auth-options.c servconf.c servconf.h session.c sshd_config sshd_config.5]
     add PermitUserEnvironment (off by default!); from dot@@dotat.at;
     ok provos, deraadt

20020730
 - (bal) [uidswap.c] SCO compile correction by gert@@greenie.muc.de

20020728
 - (stevesk) [auth-pam.c] should use PAM_MSG_MEMBER(); from solar
 - (stevesk) [CREDITS] solar
 - (stevesk) [ssh-rand-helper.c] RAND_bytes() and SHA1_Final() unsigned
   char arg.

20020725
 - (djm) Remove some cruft from INSTALL
 - (djm) Latest config.guess and config.sub from ftp://ftp.gnu.org/gnu/config/

20020723
 - (bal) [bsd-cray.c bsd-cray.h] Part 2 of Cray merger. 
 - (bal) sync ID w/ ssh-agent.c
 - (bal) OpenBSD Sync
   - markus@@cvs.openbsd.org 2002/07/19 15:43:33
     [log.c log.h session.c sshd.c]
     remove fatal cleanups after fork; based on discussions with and code
     from solar.
   - stevesk@@cvs.openbsd.org 2002/07/19 17:42:40
     [ssh.c]
     display a warning from ssh when XAuthLocation does not exist or xauth
     returned no authentication data. ok markus@@
   - stevesk@@cvs.openbsd.org 2002/07/21 18:32:20
     [auth-options.c]
     unneeded includes
   - stevesk@@cvs.openbsd.org 2002/07/21 18:34:43
     [auth-options.h]
     remove invalid comment
   - markus@@cvs.openbsd.org 2002/07/22 11:03:06
     [session.c]
     fallback to _PATH_STDPATH on setusercontext+LOGIN_SETPATH errors;
   - stevesk@@cvs.openbsd.org 2002/07/22 17:32:56
     [monitor.c]
     u_int here; ok provos@@
   - stevesk@@cvs.openbsd.org 2002/07/23 16:03:10
     [sshd.c]
     utmp_len is unsigned; display error consistent with other options.
     ok markus@@
   - stevesk@@cvs.openbsd.org 2002/07/15 17:15:31
     [uidswap.c]
     little more debugging; ok markus@@

20020722
 - (bal) AIX tty data limiting patch fix by leigh@@solinno.co.uk
 - (stevesk) [xmmap.c] missing prototype for fatal()
 - (bal) [configure.ac defines.h loginrec.c sshd.c sshpty.c] Partial sync
   with Cray (mostly #ifdef renaming).  Patch by wendyp@@cray.com.
 - (bal) [configure.ac]  Missing ;; from cray patch.
 - (bal) [monitor_mm.c openbsd-compat/xmmap.h] Move xmmap() defines
   into it's own header.
 - (stevesk) [auth-pam.[ch] session.c] pam_getenvlist() must be
   freed by the caller; add free_pam_environment() and use it.
 - (stevesk) [auth-pam.c] typo in comment

20020721
 - (stevesk) [auth-pam.c] merge cosmetic changes from solar's
   openssh-3.4p1-owl-password-changing.diff
 - (stevesk) [auth-pam.c] merge rest of solar's PAM patch;
   PAM_NEW_AUTHTOK_REQD remains in #if 0 for now.
 - (stevesk) [auth-pam.c] cast to avoid initialization type mismatch
   warning on pam_conv struct conversation function.
 - (stevesk) [auth-pam.h] license
 - (stevesk) [auth-pam.h] unneeded include
 - (stevesk) [auth-pam.[ch] ssh.h] move SSHD_PAM_SERVICE to auth-pam.h

20020720
 - (stevesk) [ssh-keygen.c] bug #231: always init/seed_rng().

20020719
 - (tim) [contrib/solaris/buildpkg.sh] create privsep user/group if needed.
   Patch by dtucker@@zip.com.au
 - (tim) [configure.ac]  test for libxnet on HP. Patch by dtucker@@zip.com.au

20020718
 - (tim) [defines.h] Bug 313 patch by dirk.meyer@@dinoex.sub.org
 - (tim) [monitor_mm.c] add missing declaration for xmmap(). Reported
   by ayamura@@ayamura.org
 - (tim) [configure.ac] Bug 267 rework int64_t test.
 - (tim) [includes.h] Bug 267 add stdint.h

20020717
 - (bal) aixbff package updated by dtucker@@zip.com.au
 - (tim) [configure.ac] change how we do paths in AC_PATH_PROGS tests
   for autoconf 2.53. Based on a patch by jrj@@purdue.edu

20020716
 - (tim) [contrib/solaris/opensshd.in] Only kill sshd if .pid file found

20020715
 - (bal) OpenBSD CVS Sync
   - itojun@@cvs.openbsd.org 2002/07/12 13:29:09
     [sshconnect.c]
     print connect failure during debugging mode.
   - markus@@cvs.openbsd.org 2002/07/12 15:50:17
     [cipher.c]
     EVP_CIPH_CUSTOM_IV for our own rijndael
 - (bal) Remove unused tty defined in do_setusercontext() pointed out by
   dtucker@@zip.com.au plus a a more KNF since I am near it.
 - (bal) Privsep user creation support in Solaris buildpkg.sh by 
   dtucker@@zip.com.au

20020714
 - (tim) [Makefile.in] replace "id sshd" with "sshd -t"
 - (bal/tim) [acconfig.h configure.ac monitor_mm.c servconf.c
   openbsd-compat/Makefile.in] support compression on platforms that
   have no/broken MAP_ANON. Moved code to openbsd-compat/xmmap.c
   Based on patch from nalin@@redhat.com of code extracted from Owl's package
 - (tim) [ssh_prng_cmds.in] Bug 323 arp -n flag doesn't exist under Solaris.
   report by chris@@by-design.net
 - (tim) [loginrec.c] Bug 347: Fix typo (WTMPX_FILE) report by rodney@@bond.net
 - (tim) [loginrec.c] Bug 348: add missing found = 1; to wtmpx_islogin()
   report by rodney@@bond.net

20020712
 - (tim) [Makefile.in] quiet down install-files: and check-user:
 - (tim) [configure.ac] remove unused filepriv line

20020710
 - (tim) [contrib/cygwin/ssh-host-config] explicitely sets the permissions
   on /var/empty to 755 Patch by vinschen@@redhat.com
 - (bal) OpenBSD CVS Sync
   - itojun@@cvs.openbsd.org 2002/07/09 11:56:50
     [sshconnect.c]
     silently try next address on connect(2).  markus ok
   - itojun@@cvs.openbsd.org 2002/07/09 11:56:27
     [canohost.c]
     suppress log on reverse lookup failiure, as there's no real value in
     doing so.
     markus ok
   - itojun@@cvs.openbsd.org 2002/07/09 12:04:02
     [sshconnect.c]
     ed static function (less warnings)
   - stevesk@@cvs.openbsd.org 2002/07/09 17:46:25
     [sshd_config.5]
     clarify no preference ordering in protocol list; ok markus@@
   - itojun@@cvs.openbsd.org 2002/07/10 10:28:15
     [sshconnect.c]
     bark if all connection attempt fails.
   - deraadt@@cvs.openbsd.org 2002/07/10 17:53:54
     [rijndael.c]
     use right sizeof in memcpy; markus ok

20020709
 - (bal) NO_IPPORT_RESERVED_CONCEPT used instead of CYGWIN so other platforms
   lacking that concept can share it. Patch by vinschen@@redhat.com

20020708
 - (tim) [openssh/contrib/solaris/buildpkg.sh] add PKG_INSTALL_ROOT to
   work in a jumpstart environment. patch by kbrint@@rufus.net
 - (tim) [Makefile.in] workaround for broken pakadd on some systems.
 - (tim) [configure.ac] fix libc89 utimes test. Mention default path for
   --with-privsep-path=

20020707
 - (tim) [Makefile.in] use umask instead of chmod on $(PRIVSEP_PATH)
 - (tim) [acconfig.h configure.ac sshd.c]
   s/BROKEN_FD_PASSING/DISABLE_FD_PASSING/
 - (tim) [contrib/cygwin/ssh-host-config] sshd account creation fixes
   patch from vinschen@@redhat.com
 - (bal) [realpath.c] Updated with OpenBSD tree.
 - (bal) OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2002/07/04 04:15:33
     [key.c monitor_wrap.c sftp-glob.c ssh-dss.c ssh-rsa.c]
     patch memory leaks; grendel@@zeitbombe.org
   - deraadt@@cvs.openbsd.org 2002/07/04 08:12:15
     [channels.c packet.c]
     blah blah minor nothing as i read and re-read and re-read...
   - markus@@cvs.openbsd.org 2002/07/04 10:41:47
     [key.c monitor_wrap.c ssh-dss.c ssh-rsa.c]
     don't allocate, copy, and discard if there is not interested in the data; 
     ok deraadt@@
   - deraadt@@cvs.openbsd.org 2002/07/06 01:00:49
     [log.c]
     KNF
   - deraadt@@cvs.openbsd.org 2002/07/06 01:01:26
     [ssh-keyscan.c]
     KNF, realloc fix, and clean usage
   - stevesk@@cvs.openbsd.org 2002/07/06 17:47:58
     [ssh-keyscan.c]
     unused variable
 - (bal) Minor KNF on ssh-keyscan.c

20020705
 - (tim) [configure.ac] AIX 4.2.1 has authenticate() in libs.
   Reported by Darren Tucker <dtucker@@zip.com.au>
 - (tim) [contrib/cygwin/ssh-host-config] double slash corrction
   from vinschen@@redhat.com

20020704
 - (bal) Limit data to TTY for AIX only (Newer versions can't handle the
   faster data rate)  Bug #124
 - (bal) glob.c defines TILDE and AIX also defines it.  #undef it first.
   bug #265
 - (bal) One too many nulls in ports-aix.c
 
20020703
 - (bal) Updated contrib/cygwin/  patch by vinschen@@redhat.com 
 - (bal) minor correction to utimes() replacement.  Patch by
   onoe@@sm.sony.co.jp
 - OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/06/27 08:49:44
     [dh.c ssh-keyscan.c sshconnect.c]
     more checks for NULL pointers; from grendel@@zeitbombe.org; ok deraadt@@
   - deraadt@@cvs.openbsd.org 2002/06/27 09:08:00
     [monitor.c]
     improve mm_zalloc check; markus ok
   - deraadt@@cvs.openbsd.org 2002/06/27 10:35:47
     [auth2-none.c monitor.c sftp-client.c]
     use xfree()
   - stevesk@@cvs.openbsd.org 2002/06/27 19:49:08
     [ssh-keyscan.c]
     use convtime(); ok markus@@
   - millert@@cvs.openbsd.org 2002/06/28 01:49:31
     [monitor_mm.c]
     tree(3) wants an int return value for its compare functions and
     the difference between two pointers is not an int.  Just do the
     safest thing and store the result in a long and then return 0,
     -1, or 1 based on that result.
   - deraadt@@cvs.openbsd.org 2002/06/28 01:50:37
     [monitor_wrap.c]
     use ssize_t
   - deraadt@@cvs.openbsd.org 2002/06/28 10:08:25
     [sshd.c]
     range check -u option at invocation
   - deraadt@@cvs.openbsd.org 2002/06/28 23:05:06
     [sshd.c]
     gidset[2] -> gidset[1]; markus ok
   - deraadt@@cvs.openbsd.org 2002/06/30 21:54:16
     [auth2.c session.c sshd.c]
     lint asks that we use names that do not overlap
   - deraadt@@cvs.openbsd.org 2002/06/30 21:59:45
     [auth-bsdauth.c auth-skey.c auth2-chall.c clientloop.c key.c
      monitor_wrap.c monitor_wrap.h scard.h session.h sftp-glob.c ssh.c
      sshconnect2.c sshd.c]
     minor KNF
   - deraadt@@cvs.openbsd.org 2002/07/01 16:15:25
     [msg.c]
     %u
   - markus@@cvs.openbsd.org 2002/07/01 19:48:46
     [sshconnect2.c]
     for compression=yes, we fallback to no-compression if the server does
     not support compression, vice versa for compression=no. ok mouring@@
   - markus@@cvs.openbsd.org 2002/07/03 09:55:38
     [ssh-keysign.c]
     use RSA_blinding_on() for rsa hostkeys (suggested by Bill Sommerfeld)
     in order to avoid a possible Kocher timing attack pointed out by Charles
     Hannum; ok provos@@
   - markus@@cvs.openbsd.org 2002/07/03 14:21:05
     [ssh-keysign.8 ssh-keysign.c ssh.c ssh_config]
     re-enable ssh-keysign's sbit, but make ssh-keysign read 
     /etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled 
     globally. based on discussions with deraadt, itojun and sommerfeld; 
     ok itojun@@
 - (bal) Failed password attempts don't increment counter on AIX. Bug #145
 - (bal) Missed Makefile.in change.  keysign needs readconf.o
 - (bal) Clean up aix_usrinfo().  Ignore TTY= period I guess.
  
20020702
 - (djm) Use PAM_MSG_MEMBER for PAM_TEXT_INFO messages, use xmalloc & 
   friends consistently. Spotted by Solar Designer <solar@@openwall.com>

20020629
 - (bal) fix to auth2-pam.c to swap fatal() arguments,  A bit of style
   clean up while I'm near it.

20020628
 - (stevesk) [sshd_config] PAMAuthenticationViaKbdInt no; commented
   options should contain default value.  from solar.
 - (bal) Cygwin uid0 fix by vinschen@@redhat.com
 - (bal) s/config.h/includes.h/ in openbsd-compat/ for *.c.  Otherwise wise
   have issues of our fixes not propogating right (ie bcopy instead of
   memmove).  OK tim
 - (bal) FreeBSD needs <sys/types.h> to detect if mmap() is supported.
   Bug #303

20020627
 - OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2002/06/26 14:49:36
     [monitor.c]
     correct %u
   - deraadt@@cvs.openbsd.org 2002/06/26 14:50:04
     [monitor_fdpass.c]
     use ssize_t for recvmsg() and sendmsg() return
   - markus@@cvs.openbsd.org 2002/06/26 14:51:33
     [ssh-add.c]
     fix exit code for -X/-x
   - deraadt@@cvs.openbsd.org 2002/06/26 15:00:32
     [monitor_wrap.c]
     more %u
   - markus@@cvs.openbsd.org 2002/06/26 22:27:32
     [ssh-keysign.c]
     bug #304, xfree(data) called to early; openssh@@sigint.cs.purdue.edu

a70 2
 - (tim) [contrib/caldera/openssh.spec] remove 2 configure options I put in
   by mistake
d162 1009
a1170 1
$Id: ChangeLog,v 1.2491.2.1 2002/10/03 05:45:53 djm Exp $
@


1.1.1.4
log
@Vendor import of OpenSSH-portable 3.6.1p1.
@
text
@a0 538
20030401
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2003/03/28 10:11:43
     [scp.1 sftp.1 ssh.1 ssh-add.1 ssh-agent.1 ssh_config.5 sshd_config.5]
     [ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8]
     - killed whitespace
     - new sentence new line
     - .Bk for arguments
     ok markus@@
   - markus@@cvs.openbsd.org 2003/04/01 10:10:23
     [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
     [readconf.h serverloop.c sshconnect2.c]
     rekeying bugfixes and automatic rekeying:
     * both client and server rekey _automatically_
           (a) after 2^31 packets, because after 2^32 packets
               the sequence number for packets wraps
           (b) after 2^(blocksize_in_bits/4) blocks
       (see: draft-ietf-secsh-newmodes-00.txt)
       (a) and (b) are _enabled_ by default, and only disabled for known
       openssh versions, that don't support rekeying properly.
     * client option 'RekeyLimit'
     * do not reply to requests during rekeying
   - markus@@cvs.openbsd.org 2003/04/01 10:22:21
     [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
     [readconf.h serverloop.c sshconnect2.c]
     backout rekeying changes (for 3.6.1)
   - markus@@cvs.openbsd.org 2003/04/01 10:31:26
     [compat.c compat.h kex.c]
     bugfix causes stalled connections for ssh.com < 3.0; noticed by ho@@; 
     tested by ho@@ and myself
   - markus@@cvs.openbsd.org 2003/04/01 10:56:46
     [version.h]
     3.6.1
 - (djm) Crank spec file versions
 - (djm) Release 3.6.1p1

20030326
 - (djm) OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2003/03/26 04:02:51
     [sftp-server.c]
     one last fix to the tree: race fix broke stuff; pr 3169; 
     srp@@srparish.net, help from djm

20030325
 - (djm) Fix getpeerid support for 64 bit BE systems. From 
    Arnd Bergmann <arndb@@de.ibm.com>

20030324
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/03/23 19:02:00
     [monitor.c]
     unbreak rekeying for privsep; ok millert@@
 - Release 3.6p1
 - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo.
   Report from murple@@murple.net, diagnosis from dtucker@@zip.com.au

20030320
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/03/17 10:38:38
     [progressmeter.c]
     don't print \n if backgrounded; from ho@@
   - markus@@cvs.openbsd.org 2003/03/17 11:43:47
     [version.h]
     enter 3.6
 - (bal) The days of lack of int64_t support are over.  Sorry kids.
 - (bal) scp.c 'limit' conflicts with Cray.  Rename to 'limitbw'
 - (bal) Collection of Cray patches (bsd-cray.h fix for CRAYT3E and improved
   guessing rules)
 - (bal) Disable Privsep for Tru64 after pre-authentication due to issues
   with SIA.  Also, clean up of tru64 support patch by Chris Adams
   <cmadams@@hiwaay.net>
 - (tim) [contrib/caldera/openssh.spec] workaround RPM quirk. Fix %files

20030318
 - (tim) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
   add nanosleep(). testing/corrections by Darren Tucker <dtucker@@zip.com.au>

20030317
 - (djm) Fix return value checks for RAND_bytes. Report from 
   Steve G <linux_4ever@@yahoo.com>

20030315
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/03/13 11:42:19
     [authfile.c ssh-keysign.c]
     move RSA_blinding_on to generic key load method
   - markus@@cvs.openbsd.org 2003/03/13 11:44:50
     [ssh-agent.c]
     ssh-agent is similar to ssh-keysign (allows other processes to use
     private rsa keys). however, it gets key over socket and not from
     a file, so we have to do blinding here as well.

20030310
- (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/03/05 22:33:43
     [channels.c monitor.c scp.c session.c sftp-client.c sftp-int.c]
     [sftp-server.c ssh-add.c sshconnect2.c]
     fix memory leaks; from dlheine@@suif.Stanford.EDU/CLOUSEAU; ok djm@@
 - (djm) One more portable-specific one from dlheine@@suif.Stanford.EDU/
   CLOUSEAU
 - (djm) Bug #245: TTY problems on Solaris. Fix by stevesk@@ and 
   dtucker@@zip.com.au
 - (djm) AIX package builder update from dtucker@@zip.com.au

20030225
 - (djm) Fix some compile errors spotted by dtucker and his fabulous 
   tinderbox

20030224
 - (djm) Tweak gnome-ssh-askpass2:
   - Retry kb and mouse grab a couple of times, so passphrase dialog doesn't 
     immediately fail if you are doing something else when it appears (e.g. 
     dragging a window)
   - Perform server grab after we have the keyboard and/or pointer to avoid 
     races.
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/01/27 17:06:31
     [sshd.c]
     more specific error message when /var/empty has wrong permissions;
     bug #46, map@@appgate.com; ok henning@@, provos@@, stevesk@@
   - markus@@cvs.openbsd.org 2003/01/28 16:11:52
     [scp.1]
     document -l; pekkas@@netcore.fi
   - stevesk@@cvs.openbsd.org 2003/01/28 17:24:51
     [scp.1]
     remove example not pertinent with -1 addition; ok markus@@
   - jmc@@cvs.openbsd.org 2003/01/31 21:54:40
     [sshd.8]
     typos; sshd(8): help and ok markus@@
     help and ok millert@@
   - markus@@cvs.openbsd.org 2003/02/02 10:51:13
     [scp.c]
     call okname() only when using system(3) for remote-remote copy;
     fixes bugs #483, #472; ok deraadt@@, mouring@@
   - markus@@cvs.openbsd.org 2003/02/02 10:56:08
     [kex.c]
     add support for key exchange guesses; based on work by
     avraham.fraenkel@@commatch.com; fixes bug #148; ok deraadt@@
   - markus@@cvs.openbsd.org 2003/02/03 08:56:16
     [sshpty.c]
     don't call error() for readonly /dev; from soekris list; ok mcbride,
     henning, deraadt.
   - markus@@cvs.openbsd.org 2003/02/04 09:32:08
     [key.c]
     better debug3 message
   - markus@@cvs.openbsd.org 2003/02/04 09:33:22
     [monitor.c monitor_wrap.c]
     skey/bsdauth: use 0 to indicate failure instead of -1, because
     the buffer API only supports unsigned ints.
   - markus@@cvs.openbsd.org 2003/02/05 09:02:28
     [readconf.c]
     simplify ProxyCommand parsing, remove strcat/xrealloc; ok henning@@, djm@@
   - markus@@cvs.openbsd.org 2003/02/06 09:26:23
     [session.c]
     missing call to setproctitle() after authentication; ok provos@@
   - markus@@cvs.openbsd.org 2003/02/06 09:27:29
     [ssh.c ssh_config.5]
     support 'ProxyCommand none'; bugzilla #433; binder@@arago.de; ok djm@@
   - markus@@cvs.openbsd.org 2003/02/06 09:29:18
     [sftp-server.c]
     fix races in rename/symlink; from Tony Finch; ok djm@@
   - markus@@cvs.openbsd.org 2003/02/06 21:22:43
     [auth1.c auth2.c]
     undo broken fix for #387, fixes #486
   - markus@@cvs.openbsd.org 2003/02/10 11:51:47
     [ssh-add.1]
     xref sshd_config.5 (not sshd.8); mark@@summersault.com; bug #490
   - markus@@cvs.openbsd.org 2003/02/12 09:33:04
     [key.c key.h ssh-dss.c ssh-rsa.c]
     merge ssh-dss.h ssh-rsa.h into key.h; ok deraadt@@
   - markus@@cvs.openbsd.org 2003/02/12 21:39:50
     [crc32.c crc32.h]
     replace crc32.c with a BSD licensed version; noted by David Turner
   - markus@@cvs.openbsd.org 2003/02/16 17:09:57
     [kex.c kexdh.c kexgex.c kex.h sshconnect2.c sshd.c ssh-keyscan.c]
     split kex into client and server code, no need to link
     server code into the client; ok provos@@
   - markus@@cvs.openbsd.org 2003/02/16 17:30:33
     [monitor.c monitor_wrap.c]
     fix permitrootlogin forced-commands-only for privsep; bux #387; 
     ok provos@@
   - markus@@cvs.openbsd.org 2003/02/21 09:05:53
     [servconf.c]
     print sshd_config filename in debug2 mode.
   - mpech@@cvs.openbsd.org 2003/02/21 10:34:48
     [auth-krb4.c]
     ...sizeof(&adat.session) is not good here.
     henning@@, deraadt@@, millert@@
 - (djm) Add new object files to Makefile and reorder
 - (djm) Bug #501: gai_strerror should return char*; 
   fix from dtucker@@zip.com.au
 - (djm) Most of Bug #499: Cygwin compile fixes for new progressmeter;
   From vinschen@@redhat.com
 - (djm) Rest of Bug #499: Import a basename() function from OpenBSD libc
 - (djm) Bug #494: Allow multiple accounts on Windows 9x/Me; 
   From vinschen@@redhat.com
 - (djm) Bug #456: Support for NEC SX6 with Unicos; from wendyp@@cray.com

20030211
 - (djm) Cygwin needs libcrypt too. Patch from vinschen@@redhat.com

20030206
 - (djm) Teach fake-getaddrinfo to use getservbyname() when provided a 
   string service name. Suggested by markus@@, review by itojun@@

20030131
 - (bal) AIX 4.2.1 lacks nanosleep().  Patch to use nsleep() provided by
   dtucker@@zip.com.au

20030130
 - (djm) Unbreak root password auth. Spotted by dtucker@@zip.com.au

200301028
 - (djm) Search libposix4 and librt for nanosleep. From dtucker@@zip.com.au 
   and openssh-unix-dev@@thewrittenword.com 

200301027
 - (bal) Bugzilla 477 patch by wendyp@@cray.com.  Define TIOCGPGRP for
   cray.  Also removed test for tcgetpgrp in configure.ac since it
   is no longer used.

20030124
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2003/01/23 08:58:47
     [sshd_config.5]
     typos; ok millert@@
   - markus@@cvs.openbsd.org 2003/01/23 13:50:27
     [authfd.c authfd.h readpass.c ssh-add.1 ssh-add.c ssh-agent.c]
     ssh-add -c, prompt user for confirmation (using ssh-askpass) when
     private agent key is used; with djm@@; test by dugsong@@, djm@@; 
     ok deraadt@@
   - markus@@cvs.openbsd.org 2003/01/23 14:01:53
     [scp.c]
     bandwidth limitation patch (scp -l) from niels@@; ok todd@@, deraadt@@
   - markus@@cvs.openbsd.org 2003/01/23 14:06:15
     [scp.1 scp.c]
     scp -12; Sam Smith and others; ok provos@@, deraadt@@
 - (djm) Add TIMEVAL_TO_TIMESPEC macros

20030123
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2003/01/23 00:03:00
     [auth1.c]
     Don't log TIS auth response; "get rid of it" - markus@@

20030122
 - (djm) OpenBSD CVS Sync
   - marc@@cvs.openbsd.org 2003/01/21 18:14:36
     [ssh-agent.1 ssh-agent.c]
     Add a -t life option to ssh-agent that set the default lifetime.
     The default can still be overriden by using -t in ssh-add.
     OK markus@@
 - (djm) Reorganise PAM & SIA password handling to eliminate some common code
 - (djm) Sync regress with OpenBSD -current

20030120
 - (djm) Fix compilation for NetBSD from dtucker@@zip.com.au
 - (tim) [progressmeter.c] make compilers without long long happy.
 - (tim) [configure.ac] Add -belf to build ELF binaries on OpenServer 5 when
   using cc. (gcc already did)

20030118
 - (djm) Revert fix for Bug #442 for now.

20030117
 - (djm) Bug #470: Detect strnvis, not strvis in configure.
    From d_wllms@@lanl.gov

20030116
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2003/01/16 03:41:55
     [sftp-int.c]
     explicitly use first glob result

20030114
 - (djm) OpenBSD CVS Sync
   - fgsch@@cvs.openbsd.org 2003/01/10 23:23:24
     [sftp-int.c]
     typo; from Nils Nordman <nino at nforced dot com>.
   - markus@@cvs.openbsd.org 2003/01/11 18:29:43
     [log.c]
     set fatal_cleanups to NULL in fatal_remove_all_cleanups(); 
     dtucker@@zip.com.au
   - markus@@cvs.openbsd.org 2003/01/12 16:57:02
     [progressmeter.c]
     allow WARNINGS=yes; ok djm@@
   - djm@@cvs.openbsd.org 2003/01/13 11:04:04
     [sftp-int.c]
     make cmds[] array static to avoid conflict with BSDI libc.
     mindrot bug #466. Fix from mdev@@idg.nl; ok markus@@
   - djm@@cvs.openbsd.org 2003/01/14 10:58:00
     [sftp-client.c sftp-int.c]
     Don't try to upload or download non-regular files. Report from
     apoloval@@pantuflo.escet.urjc.es; ok markus@@

20030113
 - (djm) Rework openbsd-compat/setproctitle.c a bit: move emulation type
   detection to configure.ac. Prompted by stevesk@@
 - (djm) Bug #467: Add a --disable-strip option to turn off stripping of 
   installed binaries. From mdev@@idg.nl

20030110
 - (djm) Enable new setproctitle emulation for Linux, AIX and HP/UX. More 
   systems may be added later.
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2003/01/08 23:53:26
     [sftp.1 sftp.c sftp-int.c sftp-int.h]
     Cleanup error handling for batchmode
     Allow blank lines and comments in input
     Ability to suppress abort on error in batchmode ("-put blah")
     Fixes mindrot bug #452; markus@@ ok
   - fgsch@@cvs.openbsd.org 2003/01/10 08:19:07
     [scp.c sftp.1 sftp.c sftp-client.c sftp-int.c  progressmeter.c]
     [progressmeter.h]
     sftp progress meter support.
     original diffs by Nils Nordman <nino at nforced dot com> via 
     markus@@, merged to -current by me, djm@@ ok.
   - djm@@cvs.openbsd.org 2003/01/10 08:48:15
     [sftp-client.c]
     Simplify and avoid redundancy in packet send and receive 
     functions; ok fgs@@
   - djm@@cvs.openbsd.org 2003/01/10 10:29:35
     [scp.c]
     Don't ftruncate after write error, creating sparse files of 
     incorrect length
     mindrot bug #403, reported by rusr@@cup.hp.com; ok markus@@
   - djm@@cvs.openbsd.org 2003/01/10 10:32:54
     [channels.c]
     hush socket() errors, except last. Fixes mindrot bug #408; ok markus@@

20030108
 - (djm) Sync openbsd-compat/ with OpenBSD -current
 - (djm) Avoid redundant xstrdup/xfree in auth2-pam.c. From Solar via markus@@
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/01/01 18:08:52
     [channels.c]
     move big output buffer messages to debug2
   - djm@@cvs.openbsd.org 2003/01/06 23:51:22
     [sftp-client.c]
     Fix "get -p" download to not add user-write perm. mindrot bug #426
     reported by gfernandez@@livevault.com; ok markus@@
   - fgsch@@cvs.openbsd.org 2003/01/07 23:42:54
     [sftp.1]
     add version; from Nils Nordman <nino at nforced dot com> via markus@@.
     markus@@ ok
 - (djm) Update README to reflect AIX's status as a well supported platform.
   From dtucker@@zip.com.au
 - (tim) [Makefile.in configure.ac] replace fixpath with sed script. Patch
   by Mo DeJong.
 - (tim) [auth.c] declare today at top of allowed_user() to keep
   older compilers happy.
 - (tim) [scp.c] make compilers without long long happy.

20030107
 - (djm) Bug #401: Work around Linux breakage with IPv6 mapped addresses. 
   Based on fix from yoshfuji@@linux-ipv6.org
 - (djm) Bug #442: Check for and deny access to accounts with locked 
   passwords. Patch from dtucker@@zip.com.au
 - (djm) Bug #44: Use local mkstemp() rather than glibc's silly one. Fixes
   Can't pass KRB4 TGT passing. Fix from: jan.iven@@cern.ch
 - (djm) Fix Bug #442 for PAM case
 - (djm) Bug #110: bogus error messages in lastlog_get_entry(). Fix based
   on one by peak@@argo.troja.mff.cuni.cz
 - (djm) Bug #111: Run syslog and stderr logging through strnvis to eliminate
   nasties. Report from peak@@argo.troja.mff.cuni.cz
 - (djm) Bug #178: On AIX /etc/nologin wasnt't shown to users. Fix from 
   Ralf.Wenk@@fh-karlsruhe.de and dtucker@@zip.com.au
 - (djm) Fix my fix of the fix for the Bug #442 for PAM case. Spotted by 
   dtucker@@zip.com.au. Reorder for clarity too.

20030103
 - (djm) Bug #461: ssh-copy-id fails with no arguments. Patch from 
   cjwatson@@debian.org
 - (djm) Bug #460: Filling utmp[x]->ut_addr_v6 if present. Patch from 
   cjwatson@@debian.org
 - (djm) Bug #446: Set LOGIN env var to pw_name on AIX. Patch from 
   mii@@ornl.gov 

20030101
  - (stevesk) [session.c sshlogin.c sshlogin.h] complete portable
    parts of pass addrlen with sockaddr * fix.
    from Hajimu UMEMOTO <ume@@FreeBSD.org>

20021222
 - (bal) OpenBSD CVS Sync
   - fgsch@@cvs.openbsd.org 2002/11/15 10:03:09
     [authfile.c]
     lseek(2) may return -1 when getting the public/private key lenght.
     Simplify the code and check for errors using fstat(2).

     Problem reported by Mauricio Sanchez, markus@@ ok.
   - markus@@cvs.openbsd.org 2002/11/18 16:43:44
     [clientloop.c]
     don't overwrite SIG{INT,QUIT,TERM} handler if set to SIG_IGN;
     e.g. if ssh is used for backup; report Joerg Schilling; ok millert@@
   - markus@@cvs.openbsd.org 2002/11/21 22:22:50
     [dh.c]
     debug->debug2
   - markus@@cvs.openbsd.org 2002/11/21 22:45:31
     [cipher.c kex.c packet.c sshconnect.c sshconnect2.c]
     debug->debug2, unify debug messages
   - deraadt@@cvs.openbsd.org 2002/11/21 23:03:51
     [auth-krb5.c auth1.c hostfile.h monitor_wrap.c sftp-client.c sftp-int.c ssh-add.c ssh-rsa.c 
      sshconnect.c]
     KNF
   - markus@@cvs.openbsd.org 2002/11/21 23:04:33
     [ssh.c]
     debug->debug2
   - stevesk@@cvs.openbsd.org 2002/11/24 21:46:24
     [ssh-keysign.8]
     typo: "the the"
   - wcobb@@cvs.openbsd.org 2002/11/26 00:45:03
     [scp.c ssh-keygen.c]
     Remove unnecessary fflush(stderr) calls, stderr is unbuffered by default.
     ok markus@@
   - stevesk@@cvs.openbsd.org 2002/11/26 02:35:30
     [ssh-keygen.1]
     remove outdated statement; ok markus@@ deraadt@@
   - stevesk@@cvs.openbsd.org 2002/11/26 02:38:54
     [canohost.c]
     KNF, comment and error message repair; ok markus@@
   - markus@@cvs.openbsd.org 2002/11/27 17:53:35
     [scp.c sftp.c ssh.c]
     allow usernames with embedded '@@', e.g. scp user@@vhost@@realhost:file /tmp;
     http://bugzilla.mindrot.org/show_bug.cgi?id=447; ok mouring@@, millert@@
   - stevesk@@cvs.openbsd.org 2002/12/04 04:36:47
     [session.c]
     remove xauth entries before add; PR 2994 from janjaap@@stack.nl.
     ok markus@@
   - markus@@cvs.openbsd.org 2002/12/05 11:08:35
     [scp.c]
     use roundup() similar to rcp/util.c and avoid problems with strange
     filesystem block sizes, noted by tjr@@freebsd.org; ok djm@@
   - djm@@cvs.openbsd.org 2002/12/06 05:20:02
     [sftp.1]
     Fix cut'n'paste error, spotted by matthias.riese@@b-novative.de; ok deraadt@@
   - millert@@cvs.openbsd.org 2002/12/09 16:50:30
     [ssh.c]
     Avoid setting optind to 0 as GNU getopt treats that like we do optreset.
     markus@@ OK
   - markus@@cvs.openbsd.org 2002/12/10 08:56:00
     [session.c]
     Make sure $SHELL points to the shell from the password file, even if shell
     is overridden from login.conf; bug#453; semen at online.sinor.ru; ok millert@@
   - markus@@cvs.openbsd.org 2002/12/10 19:26:50
     [packet.c]
     move tos handling to packet_set_tos; ok provos/henning/deraadt
   - markus@@cvs.openbsd.org 2002/12/10 19:47:14
     [packet.c]
     static
   - markus@@cvs.openbsd.org 2002/12/13 10:03:15
     [channels.c misc.c sshconnect2.c]
     cleanup debug messages, more useful information for the client user.
   - markus@@cvs.openbsd.org 2002/12/13 15:20:52
     [scp.c]
     1) include stalling time in total time
     2) truncate filenames to 45 instead of 20 characters
     3) print rate instead of progress bar, no more stars
     4) scale output to tty width
     based on a patch from Niels; ok fries@@ lebel@@ fgs@@ millert@@
 - (bal) [msg.c msg.h scp.c ssh-keysign.c sshconnect2.c]  Resync CVS IDs since 
   we already did s/msg_send/ssh_msg_send/

20021205
 - (djm) PERL-free fixpaths from stuge-openssh-unix-dev@@cdy.org

20021122
 - (tim) [configure.ac] fix STDPATH test for IRIX. First reported by
   advax@@triumf.ca. This type of solution tested by <herb@@sgi.com>

20021113
 - (tim) [configure.ac] remove unused variables no_libsocket and no_libnsl

20021111
 - (tim) [contrib/solaris/opensshd.in] add umask 022 so sshd.pid is
   not world writable.

20021109
 - (bal) OpenBSD CVS Sync
   - itojun@@cvs.openbsd.org 2002/10/16 14:31:48
     [sftp-common.c]
     64bit pedant.  %llu is "unsigned long long".  markus ok
   - markus@@cvs.openbsd.org 2002/10/23 10:32:13
     [packet.c]
     use %u for u_int
   - markus@@cvs.openbsd.org 2002/10/23 10:40:16
     [bufaux.c]
     %u for u_int
   - markus@@cvs.openbsd.org 2002/11/04 10:07:53
     [auth.c]
     don't compare against pw_home if realpath fails for pw_home (seen 
     on AFS); ok djm@@
   - markus@@cvs.openbsd.org 2002/11/04 10:09:51
     [packet.c]
     log before send disconnect; ok djm@@
   - markus@@cvs.openbsd.org 2002/11/05 19:45:20
     [monitor.c]
     handle overflows for size_t larger than u_int; siw@@goneko.de, bug #425
   - markus@@cvs.openbsd.org 2002/11/05 20:10:37
     [sftp-client.c]
     typo; GaryF@@livevault.com
   - markus@@cvs.openbsd.org 2002/11/07 16:28:47
     [sshd.c]
     log to stderr if -ie is given, bug #414, prj@@po.cwru.edu
   - markus@@cvs.openbsd.org 2002/11/07 22:08:07
     [readconf.c readconf.h ssh-keysign.8 ssh-keysign.c]
     we cannot use HostbasedAuthentication for enabling ssh-keysign(8),
     because HostbasedAuthentication might be enabled based on the
     target host and ssh-keysign(8) does not know the remote hostname
     and not trust ssh(1) about the hostname, so we add a new option
     EnableSSHKeysign; ok djm@@, report from zierke@@informatik.uni-hamburg.de
   - markus@@cvs.openbsd.org 2002/11/07 22:35:38
     [scp.c]
     check exit status from ssh, and exit(1) if ssh fails; bug#369; 
     binder@@arago.de
 - (bal) Update ssh-host-config and minor rewrite of bsd-cygwin_util.c
   ntsec now default if cygwin version beginning w/ version 56.  Patch
   by Corinna Vinschen <vinschen@@redhat.com> 
 - (bal) AIX does not log login attempts for unknown users (bug #432).
   patch by dtucker@@zip.com.au

20021021
 - (djm) Bug #400: Kill ssh-rand-helper children on timeout, patch from 
   dtucker@@zip.com.au
 - (djm) Bug #317: FreeBSD needs libutil.h for openpty() Report from 
   dirk.meyer@@dinoex.sub.org

20021015
 - (bal) Fix bug id 383 and only call loginrestrict for AIX if not root.
 - (bal) More advanced strsep test by Darren Tucker <dtucker@@zip.com.au>

20021015
 - (tim) [contrib/caldera/openssh.spec] make ssh-agent setgid nobody

20021004
 - (bal) Disable post-authentication Privsep for OSF/1.  It conflicts with
   SIA.

d10 1
a10 1
 - (djm) Bug #406: s/msg_send/ssh_msg_send/ for Mac OS X 1.2
d760 1
a760 1
$Id: ChangeLog,v 1.2648 2003/04/01 11:47:16 djm Exp $
@


1.1.1.5
log
@Vendor import of OpenSSH 3.7.1p2.
@
text
@a0 1134
20030923
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/09/18 07:52:54
     [sshconnect.c]
     missing {}; bug #656; jclonguet at free.fr
   - markus@@cvs.openbsd.org 2003/09/18 07:54:48
     [buffer.c]
     protect against double free; #660;  zardoz at users.sf.net
   - markus@@cvs.openbsd.org 2003/09/18 08:49:45
     [deattack.c misc.c session.c ssh-agent.c]
     more buffer allocation fixes; from Solar Designer; CAN-2003-0682;
     ok millert@@
   - markus@@cvs.openbsd.org 2003/09/19 09:02:02
     [packet.c]
     buffer_dump only if PACKET_DEBUG is defined; Jedi/Sector One; pr 3471
 - (djm) Fix SSH1 challenge kludge
 - (djm) Bug #671: Fix builds on OpenBSD
 - (djm) Bug #676: Fix PAM stack corruption
 - (djm) Fix bad free() in PAM code
 - (djm) Don't call pam_end before pam_init
 - (djm) Enable build with old OpenSSL again
 - (djm) Trim deprecated options from INSTALL. Mention UsePAM
 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
 - (djm) Crank version.h and spec version numbers
 - (djm) Release 3.7.1p2

20030922
 - (dtucker) [Makefile.in] Bug #644: Fix "make clean" for out-of-tree
   builds.  Portability corrections from tim@@.
 - (dtucker) [configure.ac] Bug #665: uid swapping issues on Mac OS X.
   Patch from max at quendi.de.
 - (dtucker) [configure.ac] Bug #657: uid swapping issues on BSDi.
 - (dtucker) [configure.ac] Bug #653: uid swapping issues on Tru64.
 - (dtucker) [configure.ac] Bug #693: uid swapping issues on NCR MP-RAS.
   Patch from david.haughton at ncr.com
 - (dtucker) [configure.ac] Bug #659: uid swapping issues on IRIX 6.
   Part of patch supplied by bugzilla-openssh at thewrittenword.com
 - (dtucker) [configure.ac openbsd-compat/fake-rfc2553.c
   openbsd-compat/fake-rfc2553.h] Bug #659: Test for and handle systems with
   where gai_strerror is defined as "const char *".  Part of patch supplied
   by bugzilla-openssh at thewrittenword.com
 - (dtucker) [contrib/cygwin/README contrib/cygwin/ssh-host-config] Update
   ssh-host-config to match current defaults, bump README version.  Patch from
   vinschen at redhat.com.
 - (dtucker) [uidswap.c] Don't test restoration of uid on Cygwin since the
   OS does not support permanently dropping privileges.  Patch from
   vinschen at redhat.com.
 - (dtucker) [openbsd-compat/port-aix.c] Use correct include for xmalloc.h,
   add canohost.h to stop warning.  Based on patch from openssh-unix-dev at
   thewrittenword.com
 - (dtucker) [INSTALL] Bug #686: Document requirement for zlib 1.1.4 or
   higher.
 - (tim) Fix typo. s/SETEIUD_BREAKS_SETUID/SETEUID_BREAKS_SETUID/
 - (tim) [configure.ac] Bug 665: move 3 new AC_DEFINES outside of AC_TRY_RUN.
   Report by distler AT golem ph utexas edu.
 - (dtucker) [contrib/aix/pam.conf] Include example pam.conf for AIX from
   article by genty at austin.ibm.com, included with the author's permission.
 - (tim) [configure.ac] add --disable-etc-default-login option. ok djm

20030919
 - (djm) Bug #683: Remove reference to --with-ipv4-default from INSTALL;
   djast AT cs.toronto.edu
 - (djm) Bug #680: Remove missing inet_ntoa.h header reference
 - (djm) Bug #646: Fix location of x11-ssh-askpass; Jim
 - (dtucker) [openbsd-compat/port-aix.h] Bug #640: Don't include audit.h
   unless required.  Reorder to reduce warnings.
 - (dtucker) [session.c] Bug #643: Fix size_t -> u_int and fix null deref
   when /etc/default/login doesn't exist or isn't readable.  Fixes from
   jparsons-lists at saffron.net and georg.oppenberg at deu mci com.

20030918
 - (djm) Bug #652: Fix empty password auth

20030917
 - (djm) OpenBSD Sync
   - markus@@cvs.openbsd.org 2003/09/16 21:02:40
     [buffer.c channels.c version.h]
     more malloc/fatal fixes; ok millert/deraadt; ghudson at MIT.EDU
 - (djm) Crank RPM spec versions
 - (djm) Release 3.7.1p1

20030916
 - (dtucker) [acconfig.h configure.ac defines.h session.c] Bug #252: Retrieve
   PATH (or SUPATH) and UMASK from /etc/default/login on platforms that have it
   (eg Solaris, Reliant Unix).  Patch from Robert.Dahlem at siemens.com.  
   ok djm@@
 - (bal) OpenBSD Sync
   - deraadt@@cvs.openbsd.org 2003/09/16 03:03:47
     [buffer.c]
     do not expand buffer before attempting to reallocate it; markus ok
 - (djm) Crank spec versions
 - (djm) Banish (safe) sprintf from auth-pam.c. Patch from bal
 - (tim) [configure.ac] Fix portability issues.
 - (djm) Release 3.7p1

20030914
 - (dtucker) [Makefile regress/Makefile] Fix portability issues preventing
   the regression tests from running with Solaris' make.  Patch from Brian
   Poole (raj at cerias.purdue.edu).
 - (dtucker) [regress/Makefile] AIX's make doesn't like " +=", so replace
   with vanilla "=".

20030913
 - (dtucker) [regress/agent-timeout.sh] Timeout of 5 sec is borderline for
   slower hosts, increase to 10 sec.
 - (dtucker) [auth-passwd.c] On AIX, call setauthdb() before loginsuccess(),
   required to correctly reset failed login count when using a password
   registry other than "files" (eg LDAP, see bug #543).
 - (tim) [configure.ac] define WITH_ABBREV_NO_TTY for SCO.
   Report by Roger Cornelius.
 - (dtucker) [auth-pam.c] Use SSHD_PAM_SERVICE for PAM service name, patch
   from cjwatson at debian.org.

20030912
 - (tim) [regress/agent-ptrace.sh] sh doesn't like "if ! shell_function; then".
 - (tim) [Makefile.in] only mkdir regress if it does not exist.
 - (tim) [regress/yes-head.sh] shell portability fix.

20030911
 - (dtucker) [configure.ac] Bug #588, #615: Move other libgen tests to after
   the dirname test, to allow a broken dirname to be detected correctly.
   Based partially on patch supplied by alex.kiernan at thus.net.  ok djm@@
 - (tim) [configure.ac] Move libgen tests to before libwrap to unbreak
   UnixWare 2.03 using --with-tcp-wrappers.
 - (tim) [configure.ac] Prefer setuid/setgid on UnixWare and Open Server.
 - (tim) [regress/agent-ptrace.sh regress/dynamic-forward.sh
   regress/sftp-cmds.sh regress/stderr-after-eof.sh regress/test-exec.sh]
   no longer depends on which(1). patch by dtucker@@

20030910
 - (dtucker) [configure.ac] Bug #636: Add support for Cray's new X1 machine.
   Patch from wendyp at cray.com.
 - (dtucker) [configure.ac] Part of bug #615: tcsendbreak might be a macro.
 - (dtucker) [regressh/yes-head.sh] Some platforms (eg Solaris) don't have
   "yes".

20030909
 - (tim) [regress/Makefile] Fixes for building outside of a read-only
   source tree.
 - (tim) [regress/agent-timeout.sh] s/TIMEOUT/SSHAGENT_TIMEOUT/ Fixes conflict
   with shell read-only variable.
 - (tim) [regress/sftp-badcmds.sh regress/sftp-cmds.sh] Fix errors like
   UX:rm: ERROR: Cannot remove '.' or '..'

20030908
 - (tim) [configure.ac openbsd-compat/getrrsetbyname.c] wrap _getshort and
   _getlong in #ifndef
 - (tim) [configure.ac acconfig.h openbsd-compat/getrrsetbyname.c] test for
   HEADER.ad in arpa/nameser.h
 - (tim) [ssh-keygen.c] s/PATH_MAX/MAXPATHLEN/ ok mouring@@

20030907
 - (dtucker) [agent-ptrace.sh dynamic-forward.sh (all regress/)]
   Put "which" inside quotes.
 - (dtucker) [dynamic-forward.sh forwarding.sh sftp-batch.sh (all regress/)]
   Add ${EXEEXT}: required to work on Cygwin.
 - (dtucker) [regress/sftp-batch.sh] Make temporary batch file name more
   distinctive, so "rm ${BATCH}.*" doesn't match the script itself.
 - (dtucker) [regress/sftp-cmds.sh] Skip quoted file test on Cygwin.
 - (dtucker) [openbsd-compat/xcrypt.c] #elsif -> #elif
 - (dtucker) [acconfig.h] Typo.
 - (dtucker) [CREDITS Makefile.in configure.ac mdoc2man.awk mdoc2man.pl]
   Replace mdoc2man.pl with mdoc2man.awk, provided by Peter Stuge.

20030906
 - (dtucker) [acconfig.h configure.ac uidswap.c] Prefer setuid/setgid on AIX.

20030905
 - (dtucker) [Makefile.in] Add distclean target for regress/, fix clean target.

20030904
 - (dtucker) Portablize regression tests.  Parts contributed by Roumen
   Petrov, David M. Williams and Corinna Vinschen.
   - [Makefile.in] Add "make tests" target and "make clean" hooks.
   - [regress/agent-getpeereid.sh] Skip test on platforms that don't support
     getpeereid.
   - [regress/agent-ptrace.sh] Skip tests if platform doesn't support it or
     gdb cannot be found.
   - [regress/reconfigure/sh] Make path to sshd fully qualified if required.
   - [regress/rekey.sh] Remove dependence on /dev/zero (not all platforms have
     it).  The sparse file will take less disk space too.
   - [regress/sftp-cmds.sh] Ensure files used for test are readable.
   - [regress/stderr-after-eof.sh] Search for a usable checksum program.
   - [regress/sftp-badcmds.sh regress/sftp-cmds.sh regress/sftp.sh
     regress/ssh-com-client.sh regress/ssh-com-sftp.sh regress/stderr-data.sh
     regress/transfer.sh] Use ${EXEEXT} where appropriate.
   - [regress/sftp.sh regress/ssh-com-sftp.sh] Remove dependency on /dev/stdin.
   - [regress/agent-ptrace.sh regress/agent-timeout.sh]
     "grep -q" -> "grep >/dev/null"
   - [regress/agent.sh regress/proto-version.sh regress/ssh-com.sh
     regress/test-exec.sh] Handle different ways of echoing without newlines.
   - [regress/dynamic-forward.sh] Some "which" programs output on stderr.
   - [regress/sftp-cmds.sh] Use portable "test" option.
   - [regress/test-exec.sh] Use sudo, search for "whoami" equivalent, always
     use Strictmodes no, wait longer for sshd startup.
   - [regress/Makefile] Remove BSDisms.
   - [regress/README.regress] Add a basic readme.
   - [Makefile.in regress/agent-getpeereid.sh] config.h is now in $BUILDDIR
     not $OBJ.
   - [Makefile.in regress/agent-ptrace] Fix minor regress issues on Cygwin.

20030903
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/08/26 09:58:43
     [auth-passwd.c auth.c auth.h auth1.c auth2-none.c auth2-passwd.c]
     [auth2.c monitor.c]
     fix passwd auth for 'username leaks via timing'; with djm@@, original 
     patches from solar
   - markus@@cvs.openbsd.org 2003/08/28 12:54:34
     [auth.h]
     remove kerberos support from ssh1, since it has been replaced with GSSAPI;
     but keep kerberos passwd auth for ssh1 and 2; ok djm, hin, henning, ...
   - markus@@cvs.openbsd.org 2003/09/02 16:40:29
     [version.h]
     enter 3.7
   - jmc@@cvs.openbsd.org 2003/09/02 18:50:06
     [sftp.1 ssh_config.5]
     escape punctuation;
     ok deraadt@@

20030902
 - (djm) OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2003/08/24 17:36:51
     [auth2-gss.c]
     64 bit cleanups; markus ok
   - markus@@cvs.openbsd.org 2003/08/28 12:54:34
     [auth-krb5.c auth.h auth1.c monitor.c monitor.h monitor_wrap.c]
     [monitor_wrap.h readconf.c servconf.c session.c ssh_config.5]
     [sshconnect1.c sshd.c sshd_config sshd_config.5]
     remove kerberos support from ssh1, since it has been replaced with GSSAPI;
     but keep kerberos passwd auth for ssh1 and 2; ok djm, hin, henning, ...
   - markus@@cvs.openbsd.org 2003/08/29 10:03:15
     [compat.c compat.h]
     SSH_BUG_K5USER is unused; ok henning@@
   - markus@@cvs.openbsd.org 2003/08/29 10:04:36
     [channels.c nchan.c]
     be less chatty; debug -> debug2, cleanup; ok henning@@
   - markus@@cvs.openbsd.org 2003/08/31 10:26:04
     [progressmeter.c]
     pass file_size + 1 to snprintf: fixes printing of truncated
     file names; fix based on patch/report from sturm@@;
   - markus@@cvs.openbsd.org 2003/08/31 12:14:22
     [progressmeter.c]
     do write to buf[-1]
   - markus@@cvs.openbsd.org 2003/08/31 13:29:05
     [session.c]
     call ssh_gssapi_storecreds conditionally from do_exec(); 
     with sxw@@inf.ed.ac.uk
   - markus@@cvs.openbsd.org 2003/08/31 13:30:18
     [gss-serv.c]
     correct string termination in parse_ename(); sxw@@inf.ed.ac.uk
   - markus@@cvs.openbsd.org 2003/08/31 13:31:57
     [gss-serv.c]
     whitspace KNF
   - markus@@cvs.openbsd.org 2003/09/01 09:50:04
     [sshd_config.5]
     gss kex is not supported; sxw@@inf.ed.ac.uk
   - markus@@cvs.openbsd.org 2003/09/01 12:50:46
     [readconf.c]
     rm gssapidelegatecreds alias; never supported before
   - markus@@cvs.openbsd.org 2003/09/01 13:52:18
     [ssh.h]
     rm whitespace
   - markus@@cvs.openbsd.org 2003/09/01 18:15:50
     [readconf.c readconf.h servconf.c servconf.h ssh.c]
     remove unused kerberos code; ok henning@@
   - markus@@cvs.openbsd.org 2003/09/01 20:44:54
     [auth2-gss.c]
     fix leak
 - (djm) Don't initialise pam_conv structures inline. Avoids HP/UX compiler
   error. Part of Bug #423, patch from  michael_steffens AT hp.com
 - (djm) Bug #423: reorder setting of PAM_TTY and calling of PAM session 
   management (now done in do_setusercontext). Largely from 
   michael_steffens AT hp.com
 - (djm) Fix openbsd-compat/ again - remove references to strl(cpy|cat).h 
 
20030829
 - (bal) openbsd-compat/ clean up.  Considate headers, add in Id on our
   files, and added missing license to header.

20030826
 - (djm) Bug #629: Mark ssh_config option "pamauthenticationviakbdint"
   as deprecated. Remove mention from README.privsep. Patch from 
   aet AT cc.hut.fi
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/08/22 10:56:09
     [auth2.c auth2-gss.c auth.h compat.c compat.h gss-genr.c gss-serv-krb5.c
     gss-serv.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h readconf.c
     readconf.h servconf.c servconf.h session.c session.h ssh-gss.h
     ssh_config.5 sshconnect2.c sshd_config sshd_config.5]
     support GSS API user authentication; patches from Simon Wilkinson,
     stripped down and tested by Jakob and myself.
   - markus@@cvs.openbsd.org 2003/08/22 13:20:03
     [sshconnect2.c]
     remove support for "kerberos-2@@ssh.com"
   - markus@@cvs.openbsd.org 2003/08/22 13:22:27
     [auth2.c] (auth2-krb5.c removed)
     nuke "kerberos-2@@ssh.com"
   - markus@@cvs.openbsd.org 2003/08/22 20:55:06
     [LICENCE]
     add Simon Wilkinson
   - deraadt@@cvs.openbsd.org 2003/08/24 17:36:52
     [monitor.c monitor_wrap.c sshconnect2.c]
     64 bit cleanups; markus ok
   - fgsch@@cvs.openbsd.org 2003/08/25 08:13:09
     [sftp-int.c]
     fix div by zero when listing for filename lengths longer than width.
     markus@@ ok.
   - djm@@cvs.openbsd.org 2003/08/25 10:33:33
     [sshconnect2.c]
     fprintf->logit to silence login banner with "ssh -q"; ok markus@@
 - (dtucker) [Makefile.in acconfig.h auth-krb5.c auth-pam.c auth-pam.h
   configure.ac defines.h gss-serv-krb5.c session.c ssh-gss.h sshconnect1.c
   sshconnect2.c] Add Portable GSSAPI support, patch by Simon Wilkinson.
 - (dtucker) [Makefile.in] Remove auth2-krb5.
 - (dtucker) [contrib/aix/inventory.sh] Add public domain notice.  ok mouring@@
   (the original author)
 - (dtucker) [auth.c] Do not check for locked accounts when PAM is enabled.

20030825
 - (djm) Bug #621: Select OpenSC keys by usage attributes. Patch from 
   larsch@@trustcenter.de
 - (bal) openbsd-compat/ OpenBSD updates.  Mostly licensing, ansifications
   and minor fixes. OK djm@@
 - (bal) redo how we handle 'mysignal()'.  Move it to 
   openbsd-compat/bsd-misc.c, s/mysignal/signal/ and #define signal to
   be our 'mysignal' by default.  OK djm@@
 - (dtucker) [acconfig.h auth.c configure.ac sshd.8] Bug #422 again: deny
   any access to locked accounts.  ok djm@@
 - (djm) Bug #564: Perform PAM account checks for all authentications when
   UsePAM=yes; ok dtucker
 - (dtucker) [configure.ac] Bug #533, #551: define BROKEN_GETADDRINFO on
   Tru64, solves getnameinfo and "bad addr or host" errors.  ok djm@@
 - (dtucker) [README buildbff.sh inventory.sh] (all in contrib/aix)
   Update package builder: correctly handle config variables, use lsuser
   rather than /etc/passwd, fix typos, add Id's.

20030822
 - (djm) s/get_progname/ssh_get_progname/g to avoid conflict with Heimdal 
   -lbroken; ok dtucker 
 - (dtucker) [contrib/cygwin/ssh-user-config] Put keys in authorized_keys
   rather that authorized_keys2.  Patch from vinschen@@redhat.com.

20030821
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/08/14 16:08:58
     [ssh-keygen.c]
     exit after primetest, ok djm@@
 - (dtucker) [defines.h] Put CMSG_DATA, CMSG_FIRSTHDR with other CMSG* macros,
   change CMSG_DATA to use __CMSG_ALIGN (and thus work properly), reformat for
   consistency.
 - (dtucker) [configure.ac] Move openpty/ctty test outside of case statement
   and after normal openpty test.

20030813
 - (dtucker) [session.c] Remove #ifdef TIOCSBRK kludge.
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/08/13 08:33:02
     [session.c]
     use more portable tcsendbreak(3) and ignore break_length;
     ok deraadt, millert
   - markus@@cvs.openbsd.org 2003/08/13 08:46:31
     [auth1.c readconf.c readconf.h servconf.c servconf.h ssh.c ssh_config
     ssh_config.5 sshconnect1.c sshd.8 sshd.c sshd_config sshd_config.5]
     remove RhostsAuthentication; suggested by djm@@ before; ok djm@@, deraadt@@,
     fgsch@@, miod@@, henning@@, jakob@@ and others
   - markus@@cvs.openbsd.org 2003/08/13 09:07:10
     [readconf.c ssh.c]
     socks4->socks, since with support both 4 and 5; dtucker@@zip.com.au
 - (dtucker) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
   Add a tcsendbreak function for platforms that don't have one, based on the
   one from OpenBSD.

20030811
 - (dtucker) OpenBSD CVS Sync
   (thanks to Simon Wilkinson for help with this -dt)
   - markus@@cvs.openbsd.org 2003/07/16 15:02:06
     [auth-krb5.c]
     mcc -> fcc; from Love Hrnquist strand <lha@@it.su.se>
     otherwise the kerberos credentinal is stored in a memory cache
     in the privileged sshd. ok jabob@@, hin@@ (some time ago)
 - (dtucker) [openbsd-compat/xcrypt.c] Remove Cygwin #ifdef block (duplicate
   in bsd-cygwin_util.h).

20030808
 - (dtucker) [openbsd-compat/fake-rfc2553.h] Older Linuxes have AI_PASSIVE and
   AI_CANONNAME in netdb.h but not AI_NUMERICHOST, so check each definition
   separately before defining them.
 - (dtucker) [auth-pam.c] Don't set PAM_TTY if tty is null.  ok djm@@

20030807
 - (dtucker) [session.c] Have session_break_req not attempt to send a break
   if TIOCSBRK and TIOCCBRK are not defined (eg Cygwin).
 - (dtucker) [canohost.c] Bug #336: Only check ip options if IP_OPTIONS is
   defined (fixes compile error on really old Linuxes).
 - (dtucker) [defines.h] Bug #336: Add CMSG_DATA and CMSG_FIRSTHDR macros if
   not already defined (eg Linux with some versions of libc5), based on those
   from OpenBSD.
 - (dtucker) [openbsd-compat/bsd-cygwin_util.c openbsd-compat/bsd-cygwin_util.h]
   Remove incorrect filenames from comments (file names are in Id tags).
 - (dtucker) [session.c openbsd-compat/bsd-cygwin_util.h] Move Cygwin
   specific defines and includes to bsd-cygwin_util.h.  Fixes build error too.

20030802
 - (dtucker) [monitor.h monitor_wrap.h] Remove excess ident tags.
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/07/22 13:35:22
     [auth1.c auth.h auth-passwd.c monitor.c monitor.h monitor_wrap.c
     monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c ssh.1
     ssh.c ssh_config.5 sshconnect1.c sshd.c sshd_config.5 ssh.h]
     remove (already disabled) KRB4/AFS support, re-enable -k in ssh(1);
     test+ok henning@@
 - (dtucker) [Makefile.in acconfig.h configure.ac] Remove KRB4/AFS support.
 - (dtucker) [auth-krb4.c radix.c radix.h] Remove KRB4/AFS specific files.
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/07/23 07:42:43
     [sshd_config]
     remove AFS; itojun@@
   - djm@@cvs.openbsd.org 2003/07/28 09:49:56
     [ssh-keygen.1 ssh-keygen.c]
     Support for generating Diffie-Hellman groups (/etc/moduli) from ssh-keygen.
     Based on code from Phil Karn, William Allen Simpson and Niels Provos.
     ok markus@@, thanks jmc@@
   - markus@@cvs.openbsd.org 2003/07/29 18:24:00
     [LICENCE progressmeter.c]
     replace 4 clause BSD licensed progressmeter code with a replacement
     from Nils Nordman and myself; ok deraadt@@
     (copied from OpenBSD an re-applied portable changes)
   - markus@@cvs.openbsd.org 2003/07/29 18:26:46
     [progressmeter.c]
     fix length for "- stalled -" (included with previous import)
   - markus@@cvs.openbsd.org 2003/07/30 07:44:14
     [progressmeter.c]
     use only 4 digits in format_size (included with previous import)
   - markus@@cvs.openbsd.org 2003/07/30 07:53:27
     [progressmeter.c]
     whitespace (included with previous import)
   - markus@@cvs.openbsd.org 2003/07/31 09:21:02
     [auth2-none.c]
     check whether passwd auth is allowd, similar to proto 1; rob@@pitman.co.za
     ok henning
   - avsm@@cvs.openbsd.org 2003/07/31 15:50:16
     [atomicio.c]
     correct comment: atomicio takes vwrite, not write; deraadt@@ ok
   - markus@@cvs.openbsd.org 2003/07/31 22:34:03
     [progressmeter.c]
     print rate similar old version; round instead truncate;
     (included in previous progressmeter.c commit)
 - (dtucker) [openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
   Add a tcgetpgrp function.
 - (dtucker) [Makefile.in moduli.c moduli.h] Add new files and to Makefile.
 - (dtucker) [openbsd-compat/bsd-misc.c] Fix cut-and-paste bug in tcgetpgrp.

20030730
 - (djm) [auth-pam.c] Don't use crappy APIs like sprintf. Thanks bal

20030726
 - (dtucker) [openbsd-compat/xcrypt.c] Fix typo: DISABLED_SHADOW ->
   DISABLE_SHADOW.  Fixes HP-UX compile error.

20030724
 - (bal) [auth-passwd.c openbsd-compat/Makefile.in openbsd-compat/xcrypt.c 
    openbsd-compat/xcrypt.h] Split off encryption into xcrypt() interface,
    and isolate shadow password functions.  Tested in Solaris, but should
    not break other platforms too badly (except maybe HP =).  Also brings
    auth-passwd.c into full sync with OpenBSD tree.

20030723
 - (dtucker) [configure.ac] Back out change for bug #620.

20030719
 - (dtucker) [configure.ac] Bug #620: Define BROKEN_GETADDRINFO for
   Solaris/x86.  Patch from jrhett at isite.net.
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/07/14 12:36:37
     [sshd.c]
     remove undocumented -V option. would be only useful if openssh is used
     as ssh v1 server for ssh.com's ssh v2.
   - markus@@cvs.openbsd.org 2003/07/16 10:34:53
     [ssh.c sshd.c]
     don't exit on multiple -v or -d; ok deraadt@@
   - markus@@cvs.openbsd.org 2003/07/16 10:36:28
     [sshtty.c]
     clear IUCLC in enter_raw_mode; from rob@@pitman.co.za; ok deraadt@@, fgs@@
   - deraadt@@cvs.openbsd.org 2003/07/18 01:54:25
     [scp.c]
     userid is unsigned, but well, force it anyways; andrushock@@korovino.net
   - djm@@cvs.openbsd.org 2003/07/19 00:45:53
     [sftp-int.c]
     fix sftp filename parsing for arguments with escaped quotes. bz #517;
     ok markus
   - djm@@cvs.openbsd.org 2003/07/19 00:46:31
     [regress/sftp-cmds.sh]
     regress test for sftp arguments with escaped quotes; ok markus

20030714
 - (dtucker) [acconfig.h configure.ac port-aix.c] Older AIXes don't declare
   loginfailed at all, so assume 3-arg loginfailed if not declared.
 - (dtucker) [port-aix.h] Work around name collision on AIX for r_type by
   undef'ing it.
 - (dtucker) Bug #543: [configure.ac port-aix.c port-aix.h]
   Call setauthdb() before loginfailed(), which may load password registry-
   specific functions.  Based on patch by cawlfiel at us.ibm.com.
 - (dtucker) [port-aix.h] Fix prototypes.
 - (dtucker) OpenBSD CVS Sync
   - avsm@@cvs.openbsd.org 2003/07/09 13:58:19
     [key.c]
     minor tweak: when generating the hex fingerprint, give strlcat the full
     bound to the buffer, and add a comment below explaining why the
     zero-termination is one less than the bound.  markus@@ ok
   - markus@@cvs.openbsd.org 2003/07/10 14:42:28
     [packet.c]
     the 2^(blocksize*2) rekeying limit is too expensive for 3DES,
     blowfish, etc, so enforce a 1GB limit for small blocksizes.
   - markus@@cvs.openbsd.org 2003/07/10 20:05:55
     [sftp.c]
     sync usage with manpage, add missing -R

20030708
 - (dtucker) [acconfig.h auth-passwd.c configure.ac session.c port-aix.[ch]]
   Include AIX headers for authentication functions and make calls match
   prototypes.  Test for and handle 3-arg and 4-arg variants of loginfailed.
 - (dtucker) [session.c] Check return value of setpcred().
 - (dtucker) [auth-passwd.c auth.c session.c sshd.c port-aix.c port-aix.h]
   Convert aixloginmsg into platform-independant Buffer loginmsg.

20030707
 - (dtucker) [configure.ac] Bug #600: Check that getrusage is declared before
   searching libraries for it.  Fixes build errors on NCR MP-RAS.

20030706
 - (dtucker) [ssh-rand-helper.c loginrec.c]
   Apply atomicio typing change to these too.

20030703
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2003/06/28 07:48:10
     [sshd.c]
     report pidfile creation errors, based on patch from Roumen Petrov;
     ok markus@@
   - deraadt@@cvs.openbsd.org 2003/06/28 16:23:06
     [atomicio.c atomicio.h authfd.c clientloop.c monitor_wrap.c msg.c
     progressmeter.c scp.c sftp-client.c ssh-keyscan.c ssh.h sshconnect.c
     sshd.c]
     deal with typing of write vs read in atomicio
   - markus@@cvs.openbsd.org 2003/06/29 12:44:38
     [sshconnect.c]
     memset 0, not \0; andrushock@@korovino.net
   - markus@@cvs.openbsd.org 2003/07/02 12:56:34
     [channels.c]
     deny dynamic forwarding with -R for v1, too; ok djm@@
   - markus@@cvs.openbsd.org 2003/07/02 14:51:16
     [channels.c ssh.1 ssh_config.5]
     (re)add socks5 suppport to -D; ok djm@@
     now ssh(1) can act both as a socks 4 and socks 5 server and
     dynamically forward ports.
   - markus@@cvs.openbsd.org 2003/07/02 20:37:48
     [ssh.c]
     convert hostkeyalias to lowercase, otherwise uppercase aliases will
     not match at all; ok henning@@
   - markus@@cvs.openbsd.org 2003/07/03 08:21:46
     [regress/dynamic-forward.sh]
     add socks5; speedup; reformat; based on patch from dtucker@@zip.com.au
   - markus@@cvs.openbsd.org 2003/07/03 08:24:13
     [regress/Makefile]
     enable tests for dynamic fwd via socks (-D), uses nc(1)
   - djm@@cvs.openbsd.org 2003/07/03 08:09:06
     [readconf.c readconf.h ssh-keysign.c ssh.c]
     fix AddressFamily option in config file, from brent@@graveland.net;
     ok markus@@

20030630
 - (djm) Search for support functions necessary to build our 
   getrrsetbyname() replacement. Patch from Roumen Petrov 

20030629
 - (dtucker) [includes.h] Bug #602: move #include of netdb.h to after in.h
   (fixes compiler warnings on Solaris 2.5.1).
 - (dtucker) [configure.ac] Add sanity test after system-dependant compiler
   flag modifications.
   
20030628
 - (djm) Bug #591: use PKCS#15 private key label as a comment in case 
   of OpenSC. Report and patch from larsch@@trustcenter.de
 - (djm) Bug #593: Sanity check OpenSC card reader number; patch from 
   aj@@dungeon.inka.de
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/06/23 09:02:44
     [ssh_config.5]
     document EnableSSHKeysign; bugzilla #599; ok deraadt@@, jmc@@
   - markus@@cvs.openbsd.org 2003/06/24 08:23:46
     [auth2-hostbased.c auth2-pubkey.c auth2.c channels.c key.c key.h
      monitor.c packet.c packet.h serverloop.c sshconnect2.c sshd.c]
     int -> u_int; ok djm@@, deraadt@@, mouring@@
   - miod@@cvs.openbsd.org 2003/06/25 22:39:36
     [sftp-server.c]
     Typo police: attribute is better written with an 'r'.
   - markus@@cvs.openbsd.org 2003/06/26 20:08:33
     [readconf.c]
     do not dump core for 'ssh -o proxycommand host'; ok deraadt@@
 - (dtucker) [regress/dynamic-forward.sh] Import new regression test.
 - (dtucker) [configure.ac] Bug #570: Have ./configure --enable-FEATURE 
   actually enable the feature, for those normally disabled.  Patch by
   openssh (at) roumenpetrov.info.

20030624
 - (dtucker) Have configure refer the user to config.log and
   contrib/findssl.sh for OpenSSL header/library mismatches.

20030622
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/06/21 09:14:05
     [regress/reconfigure.sh]
     missing $SUDO; from dtucker@@zip.com.au
   - markus@@cvs.openbsd.org 2003/06/18 11:28:11
     [ssh-rsa.c]
     backout last change, since it violates pkcs#1
     switch to share/misc/license.template
   - djm@@cvs.openbsd.org 2003/06/20 05:47:58
     [sshd_config.5]
     sync description of protocol 2 cipher proposal; ok markus
   - djm@@cvs.openbsd.org 2003/06/20 05:48:21
     [sshd_config]
     sync some implemented options; ok markus@@
 - (dtucker) [regress/authorized_keys_root] Remove temp data file from CVS.
 - (dtucker) [openbsd-compat/setproctitle.c] Ensure SPT_TYPE is defined before
   testing its value.

20030618
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/06/12 07:57:38
     [monitor.c sshlogin.c sshpty.c]
     typos; dtucker at zip.com.au
   - djm@@cvs.openbsd.org 2003/06/12 12:22:47
     [LICENCE]
     mention more copyright holders; ok markus@@
   - nino@@cvs.openbsd.org 2003/06/12 15:34:09
     [scp.c]
     Typo. Ok markus@@.
   - markus@@cvs.openbsd.org 2003/06/12 19:12:03
     [scard.c scard.h ssh-agent.c ssh.c]
     add sc_get_key_label; larsch at trustcenter.de; bugzilla#591
   - markus@@cvs.openbsd.org 2003/06/16 08:22:35
     [ssh-rsa.c]
     make sure the signature has at least the expected length (don't
     insist on len == hlen + oidlen, since this breaks some smartcards)
     bugzilla #592; ok djm@@
   - markus@@cvs.openbsd.org 2003/06/16 10:22:45
     [ssh-add.c]
     print out key comment on each prompt; make ssh-askpass more useable; ok djm@@
   - markus@@cvs.openbsd.org 2003/06/17 18:14:23
     [cipher-ctr.c]
     use license from /usr/share/misc/license.template for new code
 - (dtucker) [reconfigure.sh rekey.sh sftp-badcmds.sh]
   Import new regression tests from OpenBSD
 - (dtucker) [regress/copy.1 regress/copy.2] Remove temp data files from CVS.
 - (dtucker) OpenBSD CVS Sync (regress/)
   - markus@@cvs.openbsd.org 2003/04/02 12:21:13
     [Makefile]
     enable rekey test
   - djm@@cvs.openbsd.org 2003/04/04 09:34:22
     [Makefile sftp-cmds.sh]
     More regression tests, including recent directory rename bug; ok markus@@
   - markus@@cvs.openbsd.org 2003/05/14 22:08:27
     [ssh-com-client.sh ssh-com-keygen.sh ssh-com-sftp.sh ssh-com.sh]
     test against some new commerical versions
   - mouring@@cvs.openbsd.org 2003/05/15 04:07:12
     [sftp-cmds.sh]
     Advanced put/get testing for sftp.  OK @@djm
   - markus@@cvs.openbsd.org 2003/06/12 15:40:01
     [try-ciphers.sh]
     add ctr
   - markus@@cvs.openbsd.org 2003/06/12 15:43:32
     [Makefile]
     test -HUP; dtucker at zip.com.au

20030614
 - (djm) Update license on fake-rfc2553.[ch]; ok itojun@@

20030611
 - (djm) Mention portable copyright holders in LICENSE
 - (djm) Put licenses on substantial header files
 - (djm) Sync LICENSE against OpenBSD
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2003/06/10 09:12:11
     [scp.1 sftp-server.8 ssh.1 ssh-add.1 ssh-agent.1 ssh_config.5]
     [sshd.8 sshd_config.5 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8]
     - section reorder
     - COMPATIBILITY merge
     - macro cleanup
     - kill whitespace at EOL
     - new sentence, new line
     ssh pages ok markus@@
   - deraadt@@cvs.openbsd.org 2003/06/10 22:20:52
     [packet.c progressmeter.c]
     mostly ansi cleanup; pval ok
   - jakob@@cvs.openbsd.org 2003/06/11 10:16:16
     [sshconnect.c]
     clean up check_host_key() and improve SSHFP feedback. ok markus@@
   - jakob@@cvs.openbsd.org 2003/06/11 10:18:47
     [dns.c]
     sync with check_host_key() change
   - djm@@cvs.openbsd.org 2003/06/11 11:18:38
     [authfd.c authfd.h ssh-add.c ssh-agent.c]
     make agent constraints (lifetime, confirm) work with smartcard keys; 
     ok markus@@


20030609
 - (djm) Sync README.smartcard with OpenBSD -current
 - (djm) Re-merge OpenSC info into README.smartcard

20030606
 - (dtucker) [uidswap.c] Fix setreuid and add missing args to fatal(). ok djm@@

20030605
 - (djm) Support AI_NUMERICHOST in fake-getaddrinfo.c. Needed for recent
   canohost.c changes.
 - (djm) Implement paranoid priv dropping checks, based on:
   "SetUID demystified" - Hao Chen, David Wagner and Drew Dean
   Proceedings of USENIX Security Symposium 2002
 - (djm) Don't use xmalloc() or pull in toplevel headers in fake-* code
 - (djm) Merge all the openbsd/fake-* into fake-rfc2553.[ch]
 - (djm) Bug #588 - Add scard-opensc.o back to Makefile.in
   Patch from larsch@@trustcenter.de
 - (djm) Bug #589 - scard-opensc: load only keys with a private keys
   Patch from larsch@@trustcenter.de
 - (dtucker) Add includes.h to fake-rfc2553.c so it will build.
 - (dtucker) Define EAI_NONAME in fake-rfc2553.h (used by fake-rfc2553.c).

20030604
 - (djm) Bug #573 - Remove unneeded Krb headers and compat goop. Patch from
   simon@@sxw.org.uk (Also matches a change in OpenBSD a while ago)
 - (djm) Bug #577 - wrong flag in scard-opensc.c sc_private_decrypt. 
   Patch from larsch@@trustcenter.de; ok markus@@
 - (djm) Bug #584: scard-opensc.c doesn't work without PIN. Patch from 
   larsch@@trustcenter.de; ok markus@@
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2003/06/04 08:25:18
     [sshconnect.c]
     disable challenge/response and keyboard-interactive auth methods 
     upon hostkey mismatch. based on patch from fcusack AT fcusack.com. 
     bz #580; ok markus@@
   - djm@@cvs.openbsd.org 2003/06/04 10:23:48
     [sshd.c]
     remove duplicated group-dropping code; ok markus@@
   - djm@@cvs.openbsd.org 2003/06/04 12:03:59
     [serverloop.c]
     remove bitrotten commet; ok markus@@
   - djm@@cvs.openbsd.org 2003/06/04 12:18:49
     [scp.c]
     ansify; ok markus@@
   - djm@@cvs.openbsd.org 2003/06/04 12:40:39
     [scp.c]
     kill ssh process upon receipt of signal, bz #241.
     based on patch from esb AT hawaii.edu; ok markus@@
   - djm@@cvs.openbsd.org 2003/06/04 12:41:22
     [sftp.c]
     kill ssh process on receipt of signal; ok markus@@
 - (djm) Update to fix of bug #584: lock card before return. 
   From larsch@@trustcenter.de
 - (djm) Always use mysignal() for SIGALRM

20030603
 - (djm) Replace setproctitle replacement with code derived from 
   UCB sendmail
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/06/02 09:17:34
     [auth2-hostbased.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c]
     [canohost.c monitor.c servconf.c servconf.h session.c sshd_config]
     [sshd_config.5]
     deprecate VerifyReverseMapping since it's dangerous if combined
     with IP based access control as noted by Mike Harding; replace with
     a UseDNS option, UseDNS is on by default and includes the
     VerifyReverseMapping check; with itojun@@, provos@@, jakob@@ and deraadt@@
     ok deraadt@@, djm@@
   - millert@@cvs.openbsd.org 2003/06/03 02:56:16
     [scp.c]
     Remove the advertising clause in the UCB license which Berkeley
     rescinded 22 July 1999.  Proofed by myself and Theo.
 - (djm) Fix portable-specific uses of verify_reverse_mapping too
 - (djm) Sync openbsd-compat with OpenBSD CVS. 
    - No more 4-term BSD licenses in linked code
 - (dtucker) [port-aix.c bsd-cray.c] Fix uses of verify_reverse_mapping.

20030602
 - (djm) Fix segv from bad reordering in auth-pam.c
 - (djm) Always use saved_argv in sshd.c as compat_init_setproctitle may 
   clobber
 - (tim) openbsd-compat/xmmap.[ch] License clarifications. Add missing
   CVS ID.
 - (djm) Remove "noip6" option from RedHat spec file. This may now be 
   set at runtime using AddressFamily option.
 - (djm) Fix use of macro before #define in cipher-aes.c
 - (djm) Sync license on openbsd-compat/bindresvport.c with OpenBSD CVS
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2003/05/26 12:54:40
     [sshconnect.c]
     fix format strings; ok markus@@
   - deraadt@@cvs.openbsd.org 2003/05/29 16:58:45
     [sshd.c uidswap.c]
     seteuid and setegid; markus ok
   - jakob@@cvs.openbsd.org 2003/06/02 08:31:10
     [ssh_config.5]
     VerifyHostKeyDNS is v2 only. ok markus@@

20030530
 - (dtucker) Add missing semicolon in md5crypt.c, patch from openssh at
   roumenpetrov.info
 - (dtucker) Define SSHD_ACQUIRES_CTTY for NCR MP-RAS and Reliant Unix.

20030526
 - (djm) Avoid auth2-chall.c warning when compiling without 
   PAM, BSD_AUTH and SKEY

20030525
- (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2003/05/24 09:02:22
     [log.c]
     pass logged data through strnvis; ok markus
   - djm@@cvs.openbsd.org 2003/05/24 09:30:40
     [authfile.c monitor.c sftp-common.c sshpty.c]
     cast some types for printing; ok markus@@

20030524
 - (dtucker) Correct --osfsia in INSTALL.  Patch by skeleten at shillest.net

20030523
 - (djm) Use VIS_SAFE on logged strings rather than default strnvis 
   encoding (which encodes many more characters)
 - OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2003/05/20 12:03:35
     [sftp.1]
     - new sentence, new line
     - added .Xr's
     - typos
     ok djm@@
   - jmc@@cvs.openbsd.org 2003/05/20 12:09:31
     [ssh.1 ssh_config.5 sshd.8 sshd_config.5 ssh-keygen.1]
     new sentence, new line
   - djm@@cvs.openbsd.org 2003/05/23 08:29:30
     [sshconnect.c]
     fix leak; ok markus@@

20030520
 - (djm) OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2003/05/18 23:22:01
     [log.c]
     use syslog_r() in a signal handler called place; markus ok
 - (djm) Configure logic to detect syslog_r and friends

20030519
 - (djm) Sync auth-pam.h with what we actually implement

20030518
 - (djm) Return of the dreaded PAM_TTY_KLUDGE, which went missing in 
   recent merge
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2003/05/16 03:27:12
     [readconf.c ssh_config ssh_config.5 ssh-keysign.c]
     add AddressFamily option to ssh_config (like -4, -6 on commandline).
     Portable bug #534; ok markus@@
   - itojun@@cvs.openbsd.org 2003/05/17 03:25:58
     [auth-rhosts.c]
     just in case, put numbers to sscanf %s arg.
   - markus@@cvs.openbsd.org 2003/05/17 04:27:52
     [cipher.c cipher-ctr.c myproposal.h]
     experimental support for aes-ctr modes from
     http://www.ietf.org/internet-drafts/draft-ietf-secsh-newmodes-00.txt
     ok djm@@
 - (djm) Remove IPv4 by default hack now that we can specify AF in config
 - (djm) Tidy and trim TODO
 - (djm) Sync openbsd-compat/ with OpenBSD CVS head
 - (djm) Big KNF on openbsd-compat/
 - (djm) KNF on md5crypt.[ch]
 - (djm) KNF on auth-sia.[ch]

20030517
 - (bal) strcat -> strlcat on openbsd-compat/realpath.c (rev 1.8 OpenBSD)

20030516
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2003/05/15 13:52:10
     [ssh.c]
     Make "ssh -V" print the OpenSSL version in a human readable form. Patch
     from Craig Leres (mindrot at ee.lbl.gov); ok markus@@
   - jakob@@cvs.openbsd.org 2003/05/15 14:02:47
     [readconf.c servconf.c]
     warn for unsupported config option. ok markus@@
   - markus@@cvs.openbsd.org 2003/05/15 14:09:21
     [auth2-krb5.c]
     fix 64bit issue; report itojun@@
   - djm@@cvs.openbsd.org 2003/05/15 14:55:25
     [readconf.c readconf.h ssh_config ssh_config.5 sshconnect.c]
     add a ConnectTimeout option to ssh, based on patch from
     Jean-Charles Longuet (jclonguet at free.fr); portable #207 ok markus@@
 - (djm) Add warning for UsePAM when built without PAM support
 - (djm) A few type mismatch fixes from Bug #565
 - (djm) Guard free_pam_environment against NULL argument. Works around
   HP/UX PAM problems debugged by dtucker

20030515
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2003/05/14 13:11:56
     [ssh-agent.1]
     setup -> set up;
     from wiz@@netbsd
   - jakob@@cvs.openbsd.org 2003/05/14 18:16:20
     [key.c key.h readconf.c readconf.h ssh_config.5 sshconnect.c]
     [dns.c dns.h README.dns ssh-keygen.1 ssh-keygen.c]
     add experimental support for verifying hos keys using DNS as described
     in draft-ietf-secsh-dns-xx.txt. more information in README.dns.
     ok markus@@ and henning@@
   - markus@@cvs.openbsd.org 2003/05/14 22:24:42
     [clientloop.c session.c ssh.1]
     allow to send a BREAK to the remote system; ok various
   - markus@@cvs.openbsd.org 2003/05/15 00:28:28
     [sshconnect2.c]
     cleanup unregister of per-method packet handlers; ok djm@@
   - jakob@@cvs.openbsd.org 2003/05/15 01:48:10
     [readconf.c readconf.h servconf.c servconf.h]
     always parse kerberos options. ok djm@@ markus@@
   - jakob@@cvs.openbsd.org 2003/05/15 02:27:15
     [dns.c]
     add missing freerrset
   - markus@@cvs.openbsd.org 2003/05/15 03:08:29
     [cipher.c cipher-bf1.c cipher-aes.c cipher-3des1.c]
     split out custom EVP ciphers
   - djm@@cvs.openbsd.org 2003/05/15 03:10:52
     [ssh-keygen.c]
     avoid warning; ok jakob@@
   - mouring@@cvs.openbsd.org 2003/05/15 03:39:07
     [sftp-int.c]
     Make put/get (globed and nonglobed) code more consistant. OK djm@@
   - mouring@@cvs.openbsd.org 2003/05/15 03:43:59
     [sftp-int.c sftp.c]
     Teach ls how to display multiple column display and allow users 
     to return to single column format via 'ls -1'.  OK @@djm
   - jakob@@cvs.openbsd.org 2003/05/15 04:08:44
     [readconf.c servconf.c]
     disable kerberos when not supported. ok markus@@
   - markus@@cvs.openbsd.org 2003/05/15 04:08:41
     [ssh.1]
     ~B is ssh2 only
 - (djm) Always parse UsePAM
 - (djm) Configure glue for DNS support (code doesn't work in portable yet)
 - (djm) Import getrrsetbyname() function from OpenBSD libc (for DNS support)
 - (djm) Tidy Makefile clean targets
 - (djm) Adapt README.dns for portable
 - (djm) Avoid uuencode.c warnings
 - (djm) Enable UsePAM when built --with-pam
 - (djm) Only build getrrsetbyname replacement when using --with-dns
 - (djm) Bug #529: sshd doesn't work correctly after SIGHUP (copy argv 
         correctly)
 - (djm) Bug #444: Wrong paths after reconfigure
 - (dtucker) HP-UX needs to include <sys/strtio.h> for TIOCSBRK

20030514
 - (djm) Bug #117: Don't lie to PAM about username
 - (djm) RCSID sync w/ OpenBSD
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2003/04/09 12:00:37
     [readconf.c]
     strip trailing whitespace from config lines before parsing. 
     Fixes bz 528; ok markus@@
   - markus@@cvs.openbsd.org 2003/04/12 10:13:57
     [cipher.c]
     hide cipher details; ok djm@@
   - markus@@cvs.openbsd.org 2003/04/12 10:15:36
     [misc.c]
     debug->debug2
   - naddy@@cvs.openbsd.org 2003/04/12 11:40:15
     [ssh.1]
     document -V switch, fix wording; ok markus@@
   - markus@@cvs.openbsd.org 2003/04/14 14:17:50
     [channels.c sshconnect.c sshd.c ssh-keyscan.c]
     avoid hardcoded SOCK_xx; with itojun@@; should allow ssh over SCTP
   - mouring@@cvs.openbsd.org 2003/04/14 21:31:27
     [sftp-int.c]
     Missing globfree(&g) in process_put() spotted by Vince Brimhall
     <VBrimhall@@novell.com>.  ok@@ Theo
   - markus@@cvs.openbsd.org 2003/04/16 14:35:27
     [auth.h]
     document struct Authctxt; with solar
   - deraadt@@cvs.openbsd.org 2003/04/26 04:29:49
     [ssh-keyscan.c]
     -t in usage(); rogier@@quaak.org
   - mouring@@cvs.openbsd.org 2003/04/30 01:16:20
     [sshd.8 sshd_config.5]
     Escape ?, * and ! in .Ql for nroff compatibility.  OpenSSH Portable 
     Bug #550 and * escaping suggested by jmc@@.
   - david@@cvs.openbsd.org 2003/04/30 20:41:07
     [sshd.8]
     fix invalid .Pf macro usage introduced in previous commit
     ok jmc@@ mouring@@
   - markus@@cvs.openbsd.org 2003/05/11 16:56:48
     [authfile.c ssh-keygen.c]
     change key_load_public to try to read a public from:
     rsa1 private or rsa1 public and ssh2 keys.
     this makes ssh-keygen -e fail for ssh1 keys more gracefully
     for example; report from itojun (netbsd pr 20550).
   - markus@@cvs.openbsd.org 2003/05/11 20:30:25
     [channels.c clientloop.c serverloop.c session.c ssh.c]
     make channel_new() strdup the 'remote_name' (not the caller); ok theo
   - markus@@cvs.openbsd.org 2003/05/12 16:55:37
     [sshconnect2.c]
     for pubkey authentication try the user keys in the following order:
        1. agent keys that are found in the config file
        2. other agent keys
        3. keys that are only listed in the config file
     this helps when an agent has many keys, where the server might
     close the connection before the correct key is used. report & ok pb@@
   - markus@@cvs.openbsd.org 2003/05/12 18:35:18
     [ssh-keyscan.1]
     typo: DSA keys are of type ssh-dss; Brian Poole
   - markus@@cvs.openbsd.org 2003/05/14 00:52:59
     [ssh2.h]
     ranges for per auth method messages
   - djm@@cvs.openbsd.org 2003/05/14 01:00:44
     [sftp.1]
     emphasise the batchmode functionality and make reference to pubkey auth,
     both of which are FAQs; ok markus@@
   - markus@@cvs.openbsd.org 2003/05/14 02:15:47
     [auth2.c monitor.c sshconnect2.c auth2-krb5.c]
     implement kerberos over ssh2 ("kerberos-2@@ssh.com"); tested with jakob@@
     server interops with commercial client; ok jakob@@ djm@@
   - jmc@@cvs.openbsd.org 2003/05/14 08:25:39
     [sftp.1]
     - better formatting in SYNOPSIS
     - whitespace at EOL
     ok djm@@
   - markus@@cvs.openbsd.org 2003/05/14 08:57:49
     [monitor.c]
     http://bugzilla.mindrot.org/show_bug.cgi?id=560
     Privsep child continues to run after monitor killed.
     Pass monitor signals through to child; Darren Tucker
 - (djm) Make portable build with MIT krb5 (some issues remain)
 - (djm) Add new UsePAM configuration directive to allow runtime control
   over usage of PAM. This allows non-root use of sshd when built with
   --with-pam
 - (djm) Die screaming if start_pam() is called when UsePAM=no
 - (djm) Avoid KrbV leak for MIT Kerberos
 - (dtucker) Set ai_socktype and ai_protocol in fake-getaddrinfo.c. ok djm@@
 - (djm) Bug #258: sscanf("[0-9]") -> sscanf("[0123456789]") for portability

20030512
 - (djm) Redhat spec: Don't install profile.d scripts when not 
   building with GNOME/GTK askpass (patch from bet@@rahul.net)

20030510
 - (dtucker) Bug #318: Create ssh_prng_cmds.out during "make" rather than
   "make install".  Patch by roth@@feep.net.
 - (dtucker) Bug #536: Test for and work around openpty/controlling tty
   problem on Linux (fixes "could not set controlling tty" errors).
 - (djm) Merge FreeBSD PAM code: replaces PAM password auth kludge with 
   proper challenge-response module
 - (djm) 2-clause license on loginrec.c, with permission from
   andre@@ae-35.com

20030504
 - (dtucker) Bug #497: Move #include of bsd-cygwin_util.h to openbsd-compat.h.
   Patch from vinschen@@redhat.com.

20030503
 - (dtucker) Add missing "void" to record_failed_login in bsd-cray.c.  Noted
   by wendyp@@cray.com.

20030502
 - (dtucker) Bug #544: ignore invalid cmsg_type on Linux 2.0 kernels,
   privsep should now work.
 - (dtucker) Move handling of bad password authentications into a platform
   specific record_failed_login() function (affects AIX & Unicos). ok mouring@@

20030429
 - (djm) Add back radix.o (used by AFS support), after it went missing from
   Makefile many moons ago
 - (djm) Apply "owl-always-auth" patch from Openwall/Solar Designer
 - (djm) Fix blibpath specification for AIX/gcc
 - (djm) Some systems have basename in -lgen. Fix from ayamura@@ayamura.org

20030428
 - (bal) [defines.h progressmeter.c scp.c] Some more culling of non 64bit 
   hacked code.

20030427
 - (bal) Bug #541: return; was dropped by mistake.  Reported by 
   furrier@@iglou.com
 - (bal) Since we don't support platforms lacking u_int_64.  We may
   as well clean out some of those evil #ifdefs
 - (bal) auth1.c minor resync while looking at the code.
 - (bal) auth2.c same changed as above.

20030409
 - (djm) Bug #539: Specify creation mode with O_CREAT for lastlog. Report 
   from matth@@eecs.berkeley.edu
 - (djm) Make the spec work with Redhat 9.0 (which renames sharutils)
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/04/02 09:48:07
     [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
     [readconf.h serverloop.c sshconnect2.c]
     reapply rekeying chage, tested by henning@@, ok djm@@
   - markus@@cvs.openbsd.org 2003/04/02 14:36:26
     [ssh-keysign.c]
     potential segfault if KEY_UNSPEC; cjwatson@@debian.org; bug #526
   - itojun@@cvs.openbsd.org 2003/04/03 07:25:27
     [progressmeter.c]
     $OpenBSD$
   - itojun@@cvs.openbsd.org 2003/04/03 10:17:35
     [progressmeter.c]
     remove $OpenBSD$, as other *.c does not have it.
   - markus@@cvs.openbsd.org 2003/04/07 08:29:57
     [monitor_wrap.c]
     typo: get correct counters; introduced during rekeying change.
   - millert@@cvs.openbsd.org 2003/04/07 21:58:05
     [progressmeter.c]
     The UCB copyright here is incorrect.  This code did not originate
     at UCB, it was written by Luke Mewburn.  Updated the copyright at
     the author's request.  markus@@ OK
   - itojun@@cvs.openbsd.org 2003/04/08 20:21:29
     [*.c *.h]
     rename log() into logit() to avoid name conflict.  markus ok, from
     netbsd
     - (djm) XXX - Performed locally using:
       "perl -p -i -e 's/(\s|^)log\(/$1logit\(/g' *.c *.h"
   - hin@@cvs.openbsd.org 2003/04/09 08:23:52
     [servconf.c]
     Don't include <krb.h> when compiling with Kerberos 5 support
   - (djm) Fix up missing include for packet.c
   - (djm) Fix missed log => logit occurance (reference by function pointer)

20030402
 - (bal) if IP_TOS is not found or broken don't try to compile in
   packet_set_tos() function call.  bug #527

d57 1242
a1298 1
$Id: ChangeLog,v 1.2994.2.34 2003/09/23 09:33:17 djm Exp $
@


1.1.1.6
log
@Vendor import of OpenSSH 3.8p1.
@
text
@d1 1
a1 1
20040224
d3 1
a3 180
   - markus@@cvs.openbsd.org 2004/02/19 21:15:04
     [sftp-server.c]
     switch to new license.template
   - markus@@cvs.openbsd.org 2004/02/23 12:02:33
     [sshd.c]
     backout revision 1.279; set listen socket to non-block; ok henning.
   - markus@@cvs.openbsd.org 2004/02/23 15:12:46
     [bufaux.c]
     encode 0 correctly in buffer_put_bignum2; noted by Mikulas Patocka
     and drop support for negative BNs; ok otto@@
   - markus@@cvs.openbsd.org 2004/02/23 15:16:46
     [version.h]
     enter 3.8
 - (dtucker) [configure.ac gss-serv-krb5.c ssh-gss.h] Define GSSAPI when found
   with krb5-config, hunt down gssapi.h and friends.  Based partially on patch
   from deengert at anl.gov.  ok djm@@
 - (djm) [groupaccess.c uidswap.c] Bug #787: Size group arrays at runtime 
   using sysconf() if available Based on patches from 
   holger AT van-lengerich.de and openssh_bugzilla AT hockin.org
 - (dtucker) [uidswap.c] Minor KNF.  ok djm@@
 - (tim) [openbsd-compat/getrrsetbyname.c] Make gcc 2.7.2.3 happy.  ok djm@@
 - (djm) Crank RPM spec versions
 - (dtucker) [README] Add pointer to release notes.  ok djm@@
 - (dtucker) {README.platform] Add platform-specific notes.
 - (tim) [configure.ac] SCO3 needs -lcrypt_i for -lprot
 - (djm) Release 3.8p1

20040223
 - (dtucker) [session.c] Bug #789: Only make setcred call for !privsep in the
   non-interactive path.  ok djm@@

20040222
 - (dtucker) [auth-shadow.c auth.c auth.h] Move shadow account expiry test
   to auth-shadow.c, no functional change.  ok djm@@
 - (dtucker) [auth-shadow.c auth.h] Provide warnings of impending account or
   password expiry.  ok djm@@
 - (dtucker) [auth-passwd.c] Only check password expiry once.  Prevents
   multiple warnings if a wrong password is entered.
 - (dtucker) [configure.ac] Apply krb5-config --libs fix to non-gssapi path
   too.

20040220
 - (djm) [openbsd-compat/setproctitle.c] fix comments; from grange@@

20040218
 - (dtucker) [configure.ac] Handle case where krb5-config --libs returns a
   path with a "-" in it.  From Sergio.Gelato at astro.su.se.
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2004/02/17 07:17:29
     [sftp-glob.c sftp.c]
     Remove useless headers; ok deraadt@@
   - djm@@cvs.openbsd.org 2004/02/17 11:03:08
     [sftp.c]
     sftp.c and sftp-int.c, together at last; ok markus@@
   - jmc@@cvs.openbsd.org 2004/02/17 19:35:21
     [sshd_config.5]
     remove cruft left over from RhostsAuthentication removal;
     ok markus@@
 - (djm) [log.c] Correct use of HAVE_OPENLOG_R
 - (djm) [log.c] Tighten openlog_r tests

20040217
 - (djm) Simplify the license on code I have written. No code changes.
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2004/02/17 05:39:51
     [sftp-client.c sftp-client.h sftp-glob.c sftp-glob.h sftp-int.c]
     [sftp-int.h sftp.c]
     switch to license.template for code written by me (belated, I know...)
 - (djm) Bug #698: Specify FILE: for KRB5CCNAME; patch from 
   stadal@@suse.cz and simon@@sxw.org.uk
 - (dtucker) [auth-pam.c] Tidy up PAM debugging.  ok djm@@
 - (dtucker) [auth-pam.c] Store output from pam_session and pam_setcred for
   display after login.  Should fix problems like pam_motd not displaying
   anything, noticed by cjwatson at debian.org.  ok djm@@

20040212
 - (tim) [Makefile.in regress/sftp-badcmds.sh regress/test-exec.sh]
   Portablity fixes. Data sftp transfers needs to be world readable. Some
   older shells hang on while loops when  doing sh -n some_script. OK dtucker@@
 - (tim) [configure.ac] Make sure -lcrypto is before -lsocket for sco3.
   ok mouring@@

20040211
 - (dtucker) [auth-passwd.c auth-shadow.c] Only enable shadow expiry check
   if HAS_SHADOW_EXPIRY is set.
 - (tim) [configure.ac] Fix comment to match code changes in ver 1.117

20040210
 - (dtucker) [auth-passwd.c auth.h openbsd-compat/port-aix.c
   openbsd-compat/port-aix.h] Bug #14: Use do_pwchange to support AIX's
   native password expiry.
 - (dtucker) [LICENCE Makefile.in auth-passwd.c auth-shadow.c auth.c auth.h
   defines.h] Bug #14: Use do_pwchange to support password expiry and force
   change for platforms using /etc/shadow.  ok djm@@
 - (dtucker) [openbsd-compat/fake-rfc2553.h] Bug #563: Prepend ssh_ to compat
   functions to avoid conflicts with Heimdal's libroken.  ok djm@@
 - (dtucker) [auth-pam.c auth-pam.h session.c] Bug #14: Use do_pwchange to
   change expired PAM passwords for SSHv1 connections without privsep.
   pam_chauthtok is still used when privsep is disabled.  ok djm@@
 - (dtucker) [openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Move
   include from port-aix.h to port-aix.c and remove unnecessary function
   definition.  Fixes build errors on AIX.
 - (dtucker) [configure.ac loginrec.c] Bug #464: Use updwtmpx on platforms
   that support it.  from & ok mouring@@
 - (dtucker) [configure.ac] Bug #345: Do not disable utmp on HP-UX 10.x.
   ok djm@@

20040207
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2004/02/06 23:41:13
     [cipher-ctr.c]
     Use EVP_CIPHER_CTX_key_length for key length.  ok markus@@
     (This will fix builds with OpenSSL 0.9.5)
 - (dtucker) [cipher.c] enable AES counter modes with OpenSSL 0.9.5.
   ok djm@@, markus@@

20040206
 - (dtucker) [acss.c acss.h] Fix $Id tags.
 - (dtucker) [cipher-acss.c cipher.c] Enable acss only if building with
   OpenSSL >= 0.9.7.  ok djm@@
 - (dtucker) [session.c] Bug #789: Do not call do_pam_setcred as a non-root
   user, since some modules might fail due to lack of privilege.  ok djm@@
 - (dtucker) [configure.ac] Bug #748: Always define BROKEN_GETADDRINFO
   for HP-UX 11.11.  If there are known-good configs where this is not
   required, please report them.  ok djm@@
 - (dtucker) [sshd.c] Bug #757: Clear child's environment to prevent
   accidentally inheriting from root's environment.  ok djm@@
 - (dtucker) [openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Bug #796:
   Restore previous authdb setting after auth calls.  Fixes problems with
   setpcred failing on accounts that use AFS or NIS password registries.
 - (dtucker) [configure.ac includes.h] Include <sys/stream.h> if present,
   required on Solaris 2.5.1 for queue_t, which is used by <sys/ptms.h>.
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2004/01/30 09:48:57
     [auth-passwd.c auth.h pathnames.h session.c]
     support for password change; ok dtucker@@
     (set password-dead=1w in login.conf to use this).
     In -Portable, this is currently only platforms using bsdauth.
   - dtucker@@cvs.openbsd.org 2004/02/05 05:37:17
     [monitor.c sshd.c]
     Pass SIGALRM through to privsep child if LoginGraceTime expires. ok markus@@
   - markus@@cvs.openbsd.org 2004/02/05 15:33:33
     [progressmeter.c]
     fix ETA for > 4GB; bugzilla #791; ok henning@@ deraadt@@

20040129
 - (dtucker) OpenBSD CVS Sync regress/
   - dtucker@@cvs.openbsd.org 2003/10/11 11:49:49
     [Makefile banner.sh]
     Test missing banner file, suppression of banner with ssh -q, check return
     code from ssh.  ok markus@@
   - jmc@@cvs.openbsd.org 2003/11/07 10:16:44
     [ssh-com.sh]
     adress -> address, and a few more; all from Jonathon Gray;
   - djm@@cvs.openbsd.org 2004/01/13 09:49:06
     [sftp-batch.sh]
 - (dtucker) [configure.ac] Add --without-zlib-version-check.  Feedback from
   tim@@, ok several
 - (dtucker) [configure.ac openbsd-compat/bsd-cray.c openbsd-compat/bsd-cray.h]
   Bug #775: Cray fixes from wendy at cray.com

20040128
 - (dtucker) [regress/README.regress] Add tcpwrappers issue, noted by tim@@
 - (dtucker) [moduli] Import new moduli file from OpenBSD.

20040127
 - (djm) OpenBSD CVS Sync
   - hshoexer@@cvs.openbsd.org 2004/01/23 17:06:03
     [cipher.c]
     enable acss for ssh
     ok deraadt@@ markus@@
   - mouring@@cvs.openbsd.org 2004/01/23 17:57:48
     [sftp-int.c]
     Fix issue pointed out with ls not handling large directories 
     with embeded paths correctly.  OK damien@@
   - hshoexer@@cvs.openbsd.org 2004/01/23 19:26:33
     [cipher.c]
     rename acss@@opebsd.org to acss@@openssh.org
     ok deraadt@@
   - djm@@cvs.openbsd.org 2004/01/25 03:49:09
d5 21
a25 108
     reset nonblocking flag after ConnectTimeout > 0 connect; (bugzilla #785)
     from jclonguet AT free.fr; ok millert@@
   - djm@@cvs.openbsd.org 2004/01/27 10:08:10
     [sftp.c]
     reorder parsing so user:skey@@host:file works (bugzilla #777)
     patch from admorten AT umich.edu; ok markus@@
 - (djm) [acss.c acss.h cipher-acss.c] Portable support for ACSS 
   if libcrypto lacks it

20040126
 - (tim) Typo in regress/README.regress
 - (tim) [regress/test-exec.sh] RhostsAuthentication is deprecated.
 - (tim) [defines.h] Add defines for HFIXEDSZ and T_SIG
 - (tim) [configure.ac includes.h] add <sys/ptms.h> for grantpt() and friends.
 - (tim) [defines.h openbsd-compat/getrrsetbyname.h] Move defines for HFIXEDSZ
   and T_SIG to getrrsetbyname.h

20040124
 - (djm) Typo in openbsd-compat/bsd-openpty.c; from wendyp AT cray.com

20040123 
 - (djm) Do pam_session processing for systems with HAVE_LOGIN_CAP; from 
   ralf.hack AT pipex.net; ok dtucker@@
 - (djm) Bug #776: Update contrib/redhat/openssh.spec to dynamically detect
   Kerberos location (and thus work with Fedora Core 1);
   from jason AT devrandom.org
 - (dtucker) [configure.ac] Bug #788: Test for zlib.h presence and for
   zlib >= 1.1.4.  Partly from jbasney at ncsa.uiuc.edu.  ok djm@@
 - (dtucker) [contrib/cygwin/README] Document new ssh-host-config options.
   Patch from vinschen at redhat.com.
 - (dtucker) [acconfig.h configure.ac includes.h servconf.c session.c]
   Change AFS symbol to USE_AFS to prevent namespace collisions, do not
   include kafs.h unless necessary.  From deengert at anl.gov.
 - (tim) [configure.ac] Remove hard coded -L/usr/local/lib and
   -I/usr/local/include. Users can do LDFLAGS="-L/usr/local/lib" \
   CPPFLAGS="-I/usr/local/include" ./configure if needed.

20040122
 - (dtucker) [configure.ac] Use krb5-config where available for Kerberos/
   GSSAPI detection, libs and includes.  ok djm@@
 - (dtucker) [session.c] Enable AFS support in conjunction with KRB5 not
   just HEIMDAL.
 - (tim) [contrib/solaris/buildpkg.sh] Allow for the possibility of
   /usr/local being a symbolic link. Fixes problem reported by Henry Grebler.

20040121
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2004/01/13 09:25:05
     [sftp-int.c sftp.1 sftp.c]
     Tidy sftp batchmode handling, eliminate junk to stderr (bugzilla #754) and
     enable use of "-b -" to accept batchfile from stdin; ok markus@@
   - jmc@@cvs.openbsd.org 2004/01/13 12:17:33
     [sftp.1]
     remove unnecessary Ic's;
     kill whitespace at EOL;
     ok djm@@
   - markus@@cvs.openbsd.org 2004/01/13 19:23:15
     [compress.c session.c]
     -Wall; ok henning
   - markus@@cvs.openbsd.org 2004/01/13 19:45:15
     [compress.c]
     cast for portability; millert@@
   - markus@@cvs.openbsd.org 2004/01/19 09:24:21
     [channels.c]
     fake consumption for half closed channels since the peer is waiting for
     window adjust messages; bugzilla #790 Matthew Dillon; test + ok dtucker@@
     reproduce with sh -c 'ulimit -f 10; ssh host -n od /bsd | cat > foo'
   - markus@@cvs.openbsd.org 2004/01/19 21:25:15
     [auth2-hostbased.c auth2-pubkey.c serverloop.c ssh-keysign.c sshconnect2.c]
     fix mem leaks; some fixes from Pete Flugstad; tested dtucker@@
   - djm@@cvs.openbsd.org 2004/01/21 03:07:59
     [sftp.c]
     initialise infile in main, rather than statically - from portable
   - deraadt@@cvs.openbsd.org 2004/01/11 21:55:06
     [sshpty.c]
     for pty opening, only use the openpty() path.  the other stuff only needs
     to be in openssh-p; markus ok
 - (djm) [openbsd-compat/bsd-openpty.c] Rework old sshpty.c code into an
   openpty() replacement

20040114
 - (dtucker) [auth-pam.c] Have monitor die if PAM authentication thread exits
   unexpectedly.  with & ok djm@@
 - (dtucker) [auth-pam.c] Reset signal handler in pthread_cancel too, add
   test for case where cleanup has already run.
 - (dtucker) [auth-pam.c] Add minor debugging.

20040113
 - (dtucker) [auth-pam.c] Relocate struct pam_ctxt and prototypes.  No
   functional changes.

20040108
 - (dtucker) [auth-pam.c defines.h] Bug #783: move __unused to defines.h and
   only define if not already.  From des at freebsd.org.
 - (dtucker) [configure.ac] Remove extra (typo) comma.

20040105
 - (dtucker) [contrib/ssh-copy-id] Bug #781: exit if ssh fails.  Patch from
   cjwatson at debian.org.
 - (dtucker) [acconfig.h configure.ac includes.h servconf.c session.c]
   Only enable KerberosGetAFSToken if Heimdal's libkafs is found.  with jakob@@

20040102
 - (djm) OSX/Darwin needs BIND_8_COMPAT to build getrrsetbyname. Report from
   jakob@@
 - (djm) Remove useless DNS support configure summary message. from jakob@@
 - (djm) OSX/Darwin put the PAM headers in a different place, detect this.
   Report from jakob@@
d27 1
a27 419
20031231
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2003/12/22 09:16:58
     [moduli.c ssh-keygen.1 ssh-keygen.c]
     tidy up moduli generation debugging, add -v (verbose/debug) option to
     ssh-keygen; ok markus@@
   - markus@@cvs.openbsd.org 2003/12/22 20:29:55
     [cipher-3des1.c]
     EVP_CIPHER_CTX_cleanup() for the des contexts; pruiksma@@freesurf.fr
   - jakob@@cvs.openbsd.org 2003/12/23 16:12:10
     [servconf.c servconf.h session.c sshd_config]
     implement KerberosGetAFSToken server option. ok markus@@, beck@@
   - millert@@cvs.openbsd.org 2003/12/29 16:39:50
     [sshd_config]
     KeepAlive has been obsoleted, use TCPKeepAlive instead; markus@@ OK
   - dtucker@@cvs.openbsd.org 2003/12/31 00:24:50
     [auth2-passwd.c]
     Ignore password change request during password auth (which we currently
     don't support) and discard proposed new password.  corrections/ok markus@@
 - (dtucker) [configure.ac] Only test setresuid and setresgid if they exist.

20031219
 - (dtucker) [defines.h] Bug #458: Define SIZE_T_MAX as UINT_MAX if we
   typedef size_t ourselves.

20031218
 - (dtucker) [configure.ac] Don't use setre[ug]id on DG-UX, from Tom Orban.
 - (dtucker) [auth-pam.c] Do PAM chauthtok during SSH2 keyboard-interactive
   authentication.  Partially fixes bug #423.  Feedback & ok djm@@

20031217
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/12/09 15:28:43
     [serverloop.c]
     make ClientKeepAlive work for ssh -N, too (no login shell requested).
     1) send a bogus channel request if we find a channel
     2) send a bogus global request if we don't have a channel
     ok + test beck@@
   - markus@@cvs.openbsd.org 2003/12/09 17:29:04
     [sshd.c]
     fix -o and HUP; ok henning@@
   - markus@@cvs.openbsd.org 2003/12/09 17:30:05
     [ssh.c]
     don't modify argv for ssh -o; similar to sshd.c 1.283
   - markus@@cvs.openbsd.org 2003/12/09 21:53:37
     [readconf.c readconf.h scp.1 servconf.c servconf.h sftp.1 ssh.1]
     [ssh_config.5 sshconnect.c sshd.c sshd_config.5]
     rename keepalive to tcpkeepalive; the old name causes too much
     confusion; ok djm, dtucker; with help from jmc@@
   - dtucker@@cvs.openbsd.org 2003/12/09 23:45:32
     [clientloop.c]
     Clear exit code when ssh -N is terminated with a SIGTERM.  ok markus@@
   - markus@@cvs.openbsd.org 2003/12/14 12:37:21
     [ssh_config.5]
     we don't support GSS KEX; from Simon Wilkinson
   - markus@@cvs.openbsd.org 2003/12/16 15:49:51
     [clientloop.c clientloop.h readconf.c readconf.h scp.1 sftp.1 ssh.1]
     [ssh.c ssh_config.5]
     application layer keep alive (ServerAliveInterval ServerAliveCountMax)
     for ssh(1), similar to the sshd(8) option; ok beck@@; with help from
     jmc and dtucker@@
   - markus@@cvs.openbsd.org 2003/12/16 15:51:54
     [dh.c]
     use <= instead of < in dh_estimate; ok provos/hshoexer; 
     do not return < DH_GRP_MIN
 - (dtucker) [acconfig.h configure.ac uidswap.c] Bug #645: Check for
   setres[ug]id() present but not implemented (eg some Linux/glibc
   combinations).
 - (bal) [openbsd-compat/bsd-misc.c] unset 'signal' defined if we are
   using a real 'signal()' (Noticed by a NeXT Compile)

20031209
 - (dtucker) OpenBSD CVS Sync
   - matthieu@@cvs.openbsd.org 2003/11/25 23:10:08
     [ssh-add.1]
     ssh-add doesn't need to be a descendant of ssh-agent. Ok markus@@, jmc@@.
   - djm@@cvs.openbsd.org 2003/11/26 21:44:29
     [cipher-aes.c]
     fix #ifdef before #define; ok markus@@
     (RCS ID sync only, Portable already had this)
   - markus@@cvs.openbsd.org 2003/12/02 12:15:10
     [progressmeter.c]
     improvments from andreas@@:
     * saner speed estimate for transfers that takes less than a second by
       rounding the time to 1 second.
     * when the transfer is finished calculate the actual total speed
       rather than the current speed which is given during the transfer
   - markus@@cvs.openbsd.org 2003/12/02 17:01:15
     [channels.c session.c ssh-agent.c ssh.h sshd.c]
     use SSH_LISTEN_BACKLOG (=128) in listen(2).
   - djm@@cvs.openbsd.org 2003/12/07 06:34:18
     [moduli.c]
     remove unused debugging #define templates
   - markus@@cvs.openbsd.org 2003/12/08 11:00:47
     [kexgexc.c]
     print requested group size in debug; ok djm
   - dtucker@@cvs.openbsd.org 2003/12/09 13:52:55
     [moduli.c]
     Prevent ssh-keygen -T from outputting moduli with a generator of 0, since
     they can't be used for Diffie-Hellman.  Assistance and ok djm@@
 - (dtucker) [ssh-keyscan.c] Sync RCSIDs, missed in SSH_SSFDMAX change below.

20031208
 - (tim) [configure.ac] Bug 770. Fix --without-rpath.

20031123
 - (djm) [canohost.c] Move IPv4inV6 mapped address normalisation to its own
   function and call it unconditionally
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2003/11/23 23:17:34
     [ssh-keyscan.c]
     from portable - use sysconf to detect fd limit; ok markus@@
     (tidy diff by adding SSH_SSFDMAX macro to defines.h)
   - djm@@cvs.openbsd.org 2003/11/23 23:18:45
     [ssh-keygen.c]
     consistency PATH_MAX -> MAXPATHLEN; ok markus@@
     (RCS ID sync only)
   - djm@@cvs.openbsd.org 2003/11/23 23:21:21
     [scp.c]
     from portable: rename clashing variable limit-> limit_rate; ok markus@@
     (RCS ID sync only)
   - dtucker@@cvs.openbsd.org 2003/11/24 00:16:35
     [ssh.1 ssh.c]
     Make ssh -k mean GSSAPIDelegateCredentials=no. Suggestion & ok markus@@
 - (djm) Annotate OpenBSD-derived files in openbsd-compat/ with original 
   source file path (in OpenBSD tree).

20031122
 - (dtucker) [channels.c] Make AIX write limit code clearer.  Suggested by djm@@
 - (dtucker) [auth-passwd.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]
   Move AIX specific password authentication code to port-aix.c, call
   authenticate() until reenter flag is clear.
 - (dtucker) [auth-sia.c configure.ac] Tru64 update from cmadams at hiwaay.net.
   Use permanently_set_uid for SIA, only define DISABLE_FD_PASSING when SIA
   is enabled, rely on SIA to check for locked accounts if enabled.  ok djm@@
 - (djm) [scp.c] Rename limitbw -> limit_rate to match upstreamed patch
 - (djm) [sftp-int.c] Remove duplicated code from bogus sync
 - (djm) [packet.c] Shuffle #ifdef to reduce conditionally compiled code

20031121
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/11/20 11:39:28
     [progressmeter.c]
     fix rounding errors; from andreas@@
   - djm@@cvs.openbsd.org 2003/11/21 11:57:03
     [everything]
     unexpand and delete whitespace at EOL; ok markus@@
     (done locally and RCS IDs synced)

20031118
 - (djm) Fix early exit for root auth success when UsePAM=yes and 
   PermitRootLogin=no
 - (dtucker) [auth-pam.c] Convert chauthtok_conv into a generic tty_conv,
   and use it for do_pam_session.  Fixes problems like pam_motd not
   displaying anything.  ok djm@@
 - (dtucker) [auth-pam.c] Only use pam_putenv if our platform has it. ok djm@@
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2003/11/18 00:40:05
     [serverloop.c]
     Correct check for authctxt->valid.  ok djm@@
   - djm@@cvs.openbsd.org 2003/11/18 10:53:07
     [monitor.c]
     unbreak fake authloop for non-existent users (my screwup). Spotted and
     tested by dtucker@@; ok markus@@

20031117
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2003/11/03 09:03:37
     [auth-chall.c]
     make this a little more idiot-proof; ok markus@@
     (includes portable-specific changes)
   - jakob@@cvs.openbsd.org 2003/11/03 09:09:41
     [sshconnect.c]
     move changed key warning into warn_changed_key(). ok markus@@
   - jakob@@cvs.openbsd.org 2003/11/03 09:37:32
     [sshconnect.c]
     do not free static type pointer in warn_changed_key()
   - djm@@cvs.openbsd.org 2003/11/04 08:54:09
     [auth1.c auth2.c auth2-pubkey.c auth.h auth-krb5.c auth-passwd.c]
     [auth-rhosts.c auth-rh-rsa.c auth-rsa.c monitor.c serverloop.c]
     [session.c]
     standardise arguments to auth methods - they should all take authctxt.
     check authctxt->valid rather then pw != NULL; ok markus@@
   - jakob@@cvs.openbsd.org 2003/11/08 16:02:40
     [auth1.c]
     remove unused variable (pw). ok djm@@
     (id sync only - still used in portable)
   - jmc@@cvs.openbsd.org 2003/11/08 19:17:29
     [sftp-int.c]
     typos from Jonathon Gray;
   - jakob@@cvs.openbsd.org 2003/11/10 16:23:41
     [bufaux.c bufaux.h cipher.c cipher.h hostfile.c hostfile.h key.c]
     [key.h sftp-common.c sftp-common.h sftp-server.c sshconnect.c sshd.c]
     [ssh-dss.c ssh-rsa.c uuencode.c uuencode.h]
     constify. ok markus@@ & djm@@
   - dtucker@@cvs.openbsd.org 2003/11/12 10:12:15
     [scp.c]
     When called with -q, pass -q to ssh; suppresses SSH2 banner.  ok markus@@
   - jakob@@cvs.openbsd.org 2003/11/12 16:39:58
     [dns.c dns.h readconf.c ssh_config.5 sshconnect.c]
     update SSHFP validation. ok markus@@
   - jmc@@cvs.openbsd.org 2003/11/12 20:14:51
     [ssh_config.5]
     make verb agree with subject, and kill some whitespace;
   - markus@@cvs.openbsd.org 2003/11/14 13:19:09
     [sshconnect2.c]
     cleanup and minor fixes for the client code; from Simon Wilkinson
   - djm@@cvs.openbsd.org 2003/11/17 09:45:39
     [msg.c msg.h sshconnect2.c ssh-keysign.c]
     return error on msg send/receive failure (rather than fatal); ok markus@@
   - markus@@cvs.openbsd.org 2003/11/17 11:06:07
     [auth2-gss.c gss-genr.c gss-serv.c monitor.c monitor.h monitor_wrap.c]
     [monitor_wrap.h sshconnect2.c ssh-gss.h]
     replace "gssapi" with "gssapi-with-mic"; from Simon Wilkinson; 
     test + ok jakob.
 - (djm) Bug #632: Don't call pam_end indirectly from within kbd-int
   conversation function
 - (djm) Export environment variables from authentication subprocess to 
   parent. Part of Bug #717

20031115
 - (dtucker) [regress/agent-ptrace.sh] Test for GDB output from Solaris and
   HP-UX, skip test on AIX.

20031113
 - (dtucker) [auth-pam.c] Append newlines to lines output by the
   pam_chauthtok_conv().
 - (dtucker) [README ssh-host-config ssh-user-config Makefile] (All
   contrib/cygwin).  Major update from vinschen at redhat.com.
   - Makefile provides a `cygwin-postinstall' target to run right after
     `make install'.
   - Better support for Windows 2003 Server.
   - Try to get permissions as correct as possible.
   - New command line options to allow full automated host configuration.
   - Create configs from skeletons in /etc/defaults/etc.
   - Use /bin/bash, allows reading user input with readline support.
   - Remove really old configs from /usr/local.
 - (dtucker) [auth-pam.c] Add newline to accumulated PAM_TEXT_INFO and
   PAM_ERROR_MSG messages.

20031106
 - (djm) Clarify UsePAM consequences a little more

20031103
 - (dtucker) [contrib/cygwin/ssh-host-config] Ensure entries in /etc/services
   are created correctly with CRLF line terminations.  Patch from vinschen at
   redhat.com.
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/10/15 09:48:45
     [monitor_wrap.c]
     check pmonitor != NULL
   - markus@@cvs.openbsd.org 2003/10/21 09:50:06
     [auth2-gss.c]
     make sure the doid is larger than 2
   - avsm@@cvs.openbsd.org 2003/10/26 16:57:43
     [sshconnect2.c]
     rename 'supported' static var in userauth_gssapi() to 'gss_supported'
     to avoid shadowing the global version.  markus@@ ok
   - markus@@cvs.openbsd.org 2003/10/28 09:08:06
     [misc.c]
     error->debug for getsockopt+TCP_NODELAY; several requests
   - markus@@cvs.openbsd.org 2003/11/02 11:01:03
     [auth2-gss.c compat.c compat.h sshconnect2.c]
     remove support for SSH_BUG_GSSAPI_BER; simon@@sxw.org.uk
 - (dtucker) [regress/agent-ptrace.sh] Use numeric uid and gid.

20031021
 - (dtucker) [INSTALL] Some system crypt() functions support MD5 passwords
   directly.  Noted by Darren.Moffat at sun.com.
 - (dtucker) [regress/agent-ptrace.sh] Skip agent-test unless SUDO is set,
   make agent setgid during test.

20031017
 - (dtucker) [INSTALL] Note that --with-md5 is now required on platforms with
   MD5 passwords even if PAM support is enabled.  From steev at detritus.net.

20031015
 - (dtucker) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2003/10/08 08:27:36
     [scp.1 scp.c sftp-server.8 sftp.1 sftp.c ssh.1 sshd.8]
     scp and sftp: add options list and sort options. options list requested
     by deraadt@@
     sshd: use same format as ssh
     ssh: remove wrong option from list
     sftp-server: Subsystem is documented in ssh_config(5), not sshd(8)
     ok deraadt@@ markus@@
   - markus@@cvs.openbsd.org 2003/10/08 15:21:24
     [readconf.c ssh_config.5]
     default GSS API to no in client, too; ok jakob, deraadt@@
   - markus@@cvs.openbsd.org 2003/10/11 08:24:08
     [readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
     remote x11 clients are now untrusted by default, uses xauth(8) to generate
     untrusted cookies; ForwardX11Trusted=yes restores old behaviour.
     ok deraadt; feedback and ok djm/fries
   - markus@@cvs.openbsd.org 2003/10/11 08:26:43
     [sshconnect2.c]
     search keys in reverse order; fixes #684
   - markus@@cvs.openbsd.org 2003/10/11 11:36:23
     [monitor_wrap.c]
     return NULL for missing banner; ok djm@@
   - jmc@@cvs.openbsd.org 2003/10/12 13:12:13
     [ssh_config.5]
     note that EnableSSHKeySign should be in the non-hostspecific section;
     remove unnecessary .Pp;
     ok markus@@
   - markus@@cvs.openbsd.org 2003/10/13 08:22:25
     [scp.1 sftp.1]
     don't refer to options related to forwarding; ok jmc@@
   - jakob@@cvs.openbsd.org 2003/10/14 19:42:10
     [dns.c dns.h readconf.c ssh-keygen.c sshconnect.c]
     include SSHFP lookup code (not enabled by default). ok markus@@
   - jakob@@cvs.openbsd.org 2003/10/14 19:43:23
     [README.dns]
     update
   - markus@@cvs.openbsd.org 2003/10/14 19:54:39
     [session.c ssh-agent.c]
     10X for mkdtemp; djm@@
 - (dtucker) [acconfig.h configure.ac dns.c openbsd-compat/getrrsetbyname.c
   openbsd-compat/getrrsetbyname.h] DNS fingerprint support is now always
   compiled in but disabled in config.
 - (dtucker) [auth.c] Check for disabled password expiry on HP-UX Trusted Mode.
 - (tim) [regress/banner.sh] portability fix.

20031009
 - (dtucker) [sshd_config.5] UsePAM defaults to "no".  ok djm@@

20031008
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2003/10/07 01:47:27
     [sshconnect2.c]
     Don't use logit for banner, since it truncates to MSGBUFSIZ; bz #668 &
     #707.  ok markus@@
   - djm@@cvs.openbsd.org 2003/10/07 07:04:16
     [sftp-int.c]
     sftp quoting fix from admorten AT umich.edu; ok markus@@
   - deraadt@@cvs.openbsd.org 2003/10/07 21:58:28
     [sshconnect2.c]
     set ptr to NULL after free
   - dtucker@@cvs.openbsd.org 2003/10/07 01:52:13
     [regress/Makefile regress/banner.sh]
     Test SSH2 banner.  ok markus@@
   - djm@@cvs.openbsd.org 2003/10/07 07:04:52
     [regress/sftp-cmds.sh]
     more sftp quoting regress tests; ok markus

20031007
 - (djm) Delete autom4te.cache after autoreconf
 - (dtucker) [auth-pam.c auth-pam.h session.c] Make PAM use the new static
   cleanup functions.  With & ok djm@@
 - (dtucker) [contrib/redhat/openssh.spec] Bug #714: Now that UsePAM is a
   run-time switch, always build --with-md5-passwords.
 - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoul.c]
   Bug #670: add strtoul() to openbsd-compat for platforms lacking it.  ok djm@@
 - (dtucker) [configure.ac] Bug #715: Set BROKEN_SETREUID and BROKEN_SETREGID
   on Reliant Unix.  Patch from Robert.Dahlem at siemens.com.
 - (dtucker) [configure.ac] Bug #710: Check for dlsym() in libdl on
   Reliant Unix.  Based on patch from Robert.Dahlem at siemens.com.

20031003
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/10/02 10:41:59
     [sshd.c]
     print openssl version, too, several requests; ok henning/djm.
   - markus@@cvs.openbsd.org 2003/10/02 08:26:53
     [ssh-gss.h]
     missing $OpenBSD:; dtucker
 - (tim) [contrib/caldera/openssh.spec] Remove obsolete --with-ipv4-default
   option.

20031002
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/09/23 20:17:11
     [Makefile.in auth1.c auth2.c auth.c auth.h auth-krb5.c canohost.c
     cleanup.c clientloop.c fatal.c gss-serv.c log.c log.h monitor.c monitor.h
     monitor_wrap.c monitor_wrap.h packet.c serverloop.c session.c session.h
     ssh-agent.c sshd.c]
     replace fatal_cleanup() and linked list of fatal callbacks with static
     cleanup_exit() function.  re-refine cleanup_exit() where appropriate,
     allocate sshd's authctxt eary to allow simpler cleanup in sshd.
     tested by many, ok deraadt@@
   - markus@@cvs.openbsd.org 2003/09/23 20:18:52
     [progressmeter.c]
     don't print trailing \0; bug #709; Robert.Dahlem@@siemens.com
     ok millert/deraadt@@
   - markus@@cvs.openbsd.org 2003/09/23 20:41:11
     [channels.c channels.h clientloop.c]
     move client only agent code to clientloop.c
   - markus@@cvs.openbsd.org 2003/09/26 08:19:29
     [sshd.c]
     no need to set the listen sockets to non-block; ok deraadt@@
   - jmc@@cvs.openbsd.org 2003/09/29 11:40:51
     [ssh.1]
     - add list of options to -o and .Xr ssh_config(5)
     - some other cleanup
     requested by deraadt@@;
     ok deraadt@@ markus@@
   - markus@@cvs.openbsd.org 2003/09/29 20:19:57
     [servconf.c sshd_config]
     GSSAPICleanupCreds -> GSSAPICleanupCredentials
 - (dtucker) [configure.ac] Don't set DISABLE_SHADOW when configuring
   --with-pam.  ok djm@@
 - (dtucker) [ssh-gss.h] Prototype change missed in sync.
 - (dtucker) [session.c] Fix bus errors on some 64-bit Solaris configurations.
   Based on patches by Matthias Koeppe and Thomas Baden.  ok djm@@

20030930
 - (bal) Fix issues in openbsd-compat/realpath.c

20030925
 - (dtucker) [configure.ac openbsd-compat/xcrypt.c] Bug #633: Remove
   DISABLE_SHADOW for HP-UX, use getspnam instead of getprpwnam.  Patch from
   michael_steffens at hp.com, ok djm@@
 - (tim) [sshd_config] UsePAM defaults to no.

20030924
 - (djm) Update version.h and spec files for HEAD
 - (dtucker) [configure.ac] IRIX5 needs the same setre[ug]id defines as IRIX6.

20030923
a57 44
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2003/09/18 07:52:54
     [sshconnect.c]
     missing {}; bug #656; jclonguet at free.fr
   - markus@@cvs.openbsd.org 2003/09/18 07:54:48
     [buffer.c]
     protect against double free; #660;  zardoz at users.sf.net
   - markus@@cvs.openbsd.org 2003/09/18 07:56:05
     [authfile.c]
     missing  buffer_free(&encrypted); #662; zardoz at users.sf.net
   - markus@@cvs.openbsd.org 2003/09/18 08:49:45
     [deattack.c misc.c session.c ssh-agent.c]
     more buffer allocation fixes; from Solar Designer; CAN-2003-0682;
     ok millert@@
   - miod@@cvs.openbsd.org 2003/09/18 13:02:21
     [authfd.c bufaux.c dh.c mac.c ssh-keygen.c]
     A few signedness fixes for harmless situations; markus@@ ok
   - markus@@cvs.openbsd.org 2003/09/19 09:02:02
     [packet.c]
     buffer_dump only if PACKET_DEBUG is defined; Jedi/Sector One; pr 3471
   - markus@@cvs.openbsd.org 2003/09/19 09:03:00
     [buffer.c]
     sign fix in buffer_dump; Jedi/Sector One; pr 3473
   - markus@@cvs.openbsd.org 2003/09/19 11:29:40
     [ssh-agent.c]
     provide a ssh-agent specific fatal() function; ok deraadt
   - markus@@cvs.openbsd.org 2003/09/19 11:30:39
     [ssh-keyscan.c]
     avoid fatal_cleanup, just call exit(); ok deraadt
   - markus@@cvs.openbsd.org 2003/09/19 11:31:33
     [channels.c]
     do not call channel_free_all on fatal; ok deraadt
   - markus@@cvs.openbsd.org 2003/09/19 11:33:09
     [packet.c sshd.c]
     do not call packet_close on fatal; ok deraadt
   - markus@@cvs.openbsd.org 2003/09/19 17:40:20
     [scp.c]
     error handling for remote-remote copy; #638; report Harald Koenig;
     ok millert, fgs, henning, deraadt
   - markus@@cvs.openbsd.org 2003/09/19 17:43:35
     [clientloop.c sshtty.c sshtty.h]
     remove fatal callbacks from client code; ok deraadt
 - (bal) "extration" -> "extraction" in ssh-rand-helper.c; repoted by john
	on #unixhelp@@efnet
a58 9
 - (djm) Sync with V_3_7 branch:
   - (djm) Fix SSH1 challenge kludge
   - (djm) Bug #671: Fix builds on OpenBSD
   - (djm) Bug #676: Fix PAM stack corruption
   - (djm) Fix bad free() in PAM code
   - (djm) Don't call pam_end before pam_init
   - (djm) Enable build with old OpenSSL again
   - (djm) Trim deprecated options from INSTALL. Mention UsePAM
   - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
d63 1
a63 4
 - (djm) Bug #661: Remove duplicate check for basename; from 
   bugzilla-openssh AT thewrittenword.com
 - (djm) Bug #641: Allow RedHat RPM building without GTK-2; Patch from
   jason AT devrandom.org
a69 1
 - (dtucker) [acconfig.h] Updated basename test needs HAVE_BASENAME
a74 1
 - (djm) Sync with V_3_7 branch
d79 3
a81 4
 - (djm) Crank RPM spec file versions
 - (tim) [openbsd-compat/inet_ntoa.c] 20030917 "Sync with V_3_7 branch" undid
   20030916 "Missed dead header in inet_ntoa.c"
 
d91 2
d94 1
a94 1
 - (bal) Missed dead header in inet_ntoa.c
d1191 1
a1191 1
$Id: ChangeLog,v 1.3257 2004/02/24 06:13:28 djm Exp $
@


1.1.1.7
log
@Vendor import of OpenSSH 3.8.1p1.
@
text
@a0 189
20040418
 - (dtucker) [auth-pam.c] Log username and source host for failed PAM
   authentication attempts.  With & ok djm@@
 - (djm) [openbsd-compat/bsd-cygwin_util.c] Recent versions of Cygwin allow
   change of user context without a password, so relax auth method 
   restrictions; from vinschen AT redhat.com; ok dtucker@@
 - Release 3.8.1p1

20040416
 - (dtucker) [regress/sftp-cmds.sh] Skip quoting test on Cygwin, since
   FAT/NTFS does not permit quotes in filenames.  From vinschen at redhat.com
 - (djm) [auth-krb5.c auth.h session.c] Explicitly refer to Kerberos ccache 
   file using FILE: method, fixes problems on Mac OSX.
   Patch from simon@@sxw.org.uk; ok dtucker@@
 - (tim) [configure.ac] Set SETEUID_BREAKS_SETUID, BROKEN_SETREUID and
   BROKEN_SETREGID for SCO OpenServer 3

20040412
 - (dtucker) [sshd_config.5] Add PermitRootLogin without-password warning
   from bug #701 (text from jfh at cise.ufl.edu).
 - (dtucker) [acconfig.h configure.ac defines.h] Bug #673: check for 4-arg
   skeychallenge(), eg on NetBSD.  ok mouring@@
 - (dtucker) [auth-skey.c defines.h monitor.c] Make skeychallenge explicitly
   4-arg, with compatibility for 3-arg versions.  From djm@@, ok me.
 - (djm) [configure.ac] Fix detection of libwrap on OpenBSD; ok dtucker@@

20040408
 - (dtucker) [loginrec.c] Use UT_LINESIZE if available, prevents truncating
   pty name on Linux 2.6.x systems.  Patch from jpe at eisenmenger.org.
 - (bal) [monitor.c monitor_wrap.c] Second try.  Put the zlib.h headers
   back and #undef TARGET_OS_MAC instead.  (Bug report pending with Apple)
 - (dtucker) [defines.h loginrec.c] Define UT_LINESIZE if not defined and
   simplify loginrec.c.  ok tim@@
 - (bal) [monitor.c monitor_wrap.c] Ok.. Last time.  Promise.  Tim suggested
   limiting scope and dtucker@@ agreed.

20040407
 - (dtucker) [session.c] Flush stdout after displaying loginmsg.  From
   f_mohr at yahoo.de.
 - (bal) [acconfig.h auth-krb5.c configure.ac gss-serv-krb5.c] Check to see
   if Krb5 library exports krb5_init_etc() since some OSes (like MacOS/X)
   are starting to restrict it as internal since it is not needed by
   developers any more. (Patch based on Apple tree)
 - (bal) [monitor.c monitor_wrap.c] monitor_wrap.c] moved zlib.h higher since 
   krb5 on MacOS/X conflicts.  There may be a better solution, but this will 
   work for now.

20040406
 - (dtucker) [acconfig.h configure.ac defines.h] Bug #820: don't use
   updwtmpx() on IRIX since it seems to clobber utmp.  ok djm@@
 - (dtucker) [configure.ac] Bug #816, #748 (again): Attempt to detect
   broken getaddrinfo and friends on HP-UX.  ok djm@@

20040330
 - (dtucker) [configure.ac] Bug #811: Use "!" for LOCKED_PASSWD_PREFIX on
   Linuxes, since that's what many use.  ok djm@@
 - (dtucker) [auth-pam.c] rename the_authctxt to sshpam_authctxt in auth-pam.c
   to reduce potential confusion with the one in sshd.c.  ok djm@@
 - (djm) Bug #825: Fix ip_options_check() for mapped IPv4/IPv6 connection; 
   with & ok dtucker@@

20040327
 - (dtucker) [session.c] Bug #817: Clear loginmsg after fork to prevent
   duplicate login messages for mutli-session logins.  ok djm@@

20040322
 - (djm) [sshd.c] Drop supplemental groups if started as root
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2004/03/09 22:11:05
     [ssh.c]
     increase x11 cookie lifetime to 20 minutes; ok djm
   - markus@@cvs.openbsd.org 2004/03/10 09:45:06
     [ssh.c]
     trim usage to match ssh(1) and look more like unix. ok djm@@
   - markus@@cvs.openbsd.org 2004/03/11 08:36:26
     [sshd.c]
     trim usage; ok deraadt
   - markus@@cvs.openbsd.org 2004/03/11 10:21:17
     [ssh.c sshd.c]
     ssh, sshd: sync version output, ok djm
   - markus@@cvs.openbsd.org 2004/03/20 10:40:59
     [version.h]
     3.8.1
 - (djm) Crank RPM spec versions

20040311
 - (djm) [configure.ac] Add standard license to configure.ac; ok ben, dtucker

20040310
 - (dtucker) [openbsd-compat/fake-rfc2553.h] Bug #812: #undef getaddrinfo
   before redefining it, silences warnings on Tru64.

20040308
 - (dtucker) [sshd.c] Back out rev 1.270 as it caused problems on some
   platforms (eg SCO, HP-UX) with logging in the wrong TZ.  ok djm@@
 - (dtucker) [configure.ac sshd.c openbsd-compat/bsd-misc.h
   openbsd-compat/setenv.c] Unset KRB5CCNAME on AIX to prevent it from being
   inherited by the child.  ok djm@@
 - (dtucker) [auth-pam.c auth-pam.h auth1.c auth2.c monitor.c monitor_wrap.c
   monitor_wrap.h] Bug #808: Ensure force_pwchange is correctly initialized
   even if keyboard-interactive is not used by the client.  Prevents 
   segfaults in some cases where the user's password is expired (note this 
   is not considered a security exposure).  ok djm@@
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2004/03/03 06:47:52
     [sshd.c]
     change proctiltle after accept(2); ok henning, deraadt, djm
   - djm@@cvs.openbsd.org 2004/03/03 09:30:42
     [sftp-client.c]
     Don't print duplicate messages when progressmeter is off
     Spotted by job317 AT mailvault.com; ok markus@@
   - djm@@cvs.openbsd.org 2004/03/03 09:31:20
     [sftp.c]
     Fix initialisation of progress meter; ok markus@@
   - markus@@cvs.openbsd.org 2004/03/05 10:53:58
     [readconf.c readconf.h scp.1 sftp.1 ssh.1 ssh_config.5 sshconnect2.c]
     add IdentitiesOnly; ok djm@@, pb@@
   - djm@@cvs.openbsd.org 2004/03/08 09:38:05
     [ssh-keyscan.c]
     explicitly initialise remote_major and remote_minor.
     from cjwatson AT debian.org; ok markus@@
   - dtucker@@cvs.openbsd.org 2004/03/08 10:18:57
     [sshd_config.5]
     Document KerberosGetAFSToken;  ok markus@@
 - (tim) [regress/README.regress] Document ssh-rand-helper issue. ok bal

20040307
 - (tim) [regress/login-timeout.sh] fix building outside of source tree.

20040304
 - (dtucker) [auth-pam.c] Don't try to export PAM when compiled with
   -DUSE_POSIX_THREADS.  From antoine.verheijen at ualbert ca.  ok djm@@
 - (dtucker) [auth-pam.c] Reset signal status when starting pam auth thread,
   prevent hanging during PAM keyboard-interactive authentications.  ok djm@@
 - (dtucker) [auth-passwd.c auth-sia.c auth-sia.h defines.h
   openbsd-compat/xcrypt.c] Bug #802: Fix build error on Tru64 when
   configured --with-osfsia.  ok djm@@

20040303
 - (djm) [configure.ac ssh-agent.c] Use prctl to prevent ptrace on ssh-agent
   ok dtucker  

20040229
 - (tim) [configure.ac] Put back bits mistakenly removed from Rev 1.188

20040229
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2004/02/25 00:22:45
     [sshd.c]
     typo in comment
   - dtucker@@cvs.openbsd.org 2004/02/27 22:42:47
     [dh.c]
     Prevent sshd from sending DH groups with a primitive generator of zero or
     one, even if they are listed in /etc/moduli.  ok markus@@
   - dtucker@@cvs.openbsd.org 2004/02/27 22:44:56
     [dh.c]
     Make /etc/moduli line buffer big enough for 8kbit primes, in case anyone
     ever uses one.  ok markus@@
   - dtucker@@cvs.openbsd.org 2004/02/27 22:49:27
     [dh.c]
     Reset bit counter at the right time, fixes debug output in the case where
     the DH group is rejected.  ok markus@@
   - dtucker@@cvs.openbsd.org 2004/02/17 08:23:20
     [regress/Makefile regress/login-timeout.sh]
     Add regression test for LoginGraceTime; ok markus@@
   - markus@@cvs.openbsd.org 2004/02/24 16:56:30
     [regress/test-exec.sh]
     allow arguments in ${TEST_SSH_XXX}
   - markus@@cvs.openbsd.org 2004/02/24 17:06:52
     [regress/ssh-com-client.sh regress/ssh-com-keygen.sh
     regress/ssh-com-sftp.sh regress/ssh-com.sh]
     test against recent ssh.com releases
   - dtucker@@cvs.openbsd.org 2004/02/28 12:16:57
     [regress/dynamic-forward.sh]
     Make dynamic-forward understand nc's new output.  ok markus@@
   - dtucker@@cvs.openbsd.org 2004/02/28 13:44:45
     [regress/try-ciphers.sh]
     Test acss too; ok markus@@
 - (dtucker) [regress/try-ciphers.sh] Skip acss if not compiled in (eg if we
   built with openssl < 0.9.7)

20040226
 - (bal) KNF our sshlogin.c even if the code looks nothing like upstream
   code due to diversity issues.

20040225
 - (djm) Trim ChangeLog 
 - (djm) Don't specify path to PAM modules in Redhat sshd.pam; from Fedora

d797 1136
a1932 1
$Id: ChangeLog,v 1.3316.2.1 2004/04/18 12:51:12 djm Exp $
@


1.1.1.8
log
@Vendor import of OpenSSH 3.9p1.
@
text
@a0 672
20040817
 - (dtucker) [regress/README.regress] Note compatibility issues with GNU head.
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2004/08/16 08:17:01
     [version.h]
     3.9
 - (djm) Crank RPM spec version numbers
 - (djm) Release 3.9p1

20040816
 - (dtucker) [acconfig.h auth-pam.c configure.ac] Set real uid to non-root
   to convince Solaris PAM to honour password complexity rules.  ok djm@@

20040815
 - (dtucker) [Makefile.in ssh-keysign.c ssh.c] Use permanently_set_uid() since
   it does the right thing on all platforms.  ok djm@@
 - (djm) [acconfig.h configure.ac openbsd-compat/Makefile.in 
   openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-misc.c 
   openbsd-compat/bsd-misc.h openbsd-compat/openbsd-compat.h] Use smarter 
   closefrom() replacement from sudo; ok dtucker@@
 - (djm) [loginrec.c] Check that seek succeeded here too; ok dtucker
 - (dtucker) [Makefile.in] Fix typo.

20040814
 - (dtucker) [auth-krb5.c gss-serv-krb5.c openbsd-compat/xmmap.c]
   Explicitly set umask for mkstemp; ok djm@@
 - (dtucker) [includes.h] Undef _INCLUDE__STDC__ on HP-UX, otherwise
   prot.h and shadow.h provide conflicting declarations of getspnam.  ok djm@@
 - (dtucker) [loginrec.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]
   Plug AIX login recording into login_write so logins will be recorded for
   all auth types.

20040813
 - (dtucker) [openbsd-compat/bsd-misc.c] Typo in #ifdef; from vinschen at
   redhat.com
- (dtucker) OpenBSD CVS Sync
   - avsm@@cvs.openbsd.org 2004/08/11 21:43:05
     [channels.c channels.h clientloop.c misc.c misc.h serverloop.c ssh-agent.c]
     some signed/unsigned int comparison cleanups; markus@@ ok
   - avsm@@cvs.openbsd.org 2004/08/11 21:44:32
     [authfd.c scp.c ssh-keyscan.c]
     use atomicio instead of homegrown equivalents or read/write.
     markus@@ ok
   - djm@@cvs.openbsd.org 2004/08/12 09:18:24
     [sshlogin.c]
     typo in error message, spotted by moritz AT jodeit.org (Id sync only)
   - jakob@@cvs.openbsd.org 2004/08/12 21:41:13
     [ssh-keygen.1 ssh.1]
     improve SSHFP documentation; ok deraadt@@
   - jmc@@cvs.openbsd.org 2004/08/13 00:01:43
     [ssh-keygen.1]
     kill whitespace at eol;
   - djm@@cvs.openbsd.org 2004/08/13 02:51:48
     [monitor_fdpass.c]
     extra check for no message case; ok markus, deraadt, hshoexer, henning
   - dtucker@@cvs.openbsd.org 2004/08/13 11:09:24
     [servconf.c]
     Fix line numbers off-by-one in error messages, from tortay at cc.in2p3.fr
     ok markus@@, djm@@

20040812
 - (dtucker) [sshd.c] Remove duplicate variable imported during sync.
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2004/07/28 08:56:22
     [sshd.c]
     call setsid() _before_ re-exec
   - markus@@cvs.openbsd.org 2004/07/28 09:40:29
     [auth.c auth1.c auth2.c cipher.c cipher.h key.c session.c ssh.c
     sshconnect1.c]
     more s/illegal/invalid/
   - djm@@cvs.openbsd.org 2004/08/04 10:37:52
     [dh.c]
     return group14 when no primes found - fixes hang on empty /etc/moduli;
     ok markus@@
   - dtucker@@cvs.openbsd.org 2004/08/11 11:09:54
     [servconf.c]
     Fix minor leak; "looks right" deraadt@@
   - dtucker@@cvs.openbsd.org 2004/08/11 11:50:09
     [sshd.c]
     Don't try to close startup_pipe if it's not open; ok djm@@
   - djm@@cvs.openbsd.org 2004/08/11 11:59:22
     [sshlogin.c]
     check that lseek went were we told it to; ok markus@@
     (Id sync only, but similar changes are needed in loginrec.c)
   - djm@@cvs.openbsd.org 2004/08/11 12:01:16
     [sshlogin.c]
     make store_lastlog_message() static to appease -Wall; ok markus
 - (dtucker) [sshd.c] Clear loginmsg in postauth monitor, prevents doubling
    messages generated before the postauth privsep split.

20040720
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2004/07/21 08:56:12
     [auth.c]
     s/Illegal user/Invalid user/; many requests; ok djm, millert, niklas,
     miod, ...
   - djm@@cvs.openbsd.org 2004/07/21 10:33:31
     [auth1.c auth2.c]
     bz#899: Don't display invalid usernames in setproctitle
     from peak AT argo.troja.mff.cuni.cz; ok markus@@
   - djm@@cvs.openbsd.org 2004/07/21 10:36:23
     [gss-serv-krb5.c]
     fix function declaration
   - djm@@cvs.openbsd.org 2004/07/21 11:51:29
     [canohost.c]
     bz#902: cache remote port so we don't fatal() in auth_log when remote
     connection goes away quickly. from peak AT argo.troja.mff.cuni.cz;
     ok markus@@
 - (djm) [auth-pam.c] Portable parts of bz#899: Don't display invalid 
   usernames in setproctitle from peak AT argo.troja.mff.cuni.cz;

20040720
 - (djm) [log.c] bz #111: Escape more control characters when sending data 
   to syslog; from peak AT argo.troja.mff.cuni.cz
 - (djm) [contrib/redhat/sshd.pam] bz #903: Remove redundant entries; from 
   peak AT argo.troja.mff.cuni.cz
 - (djm) [regress/README.regress] Remove caveat regarding TCP wrappers, now
   that sshd is fixed to behave better; suggested by tim

20040719
 - (djm) [openbsd-compat/bsd-arc4random.c] Discard early keystream, like OpenBSD
   ok dtucker@@
 - (djm) [auth-pam.c] Avoid use of xstrdup and friends in conversation function,
   instead return PAM_CONV_ERR, avoiding another path to fatal(); ok dtucker@@
 - (tim) [configure.ac] updwtmpx() on OpenServer seems to add duplicate entry.
   Report by rac AT tenzing.org

20040717
 - (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.c
   ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c
   openbsd-compat/bsd-misc.c] Move "char *__progname" to bsd-misc.c.  Reduces
   diff vs OpenBSD; ok mouring@@, tested by tim@@ too.
 - (dtucker) OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2004/07/11 17:48:47
     [channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c
     readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c
     session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h
     sshd.c ttymodes.h]
     spaces
   - brad@@cvs.openbsd.org 2004/07/12 23:34:25
     [ssh-keyscan.1]
     Fix incorrect macro, .I -> .Em
     From: Eric S. Raymond <esr at thyrsus dot com>
     ok jmc@@
   - dtucker@@cvs.openbsd.org 2004/07/17 05:31:41
     [monitor.c monitor_wrap.c session.c session.h sshd.c sshlogin.c]
     Move "Last logged in at.." message generation to the monitor, right
     before recording the new login.  Fixes missing lastlog message when
     /var/log/lastlog is not world-readable and incorrect datestamp when
     multiple sessions are used (bz #463);  much assistance & ok markus@@

20040711
 - (dtucker) [auth-pam.c] Check for zero from waitpid() too, which allows
   the monitor to properly clean up the PAM thread (Debian bug #252676).

20040709
 - (tim) [contrib/cygwin/README] add minires-devel requirement. Patch from
   vinschen AT redhat.com

20040708
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2004/07/03 05:11:33
     [sshlogin.c] (RCSID sync only, the corresponding code is not in Portable)
     Use '\0' not 0 for string; ok djm@@, deraadt@@
   - dtucker@@cvs.openbsd.org 2004/07/03 11:02:25
     [monitor_wrap.c]
     Put s/key functions inside #ifdef SKEY same as monitor.c,
     from des@@freebsd via bz #330, ok markus@@
   - dtucker@@cvs.openbsd.org 2004/07/08 12:47:21
     [scp.c]
     Prevent scp from skipping the file following a double-error.
     bz #863, ok markus@@

20040702
 - (dtucker) [mdoc2man.awk] Teach it to ignore .Bk -words, reported by
   strube at physik3.gwdg.de a long time ago.

20040701
 - (dtucker) [session.c] Call display_loginmsg again after do_pam_session.
   Ensures messages from PAM modules are displayed when privsep=no.
 - (dtucker) [auth-pam.c] Bug #705: Make arguments match PAM specs, fixes
   warnings on compliant platforms.  From paul.a.bolton at bt.com.  ok djm@@
 - (dtucker) [auth-pam.c] Bug #559 (last piece): Pass DISALLOW_NULL_AUTHTOK
   to pam_authenticate for challenge-response auth too.  Originally from
   fcusack at fcusack.com, ok djm@@
 - (tim) [buildpkg.sh.in] Add $REV to bump the package revision within
   the same version. Handle the case where someone uses --with-privsep-user=
   and the user name does not match the group name. ok dtucker@@

20040630
 - (dtucker) [auth-pam.c] Check for buggy PAM modules that return a NULL
   appdata_ptr to the conversation function.  ok djm@@
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2004/06/26 09:03:21
     [ssh.1]
     - remove double word
     - rearrange .Bk to keep SYNOPSIS nice
     - -M before -m in options description
   - jmc@@cvs.openbsd.org 2004/06/26 09:11:14
     [ssh_config.5]
     punctuation and grammar fixes. also, keep the options in order.
   - jmc@@cvs.openbsd.org 2004/06/26 09:14:40
     [sshd_config.5]
     new sentence, new line;
   - avsm@@cvs.openbsd.org 2004/06/26 20:07:16
     [sshd.c]
     initialise some fd variables to -1, djm@@ ok
   - djm@@cvs.openbsd.org 2004/06/30 08:36:59
     [session.c]
     unbreak TTY break, diagnosed by darren AT dazwin.com; ok markus@@

20040627
 - (tim) update README files.
 - (dtucker) [mdoc2man.awk] Bug #883: correctly recognise .Pa and .Ev macros.
 - (dtucker) [regress/README.regress] Document new variables.
 - (dtucker) [acconfig.h configure.ac sftp-server.c] Bug #823: add sftp
   rename handling for Linux which returns EPERM for link() on (at least some)
   filesystems that do not support hard links.  sftp-server will fall back to
   stat+rename() in such cases.
 - (dtucker) [openbsd-compat/port-aix.c] Missing __func__.

20040626
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2004/06/25 18:43:36
     [sshd.c]
     fix broken fd handling in the re-exec fallback path, particularly when
     /dev/crypto is in use; ok deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2004/06/25 23:21:38
     [sftp.c]
     bz #875: fix bad escape char error message; reported by f_mohr AT yahoo.de

20040625
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2004/06/24 19:30:54
     [servconf.c servconf.h sshd.c]
     re-exec sshd on accept(); initial work, final debugging and ok markus@@
   - djm@@cvs.openbsd.org 2004/06/25 01:16:09
     [sshd.c]
     only perform tcp wrappers checks when the incoming connection is on a
     socket.  silences useless warnings from regress tests that use
     proxycommand="sshd -i".  prompted by david@@ ok markus@@
   - djm@@cvs.openbsd.org 2004/06/24 19:32:00
     [regress/Makefile regress/test-exec.sh, added regress/reexec.sh]
     regress test for re-exec corner cases
   - djm@@cvs.openbsd.org 2004/06/25 01:25:12
     [regress/test-exec.sh]
     clean reexec-specific junk out of text-exec.sh and simplify; idea markus@@
   - dtucker@@cvs.openbsd.org 2004/06/25 05:38:48
     [sftp-server.c]
     Fall back to stat+rename if filesystem doesn't doesn't support hard
     links.  bz#823, ok djm@@
 - (dtucker) [configure.ac openbsd-compat/misc.c [openbsd-compat/misc.h]
   Add closefrom() for platforms that don't have it.
 - (dtucker) [sshd.c] add line missing from reexec sync.

20040623
 - (dtucker) [auth1.c] Ensure do_pam_account is called for Protocol 1
   connections with empty passwords.  Patch from davidwu at nbttech.com,
   ok djm@@
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2004/06/22 22:42:02
     [regress/envpass.sh]
     Add quoting for test -z; ok markus@@
   - dtucker@@cvs.openbsd.org 2004/06/22 22:45:52
     [regress/test-exec.sh]
     Add TEST_SSH_SSHD_CONFOPTS and TEST_SSH_SSH_CONFOPTS to allow adding
     arbitary options to sshd_config and ssh_config during tests.  ok markus@@
   - dtucker@@cvs.openbsd.org 2004/06/22 22:55:56
     [regress/dynamic-forward.sh regress/test-exec.sh]
     Allow setting of port for regress from TEST_SSH_PORT variable; ok markus@@
   - mouring@@cvs.openbsd.org 2004/06/23 00:39:38
     [rijndael.c]
     -Wshadow fix up s/encrypt/do_encrypt/.  OK djm@@, markus@@
   - dtucker@@cvs.openbsd.org 2004/06/23 14:31:01
     [ssh.c]
     Fix counting in master/slave when passing environment variables; ok djm@@
 - (dtucker) [cipher.c] encrypt->do_encrypt inside SSH_OLD_EVP to match
   -Wshadow change.
 - (bal) [Makefile.in] Remove opensshd.init on 'make distclean'
 - (dtucker) [auth.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]
   Move loginrestrictions test to port-aix.c, replace with a generic hook.
 - (tim) [regress/try-ciphers.sh] "if ! some_command" is not portable.
 - (bal) [contrib/README] Removed "mdoc2man.pl" reference and added
   reference to "findssl.sh"

20040622
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2004/06/20 17:36:59
     [ssh.c]
     filter passed env vars at slave in connection sharing case; ok markus@@
   - djm@@cvs.openbsd.org 2004/06/20 18:53:39
     [sftp.c]
     make "ls -l" listings print user/group names, add "ls -n" to show uid/gid
     (like /bin/ls); idea & ok markus@@
   - djm@@cvs.openbsd.org 2004/06/20 19:28:12
     [sftp.1]
     mention new -n flag
   - avsm@@cvs.openbsd.org 2004/06/21 17:36:31
     [auth-rsa.c auth2-gss.c auth2-pubkey.c authfile.c canohost.c channels.c
     cipher.c dns.c kex.c monitor.c monitor_fdpass.c monitor_wrap.c
     monitor_wrap.h nchan.c packet.c progressmeter.c scp.c sftp-server.c sftp.c
     ssh-gss.h ssh-keygen.c ssh.c sshconnect.c sshconnect1.c sshlogin.c
     sshpty.c]
     make ssh -Wshadow clean, no functional changes
     markus@@ ok
   - djm@@cvs.openbsd.org 2004/06/21 17:53:03
     [session.c]
     fix fd leak for multiple subsystem connections; with markus@@
   - djm@@cvs.openbsd.org 2004/06/21 22:02:58
     [log.h]
     mark fatal and cleanup exit as __dead; ok markus@@
   - djm@@cvs.openbsd.org 2004/06/21 22:04:50
     [sftp.c]
     introduce sorting for ls, same options as /bin/ls; ok markus@@
   - djm@@cvs.openbsd.org 2004/06/21 22:30:45
     [sftp.c]
     prefix ls option flags with LS_
   - djm@@cvs.openbsd.org 2004/06/21 22:41:31
     [sftp.1]
     document sort options
   - djm@@cvs.openbsd.org 2004/06/22 01:16:39
     [sftp.c]
     don't show .files by default in ls, add -a option to turn them back on;
     ok markus
   - markus@@cvs.openbsd.org 2004/06/22 03:12:13
     [regress/envpass.sh regress/multiplex.sh]
     more portable env passing tests
   - dtucker@@cvs.openbsd.org 2004/06/22 05:05:45
     [monitor.c monitor_wrap.c]
     Change login->username, will prevent -Wshadow errors in Portable;
     ok markus@@
 - (dtucker) [monitor.c] Fix Portable-specific -Wshadow warnings on "socket".
 - (dtucker) [defines.h] Define __dead if not already defined.
 - (bal) [auth-passwd.c auth1.c] Clean up unused variables.

20040620
 - (tim) [configure.ac Makefile.in] Only change TEST_SHELL on broken platforms.

20040619
 - (dtucker) [auth-pam.c] Don't use PAM namespace for
    pam_password_change_required either.
 - (tim) [configure.ac buildpkg.sh.in contrib/solaris/README] move opensshd
   init script to top level directory.  Add opensshd.init.in.
   Remove contrib/solaris/buildpkg.sh, contrib/solaris/opensshd.in

20040618
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2004/06/17 14:52:48
     [clientloop.c clientloop.h ssh.c]
     support environment passing over shared connections; ok markus@@
   - djm@@cvs.openbsd.org 2004/06/17 15:10:14
     [clientloop.c misc.h readconf.c readpass.c ssh.c ssh_config.5]
     Add option for confirmation (ControlMaster=ask) via ssh-askpass before 
     opening shared connections; ok markus@@
   - djm@@cvs.openbsd.org 2004/06/17 14:53:27
     [regress/multiplex.sh]
     shared connection env passing regress test
 - (dtucker) [regress/README.regress] Add detail on how to run a single
   test from the top-level Makefile.
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2004/06/17 23:56:57
     [ssh.1 ssh.c]
     sync usage() and SYNPOSIS with connection sharing changes
   - dtucker@@cvs.openbsd.org 2004/06/18 06:13:25
     [sftp.c]
     Use execvp instead of execv so sftp -S ssh works.  "makes sense" markus@@
   - dtucker@@cvs.openbsd.org 2004/06/18 06:15:51
     [multiplex.sh]
     Use -S for scp/sftp to force the use of the ssh being tested.
     ok djm@@,markus@@
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2004/06/18 10:40:19
     [ssh.c]
     delay signal handler setup until we have finished talking to the master.
     allow interrupting of setup (e.g. if master is stuck); ok markus@@
   - markus@@cvs.openbsd.org 2004/06/18 10:55:43
     [ssh.1 ssh.c]
     trim synopsis for -S, allow -S and -oControlMaster, -MM means 'ask';
     ok djm
   - djm@@cvs.openbsd.org 2004/06/18 11:11:54
     [channels.c clientloop.c]
     Don't explode in clientloop when we receive a bogus channel id, but
     also don't generate them to begin with; ok markus@@

20040617
 - (dtucker) [regress/scp.sh] diff -N is not portable (but needed for some
   platforms), so test if diff understands it.  Pointed out by tim@@, ok djm@@
 - (dtucker) OpenBSD CVS Sync regress/
   - dtucker@@cvs.openbsd.org 2004/06/17 05:51:59
     [regress/multiplex.sh]
     Remove datafile between and after tests, kill sshd rather than wait;
     ok djm@@
   - dtucker@@cvs.openbsd.org 2004/06/17 06:00:05
     [regress/multiplex.sh]
     Use DATA and COPY for test data rather than hard-coded paths; ok djm@@
   - dtucker@@cvs.openbsd.org 2004/06/17 06:19:06
     [regress/multiplex.sh]
     Add small description of failing test to failure message; ok djm@@
 - (dtucker) [regress/multiplex.sh] add EXEEXT for those platforms that need
   it.
 - (dtucker) [regress/multiplex.sh] Increase sleep time to 120 sec (60 is not
   enough for slow systems, especially if they don't have a kernel RNG).

20040616
 - (dtucker) [openbsd-compat/port-aix.c] Expand whitespace -> tabs. No
   code changes.
 - (dtucker) OpenBSD CVS Sync regress/
   - djm@@cvs.openbsd.org 2004/04/27 09:47:30
     [regress/Makefile regress/test-exec.sh, added regress/envpass.sh]
     regress test for environment passing, SendEnv & AcceptEnv options;
     ok markus@@
   - dtucker@@cvs.openbsd.org 2004/06/13 13:51:02
     [regress/Makefile regress/test-exec.sh, added regress/scp-ssh-wrapper.sh
     regress/scp.sh]
     Add scp regression test; with & ok markus@@
   - djm@@cvs.openbsd.org 2004/06/13 15:04:08
     [regress/Makefile regress/test-exec.sh, added regress/envpass.sh]
     regress test for client multiplexing; ok markus@@
   - djm@@cvs.openbsd.org 2004/06/13 15:16:54
     [regress/test-exec.sh]
     remove duplicate setting of $SCP; spotted by markus@@
   - dtucker@@cvs.openbsd.org 2004/06/16 13:15:09
     [regress/scp.sh]
     Make scp -r tests use diff -rN not cmp (which won't do dirs.  ok markus@@
   - dtucker@@cvs.openbsd.org 2004/06/16 13:16:40
     [regress/multiplex.sh]
     Silence multiplex sftp and scp tests.  ok markus@@
 - (dtucker) [regress/test-exec.sh]
   Move Portable-only StrictModes to top of list to make syncs easier.
 - (dtucker) [regress/README.regress]
   Add $TEST_SHELL to readme.

20040615
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2004/05/26 08:59:57
     [sftp.c]
     exit -> _exit in forked child on error; from andrushock AT korovino.net
   - markus@@cvs.openbsd.org 2004/05/26 23:02:39
     [channels.c]
     missing freeaddrinfo; Andrey Matveev
   - dtucker@@cvs.openbsd.org 2004/05/27 00:50:13
     [readconf.c]
     Kill dead code after fatal(); ok djm@@
   - dtucker@@cvs.openbsd.org 2004/06/01 14:20:45
     [auth2-chall.c]
     Remove redundant #include; ok markus@@
   - pedro@@cvs.openbsd.org 2004/06/03 12:22:20
     [sftp-client.c sftp.c]
     initialize pointers, ok markus@@
   - djm@@cvs.openbsd.org 2004/06/13 12:53:24
     [dh.c dh.h kex.c kex.h kexdhc.c kexdhs.c monitor.c myproposal.h] 
     [ssh-keyscan.c sshconnect2.c sshd.c]
     implement diffie-hellman-group14-sha1 kex method (trivial extension to
     existing diffie-hellman-group1-sha1); ok markus@@
   - dtucker@@cvs.openbsd.org 2004/06/13 14:01:42
     [ssh.1 ssh_config.5 sshd_config.5]
     List supported ciphers in man pages, tidy up ssh -c;
     "looks fine" jmc@@, ok markus@@
   - djm@@cvs.openbsd.org 2004/06/13 15:03:02
     [channels.c channels.h clientloop.c clientloop.h includes.h readconf.c] 
     [readconf.h scp.1 sftp.1 ssh.1 ssh.c ssh_config.5]
     implement session multiplexing in the client (the server has supported 
     this since 2.0); ok markus@@
   - djm@@cvs.openbsd.org 2004/06/14 01:44:39
     [channels.c clientloop.c misc.c misc.h packet.c ssh-agent.c ssh-keyscan.c]
     [sshd.c]
     set_nonblock() instead of fnctl(...,O_NONBLOCK); "looks sane" deraadt@@
   - djm@@cvs.openbsd.org 2004/06/15 05:45:04
     [clientloop.c]
     missed one unset_nonblock; spotted by Tim Rice
 - (djm) Fix Makefile.in for connection sharing changes
 - (djm) [ssh.c] Use separate var for address length

20040603
 - (dtucker) [auth-pam.c] Don't use pam_* namespace for sshd's PAM functions.
   ok djm@@

20040601
 - (djm) [auth-pam.c] Add copyright for local changes

20040530
 - (dtucker) [auth-pam.c auth-pam.h auth-passwd.c] Bug #874: Re-add PAM 
   support for PasswordAuthentication=yes.  ok djm@@
 - (dtucker) [auth-pam.c] Use an invalid password for root if
   PermitRootLogin != yes or the login is invalid, to prevent leaking
   information.  Based on Openwall's owl-always-auth patch.  ok djm@@
 - (tim) [configure.ac Makefile.in] Add support for "make package" ok djm@@
 - (tim) [buildpkg.sh.in] New file. A more flexible version of
   contrib/solaris/buildpkg.sh used for "make package".
 - (tim) [buildpkg.sh.in] Last minute fix didn't make it in the .in file.

20040527
 - (dtucker) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec
   contrib/README CREDITS INSTALL] Bug #873: Correct URLs for x11-ssh-askpass
   and Jim Knoble's email address , from Jim himself.

20040524
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2004/05/19 12:17:33
     [sftp-client.c sftp.c]
     gracefully abort transfers on receipt of SIGINT, also ignore SIGINT while
     waiting for a command; ok markus@@
   - dtucker@@cvs.openbsd.org 2004/05/20 10:58:05
     [clientloop.c]
     Trivial type fix 0 -> '\0'; ok markus@@
   - markus@@cvs.openbsd.org 2004/05/21 08:43:03
     [kex.h moduli.c tildexpand.c]
     add prototypes for -Wall; ok djm
   - djm@@cvs.openbsd.org 2004/05/21 11:33:11
     [channels.c channels.h clientloop.c serverloop.c ssh.1]
     bz #756: add support for the cancel-tcpip-forward request for the server
     and the client (through the ~C commandline). reported by z3p AT
     twistedmatrix.com; ok markus@@
   - djm@@cvs.openbsd.org 2004/05/22 06:32:12
     [clientloop.c ssh.1]
     use '-h' for help in ~C commandline instead of '-?'; inspired by jmc@@
   - jmc@@cvs.openbsd.org 2004/05/22 16:01:05
     [ssh.1]
     kill whitespace at eol;
   - dtucker@@cvs.openbsd.org 2004/05/23 23:59:53
     [auth.c auth.h auth1.c auth2.c servconf.c servconf.h sshd_config
     sshd_config.5]
     Add MaxAuthTries sshd config option; ok markus@@
 - (dtucker) [auth-pam.c] Bug #839: Ensure that pam authentication "thread"
   is terminated if the privsep slave exits during keyboard-interactive
   authentication.  ok djm@@
 - (dtucker) [sshd.c] Fix typo in comment.

20040523
 - (djm) [sshd_config] Explain consequences of UsePAM=yes a little better in 
   sshd_config; ok dtucker@@
 - (djm) [configure.ac] Warn if the system has no known way of figuring out 
   which user is on the other end of a Unix domain socket; ok dtucker@@
 - (bal) [openbsd-compat/sys-queue.h] Reintroduce machinary to handle
   old/broken/incomplete <sys/queue.h>.

20040513
 - (dtucker) [configure.ac] Bug #867: Additional tests for res_query in
   libresolv, fixes problems detecting it on some platforms
   (eg Linux/x86-64).  From Kurt Roeckx via Debian, ok mouring@@
 - (dtucker) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2004/05/04 18:36:07
     [scp.1]
     SendEnv here too;
   - jmc@@cvs.openbsd.org 2004/05/06 11:24:23
     [ssh_config.5]
     typo from John Cosimano (PR 3770);
   - deraadt@@cvs.openbsd.org 2004/05/08 00:01:37
     [auth.c clientloop.c misc.h servconf.c ssh.c sshpty.h sshtty.c
     tildexpand.c], removed: sshtty.h tildexpand.h
     make two tiny header files go away; djm ok
   - djm@@cvs.openbsd.org 2004/05/08 00:21:31
     [clientloop.c misc.h readpass.c scard.c ssh-add.c ssh-agent.c ssh-keygen.c
     sshconnect.c sshconnect1.c sshconnect2.c] removed: readpass.h
     kill a tiny header; ok deraadt@@
   - djm@@cvs.openbsd.org 2004/05/09 00:06:47
     [moduli.c ssh-keygen.c] removed: moduli.h
     zap another tiny header; ok deraadt@@
   - djm@@cvs.openbsd.org 2004/05/09 01:19:28
     [OVERVIEW auth-rsa.c auth1.c kex.c monitor.c session.c sshconnect1.c
     sshd.c] removed: mpaux.c mpaux.h
     kill some more tiny files; ok deraadt@@
   - djm@@cvs.openbsd.org 2004/05/09 01:26:48
     [kex.c]
     don't overwrite what we are trying to compute
   - deraadt@@cvs.openbsd.org 2004/05/11 19:01:43
     [auth.c auth2-none.c authfile.c channels.c monitor.c monitor_mm.c
     packet.c packet.h progressmeter.c session.c openbsd-compat/xmmap.c]
     improve some code lint did not like; djm millert ok
   - dtucker@@cvs.openbsd.org 2004/05/13 02:47:50
     [ssh-agent.1]
     Add examples to ssh-agent.1, bz#481 from Ralf Hauser; ok deraadt@@
 - (dtucker) [sshd.8] Bug #843: Add warning about PasswordAuthentication to
   UsePAM section.  Parts from djm@@ and jmc@@.
 - (dtucker) [auth-pam.c scard-opensc.c] Tinderbox says auth-pam.c uses
   readpass.h, grep says scard-opensc.c does too.  Replace with misc.h.
 - (dtucker) [openbsd-compat/getrrsetbyname.c] Check that HAVE_DECL_H_ERROR
   is defined before using.
 - (dtucker) [openbsd-compat/getrrsetbyname.c] Fix typo too: HAVE_DECL_H_ERROR
   -> HAVE_DECL_H_ERRNO.

20040502
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2004/04/22 11:56:57
     [moduli.c]
     Bugzilla #850: Sophie Germain is the correct name of the French
     mathematician, "Sophie Germaine" isn't; from Luc.Maisonobe@@c-s.fr
   - djm@@cvs.openbsd.org 2004/04/27 09:46:37
     [readconf.c readconf.h servconf.c servconf.h session.c session.h ssh.c
     ssh_config.5 sshd_config.5]
     bz #815: implement ability to pass specified environment variables from
     the client to the server; ok markus@@
   - djm@@cvs.openbsd.org 2004/04/28 05:17:10
     [ssh_config.5 sshd_config.5]
     manpage fixes in envpass stuff from Brian Poole (raj AT cerias.purdue.edu)
   - jmc@@cvs.openbsd.org 2004/04/28 07:02:56
     [sshd_config.5]
     remove unnecessary .Pp;
   - jmc@@cvs.openbsd.org 2004/04/28 07:13:42
     [sftp.1 ssh.1]
     add SendEnv to -o list;
   - dtucker@@cvs.openbsd.org 2004/05/02 11:54:31
     [sshd.8]
     Man page grammar fix (bz #858), from damerell at chiark.greenend.org.uk
     via Debian; ok djm@@
   - dtucker@@cvs.openbsd.org 2004/05/02 11:57:52
     [ssh.1]
     ConnectionTimeout -> ConnectTimeout, from m.a.ellis at ncl.ac.uk via
     Debian.  ok djm@@
   - dtucker@@cvs.openbsd.org 2004/05/02 23:02:17
     [sftp.1]
     ConnectionTimeout -> ConnectTimeout here too, pointed out by jmc@@
   - dtucker@@cvs.openbsd.org 2004/05/02 23:17:51
     [scp.1]
     ConnectionTimeout -> ConnectTimeout for scp.1 too.

20040423
 - (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Declare h_errno
   as extern int if not already declared.  Fixes compile errors on old SCO
   platforms.  ok tim@@
 - (dtucker) [README.platform] List prereqs for building on Cygwin.

20040421
 - (djm) Update config.guess and config.sub to autoconf-2.59 versions; ok tim@@

20040420
 - (djm) OpenBSD CVS Sync
   - henning@@cvs.openbsd.org 2004/04/08 16:08:21
     [sshconnect2.c]
     swap the last two parameters to TAILQ_FOREACH_REVERSE. matches what
     FreeBSD and NetBSD do.
     ok millert@@ mcbride@@ markus@@ ho@@, checked to not affect ports by naddy@@
   - djm@@cvs.openbsd.org 2004/04/18 23:10:26
     [readconf.c readconf.h ssh-keysign.c ssh.c]
     perform strict ownership and modes checks for ~/.ssh/config files, 
     as these can be used to execute arbitrary programs; ok markus@@
     NB. ssh will now exit when it detects a config with poor permissions
   - djm@@cvs.openbsd.org 2004/04/19 13:02:40
     [ssh.1 ssh_config.5]
     document strict permission checks on ~/.ssh/config; prompted by, 
     with & ok jmc@@
   - jmc@@cvs.openbsd.org 2004/04/19 16:12:14
     [ssh_config.5]
     kill whitespace at eol;
   - djm@@cvs.openbsd.org 2004/04/19 21:51:49
     [ssh.c]
     fix idiot typo that i introduced in my last commit;
     spotted by cschneid AT cschneid.com
 - (djm) [openbsd-compat/sys-queue.h] Sync with OpenBSD, needed for 
   above change
 - (djm) [configure.ac] Check whether libroken is required when building 
   with Heimdal

20040419
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2004/02/29 22:04:45
     [regress/login-timeout.sh]
     Use sudo when restarting daemon during test.  ok markus@@
   - dtucker@@cvs.openbsd.org 2004/03/08 10:17:12
     [regress/login-timeout.sh]
     Missing OBJ, from tim@@.  ok markus@@ (Already fixed, ID sync only)
   - djm@@cvs.openbsd.org 2004/03/30 12:41:56
     [sftp-client.c]
     sync comment with reality
   - djm@@cvs.openbsd.org 2004/03/31 21:58:47
     [canohost.c]
     don't skip ip options check when UseDNS=no; ok markus@@ (ID sync only)
   - markus@@cvs.openbsd.org 2004/04/01 12:19:57
     [scp.c]
     limit trust between local and remote rcp/scp process,
     noticed by lcamtuf; ok deraadt@@, djm@@

d7 1
d986 1
a986 1
$Id: ChangeLog,v 1.3517 2004/08/17 12:50:40 djm Exp $
@


1.1.1.9
log
@Vendor import of OpenSSH 4.0p1.
@
text
@a0 667
20050309
 - (dtucker) [regress/test-exec.sh] Set BIN_SH=xpg4 on OSF1/Digital Unix/Tru64
   so that regress tests behave.  From Chris Adams.
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2005/03/07 23:41:54
     [ssh.1 ssh_config.5]
     more macro simplification;
   - djm@@cvs.openbsd.org 2005/03/08 23:49:48
     [version.h]
     OpenSSH 4.0
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] 
   [contrib/suse/openssh.spec] Update spec file versions
 - (djm) [log.c] Fix dumb syntax error; ok dtucker@@
 - (djm) Release OpenSSH 4.0p1

20050307
 - (dtucker) [configure.ac] Disable gettext search when configuring with
   BSM audit support for the time being.  ok djm@@
 - (dtucker) OpenBSD CVS Sync (regress/)
   - fgsch@@cvs.openbsd.org 2004/12/10 01:31:30
     [Makefile sftp-glob.sh]
     some globbing regress; prompted and ok djm@@
   - david@@cvs.openbsd.org 2005/01/14 04:21:18
     [Makefile test-exec.sh]
     pass the SUDO make variable to the individual sh tests; ok dtucker@@ markus@@
   - dtucker@@cvs.openbsd.org 2005/02/27 11:33:30
     [multiplex.sh test-exec.sh sshd-log-wrapper.sh]
     Add optional capability to log output from regress commands; ok markus@@
     Use with: make TEST_SSH_LOGFILE=/tmp/regress.log
   - djm@@cvs.openbsd.org 2005/02/27 23:13:36
     [login-timeout.sh]
     avoid nameservice lookups in regress test; ok dtucker@@
   - djm@@cvs.openbsd.org 2005/03/04 08:48:46
     [Makefile envpass.sh]
     regress test for SendEnv config parsing bug; ok dtucker@@
 - (dtucker) [regress/test-exec.sh] Put SUDO in the right place.
 - (tim) [configure.ac] SCO 3.2v4.2 no longer supported.

20050306
 - (dtucker) [monitor.c] Bug #125 comment #47: fix errors returned by monitor
   when attempting to audit disconnect events.  Reported by Phil Dibowitz.
 - (dtucker) [session.c sshd.c] Bug #125 comment #49: Send disconnect audit
   events earlier, prevents mm_request_send errors reported by Matt Goebel.

20050305
 - (djm) [contrib/cygwin/README] Improve Cygwin build documentation. Patch 
   from vinschen at redhat.com
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2005/03/02 11:45:01
     [ssh.1]
     missing word;
   - djm@@cvs.openbsd.org 2005/03/04 08:48:06
     [readconf.c]
     fix SendEnv config parsing bug found by Roumen Petrov; ok dtucker@@

20050302
 - (djm) OpenBSD CVS sync:
   - jmc@@cvs.openbsd.org 2005/03/01 14:47:58
     [ssh.1]
     remove some unneccesary macros;
     do not mark up punctuation;
   - jmc@@cvs.openbsd.org 2005/03/01 14:55:23
     [ssh_config.5]
     do not mark up punctuation;
     whitespace;
   - jmc@@cvs.openbsd.org 2005/03/01 14:59:49
     [sshd.8]
     new sentence, new line;
     whitespace;
   - jmc@@cvs.openbsd.org 2005/03/01 15:05:00
     [ssh-keygen.1]
     whitespace;
   - jmc@@cvs.openbsd.org 2005/03/01 15:47:14
     [ssh-keyscan.1 ssh-keyscan.c]
     sort options and sync usage();
   - jmc@@cvs.openbsd.org 2005/03/01 17:19:35
     [scp.1 sftp.1]
     add HashKnownHosts to -o list;
     ok markus@@
   - jmc@@cvs.openbsd.org 2005/03/01 17:22:06
     [ssh.c]
     sync usage() w/ man SYNOPSIS;
     ok markus@@
   - jmc@@cvs.openbsd.org 2005/03/01 17:32:19
     [ssh-add.1]
     sort options;
   - jmc@@cvs.openbsd.org 2005/03/01 18:15:56
     [ssh-keygen.1]
     sort options (no attempt made at synopsis clean up though);
     spelling (occurance -> occurrence);
     use prompt before examples;
     grammar;
   - djm@@cvs.openbsd.org 2005/03/02 01:00:06
     [sshconnect.c]
     fix addition of new hashed hostnames when CheckHostIP=yes;
     found and ok dtucker@@
   - djm@@cvs.openbsd.org 2005/03/02 01:27:41
     [ssh-keygen.c]
     ignore hostnames with metachars when hashing; ok deraadt@@
   - djm@@cvs.openbsd.org 2005/03/02 02:21:07
     [ssh.1]
     bz#987: mention ForwardX11Trusted in ssh.1,
     reported by andrew.benham AT thus.net; ok deraadt@@
 - (tim) [regress/agent-ptrace.sh] add another possible gdb error.

20050301
 - (djm) OpenBSD CVS sync:
   - otto@@cvs.openbsd.org 2005/02/16 09:56:44
     [ssh.c]
     Better diagnostic if an identity file is not accesible. ok markus@@ djm@@
   - djm@@cvs.openbsd.org 2005/02/18 03:05:53
     [canohost.c]
     better error messages for getnameinfo failures; ok dtucker@@
   - djm@@cvs.openbsd.org 2005/02/20 22:59:06
     [sftp.c]
     turn on ssh batch mode when in sftp batch mode, patch from 
     jdmossh AT nand.net;
     ok markus@@
   - jmc@@cvs.openbsd.org 2005/02/25 10:55:13
     [sshd.8]
     add /etc/motd and $HOME/.hushlogin to FILES;
     from michael knudsen;
   - djm@@cvs.openbsd.org 2005/02/28 00:54:10
     [ssh_config.5]
     bz#849: document timeout on untrusted x11 forwarding sessions. Reported by
     orion AT cora.nwra.com; ok markus@@
   - djm@@cvs.openbsd.org 2005/03/01 10:09:52
     [auth-options.c channels.c channels.h clientloop.c compat.c compat.h]
     [misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5]
     [sshd_config.5]
     bz#413: allow optional specification of bind address for port forwardings.
     Patch originally by Dan Astorian, but worked on by several people
     Adds GatewayPorts=clientspecified option on server to allow remote 
     forwards to bind to client-specified ports.
   - djm@@cvs.openbsd.org 2005/03/01 10:40:27
     [hostfile.c hostfile.h readconf.c readconf.h ssh.1 ssh_config.5]
     [sshconnect.c sshd.8]
     add support for hashing host names and addresses added to known_hosts
     files, to improve privacy of which hosts user have been visiting; ok 
     markus@@ deraadt@@
   - djm@@cvs.openbsd.org 2005/03/01 10:41:28
     [ssh-keyscan.1 ssh-keyscan.c]
     option to hash hostnames output by ssh-keyscan; ok markus@@ deraadt@@
   - djm@@cvs.openbsd.org 2005/03/01 10:42:49
     [ssh-keygen.1 ssh-keygen.c ssh_config.5]
     add tools for managing known_hosts files with hashed hostnames, including
     hashing existing files and deleting hosts by name; ok markus@@ deraadt@@

20050226
 - (dtucker) [openbsd-compat/bsd-openpty.c openbsd-compat/inet_ntop.c]
   Remove two obsolete Cygwin #ifdefs.  Patch from vinschen at redhat.com.
 - (dtucker) [acconfig.h configure.ac openbsd-compat/bsd-misc.{c,h}]
   Remove SETGROUPS_NOOP, was only used by Cygwin, which doesn't need it any
   more.  Patch from vinschen at redhat.com.
 - (dtucker) [Makefile.in] Add a install-nosysconf target for installing the
   binaries without the config files.  Primarily useful for packaging.
   Patch from phil at usc.edu.  ok djm@@

20050224
 - (djm) [configure.ac] in_addr_t test needs sys/types.h too

20050222
 - (dtucker) [uidswap.c] Skip uid restore test on Cygwin.  Patch from
   vinschen at redhat.com.

20050220
 - (dtucker) [LICENCE Makefile.in README.platform audit-bsm.c configure.ac
   defines.h] Bug #125: Add *EXPERIMENTAL* BSM audit support.  Configure
   --with-audit=bsm to enable.  Patch originally from Sun Microsystems,
   parts by John R. Jackson.  ok djm@@
 - (dtucker) [configure.ac] Missing comma in AIX section, somehow causes
   unrelated platforms to be configured incorrectly.

20050216
 - (djm) write seed to temporary file and atomically rename into place; 
   ok dtucker@@
 - (dtucker) [ssh-rand-helper.c] Provide seed_rng since it may be called
   via mkstemp in some configurations.  ok djm@@
 - (dtucker) [auth-shadow.c] Prevent compiler warnings if "DAY" is defined
   by the system headers.
 - (dtucker) [configure.ac] Bug #893: check for libresolv early on Reliant
   Unix; prevents problems relating to the location of -lresolv in the
   link order.
 - (dtucker) [session.c] Bug #918: store credentials from gssapi-with-mic
   authentication early enough to be available to PAM session modules when
   privsep=yes.  Patch from deengert at anl.gov, ok'ed in principle by Sam
   Hartman and similar to Debian's ssh-krb5 package.
 - (dtucker) [configure.ac openbsd-compat/port-aix.{c,h}] Silence some more
   compiler warnings on AIX.

20050215
 - (dtucker) [config.sh.in] Collect oslevel -r too.
 - (dtucker) [README.platform auth.c configure.ac loginrec.c
   openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Bug #835: enable IPv6
   on AIX where possible (see README.platform for details) and work around
   a misfeature of AIX's getnameinfo.  ok djm@@
 - (dtucker) [loginrec.c] Add missing #include.

20050211
 - (dtucker) [configure.ac] Tidy up configure --help output.
 - (dtucker) [openbsd-compat/fake-rfc2553.h] We now need EAI_SYSTEM too.

20050210
 - (dtucker) [configure.ac] Bug #919: Provide visible feedback for the
   --disable-etc-default-login configure option.

20050209
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2005/01/28 09:45:53
     [ssh_config]
     Make it clear that the example entries in ssh_config are only some of the
     commonly-used options and refer the user to ssh_config(5) for more
     details; ok djm@@
   - jmc@@cvs.openbsd.org 2005/01/28 15:05:43
     [ssh_config.5]
     grammar;
   - jmc@@cvs.openbsd.org 2005/01/28 18:14:09
     [ssh_config.5]
     wording;
     ok markus@@
   - dtucker@@cvs.openbsd.org 2005/01/30 11:18:08
     [monitor.c]
     Make code match intent; ok djm@@
   - dtucker@@cvs.openbsd.org 2005/02/08 22:24:57
     [sshd.c]
     Provide reason in error message if getnameinfo fails; ok markus@@
 - (dtucker) [auth-passwd.c openbsd-compat/port-aix.c] Don't call
   disable_forwarding() from compat library. Prevent linker errrors trying
   to resolve it for binaries other than sshd.  ok djm@@
 - (dtucker) [configure.ac] Bug #854: prepend pwd to relative --with-ssl-dir
   paths.  ok djm@@
 - (dtucker) [configure.ac session.c] Some platforms (eg some SCO) require
   the username to be passed to the passwd command when changing expired
   passwords.  ok djm@@

20050208
 - (dtucker) [regress/test-exec.sh] Bug #912: Set _POSIX2_VERSION for the
   regress tests so newer versions of GNU head(1) behave themselves.  Patch
   by djm, so ok me.
 - (dtucker) [openbsd-compat/port-aix.c] Silence compiler warnings.
 - (dtucker) [audit.c audit.h auth.c auth1.c auth2.c loginrec.c monitor.c
   monitor_wrap.c monitor_wrap.h session.c sshd.c]: Prepend all of the audit
   defines and enums with SSH_ to prevent namespace collisions on some
   platforms (eg AIX).

20050204
 - (dtucker) [monitor.c] Permit INVALID_USER audit events from slave too.
 - (dtucker) [auth.c] Fix parens in audit log check.

20050202
 - (dtucker) [configure.ac openbsd-compat/realpath.c] Sync up with realpath
   rev 1.11 from OpenBSD and make it use fchdir if available.  ok djm@@
 - (dtucker) [auth.c loginrec.h openbsd-compat/{bsd-cray,port-aix}.{c,h}]
   Make record_failed_login() call provide hostname rather than having the
   implementations having to do lookups themselves.  Only affects AIX and
   UNICOS (the latter only uses the "user" parameter anyway).  ok djm@@
 - (dtucker) [session.c sshd.c] Bug #445: Propogate KRB5CCNAME if set to child
   the process.  Since we also unset KRB5CCNAME at startup, if it's set after
   authentication it must have been set by the platform's native auth system.
   This was already done for AIX; this enables it for the general case.
 - (dtucker) [auth.c canohost.c canohost.h configure.ac defines.h loginrec.c]
   Bug #974: Teach sshd to write failed login records to btmp for failed auth
   attempts (currently only for password, kbdint and C/R, only on Linux and
   HP-UX), based on code from login.c from util-linux. With ashok_kovai at
   hotmail.com, ok djm@@
 - (dtucker) [Makefile.in auth.c auth.h auth1.c auth2.c loginrec.c monitor.c
   monitor.h monitor_wrap.c monitor_wrap.h session.c sshd.c] Bug #125:
   (first stage) Add audit instrumentation to sshd, currently disabled by
   default.  with suggestions from and ok djm@@

20050201
 - (dtucker) [log.c] Bug #973: force log_init() to open syslog, since on some
   platforms syslog will revert to its default values.  This may result in
   messages from external libraries (eg libwrap) being sent to a different
   facility.
 - (dtucker) [sshd_config.5] Bug #701: remove warning about
   keyboard-interactive since this is no longer the case.

20050124
 - (dtucker) OpenBSD CVS Sync
   - otto@@cvs.openbsd.org 2005/01/21 08:32:02
     [auth-passwd.c sshd.c]
     Warn in advance for password and account expiry; initialize loginmsg
     buffer earlier and clear it after privsep fork. ok and help dtucker@@
     markus@@
   - dtucker@@cvs.openbsd.org 2005/01/22 08:17:59
     [auth.c]
     Log source of connections denied by AllowUsers, DenyUsers, AllowGroups and
     DenyGroups.  bz #909, ok djm@@
   - djm@@cvs.openbsd.org 2005/01/23 10:18:12
     [cipher.c]
     config option "Ciphers" should be case-sensitive; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2005/01/24 10:22:06
     [scp.c sftp.c]
     Have scp and sftp wait for the spawned ssh to exit before they exit
     themselves.  This prevents ssh from being unable to restore terminal
     modes (not normally a problem on OpenBSD but common with -Portable
     on POSIX platforms).  From peak at argo.troja.mff.cuni.cz (bz#950);
     ok djm@@ markus@@
   - dtucker@@cvs.openbsd.org 2005/01/24 10:29:06
     [moduli]
     Import new moduli; requested by deraadt@@ a week ago
   - dtucker@@cvs.openbsd.org 2005/01/24 11:47:13
     [auth-passwd.c]
     #if -> #ifdef so builds without HAVE_LOGIN_CAP work too; ok djm@@ otto@@

20050120
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2004/12/23 17:35:48
     [session.c]
     check for NULL; from mpech
   - markus@@cvs.openbsd.org 2004/12/23 17:38:07
     [ssh-keygen.c]
     leak; from mpech
   - djm@@cvs.openbsd.org 2004/12/23 23:11:00
     [servconf.c servconf.h sshd.c sshd_config sshd_config.5]
     bz #898: support AddressFamily in sshd_config. from
     peak@@argo.troja.mff.cuni.cz; ok deraadt@@
   - markus@@cvs.openbsd.org 2005/01/05 08:51:32
     [sshconnect.c]
     remove dead code, log connect() failures with level error, ok djm@@
   - jmc@@cvs.openbsd.org 2005/01/08 00:41:19
     [sshd_config.5]
     `login'(n) -> `log in'(v);
   - dtucker@@cvs.openbsd.org 2005/01/17 03:25:46
     [moduli.c]
     Correct spelling: SCHNOOR->SCHNORR; ok djm@@
   - dtucker@@cvs.openbsd.org 2005/01/17 22:48:39
     [sshd.c]
     Make debugging output continue after reexec; ok djm@@
   - dtucker@@cvs.openbsd.org 2005/01/19 13:11:47
     [auth-bsdauth.c auth2-chall.c]
     Have keyboard-interactive code call the drivers even for responses for
     invalid logins.  This allows the drivers themselves to decide how to
     handle them and prevent leaking information where possible.  Existing
     behaviour for bsdauth is maintained by checking authctxt->valid in the
     bsdauth driver.  Note that any third-party kbdint drivers will now need
     to be able to handle responses for invalid logins.  ok markus@@
   - djm@@cvs.openbsd.org 2004/12/22 02:13:19
     [cipher-ctr.c cipher.c]
     remove fallback AES support for old OpenSSL, as OpenBSD has had it for
     many years now; ok deraadt@@
     (Id sync only: Portable will continue to support older OpenSSLs)
 - (dtucker) [auth-pam.c] Bug #971: Prevent leaking information about user
   existence via keyboard-interactive/pam, in conjunction with previous
   auth2-chall.c change; with Colin Watson and djm.
 - (dtucker) [loginrec.h] Bug #952: Increase size of username field to 128
   bytes to prevent errors from login_init_entry() when the username is
   exactly 64 bytes(!) long.  From brhamon at cisco.com, ok djm@@
 - (dtucker) [auth-chall.c auth.h auth2-chall.c] Bug #936: Remove pam from
   the list of available kbdint devices if UsePAM=no.  ok djm@@

20050118
 - (dtucker) [INSTALL Makefile.in configure.ac survey.sh.in] Implement
   "make survey" and "make send-survey".  This will provide data on the
   configure parameters, platform and platform features to the development
   team, which will allow (among other things) better targetting of testing.
   It's entirely voluntary and is off be default. ok djm@@
 - (dtucker) [survey.sh.in] Remove any blank lines from the output of
   ccver-v and ccver-V.

20041220
 - (dtucker) [ssh-rand-helper.c] Fall back to command-based seeding if reading
   from prngd is enabled at compile time but fails at run time, eg because
   prngd is not running.  Note that if you have prngd running when OpenSSH is
   built, OpenSSL will consider itself internally seeded and rand-helper won't
   be built at all unless explicitly enabled via --with-rand-helper.  ok djm@@
 - (dtucker) [regress/rekey.sh] Touch datafile before filling with dd, since
   on some wacky platforms (eg old AIXes), dd will refuse to create an output
   file if it doesn't exist.

20041213
 - (dtucker) [contrib/findssh.sh] Clean up on interrupt; from
   amarendra.godbole at ge com.

20041211
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2004/12/06 16:00:43
     [bufaux.c]
     use 0x00 not \0 since buf[] is a bignum
   - fgsch@@cvs.openbsd.org 2004/12/10 03:10:42
     [sftp.c]
     - fix globbed ls for paths the same lenght as the globbed path when
       we have a unique matching.
     - fix globbed ls in case of a directory when we have a unique matching.
     - as a side effect, if the path does not exist error (used to silently
       ignore).
     - don't do extra do_lstat() if we only have one matching file.
     djm@@ ok
   - dtucker@@cvs.openbsd.org 2004/12/11 01:48:56
     [auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h]
     Fix debug call in error path of authorized_keys processing and fix related
     warnings; ok djm@@

20041208
 - (tim) [configure.ac] Comment some non obvious platforms in the
 target-specific case statement. Suggested and OK by dtucker@@

20041207
 - (dtucker) [regress/scp.sh] Use portable-friendly $DIFFOPTs in new test.

20041206
 - (dtucker) [TODO WARNING.RNG] Update to reflect current reality.  ok djm@@
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2004/11/25 22:22:14
     [sftp-client.c sftp.c]
     leak; from mpech
   - jmc@@cvs.openbsd.org 2004/11/29 00:05:17
     [sftp.1]
     missing full stop;
   - djm@@cvs.openbsd.org 2004/11/29 07:41:24
     [sftp-client.h sftp.c]
     Some small fixes from moritz@@jodeit.org. ok deraadt@@
   - jaredy@@cvs.openbsd.org 2004/12/05 23:55:07
     [sftp.1]
     - explain that patterns can be used as arguments in get/put/ls/etc
       commands (prodded by Michael Knudsen)
     - describe ls flags as a list
     - other minor improvements
     ok jmc, djm
   - dtucker@@cvs.openbsd.org 2004/12/06 11:41:03
     [auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h ssh.h sshd.8]
     Discard over-length authorized_keys entries rather than complaining when
     they don't decode.  bz #884, with & ok djm@@
 - (dtucker) OpenBSD CVS Sync (regress/)
   - djm@@cvs.openbsd.org 2004/06/26 06:16:07
     [reexec.sh]
     don't change the name of the copied sshd for the reexec fallback test,
     makes life simpler for portable
   - dtucker@@cvs.openbsd.org 2004/07/08 12:59:35
     [scp.sh]
     Regress test for bz #863 (scp double-error), requires $SUDO.  ok markus@@
   - david@@cvs.openbsd.org 2004/07/09 19:45:43
     [Makefile]
     add a missing CLEANFILES used in the re-exec test
   - djm@@cvs.openbsd.org 2004/10/08 02:01:50
     [reexec.sh]
     shrink and tidy; ok dtucker@@
   - djm@@cvs.openbsd.org 2004/10/29 23:59:22
     [Makefile added brokenkeys.sh]
     regression test for handling of corrupt keys in authorized_keys file
   - djm@@cvs.openbsd.org 2004/11/07 00:32:41
     [multiplex.sh]
     regression tests for new multiplex commands
   - dtucker@@cvs.openbsd.org 2004/11/25 09:39:27
     [test-exec.sh]
     Remove obsolete RhostsAuthentication from test config; ok markus@@
   - dtucker@@cvs.openbsd.org 2004/12/06 10:49:56
     [test-exec.sh]
     Check if TEST_SSH_SSHD is a full path to sshd before searching; ok markus@@

20041203
 - (dtucker) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2004/11/07 17:42:36
     [ssh.1]
     options sort, and whitespace;
   - jmc@@cvs.openbsd.org 2004/11/07 17:57:30
     [ssh.c]
     usage():
     - add -O
     - sync -S w/ manpage
     - remove -h
 - (dtucker) [auth1.c auth2.c] If the user successfully authenticates but is
   subsequently denied by the PAM auth stack, send the PAM message to the
   user via packet_disconnect (Protocol 1) or userauth_banner (Protocol 2).
   ok djm@@

20041107
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2004/11/05 12:19:56
     [sftp.c]
     command editing and history support via libedit; ok markus@@
     thanks to hshoexer@@ and many testers on tech@@ too
   - djm@@cvs.openbsd.org 2004/11/07 00:01:46
     [clientloop.c clientloop.h ssh.1 ssh.c]
     add basic control of a running multiplex master connection; including the
     ability to check its status and request it to exit; ok markus@@
 - (dtucker) [INSTALL Makefile.in configure.ac] Add --with-libedit configure
   option and supporting makefile bits and documentation.

20041105
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2004/08/30 09:18:08
     [LICENCE]
     s/keygen/keyscan/
   - jmc@@cvs.openbsd.org 2004/08/30 21:22:49
     [ssh-add.1 ssh.1]
     .Xsession -> .xsession;
     originally from a pr from f at obiit dot org, but missed by myself;
     ok markus@@ matthieu@@
   - djm@@cvs.openbsd.org 2004/09/07 23:41:30
     [clientloop.c ssh.c]
     cleanup multiplex control socket on SIGHUP too, spotted by sturm@@
     ok markus@@ deraadt@@
   - deraadt@@cvs.openbsd.org 2004/09/15 00:46:01
     [ssh.c]
     /* fallthrough */ is something a programmer understands.  But
     /* FALLTHROUGH */ is also understood by lint, so that is better.
   - jaredy@@cvs.openbsd.org 2004/09/15 03:25:41
     [sshd_config.5]
     mention PrintLastLog only prints last login time for interactive
     sessions, like PrintMotd mentions.
     From Michael Knudsen, with wording changed slightly to match the
     PrintMotd description.
     ok djm
   - mickey@@cvs.openbsd.org 2004/09/15 18:42:27
     [sshd.c]
     use less doubles in daemons; markus@@ ok
   - deraadt@@cvs.openbsd.org 2004/09/15 18:46:04
     [scp.c]
     scratch that do { } while (0) wrapper in this case
   - djm@@cvs.openbsd.org 2004/09/23 13:00:04
     [ssh.c]
     correctly honour -n in multiplex client mode; spotted by sturm@@ ok markus@@
   - djm@@cvs.openbsd.org 2004/09/25 03:45:14
     [sshd.c]
     these printf args are no longer double; ok deraadt@@ markus@@
   - djm@@cvs.openbsd.org 2004/10/07 10:10:24
     [scp.1 sftp.1 ssh.1 ssh_config.5]
     document KbdInteractiveDevices; ok markus@@
   - djm@@cvs.openbsd.org 2004/10/07 10:12:36
     [ssh-agent.c]
     don't unlink agent socket when bind() fails, spotted by rich AT
     rich-paul.net, ok markus@@
   - markus@@cvs.openbsd.org 2004/10/20 11:48:53
     [packet.c ssh1.h]
     disconnect for invalid (out of range) message types.
   - djm@@cvs.openbsd.org 2004/10/29 21:47:15
     [channels.c channels.h clientloop.c]
     fix some window size change bugs for multiplexed connections: windows sizes
     were not being updated if they had changed after ~^Z suspends and SIGWINCH
     was not being processed unless the first connection had requested a tty;
     ok markus
   - djm@@cvs.openbsd.org 2004/10/29 22:53:56
     [clientloop.c misc.h readpass.c ssh-agent.c]
     factor out common permission-asking code to separate function; ok markus@@
   - djm@@cvs.openbsd.org 2004/10/29 23:56:17
     [bufaux.c bufaux.h buffer.c buffer.h]
     introduce a new buffer API that returns an error rather than fatal()ing
     when presented with bad data; ok markus@@
   - djm@@cvs.openbsd.org 2004/10/29 23:57:05
     [key.c]
     use new buffer API to avoid fatal errors on corrupt keys in authorized_keys
     files; ok markus@@

20041102
 - (dtucker) [configure.ac includes.h] Bug #947: Fix compile error on HP-UX
   10.x by testing for conflicts in shadow.h and undef'ing _INCLUDE__STDC__
   only if a conflict is detected.

20041019
 - (dtucker) [uidswap.c] Don't test dropping of gids for the root user or
   on Cygwin.  Cygwin parts from vinschen at redhat com; ok djm@@

20041016
 - (djm) [auth-pam.c] snprintf->strl*, fix server message length calculations;
   ok dtucker@@

20041006
 - (dtucker) [README.privsep] Bug #939: update info about HP-UX Trusted Mode
   and other PAM platforms.
 - (dtucker) [monitor_mm.c openbsd-compat/xmmap.c] Bug #940: cast constants
   to void * to appease picky compilers (eg Tru64's "cc -std1").

20040930
 - (dtucker) [configure.ac] Set AC_PACKAGE_NAME.  ok djm@@

20040923
 - (dtucker) [openbsd-compat/bsd-snprintf.c] Previous change was off by one,
   which could have caused the justification to be wrong.  ok djm@@

20040921
 - (dtucker) [openbsd-compat/bsd-snprintf.c] Check for max length too.
   ok djm@@
 - (dtucker) [contrib/cygwin/ssh-host-config] Update to match current Cygwin
   install process.  Patch from vinschen at redhat.com.

20040912
 - (djm) [loginrec.c] Start KNF and tidy up of this long-neglected file.
   No change in resultant binary
 - (djm) [loginrec.c] __func__ifiy
 - (djm) [loginrec.c] xmalloc
 - (djm) [ssh.c sshd.c version.h] Don't divulge portable version in protocol
   banner. Suggested by deraadt@@, ok mouring@@, dtucker@@
 - (dtucker) [configure.ac] Fix incorrect quoting and tests for cross-compile.
   Partly by & ok djm@@.

20040911
 - (djm) [ssh-agent.c] unifdef some cygwin code; ok dtucker@@
 - (dtucker) [auth-pam.c auth-pam.h session.c] Bug #890: Send output from
   failing PAM session modules to user then exit, similar to the way
   /etc/nologin is handled.  ok djm@@
 - (dtucker) [auth-pam.c] Relocate sshpam_store_conv(), no code change.
 - (djm) [auth2-kbdint.c auth2-none.c  auth2-passwd.c auth2-pubkey.c] 
   Make cygwin code more consistent with that which surrounds it
 - (dtucker) [auth-pam.c auth.h auth2-none.c auth2.c monitor.c monitor_wrap.c]
   Bug #892: Send messages from failing PAM account modules to the client via
   SSH2_MSG_USERAUTH_BANNER messages.  Note that this will not happen with
   SSH2 kbdint authentication, which need to be dealt with separately.  ok djm@@
 - (dtucker) [session.c] Bug #927: make .hushlogin silent again.  ok djm@@
 - (dtucker) [configure.ac] Bug #321: Add cross-compile support to configure.
   Parts by chua at ayrnetworks.com, astrand at lysator.liu.se and me.  ok djm@@
 - (dtucker) [auth-krb5.c] Bug #922: Pass KRB5CCNAME to PAM.  From deengert
   at anl.gov, ok djm@@

20040830
 - (dtucker) [session.c openbsd-compat/bsd-cygwin_util.{c,h}] Bug #915: only
   copy required environment variables on Cygwin.  Patch from vinschen at
   redhat.com, ok djm@@
 - (dtucker) [regress/Makefile] Clean scp-ssh-wrapper.scp too.  Patch from
   vinschen at redhat.com.
 - (dtucker) [Makefile.in contrib/ssh-copy-id] Bug #894: Improve portability
   of shell constructs.  Patch from cjwatson at debian.org.

20040829
 - (dtucker) [openbsd-compat/getrrsetbyname.c] Prevent getrrsetbyname from
   failing with NOMEMORY if no sigs are returned and malloc(0) returns NULL.
   From Martin.Kraemer at Fujitsu-Siemens.com; ok djm@@
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2004/08/23 11:48:09
     [authfile.c]
     fix error path, spotted by Martin.Kraemer AT Fujitsu-Siemens.com; ok markus
   - djm@@cvs.openbsd.org 2004/08/23 11:48:47
     [channels.c]
     typo, spotted by Martin.Kraemer AT Fujitsu-Siemens.com; ok markus
   - dtucker@@cvs.openbsd.org 2004/08/23 14:26:38
     [ssh-keysign.c ssh.c]
     Use permanently_set_uid() in ssh and ssh-keysign for consistency, matches
     change in Portable; ok markus@@ (CVS ID sync only)
   - dtucker@@cvs.openbsd.org 2004/08/23 14:29:23
     [ssh-keysign.c]
     Remove duplicate getuid(), suggested by & ok markus@@
   - markus@@cvs.openbsd.org 2004/08/26 16:00:55
     [ssh.1 sshd.8]
     get rid of references to rhosts authentication; with jmc@@
   - djm@@cvs.openbsd.org 2004/08/28 01:01:48
     [sshd.c]
     don't erroneously close stdin for !reexec case, from Dave Johnson;
     ok markus@@
 - (dtucker) [configure.ac] Include sys/stream.h in sys/ptms.h header check,
   fixes configure warning on Solaris reported by wknox at mitre.org.
 - (dtucker) [regress/multiplex.sh] Skip test on platforms that do not
   support FD passing since multiplex requires it.  Noted by tim@@
 - (dtucker) [regress/dynamic-forward.sh] Allow time for connections to be torn
   down, needed on some platforms, should be harmless on others.  Patch from
   jason at devrandom.org.
 - (dtucker) [regress/scp.sh] Make this work on Cygwin too, which doesn't like
   files ending in .exe that aren't binaries; patch from vinschen at redhat.com.
 - (dtucker) [Makefile.in] Get regress/Makefile symlink right for out-of-tree
   builds too, from vinschen at redhat.com.
 - (dtucker) [regress/agent-ptrace.sh] Skip ptrace test on OSF1/DUnix/Tru64
   too; patch from cmadams at hiwaay.net.
 - (dtucker) [configure.ac] Replace non-portable echo \n with extra echo.
 - (dtucker) [openbsd-compat/port-aix.c] Bug #712: Explicitly check for
   accounts with authentication configs that sshd can't support (ie
   SYSTEM=NONE and AUTH1=something).

20040828
 - (dtucker) [openbsd-compat/mktemp.c] Remove superfluous Cygwin #ifdef; from
   vinschen at redhat.com.

20040823
 - (djm) [ssh-rand-helper.c] Typo. Found by 
   Martin.Kraemer AT Fujitsu-Siemens.com
 - (djm) [loginrec.c] Typo and bad args in error messages; Spotted by 
   Martin.Kraemer AT Fujitsu-Siemens.com

d1657 1
a1657 1
$Id: ChangeLog,v 1.3707.2.1 2005/03/09 04:52:09 djm Exp $
@


1.1.1.10
log
@Vendor import of OpenSSH 4.1p1.
@
text
@a0 175
20050524
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
         [contrib/suse/openssh.spec] Update spec file versions to 4.1p1
 - (dtucker) [auth-pam.c] Since people don't seem to be getting the message
   that USE_POSIX_THREADS is unsupported, not recommended and generally a bad
   idea, it is now known as UNSUPPORTED_POSIX_THREADS_HACK.  Attempting to use
   USE_POSIX_THREADS will now generate an error so we don't silently change
   behaviour.  ok djm@@
 - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Ensure sufficient memory
   allocation when retrieving core Windows environment.  Add CYGWIN variable
   to propagated variables.  Patch from vinschen at redhat.com, ok djm@@
 - (djm) Release 4.1p1

20050524
 - (djm) [openbsd-compat/readpassphrase.c] bz #950: Retry tcsetattr to ensure
   terminal modes are reset correctly. Fix from peak AT argo.troja.mff.cuni.cz;
   "looks ok" dtucker@@

20050512
 - (tim) [buildpkg.sh.in] missing ${PKG_INSTALL_ROOT} in init script
   hard link section. Bug 1038.

20050509
 - (dtucker) [contrib/cygwin/ssh-host-config] Add a test and warning for a
   user-mode mounts in Cygwin installation.  Patch from vinschen at redhat.com.

20050504
 - (djm) [ssh.c] some systems return EADDRINUSE on a bind to an already-used
   unix domain socket, so catch that too; from jakob@@ ok dtucker@@

20050503
 - (dtucker) [canohost.c] normalise socket addresses returned by
   get_remote_hostname().  This means that IPv4 addresses in log messages
   on IPv6 enabled machines will no longer be prefixed by "::ffff:" and
   AllowUsers, DenyUsers, AllowGroups, DenyGroups will match IPv4-style
   addresses only for 4-in-6 mapped connections, regardless of whether
   or not the machine is IPv6 enabled.  ok djm@@

20050425
 - (dtucker) [regress/multiplex.sh] Use "kill -0 $pid" to check for the
   existence of a process since it's more portable.  Found by jbasney at
   ncsa.uiuc.edu; ok tim@@
 - (dtucker) [regress/multiplex.sh] Remove cleanup call since test-exec.sh
   will clean up anyway.  From tim@@
 - (dtucker) [regress/multiplex.sh] Put control socket in /tmp so running
   "make tests" works even if you're building on a filesystem that doesn't
   support sockets.  From deengert at anl.gov, ok djm@@

20050424
 - (dtucker) [INSTALL configure.ac] Make zlib version check test for 1.1.4 or
   1.2.1.2 or higher.  With tim@@, ok djm@@

20050423
 - (tim) [config.guess] Add support for OpenServer 6.

20050421
 - (dtucker) [session.c] Bug #1024: Don't check pam_session_is_open if
   UseLogin is set as PAM is not used to establish credentials in that
   case.  Found by Michael Selvesteen, ok djm@@

20050419
 - (dtucker) [INSTALL] Reference README.privsep for the privilege separation
   requirements.  Pointed out by Bengt Svensson.
 - (dtucker) [INSTALL] Put the s/key text and URL back together.
 - (dtucker) [INSTALL] Fix s/key text too.

20050411
 - (tim) [configure.ac] UnixWare needs PASSWD_NEEDS_USERNAME

20050405
 - (dtucker) [configure.ac] Define HAVE_SO_PEERCRED if we have it.  ok djm@@
 - (dtucker) [auth-sia.c] Constify sys_auth_passwd, fixes build error on
   Tru64.  Patch from cmadams at hiwaay.net.
 - (dtucker) [auth-passwd.c auth-sia.h] Remove duplicate definitions of
   sys_auth_passwd, pointed out by cmadams at hiwaay.net.

20050403
 - (djm) OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2005/03/31 18:39:21
     [scp.c]
     copy argv[] element instead of smashing the one that ps will see; ok otto
   - djm@@cvs.openbsd.org 2005/04/02 12:41:16
     [scp.c]
     since ssh has xstrdup, use it instead of strdup+test. unbreaks -Werror
     build
 - (dtucker) [monitor.c] Don't free buffers in audit functions, monitor_read
   will free as needed.  ok tim@@ djm@@

20050331
 - (dtucker) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2005/03/16 11:10:38
     [ssh_config.5]
     get the syntax right for {Local,Remote}Forward;
     based on a diff from markus;
     problem report from ponraj;
     ok dtucker@@ markus@@ deraadt@@
   - markus@@cvs.openbsd.org 2005/03/16 21:17:39
     [version.h]
     4.1
   - jmc@@cvs.openbsd.org 2005/03/18 17:05:00
     [sshd_config.5]
     typo;
 - (dtucker) [auth.h sshd.c openbsd-compat/port-aix.c] Bug #1006: fix bug in
   handling of password expiry messages returned by AIX's authentication
   routines, originally reported by robvdwal at sara.nl.
 - (dtucker) [ssh.c] Prevent null pointer deref in port forwarding debug
   message on some platforms.  Patch from pete at seebeyond.com via djm.
 - (dtucker) [monitor.c] Remaining part of fix for bug #1006.

20050329
 - (dtucker) [contrib/aix/buildbff.sh] Bug #1005: Look up only the user we're
   interested in which is much faster in large (eg LDAP or NIS) environments.
   Patch from dleonard at vintela.com.

20050321
 - (dtucker) [configure.ac] Prevent configure --with-zlib from adding -Iyes
   and -Lyes to CFLAGS and LIBS.  Pointed out by peter at slagheap.net,
   with & ok tim@@
 - (dtucker) [configure.ac] Make configure error out if the user specifies
   --with-libedit but the required libs can't be found, rather than silently
   ignoring and continuing.  ok tim@@
 - (dtucker) [configure.ac openbsd-compat/port-aix.h] Prevent redefinitions
   of setauthdb on AIX 5.3, reported by anders.liljegren at its.uu.se.

20050317
 - (tim) [configure.ac] Bug 998. Make path for --with-opensc optional.
   Make --without-opensc work.
 - (tim) [configure.ac] portability changes on test statements. Some shells
   have problems with -a operator.
 - (tim) [configure.ac] make some configure options a little more error proof.
 - (tim) [configure.ac] remove trailing white space.

20050314
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2005/03/10 10:15:02
     [readconf.c]
     Check listen addresses for null, prevents xfree from dying during
     ClearAllForwardings (bz #996).  From  Craig Leres, ok markus@@
   - deraadt@@cvs.openbsd.org 2005/03/10 22:01:05
     [misc.c ssh-keygen.c servconf.c clientloop.c auth-options.c ssh-add.c
     monitor.c sftp-client.c bufaux.h hostfile.c ssh.c sshconnect.c channels.c
     readconf.c bufaux.c sftp.c]
     spacing
   - deraadt@@cvs.openbsd.org 2005/03/10 22:40:38
     [auth-options.c]
     spacing
   - markus@@cvs.openbsd.org 2005/03/11 14:59:06
     [ssh-keygen.c]
     typo, missing \n; mpech
   - jmc@@cvs.openbsd.org 2005/03/12 11:55:03
     [ssh_config.5]
     escape `.' at eol to avoid double spacing issues;
   - dtucker@@cvs.openbsd.org 2005/03/14 10:09:03
     [ssh-keygen.1]
     Correct description of -H (bz #997);  ok markus@@, punctuation jmc@@
   - dtucker@@cvs.openbsd.org 2005/03/14 11:44:42
     [auth.c]
     Populate host for log message for logins denied by AllowUsers and
     DenyUsers (bz #999); ok markus@@ (patch by tryponraj at gmail.com)
   - markus@@cvs.openbsd.org 2005/03/14 11:46:56
     [buffer.c buffer.h channels.c]
     limit input buffer size for channels; bugzilla #896; with and ok dtucker@@
 - (tim) [contrib/caldera/openssh.spec] links in rc?.d were getting trashed
   with a rpm -F

20050313
 - (dtucker) [contrib/cygwin/ssh-host-config] Makes the query for the
   localized name of the local administrators group more reliable.  From
   vinschen at redhat.com.

20050312
 - (dtucker) [regress/test-exec.sh] DEBUG can cause problems where debug
   output ends up in the client's output, causing regress failures.  Found
   by Corinna Vinschen.

d2324 1
a2324 1
$Id: ChangeLog,v 1.3758.2.2 2005/05/25 12:24:56 djm Exp $
@


1.1.1.10.2.1
log
@Upgrade to 4.2p1.

Approved by:	re (kensmith)
@
text
@a0 493
20050901
 - (djm) Update RPM spec file versions

20050831
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2005/08/30 22:08:05
     [gss-serv.c sshconnect2.c]
     destroy credentials if krb5_kuserok() call fails. Stops credentials being
     delegated to users who are not authorised for GSSAPIAuthentication when
     GSSAPIDeletegateCredentials=yes and another authentication mechanism 
     succeeds; bz#1073 reported by paul.moore AT centrify.com, fix by 
     simon AT sxw.org.uk, tested todd@@ biorn@@ jakob@@; ok deraadt@@
   - markus@@cvs.openbsd.org 2005/08/31 09:28:42
     [version.h]
     4.2
 - (dtucker) [README] Update release note URL to 4.2
 - (tim) [configure.ac auth.c defines.h session.c openbsd-compat/port-uw.c
   openbsd-compat/port-uw.h openbsd-compat/xcrypt.c] libiaf cleanup. Disable
   libiaf bits for OpenServer6. Free memory allocated by ia_get_logpwd().
   Feedback and OK dtucker@@

20050830
 - (tim) [configure.ac] Back out last change. It needs to be done differently.

20050829
 - (tim) [configure.ac] ia_openinfo() seems broken on OSR6. Limit UW long
   password support to 7.x for now.

20050826
 - (tim) [CREDITS LICENCE auth.c configure.ac defines.h includes.h session.c
   openbsd-compat/Makefile.in openbsd-compat/openbsd-compat.h
   openbsd-compat/xcrypt.c] New files [openssh/openbsd-compat/port-uw.c
   openssh/openbsd-compat/port-uw.h] Support long passwords (> 8-char)
   on UnixWare 7 from Dhiraj Gulati and Ahsan Rashid. Cleanup and testing
   by tim@@. Feedback and OK dtucker@@

20050823
 - (dtucker) [regress/test-exec.sh] Do not prepend an extra "/" to a fully-
   qualified sshd pathname since some systems (eg Cygwin) may consider "/foo"
   and "//foo" to be different.  Spotted by vinschen at redhat.com.
 - (tim) [configure.ac] Not all gcc's support -Wsign-compare. Enhancements
   and OK dtucker@@
 - (tim) [defines.h] PATH_MAX bits for OpenServer OK dtucker@@

20050821
 - (dtucker) [configure.ac defines.h includes.h sftp.c] Add support for
   LynxOS, patch from Olli Savia (ops at iki.fi).  ok djm@@

20050816
 - (djm) [ttymodes.c] bugzilla #1025: Fix encoding of _POSIX_VDISABLE,
   from Jacob Nevins; ok dtucker@@

20050815
 - (tim) [sftp.c] wrap el_end() in #ifdef USE_LIBEDIT
 - (tim) [configure.ac] corrections to libedit tests. Report and patches
   by skeleten AT shillest.net

20050812
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2005/07/28 17:36:22
     [packet.c]
     missing packet_init_compression(); from solar
   - djm@@cvs.openbsd.org 2005/07/30 01:26:16
     [ssh.c]
     fix -D listen_host initialisation, so it picks up gateway_ports setting
     correctly
   - djm@@cvs.openbsd.org 2005/07/30 02:03:47
     [readconf.c]
     listen_hosts initialisation here too; spotted greg AT y2005.nest.cx
   - dtucker@@cvs.openbsd.org 2005/08/06 10:03:12
     [servconf.c]
     Unbreak sshd ListenAddress for bare IPv6 addresses.
     Report from Janusz Mucka; ok djm@@
   - jaredy@@cvs.openbsd.org 2005/08/08 13:22:48
     [sftp.c]
     sftp prompt enhancements:
     - in non-interactive mode, do not print an empty prompt at the end
       before finishing
     - print newline after EOF in editline mode
     - call el_end() in editline mode
     ok dtucker djm

20050810
 - (dtucker) [configure.ac] Test libedit library and headers for compatibility.
   Report from skeleten AT shillest.net, ok djm@@
 - (dtucker) [LICENCE configure.ac defines.h openbsd-compat/realpath.c]
   Sync current (thread-safe) version of realpath.c from OpenBSD (which is
   in turn based on FreeBSD's).  ok djm@@

20050809
 - (tim) [configure.ac] Allow --with-audit=no. OK dtucker@@
   Report by skeleten AT shillest.net

20050803
 - (dtucker) [openbsd-compat/fake-rfc2553.h] Check for EAI_* defines
   individually and use a value less likely to collide with real values from
   netdb.h.  Fixes compile warnings on FreeBSD 5.3.  ok djm@@
 - (dtucker) [openbsd-compat/fake-rfc2553.h] MAX_INT -> INT_MAX since the
   latter is specified in the standard.

20050802
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2005/07/27 10:39:03
     [scp.c hostfile.c sftp-client.c]
     Silence bogus -Wuninitialized warnings; ok djm@@
 - (dtucker) [configure.ac] Enable -Wuninitialized by default when compiling
   with gcc.  ok djm@@
 - (dtucker) [configure.ac] Add a --with-Werror option to configure for
   adding -Werror to CFLAGS when all of the configure tests are done. ok djm@@

20050726
 - (dtucker) [configure.ac] Update zlib warning message too, pointed out by
   tim@@.
 - (djm) OpenBSD CVS Sync
   - otto@@cvs.openbsd.org 2005/07/19 15:32:26
     [auth-passwd.c]
     auth_usercheck(3) can return NULL, so check for that. Report from
     mpech@@. ok markus@@
   - markus@@cvs.openbsd.org 2005/07/25 11:59:40
     [kex.c kex.h myproposal.h packet.c packet.h servconf.c session.c]
     [sshconnect2.c sshd.c sshd_config sshd_config.5]
     add a new compression method that delays compression until the user
     has been authenticated successfully and set compression to 'delayed'
     for sshd.
     this breaks older openssh clients (< 3.5) if they insist on
     compression, so you have to re-enable compression in sshd_config.
     ok djm@@

20050725
 - (dtucker) [configure.ac] Update zlib version check for CAN-2005-2096.

20050717
- OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2005/07/16 01:35:24
     [auth1.c channels.c cipher.c clientloop.c kex.c session.c ssh.c]
     [sshconnect.c]
     spacing
 - (djm) [acss.c auth-pam.c auth-shadow.c auth-skey.c auth1.c canohost.c]
   [cipher-acss.c loginrec.c ssh-rand-helper.c sshd.c] Fix whitespace at EOL 
   in portable too ("perl -p -i -e 's/\s+$/\n/' *.[ch]")
 - (djm) [auth-pam.c sftp.c] spaces vs. tabs at start of line
   - djm@@cvs.openbsd.org 2005/07/17 06:49:04
     [channels.c channels.h session.c session.h]
     Fix a number of X11 forwarding channel leaks:
     1. Refuse multiple X11 forwarding requests on the same session
     2. Clean up all listeners after a single_connection X11 forward, not just
        the one that made the single connection
     3. Destroy X11 listeners when the session owning them goes away
     testing and ok dtucker@@
   - djm@@cvs.openbsd.org 2005/07/17 07:17:55
     [auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c]
     [cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c]
     [serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c]
     [sshconnect.c sshconnect2.c]
     knf says that a 2nd level indent is four (not three or five) spaces
 -(djm) [audit.c auth1.c auth2.c entropy.c loginrec.c serverloop.c]
  [ssh-rand-helper.c] fix portable 2nd level indents at 4 spaces too
 - (djm) [monitor.c monitor_wrap.c] -Wsign-compare for PAM monitor calls
 
20050716
 - (dtucker) [auth-pam.c] Ensure that only one side of the authentication
   socketpair stays open on in both the monitor and PAM process.  Patch from
   Joerg Sonnenberger.

20050714
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2005/07/06 09:33:05
     [ssh.1]
     clarify meaning of ssh -b ; with & ok jmc@@
   - dtucker@@cvs.openbsd.org 2005/07/08 09:26:18
     [misc.c]
     Make comment match code; ok djm@@
   - markus@@cvs.openbsd.org 2005/07/08 09:41:33
     [channels.h]
     race when efd gets closed while there is still buffered data:
     change CHANNEL_EFD_OUTPUT_ACTIVE()
        1) c->efd must always be valid AND
        2a) no EOF has been seen OR
        2b) there is buffered data
     report, initial fix and testing Chuck Cranor
   - dtucker@@cvs.openbsd.org 2005/07/08 10:20:41
     [ssh_config.5]
     change BindAddress to match recent ssh -b change; prompted by markus@@
   - jmc@@cvs.openbsd.org 2005/07/08 12:53:10
     [ssh_config.5]
     new sentence, new line;
   - dtucker@@cvs.openbsd.org 2005/07/14 04:00:43
     [misc.h]
     use __sentinel__ attribute; ok deraadt@@ djm@@ markus@@
 - (dtucker) [configure.ac defines.h] Define __sentinel__ to nothing if the
   compiler doesn't understand it to prevent warnings.  If any mainstream
   compiler versions acquire it we can test for those versions.  Based on
   discussion with djm@@.

20050707
 - dtucker [auth-krb5.c auth.h gss-serv-krb5.c] Move KRB5CCNAME generation for
   the MIT Kerberos code path into a common function and expand mkstemp
   template to be consistent with the rest of OpenSSH.  From sxw at
   inf.ed.ac.uk, ok djm@@
 - (dtucker) [auth-krb5.c] There's no guarantee that snprintf will set errno
   in the case where the buffer is insufficient, so always return ENOMEM.
   Also pointed out by sxw at inf.ed.ac.uk.
 - (dtucker) [acconfig.h auth-krb5.c configure.ac gss-serv-krb5.c] Remove
   calls to krb5_init_ets, which has not been required since krb-1.1.x and
   most Kerberos versions no longer export in their public API.  From sxw
   at inf.ed.ac.uk, ok djm@@

20050706
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2005/07/01 13:19:47
     [channels.c]
     don't free() if getaddrinfo() fails; report mpech@@
   - djm@@cvs.openbsd.org 2005/07/04 00:58:43
     [channels.c clientloop.c clientloop.h misc.c misc.h ssh.c ssh_config.5]
     implement support for X11 and agent forwarding over multiplex slave
     connections. Because of protocol limitations, the slave connections inherit
     the master's DISPLAY and SSH_AUTH_SOCK rather than distinctly forwarding
     their own.
     ok dtucker@@ "put it in" deraadt@@
   - jmc@@cvs.openbsd.org 2005/07/04 11:29:51
     [ssh_config.5]
     fix Xr and a little grammar;
   - markus@@cvs.openbsd.org 2005/07/04 14:04:11
     [channels.c]
     don't forget to set x11_saved_display

20050626
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2005/06/17 22:53:47
     [ssh.c sshconnect.c]
     Fix ControlPath's %p expanding to "0" for a default port,
     spotted dwmw2 AT infradead.org; ok markus@@
   - djm@@cvs.openbsd.org 2005/06/18 04:30:36
     [ssh.c ssh_config.5]
     allow ControlPath=none, patch from dwmw2 AT infradead.org; ok dtucker@@
   - djm@@cvs.openbsd.org 2005/06/25 22:47:49
     [ssh.c]
     do the default port filling code a few lines earlier, so it really 
     does fix %p

20050618
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2005/05/20 12:57:01;
   [auth1.c] split protocol 1 auth methods into separate functions, makes 
   authloop much more readable; fixes and ok markus@@ (portable ok & 
   polish dtucker@@)
   - djm@@cvs.openbsd.org 2005/06/17 02:44:33
   [auth1.c] make this -Wsign-compare clean; ok avsm@@ markus@@
 - (djm) [loginrec.c ssh-rand-helper.c] Fix -Wsign-compare for portable,
   tested and fixes tim@@

20050617
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2005/06/16 03:38:36
     [channels.c channels.h clientloop.c clientloop.h ssh.c]
     move x11_get_proto from ssh.c to clientloop.c, to make muliplexed xfwd
     easier later; ok deraadt@@
   - markus@@cvs.openbsd.org 2005/06/16 08:00:00
     [canohost.c channels.c sshd.c]
     don't exit if getpeername fails for forwarded ports; bugzilla #1054;
     ok djm
   - djm@@cvs.openbsd.org 2005/06/17 02:44:33
     [auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c]
     [bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c]
     [kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c]
     [servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c]
     [ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
     make this -Wsign-compare clean; ok avsm@@ markus@@
     NB. auth1.c changes not committed yet (conflicts with uncommitted sync)
     NB2. more work may be needed to make portable Wsign-compare clean
 - (dtucker) [cipher.c openbsd-compat/openbsd-compat.h
   openbsd-compat/openssl-compat.c] only include openssl compat stuff where
   it's needed as it can cause conflicts elsewhere (eg xcrypt.c).  Found by
   and ok tim@@

20050616
 - (djm) OpenBSD CVS Sync
   - jaredy@@cvs.openbsd.org 2005/06/07 13:25:23
     [progressmeter.c]
     catch SIGWINCH and resize progress meter accordingly; ok markus dtucker
   - djm@@cvs.openbsd.org 2005/06/06 11:20:36
     [auth.c auth.h misc.c misc.h ssh.c ssh_config.5 sshconnect.c]
     introduce a generic %foo expansion function. replace existing % expansion 
     and add expansion to ControlPath; ok markus@@
   - djm@@cvs.openbsd.org 2005/06/08 03:50:00
     [ssh-keygen.1 ssh-keygen.c sshd.8]
     increase default rsa/dsa key length from 1024 to 2048 bits;
     ok markus@@ deraadt@@
   - djm@@cvs.openbsd.org 2005/06/08 11:25:09
     [clientloop.c readconf.c readconf.h ssh.c ssh_config.5]
     add ControlMaster=auto/autoask options to support opportunistic
     multiplexing; tested avsm@@ and jakob@@, ok markus@@
   - dtucker@@cvs.openbsd.org 2005/06/09 13:43:49
     [cipher.c]
     Correctly initialize end of array sentinel; ok djm@@
     (Id sync only, change already in portable)

20050609
 - (dtucker) [cipher.c openbsd-compat/Makefile.in
   openbsd-compat/openbsd-compat.h openbsd-compat/openssl-compat.{c,h}]
   Move compatibility code for supporting older OpenSSL versions to the
   compat layer.  Suggested by and "no objection" djm@@

20050607
 - (dtucker) [configure.ac] Continue the hunt for LLONG_MIN and LLONG_MAX:
   in today's episode we attempt to coax it from limits.h where it may be
   hiding, failing that we take the DIY approach.  Tested by tim@@

20050603
 - (dtucker) [configure.ac] Only try gcc -std=gnu99 if LLONG_MAX isn't
   defined, and check that it helps before keeping it in CFLAGS.  Some old
   gcc's don't set an error code when encountering an unknown value in -std.
   Found and tested by tim@@.
 - (dtucker) [configure.ac] Point configure's reporting address at the
   openssh-unix-dev list.  ok tim@@ djm@@

20050602
 - (tim) [configure.ac] Some platforms need sys/types.h for arpa/nameser.h.
   Take AC_CHECK_HEADERS test out of ultrix section. It caused other platforms
   to skip builtin standard includes tests. (first AC_CHECK_HEADERS test
   must be run on all platforms) Add missing ;; to case statement. OK dtucker@@

20050601
 - (dtucker) [configure.ac] Look for _getshort and _getlong in
   arpa/nameser.h.
 - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoll.c]
   Add strtoll to the compat library, from OpenBSD.
 - (dtucker) OpenBSD CVS Sync
   - avsm@@cvs.openbsd.org 2005/05/26 02:08:05
     [scp.c]
     If copying multiple files to a target file (which normally fails, as it
     must be a target directory), kill the spawned ssh child before exiting.
     This stops it trying to authenticate and spewing lots of output.
     deraadt@@ ok
   - dtucker@@cvs.openbsd.org 2005/05/26 09:08:12
     [ssh-keygen.c]
     uint32_t -> u_int32_t for consistency; ok djm@@
   - djm@@cvs.openbsd.org 2005/05/27 08:30:37
     [ssh.c]
     fix -O for cases where no ControlPath has been specified or socket at
     ControlPath is not contactable; spotted by and ok avsm@@
 - (tim) [config.guess config.sub] Update to '2005-05-27' version.
 - (tim) [configure.ac] set TEST_SHELL for OpenServer 6

20050531
 - (dtucker) [contrib/aix/pam.conf] Correct comments.  From davidl at
   vintela.com.
 - (dtucker) [mdoc2man.awk] Teach it to understand .Ox.

20050530
 - (dtucker) [README] Link to new release notes.  Beter late than never...

20050529
 - (dtucker) [openbsd-compat/port-aix.c] Bug #1046: AIX 5.3 expects the
   argument to passwdexpired to be initialized to NULL.  Suggested by tim@@
   While at it, initialize the other arguments to auth functions in case they
   ever acquire this behaviour.
 - (dtucker) [openbsd-compat/port-aix.c] Whitespace cleanups while there.
 - (dtucker) [openbsd-compat/port-aix.c] Minor correction to debug message,
   spotted by tim@@.

20050528
 - (dtucker) [configure.ac] For AC_CHECK_HEADERS() and AC_CHECK_FUNCS() have
   one entry per line to make it easier to merge changes.  ok djm@@
 - (dtucker) [configure.ac] strsep() may be defined in string.h, so check
   for its presence and include it in the strsep check.
 - (dtucker) [configure.ac] getpgrp may be defined in unistd.h, so check for
   its presence before doing AC_FUNC_GETPGRP.
 - (dtucker) [configure.ac] Merge HP-UX blocks into a common block with minor
   version-specific variations as required.
 - (dtucker) [openbsd-compat/port-aix.h] Use the HAVE_DECL_* definitions as
   per the autoconf man page.  Configure should always define them but it
   doesn't hurt to check.

20050527
 - (djm) [defines.h] Use our realpath if we have to define PATH_MAX, spotted by
   David Leach; ok dtucker@@
 - (dtucker) [acconfig.h configure.ac defines.h includes.h sshpty.c
   openbsd-compat/bsd-misc.c] Add support for Ultrix.  No, that's not a typo.
   Required changes from Bernhard Simon, integrated by me.  ok djm@@

20050525
 - (djm) [mpaux.c mpaux.h Makefile.in] Remove old mpaux.[ch] code, it has not 
   been used for a while
 - (djm) OpenBSD CVS Sync
   - otto@@cvs.openbsd.org 2005/04/05 13:45:31
     [ssh-keygen.c]
   - djm@@cvs.openbsd.org 2005/04/06 09:43:59
     [sshd.c]
     avoid harmless logspam by not performing setsockopt() on non-socket;
     ok markus@@
   - dtucker@@cvs.openbsd.org 2005/04/06 12:26:06
     [ssh.c]
     Fix debug call for port forwards; patch from pete at seebeyond.com,
     ok djm@@ (ID sync only - change already in portable)
   - djm@@cvs.openbsd.org 2005/04/09 04:32:54
     [misc.c misc.h tildexpand.c Makefile.in]
     replace tilde_expand_filename with a simpler implementation, ahead of
     more whacking; ok deraadt@@
   - jmc@@cvs.openbsd.org 2005/04/14 12:30:30
     [ssh.1]
     arg to -b is an address, not if_name;
     ok markus@@
   - jakob@@cvs.openbsd.org 2005/04/20 10:05:45
     [dns.c]
     do not try to look up SSHFP for numerical hostname. ok djm@@
   - djm@@cvs.openbsd.org 2005/04/21 06:17:50
     [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8]
     [sshd_config.5] OpenSSH doesn't ever look at the $HOME environment
     variable, so don't say that we do (bz #623); ok deraadt@@
   - djm@@cvs.openbsd.org 2005/04/21 11:47:19
     [ssh.c]
     don't allocate a pty when -n flag (/dev/null stdin) is set, patch from
     ignasi.roca AT fujitsu-siemens.com (bz #829); ok dtucker@@
   - dtucker@@cvs.openbsd.org 2005/04/23 23:43:47
     [readpass.c]
     Add debug message if read_passphrase can't open /dev/tty; bz #471;
     ok djm@@
   - jmc@@cvs.openbsd.org 2005/04/26 12:59:02
     [sftp-client.h]
     spelling correction in comment from wiz@@netbsd;
   - jakob@@cvs.openbsd.org 2005/04/26 13:08:37
     [ssh.c ssh_config.5]
     fallback gracefully if client cannot connect to ControlPath. ok djm@@
   - moritz@@cvs.openbsd.org 2005/04/28 10:17:56
     [progressmeter.c ssh-keyscan.c]
     add snprintf checks. ok djm@@ markus@@
   - markus@@cvs.openbsd.org 2005/05/02 21:13:22
     [readpass.c]
     missing {}
   - djm@@cvs.openbsd.org 2005/05/10 10:28:11
     [ssh.c]
     print nice error message for EADDRINUSE as well (ID sync only)
   - djm@@cvs.openbsd.org 2005/05/10 10:30:43
     [ssh.c]
     report real errors on fallback from ControlMaster=no to normal connect
   - markus@@cvs.openbsd.org 2005/05/16 15:30:51
     [readconf.c servconf.c]
     check return value from strdelim() for NULL (AddressFamily); mpech
   - djm@@cvs.openbsd.org 2005/05/19 02:39:55
     [sshd_config.5]
     sort config options, from grunk AT pestilenz.org; ok jmc@@
   - djm@@cvs.openbsd.org 2005/05/19 02:40:52
     [sshd_config]
     whitespace nit, from grunk AT pestilenz.org
   - djm@@cvs.openbsd.org 2005/05/19 02:42:26
     [includes.h]
     fix cast, from grunk AT pestilenz.org
   - djm@@cvs.openbsd.org 2005/05/20 10:50:55
     [ssh_config.5]
     give a ProxyCommand example using nc(1), with and ok jmc@@
   - jmc@@cvs.openbsd.org 2005/05/20 11:23:32
     [ssh_config.5]
     oops - article and spacing;
   - avsm@@cvs.openbsd.org 2005/05/23 22:44:01
     [moduli.c ssh-keygen.c]
     - removes signed/unsigned comparisons in moduli generation
     - use strtonum instead of atoi where its easier
     - check some strlcpy overflow and fatal instead of truncate
   - djm@@cvs.openbsd.org 2005/05/23 23:32:46
     [cipher.c myproposal.h ssh.1 ssh_config.5 sshd_config.5]
     add support for draft-harris-ssh-arcfour-fixes-02 improved arcfour modes;
     ok markus@@
   - avsm@@cvs.openbsd.org 2005/05/24 02:05:09
     [ssh-keygen.c]
     some style nits from dmiller@@, and use a fatal() instead of a printf()/exit
   - avsm@@cvs.openbsd.org 2005/05/24 17:32:44
     [atomicio.c atomicio.h authfd.c monitor_wrap.c msg.c scp.c sftp-client.c]
     [ssh-keyscan.c sshconnect.c]
     Switch atomicio to use a simpler interface; it now returns a size_t
     (containing number of bytes read/written), and indicates error by
     returning 0.  EOF is signalled by errno==EPIPE.
     Typical use now becomes:

     if (atomicio(read, ..., len) != len)
             err(1,"read");

     ok deraadt@@, cloder@@, djm@@
 - (dtucker) [regress/reexec.sh] Add ${EXEEXT} so this test also works on
   Cygwin.
 - (dtucker) [auth-pam.c] Bug #1033: Fix warnings building with PAM on Linux:
   warning: dereferencing type-punned pointer will break strict-aliasing rules
   warning: passing arg 3 of `pam_get_item' from incompatible pointer type
   The type-punned pointer fix is based on a patch from SuSE's rpm.  ok djm@@
 - (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Bug #1033: Provide
   templates for _getshort and _getlong if missing to prevent compiler warnings
   on Linux.
 - (djm) [configure.ac openbsd-compat/Makefile.in]
         [openbsd-compat/openbsd-compat.h openbsd-compat/strtonum.c]
         Add strtonum(3) from OpenBSD libc, new code needs it. 
         Unfortunately Linux forces us to do a bizarre dance with compiler
         options to get LLONG_MIN/MAX; Spotted by and ok dtucker@@ 

d12 1
a12 1
 - Release 4.1p1
d2499 1
a2499 1
$Id: ChangeLog,v 1.3887 2005/09/01 09:10:48 djm Exp $
@


1.1.1.10.2.2
log
@MFC: OpenSSH 4.4p1.

Approved by:	re (kensmith)
@
text
@a0 2498
20060926
 - (dtucker) [bufaux.h] nuke bufaux.h; it's already gone from OpenBSD and not
   referenced any more.  ok djm@@
 - (dtucker) [sftp-server.8] Resync; spotted by djm@@

20060924
 - (tim) [configure.ac] Remove CFLAGS hack for UnixWare 1.x/2.x (added
   to rev 1.308) to work around broken gcc 2.x header file.

20060923
 - (dtucker) [configure.ac] Bug #1234: Put opensc libs into $LIBS rather than
   $LDFLAGS.  Patch from vapier at gentoo org.

20060922
 - (dtucker) [packet.c canohost.c] Include arpa/inet.h for htonl macros on
   some platforms (eg HP-UX 11.00).  From santhi.amirta at gmail com.

20060921
 - (dtucker) OpenBSD CVS Sync
   - otto@@cvs.openbsd.org 2006/09/19 05:52:23
     [sftp.c]
     Use S_IS* macros insted of masking with S_IF* flags. The latter may
     have multiple bits set, which lead to surprising results. Spotted by
     Paul Stoeber, more to come. ok millert@@ pedro@@ jaredy@@ djm@@
   - markus@@cvs.openbsd.org 2006/09/19 21:14:08
     [packet.c]
     client NULL deref on protocol error; Tavis Ormandy, Google Security Team
 - (dtucker) [defines.h] Include unistd.h before defining getpgrp; fixes
   build error on Ultrix.  From Bernhard Simon.

20060918
 - (dtucker) [configure.ac] On AIX, check to see if the compiler will allow
   macro redefinitions, and if not, remove "-qlanglvl=ansi" from the flags.
   Allows build out of the box with older VAC and XLC compilers.  Found by
   David Bronder and Bernhard Simon.
 - (dtucker) [openbsd-compat/port-aix.{c,h}] Reduce scope of includes.
   Prevents macro redefinition warnings of "RDONLY".

20060916
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2006/09/16 19:53:37
     [deattack.c deattack.h packet.c]
     limit maximum work performed by the CRC compensation attack detector,
     problem reported by Tavis Ormandy, Google Security Team;
     ok markus@@ deraadt@@
 - (djm) Add openssh.xml to .cvsignore and sort it
 - (dtucker) [auth-pam.c] Propogate TZ environment variable to PAM auth
   process so that any logging it does is with the right timezone.  From
   Scott Strickler, ok djm@@.
 - (dtucker) [monitor.c] Correctly handle auditing of single commands when
   using Protocol 1.  From jhb at freebsd.
 - (djm) [sshd.c] Fix warning/API abuse; ok dtucker@@
 - (dtucker) [INSTALL] Add info about audit support.

20060912
 - (djm) [Makefile.in buildpkg.sh.in configure.ac openssh.xml.in]
   Support SMF in Solaris Packages if enabled by configure. Patch from
   Chad Mynhier, tested by dtucker@@

20060911
 - (dtucker) [cipher-aes.c] Include string.h for memcpy and friends.  Noted
   by Pekka Savola.

20060910
 - (dtucker) [contrib/aix/buildbff.sh] Ensure that perl is available.
 - (dtucker) [configure.ac] Add -lcrypt to let DragonFly build OOTB.

20060909
 - (dtucker) [openbsd-compat/bsd-snprintf.c] Add stdarg.h.
 - (dtucker) [contrib/aix/buildbff.sh] Always create privsep user.
 - (dtucker) [buildpkg.sh.in] Always create privsep user.  ok djm@@

20060908
 - (dtucker) [auth-sia.c] Add includes required for build on Tru64.  Patch
   from Chris Adams.
 - (dtucker) [configure.ac] The BSM header test needs time.h in some cases.

20060907
 - (djm) [sshd.c auth.c] Set up fakepw() with privsep uid/gid, so it can
   be used to drop privilege to; fixes Solaris GSSAPI crash reported by
   Magnus Abrante; suggestion and feedback dtucker@@
   NB. this change will require that the privilege separation user must
   exist on all the time, not just when UsePrivilegeSeparation=yes
 - (tim) [configure.ac] s/BROKEN_UPDWTMP/BROKEN_UPDWTMPX/ on SCO OSR6
 - (dtucker) [loginrec.c] Wrap paths.h in HAVE_PATHS_H.
 - (dtucker) [regress/cfgmatch.sh] stop_client is racy, so give us a better
   chance of winning.

20060905
 - (dtucker) [configure.ac] s/AC_DEFINES/AC_DEFINE/ spotted by Roumen Petrov.
 - (dtucker) [loginrec.c] Include paths.h for _PATH_BTMP.

20060904
 - (dtucker) [configure.ac] Define BROKEN_UPDWTMP on SCO OSR6 as the native
   updwdtmp seems to generate invalid wtmp entries.  From Roger Cornelius,
   ok djm@@

20060903
 - (dtucker) [configure.ac openbsd-compat/openbsd-compat.h] Check for
   declaration of writev(2) and declare it ourselves if necessary.  Makes
   the atomiciov() calls build on really old systems.  ok djm@@

20060902
 - (dtucker) [openbsd-compat/port-irix.c] Add errno.h, found by Iain Morgan.
 - (dtucker) [ssh-keyscan.c ssh-rand-helper.c ssh.c sshconnect.c
   openbsd-compat/bindresvport.c openbsd-compat/getrrsetbyname.c
   openbsd-compat/port-tun.c openbsd-compat/rresvport.c] Include <arpa/inet.h>
   for hton* and ntoh* macros.  Required on (at least) HP-UX since we define
   _XOPEN_SOURCE_EXTENDED.  Found by santhi.amirta at gmail com.

20060901
 - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]
   [auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
   [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
   [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
   [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
   [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
   [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
   [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
   [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
   [sshconnect1.c sshconnect2.c sshd.c]
   [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
   [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
   [openbsd-compat/port-uw.c]
   Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
   compile problems reported by rac AT tenzing.org
 - (djm) [includes.h monitor.c openbsd-compat/bindresvport.c]
   [openbsd-compat/rresvport.c] Some more headers: netinet/in.h 
   sys/socket.h and unistd.h in various places
 - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Fix implict declaration
   warnings for binary_open and binary_close.  Patch from Corinna Vinschen.
 - (dtucker) [configure.ac includes.h openbsd-compat/glob.{c,h}] Explicitly
   test for GLOB_NOMATCH and use our glob functions if it's not found.
   Stops sftp from segfaulting when attempting to get a nonexistent file on
   Cygwin (previous versions of OpenSSH didn't use the native glob). Partly
   from and tested by Corinna Vinschen.
 - (dtucker) [README contrib/{caldera,redhat,suse}/openssh.spec]  Crank
   versions.

20060831
 - (djm) [CREDITS LICENCE Makefile.in auth.c configure.ac includes.h ]
   [platform.c platform.h sshd.c openbsd-compat/Makefile.in]
   [openbsd-compat/openbsd-compat.h openbsd-compat/port-solaris.c]
   [openbsd-compat/port-solaris.h] Add support for Solaris process
   contracts, enabled with --use-solaris-contracts. Patch from Chad
   Mynhier, tweaked by dtucker@@ and myself; ok dtucker@@
 - (dtucker) [contrib/cygwin/ssh-host-config] Add SeTcbPrivilege privilege
   while setting up the ssh service account.  Patch from Corinna Vinschen.

20060830
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2006/08/21 08:14:01
     [sshd_config.5]
     Document HostbasedUsesNameFromPacketOnly.  Corrections from jmc@@,
     ok jmc@@ djm@@
   - dtucker@@cvs.openbsd.org 2006/08/21 08:15:57
     [sshd.8]
     Add more detail about what permissions are and aren't accepted for
     authorized_keys files.  Corrections jmc@@, ok djm@@, "looks good" jmc@@
   - djm@@cvs.openbsd.org 2006/08/29 10:40:19
     [channels.c session.c]
     normalise some inconsistent (but harmless) NULL pointer checks
     spotted by the Stanford SATURN tool, via Isil Dillig;
     ok markus@@ deraadt@@
   - dtucker@@cvs.openbsd.org 2006/08/29 12:02:30
     [gss-genr.c]
     Work around a problem in Heimdal that occurs when KRB5CCNAME file is
     missing, by checking whether or not kerberos allocated us a context
     before attempting to free it.  Patch from Simon Wilkinson, tested by
     biorn@@, ok djm@@
   - dtucker@@cvs.openbsd.org 2006/08/30 00:06:51
     [sshconnect2.c]
     Fix regression where SSH2 banner is printed at loglevels ERROR and FATAL
     where previously it weren't.  bz #1221, found by Dean Kopesky, ok djm@@
   - djm@@cvs.openbsd.org 2006/08/30 00:14:37
     [version.h]
     crank to 4.4
 - (djm) [openbsd-compat/xcrypt.c] needs unistd.h
 - (dtucker) [auth.c openbsd-compat/port-aix.c] Bug #1207: always call
   loginsuccess on AIX immediately after authentication to clear the failed
   login count.  Previously this would only happen when an interactive
   session starts (ie when a pty is allocated) but this means that accounts
   that have primarily non-interactive sessions (eg scp's) may gradually
   accumulate enough failures to lock out an account.  This change may have
   a side effect of creating two audit records, one with a tty of "ssh"
   corresponding to the authentication and one with the allocated pty per
   interactive session.

20060824
 - (dtucker) [openbsd-compat/basename.c] Include errno.h.
 - (dtucker) [openbsd-compat/bsd-misc.c] Add includes needed for select(2) on
   older systems.
 - (dtucker) [openbsd-compat/bsd-misc.c] Include <sys/select.h> for select(2)
   on POSIX systems.
 - (dtucker) [openbsd-compat/bsd-openpty.c] Include for ioctl(2).
 - (dtucker) [openbsd-compat/rresvport.c] Include <stdlib.h> for malloc.
 - (dtucker) [openbsd-compat/xmmap.c] Move #define HAVE_MMAP to prevent
   unused variable warning when we have a broken or missing mmap(2).

20060822
 - (dtucker) [Makefile.in] Bug #1177: fix incorrect path for sshrc in
   Makefile.  Patch from santhi.amirta at gmail, ok djm.

20060820
 - (dtucker) [log.c] Move ifdef to prevent unused variable warning.
 - (dtucker) [configure.ac] Save $LIBS during PAM library tests and restore
   afterward.  Removes the need to mangle $LIBS later to remove -lpam and -ldl.
 - (dtucker) [configure.ac] Relocate --with-pam parts in preparation for
   fixing bug #1181.  No changes yet.
 - (dtucker) [configure.ac] Bug #1181: Explicitly test to see if OpenSSL
   (0.9.8a and presumably newer) requires -ldl to successfully link.
 - (dtucker) [configure.ac] Remove errant "-".

20060819
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2006/08/18 22:41:29
     [gss-genr.c]
     GSSAPI error code should be 0 and not -1; from simon@@sxw.org.uk
 - (dtucker) [openbsd-compat/regress/Makefile.in] Add $(EXEEXT) and add a
   single rule for the test progs.

20060818
 - (dtucker) [configure.ac openbsd-compat/bsd-closefrom.c] Resync with
   closefrom.c from sudo.
 - (dtucker) [openbsd-compat/bsd-closefrom.c] Comment out rcsid.
 - (dtucker) [openbsd-compat/regress/snprintftest.c] Newline on error.
 - (dtucker) [openbsd-compat/regress/Makefile.in] Use implicit rules for the
   test progs instead; they work better than what we have.
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2006/08/06 01:13:32
     [compress.c monitor.c monitor_wrap.c]
     "zlib.h" can be <zlib.h>; ok djm@@ markus@@
   - miod@@cvs.openbsd.org 2006/08/12 20:46:46
     [monitor.c monitor_wrap.c]
     Revert previous include file ordering change, for ssh to compile under
     gcc2 (or until openssl include files are cleaned of parameter names
     in function prototypes)
   - dtucker@@cvs.openbsd.org 2006/08/14 12:40:25
     [servconf.c servconf.h sshd_config.5]
     Add ability to match groups to Match keyword in sshd_config.  Feedback
     djm@@, stevesk@@, ok stevesk@@.
   - djm@@cvs.openbsd.org 2006/08/16 11:47:15
     [sshd.c]
     factor inetd connection, TCP listen and main TCP accept loop out of
     main() into separate functions to improve readability; ok markus@@
   - deraadt@@cvs.openbsd.org 2006/08/18 09:13:26
     [log.c log.h sshd.c]
     make signal handler termination path shorter; risky code pointed out by
     mark dowd; ok djm markus
   - markus@@cvs.openbsd.org 2006/08/18 09:15:20
     [auth.h session.c sshd.c]
     delay authentication related cleanups until we're authenticated and
     all alarms have been cancelled; ok deraadt
   - djm@@cvs.openbsd.org 2006/08/18 10:27:16
     [misc.h]
     reorder so prototypes are sorted by the files they refer to; no
     binary change
   - djm@@cvs.openbsd.org 2006/08/18 13:54:54
     [gss-genr.c ssh-gss.h sshconnect2.c]
     bz #1218 - disable SPNEGO as per RFC4462; diff from simon AT sxw.org.uk
     ok markus@@
   - djm@@cvs.openbsd.org 2006/08/18 14:40:34
     [gss-genr.c ssh-gss.h]
     constify host argument to match the rest of the GSSAPI functions and
     unbreak compilation with -Werror
 - (djm) Disable sigdie() for platforms that cannot safely syslog inside
   a signal handler (basically all of them, excepting OpenBSD);
   ok dtucker@@

20060817
 - (dtucker) [openbsd-compat/fake-rfc2553.c openbsd-compat/setproctitle.c]
   Include stdlib.h for malloc and friends.
 - (dtucker) [configure.ac openbsd-compat/bsd-closefrom.c] Use F_CLOSEM fcntl
   for closefrom() on AIX.  Pointed out by William Ahern.
 - (dtucker) [openbsd-compat/regress/{Makefile.in,closefromtest.c}] Regress
   test for closefrom() in compat code.

20060816
 - (djm) [audit-bsm.c] Sprinkle in some headers

20060815
 - (dtucker) [LICENCE] Add Reyk to the list for the compat dir.

20060806
 - (djm) [openbsd-compat/bsd-getpeereid.c] Add some headers to quiet warnings
   on Solaris 10

20060806
 - (dtucker) [defines.h] With the includes.h changes we no longer get the
   name clash on "YES" so we can remove the workaround for it.
 - (dtucker) [openbsd-compat/{bsd-asprintf.c,bsd-openpty.c,bsd-snprintf.c,
   glob.c}] Include stdlib.h for malloc and friends in compat code.

20060805
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2006/07/24 13:58:22
     [sshconnect.c]
     disable tunnel forwarding when no strict host key checking
     and key changed; ok djm@@ markus@@ dtucker@@
   - stevesk@@cvs.openbsd.org 2006/07/25 02:01:34
     [scard.c]
     need #include <string.h>
   - stevesk@@cvs.openbsd.org 2006/07/25 02:59:21
     [channels.c clientloop.c packet.c scp.c serverloop.c sftp-client.c]
     [sftp-server.c ssh-agent.c ssh-keyscan.c sshconnect.c sshd.c]
     move #include <sys/time.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/26 02:35:17
     [atomicio.c auth.c dh.c authfile.c buffer.c clientloop.c kex.c]
     [groupaccess.c gss-genr.c kexgexs.c misc.c monitor.c monitor_mm.c]
     [packet.c scp.c serverloop.c session.c sftp-client.c sftp-common.c]
     [sftp-server.c sftp.c ssh-add.c ssh-agent.c ssh-keygen.c sshlogin.c]
     [uidswap.c xmalloc.c]
     move #include <sys/param.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/26 13:57:17
     [authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c]
     [hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c]
     [scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c]
     [sshconnect1.c sshd.c xmalloc.c]
     move #include <stdlib.h> out of includes.h
   - jmc@@cvs.openbsd.org 2006/07/27 08:00:50
     [ssh_config.5]
     avoid confusing wording in HashKnownHosts:
     originally spotted by alan amesbury;
     ok deraadt
   - jmc@@cvs.openbsd.org 2006/07/27 08:00:50
     [ssh_config.5]
     avoid confusing wording in HashKnownHosts:
     originally spotted by alan amesbury;
     ok deraadt
   - dtucker@@cvs.openbsd.org 2006/08/01 11:34:36
     [sshconnect.c]
     Allow fallback to known_hosts entries without port qualifiers for
     non-standard ports too, so that all existing known_hosts entries will be
     recognised.  Requested by, feedback and ok markus@@
   - stevesk@@cvs.openbsd.org 2006/08/01 23:22:48
     [auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c]
     [auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c]
     [channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c]
     [kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c]
     [monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c]
     [servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c]
     [sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c]
     [uuencode.h xmalloc.c]
     move #include <stdio.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/08/01 23:36:12
     [authfile.c channels.c progressmeter.c scard.c servconf.c ssh.c]
     clean extra spaces
   - deraadt@@cvs.openbsd.org 2006/08/03 03:34:42
     [OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
     [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
     [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
     [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
     [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
     [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
     [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
     [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
     [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
     [serverloop.c session.c session.h sftp-client.c sftp-common.c]
     [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
     [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
     [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
     [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
     almost entirely get rid of the culture of ".h files that include .h files"
     ok djm, sort of ok stevesk
     makes the pain stop in one easy step
     NB. portable commit contains everything *except* removing includes.h, as
     that will take a fair bit more work as we move headers that are required
     for portability workarounds to defines.h. (also, this step wasn't "easy")
   - stevesk@@cvs.openbsd.org 2006/08/04 20:46:05
     [monitor.c session.c ssh-agent.c]
     spaces
 - (djm) [auth-pam.c defines.h] Move PAM related bits to auth-pam.c
 - (djm) [auth-pam.c auth.c bufaux.h entropy.c openbsd-compat/port-tun.c]
   remove last traces of bufaux.h - it was merged into buffer.h in the big
   includes.h commit
 - (djm) [auth.c loginrec.c] Missing netinet/in.h for loginrec
 - (djm) [openbsd-compat/regress/snprintftest.c]
   [openbsd-compat/regress/strduptest.c] Add missing includes so they pass
   compilation with "-Wall -Werror"
 - (djm) [auth-pam.c auth-shadow.c auth2-none.c cleanup.c sshd.c]
   [openbsd-compat/port-tun.c openbsd-compat/port-tun.h] Sprinkle more
   includes for Linux in
 - (dtucker) [cleanup.c] Need defines.h for __dead.
 - (dtucker) [auth2-gss.c] We still need the #ifdef GSSAPI in -portable.
 - (dtucker) [openbsd-compat/{bsd-arc4random.c,port-tun.c,xmmap.c}] Lots of
   #include stdarg.h, needed for log.h.
 - (dtucker) [entropy.c] Needs unistd.h too.
 - (dtucker) [ssh-rand-helper.c] Needs stdarg.h for log.h.
 - (dtucker) [openbsd-compat/getrrsetbyname.c] Nees stdlib.h for malloc.
 - (dtucker) [openbsd-compat/strtonum.c] Include stdlib.h for strtoll,
   otherwise it is implicitly declared as returning an int.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2006/08/05 07:52:52
     [auth2-none.c sshd.c monitor_wrap.c]
     Add headers required to build with KERBEROS5=no.  ok djm@@
   - dtucker@@cvs.openbsd.org 2006/08/05 08:00:33
     [auth-skey.c]
     Add headers required to build with -DSKEY.  ok djm@@
   - dtucker@@cvs.openbsd.org 2006/08/05 08:28:24
     [monitor_wrap.c auth-skey.c auth2-chall.c]
     Zap unused variables in -DSKEY code.  ok djm@@
   - dtucker@@cvs.openbsd.org 2006/08/05 08:34:04
     [packet.c]
     Typo in comment
 - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Add headers required to compile
   on Cygwin.
 - (dtucker) [openbsd-compat/fake-rfc2553.c] Add headers needed for inet_ntoa.
 - (dtucker) [auth-skey.c] monitor_wrap.h needs ssh-gss.h.
 - (dtucker) [audit.c audit.h] Repair headers.
 - (dtucker) [audit-bsm.c] Add additional headers now required.

20060804
 - (dtucker) [configure.ac] The "crippled AES" test does not work on recent
   versions of Solaris, so use AC_LINK_IFELSE to actually link the test program
   rather than just compiling it.  Spotted by dlg@@.

20060802
 - (dtucker) [openbsd-compat/daemon.c] Add unistd.h for fork() prototype.

20060725
 - (dtucker) [openbsd-compat/xmmap.c] Need fcntl.h for O_RDRW.

20060724
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/07/12 13:39:55
     [sshd_config.5]
      - new sentence, new line
      - s/The the/The/
      - kill a bad comma
   - stevesk@@cvs.openbsd.org 2006/07/12 22:28:52
     [auth-options.c canohost.c channels.c includes.h readconf.c]
     [servconf.c ssh-keyscan.c ssh.c sshconnect.c sshd.c]
     move #include <netdb.h> out of includes.h; ok djm@@
   - stevesk@@cvs.openbsd.org 2006/07/12 22:42:32
     [includes.h ssh.c ssh-rand-helper.c]
     move #include <stddef.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/14 01:15:28
     [monitor_wrap.h]
     don't need incompletely-typed 'struct passwd' now with
     #include <pwd.h>; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/07/17 01:31:10
     [authfd.c authfile.c channels.c cleanup.c clientloop.c groupaccess.c]
     [includes.h log.c misc.c msg.c packet.c progressmeter.c readconf.c]
     [readpass.c scp.c servconf.c sftp-client.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c]
     [sshconnect.c sshlogin.c sshpty.c uidswap.c]
     move #include <unistd.h> out of includes.h
   - dtucker@@cvs.openbsd.org 2006/07/17 12:02:24
     [auth-options.c]
     Use '\0' rather than 0 to terminates strings; ok djm@@
   - dtucker@@cvs.openbsd.org 2006/07/17 12:06:00
     [channels.c channels.h servconf.c sshd_config.5]
     Add PermitOpen directive to sshd_config which is equivalent to the
     "permitopen" key option.  Allows server admin to allow TCP port
     forwarding only two specific host/port pairs.  Useful when combined
     with Match.
     If permitopen is used in both sshd_config and a key option, both
     must allow a given connection before it will be permitted.
     Note that users can still use external forwarders such as netcat,
     so to be those must be controlled too for the limits to be effective.
     Feedback & ok djm@@, man page corrections & ok jmc@@.
   - jmc@@cvs.openbsd.org 2006/07/18 07:50:40
     [sshd_config.5]
     tweak; ok dtucker
   - jmc@@cvs.openbsd.org 2006/07/18 07:56:28
     [scp.1]
     replace DIAGNOSTICS with .Ex;
   - jmc@@cvs.openbsd.org 2006/07/18 08:03:09
     [ssh-agent.1 sshd_config.5]
     mark up angle brackets;
   - dtucker@@cvs.openbsd.org 2006/07/18 08:22:23
     [sshd_config.5]
     Clarify description of Match, with minor correction from jmc@@
   - stevesk@@cvs.openbsd.org 2006/07/18 22:27:55
     [dh.c]
     remove unneeded includes; ok djm@@
   - dtucker@@cvs.openbsd.org 2006/07/19 08:56:41
     [servconf.c sshd_config.5]
     Add support for X11Forwaring, X11DisplayOffset and X11UseLocalhost to
     Match.  ok djm@@
   - dtucker@@cvs.openbsd.org 2006/07/19 13:07:10
     [servconf.c servconf.h session.c sshd.8 sshd_config sshd_config.5]
     Add ForceCommand keyword to sshd_config, equivalent to the "command="
     key option, man page entry and example in sshd_config.
     Feedback & ok djm@@, man page corrections & ok jmc@@
   - stevesk@@cvs.openbsd.org 2006/07/20 15:26:15
     [auth1.c serverloop.c session.c sshconnect2.c]
     missed some needed #include <unistd.h> when KERBEROS5=no; issue from
     massimo@@cedoc.mo.it
   - dtucker@@cvs.openbsd.org 2006/07/21 12:43:36
     [channels.c channels.h servconf.c servconf.h sshd_config.5]
     Make PermitOpen take a list of permitted ports and act more like most
     other keywords (ie the first match is the effective setting). This
     also makes it easier to override a previously set PermitOpen. ok djm@@
   - stevesk@@cvs.openbsd.org 2006/07/21 21:13:30
     [channels.c]
     more ARGSUSED (lint) for dispatch table-driven functions; ok djm@@
   - stevesk@@cvs.openbsd.org 2006/07/21 21:26:55
     [progressmeter.c]
     ARGSUSED for signal handler
   - stevesk@@cvs.openbsd.org 2006/07/22 19:08:54
     [includes.h moduli.c progressmeter.c scp.c sftp-common.c]
     [sftp-server.c ssh-agent.c sshlogin.c]
     move #include <time.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/22 20:48:23
     [atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
     [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
     [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
     [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
     [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
     [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
     [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
     move #include <string.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/23 01:11:05
     [auth.h dispatch.c kex.h sftp-client.c]
     #include <signal.h> for sig_atomic_t; need this prior to <sys/param.h>
     move
 - (djm) [acss.c auth-krb5.c auth-options.c auth-pam.c auth-shadow.c]
   [canohost.c channels.c cipher-acss.c defines.h dns.c gss-genr.c]
   [gss-serv-krb5.c gss-serv.c log.h loginrec.c logintest.c readconf.c]
   [servconf.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c]
   [ssh.c sshconnect.c sshd.c openbsd-compat/bindresvport.c]
   [openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-misc.c]
   [openbsd-compat/getrrsetbyname.c openbsd-compat/glob.c]
   [openbsd-compat/mktemp.c openbsd-compat/port-linux.c]
   [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c]
   [openbsd-compat/setproctitle.c openbsd-compat/xmmap.c]
   make the portable tree compile again - sprinkle unistd.h and string.h 
   back in. Don't redefine __unused, as it turned out to be used in
   headers on Linux, and replace its use in auth-pam.c with ARGSUSED
 - (djm) [openbsd-compat/glob.c]
   Move get_arg_max() into the ifdef HAVE_GLOB block so that it compiles
   on OpenBSD (or other platforms with a decent glob implementation) with
   -Werror
 - (djm) [uuencode.c]
   Add resolv.h, is it contains the prototypes for __b64_ntop/__b64_pton on
   some platforms
 - (djm) [session.c]
   fix compile error with -Werror -Wall: 'path' is only used in
   do_setup_env() if HAVE_LOGIN_CAP is not defined
 - (djm) [openbsd-compat/basename.c openbsd-compat/bsd-closefrom.c]
   [openbsd-compat/bsd-cray.c openbsd-compat/bsd-openpty.c]
   [openbsd-compat/bsd-snprintf.c openbsd-compat/fake-rfc2553.c]
   [openbsd-compat/port-aix.c openbsd-compat/port-irix.c]
   [openbsd-compat/rresvport.c]
   These look to need string.h and/or unistd.h (based on a grep for function
   names)
 - (djm) [Makefile.in]
   Remove generated openbsd-compat/regress/Makefile in distclean target
 - (djm) [regress/Makefile regress/agent-getpeereid.sh regress/cfgmatch.sh]
   [regress/cipher-speed.sh regress/forcecommand.sh regress/forwarding.sh]
   Sync regress tests to -current; include dtucker@@'s new cfgmatch and 
   forcecommand tests. Add cipher-speed.sh test (not linked in yet)
 - (dtucker) [cleanup.c] Since config.h defines _LARGE_FILES on AIX, including
   system headers before defines.h will cause conflicting definitions.
 - (dtucker) [regress/forcecommand.sh] Portablize.

20060713
 - (dtucker) [auth-krb5.c auth-pam.c] Still more errno.h

20060712
 - (dtucker) [configure.ac defines.h] Only define SHUT_RD (and friends) and
   O_NONBLOCK if they're really needed.  Fixes build errors on HP-UX, old
   Linuxes and probably more.
 - (dtucker) [configure.ac] OpenBSD needs <sys/types.h> before <sys/socket.h>
   for SHUT_RD.
 - (dtucker) [openbsd-compat/port-tun.c] OpenBSD needs <netinet/in.h> before
   <netinet/ip.h>.
 - (dtucker) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2006/07/10 16:01:57
     [sftp-glob.c sftp-common.h sftp.c]
     buffer.h only needed in sftp-common.h and remove some unneeded
     user includes; ok djm@@
   - jmc@@cvs.openbsd.org 2006/07/10 16:04:21
     [sshd.8]
     s/and and/and/
   - stevesk@@cvs.openbsd.org 2006/07/10 16:37:36
     [readpass.c log.h scp.c fatal.c xmalloc.c includes.h ssh-keyscan.c misc.c
     auth.c packet.c log.c]
     move #include <stdarg.h> out of includes.h; ok markus@@
   - dtucker@@cvs.openbsd.org 2006/07/11 10:12:07
     [ssh.c]
     Only copy the part of environment variable that we actually use.  Prevents
     ssh bailing when SendEnv is used and an environment variable with a really
     long value exists.  ok djm@@
   - markus@@cvs.openbsd.org 2006/07/11 18:50:48
     [clientloop.c ssh.1 ssh.c channels.c ssh_config.5 readconf.h session.c
     channels.h readconf.c]
     add ExitOnForwardFailure: terminate the connection if ssh(1)
     cannot set up all requested dynamic, local, and remote port
     forwardings. ok djm, dtucker, stevesk, jmc
   - stevesk@@cvs.openbsd.org 2006/07/11 20:07:25
     [scp.c auth.c monitor.c serverloop.c sftp-server.c sshpty.c readpass.c
     sshd.c monitor_wrap.c monitor_fdpass.c ssh-agent.c ttymodes.c atomicio.c
     includes.h session.c sshlogin.c monitor_mm.c packet.c sshconnect2.c
     sftp-client.c nchan.c clientloop.c sftp.c misc.c canohost.c channels.c
     ssh-keygen.c progressmeter.c uidswap.c msg.c readconf.c sshconnect.c]
     move #include <errno.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/07/11 20:16:43
     [ssh.c]
     cast asterisk field precision argument to int to remove warning;
     ok markus@@
   - stevesk@@cvs.openbsd.org 2006/07/11 20:27:56
     [authfile.c ssh.c]
     need <errno.h> here also (it's also included in <openssl/err.h>)
   - dtucker@@cvs.openbsd.org 2006/07/12 11:34:58
     [sshd.c servconf.h servconf.c sshd_config.5 auth.c]
     Add support for conditional directives to sshd_config via a "Match"
     keyword, which works similarly to the "Host" directive in ssh_config.
     Lines after a Match line override the default set in the main section
     if the condition on the Match line is true, eg
     AllowTcpForwarding yes
     Match User anoncvs
             AllowTcpForwarding no
     will allow port forwarding by all users except "anoncvs".
     Currently only a very small subset of directives are supported.
     ok djm@@
 - (dtucker) [loginrec.c openbsd-compat/xmmap.c openbsd-compat/bindresvport.c
   openbsd-compat/glob.c openbsd-compat/mktemp.c openbsd-compat/port-tun.c
   openbsd-compat/readpassphrase.c openbsd-compat/strtonum.c] Include <errno.h>.
 - (dtucker) [openbsd-compat/setproctitle.c] Include stdarg.h.
 - (dtucker) [ssh-keyscan.c ssh-rand-helper.c] More errno.h here too.
 - (dtucker) [openbsd-compat/openbsd-compat.h] v*printf needs stdarg.h.
 - (dtucker) [openbsd-compat/bsd-asprintf.c openbsd-compat/port-aix.c
   openbsd-compat/rresvport.c] More errno.h.

20060711
 - (dtucker) [configure.ac ssh-keygen.c openbsd-compat/bsd-openpty.c
   openbsd-compat/daemon.c] Add includes needed by open(2).  Conditionally
   include paths.h.  Fixes build error on Solaris.
 - (dtucker) [entropy.c] More fcntl.h, this time on AIX (and probably
   others).

20060710
 - (dtucker) [INSTALL] New autoconf version: 2.60.
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2006/06/14 10:50:42
     [sshconnect.c]
     limit the number of pre-banner characters we will accept; ok markus@@
   - djm@@cvs.openbsd.org 2006/06/26 10:36:15
     [clientloop.c]
     mention optional bind_address in runtime port forwarding setup
     command-line help. patch from santhi.amirta AT gmail.com
   - stevesk@@cvs.openbsd.org 2006/07/02 17:12:58
     [ssh.1 ssh.c ssh_config.5 sshd_config.5]
     more details and clarity for tun(4) device forwarding; ok and help
     jmc@@
   - stevesk@@cvs.openbsd.org 2006/07/02 18:36:47
     [gss-serv-krb5.c gss-serv.c]
     no "servconf.h" needed here
     (gss-serv-krb5.c change not applied, portable needs the server options)
   - stevesk@@cvs.openbsd.org 2006/07/02 22:45:59
     [groupaccess.c groupaccess.h includes.h session.c sftp-common.c sshpty.c]
     move #include <grp.h> out of includes.h
     (portable needed uidswap.c too)
   - stevesk@@cvs.openbsd.org 2006/07/02 23:01:55
     [clientloop.c ssh.1]
     use -KR[bind_address:]port here; ok djm@@
   - stevesk@@cvs.openbsd.org 2006/07/03 08:54:20
     [includes.h ssh.c sshconnect.c sshd.c]
     move #include "version.h" out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/07/03 17:59:32
     [channels.c includes.h]
     move #include <arpa/inet.h> out of includes.h; old ok djm@@
     (portable needed session.c too)
   - stevesk@@cvs.openbsd.org 2006/07/05 02:42:09
     [canohost.c hostfile.c includes.h misc.c packet.c readconf.c]
     [serverloop.c sshconnect.c uuencode.c]
     move #include <netinet/in.h> out of includes.h; ok deraadt@@
     (also ssh-rand-helper.c logintest.c loginrec.c)
   - djm@@cvs.openbsd.org 2006/07/06 10:47:05
     [servconf.c servconf.h session.c sshd_config.5]
     support arguments to Subsystem commands; ok markus@@
   - djm@@cvs.openbsd.org 2006/07/06 10:47:57
     [sftp-server.8 sftp-server.c]
     add commandline options to enable logging of transactions; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/07/06 16:03:53
     [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c]
     [auth-rhosts.c auth-rsa.c auth.c auth.h auth2-hostbased.c]
     [auth2-pubkey.c auth2.c includes.h misc.c misc.h monitor.c]
     [monitor_wrap.c monitor_wrap.h scp.c serverloop.c session.c]
     [session.h sftp-common.c ssh-add.c ssh-keygen.c ssh-keysign.c]
     [ssh.c sshconnect.c sshconnect.h sshd.c sshpty.c sshpty.h uidswap.c]
     [uidswap.h]
     move #include <pwd.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/07/06 16:22:39
     [ssh-keygen.c]
     move #include "dns.h" up
   - stevesk@@cvs.openbsd.org 2006/07/06 17:36:37
     [monitor_wrap.h]
     typo in comment
   - stevesk@@cvs.openbsd.org 2006/07/08 21:47:12
     [authfd.c canohost.c clientloop.c dns.c dns.h includes.h]
     [monitor_fdpass.c nchan.c packet.c servconf.c sftp.c ssh-agent.c]
     [ssh-keyscan.c ssh.c sshconnect.h sshd.c sshlogin.h]
     move #include <sys/socket.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/08 21:48:53
     [monitor.c session.c]
     missed these from last commit:
     move #include <sys/socket.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/08 23:30:06
     [log.c]
     move user includes after /usr/include files
   - stevesk@@cvs.openbsd.org 2006/07/09 15:15:11
     [auth2-none.c authfd.c authfile.c includes.h misc.c monitor.c]
     [readpass.c scp.c serverloop.c sftp-client.c sftp-server.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     [sshlogin.c sshpty.c]
     move #include <fcntl.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/09 15:27:59
     [ssh-add.c]
     use O_RDONLY vs. 0 in open(); no binary change
   - djm@@cvs.openbsd.org 2006/07/10 11:24:54
     [sftp-server.c]
     remove optind - it isn't used here
   - djm@@cvs.openbsd.org 2006/07/10 11:25:53
     [sftp-server.c]
     don't log variables that aren't yet set
 - (djm) [loginrec.c ssh-rand-helper.c sshd.c openbsd-compat/glob.c]
   [openbsd-compat/mktemp.c openbsd-compat/openbsd-compat.h]
   [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c]
   [openbsd-compat/xcrypt.c] Fix includes.h fallout, mainly fcntl.h
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2006/07/10 12:03:20
     [scp.c]
     duplicate argv at the start of main() because it gets modified later;
     pointed out by deraadt@@ ok markus@@
   - djm@@cvs.openbsd.org 2006/07/10 12:08:08
     [channels.c]
     fix misparsing of SOCKS 5 packets that could result in a crash;
     reported by mk@@ ok markus@@
   - dtucker@@cvs.openbsd.org 2006/07/10 12:46:51
     [misc.c misc.h sshd.8 sshconnect.c]
     Add port identifier to known_hosts for non-default ports, based originally
     on a patch from Devin Nate in bz#910.
     For any connection using the default port or using a HostKeyAlias the
     format is unchanged, otherwise the host name or address is enclosed
     within square brackets in the same format as sshd's ListenAddress.
     Tested by many, ok markus@@.
 - (dtucker) [openbsd-compat/openbsd-compat.h] Need to include <sys/socket.h>
   for struct sockaddr on platforms that use the fake-rfc stuff.

20060706
 - (dtucker) [configure.ac] Try AIX blibpath test in different order when
   compiling with gcc.  gcc 4.1.x will accept (but ignore) -b flags so
   configure would not select the correct libpath linker flags.
 - (dtucker) [INSTALL] A bit more info on autoconf.

20060705
 - (dtucker) [ssh-rand-helper.c] Don't exit if mkdir fails because the
   target already exists.

20060630
 - (dtucker) [openbsd-compat/openbsd-compat.h] SNPRINTF_CONST for snprintf
   declaration too.  Patch from russ at sludge.net.
 - (dtucker) [openbsd-compat/getrrsetbyname.c] Undef _res before defining it,
   prevents warnings on platforms where _res is in the system headers.
 - (dtucker) [INSTALL] Bug #1202: Note when autoconf is required and which
   version.

20060627
 - (dtucker) [configure.ac] Bug #1203: Add missing '[', which causes problems
   with autoconf 2.60.  Patch from vapier at gentoo.org.

20060625
 - (dtucker) [channels.c serverloop.c] Apply the bug #1102 workaround to ptys
   only, otherwise sshd can hang exiting non-interactive sessions.

20060624
 - (dtucker) [configure.ac] Bug #1193: Define PASSWD_NEEDS_USERNAME on Solaris.
   Works around limitation in Solaris' passwd program for changing passwords
   where the username is longer than 8 characters.  ok djm@@
 - (dtucker) [serverloop.c] Get ifdef/ifndef the right way around for the bug
   #1102 workaround.

20060623
 - (dtucker) [README.platform configure.ac openbsd-compat/port-tun.c] Add
   tunnel support for Mac OS X/Darwin via a third-party tun driver.  Patch
   from reyk@@, tested by anil@@
 - (dtucker) [channels.c configure.ac serverloop.c] Bug #1102: Around AIX
   4.3.3 ML3 or so, the AIX pty layer starting passing zero-length writes
   on the pty slave as zero-length reads on the pty master, which sshd
   interprets as the descriptor closing.  Since most things don't do zero
   length writes this rarely matters, but occasionally it happens, and when
   it does the SSH pty session appears to hang, so we add a special case for
   this condition.  ok djm@@

20060613
 - (djm) [getput.h] This file has been replaced by functions in misc.c
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2006/05/08 10:49:48
     [sshconnect2.c]
     uint32_t -> u_int32_t (which we use everywhere else)
     (Id sync only - portable already had this)
   - markus@@cvs.openbsd.org 2006/05/16 09:00:00
     [clientloop.c]
     missing free; from Kylene Hall
   - markus@@cvs.openbsd.org 2006/05/17 12:43:34
     [scp.c sftp.c ssh-agent.c ssh-keygen.c sshconnect.c]
     fix leak; coverity via Kylene Jo Hall
   - miod@@cvs.openbsd.org 2006/05/18 21:27:25
     [kexdhc.c kexgexc.c]
     paramter -> parameter
   - dtucker@@cvs.openbsd.org 2006/05/29 12:54:08
     [ssh_config.5]
     Add gssapi-with-mic to PreferredAuthentications default list; ok jmc
   - dtucker@@cvs.openbsd.org 2006/05/29 12:56:33
     [ssh_config]
     Add GSSAPIAuthentication and GSSAPIDelegateCredentials to examples in
     sample ssh_config.  ok markus@@
   - jmc@@cvs.openbsd.org 2006/05/29 16:10:03
     [ssh_config.5]
     oops - previous was too long; split the list of auths up
   - mk@@cvs.openbsd.org 2006/05/30 11:46:38
     [ssh-add.c]
     Sync usage() with man page and reality.
     ok deraadt dtucker
   - jmc@@cvs.openbsd.org 2006/05/29 16:13:23
     [ssh.1]
     add GSSAPI to the list of authentication methods supported;
   - mk@@cvs.openbsd.org 2006/05/30 11:46:38
     [ssh-add.c]
     Sync usage() with man page and reality.
     ok deraadt dtucker
   - markus@@cvs.openbsd.org 2006/06/01 09:21:48
     [sshd.c]
     call get_remote_ipaddr() early; fixes logging after client disconnects;
     report mpf@@; ok dtucker@@
   - markus@@cvs.openbsd.org 2006/06/06 10:20:20
     [readpass.c sshconnect.c sshconnect.h sshconnect2.c uidswap.c]
     replace remaining setuid() calls with permanently_set_uid() and
     check seteuid() return values; report Marcus Meissner; ok dtucker djm
   - markus@@cvs.openbsd.org 2006/06/08 14:45:49
     [readpass.c sshconnect.c sshconnect2.c uidswap.c uidswap.h]
     do not set the gid, noted by solar; ok djm
   - djm@@cvs.openbsd.org 2006/06/13 01:18:36
     [ssh-agent.c]
     always use a format string, even when printing a constant
   - djm@@cvs.openbsd.org 2006/06/13 02:17:07
     [ssh-agent.c]
     revert; i am on drugs. spotted by alexander AT beard.se

20060521
 - (dtucker) [auth.c monitor.c] Now that we don't log from both the monitor
   and slave, we can remove the special-case handling in the audit hook in
   auth_log.

20060517
 - (dtucker) [ssh-rand-helper.c] Check return code of mkdir and fix file
   pointer leak.  From kjhall at us.ibm.com, found by coverity.

20060515
 - (dtucker) [openbsd-compat/getrrsetbyname.c] Use _compat_res instead of
   _res, prevents problems on some platforms that have _res as a global but
   don't have getrrsetbyname(), eg IRIX 5.3.  Found and tested by
   georg.schwarz at freenet.de, ok djm@@.
 - (dtucker) [defines.h] Find a value for IOV_MAX or use a conservative
   default.  Patch originally from tim@@, ok djm
 - (dtucker) [auth-pam.c] Bug #1188: pass result of do_pam_account back and
   do not allow kbdint again after the PAM account check fails.  ok djm@@

20060506
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2006/04/25 08:02:27
     [authfile.c authfile.h sshconnect2.c ssh.c sshconnect1.c]
     Prevent ssh from trying to open private keys with bad permissions more than
     once or prompting for their passphrases (which it subsequently ignores
     anyway), similar to a previous change in ssh-add.  bz #1186, ok djm@@
   - djm@@cvs.openbsd.org 2006/05/04 14:55:23
     [dh.c]
     tighter DH exponent checks here too; feedback and ok markus@@
   - djm@@cvs.openbsd.org 2006/04/01 05:37:46
     [OVERVIEW]
     $OpenBSD$ in here too
   - dtucker@@cvs.openbsd.org 2006/05/06 08:35:40
     [auth-krb5.c]
     Add $OpenBSD$ in comment here too

20060504
 - (dtucker) [auth-pam.c groupaccess.c monitor.c monitor_wrap.c scard-opensc.c
   session.c ssh-rand-helper.c sshd.c openbsd-compat/bsd-cygwin_util.c
   openbsd-compat/setproctitle.c] Convert malloc(foo*bar) -> calloc(foo,bar)
   in Portable-only code; since calloc zeros, remove now-redundant memsets.
   Also add a couple of sanity checks.  With & ok djm@@

20060503
 - (dtucker) [packet.c] Remove in_systm.h since it's also in includes.h
   and double including it on IRIX 5.3 causes problems.  From Georg Schwarz,
   "no objections" tim@@

20060423
 - (djm) OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2006/04/01 05:42:20
     [scp.c]
     minimal lint cleanup (unused crud, and some size_t); ok djm
   - djm@@cvs.openbsd.org 2006/04/01 05:50:29
     [scp.c]
     xasprintification; ok deraadt@@
   - djm@@cvs.openbsd.org 2006/04/01 05:51:34
     [atomicio.c]
     ANSIfy; requested deraadt@@
   - dtucker@@cvs.openbsd.org 2006/04/02 08:34:52
     [ssh-keysign.c]
     sessionid can be 32 bytes now too when sha256 kex is used; ok djm@@
   - djm@@cvs.openbsd.org 2006/04/03 07:10:38
     [gss-genr.c]
     GSSAPI buffers shouldn't be nul-terminated, spotted in bugzilla #1066
     by dleonard AT vintela.com. use xasprintf() to simplify code while in
     there; "looks right" deraadt@@
   - djm@@cvs.openbsd.org 2006/04/16 00:48:52
     [buffer.c buffer.h channels.c]
     Fix condition where we could exit with a fatal error when an input
     buffer became too large and the remote end had advertised a big window.
     The problem was a mismatch in the backoff math between the channels code
     and the buffer code, so make a buffer_check_alloc() function that the
     channels code can use to propsectivly check whether an incremental
     allocation will succeed.  bz #1131, debugged with the assistance of
     cove AT wildpackets.com; ok dtucker@@ deraadt@@
   - djm@@cvs.openbsd.org 2006/04/16 00:52:55
     [atomicio.c atomicio.h]
     introduce atomiciov() function that wraps readv/writev to retry
     interrupted transfers like atomicio() does for read/write;
     feedback deraadt@@ dtucker@@ stevesk@@ ok deraadt@@
   - djm@@cvs.openbsd.org 2006/04/16 00:54:10
     [sftp-client.c]
     avoid making a tiny 4-byte write to send the packet length of sftp
     commands, which would result in a separate tiny packet on the wire by
     using atomiciov(writev, ...) to write the length and the command in one
     pass; ok deraadt@@
   - djm@@cvs.openbsd.org 2006/04/16 07:59:00
     [atomicio.c]
     reorder sanity test so that it cannot dereference past the end of the
     iov array; well spotted canacar@@!
   - dtucker@@cvs.openbsd.org 2006/04/18 10:44:28
     [bufaux.c bufbn.c Makefile.in]
     Move Buffer bignum functions into their own file, bufbn.c. This means
     that sftp and sftp-server (which use the Buffer functions in bufaux.c 
     but not the bignum ones) no longer need to be linked with libcrypto.
     ok markus@@
   - djm@@cvs.openbsd.org 2006/04/20 09:27:09
     [auth.h clientloop.c dispatch.c dispatch.h kex.h]
     replace the last non-sig_atomic_t flag used in a signal handler with a
     sig_atomic_t, unfortunately with some knock-on effects in other (non-
     signal) contexts in which it is used; ok markus@@
   - markus@@cvs.openbsd.org 2006/04/20 09:47:59
     [sshconnect.c]
     simplify; ok djm@@
   - djm@@cvs.openbsd.org 2006/04/20 21:53:44
     [includes.h session.c sftp.c]
     Switch from using pipes to socketpairs for communication between
     sftp/scp and ssh, and between sshd and its subprocesses. This saves
     a file descriptor per session and apparently makes userland ppp over
     ssh work; ok markus@@ deraadt@@ (ID Sync only - portable makes this
     decision on a per-platform basis)
   - djm@@cvs.openbsd.org 2006/04/22 04:06:51
     [uidswap.c]
     use setres[ug]id() to permanently revoke privileges; ok deraadt@@
     (ID Sync only - portable already uses setres[ug]id() whenever possible)
   - stevesk@@cvs.openbsd.org 2006/04/22 18:29:33
     [crc32.c]
     remove extra spaces
 - (djm) [auth.h dispatch.h kex.h] sprinkle in signal.h to get
   sig_atomic_t

20060421
 - (djm) [Makefile.in configure.ac session.c sshpty.c]
   [contrib/redhat/sshd.init openbsd-compat/Makefile.in]
   [openbsd-compat/openbsd-compat.h openbsd-compat/port-linux.c]
   [openbsd-compat/port-linux.h] Add support for SELinux, setting 
   the execution and TTY contexts. based on patch from Daniel Walsh,
   bz #880; ok dtucker@@

20060418
 - (djm) [canohost.c] Reorder IP options check so that it isn't broken
   by mapped addresses; bz #1179 reported by markw wtech-llc.com;
   ok dtucker@@

20060331
 - OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2006/03/27 01:21:18
     [xmalloc.c]
     we can do the size & nmemb check before the integer overflow check; 
     evol
   - deraadt@@cvs.openbsd.org 2006/03/27 13:03:54
     [dh.c]
     use strtonum() instead of atoi(), limit dhg size to 64k; ok djm
   - djm@@cvs.openbsd.org 2006/03/27 23:15:46
     [sftp.c]
     always use a format string for addargs; spotted by mouring@@
   - deraadt@@cvs.openbsd.org 2006/03/28 00:12:31
     [README.tun ssh.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/28 01:52:28
     [channels.c]
     do not accept unreasonable X ports numbers; ok djm
   - deraadt@@cvs.openbsd.org 2006/03/28 01:53:43
     [ssh-agent.c]
     use strtonum() to parse the pid from the file, and range check it
     better; ok djm
   - djm@@cvs.openbsd.org 2006/03/30 09:41:25
     [channels.c]
     ARGSUSED for dispatch table-driven functions
   - djm@@cvs.openbsd.org 2006/03/30 09:58:16
     [authfd.c bufaux.c deattack.c gss-serv.c mac.c misc.c misc.h]
     [monitor_wrap.c msg.c packet.c sftp-client.c sftp-server.c ssh-agent.c]
     replace {GET,PUT}_XXBIT macros with functionally similar functions,
     silencing a heap of lint warnings. also allows them to use
     __bounded__ checking which can't be applied to macros; requested
     by and feedback from deraadt@@
   - djm@@cvs.openbsd.org 2006/03/30 10:41:25
     [ssh.c ssh_config.5]
     add percent escape chars to the IdentityFile option, bz #1159 based
     on a patch by imaging AT math.ualberta.ca; feedback and ok dtucker@@
   - dtucker@@cvs.openbsd.org 2006/03/30 11:05:17
     [ssh-keygen.c]
     Correctly handle truncated files while converting keys; ok djm@@
   - dtucker@@cvs.openbsd.org 2006/03/30 11:40:21
     [auth.c monitor.c]
     Prevent duplicate log messages when privsep=yes; ok djm@@
   - jmc@@cvs.openbsd.org 2006/03/31 09:09:30
     [ssh_config.5]
     kill trailing whitespace;
   - djm@@cvs.openbsd.org 2006/03/31 09:13:56
     [ssh_config.5]
     remote user escape is %r not %h; spotted by jmc@@

20060326
 - OpenBSD CVS Sync
   - jakob@@cvs.openbsd.org 2006/03/15 08:46:44
     [ssh-keygen.c]
     if no key file are given when printing the DNS host record, use the
     host key file(s) as default. ok djm@@
   - biorn@@cvs.openbsd.org 2006/03/16 10:31:45
     [scp.c]
     Try to display errormessage even if remout == -1
     ok djm@@, markus@@
   - djm@@cvs.openbsd.org 2006/03/17 22:31:50
     [authfd.c]
     another unreachable found by lint
   - djm@@cvs.openbsd.org 2006/03/17 22:31:11
     [authfd.c]
     unreachanble statement, found by lint
   - djm@@cvs.openbsd.org 2006/03/19 02:22:32
     [serverloop.c]
     memory leaks detected by Coverity via elad AT netbsd.org;
     ok deraadt@@ dtucker@@
   - djm@@cvs.openbsd.org 2006/03/19 02:22:56
     [sftp.c]
     more memory leaks detected by Coverity via elad AT netbsd.org;
     deraadt@@ ok
   - djm@@cvs.openbsd.org 2006/03/19 02:23:26
     [hostfile.c]
     FILE* leak detected by Coverity via elad AT netbsd.org;
     ok deraadt@@
   - djm@@cvs.openbsd.org 2006/03/19 02:24:05
     [dh.c readconf.c servconf.c]
     potential NULL pointer dereferences detected by Coverity
     via elad AT netbsd.org; ok deraadt@@
   - djm@@cvs.openbsd.org 2006/03/19 07:41:30
     [sshconnect2.c]
     memory leaks detected by Coverity via elad AT netbsd.org;
     deraadt@@ ok
   - dtucker@@cvs.openbsd.org 2006/03/19 11:51:52
     [servconf.c]
     Correct strdelim null test; ok djm@@
   - deraadt@@cvs.openbsd.org 2006/03/19 18:52:11
     [auth1.c authfd.c channels.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/19 18:53:12
     [kex.c kex.h monitor.c myproposal.h session.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/19 18:56:41
     [clientloop.c progressmeter.c serverloop.c sshd.c]
     ARGSUSED for signal handlers
   - deraadt@@cvs.openbsd.org 2006/03/19 18:59:49
     [ssh-keyscan.c]
     please lint
   - deraadt@@cvs.openbsd.org 2006/03/19 18:59:30
     [ssh.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/19 18:59:09
     [authfile.c]
     whoever thought that break after return was a good idea needs to
     get their head examimed
   - djm@@cvs.openbsd.org 2006/03/20 04:09:44
     [monitor.c]
     memory leaks detected by Coverity via elad AT netbsd.org;
     deraadt@@ ok
     that should be all of them now
   - djm@@cvs.openbsd.org 2006/03/20 11:38:46
     [key.c]
     (really) last of the Coverity diffs: avoid possible NULL deref in
     key_free. via elad AT netbsd.org; markus@@ ok
   - deraadt@@cvs.openbsd.org 2006/03/20 17:10:19
     [auth.c key.c misc.c packet.c ssh-add.c]
     in a switch (), break after return or goto is stupid
   - deraadt@@cvs.openbsd.org 2006/03/20 17:13:16
     [key.c]
     djm did a typo
   - deraadt@@cvs.openbsd.org 2006/03/20 17:17:23
     [ssh-rsa.c]
     in a switch (), break after return or goto is stupid
   - deraadt@@cvs.openbsd.org 2006/03/20 18:14:02
     [channels.c clientloop.c monitor_wrap.c monitor_wrap.h serverloop.c]
     [ssh.c sshpty.c sshpty.h]
     sprinkle u_int throughout pty subsystem, ok markus
   - deraadt@@cvs.openbsd.org 2006/03/20 18:17:20
     [auth1.c auth2.c sshd.c]
     sprinkle some ARGSUSED for table driven functions (which sometimes 
     must ignore their args)
   - deraadt@@cvs.openbsd.org 2006/03/20 18:26:55
     [channels.c monitor.c session.c session.h ssh-agent.c ssh-keygen.c]
     [ssh-rsa.c ssh.c sshlogin.c]
     annoying spacing fixes getting in the way of real diffs
   - deraadt@@cvs.openbsd.org 2006/03/20 18:27:50
     [monitor.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/20 18:35:12
     [channels.c]
     x11_fake_data is only ever used as u_char *
   - deraadt@@cvs.openbsd.org 2006/03/20 18:41:43
     [dns.c]
     cast xstrdup to propert u_char *
   - deraadt@@cvs.openbsd.org 2006/03/20 18:42:27
     [canohost.c match.c ssh.c sshconnect.c]
     be strict with tolower() casting
   - deraadt@@cvs.openbsd.org 2006/03/20 18:48:34
     [channels.c fatal.c kex.c packet.c serverloop.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/20 21:11:53
     [ttymodes.c]
     spacing
   - djm@@cvs.openbsd.org 2006/03/25 00:05:41
     [auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
     [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
     [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
     [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
     [xmalloc.c xmalloc.h]
     introduce xcalloc() and xasprintf() failure-checked allocations 
     functions and use them throughout openssh

     xcalloc is particularly important because malloc(nmemb * size) is a
     dangerous idiom (subject to integer overflow) and it is time for it 
     to die

     feedback and ok deraadt@@
   - djm@@cvs.openbsd.org 2006/03/25 01:13:23
     [buffer.c channels.c deattack.c misc.c scp.c session.c sftp-client.c]
     [sftp-server.c ssh-agent.c ssh-rsa.c xmalloc.c xmalloc.h auth-pam.c]
     [uidswap.c]
     change OpenSSH's xrealloc() function from being xrealloc(p, new_size)
     to xrealloc(p, new_nmemb, new_itemsize).

     realloc is particularly prone to integer overflows because it is
     almost always allocating "n * size" bytes, so this is a far safer 
     API; ok deraadt@@
   - djm@@cvs.openbsd.org 2006/03/25 01:30:23
     [sftp.c]
     "abormally" is a perfectly cromulent word, but "abnormally" is better
   - djm@@cvs.openbsd.org 2006/03/25 13:17:03
     [atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
     [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
     [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
     [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
     [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
     [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
     [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
     [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
     [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c]
     Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
     Theo nuked - our scripts to sync -portable need them in the files
   - deraadt@@cvs.openbsd.org 2006/03/25 18:29:35
     [auth-rsa.c authfd.c packet.c]
     needed casts (always will be needed)
   - deraadt@@cvs.openbsd.org 2006/03/25 18:30:55
     [clientloop.c serverloop.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/25 18:36:15
     [sshlogin.c sshlogin.h]
     nicer size_t and time_t types
   - deraadt@@cvs.openbsd.org 2006/03/25 18:40:14
     [ssh-keygen.c]
     cast strtonum() result to right type
   - deraadt@@cvs.openbsd.org 2006/03/25 18:41:45
     [ssh-agent.c]
     mark two more signal handlers ARGSUSED
   - deraadt@@cvs.openbsd.org 2006/03/25 18:43:30
     [channels.c]
     use strtonum() instead of atoi() [limit X screens to 400, sorry]
   - deraadt@@cvs.openbsd.org 2006/03/25 18:56:55
     [bufaux.c channels.c packet.c]
     remove (char *) casts to a function that accepts void * for the arg
   - deraadt@@cvs.openbsd.org 2006/03/25 18:58:10
     [channels.c]
     delete cast not required
   - djm@@cvs.openbsd.org 2006/03/25 22:22:43
     [atomicio.h auth-options.h auth.h auth2-gss.c authfd.h authfile.h]
     [bufaux.h buffer.h canohost.h channels.h cipher.h clientloop.h]
     [compat.h compress.h crc32.c crc32.h deattack.h dh.h dispatch.h]
     [dns.c dns.h getput.h groupaccess.h gss-genr.c gss-serv-krb5.c]
     [gss-serv.c hostfile.h includes.h kex.h key.h log.h mac.h match.h]
     [misc.h monitor.h monitor_fdpass.h monitor_mm.h monitor_wrap.h msg.h]
     [myproposal.h packet.h pathnames.h progressmeter.h readconf.h rsa.h]
     [scard.h servconf.h serverloop.h session.h sftp-common.h sftp.h]
     [ssh-gss.h ssh.h ssh1.h ssh2.h sshconnect.h sshlogin.h sshpty.h]
     [ttymodes.h uidswap.h uuencode.h xmalloc.h]
     standardise spacing in $OpenBSD$ tags; requested by deraadt@@
   - deraadt@@cvs.openbsd.org 2006/03/26 01:31:48
     [uuencode.c]
     typo

20060325
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2006/03/16 04:24:42
     [ssh.1]
     Add RFC4419 (Diffie-Hellman group exchange KEX) to the list of SSH RFCs
     that OpenSSH supports
   - deraadt@@cvs.openbsd.org 2006/03/19 18:51:18
     [atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
     [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
     [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
     [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
     [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
     [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
     [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
     [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
     [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
     [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
     [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
     [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
     [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
     [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
     [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
     [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
     RCSID() can die
   - deraadt@@cvs.openbsd.org 2006/03/19 18:53:12
     [kex.h myproposal.h]
     spacing
   - djm@@cvs.openbsd.org 2006/03/20 04:07:22
     [auth2-gss.c]
     GSSAPI related leaks detected by Coverity via elad AT netbsd.org;
     reviewed by simon AT sxw.org.uk; deraadt@@ ok
   - djm@@cvs.openbsd.org 2006/03/20 04:07:49
     [gss-genr.c]
     more GSSAPI related leaks detected by Coverity via elad AT netbsd.org;
     reviewed by simon AT sxw.org.uk; deraadt@@ ok
   - djm@@cvs.openbsd.org 2006/03/20 04:08:18
     [gss-serv.c]
     last lot of GSSAPI related leaks detected by Coverity via
     elad AT netbsd.org; reviewed by simon AT sxw.org.uk; deraadt@@ ok
   - deraadt@@cvs.openbsd.org 2006/03/20 18:14:02
     [monitor_wrap.h sshpty.h]
     sprinkle u_int throughout pty subsystem, ok markus
   - deraadt@@cvs.openbsd.org 2006/03/20 18:26:55
     [session.h]
     annoying spacing fixes getting in the way of real diffs
   - deraadt@@cvs.openbsd.org 2006/03/20 18:41:43
     [dns.c]
     cast xstrdup to propert u_char *
   - jakob@@cvs.openbsd.org 2006/03/22 21:16:24
     [ssh.1]
     simplify SSHFP example; ok jmc@@
   - djm@@cvs.openbsd.org 2006/03/22 21:27:15
     [deattack.c deattack.h]
     remove IV support from the CRC attack detector, OpenSSH has never used
     it - it only applied to IDEA-CFB, which we don't support.
     prompted by NetBSD Coverity report via elad AT netbsd.org;
     feedback markus@@ "nuke it" deraadt@@

20060318
 - (djm) [auth-pam.c] Fix memleak in error path, from Coverity via
   elad AT NetBSD.org
 - (dtucker) [openbsd-compat/bsd-snprintf.c] Bug #1173: make fmtint() take
   a LLONG rather than a long.  Fixes scp'ing of large files on platforms
   with missing/broken snprintfs.  Patch from e.borovac at bom.gov.au.

20060316
 - (dtucker) [entropy.c] Add headers for WIFEXITED and friends.
 - (dtucker) [configure.ac md-sha256.c] NetBSD has sha2.h in
   /usr/include/crypto.  Hint from djm@@.
 - (tim) [kex.c myproposal.h md-sha256.c openbsd-compat/sha2.c,h]
   Disable sha256 when openssl < 0.9.7. Patch from djm@@.
 - (djm) [kex.c] Slightly more clean deactivation of dhgex-sha256 on old
   OpenSSL; ok tim

20060315
 - (djm) OpenBSD CVS Sync:
   - msf@@cvs.openbsd.org 2006/02/06 15:54:07
     [ssh.1]
     - typo fix
     ok jmc@@
   - jmc@@cvs.openbsd.org 2006/02/06 21:44:47
     [ssh.1]
     make this a little less ambiguous...
   - stevesk@@cvs.openbsd.org 2006/02/07 01:08:04
     [auth-rhosts.c includes.h]
     move #include <netgroup.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/07 01:18:09
     [includes.h ssh-agent.c ssh-keyscan.c sshconnect2.c]
     move #include <sys/queue.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/07 01:42:00
     [channels.c clientloop.c clientloop.h includes.h packet.h]
     [serverloop.c sshpty.c sshpty.h sshtty.c ttymodes.c]
     move #include <termios.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/07 01:52:50
     [sshtty.c]
     "log.h" not needed
   - stevesk@@cvs.openbsd.org 2006/02/07 03:47:05
     [hostfile.c]
     "packet.h" not needed
   - stevesk@@cvs.openbsd.org 2006/02/07 03:59:20
     [deattack.c]
     duplicate #include
   - stevesk@@cvs.openbsd.org 2006/02/08 12:15:27
     [auth.c clientloop.c includes.h misc.c monitor.c readpass.c]
     [session.c sftp.c ssh-agent.c ssh-keysign.c ssh.c sshconnect.c]
     [sshd.c sshpty.c]
     move #include <paths.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/08 12:32:49
     [includes.h misc.c]
     move #include <netinet/tcp.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/08 13:15:44
     [gss-serv.c monitor.c]
     small KNF
   - stevesk@@cvs.openbsd.org 2006/02/08 14:16:59
     [sshconnect.c]
     <openssl/bn.h> not needed
   - stevesk@@cvs.openbsd.org 2006/02/08 14:31:30
     [includes.h ssh-agent.c ssh-keyscan.c ssh.c]
     move #include <sys/resource.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/08 14:38:18
     [includes.h packet.c]
     move #include <netinet/in_systm.h> and <netinet/ip.h> out of
     includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/08 23:51:24
     [includes.h scp.c sftp-glob.c sftp-server.c]
     move #include <dirent.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/09 00:32:07
     [includes.h]
     #include <sys/endian.h> not needed; ok djm@@
     NB. ID Sync only - we still need this (but it may move later)
   - jmc@@cvs.openbsd.org 2006/02/09 10:10:47
     [sshd.8]
     - move some text into a CAVEATS section
     - merge the COMMAND EXECUTION... section into AUTHENTICATION
   - stevesk@@cvs.openbsd.org 2006/02/10 00:27:13
     [channels.c clientloop.c includes.h misc.c progressmeter.c sftp.c]
     [ssh.c sshd.c sshpty.c]
     move #include <sys/ioctl.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/10 01:44:27
     [includes.h monitor.c readpass.c scp.c serverloop.c session.c]
     [sftp.c sshconnect.c sshconnect2.c sshd.c]
     move #include <sys/wait.h> out of includes.h; ok markus@@
   - otto@@cvs.openbsd.org 2006/02/11 19:31:18
     [atomicio.c]
     type correctness; from Ray Lai in PR 5011; ok millert@@
   - djm@@cvs.openbsd.org 2006/02/12 06:45:34
     [ssh.c ssh_config.5]
     add a %l expansion code to the ControlPath, which is filled in with the
     local hostname at runtime. Requested by henning@@ to avoid some problems
     with /home on NFS; ok dtucker@@
   - djm@@cvs.openbsd.org 2006/02/12 10:44:18
     [readconf.c]
     raise error when the user specifies a RekeyLimit that is smaller than 16
     (the smallest of our cipher's blocksize) or big enough to cause integer
     wraparound; ok & feedback dtucker@@
   - jmc@@cvs.openbsd.org 2006/02/12 10:49:44
     [ssh_config.5]
     slight rewording; ok djm
   - jmc@@cvs.openbsd.org 2006/02/12 10:52:41
     [sshd.8]
     rework the description of authorized_keys a little;
   - jmc@@cvs.openbsd.org 2006/02/12 17:57:19
     [sshd.8]
     sort the list of options permissable w/ authorized_keys;
     ok djm dtucker
   - jmc@@cvs.openbsd.org 2006/02/13 10:16:39
     [sshd.8]
     no need to subsection the authorized_keys examples - instead, convert
     this to look like an actual file. also use proto 2 keys, and use IETF
     example addresses;
   - jmc@@cvs.openbsd.org 2006/02/13 10:21:25
     [sshd.8]
     small tweaks for the ssh_known_hosts section;
   - jmc@@cvs.openbsd.org 2006/02/13 11:02:26
     [sshd.8]
     turn this into an example ssh_known_hosts file; ok djm
   - jmc@@cvs.openbsd.org 2006/02/13 11:08:43
     [sshd.8]
     - avoid nasty line split
     - `*' does not need to be escaped
   - jmc@@cvs.openbsd.org 2006/02/13 11:27:25
     [sshd.8]
     sort FILES and use a -compact list;
   - david@@cvs.openbsd.org 2006/02/15 05:08:24
     [sftp-client.c]
     typo in comment; ok djm@@
   - jmc@@cvs.openbsd.org 2006/02/15 16:53:20
     [ssh.1]
     remove the IETF draft references and replace them with some updated RFCs;
   - jmc@@cvs.openbsd.org 2006/02/15 16:55:33
     [sshd.8]
     remove ietf draft references; RFC list now maintained in ssh.1;
   - jmc@@cvs.openbsd.org 2006/02/16 09:05:34
     [sshd.8]
     sync some of the FILES entries w/ ssh.1;
   - jmc@@cvs.openbsd.org 2006/02/19 19:52:10
     [sshd.8]
     move the sshrc stuff out of FILES, and into its own section:
     FILES is not a good place to document how stuff works;
   - jmc@@cvs.openbsd.org 2006/02/19 20:02:17
     [sshd.8]
     sync the (s)hosts.equiv FILES entries w/ those from ssh.1;
   - jmc@@cvs.openbsd.org 2006/02/19 20:05:00
     [sshd.8]
     grammar;
   - jmc@@cvs.openbsd.org 2006/02/19 20:12:25
     [ssh_config.5]
     add some vertical space;
   - stevesk@@cvs.openbsd.org 2006/02/20 16:36:15
     [authfd.c channels.c includes.h session.c ssh-agent.c ssh.c]
     move #include <sys/un.h> out of includes.h; ok djm@@
   - stevesk@@cvs.openbsd.org 2006/02/20 17:02:44
     [clientloop.c includes.h monitor.c progressmeter.c scp.c]
     [serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
     move #include <signal.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/20 17:19:54
     [auth-rhosts.c auth-rsa.c auth.c auth2-none.c auth2-pubkey.c]
     [authfile.c clientloop.c includes.h readconf.c scp.c session.c]
     [sftp-client.c sftp-common.c sftp-common.h sftp-glob.c]
     [sftp-server.c sftp.c ssh-add.c ssh-keygen.c ssh.c sshconnect.c]
     [sshconnect2.c sshd.c sshpty.c]
     move #include <sys/stat.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/22 00:04:45
     [canohost.c clientloop.c includes.h match.c readconf.c scp.c ssh.c]
     [sshconnect.c]
     move #include <ctype.h> out of includes.h; ok djm@@
   - jmc@@cvs.openbsd.org 2006/02/24 10:25:14
     [ssh_config.5]
     add section on patterns;
     from dtucker + myself
   - jmc@@cvs.openbsd.org 2006/02/24 10:33:54
     [sshd_config.5]
     signpost to PATTERNS;
   - jmc@@cvs.openbsd.org 2006/02/24 10:37:07
     [ssh_config.5]
     tidy up the refs to PATTERNS;
   - jmc@@cvs.openbsd.org 2006/02/24 10:39:52
     [sshd.8]
     signpost to PATTERNS section;
   - jmc@@cvs.openbsd.org 2006/02/24 20:22:16
     [ssh-keysign.8 ssh_config.5 sshd_config.5]
     some consistency fixes;
   - jmc@@cvs.openbsd.org 2006/02/24 20:31:31
     [ssh.1 ssh_config.5 sshd.8 sshd_config.5]
     more consistency fixes;
   - jmc@@cvs.openbsd.org 2006/02/24 23:20:07
     [ssh_config.5]
     some grammar/wording fixes;
   - jmc@@cvs.openbsd.org 2006/02/24 23:43:57
     [sshd_config.5]
     some grammar/wording fixes;
   - jmc@@cvs.openbsd.org 2006/02/24 23:51:17
     [sshd_config.5]
     oops - bits i missed;
   - jmc@@cvs.openbsd.org 2006/02/25 12:26:17
     [ssh_config.5]
     document the possible values for KbdInteractiveDevices;
     help/ok dtucker
   - jmc@@cvs.openbsd.org 2006/02/25 12:28:34
     [sshd_config.5]
     document the order in which allow/deny directives are processed;
     help/ok dtucker
   - jmc@@cvs.openbsd.org 2006/02/26 17:17:18
     [ssh_config.5]
     move PATTERNS to the end of the main body; requested by dtucker
   - jmc@@cvs.openbsd.org 2006/02/26 18:01:13
     [sshd_config.5]
     subsection is pointless here;
   - jmc@@cvs.openbsd.org 2006/02/26 18:03:10
     [ssh_config.5]
     comma;
   - djm@@cvs.openbsd.org 2006/02/28 01:10:21
     [session.c]
     fix logout recording when privilege separation is disabled, analysis and
     patch from vinschen at redhat.com; tested by dtucker@@ ok deraadt@@
     NB. ID sync only - patch already in portable
   - djm@@cvs.openbsd.org 2006/03/04 04:12:58
     [serverloop.c]
     move a debug() outside of a signal handler; ok markus@@ a little while back
   - djm@@cvs.openbsd.org 2006/03/12 04:23:07
     [ssh.c]
     knf nit
   - djm@@cvs.openbsd.org 2006/03/13 08:16:00
     [sshd.c]
     don't log that we are listening on a socket before the listen() call
     actually succeeds, bz #1162 reported by Senthil Kumar; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2006/03/13 08:33:00
     [packet.c]
     Set TCP_NODELAY for all connections not just "interactive" ones.  Fixes
     poor performance and protocol stalls under some network conditions (mindrot
     bugs #556 and #981). Patch originally from markus@@, ok djm@@
   - dtucker@@cvs.openbsd.org 2006/03/13 08:43:16
     [ssh-keygen.c]
     Make ssh-keygen handle CR and CRLF line termination when converting IETF
     format keys, in adition to vanilla LF.  mindrot #1157, tested by Chris
     Pepper, ok djm@@
   - dtucker@@cvs.openbsd.org 2006/03/13 10:14:29
     [misc.c ssh_config.5 sshd_config.5]
     Allow config directives to contain whitespace by surrounding them by double
     quotes.  mindrot #482, man page help from jmc@@, ok djm@@
   - dtucker@@cvs.openbsd.org 2006/03/13 10:26:52
     [authfile.c authfile.h ssh-add.c]
     Make ssh-add check file permissions before attempting to load private
     key files multiple times; it will fail anyway and this prevents confusing
     multiple prompts and warnings.  mindrot #1138, ok djm@@
   - djm@@cvs.openbsd.org 2006/03/14 00:15:39
     [canohost.c]
     log the originating address and not just the name when a reverse
     mapping check fails, requested by linux AT linuon.com
   - markus@@cvs.openbsd.org 2006/03/14 16:32:48
     [ssh_config.5 sshd_config.5]
     *AliveCountMax applies to protcol v2 only; ok dtucker, djm
   - djm@@cvs.openbsd.org 2006/03/07 09:07:40
     [kex.c kex.h monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
     Implement the diffie-hellman-group-exchange-sha256 key exchange method
     using the SHA256 code in libc (and wrapper to make it into an OpenSSL
     EVP), interop tested against CVS PuTTY
     NB. no portability bits committed yet
 - (djm) [configure.ac defines.h kex.c md-sha256.c]
   [openbsd-compat/sha2.h openbsd-compat/openbsd-compat.h]
   [openbsd-compat/sha2.c] First stab at portability glue for SHA256
   KEX support, should work with libc SHA256 support or OpenSSL
   EVP_sha256 if present
 - (djm) [includes.h] Restore accidentally dropped netinet/in.h
 - (djm) [Makefile.in openbsd-compat/Makefile.in] Add added files
 - (djm) [md-sha256.c configure.ac] md-sha256.c needs sha2.h if present
 - (djm) [regress/.cvsignore] Ignore Makefile here
 - (djm) [loginrec.c] Need stat.h
 - (djm) [openbsd-compat/sha2.h] Avoid include macro clash with
   system sha2.h
 - (djm) [ssh-rand-helper.c] Needs a bunch of headers
 - (djm) [ssh-agent.c] Restore dropped stat.h
 - (djm) [openbsd-compat/sha2.h openbsd-compat/sha2.c] Comment out 
   SHA384, which we don't need and doesn't compile without tweaks
 - (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c]
   [sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c]
   [sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c]
   [openbsd-compat/glob.c openbsd-compat/mktemp.c]
   [openbsd-compat/readpassphrase.c] Lots of include fixes for
   OpenSolaris
 - (tim) [includes.h] put sys/stat.h back in to quiet some "macro redefined:"
 - (tim) [openssh/sshpty.c openssh/openbsd-compat/port-tun.c] put in some
   includes removed from includes.h
 - (dtucker) [configure.ac] Fix glob test conversion to AC_TRY_COMPILE
 - (djm) [includes.h] Put back paths.h, it is needed in defines.h
 - (dtucker) [openbsd-compat/openbsd-compat.h] AIX (at least) needs
   sys/ioctl.h for struct winsize.
 - (dtucker) [configure.ac] login_cap.h requires sys/types.h on NetBSD.

20060313
 - (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong)
   since not all platforms support it.  Instead, use internal equivalent while
   computing LLONG_MIN and LLONG_MAX.  Remove special case for alpha-dec-osf*
   as it's no longer required.  Tested by Bernhard Simon, ok djm@@

20060304
 - (dtucker) [contrib/cygwin/ssh-host-config] Require use of lastlog as a
   file rather than directory, required as Cygwin will be importing lastlog(1).
   Also tightens up permissions on the file.  Patch from vinschen@@redhat.com.
 - (dtucker) [gss-serv-krb5.c] Bug #1166: Correct #ifdefs for gssapi_krb5.h
   includes.  Patch from gentoo.riverrat at gmail.com.

20060226
 - (dtucker) [configure.ac] Bug #1156: QNX apparently needs SSHD_ACQUIRES_CTTY
   patch from kraai at ftbfs.org.

20060223
 - (dtucker) [sshd_config sshd_config.5] Update UsePAM to reflect current
   reality.  Pointed out by tryponraj at gmail.com.

20060222
 - (dtucker) [openbsd-compat/openssl-compat.{c,h}] Minor tidy up: only
   compile in compat code if required.

20060221
 - (dtucker) [openbsd-compat/openssl-compat.h] Prevent warning about
   redefinition of SSLeay_add_all_algorithms.

20060220
 - (dtucker) [INSTALL configure.ac openbsd-compat/openssl-compat.{c,h}]
   Add optional enabling of OpenSSL's (hardware) Engine support, via
   configure --with-ssl-engine.  Based in part on a diff by michal at
   logix.cz.

20060219
 - (dtucker) [Makefile.in configure.ac, added openbsd-compat/regress/]
   Add first attempt at regress tests for compat library.  ok djm@@

20060214
 - (tim) [buildpkg.sh.in] Make the names consistent.
   s/pkg_post_make_install_fixes.sh/pkg-post-make-install-fixes.sh/ OK dtucker@@

20060212
 - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Make loop counter unsigned
   to silence compiler warning, from vinschen at redhat.com.
 - (tim) [configure.ac] Bug #1149. Disable /etc/default/login check for QNX.
 - (dtucker) [README version.h contrib/caldera/openssh.spec
   contrib/redhat/openssh.spec contrib/suse/openssh.spec] Bump version
   strings to match 4.3p2 release.

20060208
 - (tim) [session.c] Logout records were not updated on systems with
   post auth privsep disabled due to bug 1086 changes. Analysis and patch
   by vinschen at redhat.com. OK tim@@, dtucker@@.
 - (dtucker) [configure.ac] Typo in Ultrix and NewsOS sections (NEED_SETPRGP
   -> NEED_SETPGRP), reported by Bernhard Simon.  ok tim@@

20060206
 - (tim) [configure.ac] Remove unnecessary tests for net/if.h and 
   netinet/in_systm.h. OK dtucker@@.

20060205
 - (tim) [configure.ac] Add AC_REVISION. Add sys/time.h to lastlog.h test
   for Solaris. OK dtucker@@.
 - (tim) [configure.ac] Bug #1149. Changes in QNX section only. Patch by
   kraai at ftbfs.org.

20060203
 - (tim) [configure.ac] test for egrep (AC_PROG_EGREP) before first
   AC_CHECK_HEADERS test. Without it, if AC_CHECK_HEADERS is first run
   by a platform specific check, builtin standard includes tests will be
   skipped on the other platforms.
   Analysis and suggestion by vinschen at redhat.com, patch by dtucker@@.
   OK tim@@, djm@@.

20060202
 - (dtucker) [configure.ac] Bug #1148: Fix "crippled AES" test so that it
   works with picky compilers.  Patch from alex.kiernan at thus.net.

20060201
 - (djm) [regress/test-exec.sh] Try 'logname' as well as 'whoami' to 
   determine the user's login name - needed for regress tests on Solaris 
   10 and OpenSolaris
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/02/01 09:06:50
     [sshd.8]
     - merge sections on protocols 1 and 2 into a single section
     - remove configuration file section
     ok markus
   - jmc@@cvs.openbsd.org 2006/02/01 09:11:41
     [sshd.8]
     small tweak;
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Update versions ahead of release
   - markus@@cvs.openbsd.org 2006/02/01 11:27:22
     [version.h]
     openssh 4.3
 - (djm) Release OpenSSH 4.3p1

20060131
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/01/20 11:21:45
     [ssh_config.5]
     - word change, agreed w/ markus
     - consistency fixes
   - jmc@@cvs.openbsd.org 2006/01/25 09:04:34
     [sshd.8]
     move the options description up the page, and a few additional tweaks
     whilst in here;
     ok markus
   - jmc@@cvs.openbsd.org 2006/01/25 09:07:22
     [sshd.8]
     move subsections to full sections;
   - jmc@@cvs.openbsd.org 2006/01/26 08:47:56
     [ssh.1]
     add a section on verifying host keys in dns;
     written with a lot of help from jakob;
     feedback dtucker/markus;
     ok markus
   - reyk@@cvs.openbsd.org 2006/01/30 12:22:22
     [channels.c]
     mark channel as write failed or dead instead of read failed on error
     of the channel output filter.
     ok markus@@
   - jmc@@cvs.openbsd.org 2006/01/30 13:37:49
     [ssh.1]
     remove an incorrect sentence;
     reported by roumen petrov;
     ok djm markus
   - djm@@cvs.openbsd.org 2006/01/31 10:19:02
     [misc.c misc.h scp.c sftp.c]
     fix local arbitrary command execution vulnerability on local/local and
     remote/remote copies (CVE-2006-0225, bz #1094), patch by
     t8m AT centrum.cz, polished by dtucker@@ and myself; ok markus@@
   - djm@@cvs.openbsd.org 2006/01/31 10:35:43
     [scp.c]
     "scp a b c" shouldn't clobber "c" when it is not a directory, report and
     fix from biorn@@; ok markus@@
 - (djm) Sync regress tests to OpenBSD:
   - dtucker@@cvs.openbsd.org 2005/03/10 10:20:39
     [regress/forwarding.sh]
     Regress test for ClearAllForwardings (bz #994); ok markus@@
   - dtucker@@cvs.openbsd.org 2005/04/25 09:54:09
     [regress/multiplex.sh]
     Don't call cleanup in multiplex as test-exec will cleanup anyway
     found by tim@@, ok djm@@
     NB. ID sync only, we already had this
   - djm@@cvs.openbsd.org 2005/05/20 23:14:15
     [regress/test-exec.sh]
     force addressfamily=inet for tests, unbreaking dynamic-forward regress for
     recently committed nc SOCKS5 changes
   - djm@@cvs.openbsd.org 2005/05/24 04:10:54
     [regress/try-ciphers.sh]
     oops, new arcfour modes here too
   - markus@@cvs.openbsd.org 2005/06/30 11:02:37
     [regress/scp.sh]
     allow SUDO=sudo; from Alexander Bluhm
   - grunk@@cvs.openbsd.org 2005/11/14 21:25:56
     [regress/agent-getpeereid.sh]
     all other scripts in this dir use $SUDO, not 'sudo', so pull this even
     ok markus@@
   - dtucker@@cvs.openbsd.org 2005/12/14 04:36:39
     [regress/scp-ssh-wrapper.sh]
     Fix assumption about how many args scp will pass; ok djm@@
     NB. ID sync only, we already had this
   - djm@@cvs.openbsd.org 2006/01/27 06:49:21
     [scp.sh]
     regress test for local to local scp copies; ok dtucker@@
   - djm@@cvs.openbsd.org 2006/01/31 10:23:23
     [scp.sh]
     regression test for CVE-2006-0225 written by dtucker@@
   - djm@@cvs.openbsd.org 2006/01/31 10:36:33
     [scp.sh]
     regress test for "scp a b c" where "c" is not a directory

20060129
 - (dtucker) [configure.ac opensshd.init.in] Bug #1144: Use /bin/sh for the
   opensshd.init script interpretter if /sbin/sh does not exist.  ok tim@@

20060120
 - (dtucker) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/01/15 17:37:05
     [ssh.1]
     correction from deraadt
   - jmc@@cvs.openbsd.org 2006/01/18 10:53:29
     [ssh.1]
     add a section on ssh-based vpn, based on reyk's README.tun;
   - dtucker@@cvs.openbsd.org 2006/01/20 00:14:55
     [scp.1 ssh.1 ssh_config.5 sftp.1]
     Document RekeyLimit.  Based on patch from jan.iven at cern.ch from mindrot
     #1056 with feedback from jmc, djm and markus; ok jmc@@ djm@@

20060114
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/01/06 13:27:32
     [ssh.1]
     weed out some duplicate info in the known_hosts FILES entries;
     ok djm
   - jmc@@cvs.openbsd.org 2006/01/06 13:29:10
     [ssh.1]
     final round of whacking FILES for duplicate info, and some consistency
     fixes;
     ok djm
   - jmc@@cvs.openbsd.org 2006/01/12 14:44:12
     [ssh.1]
     split sections on tcp and x11 forwarding into two sections.
     add an example in the tcp section, based on sth i wrote for ssh faq;
     help + ok: djm markus dtucker
   - jmc@@cvs.openbsd.org 2006/01/12 18:48:48
     [ssh.1]
     refer to `TCP' rather than `TCP/IP' in the context of connection
     forwarding;
     ok markus
   - jmc@@cvs.openbsd.org 2006/01/12 22:20:00
     [sshd.8]
     refer to TCP forwarding, rather than TCP/IP forwarding;
   - jmc@@cvs.openbsd.org 2006/01/12 22:26:02
     [ssh_config.5]
     refer to TCP forwarding, rather than TCP/IP forwarding;
   - jmc@@cvs.openbsd.org 2006/01/12 22:34:12
     [ssh.1]
     back out a sentence - AUTHENTICATION already documents this;

20060109
 - (dtucker) [contrib/cygwin/ssh-host-config] Make sshd service depend on
   tcpip service so it's always started after IP is up.  Patch from
   vinschen at redhat.com.

20060106
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/01/03 16:31:10
     [ssh.1]
     move FILES to a -compact list, and make each files an item in that list.
     this avoids nastly line wrap when we have long pathnames, and treats
     each file as a separate item;
     remove the .Pa too, since it is useless.
   - jmc@@cvs.openbsd.org 2006/01/03 16:35:30
     [ssh.1]
     use a larger width for the ENVIRONMENT list;
   - jmc@@cvs.openbsd.org 2006/01/03 16:52:36
     [ssh.1]
     put FILES in some sort of order: sort by pathname
   - jmc@@cvs.openbsd.org 2006/01/03 16:55:18
     [ssh.1]
     tweak the description of ~/.ssh/environment
   - jmc@@cvs.openbsd.org 2006/01/04 18:42:46
     [ssh.1]
     chop out some duplication in the .{r,s}hosts/{h,sh}osts.equiv FILES
     entries;
     ok markus
   - jmc@@cvs.openbsd.org 2006/01/04 18:45:01
     [ssh.1]
     remove .Xr's to rsh(1) and telnet(1): they are hardly needed;
   - jmc@@cvs.openbsd.org 2006/01/04 19:40:24
     [ssh.1]
     +.Xr ssh-keyscan 1 ,
   - jmc@@cvs.openbsd.org 2006/01/04 19:50:09
     [ssh.1]
     -.Xr gzip 1 ,
   - djm@@cvs.openbsd.org 2006/01/05 23:43:53
     [misc.c]
     check that stdio file descriptors are actually closed before clobbering
     them in sanitise_stdfd(). problems occurred when a lower numbered fd was
     closed, but higher ones weren't. spotted by, and patch tested by
     Frdric Olivi

20060103
 - (djm) [channels.c] clean up harmless merge error, from reyk@@

20060103
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/01/02 17:09:49
     [ssh_config.5 sshd_config.5]
     some corrections from michael knudsen;

20060102
 - (djm) [README.tun] Add README.tun, missed during sync of tun(4) support
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2005/12/31 10:46:17
     [ssh.1]
     merge the "LOGIN SESSION AND REMOTE EXECUTION" and "SERVER
     AUTHENTICATION" sections into "AUTHENTICATION";
     some rewording done to make the text read better, plus some
     improvements from djm;
     ok djm
   - jmc@@cvs.openbsd.org 2005/12/31 13:44:04
     [ssh.1]
     clean up ENVIRONMENT a little;
   - jmc@@cvs.openbsd.org 2005/12/31 13:45:19
     [ssh.1]
     .Nm does not require an argument;
   - stevesk@@cvs.openbsd.org 2006/01/01 08:59:27
     [includes.h misc.c]
     move <net/if.h>; ok djm@@
   - stevesk@@cvs.openbsd.org 2006/01/01 10:08:48
     [misc.c]
     no trailing "\n" for debug()
   - djm@@cvs.openbsd.org 2006/01/02 01:20:31
     [sftp-client.c sftp-common.h sftp-server.c]
     use a common max. packet length, no binary change
   - reyk@@cvs.openbsd.org 2006/01/02 07:53:44
     [misc.c]
     clarify tun(4) opening - set the mode and bring the interface up. also
     (re)sets the tun(4) layer 2 LINK0 flag for existing tunnel interfaces.
     suggested and ok by djm@@
   - jmc@@cvs.openbsd.org 2006/01/02 12:31:06
     [ssh.1]
     start to cut some duplicate info from FILES;
     help/ok djm

20060101
 - (djm) [Makefile.in configure.ac includes.h misc.c]
         [openbsd-compat/port-tun.c openbsd-compat/port-tun.h] Add support
         for tunnel forwarding for FreeBSD and NetBSD. NetBSD's support is
         limited to IPv4 tunnels only, and most versions don't support the
         tap(4) device at all.
 - (djm) [configure.ac] Fix linux/if_tun.h test
 - (djm) [openbsd-compat/port-tun.c] Linux needs linux/if.h too

20051229
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2005/12/28 22:46:06
     [canohost.c channels.c clientloop.c]
     use 'break-in' for consistency; ok deraadt@@ ok and input jmc@@
   - reyk@@cvs.openbsd.org 2005/12/30 15:56:37
     [channels.c channels.h clientloop.c]
     add channel output filter interface.
     ok djm@@, suggested by markus@@
   - jmc@@cvs.openbsd.org 2005/12/30 16:59:00
     [sftp.1]
     do not suggest that interactive authentication will work
     with the -b flag;
     based on a diff from john l. scarfone;
     ok djm
   - stevesk@@cvs.openbsd.org 2005/12/31 01:38:45
     [ssh.1]
     document -MM; ok djm@@
 - (djm) [openbsd-compat/port-tun.c openbsd-compat/port-tun.h configure.ac]
   [serverloop.c ssh.c openbsd-compat/Makefile.in]
   [openbsd-compat/openbsd-compat.h] Implement tun(4) forwarding 
   compatability support for Linux, diff from reyk@@
 - (djm) [configure.ac] Disable Linux tun(4) compat code if linux/tun.h does
   not exist
 - (djm) [configure.ac] oops, make that linux/if_tun.h

20051229
 - (tim) [buildpkg.sh.in] grep for $SSHDUID instead of $SSHDGID on /etc/passwd

20051224
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2005/12/20 21:59:43
     [ssh.1]
     merge the sections on protocols 1 and 2 into one section on
     authentication;
     feedback djm dtucker
     ok deraadt markus dtucker
   - jmc@@cvs.openbsd.org 2005/12/20 22:02:50
     [ssh.1]
     .Ss -> .Sh: subsections have not made this page more readable
   - jmc@@cvs.openbsd.org 2005/12/20 22:09:41
     [ssh.1]
     move info on ssh return values and config files up into the main
     description;
   - jmc@@cvs.openbsd.org 2005/12/21 11:48:16
     [ssh.1]
     -L and -R descriptions are now above, not below, ~C description;
   - jmc@@cvs.openbsd.org 2005/12/21 11:57:25
     [ssh.1]
     options now described `above', rather than `later';
   - jmc@@cvs.openbsd.org 2005/12/21 12:53:31
     [ssh.1]
     -Y does X11 forwarding too;
     ok markus
   - stevesk@@cvs.openbsd.org 2005/12/21 22:44:26
     [sshd.8]
     clarify precedence of -p, Port, ListenAddress; ok and help jmc@@
   - jmc@@cvs.openbsd.org 2005/12/22 10:31:40
     [ssh_config.5]
     put the description of "UsePrivilegedPort" in the correct place;
   - jmc@@cvs.openbsd.org 2005/12/22 11:23:42
     [ssh.1]
     expand the description of -w somewhat;
     help/ok reyk
   - jmc@@cvs.openbsd.org 2005/12/23 14:55:53
     [ssh.1]
     - sync the description of -e w/ synopsis
     - simplify the description of -I
     - note that -I is only available if support compiled in, and that it
     isn't by default
     feedback/ok djm@@
   - jmc@@cvs.openbsd.org 2005/12/23 23:46:23
     [ssh.1]
     less mark up for -c;
   - djm@@cvs.openbsd.org 2005/12/24 02:27:41
     [session.c sshd.c]
     eliminate some code duplicated in privsep and non-privsep paths, and
     explicitly clear SIGALRM handler; "groovy" deraadt@@

20051220
 - (dtucker) OpenBSD CVS Sync
   - reyk@@cvs.openbsd.org 2005/12/13 15:03:02
     [serverloop.c]
     if forced_tun_device is not set, it is -1 and not SSH_TUNID_ANY
   - jmc@@cvs.openbsd.org 2005/12/16 18:07:08
     [ssh.1]
     move the option descriptions up the page: start of a restructure;
     ok markus deraadt
   - jmc@@cvs.openbsd.org 2005/12/16 18:08:53
     [ssh.1]
     simplify a sentence;
   - jmc@@cvs.openbsd.org 2005/12/16 18:12:22
     [ssh.1]
     make the description of -c a little nicer;
   - jmc@@cvs.openbsd.org 2005/12/16 18:14:40
     [ssh.1]
     signpost the protocol sections;
   - stevesk@@cvs.openbsd.org 2005/12/17 21:13:05
     [ssh_config.5 session.c]
     spelling: fowarding, fowarded
   - stevesk@@cvs.openbsd.org 2005/12/17 21:36:42
     [ssh_config.5]
     spelling: intented -> intended
   - dtucker@@cvs.openbsd.org 2005/12/20 04:41:07
     [ssh.c]
     exit(255) on error to match description in ssh(1); bz #1137; ok deraadt@@

20051219
 - (dtucker) [cipher-aes.c cipher-ctr.c cipher.c configure.ac
   openbsd-compat/openssl-compat.h] Check for and work around broken AES
   ciphers >128bit on (some) Solaris 10 systems.  ok djm@@

20051217
 - (dtucker) [defines.h] HP-UX system headers define "YES" and "NO" which
   scp.c also uses, so undef them here.
 - (dtucker) [configure.ac openbsd-compat/bsd-snprintf.c] Bug #1133: Our
   snprintf replacement can have a conflicting declaration in HP-UX's system
   headers (const vs. no const) so we now check for and work around it.  Patch
   from the dynamic duo of David Leonard and Ted Percival.

20051214
 - (dtucker) OpenBSD CVS Sync (regress/)
   - dtucker@@cvs.openbsd.org 2005/12/30 04:36:39
     [regress/scp-ssh-wrapper.sh]
     Fix assumption about how many args scp will pass; ok djm@@

20051213
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2005/11/30 11:18:27
     [ssh.1]
     timezone -> time zone
   - jmc@@cvs.openbsd.org 2005/11/30 11:45:20
     [ssh.1]
     avoid ambiguities in describing TZ;
     ok djm@@
   - reyk@@cvs.openbsd.org 2005/12/06 22:38:28
     [auth-options.c auth-options.h channels.c channels.h clientloop.c]
     [misc.c misc.h readconf.c readconf.h scp.c servconf.c servconf.h]
     [serverloop.c sftp.c ssh.1 ssh.c ssh_config ssh_config.5 sshconnect.c]
     [sshconnect.h sshd.8 sshd_config sshd_config.5]
     Add support for tun(4) forwarding over OpenSSH, based on an idea and
     initial channel code bits by markus@@. This is a simple and easy way to
     use OpenSSH for ad hoc virtual private network connections, e.g.
     administrative tunnels or secure wireless access. It's based on a new
     ssh channel and works similar to the existing TCP forwarding support,
     except that it depends on the tun(4) network interface on both ends of
     the connection for layer 2 or layer 3 tunneling. This diff also adds
     support for LocalCommand in the ssh(1) client.
     ok djm@@, markus@@, jmc@@ (manpages), tested and discussed with others
   - djm@@cvs.openbsd.org 2005/12/07 03:52:22
     [clientloop.c]
     reyk forgot to compile with -Werror (missing header)
   - jmc@@cvs.openbsd.org 2005/12/07 10:52:13
     [ssh.1]
     - avoid line split in SYNOPSIS
     - add args to -w
     - kill trailing whitespace
   - jmc@@cvs.openbsd.org 2005/12/08 14:59:44
     [ssh.1 ssh_config.5]
     make `!command' a little clearer;
     ok reyk
   - jmc@@cvs.openbsd.org 2005/12/08 15:06:29
     [ssh_config.5]
     keep options in order;
   - reyk@@cvs.openbsd.org 2005/12/08 18:34:11
     [auth-options.c includes.h misc.c misc.h readconf.c servconf.c]
     [serverloop.c ssh.c ssh_config.5 sshd_config.5 configure.ac]
     two changes to the new ssh tunnel support. this breaks compatibility
     with the initial commit but is required for a portable approach.
     - make the tunnel id u_int and platform friendly, use predefined types.
     - support configuration of layer 2 (ethernet) or layer 3
     (point-to-point, default) modes. configuration is done using the
     Tunnel (yes|point-to-point|ethernet|no) option is ssh_config(5) and
     restricted by the PermitTunnel (yes|point-to-point|ethernet|no) option
     in sshd_config(5).
     ok djm@@, man page bits by jmc@@
   - jmc@@cvs.openbsd.org 2005/12/08 21:37:50
     [ssh_config.5]
     new sentence, new line;
   - markus@@cvs.openbsd.org 2005/12/12 13:46:18
     [channels.c channels.h session.c]
     make sure protocol messages for internal channels are ignored.
     allow adjust messages for non-open channels; with and ok djm@@
 - (djm) [misc.c] Disable tunnel code for non-OpenBSD (for now), enable
   again by providing a sys_tun_open() function for your platform and 
   setting the CUSTOM_SYS_TUN_OPEN define. More work is required to match 
   OpenBSD's tunnel protocol, which prepends the address family to the 
   packet

20051201
 - (djm) [envpass.sh] Remove regress script that was accidentally committed 
   in top level directory and not noticed for over a year :)

20051129
 - (tim) [ssh-keygen.c] Move DSA length test after setting default when
   bits == 0.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2005/11/29 02:04:55
     [ssh-keygen.c]
     Populate default key sizes before checking them; from & ok tim@@
 - (tim) [configure.ac sshd.8] Enable locked account check (a "*LK*" string)
   for UnixWare.

20051128
 - (dtucker) [regress/yes-head.sh] Work around breakage caused by some
   versions of GNU head.  Based on patch from zappaman at buraphalinux.org
 - (dtucker) [includes.h] Bug #1122: __USE_GNU is a glibc internal macro, use
   _GNU_SOURCE instead.  Patch from t8m at centrum.cz.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2005/11/28 05:16:53
     [ssh-keygen.1 ssh-keygen.c]
     Enforce DSA key length of exactly 1024 bits to comply with FIPS-186-2,
     increase minumum RSA key size to 768 bits and update man page to reflect
     these.  Patch originally bz#1119 (senthilkumar_sen at hotpop.com),
     ok djm@@, grudging ok deraadt@@.
   - dtucker@@cvs.openbsd.org 2005/11/28 06:02:56
     [ssh-agent.1]
     Update agent socket path templates to reflect reality, correct xref for
     time formats.  bz#1121, patch from openssh at roumenpetrov.info, ok djm@@

20051126
 - (dtucker) [configure.ac] Bug #1126: AIX 5.2 and 5.3 (and presumably newer,
   when they're available) need the real UID set otherwise pam_chauthtok will
   set ADMCHG after changing the password, forcing the user to change it
   again immediately.

20051125
 - (dtucker) [configure.ac] Apply tim's fix for older systems where the
   resolver state in resolv.h is "state" not "__res_state".  With slight
   modification by me to also work on old AIXes.  ok djm@@
 - (dtucker) [progressmeter.c scp.c sftp-server.c] Use correct casts for
   snprintf formats, fixes warnings on some 64 bit platforms.  Patch from
   shaw at vranix.com, ok djm@@

20051124
 - (djm) [configure.ac openbsd-compat/Makefile.in openbsd-compat/bsd-asprintf.c 
   openbsd-compat/bsd-snprintf.c openbsd-compat/openbsd-compat.h] Add an 
   asprintf() implementation, after syncing our {v,}snprintf() implementation
   with some extra fixes from Samba's version. With help and debugging from 
   dtucker and tim; ok dtucker@@
 - (dtucker) [configure.ac] Fix typos in comments and AC_SEARCH_LIB argument
   order in Reliant Unix block.  Patch from johane at lysator.liu.se.
 - (dtucker) [regress/test-exec.sh] Use 1024 bit keys since we generate so
   many and use them only once.  Speeds up testing on older/slower hardware.

20051122
 - (dtucker) OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2005/11/12 18:37:59
     [ssh-add.c]
     space
   - deraadt@@cvs.openbsd.org 2005/11/12 18:38:15
     [scp.c]
     avoid close(-1), as in rcp; ok cloder
   - millert@@cvs.openbsd.org 2005/11/15 11:59:54
     [includes.h]
     Include sys/queue.h explicitly instead of assuming some other header
     will pull it in.  At the moment it gets pulled in by sys/select.h
     (which ssh has no business including) via event.h.  OK markus@@
     (ID sync only in -portable)
   - dtucker@@cvs.openbsd.org 2005/11/21 09:42:10
     [auth-krb5.c]
     Perform Kerberos calls even for invalid users to prevent leaking
     information about account validity.  bz #975, patch originally from
     Senthil Kumar, sanity checked by Simon Wilkinson, tested by djm@@, biorn@@,
     ok markus@@
   - dtucker@@cvs.openbsd.org 2005/11/22 03:36:03
     [hostfile.c]
     Correct format/arguments to debug call; spotted by shaw at vranix.com
     ok djm@@
 - (dtucker) [loginrec.c] Add casts to prevent compiler warnings, patch
   from shaw at vranix.com.

20051120
 - (dtucker) [openbsd-compat/openssl-compat.h] Add comment explaining what
   is going on.

20051112
 - (dtucker) [openbsd-compat/getrrsetbyname.c] Restore Portable-specific
   ifdef lost during sync.  Spotted by tim@@.
 - (dtucker) [openbsd-compat/{realpath.c,stroll.c,rresvport.c}] $OpenBSD tag.
 - (dtucker) [configure.ac] Use "$AWK" instead of "awk" in gcc version test.
 - (dtucker) [configure.ac] Remove duplicate utimes() check.  ok djm@@
 - (dtucker) [regress/reconfigure.sh] Fix potential race in the reconfigure
   test: if sshd takes too long to reconfigure the subsequent connection will
   fail.  Zap pidfile before HUPing sshd which will rewrite it when it's ready.

20051110
 - (dtucker) [openbsd-compat/setenv.c] Merge changes for __findenv from
   OpenBSD getenv.c revs 1.4 - 1.8 (ANSIfication of arguments, removal of
   "register").
 - (dtucker) [openbsd-compat/setenv.c] Make __findenv static, remove
   unnecessary prototype.
 - (dtucker) [openbsd-compat/setenv.c] Sync changes from OpenBSD setenv.c
   revs 1.7 - 1.9.
 - (dtucker) [auth-krb5.c] Fix -Wsign-compare warning in non-Heimdal path.
   Patch from djm@@.
 - (dtucker) [configure.ac] Disable pointer-sign warnings on gcc 4.0+
   since they're not useful right now.  Patch from djm@@.
 - (dtucker) [openbsd-compat/getgrouplist.c] Sync OpenBSD revs 1.10 - 1.2 (ANSI
   prototypes, removal of "register").
 - (dtucker) [openbsd-compat/strlcat.c] Sync OpenBSD revs 1.11 - 1.12 (removal
   of "register").
 - (dtucker) [openbsd-compat/{LOTS}] Move the "OPENBSD ORIGINAL" markers to
   after the copyright notices.  Having them at the top next to the CVSIDs
   guarantees a conflict for each and every sync.
 - (dtucker) [openbsd-compat/strlcpy.c] Update from OpenBSD 1.8 -> 1.10.
 - (dtucker) [openbsd-compat/sigact.h] Add "OPENBSD ORIGINAL" marker.
 - (dtucker) [openbsd-compat/strmode.c] Update from OpenBSD 1.5 -> 1.7.
   Removal of rcsid, "whiteout" inode type.
 - (dtucker) [openbsd-compat/basename.c] Update from OpenBSD 1.11 -> 1.14.
   Removal of rcsid, will no longer strlcpy parts of the string.
 - (dtucker) [openbsd-compat/strtoll.c] Update from OpenBSD 1.4 -> 1.5.
 - (dtucker) [openbsd-compat/strtoul.c] Update from OpenBSD 1.5 -> 1.7.
 - (dtucker) [openbsd-compat/readpassphrase.c] Update from OpenBSD 1.16 -> 1.18.
 - (dtucker) [openbsd-compat/readpassphrase.h] Update from OpenBSD 1.3 -> 1.5.
 - (dtucker) [openbsd-compat/glob.c] Update from OpenBSD 1.22 -> 1.25.
 - (dtucker) [openbsd-compat/glob.h] Update from OpenBSD 1.8 -> 1.9.
 - (dtucker) [openbsd-compat/getcwd.c] Update from OpenBSD 1.9 -> 1.14.
 - (dtucker) [openbsd-compat/getcwd.c] Replace lstat with fstat to match up
   with OpenBSD code since we don't support platforms without fstat any more.
 - (dtucker) [openbsd-compat/inet_aton.c] Update from OpenBSD 1.7 -> 1.9.
 - (dtucker) [openbsd-compat/inet_ntoa.c] Update from OpenBSD 1.4 -> 1.6.
 - (dtucker) [openbsd-compat/inet_ntop.c] Update from OpenBSD 1.5 -> 1.7.
 - (dtucker) [openbsd-compat/daemon.c] Update from OpenBSD 1.5 -> 1.6.
 - (dtucker) [openbsd-compat/strsep.c] Update from OpenBSD 1.5 -> 1.6.
 - (dtucker) [openbsd-compat/daemon.c] Update from OpenBSD 1.10 -> 1.13.
 - (dtucker) [openbsd-compat/mktemp.c] Update from OpenBSD 1.17 -> 1.19.
 - (dtucker) [openbsd-compat/rresvport.c] Update from OpenBSD 1.6 -> 1.8.
 - (dtucker) [openbsd-compat/bindresvport.c] Add "OPENBSD ORIGINAL" marker.
 - (dtucker) [openbsd-compat/bindresvport.c] Update from OpenBSD 1.16 -> 1.17.
 - (dtucker) [openbsd-compat/sigact.c] Update from OpenBSD 1.3 -> 1.4.
   Id and copyright sync only, there were no substantial changes we need.
 - (dtucker) [openbsd-compat/bsd-closefrom.c openbsd-compat/base64.c]
   -Wsign-compare fixes from djm.
 - (dtucker) [openbsd-compat/sigact.h] Update from OpenBSD 1.2 -> 1.3.
   Id and copyright sync only, there were no substantial changes we need.
 - (dtucker) [configure.ac] Try to get the gcc version number in a way that
   doesn't change between versions, and use a safer default.

20051105
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2005/10/07 11:13:57
     [ssh-keygen.c]
     change DSA default back to 1024, as it's defined for 1024 bits only
     and this causes interop problems with other clients.  moreover,
     in order to improve the security of DSA you need to change more
     components of DSA key generation (e.g. the internal SHA1 hash);
     ok deraadt
   - djm@@cvs.openbsd.org 2005/10/10 10:23:08
     [channels.c channels.h clientloop.c serverloop.c session.c]
     fix regression I introduced in 4.2: X11 forwardings initiated after
     a session has exited (e.g. "(sleep 5; xterm) &") would not start.
     bz #1086 reported by t8m AT centrum.cz; ok markus@@ dtucker@@
   - djm@@cvs.openbsd.org 2005/10/11 23:37:37
     [channels.c]
     bz #1076 set SO_REUSEADDR on X11 forwarding listner sockets, preventing
     bind() failure when a previous connection's listeners are in TIME_WAIT,
     reported by plattner AT inf.ethz.ch; ok dtucker@@
   - stevesk@@cvs.openbsd.org 2005/10/13 14:03:01
     [auth2-gss.c gss-genr.c gss-serv.c]
     remove unneeded #includes; ok markus@@
   - stevesk@@cvs.openbsd.org 2005/10/13 14:20:37
     [gss-serv.c]
     spelling in comments
   - stevesk@@cvs.openbsd.org 2005/10/13 19:08:08
     [gss-serv-krb5.c gss-serv.c]
     unused declarations; ok deraadt@@
     (id sync only for gss-serv-krb5.c)
   - stevesk@@cvs.openbsd.org 2005/10/13 19:13:41
     [dns.c]
     unneeded #include, unused declaration, little knf; ok deraadt@@
   - stevesk@@cvs.openbsd.org 2005/10/13 22:24:31
     [auth2-gss.c gss-genr.c gss-serv.c monitor.c]
     KNF; ok djm@@
   - stevesk@@cvs.openbsd.org 2005/10/14 02:17:59
     [ssh-keygen.c ssh.c sshconnect2.c]
     no trailing "\n" for log functions; ok djm@@
   - stevesk@@cvs.openbsd.org 2005/10/14 02:29:37
     [channels.c clientloop.c]
     free()->xfree(); ok djm@@
   - stevesk@@cvs.openbsd.org 2005/10/15 15:28:12
     [sshconnect.c]
     make external definition static; ok deraadt@@
   - stevesk@@cvs.openbsd.org 2005/10/17 13:45:05
     [dns.c]
     fix memory leaks from 2 sources:
         1) key_fingerprint_raw()
         2) malloc in dns_read_rdata()
     ok jakob@@
   - stevesk@@cvs.openbsd.org 2005/10/17 14:01:28
     [dns.c]
     remove #ifdef LWRES; ok jakob@@
   - stevesk@@cvs.openbsd.org 2005/10/17 14:13:35
     [dns.c dns.h]
     more cleanups; ok jakob@@
   - djm@@cvs.openbsd.org 2005/10/30 01:23:19
     [ssh_config.5]
     mention control socket fallback behaviour, reported by 
     tryponraj AT gmail.com
   - djm@@cvs.openbsd.org 2005/10/30 04:01:03
     [ssh-keyscan.c]
     make ssh-keygen discard junk from server before SSH- ident, spotted by
     dave AT cirt.net; ok dtucker@@
   - djm@@cvs.openbsd.org 2005/10/30 04:03:24
     [ssh.c]
     fix misleading debug message; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2005/10/30 08:29:29
     [canohost.c sshd.c]
     Check for connections with IP options earlier and drop silently.  ok djm@@
   - jmc@@cvs.openbsd.org 2005/10/30 08:43:47
     [ssh_config.5]
     remove trailing whitespace;
   - djm@@cvs.openbsd.org 2005/10/30 08:52:18
     [clientloop.c packet.c serverloop.c session.c ssh-agent.c ssh-keygen.c]
     [ssh.c sshconnect.c sshconnect1.c sshd.c]
     no need to escape single quotes in comments, no binary change
   - dtucker@@cvs.openbsd.org 2005/10/31 06:15:04
     [sftp.c]
     Fix sorting with "ls -1" command. From Robert Tsai, "looks right" deraadt@@
   - djm@@cvs.openbsd.org 2005/10/31 11:12:49
     [ssh-keygen.1 ssh-keygen.c]
     generate a protocol 2 RSA key by default
   - djm@@cvs.openbsd.org 2005/10/31 11:48:29
     [serverloop.c]
     make sure we clean up wtmp, etc. file when we receive a SIGTERM,
     SIGINT or SIGQUIT when running without privilege separation (the
     normal privsep case is already OK). Patch mainly by dtucker@@ and
     senthilkumar_sen AT hotpop.com; ok dtucker@@
   - jmc@@cvs.openbsd.org 2005/10/31 19:55:25
     [ssh-keygen.1]
     grammar;
   - dtucker@@cvs.openbsd.org 2005/11/03 13:38:29
     [canohost.c]
     Cache reverse lookups with and without DNS separately; ok markus@@
   - djm@@cvs.openbsd.org 2005/11/04 05:15:59
     [kex.c kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c]
     remove hardcoded hash lengths in key exchange code, allowing
     implementation of KEX methods with different hashes (e.g. SHA-256);
     ok markus@@ dtucker@@ stevesk@@
   - djm@@cvs.openbsd.org 2005/11/05 05:01:15
     [bufaux.c]
     Fix leaks in error paths, bz #1109 and #1110 reported by kremenek AT
     cs.stanford.edu; ok dtucker@@
 - (dtucker) [README.platform] Add PAM section.
 - (djm) [openbsd-compat/getrrsetbyname.c] Sync to latest OpenBSD version,
   resolving memory leak bz#1111 reported by kremenek AT cs.stanford.edu;
   ok dtucker@@

20051102
 - (dtucker) [openbsd-compat/bsd-misc.c] Bug #1108: fix broken strdup().
   Reported by olavi at ipunplugged.com and antoine.brodin at laposte.net
   via FreeBSD.

20051030
 - (djm) [contrib/suse/openssh.spec contrib/suse/rc.
   sshd contrib/suse/sysconfig.ssh] Bug #1106: Updated SuSE spec and init 
   files from imorgan AT nas.nasa.gov
 - (dtucker) [session.c] Bug #1045do not check /etc/nologin when PAM is
   enabled, instead allow PAM to handle it.  Note that on platforms using PAM,
   the pam_nologin module should be added to sshd's session stack in order to
   maintain exising behaviour.  Based on patch and discussion from t8m at
   centrum.cz, ok djm@@

20051025
 - (dtucker) [configure.ac] Relocate LLONG_MAX calculation to after the
   sizeof(long long) checks, to make fixing bug #1104 easier (no changes
   yet).
 - (dtucker) [configure.ac] Bug #1104: Tru64's printf family doesn't
   understand "%lld", even though the compiler has "long long", so handle
   it as a special case.  Patch tested by mcaskill.scott at epa.gov.
 - (dtucker) [contrib/cygwin/ssh-user-config] Remove duplicate yes/no
   prompt.  Patch from vinschen at redhat.com.

20051017
 - (dtucker) [configure.ac] Bug #1097: Fix configure for cross-compiling.
   /etc/default/login report and testing from aabaker at iee.org, corrections
   from tim@@.

20051009
 - (dtucker) [configure.ac defines.h openbsd-compat/vis.{c,h}] Sync current
   versions from OpenBSD.  ok djm@@

20051008
 - (dtucker) [configure.ac] Bug #1098: define $MAIL for HP-UX; report from
   brian.smith at agilent com.
 - (djm) [configure.ac] missing 'test' call for -with-Werror test

20051005
 - (dtucker) [configure.ac sshd.8] Enable locked account check (a prepended
   "*LOCKED*" string) for FreeBSD.  Patch jeremie at le-hen.org and
   senthilkumar_sen at hotpop.com.

20051003
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2005/09/07 08:53:53
     [channels.c]
     enforce chanid != NULL; ok djm
   - markus@@cvs.openbsd.org 2005/09/09 19:18:05
     [clientloop.c]
     typo; from mark at mcs.vuw.ac.nz, bug #1082
   - djm@@cvs.openbsd.org 2005/09/13 23:40:07
     [sshd.c ssh.c misc.h sftp.c ssh-keygen.c ssh-keysign.c sftp-server.c
     scp.c misc.c ssh-keyscan.c ssh-add.c ssh-agent.c]
     ensure that stdio fds are attached; ok deraadt@@
   - djm@@cvs.openbsd.org 2005/09/19 11:37:34
     [ssh_config.5 ssh.1]
     mention ability to specify bind_address for DynamicForward and -D options;
     bz#1077 spotted by Haruyama Seigo
   - djm@@cvs.openbsd.org 2005/09/19 11:47:09
     [sshd.c]
     stop connection abort on rekey with delayed compression enabled when
     post-auth privsep is disabled (e.g. when root is logged in); ok dtucker@@
   - djm@@cvs.openbsd.org 2005/09/19 11:48:10
     [gss-serv.c]
     typo
   - jmc@@cvs.openbsd.org 2005/09/19 15:38:27
     [ssh.1]
     some more .Bk/.Ek to avoid ugly line split;
   - jmc@@cvs.openbsd.org 2005/09/19 15:42:44
     [ssh.c]
     update -D usage here too;
   - djm@@cvs.openbsd.org 2005/09/19 23:31:31
     [ssh.1]
     spelling nit from stevesk@@
   - djm@@cvs.openbsd.org 2005/09/21 23:36:54
     [sshd_config.5]
     aquire -> acquire, from stevesk@@
   - djm@@cvs.openbsd.org 2005/09/21 23:37:11
     [sshd.c]
     change label at markus@@'s request
   - jaredy@@cvs.openbsd.org 2005/09/30 20:34:26
     [ssh-keyscan.1]
     deploy .An -nosplit; ok jmc
   - dtucker@@cvs.openbsd.org 2005/10/03 07:44:42
     [canohost.c]
     Relocate check_ip_options call to prevent logging of garbage for
     connections with IP options set.  bz#1092 from David Leonard,
     "looks good" deraadt@@
 - (dtucker) [regress/README.regress] Bug #989: Document limitation that scp
   is required in the system path for the multiplex test to work.

20050930
 - (dtucker) [openbsd-compat/openbsd-compat.h] Bug #1096: Add prototype
   for strtoll.  Patch from o.flebbe at science-computing.de.
 - (dtucker) [monitor.c] Bug #1087: Send loginmsg to preauth privsep
   child during PAM account check without clearing it.  This restores the
   post-login warnings such as LDAP password expiry.  Patch from Tomas Mraz
   with help from several others.

20050929
 - (dtucker) [monitor_wrap.c] Remove duplicate definition of loginmsg
   introduced during sync.

20050928
 - (dtucker) [entropy.c] Use u_char for receiving RNG seed for consistency.
 - (dtucker) [auth-pam.c] Bug #1028: send final non-query messages from
   PAM via keyboard-interactive.  Patch tested by the folks at Vintela.

20050927
 - (dtucker) [entropy.c] Remove unnecessary tests for getuid and geteuid
   calls, since they can't possibly fail.  ok djm@@
 - (dtucker) [entropy.c entropy.h sshd.c] Pass RNG seed to the reexec'ed
   process when sshd relies on ssh-random-helper.  Should result in faster
   logins on systems without a real random device or prngd.  ok djm@@

20050924
 - (dtucker) [auth2.c] Move start_pam() calls out of if-else block to remove
   duplicate call.  ok djm@@

20050922
 - (dtucker) [configure.ac] Use -R linker flag for libedit too; patch from
   skeleten at shillest.net.
 - (dtucker) [configure.ac] Fix help for --with-opensc; patch from skeleten at
   shillest.net.

20050919
 - (tim) [aclocal.m4 configure.ac] Delete acconfig.h and add templates to
   AC_DEFINE and AC_DEFINE_UNQUOTED to quiet autoconf 2.59 warning messages.
   ok dtucker@@

20050912
 - (tim) [configure.ac] Bug 1078. Fix --without-kerberos5. Reported by
   Mike Frysinger.

20050908
 - (tim) [defines.h openbsd-compat/port-uw.c] Add long password support to
   OpenServer 6 and add osr5bigcrypt support so when someone migrates
   passwords between UnixWare and OpenServer they will still work. OK dtucker@@

d2992 1
a2992 1
$Id: ChangeLog,v 1.4558.2.2 2006/09/26 10:57:05 dtucker Exp $
@


1.1.1.10.2.3
log
@InstaMFC: OpenSSH 4.5p1

Approved by:	re (kensmith)
@
text
@a0 109
20061107
 - (dtucker) [sshd.c] Use privsep_pw if we have it, but only require it
   if we absolutely need it.  Pointed out by Corinna, ok djm@@
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2006/11/06 21:25:28
     [auth-rsa.c kexgexc.c kexdhs.c key.c ssh-dss.c sshd.c kexgexs.c
     ssh-keygen.c bufbn.c moduli.c scard.c kexdhc.c sshconnect1.c dh.c rsa.c]
     add missing checks for openssl return codes; with & ok djm@@
   - markus@@cvs.openbsd.org 2006/11/07 10:31:31
     [monitor.c version.h]
     correctly check for bad signatures in the monitor, otherwise the monitor
     and the unpriv process can get out of sync. with dtucker@@, ok djm@@,
     dtucker@@
 - (dtucker) [README contrib/{caldera,redhat,contrib}/openssh.spec] Bump
   versions.
 - (dtucker) [dh.c] Type fix for BN_hex2bn; ok markus@@
 - (dtucker) Release 4.5p1.

20061105
 - (djm) OpenBSD CVS Sync
   - otto@@cvs.openbsd.org 2006/10/28 18:08:10
     [ssh.1]
     correct/expand example of usage of -w; ok jmc@@ stevesk@@
   - markus@@cvs.openbsd.org 2006/10/31 16:33:12
     [kexdhc.c kexdhs.c kexgexc.c kexgexs.c]
     check DH_compute_key() for -1 even if it should not happen because of
     earlier calls to dh_pub_is_valid(); report krahmer at suse.de; ok djm

20061101
 - (dtucker) [openbsd-compat/port-solaris.c] Bug #1255: Make only hwerr
   events fatal in Solaris process contract support and tell it to signal
   only processes in the same process group when something happens.
   Based on information from andrew.benham at thus.net and similar to
   a patch from Chad Mynhier.  ok djm@@

20061027
- (djm) [auth.c] gc some dead code

20061023
 - (djm) OpenBSD CVS Sync
   - ray@@cvs.openbsd.org 2006/09/30 17:48:22
     [sftp.c]
     Clear errno before calling the strtol functions.
     From Paul Stoeber <x0001 at x dot de1 dot cc>.
     OK deraadt@@.
   - djm@@cvs.openbsd.org 2006/10/06 02:29:19
     [ssh-agent.c ssh-keyscan.c ssh.c]
     sys/resource.h needs sys/time.h; prompted by brad@@
     (NB. Id sync only for portable)
   - djm@@cvs.openbsd.org 2006/10/09 23:36:11
     [session.c]
     xmalloc -> xcalloc that was missed previously, from portable
     (NB. Id sync only for portable, obviously)
   - markus@@cvs.openbsd.org 2006/10/10 10:12:45
     [sshconnect.c]
     sleep before retrying (not after) since sleep changes errno; fixes
     pr 5250; rad@@twig.com; ok dtucker djm
   - markus@@cvs.openbsd.org 2006/10/11 12:38:03
     [clientloop.c serverloop.c]
     exit instead of doing a blocking tcp send if we detect a client/server
     timeout, since the tcp sendqueue might be already full (of alive
     requests); ok dtucker, report mpf
   - djm@@cvs.openbsd.org 2006/10/22 02:25:50
     [sftp-client.c]
     cancel progress meter when upload write fails; ok deraadt@@
 - (tim) [Makefile.in scard/Makefile.in] Add datarootdir= lines to keep
   autoconf 2.60 from complaining.

20061018
 - (dtucker) OpenBSD CVS Sync
   - ray@@cvs.openbsd.org 2006/09/25 04:55:38
     [ssh-keyscan.1 ssh.1]
     Change "a SSH" to "an SSH".  Hurray, I'm not the only one who
     pronounces "SSH" as "ess-ess-aich".
     OK jmc@@ and stevesk@@.
 - (dtucker) [sshd.c] Reshuffle storing of pw struct; prevents warnings
   on older versions of OS X.  ok djm@@

20061016
 - (dtucker) [monitor_fdpass.c] Include sys/in.h, required for cmsg macros
   on older (2.0) Linuxes.  Based on patch from thmo-13 at gmx de.

20061006
 - (tim) [buildpkg.sh.in] Use uname -r instead of -v in OS_VER for Solaris.
   Differentiate between OpenServer 5 and OpenServer 6
 - (dtucker) [configure.ac] Set put -lselinux into $LIBS while testing for
   SELinux functions so they're detected correctly.  Patch from pebenito at
   gentoo.org.
 - (tim) [buildpkg.sh.in] Some systems have really limited nawk (OpenServer).
   Allow setting alternate awk in openssh-config.local.

20061003
 - (tim) [configure.ac] Move CHECK_HEADERS test before platform specific
   section so additional platform specific CHECK_HEADER tests will work
   correctly. Fixes "<net/if_tap.h> on FreeBSD" problem report by des AT des.no
   Feedback and "seems like a good idea" dtucker@@

20061001
 - (dtucker) [audit-bsm.c] Include errno.h.  Pointed out by des at des.no.

20060929
 - (dtucker) [configure.ac] Bug #1239: Fix configure test for OpenSSH engine
   support.  Patch from andrew.benham at thus net.

20060928
 - (dtucker) [entropy.c] Bug #1238: include signal.h to fix compilation error
   on Solaris 8 w/out /dev/random or prngd.  Patch from rl at
   math.technion.ac.il.

a4 1
 - (dtucker) Release 4.4p1.
d2499 2992
a5490 1
$Id: ChangeLog,v 1.4588.2.1 2006/11/07 13:02:59 dtucker Exp $
@


1.1.1.11
log
@Vendor import of OpenSSH 4.2p1.
@
text
@a0 493
20050901
 - (djm) Update RPM spec file versions

20050831
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2005/08/30 22:08:05
     [gss-serv.c sshconnect2.c]
     destroy credentials if krb5_kuserok() call fails. Stops credentials being
     delegated to users who are not authorised for GSSAPIAuthentication when
     GSSAPIDeletegateCredentials=yes and another authentication mechanism 
     succeeds; bz#1073 reported by paul.moore AT centrify.com, fix by 
     simon AT sxw.org.uk, tested todd@@ biorn@@ jakob@@; ok deraadt@@
   - markus@@cvs.openbsd.org 2005/08/31 09:28:42
     [version.h]
     4.2
 - (dtucker) [README] Update release note URL to 4.2
 - (tim) [configure.ac auth.c defines.h session.c openbsd-compat/port-uw.c
   openbsd-compat/port-uw.h openbsd-compat/xcrypt.c] libiaf cleanup. Disable
   libiaf bits for OpenServer6. Free memory allocated by ia_get_logpwd().
   Feedback and OK dtucker@@

20050830
 - (tim) [configure.ac] Back out last change. It needs to be done differently.

20050829
 - (tim) [configure.ac] ia_openinfo() seems broken on OSR6. Limit UW long
   password support to 7.x for now.

20050826
 - (tim) [CREDITS LICENCE auth.c configure.ac defines.h includes.h session.c
   openbsd-compat/Makefile.in openbsd-compat/openbsd-compat.h
   openbsd-compat/xcrypt.c] New files [openssh/openbsd-compat/port-uw.c
   openssh/openbsd-compat/port-uw.h] Support long passwords (> 8-char)
   on UnixWare 7 from Dhiraj Gulati and Ahsan Rashid. Cleanup and testing
   by tim@@. Feedback and OK dtucker@@

20050823
 - (dtucker) [regress/test-exec.sh] Do not prepend an extra "/" to a fully-
   qualified sshd pathname since some systems (eg Cygwin) may consider "/foo"
   and "//foo" to be different.  Spotted by vinschen at redhat.com.
 - (tim) [configure.ac] Not all gcc's support -Wsign-compare. Enhancements
   and OK dtucker@@
 - (tim) [defines.h] PATH_MAX bits for OpenServer OK dtucker@@

20050821
 - (dtucker) [configure.ac defines.h includes.h sftp.c] Add support for
   LynxOS, patch from Olli Savia (ops at iki.fi).  ok djm@@

20050816
 - (djm) [ttymodes.c] bugzilla #1025: Fix encoding of _POSIX_VDISABLE,
   from Jacob Nevins; ok dtucker@@

20050815
 - (tim) [sftp.c] wrap el_end() in #ifdef USE_LIBEDIT
 - (tim) [configure.ac] corrections to libedit tests. Report and patches
   by skeleten AT shillest.net

20050812
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2005/07/28 17:36:22
     [packet.c]
     missing packet_init_compression(); from solar
   - djm@@cvs.openbsd.org 2005/07/30 01:26:16
     [ssh.c]
     fix -D listen_host initialisation, so it picks up gateway_ports setting
     correctly
   - djm@@cvs.openbsd.org 2005/07/30 02:03:47
     [readconf.c]
     listen_hosts initialisation here too; spotted greg AT y2005.nest.cx
   - dtucker@@cvs.openbsd.org 2005/08/06 10:03:12
     [servconf.c]
     Unbreak sshd ListenAddress for bare IPv6 addresses.
     Report from Janusz Mucka; ok djm@@
   - jaredy@@cvs.openbsd.org 2005/08/08 13:22:48
     [sftp.c]
     sftp prompt enhancements:
     - in non-interactive mode, do not print an empty prompt at the end
       before finishing
     - print newline after EOF in editline mode
     - call el_end() in editline mode
     ok dtucker djm

20050810
 - (dtucker) [configure.ac] Test libedit library and headers for compatibility.
   Report from skeleten AT shillest.net, ok djm@@
 - (dtucker) [LICENCE configure.ac defines.h openbsd-compat/realpath.c]
   Sync current (thread-safe) version of realpath.c from OpenBSD (which is
   in turn based on FreeBSD's).  ok djm@@

20050809
 - (tim) [configure.ac] Allow --with-audit=no. OK dtucker@@
   Report by skeleten AT shillest.net

20050803
 - (dtucker) [openbsd-compat/fake-rfc2553.h] Check for EAI_* defines
   individually and use a value less likely to collide with real values from
   netdb.h.  Fixes compile warnings on FreeBSD 5.3.  ok djm@@
 - (dtucker) [openbsd-compat/fake-rfc2553.h] MAX_INT -> INT_MAX since the
   latter is specified in the standard.

20050802
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2005/07/27 10:39:03
     [scp.c hostfile.c sftp-client.c]
     Silence bogus -Wuninitialized warnings; ok djm@@
 - (dtucker) [configure.ac] Enable -Wuninitialized by default when compiling
   with gcc.  ok djm@@
 - (dtucker) [configure.ac] Add a --with-Werror option to configure for
   adding -Werror to CFLAGS when all of the configure tests are done. ok djm@@

20050726
 - (dtucker) [configure.ac] Update zlib warning message too, pointed out by
   tim@@.
 - (djm) OpenBSD CVS Sync
   - otto@@cvs.openbsd.org 2005/07/19 15:32:26
     [auth-passwd.c]
     auth_usercheck(3) can return NULL, so check for that. Report from
     mpech@@. ok markus@@
   - markus@@cvs.openbsd.org 2005/07/25 11:59:40
     [kex.c kex.h myproposal.h packet.c packet.h servconf.c session.c]
     [sshconnect2.c sshd.c sshd_config sshd_config.5]
     add a new compression method that delays compression until the user
     has been authenticated successfully and set compression to 'delayed'
     for sshd.
     this breaks older openssh clients (< 3.5) if they insist on
     compression, so you have to re-enable compression in sshd_config.
     ok djm@@

20050725
 - (dtucker) [configure.ac] Update zlib version check for CAN-2005-2096.

20050717
- OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2005/07/16 01:35:24
     [auth1.c channels.c cipher.c clientloop.c kex.c session.c ssh.c]
     [sshconnect.c]
     spacing
 - (djm) [acss.c auth-pam.c auth-shadow.c auth-skey.c auth1.c canohost.c]
   [cipher-acss.c loginrec.c ssh-rand-helper.c sshd.c] Fix whitespace at EOL 
   in portable too ("perl -p -i -e 's/\s+$/\n/' *.[ch]")
 - (djm) [auth-pam.c sftp.c] spaces vs. tabs at start of line
   - djm@@cvs.openbsd.org 2005/07/17 06:49:04
     [channels.c channels.h session.c session.h]
     Fix a number of X11 forwarding channel leaks:
     1. Refuse multiple X11 forwarding requests on the same session
     2. Clean up all listeners after a single_connection X11 forward, not just
        the one that made the single connection
     3. Destroy X11 listeners when the session owning them goes away
     testing and ok dtucker@@
   - djm@@cvs.openbsd.org 2005/07/17 07:17:55
     [auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c]
     [cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c]
     [serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c]
     [sshconnect.c sshconnect2.c]
     knf says that a 2nd level indent is four (not three or five) spaces
 -(djm) [audit.c auth1.c auth2.c entropy.c loginrec.c serverloop.c]
  [ssh-rand-helper.c] fix portable 2nd level indents at 4 spaces too
 - (djm) [monitor.c monitor_wrap.c] -Wsign-compare for PAM monitor calls
 
20050716
 - (dtucker) [auth-pam.c] Ensure that only one side of the authentication
   socketpair stays open on in both the monitor and PAM process.  Patch from
   Joerg Sonnenberger.

20050714
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2005/07/06 09:33:05
     [ssh.1]
     clarify meaning of ssh -b ; with & ok jmc@@
   - dtucker@@cvs.openbsd.org 2005/07/08 09:26:18
     [misc.c]
     Make comment match code; ok djm@@
   - markus@@cvs.openbsd.org 2005/07/08 09:41:33
     [channels.h]
     race when efd gets closed while there is still buffered data:
     change CHANNEL_EFD_OUTPUT_ACTIVE()
        1) c->efd must always be valid AND
        2a) no EOF has been seen OR
        2b) there is buffered data
     report, initial fix and testing Chuck Cranor
   - dtucker@@cvs.openbsd.org 2005/07/08 10:20:41
     [ssh_config.5]
     change BindAddress to match recent ssh -b change; prompted by markus@@
   - jmc@@cvs.openbsd.org 2005/07/08 12:53:10
     [ssh_config.5]
     new sentence, new line;
   - dtucker@@cvs.openbsd.org 2005/07/14 04:00:43
     [misc.h]
     use __sentinel__ attribute; ok deraadt@@ djm@@ markus@@
 - (dtucker) [configure.ac defines.h] Define __sentinel__ to nothing if the
   compiler doesn't understand it to prevent warnings.  If any mainstream
   compiler versions acquire it we can test for those versions.  Based on
   discussion with djm@@.

20050707
 - dtucker [auth-krb5.c auth.h gss-serv-krb5.c] Move KRB5CCNAME generation for
   the MIT Kerberos code path into a common function and expand mkstemp
   template to be consistent with the rest of OpenSSH.  From sxw at
   inf.ed.ac.uk, ok djm@@
 - (dtucker) [auth-krb5.c] There's no guarantee that snprintf will set errno
   in the case where the buffer is insufficient, so always return ENOMEM.
   Also pointed out by sxw at inf.ed.ac.uk.
 - (dtucker) [acconfig.h auth-krb5.c configure.ac gss-serv-krb5.c] Remove
   calls to krb5_init_ets, which has not been required since krb-1.1.x and
   most Kerberos versions no longer export in their public API.  From sxw
   at inf.ed.ac.uk, ok djm@@

20050706
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2005/07/01 13:19:47
     [channels.c]
     don't free() if getaddrinfo() fails; report mpech@@
   - djm@@cvs.openbsd.org 2005/07/04 00:58:43
     [channels.c clientloop.c clientloop.h misc.c misc.h ssh.c ssh_config.5]
     implement support for X11 and agent forwarding over multiplex slave
     connections. Because of protocol limitations, the slave connections inherit
     the master's DISPLAY and SSH_AUTH_SOCK rather than distinctly forwarding
     their own.
     ok dtucker@@ "put it in" deraadt@@
   - jmc@@cvs.openbsd.org 2005/07/04 11:29:51
     [ssh_config.5]
     fix Xr and a little grammar;
   - markus@@cvs.openbsd.org 2005/07/04 14:04:11
     [channels.c]
     don't forget to set x11_saved_display

20050626
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2005/06/17 22:53:47
     [ssh.c sshconnect.c]
     Fix ControlPath's %p expanding to "0" for a default port,
     spotted dwmw2 AT infradead.org; ok markus@@
   - djm@@cvs.openbsd.org 2005/06/18 04:30:36
     [ssh.c ssh_config.5]
     allow ControlPath=none, patch from dwmw2 AT infradead.org; ok dtucker@@
   - djm@@cvs.openbsd.org 2005/06/25 22:47:49
     [ssh.c]
     do the default port filling code a few lines earlier, so it really 
     does fix %p

20050618
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2005/05/20 12:57:01;
   [auth1.c] split protocol 1 auth methods into separate functions, makes 
   authloop much more readable; fixes and ok markus@@ (portable ok & 
   polish dtucker@@)
   - djm@@cvs.openbsd.org 2005/06/17 02:44:33
   [auth1.c] make this -Wsign-compare clean; ok avsm@@ markus@@
 - (djm) [loginrec.c ssh-rand-helper.c] Fix -Wsign-compare for portable,
   tested and fixes tim@@

20050617
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2005/06/16 03:38:36
     [channels.c channels.h clientloop.c clientloop.h ssh.c]
     move x11_get_proto from ssh.c to clientloop.c, to make muliplexed xfwd
     easier later; ok deraadt@@
   - markus@@cvs.openbsd.org 2005/06/16 08:00:00
     [canohost.c channels.c sshd.c]
     don't exit if getpeername fails for forwarded ports; bugzilla #1054;
     ok djm
   - djm@@cvs.openbsd.org 2005/06/17 02:44:33
     [auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c]
     [bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c]
     [kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c]
     [servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c]
     [ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
     make this -Wsign-compare clean; ok avsm@@ markus@@
     NB. auth1.c changes not committed yet (conflicts with uncommitted sync)
     NB2. more work may be needed to make portable Wsign-compare clean
 - (dtucker) [cipher.c openbsd-compat/openbsd-compat.h
   openbsd-compat/openssl-compat.c] only include openssl compat stuff where
   it's needed as it can cause conflicts elsewhere (eg xcrypt.c).  Found by
   and ok tim@@

20050616
 - (djm) OpenBSD CVS Sync
   - jaredy@@cvs.openbsd.org 2005/06/07 13:25:23
     [progressmeter.c]
     catch SIGWINCH and resize progress meter accordingly; ok markus dtucker
   - djm@@cvs.openbsd.org 2005/06/06 11:20:36
     [auth.c auth.h misc.c misc.h ssh.c ssh_config.5 sshconnect.c]
     introduce a generic %foo expansion function. replace existing % expansion 
     and add expansion to ControlPath; ok markus@@
   - djm@@cvs.openbsd.org 2005/06/08 03:50:00
     [ssh-keygen.1 ssh-keygen.c sshd.8]
     increase default rsa/dsa key length from 1024 to 2048 bits;
     ok markus@@ deraadt@@
   - djm@@cvs.openbsd.org 2005/06/08 11:25:09
     [clientloop.c readconf.c readconf.h ssh.c ssh_config.5]
     add ControlMaster=auto/autoask options to support opportunistic
     multiplexing; tested avsm@@ and jakob@@, ok markus@@
   - dtucker@@cvs.openbsd.org 2005/06/09 13:43:49
     [cipher.c]
     Correctly initialize end of array sentinel; ok djm@@
     (Id sync only, change already in portable)

20050609
 - (dtucker) [cipher.c openbsd-compat/Makefile.in
   openbsd-compat/openbsd-compat.h openbsd-compat/openssl-compat.{c,h}]
   Move compatibility code for supporting older OpenSSL versions to the
   compat layer.  Suggested by and "no objection" djm@@

20050607
 - (dtucker) [configure.ac] Continue the hunt for LLONG_MIN and LLONG_MAX:
   in today's episode we attempt to coax it from limits.h where it may be
   hiding, failing that we take the DIY approach.  Tested by tim@@

20050603
 - (dtucker) [configure.ac] Only try gcc -std=gnu99 if LLONG_MAX isn't
   defined, and check that it helps before keeping it in CFLAGS.  Some old
   gcc's don't set an error code when encountering an unknown value in -std.
   Found and tested by tim@@.
 - (dtucker) [configure.ac] Point configure's reporting address at the
   openssh-unix-dev list.  ok tim@@ djm@@

20050602
 - (tim) [configure.ac] Some platforms need sys/types.h for arpa/nameser.h.
   Take AC_CHECK_HEADERS test out of ultrix section. It caused other platforms
   to skip builtin standard includes tests. (first AC_CHECK_HEADERS test
   must be run on all platforms) Add missing ;; to case statement. OK dtucker@@

20050601
 - (dtucker) [configure.ac] Look for _getshort and _getlong in
   arpa/nameser.h.
 - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoll.c]
   Add strtoll to the compat library, from OpenBSD.
 - (dtucker) OpenBSD CVS Sync
   - avsm@@cvs.openbsd.org 2005/05/26 02:08:05
     [scp.c]
     If copying multiple files to a target file (which normally fails, as it
     must be a target directory), kill the spawned ssh child before exiting.
     This stops it trying to authenticate and spewing lots of output.
     deraadt@@ ok
   - dtucker@@cvs.openbsd.org 2005/05/26 09:08:12
     [ssh-keygen.c]
     uint32_t -> u_int32_t for consistency; ok djm@@
   - djm@@cvs.openbsd.org 2005/05/27 08:30:37
     [ssh.c]
     fix -O for cases where no ControlPath has been specified or socket at
     ControlPath is not contactable; spotted by and ok avsm@@
 - (tim) [config.guess config.sub] Update to '2005-05-27' version.
 - (tim) [configure.ac] set TEST_SHELL for OpenServer 6

20050531
 - (dtucker) [contrib/aix/pam.conf] Correct comments.  From davidl at
   vintela.com.
 - (dtucker) [mdoc2man.awk] Teach it to understand .Ox.

20050530
 - (dtucker) [README] Link to new release notes.  Beter late than never...

20050529
 - (dtucker) [openbsd-compat/port-aix.c] Bug #1046: AIX 5.3 expects the
   argument to passwdexpired to be initialized to NULL.  Suggested by tim@@
   While at it, initialize the other arguments to auth functions in case they
   ever acquire this behaviour.
 - (dtucker) [openbsd-compat/port-aix.c] Whitespace cleanups while there.
 - (dtucker) [openbsd-compat/port-aix.c] Minor correction to debug message,
   spotted by tim@@.

20050528
 - (dtucker) [configure.ac] For AC_CHECK_HEADERS() and AC_CHECK_FUNCS() have
   one entry per line to make it easier to merge changes.  ok djm@@
 - (dtucker) [configure.ac] strsep() may be defined in string.h, so check
   for its presence and include it in the strsep check.
 - (dtucker) [configure.ac] getpgrp may be defined in unistd.h, so check for
   its presence before doing AC_FUNC_GETPGRP.
 - (dtucker) [configure.ac] Merge HP-UX blocks into a common block with minor
   version-specific variations as required.
 - (dtucker) [openbsd-compat/port-aix.h] Use the HAVE_DECL_* definitions as
   per the autoconf man page.  Configure should always define them but it
   doesn't hurt to check.

20050527
 - (djm) [defines.h] Use our realpath if we have to define PATH_MAX, spotted by
   David Leach; ok dtucker@@
 - (dtucker) [acconfig.h configure.ac defines.h includes.h sshpty.c
   openbsd-compat/bsd-misc.c] Add support for Ultrix.  No, that's not a typo.
   Required changes from Bernhard Simon, integrated by me.  ok djm@@

20050525
 - (djm) [mpaux.c mpaux.h Makefile.in] Remove old mpaux.[ch] code, it has not 
   been used for a while
 - (djm) OpenBSD CVS Sync
   - otto@@cvs.openbsd.org 2005/04/05 13:45:31
     [ssh-keygen.c]
   - djm@@cvs.openbsd.org 2005/04/06 09:43:59
     [sshd.c]
     avoid harmless logspam by not performing setsockopt() on non-socket;
     ok markus@@
   - dtucker@@cvs.openbsd.org 2005/04/06 12:26:06
     [ssh.c]
     Fix debug call for port forwards; patch from pete at seebeyond.com,
     ok djm@@ (ID sync only - change already in portable)
   - djm@@cvs.openbsd.org 2005/04/09 04:32:54
     [misc.c misc.h tildexpand.c Makefile.in]
     replace tilde_expand_filename with a simpler implementation, ahead of
     more whacking; ok deraadt@@
   - jmc@@cvs.openbsd.org 2005/04/14 12:30:30
     [ssh.1]
     arg to -b is an address, not if_name;
     ok markus@@
   - jakob@@cvs.openbsd.org 2005/04/20 10:05:45
     [dns.c]
     do not try to look up SSHFP for numerical hostname. ok djm@@
   - djm@@cvs.openbsd.org 2005/04/21 06:17:50
     [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8]
     [sshd_config.5] OpenSSH doesn't ever look at the $HOME environment
     variable, so don't say that we do (bz #623); ok deraadt@@
   - djm@@cvs.openbsd.org 2005/04/21 11:47:19
     [ssh.c]
     don't allocate a pty when -n flag (/dev/null stdin) is set, patch from
     ignasi.roca AT fujitsu-siemens.com (bz #829); ok dtucker@@
   - dtucker@@cvs.openbsd.org 2005/04/23 23:43:47
     [readpass.c]
     Add debug message if read_passphrase can't open /dev/tty; bz #471;
     ok djm@@
   - jmc@@cvs.openbsd.org 2005/04/26 12:59:02
     [sftp-client.h]
     spelling correction in comment from wiz@@netbsd;
   - jakob@@cvs.openbsd.org 2005/04/26 13:08:37
     [ssh.c ssh_config.5]
     fallback gracefully if client cannot connect to ControlPath. ok djm@@
   - moritz@@cvs.openbsd.org 2005/04/28 10:17:56
     [progressmeter.c ssh-keyscan.c]
     add snprintf checks. ok djm@@ markus@@
   - markus@@cvs.openbsd.org 2005/05/02 21:13:22
     [readpass.c]
     missing {}
   - djm@@cvs.openbsd.org 2005/05/10 10:28:11
     [ssh.c]
     print nice error message for EADDRINUSE as well (ID sync only)
   - djm@@cvs.openbsd.org 2005/05/10 10:30:43
     [ssh.c]
     report real errors on fallback from ControlMaster=no to normal connect
   - markus@@cvs.openbsd.org 2005/05/16 15:30:51
     [readconf.c servconf.c]
     check return value from strdelim() for NULL (AddressFamily); mpech
   - djm@@cvs.openbsd.org 2005/05/19 02:39:55
     [sshd_config.5]
     sort config options, from grunk AT pestilenz.org; ok jmc@@
   - djm@@cvs.openbsd.org 2005/05/19 02:40:52
     [sshd_config]
     whitespace nit, from grunk AT pestilenz.org
   - djm@@cvs.openbsd.org 2005/05/19 02:42:26
     [includes.h]
     fix cast, from grunk AT pestilenz.org
   - djm@@cvs.openbsd.org 2005/05/20 10:50:55
     [ssh_config.5]
     give a ProxyCommand example using nc(1), with and ok jmc@@
   - jmc@@cvs.openbsd.org 2005/05/20 11:23:32
     [ssh_config.5]
     oops - article and spacing;
   - avsm@@cvs.openbsd.org 2005/05/23 22:44:01
     [moduli.c ssh-keygen.c]
     - removes signed/unsigned comparisons in moduli generation
     - use strtonum instead of atoi where its easier
     - check some strlcpy overflow and fatal instead of truncate
   - djm@@cvs.openbsd.org 2005/05/23 23:32:46
     [cipher.c myproposal.h ssh.1 ssh_config.5 sshd_config.5]
     add support for draft-harris-ssh-arcfour-fixes-02 improved arcfour modes;
     ok markus@@
   - avsm@@cvs.openbsd.org 2005/05/24 02:05:09
     [ssh-keygen.c]
     some style nits from dmiller@@, and use a fatal() instead of a printf()/exit
   - avsm@@cvs.openbsd.org 2005/05/24 17:32:44
     [atomicio.c atomicio.h authfd.c monitor_wrap.c msg.c scp.c sftp-client.c]
     [ssh-keyscan.c sshconnect.c]
     Switch atomicio to use a simpler interface; it now returns a size_t
     (containing number of bytes read/written), and indicates error by
     returning 0.  EOF is signalled by errno==EPIPE.
     Typical use now becomes:

     if (atomicio(read, ..., len) != len)
             err(1,"read");

     ok deraadt@@, cloder@@, djm@@
 - (dtucker) [regress/reexec.sh] Add ${EXEEXT} so this test also works on
   Cygwin.
 - (dtucker) [auth-pam.c] Bug #1033: Fix warnings building with PAM on Linux:
   warning: dereferencing type-punned pointer will break strict-aliasing rules
   warning: passing arg 3 of `pam_get_item' from incompatible pointer type
   The type-punned pointer fix is based on a patch from SuSE's rpm.  ok djm@@
 - (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Bug #1033: Provide
   templates for _getshort and _getlong if missing to prevent compiler warnings
   on Linux.
 - (djm) [configure.ac openbsd-compat/Makefile.in]
         [openbsd-compat/openbsd-compat.h openbsd-compat/strtonum.c]
         Add strtonum(3) from OpenBSD libc, new code needs it. 
         Unfortunately Linux forces us to do a bizarre dance with compiler
         options to get LLONG_MIN/MAX; Spotted by and ok dtucker@@ 

d12 1
a12 1
 - Release 4.1p1
d2499 1
a2499 1
$Id: ChangeLog,v 1.3887 2005/09/01 09:10:48 djm Exp $
@


1.1.1.12
log
@Vendor import of OpenSSH 4.3p1.
@
text
@a0 829
20060201
 - (djm) [regress/test-exec.sh] Try 'logname' as well as 'whoami' to 
   determine the user's login name - needed for regress tests on Solaris 
   10 and OpenSolaris
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/02/01 09:06:50
     [sshd.8]
     - merge sections on protocols 1 and 2 into a single section
     - remove configuration file section
     ok markus
   - jmc@@cvs.openbsd.org 2006/02/01 09:11:41
     [sshd.8]
     small tweak;
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Update versions ahead of release
   - markus@@cvs.openbsd.org 2006/02/01 11:27:22
     [version.h]
     openssh 4.3
 - (djm) Release OpenSSH 4.3p1

20060131
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/01/20 11:21:45
     [ssh_config.5]
     - word change, agreed w/ markus
     - consistency fixes
   - jmc@@cvs.openbsd.org 2006/01/25 09:04:34
     [sshd.8]
     move the options description up the page, and a few additional tweaks
     whilst in here;
     ok markus
   - jmc@@cvs.openbsd.org 2006/01/25 09:07:22
     [sshd.8]
     move subsections to full sections;
   - jmc@@cvs.openbsd.org 2006/01/26 08:47:56
     [ssh.1]
     add a section on verifying host keys in dns;
     written with a lot of help from jakob;
     feedback dtucker/markus;
     ok markus
   - reyk@@cvs.openbsd.org 2006/01/30 12:22:22
     [channels.c]
     mark channel as write failed or dead instead of read failed on error
     of the channel output filter.
     ok markus@@
   - jmc@@cvs.openbsd.org 2006/01/30 13:37:49
     [ssh.1]
     remove an incorrect sentence;
     reported by roumen petrov;
     ok djm markus
   - djm@@cvs.openbsd.org 2006/01/31 10:19:02
     [misc.c misc.h scp.c sftp.c]
     fix local arbitrary command execution vulnerability on local/local and
     remote/remote copies (CVE-2006-0225, bz #1094), patch by
     t8m AT centrum.cz, polished by dtucker@@ and myself; ok markus@@
   - djm@@cvs.openbsd.org 2006/01/31 10:35:43
     [scp.c]
     "scp a b c" shouldn't clobber "c" when it is not a directory, report and
     fix from biorn@@; ok markus@@
 - (djm) Sync regress tests to OpenBSD:
   - dtucker@@cvs.openbsd.org 2005/03/10 10:20:39
     [regress/forwarding.sh]
     Regress test for ClearAllForwardings (bz #994); ok markus@@
   - dtucker@@cvs.openbsd.org 2005/04/25 09:54:09
     [regress/multiplex.sh]
     Don't call cleanup in multiplex as test-exec will cleanup anyway
     found by tim@@, ok djm@@
     NB. ID sync only, we already had this
   - djm@@cvs.openbsd.org 2005/05/20 23:14:15
     [regress/test-exec.sh]
     force addressfamily=inet for tests, unbreaking dynamic-forward regress for
     recently committed nc SOCKS5 changes
   - djm@@cvs.openbsd.org 2005/05/24 04:10:54
     [regress/try-ciphers.sh]
     oops, new arcfour modes here too
   - markus@@cvs.openbsd.org 2005/06/30 11:02:37
     [regress/scp.sh]
     allow SUDO=sudo; from Alexander Bluhm
   - grunk@@cvs.openbsd.org 2005/11/14 21:25:56
     [regress/agent-getpeereid.sh]
     all other scripts in this dir use $SUDO, not 'sudo', so pull this even
     ok markus@@
   - dtucker@@cvs.openbsd.org 2005/12/14 04:36:39
     [regress/scp-ssh-wrapper.sh]
     Fix assumption about how many args scp will pass; ok djm@@
     NB. ID sync only, we already had this
   - djm@@cvs.openbsd.org 2006/01/27 06:49:21
     [scp.sh]
     regress test for local to local scp copies; ok dtucker@@
   - djm@@cvs.openbsd.org 2006/01/31 10:23:23
     [scp.sh]
     regression test for CVE-2006-0225 written by dtucker@@
   - djm@@cvs.openbsd.org 2006/01/31 10:36:33
     [scp.sh]
     regress test for "scp a b c" where "c" is not a directory

20060129
 - (dtucker) [configure.ac opensshd.init.in] Bug #1144: Use /bin/sh for the
   opensshd.init script interpretter if /sbin/sh does not exist.  ok tim@@

20060120
 - (dtucker) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/01/15 17:37:05
     [ssh.1]
     correction from deraadt
   - jmc@@cvs.openbsd.org 2006/01/18 10:53:29
     [ssh.1]
     add a section on ssh-based vpn, based on reyk's README.tun;
   - dtucker@@cvs.openbsd.org 2006/01/20 00:14:55
     [scp.1 ssh.1 ssh_config.5 sftp.1]
     Document RekeyLimit.  Based on patch from jan.iven at cern.ch from mindrot
     #1056 with feedback from jmc, djm and markus; ok jmc@@ djm@@

20060114
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/01/06 13:27:32
     [ssh.1]
     weed out some duplicate info in the known_hosts FILES entries;
     ok djm
   - jmc@@cvs.openbsd.org 2006/01/06 13:29:10
     [ssh.1]
     final round of whacking FILES for duplicate info, and some consistency
     fixes;
     ok djm
   - jmc@@cvs.openbsd.org 2006/01/12 14:44:12
     [ssh.1]
     split sections on tcp and x11 forwarding into two sections.
     add an example in the tcp section, based on sth i wrote for ssh faq;
     help + ok: djm markus dtucker
   - jmc@@cvs.openbsd.org 2006/01/12 18:48:48
     [ssh.1]
     refer to `TCP' rather than `TCP/IP' in the context of connection
     forwarding;
     ok markus
   - jmc@@cvs.openbsd.org 2006/01/12 22:20:00
     [sshd.8]
     refer to TCP forwarding, rather than TCP/IP forwarding;
   - jmc@@cvs.openbsd.org 2006/01/12 22:26:02
     [ssh_config.5]
     refer to TCP forwarding, rather than TCP/IP forwarding;
   - jmc@@cvs.openbsd.org 2006/01/12 22:34:12
     [ssh.1]
     back out a sentence - AUTHENTICATION already documents this;

20060109
 - (dtucker) [contrib/cygwin/ssh-host-config] Make sshd service depend on
   tcpip service so it's always started after IP is up.  Patch from
   vinschen at redhat.com.

20060106
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/01/03 16:31:10
     [ssh.1]
     move FILES to a -compact list, and make each files an item in that list.
     this avoids nastly line wrap when we have long pathnames, and treats
     each file as a separate item;
     remove the .Pa too, since it is useless.
   - jmc@@cvs.openbsd.org 2006/01/03 16:35:30
     [ssh.1]
     use a larger width for the ENVIRONMENT list;
   - jmc@@cvs.openbsd.org 2006/01/03 16:52:36
     [ssh.1]
     put FILES in some sort of order: sort by pathname
   - jmc@@cvs.openbsd.org 2006/01/03 16:55:18
     [ssh.1]
     tweak the description of ~/.ssh/environment
   - jmc@@cvs.openbsd.org 2006/01/04 18:42:46
     [ssh.1]
     chop out some duplication in the .{r,s}hosts/{h,sh}osts.equiv FILES
     entries;
     ok markus
   - jmc@@cvs.openbsd.org 2006/01/04 18:45:01
     [ssh.1]
     remove .Xr's to rsh(1) and telnet(1): they are hardly needed;
   - jmc@@cvs.openbsd.org 2006/01/04 19:40:24
     [ssh.1]
     +.Xr ssh-keyscan 1 ,
   - jmc@@cvs.openbsd.org 2006/01/04 19:50:09
     [ssh.1]
     -.Xr gzip 1 ,
   - djm@@cvs.openbsd.org 2006/01/05 23:43:53
     [misc.c]
     check that stdio file descriptors are actually closed before clobbering
     them in sanitise_stdfd(). problems occurred when a lower numbered fd was
     closed, but higher ones weren't. spotted by, and patch tested by
     Frdric Olivi

20060103
 - (djm) [channels.c] clean up harmless merge error, from reyk@@

20060103
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/01/02 17:09:49
     [ssh_config.5 sshd_config.5]
     some corrections from michael knudsen;

20060102
 - (djm) [README.tun] Add README.tun, missed during sync of tun(4) support
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2005/12/31 10:46:17
     [ssh.1]
     merge the "LOGIN SESSION AND REMOTE EXECUTION" and "SERVER
     AUTHENTICATION" sections into "AUTHENTICATION";
     some rewording done to make the text read better, plus some
     improvements from djm;
     ok djm
   - jmc@@cvs.openbsd.org 2005/12/31 13:44:04
     [ssh.1]
     clean up ENVIRONMENT a little;
   - jmc@@cvs.openbsd.org 2005/12/31 13:45:19
     [ssh.1]
     .Nm does not require an argument;
   - stevesk@@cvs.openbsd.org 2006/01/01 08:59:27
     [includes.h misc.c]
     move <net/if.h>; ok djm@@
   - stevesk@@cvs.openbsd.org 2006/01/01 10:08:48
     [misc.c]
     no trailing "\n" for debug()
   - djm@@cvs.openbsd.org 2006/01/02 01:20:31
     [sftp-client.c sftp-common.h sftp-server.c]
     use a common max. packet length, no binary change
   - reyk@@cvs.openbsd.org 2006/01/02 07:53:44
     [misc.c]
     clarify tun(4) opening - set the mode and bring the interface up. also
     (re)sets the tun(4) layer 2 LINK0 flag for existing tunnel interfaces.
     suggested and ok by djm@@
   - jmc@@cvs.openbsd.org 2006/01/02 12:31:06
     [ssh.1]
     start to cut some duplicate info from FILES;
     help/ok djm

20060101
 - (djm) [Makefile.in configure.ac includes.h misc.c]
         [openbsd-compat/port-tun.c openbsd-compat/port-tun.h] Add support
         for tunnel forwarding for FreeBSD and NetBSD. NetBSD's support is
         limited to IPv4 tunnels only, and most versions don't support the
         tap(4) device at all.
 - (djm) [configure.ac] Fix linux/if_tun.h test
 - (djm) [openbsd-compat/port-tun.c] Linux needs linux/if.h too

20051229
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2005/12/28 22:46:06
     [canohost.c channels.c clientloop.c]
     use 'break-in' for consistency; ok deraadt@@ ok and input jmc@@
   - reyk@@cvs.openbsd.org 2005/12/30 15:56:37
     [channels.c channels.h clientloop.c]
     add channel output filter interface.
     ok djm@@, suggested by markus@@
   - jmc@@cvs.openbsd.org 2005/12/30 16:59:00
     [sftp.1]
     do not suggest that interactive authentication will work
     with the -b flag;
     based on a diff from john l. scarfone;
     ok djm
   - stevesk@@cvs.openbsd.org 2005/12/31 01:38:45
     [ssh.1]
     document -MM; ok djm@@
 - (djm) [openbsd-compat/port-tun.c openbsd-compat/port-tun.h configure.ac]
   [serverloop.c ssh.c openbsd-compat/Makefile.in]
   [openbsd-compat/openbsd-compat.h] Implement tun(4) forwarding 
   compatability support for Linux, diff from reyk@@
 - (djm) [configure.ac] Disable Linux tun(4) compat code if linux/tun.h does
   not exist
 - (djm) [configure.ac] oops, make that linux/if_tun.h

20051229
 - (tim) [buildpkg.sh.in] grep for $SSHDUID instead of $SSHDGID on /etc/passwd

20051224
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2005/12/20 21:59:43
     [ssh.1]
     merge the sections on protocols 1 and 2 into one section on
     authentication;
     feedback djm dtucker
     ok deraadt markus dtucker
   - jmc@@cvs.openbsd.org 2005/12/20 22:02:50
     [ssh.1]
     .Ss -> .Sh: subsections have not made this page more readable
   - jmc@@cvs.openbsd.org 2005/12/20 22:09:41
     [ssh.1]
     move info on ssh return values and config files up into the main
     description;
   - jmc@@cvs.openbsd.org 2005/12/21 11:48:16
     [ssh.1]
     -L and -R descriptions are now above, not below, ~C description;
   - jmc@@cvs.openbsd.org 2005/12/21 11:57:25
     [ssh.1]
     options now described `above', rather than `later';
   - jmc@@cvs.openbsd.org 2005/12/21 12:53:31
     [ssh.1]
     -Y does X11 forwarding too;
     ok markus
   - stevesk@@cvs.openbsd.org 2005/12/21 22:44:26
     [sshd.8]
     clarify precedence of -p, Port, ListenAddress; ok and help jmc@@
   - jmc@@cvs.openbsd.org 2005/12/22 10:31:40
     [ssh_config.5]
     put the description of "UsePrivilegedPort" in the correct place;
   - jmc@@cvs.openbsd.org 2005/12/22 11:23:42
     [ssh.1]
     expand the description of -w somewhat;
     help/ok reyk
   - jmc@@cvs.openbsd.org 2005/12/23 14:55:53
     [ssh.1]
     - sync the description of -e w/ synopsis
     - simplify the description of -I
     - note that -I is only available if support compiled in, and that it
     isn't by default
     feedback/ok djm@@
   - jmc@@cvs.openbsd.org 2005/12/23 23:46:23
     [ssh.1]
     less mark up for -c;
   - djm@@cvs.openbsd.org 2005/12/24 02:27:41
     [session.c sshd.c]
     eliminate some code duplicated in privsep and non-privsep paths, and
     explicitly clear SIGALRM handler; "groovy" deraadt@@

20051220
 - (dtucker) OpenBSD CVS Sync
   - reyk@@cvs.openbsd.org 2005/12/13 15:03:02
     [serverloop.c]
     if forced_tun_device is not set, it is -1 and not SSH_TUNID_ANY
   - jmc@@cvs.openbsd.org 2005/12/16 18:07:08
     [ssh.1]
     move the option descriptions up the page: start of a restructure;
     ok markus deraadt
   - jmc@@cvs.openbsd.org 2005/12/16 18:08:53
     [ssh.1]
     simplify a sentence;
   - jmc@@cvs.openbsd.org 2005/12/16 18:12:22
     [ssh.1]
     make the description of -c a little nicer;
   - jmc@@cvs.openbsd.org 2005/12/16 18:14:40
     [ssh.1]
     signpost the protocol sections;
   - stevesk@@cvs.openbsd.org 2005/12/17 21:13:05
     [ssh_config.5 session.c]
     spelling: fowarding, fowarded
   - stevesk@@cvs.openbsd.org 2005/12/17 21:36:42
     [ssh_config.5]
     spelling: intented -> intended
   - dtucker@@cvs.openbsd.org 2005/12/20 04:41:07
     [ssh.c]
     exit(255) on error to match description in ssh(1); bz #1137; ok deraadt@@

20051219
 - (dtucker) [cipher-aes.c cipher-ctr.c cipher.c configure.ac
   openbsd-compat/openssl-compat.h] Check for and work around broken AES
   ciphers >128bit on (some) Solaris 10 systems.  ok djm@@

20051217
 - (dtucker) [defines.h] HP-UX system headers define "YES" and "NO" which
   scp.c also uses, so undef them here.
 - (dtucker) [configure.ac openbsd-compat/bsd-snprintf.c] Bug #1133: Our
   snprintf replacement can have a conflicting declaration in HP-UX's system
   headers (const vs. no const) so we now check for and work around it.  Patch
   from the dynamic duo of David Leonard and Ted Percival.

20051214
 - (dtucker) OpenBSD CVS Sync (regress/)
   - dtucker@@cvs.openbsd.org 2005/12/30 04:36:39
     [regress/scp-ssh-wrapper.sh]
     Fix assumption about how many args scp will pass; ok djm@@

20051213
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2005/11/30 11:18:27
     [ssh.1]
     timezone -> time zone
   - jmc@@cvs.openbsd.org 2005/11/30 11:45:20
     [ssh.1]
     avoid ambiguities in describing TZ;
     ok djm@@
   - reyk@@cvs.openbsd.org 2005/12/06 22:38:28
     [auth-options.c auth-options.h channels.c channels.h clientloop.c]
     [misc.c misc.h readconf.c readconf.h scp.c servconf.c servconf.h]
     [serverloop.c sftp.c ssh.1 ssh.c ssh_config ssh_config.5 sshconnect.c]
     [sshconnect.h sshd.8 sshd_config sshd_config.5]
     Add support for tun(4) forwarding over OpenSSH, based on an idea and
     initial channel code bits by markus@@. This is a simple and easy way to
     use OpenSSH for ad hoc virtual private network connections, e.g.
     administrative tunnels or secure wireless access. It's based on a new
     ssh channel and works similar to the existing TCP forwarding support,
     except that it depends on the tun(4) network interface on both ends of
     the connection for layer 2 or layer 3 tunneling. This diff also adds
     support for LocalCommand in the ssh(1) client.
     ok djm@@, markus@@, jmc@@ (manpages), tested and discussed with others
   - djm@@cvs.openbsd.org 2005/12/07 03:52:22
     [clientloop.c]
     reyk forgot to compile with -Werror (missing header)
   - jmc@@cvs.openbsd.org 2005/12/07 10:52:13
     [ssh.1]
     - avoid line split in SYNOPSIS
     - add args to -w
     - kill trailing whitespace
   - jmc@@cvs.openbsd.org 2005/12/08 14:59:44
     [ssh.1 ssh_config.5]
     make `!command' a little clearer;
     ok reyk
   - jmc@@cvs.openbsd.org 2005/12/08 15:06:29
     [ssh_config.5]
     keep options in order;
   - reyk@@cvs.openbsd.org 2005/12/08 18:34:11
     [auth-options.c includes.h misc.c misc.h readconf.c servconf.c]
     [serverloop.c ssh.c ssh_config.5 sshd_config.5 configure.ac]
     two changes to the new ssh tunnel support. this breaks compatibility
     with the initial commit but is required for a portable approach.
     - make the tunnel id u_int and platform friendly, use predefined types.
     - support configuration of layer 2 (ethernet) or layer 3
     (point-to-point, default) modes. configuration is done using the
     Tunnel (yes|point-to-point|ethernet|no) option is ssh_config(5) and
     restricted by the PermitTunnel (yes|point-to-point|ethernet|no) option
     in sshd_config(5).
     ok djm@@, man page bits by jmc@@
   - jmc@@cvs.openbsd.org 2005/12/08 21:37:50
     [ssh_config.5]
     new sentence, new line;
   - markus@@cvs.openbsd.org 2005/12/12 13:46:18
     [channels.c channels.h session.c]
     make sure protocol messages for internal channels are ignored.
     allow adjust messages for non-open channels; with and ok djm@@
 - (djm) [misc.c] Disable tunnel code for non-OpenBSD (for now), enable
   again by providing a sys_tun_open() function for your platform and 
   setting the CUSTOM_SYS_TUN_OPEN define. More work is required to match 
   OpenBSD's tunnel protocol, which prepends the address family to the 
   packet

20051201
 - (djm) [envpass.sh] Remove regress script that was accidentally committed 
   in top level directory and not noticed for over a year :)

20051129
 - (tim) [ssh-keygen.c] Move DSA length test after setting default when
   bits == 0.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2005/11/29 02:04:55
     [ssh-keygen.c]
     Populate default key sizes before checking them; from & ok tim@@
 - (tim) [configure.ac sshd.8] Enable locked account check (a "*LK*" string)
   for UnixWare.

20051128
 - (dtucker) [regress/yes-head.sh] Work around breakage caused by some
   versions of GNU head.  Based on patch from zappaman at buraphalinux.org
 - (dtucker) [includes.h] Bug #1122: __USE_GNU is a glibc internal macro, use
   _GNU_SOURCE instead.  Patch from t8m at centrum.cz.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2005/11/28 05:16:53
     [ssh-keygen.1 ssh-keygen.c]
     Enforce DSA key length of exactly 1024 bits to comply with FIPS-186-2,
     increase minumum RSA key size to 768 bits and update man page to reflect
     these.  Patch originally bz#1119 (senthilkumar_sen at hotpop.com),
     ok djm@@, grudging ok deraadt@@.
   - dtucker@@cvs.openbsd.org 2005/11/28 06:02:56
     [ssh-agent.1]
     Update agent socket path templates to reflect reality, correct xref for
     time formats.  bz#1121, patch from openssh at roumenpetrov.info, ok djm@@

20051126
 - (dtucker) [configure.ac] Bug #1126: AIX 5.2 and 5.3 (and presumably newer,
   when they're available) need the real UID set otherwise pam_chauthtok will
   set ADMCHG after changing the password, forcing the user to change it
   again immediately.

20051125
 - (dtucker) [configure.ac] Apply tim's fix for older systems where the
   resolver state in resolv.h is "state" not "__res_state".  With slight
   modification by me to also work on old AIXes.  ok djm@@
 - (dtucker) [progressmeter.c scp.c sftp-server.c] Use correct casts for
   snprintf formats, fixes warnings on some 64 bit platforms.  Patch from
   shaw at vranix.com, ok djm@@

20051124
 - (djm) [configure.ac openbsd-compat/Makefile.in openbsd-compat/bsd-asprintf.c 
   openbsd-compat/bsd-snprintf.c openbsd-compat/openbsd-compat.h] Add an 
   asprintf() implementation, after syncing our {v,}snprintf() implementation
   with some extra fixes from Samba's version. With help and debugging from 
   dtucker and tim; ok dtucker@@
 - (dtucker) [configure.ac] Fix typos in comments and AC_SEARCH_LIB argument
   order in Reliant Unix block.  Patch from johane at lysator.liu.se.
 - (dtucker) [regress/test-exec.sh] Use 1024 bit keys since we generate so
   many and use them only once.  Speeds up testing on older/slower hardware.

20051122
 - (dtucker) OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2005/11/12 18:37:59
     [ssh-add.c]
     space
   - deraadt@@cvs.openbsd.org 2005/11/12 18:38:15
     [scp.c]
     avoid close(-1), as in rcp; ok cloder
   - millert@@cvs.openbsd.org 2005/11/15 11:59:54
     [includes.h]
     Include sys/queue.h explicitly instead of assuming some other header
     will pull it in.  At the moment it gets pulled in by sys/select.h
     (which ssh has no business including) via event.h.  OK markus@@
     (ID sync only in -portable)
   - dtucker@@cvs.openbsd.org 2005/11/21 09:42:10
     [auth-krb5.c]
     Perform Kerberos calls even for invalid users to prevent leaking
     information about account validity.  bz #975, patch originally from
     Senthil Kumar, sanity checked by Simon Wilkinson, tested by djm@@, biorn@@,
     ok markus@@
   - dtucker@@cvs.openbsd.org 2005/11/22 03:36:03
     [hostfile.c]
     Correct format/arguments to debug call; spotted by shaw at vranix.com
     ok djm@@
 - (dtucker) [loginrec.c] Add casts to prevent compiler warnings, patch
   from shaw at vranix.com.

20051120
 - (dtucker) [openbsd-compat/openssl-compat.h] Add comment explaining what
   is going on.

20051112
 - (dtucker) [openbsd-compat/getrrsetbyname.c] Restore Portable-specific
   ifdef lost during sync.  Spotted by tim@@.
 - (dtucker) [openbsd-compat/{realpath.c,stroll.c,rresvport.c}] $OpenBSD tag.
 - (dtucker) [configure.ac] Use "$AWK" instead of "awk" in gcc version test.
 - (dtucker) [configure.ac] Remove duplicate utimes() check.  ok djm@@
 - (dtucker) [regress/reconfigure.sh] Fix potential race in the reconfigure
   test: if sshd takes too long to reconfigure the subsequent connection will
   fail.  Zap pidfile before HUPing sshd which will rewrite it when it's ready.

20051110
 - (dtucker) [openbsd-compat/setenv.c] Merge changes for __findenv from
   OpenBSD getenv.c revs 1.4 - 1.8 (ANSIfication of arguments, removal of
   "register").
 - (dtucker) [openbsd-compat/setenv.c] Make __findenv static, remove
   unnecessary prototype.
 - (dtucker) [openbsd-compat/setenv.c] Sync changes from OpenBSD setenv.c
   revs 1.7 - 1.9.
 - (dtucker) [auth-krb5.c] Fix -Wsign-compare warning in non-Heimdal path.
   Patch from djm@@.
 - (dtucker) [configure.ac] Disable pointer-sign warnings on gcc 4.0+
   since they're not useful right now.  Patch from djm@@.
 - (dtucker) [openbsd-compat/getgrouplist.c] Sync OpenBSD revs 1.10 - 1.2 (ANSI
   prototypes, removal of "register").
 - (dtucker) [openbsd-compat/strlcat.c] Sync OpenBSD revs 1.11 - 1.12 (removal
   of "register").
 - (dtucker) [openbsd-compat/{LOTS}] Move the "OPENBSD ORIGINAL" markers to
   after the copyright notices.  Having them at the top next to the CVSIDs
   guarantees a conflict for each and every sync.
 - (dtucker) [openbsd-compat/strlcpy.c] Update from OpenBSD 1.8 -> 1.10.
 - (dtucker) [openbsd-compat/sigact.h] Add "OPENBSD ORIGINAL" marker.
 - (dtucker) [openbsd-compat/strmode.c] Update from OpenBSD 1.5 -> 1.7.
   Removal of rcsid, "whiteout" inode type.
 - (dtucker) [openbsd-compat/basename.c] Update from OpenBSD 1.11 -> 1.14.
   Removal of rcsid, will no longer strlcpy parts of the string.
 - (dtucker) [openbsd-compat/strtoll.c] Update from OpenBSD 1.4 -> 1.5.
 - (dtucker) [openbsd-compat/strtoul.c] Update from OpenBSD 1.5 -> 1.7.
 - (dtucker) [openbsd-compat/readpassphrase.c] Update from OpenBSD 1.16 -> 1.18.
 - (dtucker) [openbsd-compat/readpassphrase.h] Update from OpenBSD 1.3 -> 1.5.
 - (dtucker) [openbsd-compat/glob.c] Update from OpenBSD 1.22 -> 1.25.
 - (dtucker) [openbsd-compat/glob.h] Update from OpenBSD 1.8 -> 1.9.
 - (dtucker) [openbsd-compat/getcwd.c] Update from OpenBSD 1.9 -> 1.14.
 - (dtucker) [openbsd-compat/getcwd.c] Replace lstat with fstat to match up
   with OpenBSD code since we don't support platforms without fstat any more.
 - (dtucker) [openbsd-compat/inet_aton.c] Update from OpenBSD 1.7 -> 1.9.
 - (dtucker) [openbsd-compat/inet_ntoa.c] Update from OpenBSD 1.4 -> 1.6.
 - (dtucker) [openbsd-compat/inet_ntop.c] Update from OpenBSD 1.5 -> 1.7.
 - (dtucker) [openbsd-compat/daemon.c] Update from OpenBSD 1.5 -> 1.6.
 - (dtucker) [openbsd-compat/strsep.c] Update from OpenBSD 1.5 -> 1.6.
 - (dtucker) [openbsd-compat/daemon.c] Update from OpenBSD 1.10 -> 1.13.
 - (dtucker) [openbsd-compat/mktemp.c] Update from OpenBSD 1.17 -> 1.19.
 - (dtucker) [openbsd-compat/rresvport.c] Update from OpenBSD 1.6 -> 1.8.
 - (dtucker) [openbsd-compat/bindresvport.c] Add "OPENBSD ORIGINAL" marker.
 - (dtucker) [openbsd-compat/bindresvport.c] Update from OpenBSD 1.16 -> 1.17.
 - (dtucker) [openbsd-compat/sigact.c] Update from OpenBSD 1.3 -> 1.4.
   Id and copyright sync only, there were no substantial changes we need.
 - (dtucker) [openbsd-compat/bsd-closefrom.c openbsd-compat/base64.c]
   -Wsign-compare fixes from djm.
 - (dtucker) [openbsd-compat/sigact.h] Update from OpenBSD 1.2 -> 1.3.
   Id and copyright sync only, there were no substantial changes we need.
 - (dtucker) [configure.ac] Try to get the gcc version number in a way that
   doesn't change between versions, and use a safer default.

20051105
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2005/10/07 11:13:57
     [ssh-keygen.c]
     change DSA default back to 1024, as it's defined for 1024 bits only
     and this causes interop problems with other clients.  moreover,
     in order to improve the security of DSA you need to change more
     components of DSA key generation (e.g. the internal SHA1 hash);
     ok deraadt
   - djm@@cvs.openbsd.org 2005/10/10 10:23:08
     [channels.c channels.h clientloop.c serverloop.c session.c]
     fix regression I introduced in 4.2: X11 forwardings initiated after
     a session has exited (e.g. "(sleep 5; xterm) &") would not start.
     bz #1086 reported by t8m AT centrum.cz; ok markus@@ dtucker@@
   - djm@@cvs.openbsd.org 2005/10/11 23:37:37
     [channels.c]
     bz #1076 set SO_REUSEADDR on X11 forwarding listner sockets, preventing
     bind() failure when a previous connection's listeners are in TIME_WAIT,
     reported by plattner AT inf.ethz.ch; ok dtucker@@
   - stevesk@@cvs.openbsd.org 2005/10/13 14:03:01
     [auth2-gss.c gss-genr.c gss-serv.c]
     remove unneeded #includes; ok markus@@
   - stevesk@@cvs.openbsd.org 2005/10/13 14:20:37
     [gss-serv.c]
     spelling in comments
   - stevesk@@cvs.openbsd.org 2005/10/13 19:08:08
     [gss-serv-krb5.c gss-serv.c]
     unused declarations; ok deraadt@@
     (id sync only for gss-serv-krb5.c)
   - stevesk@@cvs.openbsd.org 2005/10/13 19:13:41
     [dns.c]
     unneeded #include, unused declaration, little knf; ok deraadt@@
   - stevesk@@cvs.openbsd.org 2005/10/13 22:24:31
     [auth2-gss.c gss-genr.c gss-serv.c monitor.c]
     KNF; ok djm@@
   - stevesk@@cvs.openbsd.org 2005/10/14 02:17:59
     [ssh-keygen.c ssh.c sshconnect2.c]
     no trailing "\n" for log functions; ok djm@@
   - stevesk@@cvs.openbsd.org 2005/10/14 02:29:37
     [channels.c clientloop.c]
     free()->xfree(); ok djm@@
   - stevesk@@cvs.openbsd.org 2005/10/15 15:28:12
     [sshconnect.c]
     make external definition static; ok deraadt@@
   - stevesk@@cvs.openbsd.org 2005/10/17 13:45:05
     [dns.c]
     fix memory leaks from 2 sources:
         1) key_fingerprint_raw()
         2) malloc in dns_read_rdata()
     ok jakob@@
   - stevesk@@cvs.openbsd.org 2005/10/17 14:01:28
     [dns.c]
     remove #ifdef LWRES; ok jakob@@
   - stevesk@@cvs.openbsd.org 2005/10/17 14:13:35
     [dns.c dns.h]
     more cleanups; ok jakob@@
   - djm@@cvs.openbsd.org 2005/10/30 01:23:19
     [ssh_config.5]
     mention control socket fallback behaviour, reported by 
     tryponraj AT gmail.com
   - djm@@cvs.openbsd.org 2005/10/30 04:01:03
     [ssh-keyscan.c]
     make ssh-keygen discard junk from server before SSH- ident, spotted by
     dave AT cirt.net; ok dtucker@@
   - djm@@cvs.openbsd.org 2005/10/30 04:03:24
     [ssh.c]
     fix misleading debug message; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2005/10/30 08:29:29
     [canohost.c sshd.c]
     Check for connections with IP options earlier and drop silently.  ok djm@@
   - jmc@@cvs.openbsd.org 2005/10/30 08:43:47
     [ssh_config.5]
     remove trailing whitespace;
   - djm@@cvs.openbsd.org 2005/10/30 08:52:18
     [clientloop.c packet.c serverloop.c session.c ssh-agent.c ssh-keygen.c]
     [ssh.c sshconnect.c sshconnect1.c sshd.c]
     no need to escape single quotes in comments, no binary change
   - dtucker@@cvs.openbsd.org 2005/10/31 06:15:04
     [sftp.c]
     Fix sorting with "ls -1" command. From Robert Tsai, "looks right" deraadt@@
   - djm@@cvs.openbsd.org 2005/10/31 11:12:49
     [ssh-keygen.1 ssh-keygen.c]
     generate a protocol 2 RSA key by default
   - djm@@cvs.openbsd.org 2005/10/31 11:48:29
     [serverloop.c]
     make sure we clean up wtmp, etc. file when we receive a SIGTERM,
     SIGINT or SIGQUIT when running without privilege separation (the
     normal privsep case is already OK). Patch mainly by dtucker@@ and
     senthilkumar_sen AT hotpop.com; ok dtucker@@
   - jmc@@cvs.openbsd.org 2005/10/31 19:55:25
     [ssh-keygen.1]
     grammar;
   - dtucker@@cvs.openbsd.org 2005/11/03 13:38:29
     [canohost.c]
     Cache reverse lookups with and without DNS separately; ok markus@@
   - djm@@cvs.openbsd.org 2005/11/04 05:15:59
     [kex.c kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c]
     remove hardcoded hash lengths in key exchange code, allowing
     implementation of KEX methods with different hashes (e.g. SHA-256);
     ok markus@@ dtucker@@ stevesk@@
   - djm@@cvs.openbsd.org 2005/11/05 05:01:15
     [bufaux.c]
     Fix leaks in error paths, bz #1109 and #1110 reported by kremenek AT
     cs.stanford.edu; ok dtucker@@
 - (dtucker) [README.platform] Add PAM section.
 - (djm) [openbsd-compat/getrrsetbyname.c] Sync to latest OpenBSD version,
   resolving memory leak bz#1111 reported by kremenek AT cs.stanford.edu;
   ok dtucker@@

20051102
 - (dtucker) [openbsd-compat/bsd-misc.c] Bug #1108: fix broken strdup().
   Reported by olavi at ipunplugged.com and antoine.brodin at laposte.net
   via FreeBSD.

20051030
 - (djm) [contrib/suse/openssh.spec contrib/suse/rc.
   sshd contrib/suse/sysconfig.ssh] Bug #1106: Updated SuSE spec and init 
   files from imorgan AT nas.nasa.gov
 - (dtucker) [session.c] Bug #1045do not check /etc/nologin when PAM is
   enabled, instead allow PAM to handle it.  Note that on platforms using PAM,
   the pam_nologin module should be added to sshd's session stack in order to
   maintain exising behaviour.  Based on patch and discussion from t8m at
   centrum.cz, ok djm@@

20051025
 - (dtucker) [configure.ac] Relocate LLONG_MAX calculation to after the
   sizeof(long long) checks, to make fixing bug #1104 easier (no changes
   yet).
 - (dtucker) [configure.ac] Bug #1104: Tru64's printf family doesn't
   understand "%lld", even though the compiler has "long long", so handle
   it as a special case.  Patch tested by mcaskill.scott at epa.gov.
 - (dtucker) [contrib/cygwin/ssh-user-config] Remove duplicate yes/no
   prompt.  Patch from vinschen at redhat.com.

20051017
 - (dtucker) [configure.ac] Bug #1097: Fix configure for cross-compiling.
   /etc/default/login report and testing from aabaker at iee.org, corrections
   from tim@@.

20051009
 - (dtucker) [configure.ac defines.h openbsd-compat/vis.{c,h}] Sync current
   versions from OpenBSD.  ok djm@@

20051008
 - (dtucker) [configure.ac] Bug #1098: define $MAIL for HP-UX; report from
   brian.smith at agilent com.
 - (djm) [configure.ac] missing 'test' call for -with-Werror test

20051005
 - (dtucker) [configure.ac sshd.8] Enable locked account check (a prepended
   "*LOCKED*" string) for FreeBSD.  Patch jeremie at le-hen.org and
   senthilkumar_sen at hotpop.com.

20051003
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2005/09/07 08:53:53
     [channels.c]
     enforce chanid != NULL; ok djm
   - markus@@cvs.openbsd.org 2005/09/09 19:18:05
     [clientloop.c]
     typo; from mark at mcs.vuw.ac.nz, bug #1082
   - djm@@cvs.openbsd.org 2005/09/13 23:40:07
     [sshd.c ssh.c misc.h sftp.c ssh-keygen.c ssh-keysign.c sftp-server.c
     scp.c misc.c ssh-keyscan.c ssh-add.c ssh-agent.c]
     ensure that stdio fds are attached; ok deraadt@@
   - djm@@cvs.openbsd.org 2005/09/19 11:37:34
     [ssh_config.5 ssh.1]
     mention ability to specify bind_address for DynamicForward and -D options;
     bz#1077 spotted by Haruyama Seigo
   - djm@@cvs.openbsd.org 2005/09/19 11:47:09
     [sshd.c]
     stop connection abort on rekey with delayed compression enabled when
     post-auth privsep is disabled (e.g. when root is logged in); ok dtucker@@
   - djm@@cvs.openbsd.org 2005/09/19 11:48:10
     [gss-serv.c]
     typo
   - jmc@@cvs.openbsd.org 2005/09/19 15:38:27
     [ssh.1]
     some more .Bk/.Ek to avoid ugly line split;
   - jmc@@cvs.openbsd.org 2005/09/19 15:42:44
     [ssh.c]
     update -D usage here too;
   - djm@@cvs.openbsd.org 2005/09/19 23:31:31
     [ssh.1]
     spelling nit from stevesk@@
   - djm@@cvs.openbsd.org 2005/09/21 23:36:54
     [sshd_config.5]
     aquire -> acquire, from stevesk@@
   - djm@@cvs.openbsd.org 2005/09/21 23:37:11
     [sshd.c]
     change label at markus@@'s request
   - jaredy@@cvs.openbsd.org 2005/09/30 20:34:26
     [ssh-keyscan.1]
     deploy .An -nosplit; ok jmc
   - dtucker@@cvs.openbsd.org 2005/10/03 07:44:42
     [canohost.c]
     Relocate check_ip_options call to prevent logging of garbage for
     connections with IP options set.  bz#1092 from David Leonard,
     "looks good" deraadt@@
 - (dtucker) [regress/README.regress] Bug #989: Document limitation that scp
   is required in the system path for the multiplex test to work.

20050930
 - (dtucker) [openbsd-compat/openbsd-compat.h] Bug #1096: Add prototype
   for strtoll.  Patch from o.flebbe at science-computing.de.
 - (dtucker) [monitor.c] Bug #1087: Send loginmsg to preauth privsep
   child during PAM account check without clearing it.  This restores the
   post-login warnings such as LDAP password expiry.  Patch from Tomas Mraz
   with help from several others.

20050929
 - (dtucker) [monitor_wrap.c] Remove duplicate definition of loginmsg
   introduced during sync.

20050928
 - (dtucker) [entropy.c] Use u_char for receiving RNG seed for consistency.
 - (dtucker) [auth-pam.c] Bug #1028: send final non-query messages from
   PAM via keyboard-interactive.  Patch tested by the folks at Vintela.

20050927
 - (dtucker) [entropy.c] Remove unnecessary tests for getuid and geteuid
   calls, since they can't possibly fail.  ok djm@@
 - (dtucker) [entropy.c entropy.h sshd.c] Pass RNG seed to the reexec'ed
   process when sshd relies on ssh-random-helper.  Should result in faster
   logins on systems without a real random device or prngd.  ok djm@@

20050924
 - (dtucker) [auth2.c] Move start_pam() calls out of if-else block to remove
   duplicate call.  ok djm@@

20050922
 - (dtucker) [configure.ac] Use -R linker flag for libedit too; patch from
   skeleten at shillest.net.
 - (dtucker) [configure.ac] Fix help for --with-opensc; patch from skeleten at
   shillest.net.

20050919
 - (tim) [aclocal.m4 configure.ac] Delete acconfig.h and add templates to
   AC_DEFINE and AC_DEFINE_UNQUOTED to quiet autoconf 2.59 warning messages.
   ok dtucker@@

20050912
 - (tim) [configure.ac] Bug 1078. Fix --without-kerberos5. Reported by
   Mike Frysinger.

20050908
 - (tim) [defines.h openbsd-compat/port-uw.c] Add long password support to
   OpenServer 6 and add osr5bigcrypt support so when someone migrates
   passwords between UnixWare and OpenServer they will still work. OK dtucker@@

d2992 1
a2992 1
$Id: ChangeLog,v 1.4117.2.1 2006/02/01 11:33:14 djm Exp $
@


1.1.1.13
log
@Vendor import of OpenSSH 4.4p1.
@
text
@a0 1669
20060926
 - (dtucker) [bufaux.h] nuke bufaux.h; it's already gone from OpenBSD and not
   referenced any more.  ok djm@@
 - (dtucker) [sftp-server.8] Resync; spotted by djm@@

20060924
 - (tim) [configure.ac] Remove CFLAGS hack for UnixWare 1.x/2.x (added
   to rev 1.308) to work around broken gcc 2.x header file.

20060923
 - (dtucker) [configure.ac] Bug #1234: Put opensc libs into $LIBS rather than
   $LDFLAGS.  Patch from vapier at gentoo org.

20060922
 - (dtucker) [packet.c canohost.c] Include arpa/inet.h for htonl macros on
   some platforms (eg HP-UX 11.00).  From santhi.amirta at gmail com.

20060921
 - (dtucker) OpenBSD CVS Sync
   - otto@@cvs.openbsd.org 2006/09/19 05:52:23
     [sftp.c]
     Use S_IS* macros insted of masking with S_IF* flags. The latter may
     have multiple bits set, which lead to surprising results. Spotted by
     Paul Stoeber, more to come. ok millert@@ pedro@@ jaredy@@ djm@@
   - markus@@cvs.openbsd.org 2006/09/19 21:14:08
     [packet.c]
     client NULL deref on protocol error; Tavis Ormandy, Google Security Team
 - (dtucker) [defines.h] Include unistd.h before defining getpgrp; fixes
   build error on Ultrix.  From Bernhard Simon.

20060918
 - (dtucker) [configure.ac] On AIX, check to see if the compiler will allow
   macro redefinitions, and if not, remove "-qlanglvl=ansi" from the flags.
   Allows build out of the box with older VAC and XLC compilers.  Found by
   David Bronder and Bernhard Simon.
 - (dtucker) [openbsd-compat/port-aix.{c,h}] Reduce scope of includes.
   Prevents macro redefinition warnings of "RDONLY".

20060916
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2006/09/16 19:53:37
     [deattack.c deattack.h packet.c]
     limit maximum work performed by the CRC compensation attack detector,
     problem reported by Tavis Ormandy, Google Security Team;
     ok markus@@ deraadt@@
 - (djm) Add openssh.xml to .cvsignore and sort it
 - (dtucker) [auth-pam.c] Propogate TZ environment variable to PAM auth
   process so that any logging it does is with the right timezone.  From
   Scott Strickler, ok djm@@.
 - (dtucker) [monitor.c] Correctly handle auditing of single commands when
   using Protocol 1.  From jhb at freebsd.
 - (djm) [sshd.c] Fix warning/API abuse; ok dtucker@@
 - (dtucker) [INSTALL] Add info about audit support.

20060912
 - (djm) [Makefile.in buildpkg.sh.in configure.ac openssh.xml.in]
   Support SMF in Solaris Packages if enabled by configure. Patch from
   Chad Mynhier, tested by dtucker@@

20060911
 - (dtucker) [cipher-aes.c] Include string.h for memcpy and friends.  Noted
   by Pekka Savola.

20060910
 - (dtucker) [contrib/aix/buildbff.sh] Ensure that perl is available.
 - (dtucker) [configure.ac] Add -lcrypt to let DragonFly build OOTB.

20060909
 - (dtucker) [openbsd-compat/bsd-snprintf.c] Add stdarg.h.
 - (dtucker) [contrib/aix/buildbff.sh] Always create privsep user.
 - (dtucker) [buildpkg.sh.in] Always create privsep user.  ok djm@@

20060908
 - (dtucker) [auth-sia.c] Add includes required for build on Tru64.  Patch
   from Chris Adams.
 - (dtucker) [configure.ac] The BSM header test needs time.h in some cases.

20060907
 - (djm) [sshd.c auth.c] Set up fakepw() with privsep uid/gid, so it can
   be used to drop privilege to; fixes Solaris GSSAPI crash reported by
   Magnus Abrante; suggestion and feedback dtucker@@
   NB. this change will require that the privilege separation user must
   exist on all the time, not just when UsePrivilegeSeparation=yes
 - (tim) [configure.ac] s/BROKEN_UPDWTMP/BROKEN_UPDWTMPX/ on SCO OSR6
 - (dtucker) [loginrec.c] Wrap paths.h in HAVE_PATHS_H.
 - (dtucker) [regress/cfgmatch.sh] stop_client is racy, so give us a better
   chance of winning.

20060905
 - (dtucker) [configure.ac] s/AC_DEFINES/AC_DEFINE/ spotted by Roumen Petrov.
 - (dtucker) [loginrec.c] Include paths.h for _PATH_BTMP.

20060904
 - (dtucker) [configure.ac] Define BROKEN_UPDWTMP on SCO OSR6 as the native
   updwdtmp seems to generate invalid wtmp entries.  From Roger Cornelius,
   ok djm@@

20060903
 - (dtucker) [configure.ac openbsd-compat/openbsd-compat.h] Check for
   declaration of writev(2) and declare it ourselves if necessary.  Makes
   the atomiciov() calls build on really old systems.  ok djm@@

20060902
 - (dtucker) [openbsd-compat/port-irix.c] Add errno.h, found by Iain Morgan.
 - (dtucker) [ssh-keyscan.c ssh-rand-helper.c ssh.c sshconnect.c
   openbsd-compat/bindresvport.c openbsd-compat/getrrsetbyname.c
   openbsd-compat/port-tun.c openbsd-compat/rresvport.c] Include <arpa/inet.h>
   for hton* and ntoh* macros.  Required on (at least) HP-UX since we define
   _XOPEN_SOURCE_EXTENDED.  Found by santhi.amirta at gmail com.

20060901
 - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]
   [auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
   [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
   [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
   [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
   [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
   [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
   [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
   [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
   [sshconnect1.c sshconnect2.c sshd.c]
   [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
   [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
   [openbsd-compat/port-uw.c]
   Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
   compile problems reported by rac AT tenzing.org
 - (djm) [includes.h monitor.c openbsd-compat/bindresvport.c]
   [openbsd-compat/rresvport.c] Some more headers: netinet/in.h 
   sys/socket.h and unistd.h in various places
 - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Fix implict declaration
   warnings for binary_open and binary_close.  Patch from Corinna Vinschen.
 - (dtucker) [configure.ac includes.h openbsd-compat/glob.{c,h}] Explicitly
   test for GLOB_NOMATCH and use our glob functions if it's not found.
   Stops sftp from segfaulting when attempting to get a nonexistent file on
   Cygwin (previous versions of OpenSSH didn't use the native glob). Partly
   from and tested by Corinna Vinschen.
 - (dtucker) [README contrib/{caldera,redhat,suse}/openssh.spec]  Crank
   versions.

20060831
 - (djm) [CREDITS LICENCE Makefile.in auth.c configure.ac includes.h ]
   [platform.c platform.h sshd.c openbsd-compat/Makefile.in]
   [openbsd-compat/openbsd-compat.h openbsd-compat/port-solaris.c]
   [openbsd-compat/port-solaris.h] Add support for Solaris process
   contracts, enabled with --use-solaris-contracts. Patch from Chad
   Mynhier, tweaked by dtucker@@ and myself; ok dtucker@@
 - (dtucker) [contrib/cygwin/ssh-host-config] Add SeTcbPrivilege privilege
   while setting up the ssh service account.  Patch from Corinna Vinschen.

20060830
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2006/08/21 08:14:01
     [sshd_config.5]
     Document HostbasedUsesNameFromPacketOnly.  Corrections from jmc@@,
     ok jmc@@ djm@@
   - dtucker@@cvs.openbsd.org 2006/08/21 08:15:57
     [sshd.8]
     Add more detail about what permissions are and aren't accepted for
     authorized_keys files.  Corrections jmc@@, ok djm@@, "looks good" jmc@@
   - djm@@cvs.openbsd.org 2006/08/29 10:40:19
     [channels.c session.c]
     normalise some inconsistent (but harmless) NULL pointer checks
     spotted by the Stanford SATURN tool, via Isil Dillig;
     ok markus@@ deraadt@@
   - dtucker@@cvs.openbsd.org 2006/08/29 12:02:30
     [gss-genr.c]
     Work around a problem in Heimdal that occurs when KRB5CCNAME file is
     missing, by checking whether or not kerberos allocated us a context
     before attempting to free it.  Patch from Simon Wilkinson, tested by
     biorn@@, ok djm@@
   - dtucker@@cvs.openbsd.org 2006/08/30 00:06:51
     [sshconnect2.c]
     Fix regression where SSH2 banner is printed at loglevels ERROR and FATAL
     where previously it weren't.  bz #1221, found by Dean Kopesky, ok djm@@
   - djm@@cvs.openbsd.org 2006/08/30 00:14:37
     [version.h]
     crank to 4.4
 - (djm) [openbsd-compat/xcrypt.c] needs unistd.h
 - (dtucker) [auth.c openbsd-compat/port-aix.c] Bug #1207: always call
   loginsuccess on AIX immediately after authentication to clear the failed
   login count.  Previously this would only happen when an interactive
   session starts (ie when a pty is allocated) but this means that accounts
   that have primarily non-interactive sessions (eg scp's) may gradually
   accumulate enough failures to lock out an account.  This change may have
   a side effect of creating two audit records, one with a tty of "ssh"
   corresponding to the authentication and one with the allocated pty per
   interactive session.

20060824
 - (dtucker) [openbsd-compat/basename.c] Include errno.h.
 - (dtucker) [openbsd-compat/bsd-misc.c] Add includes needed for select(2) on
   older systems.
 - (dtucker) [openbsd-compat/bsd-misc.c] Include <sys/select.h> for select(2)
   on POSIX systems.
 - (dtucker) [openbsd-compat/bsd-openpty.c] Include for ioctl(2).
 - (dtucker) [openbsd-compat/rresvport.c] Include <stdlib.h> for malloc.
 - (dtucker) [openbsd-compat/xmmap.c] Move #define HAVE_MMAP to prevent
   unused variable warning when we have a broken or missing mmap(2).

20060822
 - (dtucker) [Makefile.in] Bug #1177: fix incorrect path for sshrc in
   Makefile.  Patch from santhi.amirta at gmail, ok djm.

20060820
 - (dtucker) [log.c] Move ifdef to prevent unused variable warning.
 - (dtucker) [configure.ac] Save $LIBS during PAM library tests and restore
   afterward.  Removes the need to mangle $LIBS later to remove -lpam and -ldl.
 - (dtucker) [configure.ac] Relocate --with-pam parts in preparation for
   fixing bug #1181.  No changes yet.
 - (dtucker) [configure.ac] Bug #1181: Explicitly test to see if OpenSSL
   (0.9.8a and presumably newer) requires -ldl to successfully link.
 - (dtucker) [configure.ac] Remove errant "-".

20060819
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2006/08/18 22:41:29
     [gss-genr.c]
     GSSAPI error code should be 0 and not -1; from simon@@sxw.org.uk
 - (dtucker) [openbsd-compat/regress/Makefile.in] Add $(EXEEXT) and add a
   single rule for the test progs.

20060818
 - (dtucker) [configure.ac openbsd-compat/bsd-closefrom.c] Resync with
   closefrom.c from sudo.
 - (dtucker) [openbsd-compat/bsd-closefrom.c] Comment out rcsid.
 - (dtucker) [openbsd-compat/regress/snprintftest.c] Newline on error.
 - (dtucker) [openbsd-compat/regress/Makefile.in] Use implicit rules for the
   test progs instead; they work better than what we have.
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2006/08/06 01:13:32
     [compress.c monitor.c monitor_wrap.c]
     "zlib.h" can be <zlib.h>; ok djm@@ markus@@
   - miod@@cvs.openbsd.org 2006/08/12 20:46:46
     [monitor.c monitor_wrap.c]
     Revert previous include file ordering change, for ssh to compile under
     gcc2 (or until openssl include files are cleaned of parameter names
     in function prototypes)
   - dtucker@@cvs.openbsd.org 2006/08/14 12:40:25
     [servconf.c servconf.h sshd_config.5]
     Add ability to match groups to Match keyword in sshd_config.  Feedback
     djm@@, stevesk@@, ok stevesk@@.
   - djm@@cvs.openbsd.org 2006/08/16 11:47:15
     [sshd.c]
     factor inetd connection, TCP listen and main TCP accept loop out of
     main() into separate functions to improve readability; ok markus@@
   - deraadt@@cvs.openbsd.org 2006/08/18 09:13:26
     [log.c log.h sshd.c]
     make signal handler termination path shorter; risky code pointed out by
     mark dowd; ok djm markus
   - markus@@cvs.openbsd.org 2006/08/18 09:15:20
     [auth.h session.c sshd.c]
     delay authentication related cleanups until we're authenticated and
     all alarms have been cancelled; ok deraadt
   - djm@@cvs.openbsd.org 2006/08/18 10:27:16
     [misc.h]
     reorder so prototypes are sorted by the files they refer to; no
     binary change
   - djm@@cvs.openbsd.org 2006/08/18 13:54:54
     [gss-genr.c ssh-gss.h sshconnect2.c]
     bz #1218 - disable SPNEGO as per RFC4462; diff from simon AT sxw.org.uk
     ok markus@@
   - djm@@cvs.openbsd.org 2006/08/18 14:40:34
     [gss-genr.c ssh-gss.h]
     constify host argument to match the rest of the GSSAPI functions and
     unbreak compilation with -Werror
 - (djm) Disable sigdie() for platforms that cannot safely syslog inside
   a signal handler (basically all of them, excepting OpenBSD);
   ok dtucker@@

20060817
 - (dtucker) [openbsd-compat/fake-rfc2553.c openbsd-compat/setproctitle.c]
   Include stdlib.h for malloc and friends.
 - (dtucker) [configure.ac openbsd-compat/bsd-closefrom.c] Use F_CLOSEM fcntl
   for closefrom() on AIX.  Pointed out by William Ahern.
 - (dtucker) [openbsd-compat/regress/{Makefile.in,closefromtest.c}] Regress
   test for closefrom() in compat code.

20060816
 - (djm) [audit-bsm.c] Sprinkle in some headers

20060815
 - (dtucker) [LICENCE] Add Reyk to the list for the compat dir.

20060806
 - (djm) [openbsd-compat/bsd-getpeereid.c] Add some headers to quiet warnings
   on Solaris 10

20060806
 - (dtucker) [defines.h] With the includes.h changes we no longer get the
   name clash on "YES" so we can remove the workaround for it.
 - (dtucker) [openbsd-compat/{bsd-asprintf.c,bsd-openpty.c,bsd-snprintf.c,
   glob.c}] Include stdlib.h for malloc and friends in compat code.

20060805
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2006/07/24 13:58:22
     [sshconnect.c]
     disable tunnel forwarding when no strict host key checking
     and key changed; ok djm@@ markus@@ dtucker@@
   - stevesk@@cvs.openbsd.org 2006/07/25 02:01:34
     [scard.c]
     need #include <string.h>
   - stevesk@@cvs.openbsd.org 2006/07/25 02:59:21
     [channels.c clientloop.c packet.c scp.c serverloop.c sftp-client.c]
     [sftp-server.c ssh-agent.c ssh-keyscan.c sshconnect.c sshd.c]
     move #include <sys/time.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/26 02:35:17
     [atomicio.c auth.c dh.c authfile.c buffer.c clientloop.c kex.c]
     [groupaccess.c gss-genr.c kexgexs.c misc.c monitor.c monitor_mm.c]
     [packet.c scp.c serverloop.c session.c sftp-client.c sftp-common.c]
     [sftp-server.c sftp.c ssh-add.c ssh-agent.c ssh-keygen.c sshlogin.c]
     [uidswap.c xmalloc.c]
     move #include <sys/param.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/26 13:57:17
     [authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c]
     [hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c]
     [scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c]
     [sshconnect1.c sshd.c xmalloc.c]
     move #include <stdlib.h> out of includes.h
   - jmc@@cvs.openbsd.org 2006/07/27 08:00:50
     [ssh_config.5]
     avoid confusing wording in HashKnownHosts:
     originally spotted by alan amesbury;
     ok deraadt
   - jmc@@cvs.openbsd.org 2006/07/27 08:00:50
     [ssh_config.5]
     avoid confusing wording in HashKnownHosts:
     originally spotted by alan amesbury;
     ok deraadt
   - dtucker@@cvs.openbsd.org 2006/08/01 11:34:36
     [sshconnect.c]
     Allow fallback to known_hosts entries without port qualifiers for
     non-standard ports too, so that all existing known_hosts entries will be
     recognised.  Requested by, feedback and ok markus@@
   - stevesk@@cvs.openbsd.org 2006/08/01 23:22:48
     [auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c]
     [auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c]
     [channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c]
     [kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c]
     [monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c]
     [servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c]
     [sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c]
     [uuencode.h xmalloc.c]
     move #include <stdio.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/08/01 23:36:12
     [authfile.c channels.c progressmeter.c scard.c servconf.c ssh.c]
     clean extra spaces
   - deraadt@@cvs.openbsd.org 2006/08/03 03:34:42
     [OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
     [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
     [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
     [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
     [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
     [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
     [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
     [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
     [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
     [serverloop.c session.c session.h sftp-client.c sftp-common.c]
     [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
     [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
     [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
     [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
     almost entirely get rid of the culture of ".h files that include .h files"
     ok djm, sort of ok stevesk
     makes the pain stop in one easy step
     NB. portable commit contains everything *except* removing includes.h, as
     that will take a fair bit more work as we move headers that are required
     for portability workarounds to defines.h. (also, this step wasn't "easy")
   - stevesk@@cvs.openbsd.org 2006/08/04 20:46:05
     [monitor.c session.c ssh-agent.c]
     spaces
 - (djm) [auth-pam.c defines.h] Move PAM related bits to auth-pam.c
 - (djm) [auth-pam.c auth.c bufaux.h entropy.c openbsd-compat/port-tun.c]
   remove last traces of bufaux.h - it was merged into buffer.h in the big
   includes.h commit
 - (djm) [auth.c loginrec.c] Missing netinet/in.h for loginrec
 - (djm) [openbsd-compat/regress/snprintftest.c]
   [openbsd-compat/regress/strduptest.c] Add missing includes so they pass
   compilation with "-Wall -Werror"
 - (djm) [auth-pam.c auth-shadow.c auth2-none.c cleanup.c sshd.c]
   [openbsd-compat/port-tun.c openbsd-compat/port-tun.h] Sprinkle more
   includes for Linux in
 - (dtucker) [cleanup.c] Need defines.h for __dead.
 - (dtucker) [auth2-gss.c] We still need the #ifdef GSSAPI in -portable.
 - (dtucker) [openbsd-compat/{bsd-arc4random.c,port-tun.c,xmmap.c}] Lots of
   #include stdarg.h, needed for log.h.
 - (dtucker) [entropy.c] Needs unistd.h too.
 - (dtucker) [ssh-rand-helper.c] Needs stdarg.h for log.h.
 - (dtucker) [openbsd-compat/getrrsetbyname.c] Nees stdlib.h for malloc.
 - (dtucker) [openbsd-compat/strtonum.c] Include stdlib.h for strtoll,
   otherwise it is implicitly declared as returning an int.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2006/08/05 07:52:52
     [auth2-none.c sshd.c monitor_wrap.c]
     Add headers required to build with KERBEROS5=no.  ok djm@@
   - dtucker@@cvs.openbsd.org 2006/08/05 08:00:33
     [auth-skey.c]
     Add headers required to build with -DSKEY.  ok djm@@
   - dtucker@@cvs.openbsd.org 2006/08/05 08:28:24
     [monitor_wrap.c auth-skey.c auth2-chall.c]
     Zap unused variables in -DSKEY code.  ok djm@@
   - dtucker@@cvs.openbsd.org 2006/08/05 08:34:04
     [packet.c]
     Typo in comment
 - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Add headers required to compile
   on Cygwin.
 - (dtucker) [openbsd-compat/fake-rfc2553.c] Add headers needed for inet_ntoa.
 - (dtucker) [auth-skey.c] monitor_wrap.h needs ssh-gss.h.
 - (dtucker) [audit.c audit.h] Repair headers.
 - (dtucker) [audit-bsm.c] Add additional headers now required.

20060804
 - (dtucker) [configure.ac] The "crippled AES" test does not work on recent
   versions of Solaris, so use AC_LINK_IFELSE to actually link the test program
   rather than just compiling it.  Spotted by dlg@@.

20060802
 - (dtucker) [openbsd-compat/daemon.c] Add unistd.h for fork() prototype.

20060725
 - (dtucker) [openbsd-compat/xmmap.c] Need fcntl.h for O_RDRW.

20060724
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2006/07/12 13:39:55
     [sshd_config.5]
      - new sentence, new line
      - s/The the/The/
      - kill a bad comma
   - stevesk@@cvs.openbsd.org 2006/07/12 22:28:52
     [auth-options.c canohost.c channels.c includes.h readconf.c]
     [servconf.c ssh-keyscan.c ssh.c sshconnect.c sshd.c]
     move #include <netdb.h> out of includes.h; ok djm@@
   - stevesk@@cvs.openbsd.org 2006/07/12 22:42:32
     [includes.h ssh.c ssh-rand-helper.c]
     move #include <stddef.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/14 01:15:28
     [monitor_wrap.h]
     don't need incompletely-typed 'struct passwd' now with
     #include <pwd.h>; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/07/17 01:31:10
     [authfd.c authfile.c channels.c cleanup.c clientloop.c groupaccess.c]
     [includes.h log.c misc.c msg.c packet.c progressmeter.c readconf.c]
     [readpass.c scp.c servconf.c sftp-client.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c]
     [sshconnect.c sshlogin.c sshpty.c uidswap.c]
     move #include <unistd.h> out of includes.h
   - dtucker@@cvs.openbsd.org 2006/07/17 12:02:24
     [auth-options.c]
     Use '\0' rather than 0 to terminates strings; ok djm@@
   - dtucker@@cvs.openbsd.org 2006/07/17 12:06:00
     [channels.c channels.h servconf.c sshd_config.5]
     Add PermitOpen directive to sshd_config which is equivalent to the
     "permitopen" key option.  Allows server admin to allow TCP port
     forwarding only two specific host/port pairs.  Useful when combined
     with Match.
     If permitopen is used in both sshd_config and a key option, both
     must allow a given connection before it will be permitted.
     Note that users can still use external forwarders such as netcat,
     so to be those must be controlled too for the limits to be effective.
     Feedback & ok djm@@, man page corrections & ok jmc@@.
   - jmc@@cvs.openbsd.org 2006/07/18 07:50:40
     [sshd_config.5]
     tweak; ok dtucker
   - jmc@@cvs.openbsd.org 2006/07/18 07:56:28
     [scp.1]
     replace DIAGNOSTICS with .Ex;
   - jmc@@cvs.openbsd.org 2006/07/18 08:03:09
     [ssh-agent.1 sshd_config.5]
     mark up angle brackets;
   - dtucker@@cvs.openbsd.org 2006/07/18 08:22:23
     [sshd_config.5]
     Clarify description of Match, with minor correction from jmc@@
   - stevesk@@cvs.openbsd.org 2006/07/18 22:27:55
     [dh.c]
     remove unneeded includes; ok djm@@
   - dtucker@@cvs.openbsd.org 2006/07/19 08:56:41
     [servconf.c sshd_config.5]
     Add support for X11Forwaring, X11DisplayOffset and X11UseLocalhost to
     Match.  ok djm@@
   - dtucker@@cvs.openbsd.org 2006/07/19 13:07:10
     [servconf.c servconf.h session.c sshd.8 sshd_config sshd_config.5]
     Add ForceCommand keyword to sshd_config, equivalent to the "command="
     key option, man page entry and example in sshd_config.
     Feedback & ok djm@@, man page corrections & ok jmc@@
   - stevesk@@cvs.openbsd.org 2006/07/20 15:26:15
     [auth1.c serverloop.c session.c sshconnect2.c]
     missed some needed #include <unistd.h> when KERBEROS5=no; issue from
     massimo@@cedoc.mo.it
   - dtucker@@cvs.openbsd.org 2006/07/21 12:43:36
     [channels.c channels.h servconf.c servconf.h sshd_config.5]
     Make PermitOpen take a list of permitted ports and act more like most
     other keywords (ie the first match is the effective setting). This
     also makes it easier to override a previously set PermitOpen. ok djm@@
   - stevesk@@cvs.openbsd.org 2006/07/21 21:13:30
     [channels.c]
     more ARGSUSED (lint) for dispatch table-driven functions; ok djm@@
   - stevesk@@cvs.openbsd.org 2006/07/21 21:26:55
     [progressmeter.c]
     ARGSUSED for signal handler
   - stevesk@@cvs.openbsd.org 2006/07/22 19:08:54
     [includes.h moduli.c progressmeter.c scp.c sftp-common.c]
     [sftp-server.c ssh-agent.c sshlogin.c]
     move #include <time.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/22 20:48:23
     [atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
     [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
     [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
     [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
     [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
     [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
     [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
     move #include <string.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/23 01:11:05
     [auth.h dispatch.c kex.h sftp-client.c]
     #include <signal.h> for sig_atomic_t; need this prior to <sys/param.h>
     move
 - (djm) [acss.c auth-krb5.c auth-options.c auth-pam.c auth-shadow.c]
   [canohost.c channels.c cipher-acss.c defines.h dns.c gss-genr.c]
   [gss-serv-krb5.c gss-serv.c log.h loginrec.c logintest.c readconf.c]
   [servconf.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c]
   [ssh.c sshconnect.c sshd.c openbsd-compat/bindresvport.c]
   [openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-misc.c]
   [openbsd-compat/getrrsetbyname.c openbsd-compat/glob.c]
   [openbsd-compat/mktemp.c openbsd-compat/port-linux.c]
   [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c]
   [openbsd-compat/setproctitle.c openbsd-compat/xmmap.c]
   make the portable tree compile again - sprinkle unistd.h and string.h 
   back in. Don't redefine __unused, as it turned out to be used in
   headers on Linux, and replace its use in auth-pam.c with ARGSUSED
 - (djm) [openbsd-compat/glob.c]
   Move get_arg_max() into the ifdef HAVE_GLOB block so that it compiles
   on OpenBSD (or other platforms with a decent glob implementation) with
   -Werror
 - (djm) [uuencode.c]
   Add resolv.h, is it contains the prototypes for __b64_ntop/__b64_pton on
   some platforms
 - (djm) [session.c]
   fix compile error with -Werror -Wall: 'path' is only used in
   do_setup_env() if HAVE_LOGIN_CAP is not defined
 - (djm) [openbsd-compat/basename.c openbsd-compat/bsd-closefrom.c]
   [openbsd-compat/bsd-cray.c openbsd-compat/bsd-openpty.c]
   [openbsd-compat/bsd-snprintf.c openbsd-compat/fake-rfc2553.c]
   [openbsd-compat/port-aix.c openbsd-compat/port-irix.c]
   [openbsd-compat/rresvport.c]
   These look to need string.h and/or unistd.h (based on a grep for function
   names)
 - (djm) [Makefile.in]
   Remove generated openbsd-compat/regress/Makefile in distclean target
 - (djm) [regress/Makefile regress/agent-getpeereid.sh regress/cfgmatch.sh]
   [regress/cipher-speed.sh regress/forcecommand.sh regress/forwarding.sh]
   Sync regress tests to -current; include dtucker@@'s new cfgmatch and 
   forcecommand tests. Add cipher-speed.sh test (not linked in yet)
 - (dtucker) [cleanup.c] Since config.h defines _LARGE_FILES on AIX, including
   system headers before defines.h will cause conflicting definitions.
 - (dtucker) [regress/forcecommand.sh] Portablize.

20060713
 - (dtucker) [auth-krb5.c auth-pam.c] Still more errno.h

20060712
 - (dtucker) [configure.ac defines.h] Only define SHUT_RD (and friends) and
   O_NONBLOCK if they're really needed.  Fixes build errors on HP-UX, old
   Linuxes and probably more.
 - (dtucker) [configure.ac] OpenBSD needs <sys/types.h> before <sys/socket.h>
   for SHUT_RD.
 - (dtucker) [openbsd-compat/port-tun.c] OpenBSD needs <netinet/in.h> before
   <netinet/ip.h>.
 - (dtucker) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2006/07/10 16:01:57
     [sftp-glob.c sftp-common.h sftp.c]
     buffer.h only needed in sftp-common.h and remove some unneeded
     user includes; ok djm@@
   - jmc@@cvs.openbsd.org 2006/07/10 16:04:21
     [sshd.8]
     s/and and/and/
   - stevesk@@cvs.openbsd.org 2006/07/10 16:37:36
     [readpass.c log.h scp.c fatal.c xmalloc.c includes.h ssh-keyscan.c misc.c
     auth.c packet.c log.c]
     move #include <stdarg.h> out of includes.h; ok markus@@
   - dtucker@@cvs.openbsd.org 2006/07/11 10:12:07
     [ssh.c]
     Only copy the part of environment variable that we actually use.  Prevents
     ssh bailing when SendEnv is used and an environment variable with a really
     long value exists.  ok djm@@
   - markus@@cvs.openbsd.org 2006/07/11 18:50:48
     [clientloop.c ssh.1 ssh.c channels.c ssh_config.5 readconf.h session.c
     channels.h readconf.c]
     add ExitOnForwardFailure: terminate the connection if ssh(1)
     cannot set up all requested dynamic, local, and remote port
     forwardings. ok djm, dtucker, stevesk, jmc
   - stevesk@@cvs.openbsd.org 2006/07/11 20:07:25
     [scp.c auth.c monitor.c serverloop.c sftp-server.c sshpty.c readpass.c
     sshd.c monitor_wrap.c monitor_fdpass.c ssh-agent.c ttymodes.c atomicio.c
     includes.h session.c sshlogin.c monitor_mm.c packet.c sshconnect2.c
     sftp-client.c nchan.c clientloop.c sftp.c misc.c canohost.c channels.c
     ssh-keygen.c progressmeter.c uidswap.c msg.c readconf.c sshconnect.c]
     move #include <errno.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/07/11 20:16:43
     [ssh.c]
     cast asterisk field precision argument to int to remove warning;
     ok markus@@
   - stevesk@@cvs.openbsd.org 2006/07/11 20:27:56
     [authfile.c ssh.c]
     need <errno.h> here also (it's also included in <openssl/err.h>)
   - dtucker@@cvs.openbsd.org 2006/07/12 11:34:58
     [sshd.c servconf.h servconf.c sshd_config.5 auth.c]
     Add support for conditional directives to sshd_config via a "Match"
     keyword, which works similarly to the "Host" directive in ssh_config.
     Lines after a Match line override the default set in the main section
     if the condition on the Match line is true, eg
     AllowTcpForwarding yes
     Match User anoncvs
             AllowTcpForwarding no
     will allow port forwarding by all users except "anoncvs".
     Currently only a very small subset of directives are supported.
     ok djm@@
 - (dtucker) [loginrec.c openbsd-compat/xmmap.c openbsd-compat/bindresvport.c
   openbsd-compat/glob.c openbsd-compat/mktemp.c openbsd-compat/port-tun.c
   openbsd-compat/readpassphrase.c openbsd-compat/strtonum.c] Include <errno.h>.
 - (dtucker) [openbsd-compat/setproctitle.c] Include stdarg.h.
 - (dtucker) [ssh-keyscan.c ssh-rand-helper.c] More errno.h here too.
 - (dtucker) [openbsd-compat/openbsd-compat.h] v*printf needs stdarg.h.
 - (dtucker) [openbsd-compat/bsd-asprintf.c openbsd-compat/port-aix.c
   openbsd-compat/rresvport.c] More errno.h.

20060711
 - (dtucker) [configure.ac ssh-keygen.c openbsd-compat/bsd-openpty.c
   openbsd-compat/daemon.c] Add includes needed by open(2).  Conditionally
   include paths.h.  Fixes build error on Solaris.
 - (dtucker) [entropy.c] More fcntl.h, this time on AIX (and probably
   others).

20060710
 - (dtucker) [INSTALL] New autoconf version: 2.60.
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2006/06/14 10:50:42
     [sshconnect.c]
     limit the number of pre-banner characters we will accept; ok markus@@
   - djm@@cvs.openbsd.org 2006/06/26 10:36:15
     [clientloop.c]
     mention optional bind_address in runtime port forwarding setup
     command-line help. patch from santhi.amirta AT gmail.com
   - stevesk@@cvs.openbsd.org 2006/07/02 17:12:58
     [ssh.1 ssh.c ssh_config.5 sshd_config.5]
     more details and clarity for tun(4) device forwarding; ok and help
     jmc@@
   - stevesk@@cvs.openbsd.org 2006/07/02 18:36:47
     [gss-serv-krb5.c gss-serv.c]
     no "servconf.h" needed here
     (gss-serv-krb5.c change not applied, portable needs the server options)
   - stevesk@@cvs.openbsd.org 2006/07/02 22:45:59
     [groupaccess.c groupaccess.h includes.h session.c sftp-common.c sshpty.c]
     move #include <grp.h> out of includes.h
     (portable needed uidswap.c too)
   - stevesk@@cvs.openbsd.org 2006/07/02 23:01:55
     [clientloop.c ssh.1]
     use -KR[bind_address:]port here; ok djm@@
   - stevesk@@cvs.openbsd.org 2006/07/03 08:54:20
     [includes.h ssh.c sshconnect.c sshd.c]
     move #include "version.h" out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/07/03 17:59:32
     [channels.c includes.h]
     move #include <arpa/inet.h> out of includes.h; old ok djm@@
     (portable needed session.c too)
   - stevesk@@cvs.openbsd.org 2006/07/05 02:42:09
     [canohost.c hostfile.c includes.h misc.c packet.c readconf.c]
     [serverloop.c sshconnect.c uuencode.c]
     move #include <netinet/in.h> out of includes.h; ok deraadt@@
     (also ssh-rand-helper.c logintest.c loginrec.c)
   - djm@@cvs.openbsd.org 2006/07/06 10:47:05
     [servconf.c servconf.h session.c sshd_config.5]
     support arguments to Subsystem commands; ok markus@@
   - djm@@cvs.openbsd.org 2006/07/06 10:47:57
     [sftp-server.8 sftp-server.c]
     add commandline options to enable logging of transactions; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/07/06 16:03:53
     [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c]
     [auth-rhosts.c auth-rsa.c auth.c auth.h auth2-hostbased.c]
     [auth2-pubkey.c auth2.c includes.h misc.c misc.h monitor.c]
     [monitor_wrap.c monitor_wrap.h scp.c serverloop.c session.c]
     [session.h sftp-common.c ssh-add.c ssh-keygen.c ssh-keysign.c]
     [ssh.c sshconnect.c sshconnect.h sshd.c sshpty.c sshpty.h uidswap.c]
     [uidswap.h]
     move #include <pwd.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/07/06 16:22:39
     [ssh-keygen.c]
     move #include "dns.h" up
   - stevesk@@cvs.openbsd.org 2006/07/06 17:36:37
     [monitor_wrap.h]
     typo in comment
   - stevesk@@cvs.openbsd.org 2006/07/08 21:47:12
     [authfd.c canohost.c clientloop.c dns.c dns.h includes.h]
     [monitor_fdpass.c nchan.c packet.c servconf.c sftp.c ssh-agent.c]
     [ssh-keyscan.c ssh.c sshconnect.h sshd.c sshlogin.h]
     move #include <sys/socket.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/08 21:48:53
     [monitor.c session.c]
     missed these from last commit:
     move #include <sys/socket.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/08 23:30:06
     [log.c]
     move user includes after /usr/include files
   - stevesk@@cvs.openbsd.org 2006/07/09 15:15:11
     [auth2-none.c authfd.c authfile.c includes.h misc.c monitor.c]
     [readpass.c scp.c serverloop.c sftp-client.c sftp-server.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     [sshlogin.c sshpty.c]
     move #include <fcntl.h> out of includes.h
   - stevesk@@cvs.openbsd.org 2006/07/09 15:27:59
     [ssh-add.c]
     use O_RDONLY vs. 0 in open(); no binary change
   - djm@@cvs.openbsd.org 2006/07/10 11:24:54
     [sftp-server.c]
     remove optind - it isn't used here
   - djm@@cvs.openbsd.org 2006/07/10 11:25:53
     [sftp-server.c]
     don't log variables that aren't yet set
 - (djm) [loginrec.c ssh-rand-helper.c sshd.c openbsd-compat/glob.c]
   [openbsd-compat/mktemp.c openbsd-compat/openbsd-compat.h]
   [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c]
   [openbsd-compat/xcrypt.c] Fix includes.h fallout, mainly fcntl.h
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2006/07/10 12:03:20
     [scp.c]
     duplicate argv at the start of main() because it gets modified later;
     pointed out by deraadt@@ ok markus@@
   - djm@@cvs.openbsd.org 2006/07/10 12:08:08
     [channels.c]
     fix misparsing of SOCKS 5 packets that could result in a crash;
     reported by mk@@ ok markus@@
   - dtucker@@cvs.openbsd.org 2006/07/10 12:46:51
     [misc.c misc.h sshd.8 sshconnect.c]
     Add port identifier to known_hosts for non-default ports, based originally
     on a patch from Devin Nate in bz#910.
     For any connection using the default port or using a HostKeyAlias the
     format is unchanged, otherwise the host name or address is enclosed
     within square brackets in the same format as sshd's ListenAddress.
     Tested by many, ok markus@@.
 - (dtucker) [openbsd-compat/openbsd-compat.h] Need to include <sys/socket.h>
   for struct sockaddr on platforms that use the fake-rfc stuff.

20060706
 - (dtucker) [configure.ac] Try AIX blibpath test in different order when
   compiling with gcc.  gcc 4.1.x will accept (but ignore) -b flags so
   configure would not select the correct libpath linker flags.
 - (dtucker) [INSTALL] A bit more info on autoconf.

20060705
 - (dtucker) [ssh-rand-helper.c] Don't exit if mkdir fails because the
   target already exists.

20060630
 - (dtucker) [openbsd-compat/openbsd-compat.h] SNPRINTF_CONST for snprintf
   declaration too.  Patch from russ at sludge.net.
 - (dtucker) [openbsd-compat/getrrsetbyname.c] Undef _res before defining it,
   prevents warnings on platforms where _res is in the system headers.
 - (dtucker) [INSTALL] Bug #1202: Note when autoconf is required and which
   version.

20060627
 - (dtucker) [configure.ac] Bug #1203: Add missing '[', which causes problems
   with autoconf 2.60.  Patch from vapier at gentoo.org.

20060625
 - (dtucker) [channels.c serverloop.c] Apply the bug #1102 workaround to ptys
   only, otherwise sshd can hang exiting non-interactive sessions.

20060624
 - (dtucker) [configure.ac] Bug #1193: Define PASSWD_NEEDS_USERNAME on Solaris.
   Works around limitation in Solaris' passwd program for changing passwords
   where the username is longer than 8 characters.  ok djm@@
 - (dtucker) [serverloop.c] Get ifdef/ifndef the right way around for the bug
   #1102 workaround.

20060623
 - (dtucker) [README.platform configure.ac openbsd-compat/port-tun.c] Add
   tunnel support for Mac OS X/Darwin via a third-party tun driver.  Patch
   from reyk@@, tested by anil@@
 - (dtucker) [channels.c configure.ac serverloop.c] Bug #1102: Around AIX
   4.3.3 ML3 or so, the AIX pty layer starting passing zero-length writes
   on the pty slave as zero-length reads on the pty master, which sshd
   interprets as the descriptor closing.  Since most things don't do zero
   length writes this rarely matters, but occasionally it happens, and when
   it does the SSH pty session appears to hang, so we add a special case for
   this condition.  ok djm@@

20060613
 - (djm) [getput.h] This file has been replaced by functions in misc.c
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2006/05/08 10:49:48
     [sshconnect2.c]
     uint32_t -> u_int32_t (which we use everywhere else)
     (Id sync only - portable already had this)
   - markus@@cvs.openbsd.org 2006/05/16 09:00:00
     [clientloop.c]
     missing free; from Kylene Hall
   - markus@@cvs.openbsd.org 2006/05/17 12:43:34
     [scp.c sftp.c ssh-agent.c ssh-keygen.c sshconnect.c]
     fix leak; coverity via Kylene Jo Hall
   - miod@@cvs.openbsd.org 2006/05/18 21:27:25
     [kexdhc.c kexgexc.c]
     paramter -> parameter
   - dtucker@@cvs.openbsd.org 2006/05/29 12:54:08
     [ssh_config.5]
     Add gssapi-with-mic to PreferredAuthentications default list; ok jmc
   - dtucker@@cvs.openbsd.org 2006/05/29 12:56:33
     [ssh_config]
     Add GSSAPIAuthentication and GSSAPIDelegateCredentials to examples in
     sample ssh_config.  ok markus@@
   - jmc@@cvs.openbsd.org 2006/05/29 16:10:03
     [ssh_config.5]
     oops - previous was too long; split the list of auths up
   - mk@@cvs.openbsd.org 2006/05/30 11:46:38
     [ssh-add.c]
     Sync usage() with man page and reality.
     ok deraadt dtucker
   - jmc@@cvs.openbsd.org 2006/05/29 16:13:23
     [ssh.1]
     add GSSAPI to the list of authentication methods supported;
   - mk@@cvs.openbsd.org 2006/05/30 11:46:38
     [ssh-add.c]
     Sync usage() with man page and reality.
     ok deraadt dtucker
   - markus@@cvs.openbsd.org 2006/06/01 09:21:48
     [sshd.c]
     call get_remote_ipaddr() early; fixes logging after client disconnects;
     report mpf@@; ok dtucker@@
   - markus@@cvs.openbsd.org 2006/06/06 10:20:20
     [readpass.c sshconnect.c sshconnect.h sshconnect2.c uidswap.c]
     replace remaining setuid() calls with permanently_set_uid() and
     check seteuid() return values; report Marcus Meissner; ok dtucker djm
   - markus@@cvs.openbsd.org 2006/06/08 14:45:49
     [readpass.c sshconnect.c sshconnect2.c uidswap.c uidswap.h]
     do not set the gid, noted by solar; ok djm
   - djm@@cvs.openbsd.org 2006/06/13 01:18:36
     [ssh-agent.c]
     always use a format string, even when printing a constant
   - djm@@cvs.openbsd.org 2006/06/13 02:17:07
     [ssh-agent.c]
     revert; i am on drugs. spotted by alexander AT beard.se

20060521
 - (dtucker) [auth.c monitor.c] Now that we don't log from both the monitor
   and slave, we can remove the special-case handling in the audit hook in
   auth_log.

20060517
 - (dtucker) [ssh-rand-helper.c] Check return code of mkdir and fix file
   pointer leak.  From kjhall at us.ibm.com, found by coverity.

20060515
 - (dtucker) [openbsd-compat/getrrsetbyname.c] Use _compat_res instead of
   _res, prevents problems on some platforms that have _res as a global but
   don't have getrrsetbyname(), eg IRIX 5.3.  Found and tested by
   georg.schwarz at freenet.de, ok djm@@.
 - (dtucker) [defines.h] Find a value for IOV_MAX or use a conservative
   default.  Patch originally from tim@@, ok djm
 - (dtucker) [auth-pam.c] Bug #1188: pass result of do_pam_account back and
   do not allow kbdint again after the PAM account check fails.  ok djm@@

20060506
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2006/04/25 08:02:27
     [authfile.c authfile.h sshconnect2.c ssh.c sshconnect1.c]
     Prevent ssh from trying to open private keys with bad permissions more than
     once or prompting for their passphrases (which it subsequently ignores
     anyway), similar to a previous change in ssh-add.  bz #1186, ok djm@@
   - djm@@cvs.openbsd.org 2006/05/04 14:55:23
     [dh.c]
     tighter DH exponent checks here too; feedback and ok markus@@
   - djm@@cvs.openbsd.org 2006/04/01 05:37:46
     [OVERVIEW]
     $OpenBSD$ in here too
   - dtucker@@cvs.openbsd.org 2006/05/06 08:35:40
     [auth-krb5.c]
     Add $OpenBSD$ in comment here too

20060504
 - (dtucker) [auth-pam.c groupaccess.c monitor.c monitor_wrap.c scard-opensc.c
   session.c ssh-rand-helper.c sshd.c openbsd-compat/bsd-cygwin_util.c
   openbsd-compat/setproctitle.c] Convert malloc(foo*bar) -> calloc(foo,bar)
   in Portable-only code; since calloc zeros, remove now-redundant memsets.
   Also add a couple of sanity checks.  With & ok djm@@

20060503
 - (dtucker) [packet.c] Remove in_systm.h since it's also in includes.h
   and double including it on IRIX 5.3 causes problems.  From Georg Schwarz,
   "no objections" tim@@

20060423
 - (djm) OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2006/04/01 05:42:20
     [scp.c]
     minimal lint cleanup (unused crud, and some size_t); ok djm
   - djm@@cvs.openbsd.org 2006/04/01 05:50:29
     [scp.c]
     xasprintification; ok deraadt@@
   - djm@@cvs.openbsd.org 2006/04/01 05:51:34
     [atomicio.c]
     ANSIfy; requested deraadt@@
   - dtucker@@cvs.openbsd.org 2006/04/02 08:34:52
     [ssh-keysign.c]
     sessionid can be 32 bytes now too when sha256 kex is used; ok djm@@
   - djm@@cvs.openbsd.org 2006/04/03 07:10:38
     [gss-genr.c]
     GSSAPI buffers shouldn't be nul-terminated, spotted in bugzilla #1066
     by dleonard AT vintela.com. use xasprintf() to simplify code while in
     there; "looks right" deraadt@@
   - djm@@cvs.openbsd.org 2006/04/16 00:48:52
     [buffer.c buffer.h channels.c]
     Fix condition where we could exit with a fatal error when an input
     buffer became too large and the remote end had advertised a big window.
     The problem was a mismatch in the backoff math between the channels code
     and the buffer code, so make a buffer_check_alloc() function that the
     channels code can use to propsectivly check whether an incremental
     allocation will succeed.  bz #1131, debugged with the assistance of
     cove AT wildpackets.com; ok dtucker@@ deraadt@@
   - djm@@cvs.openbsd.org 2006/04/16 00:52:55
     [atomicio.c atomicio.h]
     introduce atomiciov() function that wraps readv/writev to retry
     interrupted transfers like atomicio() does for read/write;
     feedback deraadt@@ dtucker@@ stevesk@@ ok deraadt@@
   - djm@@cvs.openbsd.org 2006/04/16 00:54:10
     [sftp-client.c]
     avoid making a tiny 4-byte write to send the packet length of sftp
     commands, which would result in a separate tiny packet on the wire by
     using atomiciov(writev, ...) to write the length and the command in one
     pass; ok deraadt@@
   - djm@@cvs.openbsd.org 2006/04/16 07:59:00
     [atomicio.c]
     reorder sanity test so that it cannot dereference past the end of the
     iov array; well spotted canacar@@!
   - dtucker@@cvs.openbsd.org 2006/04/18 10:44:28
     [bufaux.c bufbn.c Makefile.in]
     Move Buffer bignum functions into their own file, bufbn.c. This means
     that sftp and sftp-server (which use the Buffer functions in bufaux.c 
     but not the bignum ones) no longer need to be linked with libcrypto.
     ok markus@@
   - djm@@cvs.openbsd.org 2006/04/20 09:27:09
     [auth.h clientloop.c dispatch.c dispatch.h kex.h]
     replace the last non-sig_atomic_t flag used in a signal handler with a
     sig_atomic_t, unfortunately with some knock-on effects in other (non-
     signal) contexts in which it is used; ok markus@@
   - markus@@cvs.openbsd.org 2006/04/20 09:47:59
     [sshconnect.c]
     simplify; ok djm@@
   - djm@@cvs.openbsd.org 2006/04/20 21:53:44
     [includes.h session.c sftp.c]
     Switch from using pipes to socketpairs for communication between
     sftp/scp and ssh, and between sshd and its subprocesses. This saves
     a file descriptor per session and apparently makes userland ppp over
     ssh work; ok markus@@ deraadt@@ (ID Sync only - portable makes this
     decision on a per-platform basis)
   - djm@@cvs.openbsd.org 2006/04/22 04:06:51
     [uidswap.c]
     use setres[ug]id() to permanently revoke privileges; ok deraadt@@
     (ID Sync only - portable already uses setres[ug]id() whenever possible)
   - stevesk@@cvs.openbsd.org 2006/04/22 18:29:33
     [crc32.c]
     remove extra spaces
 - (djm) [auth.h dispatch.h kex.h] sprinkle in signal.h to get
   sig_atomic_t

20060421
 - (djm) [Makefile.in configure.ac session.c sshpty.c]
   [contrib/redhat/sshd.init openbsd-compat/Makefile.in]
   [openbsd-compat/openbsd-compat.h openbsd-compat/port-linux.c]
   [openbsd-compat/port-linux.h] Add support for SELinux, setting 
   the execution and TTY contexts. based on patch from Daniel Walsh,
   bz #880; ok dtucker@@

20060418
 - (djm) [canohost.c] Reorder IP options check so that it isn't broken
   by mapped addresses; bz #1179 reported by markw wtech-llc.com;
   ok dtucker@@

20060331
 - OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2006/03/27 01:21:18
     [xmalloc.c]
     we can do the size & nmemb check before the integer overflow check; 
     evol
   - deraadt@@cvs.openbsd.org 2006/03/27 13:03:54
     [dh.c]
     use strtonum() instead of atoi(), limit dhg size to 64k; ok djm
   - djm@@cvs.openbsd.org 2006/03/27 23:15:46
     [sftp.c]
     always use a format string for addargs; spotted by mouring@@
   - deraadt@@cvs.openbsd.org 2006/03/28 00:12:31
     [README.tun ssh.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/28 01:52:28
     [channels.c]
     do not accept unreasonable X ports numbers; ok djm
   - deraadt@@cvs.openbsd.org 2006/03/28 01:53:43
     [ssh-agent.c]
     use strtonum() to parse the pid from the file, and range check it
     better; ok djm
   - djm@@cvs.openbsd.org 2006/03/30 09:41:25
     [channels.c]
     ARGSUSED for dispatch table-driven functions
   - djm@@cvs.openbsd.org 2006/03/30 09:58:16
     [authfd.c bufaux.c deattack.c gss-serv.c mac.c misc.c misc.h]
     [monitor_wrap.c msg.c packet.c sftp-client.c sftp-server.c ssh-agent.c]
     replace {GET,PUT}_XXBIT macros with functionally similar functions,
     silencing a heap of lint warnings. also allows them to use
     __bounded__ checking which can't be applied to macros; requested
     by and feedback from deraadt@@
   - djm@@cvs.openbsd.org 2006/03/30 10:41:25
     [ssh.c ssh_config.5]
     add percent escape chars to the IdentityFile option, bz #1159 based
     on a patch by imaging AT math.ualberta.ca; feedback and ok dtucker@@
   - dtucker@@cvs.openbsd.org 2006/03/30 11:05:17
     [ssh-keygen.c]
     Correctly handle truncated files while converting keys; ok djm@@
   - dtucker@@cvs.openbsd.org 2006/03/30 11:40:21
     [auth.c monitor.c]
     Prevent duplicate log messages when privsep=yes; ok djm@@
   - jmc@@cvs.openbsd.org 2006/03/31 09:09:30
     [ssh_config.5]
     kill trailing whitespace;
   - djm@@cvs.openbsd.org 2006/03/31 09:13:56
     [ssh_config.5]
     remote user escape is %r not %h; spotted by jmc@@

20060326
 - OpenBSD CVS Sync
   - jakob@@cvs.openbsd.org 2006/03/15 08:46:44
     [ssh-keygen.c]
     if no key file are given when printing the DNS host record, use the
     host key file(s) as default. ok djm@@
   - biorn@@cvs.openbsd.org 2006/03/16 10:31:45
     [scp.c]
     Try to display errormessage even if remout == -1
     ok djm@@, markus@@
   - djm@@cvs.openbsd.org 2006/03/17 22:31:50
     [authfd.c]
     another unreachable found by lint
   - djm@@cvs.openbsd.org 2006/03/17 22:31:11
     [authfd.c]
     unreachanble statement, found by lint
   - djm@@cvs.openbsd.org 2006/03/19 02:22:32
     [serverloop.c]
     memory leaks detected by Coverity via elad AT netbsd.org;
     ok deraadt@@ dtucker@@
   - djm@@cvs.openbsd.org 2006/03/19 02:22:56
     [sftp.c]
     more memory leaks detected by Coverity via elad AT netbsd.org;
     deraadt@@ ok
   - djm@@cvs.openbsd.org 2006/03/19 02:23:26
     [hostfile.c]
     FILE* leak detected by Coverity via elad AT netbsd.org;
     ok deraadt@@
   - djm@@cvs.openbsd.org 2006/03/19 02:24:05
     [dh.c readconf.c servconf.c]
     potential NULL pointer dereferences detected by Coverity
     via elad AT netbsd.org; ok deraadt@@
   - djm@@cvs.openbsd.org 2006/03/19 07:41:30
     [sshconnect2.c]
     memory leaks detected by Coverity via elad AT netbsd.org;
     deraadt@@ ok
   - dtucker@@cvs.openbsd.org 2006/03/19 11:51:52
     [servconf.c]
     Correct strdelim null test; ok djm@@
   - deraadt@@cvs.openbsd.org 2006/03/19 18:52:11
     [auth1.c authfd.c channels.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/19 18:53:12
     [kex.c kex.h monitor.c myproposal.h session.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/19 18:56:41
     [clientloop.c progressmeter.c serverloop.c sshd.c]
     ARGSUSED for signal handlers
   - deraadt@@cvs.openbsd.org 2006/03/19 18:59:49
     [ssh-keyscan.c]
     please lint
   - deraadt@@cvs.openbsd.org 2006/03/19 18:59:30
     [ssh.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/19 18:59:09
     [authfile.c]
     whoever thought that break after return was a good idea needs to
     get their head examimed
   - djm@@cvs.openbsd.org 2006/03/20 04:09:44
     [monitor.c]
     memory leaks detected by Coverity via elad AT netbsd.org;
     deraadt@@ ok
     that should be all of them now
   - djm@@cvs.openbsd.org 2006/03/20 11:38:46
     [key.c]
     (really) last of the Coverity diffs: avoid possible NULL deref in
     key_free. via elad AT netbsd.org; markus@@ ok
   - deraadt@@cvs.openbsd.org 2006/03/20 17:10:19
     [auth.c key.c misc.c packet.c ssh-add.c]
     in a switch (), break after return or goto is stupid
   - deraadt@@cvs.openbsd.org 2006/03/20 17:13:16
     [key.c]
     djm did a typo
   - deraadt@@cvs.openbsd.org 2006/03/20 17:17:23
     [ssh-rsa.c]
     in a switch (), break after return or goto is stupid
   - deraadt@@cvs.openbsd.org 2006/03/20 18:14:02
     [channels.c clientloop.c monitor_wrap.c monitor_wrap.h serverloop.c]
     [ssh.c sshpty.c sshpty.h]
     sprinkle u_int throughout pty subsystem, ok markus
   - deraadt@@cvs.openbsd.org 2006/03/20 18:17:20
     [auth1.c auth2.c sshd.c]
     sprinkle some ARGSUSED for table driven functions (which sometimes 
     must ignore their args)
   - deraadt@@cvs.openbsd.org 2006/03/20 18:26:55
     [channels.c monitor.c session.c session.h ssh-agent.c ssh-keygen.c]
     [ssh-rsa.c ssh.c sshlogin.c]
     annoying spacing fixes getting in the way of real diffs
   - deraadt@@cvs.openbsd.org 2006/03/20 18:27:50
     [monitor.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/20 18:35:12
     [channels.c]
     x11_fake_data is only ever used as u_char *
   - deraadt@@cvs.openbsd.org 2006/03/20 18:41:43
     [dns.c]
     cast xstrdup to propert u_char *
   - deraadt@@cvs.openbsd.org 2006/03/20 18:42:27
     [canohost.c match.c ssh.c sshconnect.c]
     be strict with tolower() casting
   - deraadt@@cvs.openbsd.org 2006/03/20 18:48:34
     [channels.c fatal.c kex.c packet.c serverloop.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/20 21:11:53
     [ttymodes.c]
     spacing
   - djm@@cvs.openbsd.org 2006/03/25 00:05:41
     [auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
     [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
     [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
     [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
     [xmalloc.c xmalloc.h]
     introduce xcalloc() and xasprintf() failure-checked allocations 
     functions and use them throughout openssh

     xcalloc is particularly important because malloc(nmemb * size) is a
     dangerous idiom (subject to integer overflow) and it is time for it 
     to die

     feedback and ok deraadt@@
   - djm@@cvs.openbsd.org 2006/03/25 01:13:23
     [buffer.c channels.c deattack.c misc.c scp.c session.c sftp-client.c]
     [sftp-server.c ssh-agent.c ssh-rsa.c xmalloc.c xmalloc.h auth-pam.c]
     [uidswap.c]
     change OpenSSH's xrealloc() function from being xrealloc(p, new_size)
     to xrealloc(p, new_nmemb, new_itemsize).

     realloc is particularly prone to integer overflows because it is
     almost always allocating "n * size" bytes, so this is a far safer 
     API; ok deraadt@@
   - djm@@cvs.openbsd.org 2006/03/25 01:30:23
     [sftp.c]
     "abormally" is a perfectly cromulent word, but "abnormally" is better
   - djm@@cvs.openbsd.org 2006/03/25 13:17:03
     [atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
     [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
     [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
     [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
     [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
     [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
     [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
     [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
     [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c]
     Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
     Theo nuked - our scripts to sync -portable need them in the files
   - deraadt@@cvs.openbsd.org 2006/03/25 18:29:35
     [auth-rsa.c authfd.c packet.c]
     needed casts (always will be needed)
   - deraadt@@cvs.openbsd.org 2006/03/25 18:30:55
     [clientloop.c serverloop.c]
     spacing
   - deraadt@@cvs.openbsd.org 2006/03/25 18:36:15
     [sshlogin.c sshlogin.h]
     nicer size_t and time_t types
   - deraadt@@cvs.openbsd.org 2006/03/25 18:40:14
     [ssh-keygen.c]
     cast strtonum() result to right type
   - deraadt@@cvs.openbsd.org 2006/03/25 18:41:45
     [ssh-agent.c]
     mark two more signal handlers ARGSUSED
   - deraadt@@cvs.openbsd.org 2006/03/25 18:43:30
     [channels.c]
     use strtonum() instead of atoi() [limit X screens to 400, sorry]
   - deraadt@@cvs.openbsd.org 2006/03/25 18:56:55
     [bufaux.c channels.c packet.c]
     remove (char *) casts to a function that accepts void * for the arg
   - deraadt@@cvs.openbsd.org 2006/03/25 18:58:10
     [channels.c]
     delete cast not required
   - djm@@cvs.openbsd.org 2006/03/25 22:22:43
     [atomicio.h auth-options.h auth.h auth2-gss.c authfd.h authfile.h]
     [bufaux.h buffer.h canohost.h channels.h cipher.h clientloop.h]
     [compat.h compress.h crc32.c crc32.h deattack.h dh.h dispatch.h]
     [dns.c dns.h getput.h groupaccess.h gss-genr.c gss-serv-krb5.c]
     [gss-serv.c hostfile.h includes.h kex.h key.h log.h mac.h match.h]
     [misc.h monitor.h monitor_fdpass.h monitor_mm.h monitor_wrap.h msg.h]
     [myproposal.h packet.h pathnames.h progressmeter.h readconf.h rsa.h]
     [scard.h servconf.h serverloop.h session.h sftp-common.h sftp.h]
     [ssh-gss.h ssh.h ssh1.h ssh2.h sshconnect.h sshlogin.h sshpty.h]
     [ttymodes.h uidswap.h uuencode.h xmalloc.h]
     standardise spacing in $OpenBSD$ tags; requested by deraadt@@
   - deraadt@@cvs.openbsd.org 2006/03/26 01:31:48
     [uuencode.c]
     typo

20060325
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2006/03/16 04:24:42
     [ssh.1]
     Add RFC4419 (Diffie-Hellman group exchange KEX) to the list of SSH RFCs
     that OpenSSH supports
   - deraadt@@cvs.openbsd.org 2006/03/19 18:51:18
     [atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
     [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
     [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
     [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
     [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
     [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
     [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
     [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
     [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
     [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
     [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
     [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
     [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
     [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
     [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
     [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
     RCSID() can die
   - deraadt@@cvs.openbsd.org 2006/03/19 18:53:12
     [kex.h myproposal.h]
     spacing
   - djm@@cvs.openbsd.org 2006/03/20 04:07:22
     [auth2-gss.c]
     GSSAPI related leaks detected by Coverity via elad AT netbsd.org;
     reviewed by simon AT sxw.org.uk; deraadt@@ ok
   - djm@@cvs.openbsd.org 2006/03/20 04:07:49
     [gss-genr.c]
     more GSSAPI related leaks detected by Coverity via elad AT netbsd.org;
     reviewed by simon AT sxw.org.uk; deraadt@@ ok
   - djm@@cvs.openbsd.org 2006/03/20 04:08:18
     [gss-serv.c]
     last lot of GSSAPI related leaks detected by Coverity via
     elad AT netbsd.org; reviewed by simon AT sxw.org.uk; deraadt@@ ok
   - deraadt@@cvs.openbsd.org 2006/03/20 18:14:02
     [monitor_wrap.h sshpty.h]
     sprinkle u_int throughout pty subsystem, ok markus
   - deraadt@@cvs.openbsd.org 2006/03/20 18:26:55
     [session.h]
     annoying spacing fixes getting in the way of real diffs
   - deraadt@@cvs.openbsd.org 2006/03/20 18:41:43
     [dns.c]
     cast xstrdup to propert u_char *
   - jakob@@cvs.openbsd.org 2006/03/22 21:16:24
     [ssh.1]
     simplify SSHFP example; ok jmc@@
   - djm@@cvs.openbsd.org 2006/03/22 21:27:15
     [deattack.c deattack.h]
     remove IV support from the CRC attack detector, OpenSSH has never used
     it - it only applied to IDEA-CFB, which we don't support.
     prompted by NetBSD Coverity report via elad AT netbsd.org;
     feedback markus@@ "nuke it" deraadt@@

20060318
 - (djm) [auth-pam.c] Fix memleak in error path, from Coverity via
   elad AT NetBSD.org
 - (dtucker) [openbsd-compat/bsd-snprintf.c] Bug #1173: make fmtint() take
   a LLONG rather than a long.  Fixes scp'ing of large files on platforms
   with missing/broken snprintfs.  Patch from e.borovac at bom.gov.au.

20060316
 - (dtucker) [entropy.c] Add headers for WIFEXITED and friends.
 - (dtucker) [configure.ac md-sha256.c] NetBSD has sha2.h in
   /usr/include/crypto.  Hint from djm@@.
 - (tim) [kex.c myproposal.h md-sha256.c openbsd-compat/sha2.c,h]
   Disable sha256 when openssl < 0.9.7. Patch from djm@@.
 - (djm) [kex.c] Slightly more clean deactivation of dhgex-sha256 on old
   OpenSSL; ok tim

20060315
 - (djm) OpenBSD CVS Sync:
   - msf@@cvs.openbsd.org 2006/02/06 15:54:07
     [ssh.1]
     - typo fix
     ok jmc@@
   - jmc@@cvs.openbsd.org 2006/02/06 21:44:47
     [ssh.1]
     make this a little less ambiguous...
   - stevesk@@cvs.openbsd.org 2006/02/07 01:08:04
     [auth-rhosts.c includes.h]
     move #include <netgroup.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/07 01:18:09
     [includes.h ssh-agent.c ssh-keyscan.c sshconnect2.c]
     move #include <sys/queue.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/07 01:42:00
     [channels.c clientloop.c clientloop.h includes.h packet.h]
     [serverloop.c sshpty.c sshpty.h sshtty.c ttymodes.c]
     move #include <termios.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/07 01:52:50
     [sshtty.c]
     "log.h" not needed
   - stevesk@@cvs.openbsd.org 2006/02/07 03:47:05
     [hostfile.c]
     "packet.h" not needed
   - stevesk@@cvs.openbsd.org 2006/02/07 03:59:20
     [deattack.c]
     duplicate #include
   - stevesk@@cvs.openbsd.org 2006/02/08 12:15:27
     [auth.c clientloop.c includes.h misc.c monitor.c readpass.c]
     [session.c sftp.c ssh-agent.c ssh-keysign.c ssh.c sshconnect.c]
     [sshd.c sshpty.c]
     move #include <paths.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/08 12:32:49
     [includes.h misc.c]
     move #include <netinet/tcp.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/08 13:15:44
     [gss-serv.c monitor.c]
     small KNF
   - stevesk@@cvs.openbsd.org 2006/02/08 14:16:59
     [sshconnect.c]
     <openssl/bn.h> not needed
   - stevesk@@cvs.openbsd.org 2006/02/08 14:31:30
     [includes.h ssh-agent.c ssh-keyscan.c ssh.c]
     move #include <sys/resource.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/08 14:38:18
     [includes.h packet.c]
     move #include <netinet/in_systm.h> and <netinet/ip.h> out of
     includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/08 23:51:24
     [includes.h scp.c sftp-glob.c sftp-server.c]
     move #include <dirent.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/09 00:32:07
     [includes.h]
     #include <sys/endian.h> not needed; ok djm@@
     NB. ID Sync only - we still need this (but it may move later)
   - jmc@@cvs.openbsd.org 2006/02/09 10:10:47
     [sshd.8]
     - move some text into a CAVEATS section
     - merge the COMMAND EXECUTION... section into AUTHENTICATION
   - stevesk@@cvs.openbsd.org 2006/02/10 00:27:13
     [channels.c clientloop.c includes.h misc.c progressmeter.c sftp.c]
     [ssh.c sshd.c sshpty.c]
     move #include <sys/ioctl.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/10 01:44:27
     [includes.h monitor.c readpass.c scp.c serverloop.c session.c]
     [sftp.c sshconnect.c sshconnect2.c sshd.c]
     move #include <sys/wait.h> out of includes.h; ok markus@@
   - otto@@cvs.openbsd.org 2006/02/11 19:31:18
     [atomicio.c]
     type correctness; from Ray Lai in PR 5011; ok millert@@
   - djm@@cvs.openbsd.org 2006/02/12 06:45:34
     [ssh.c ssh_config.5]
     add a %l expansion code to the ControlPath, which is filled in with the
     local hostname at runtime. Requested by henning@@ to avoid some problems
     with /home on NFS; ok dtucker@@
   - djm@@cvs.openbsd.org 2006/02/12 10:44:18
     [readconf.c]
     raise error when the user specifies a RekeyLimit that is smaller than 16
     (the smallest of our cipher's blocksize) or big enough to cause integer
     wraparound; ok & feedback dtucker@@
   - jmc@@cvs.openbsd.org 2006/02/12 10:49:44
     [ssh_config.5]
     slight rewording; ok djm
   - jmc@@cvs.openbsd.org 2006/02/12 10:52:41
     [sshd.8]
     rework the description of authorized_keys a little;
   - jmc@@cvs.openbsd.org 2006/02/12 17:57:19
     [sshd.8]
     sort the list of options permissable w/ authorized_keys;
     ok djm dtucker
   - jmc@@cvs.openbsd.org 2006/02/13 10:16:39
     [sshd.8]
     no need to subsection the authorized_keys examples - instead, convert
     this to look like an actual file. also use proto 2 keys, and use IETF
     example addresses;
   - jmc@@cvs.openbsd.org 2006/02/13 10:21:25
     [sshd.8]
     small tweaks for the ssh_known_hosts section;
   - jmc@@cvs.openbsd.org 2006/02/13 11:02:26
     [sshd.8]
     turn this into an example ssh_known_hosts file; ok djm
   - jmc@@cvs.openbsd.org 2006/02/13 11:08:43
     [sshd.8]
     - avoid nasty line split
     - `*' does not need to be escaped
   - jmc@@cvs.openbsd.org 2006/02/13 11:27:25
     [sshd.8]
     sort FILES and use a -compact list;
   - david@@cvs.openbsd.org 2006/02/15 05:08:24
     [sftp-client.c]
     typo in comment; ok djm@@
   - jmc@@cvs.openbsd.org 2006/02/15 16:53:20
     [ssh.1]
     remove the IETF draft references and replace them with some updated RFCs;
   - jmc@@cvs.openbsd.org 2006/02/15 16:55:33
     [sshd.8]
     remove ietf draft references; RFC list now maintained in ssh.1;
   - jmc@@cvs.openbsd.org 2006/02/16 09:05:34
     [sshd.8]
     sync some of the FILES entries w/ ssh.1;
   - jmc@@cvs.openbsd.org 2006/02/19 19:52:10
     [sshd.8]
     move the sshrc stuff out of FILES, and into its own section:
     FILES is not a good place to document how stuff works;
   - jmc@@cvs.openbsd.org 2006/02/19 20:02:17
     [sshd.8]
     sync the (s)hosts.equiv FILES entries w/ those from ssh.1;
   - jmc@@cvs.openbsd.org 2006/02/19 20:05:00
     [sshd.8]
     grammar;
   - jmc@@cvs.openbsd.org 2006/02/19 20:12:25
     [ssh_config.5]
     add some vertical space;
   - stevesk@@cvs.openbsd.org 2006/02/20 16:36:15
     [authfd.c channels.c includes.h session.c ssh-agent.c ssh.c]
     move #include <sys/un.h> out of includes.h; ok djm@@
   - stevesk@@cvs.openbsd.org 2006/02/20 17:02:44
     [clientloop.c includes.h monitor.c progressmeter.c scp.c]
     [serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
     move #include <signal.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/20 17:19:54
     [auth-rhosts.c auth-rsa.c auth.c auth2-none.c auth2-pubkey.c]
     [authfile.c clientloop.c includes.h readconf.c scp.c session.c]
     [sftp-client.c sftp-common.c sftp-common.h sftp-glob.c]
     [sftp-server.c sftp.c ssh-add.c ssh-keygen.c ssh.c sshconnect.c]
     [sshconnect2.c sshd.c sshpty.c]
     move #include <sys/stat.h> out of includes.h; ok markus@@
   - stevesk@@cvs.openbsd.org 2006/02/22 00:04:45
     [canohost.c clientloop.c includes.h match.c readconf.c scp.c ssh.c]
     [sshconnect.c]
     move #include <ctype.h> out of includes.h; ok djm@@
   - jmc@@cvs.openbsd.org 2006/02/24 10:25:14
     [ssh_config.5]
     add section on patterns;
     from dtucker + myself
   - jmc@@cvs.openbsd.org 2006/02/24 10:33:54
     [sshd_config.5]
     signpost to PATTERNS;
   - jmc@@cvs.openbsd.org 2006/02/24 10:37:07
     [ssh_config.5]
     tidy up the refs to PATTERNS;
   - jmc@@cvs.openbsd.org 2006/02/24 10:39:52
     [sshd.8]
     signpost to PATTERNS section;
   - jmc@@cvs.openbsd.org 2006/02/24 20:22:16
     [ssh-keysign.8 ssh_config.5 sshd_config.5]
     some consistency fixes;
   - jmc@@cvs.openbsd.org 2006/02/24 20:31:31
     [ssh.1 ssh_config.5 sshd.8 sshd_config.5]
     more consistency fixes;
   - jmc@@cvs.openbsd.org 2006/02/24 23:20:07
     [ssh_config.5]
     some grammar/wording fixes;
   - jmc@@cvs.openbsd.org 2006/02/24 23:43:57
     [sshd_config.5]
     some grammar/wording fixes;
   - jmc@@cvs.openbsd.org 2006/02/24 23:51:17
     [sshd_config.5]
     oops - bits i missed;
   - jmc@@cvs.openbsd.org 2006/02/25 12:26:17
     [ssh_config.5]
     document the possible values for KbdInteractiveDevices;
     help/ok dtucker
   - jmc@@cvs.openbsd.org 2006/02/25 12:28:34
     [sshd_config.5]
     document the order in which allow/deny directives are processed;
     help/ok dtucker
   - jmc@@cvs.openbsd.org 2006/02/26 17:17:18
     [ssh_config.5]
     move PATTERNS to the end of the main body; requested by dtucker
   - jmc@@cvs.openbsd.org 2006/02/26 18:01:13
     [sshd_config.5]
     subsection is pointless here;
   - jmc@@cvs.openbsd.org 2006/02/26 18:03:10
     [ssh_config.5]
     comma;
   - djm@@cvs.openbsd.org 2006/02/28 01:10:21
     [session.c]
     fix logout recording when privilege separation is disabled, analysis and
     patch from vinschen at redhat.com; tested by dtucker@@ ok deraadt@@
     NB. ID sync only - patch already in portable
   - djm@@cvs.openbsd.org 2006/03/04 04:12:58
     [serverloop.c]
     move a debug() outside of a signal handler; ok markus@@ a little while back
   - djm@@cvs.openbsd.org 2006/03/12 04:23:07
     [ssh.c]
     knf nit
   - djm@@cvs.openbsd.org 2006/03/13 08:16:00
     [sshd.c]
     don't log that we are listening on a socket before the listen() call
     actually succeeds, bz #1162 reported by Senthil Kumar; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2006/03/13 08:33:00
     [packet.c]
     Set TCP_NODELAY for all connections not just "interactive" ones.  Fixes
     poor performance and protocol stalls under some network conditions (mindrot
     bugs #556 and #981). Patch originally from markus@@, ok djm@@
   - dtucker@@cvs.openbsd.org 2006/03/13 08:43:16
     [ssh-keygen.c]
     Make ssh-keygen handle CR and CRLF line termination when converting IETF
     format keys, in adition to vanilla LF.  mindrot #1157, tested by Chris
     Pepper, ok djm@@
   - dtucker@@cvs.openbsd.org 2006/03/13 10:14:29
     [misc.c ssh_config.5 sshd_config.5]
     Allow config directives to contain whitespace by surrounding them by double
     quotes.  mindrot #482, man page help from jmc@@, ok djm@@
   - dtucker@@cvs.openbsd.org 2006/03/13 10:26:52
     [authfile.c authfile.h ssh-add.c]
     Make ssh-add check file permissions before attempting to load private
     key files multiple times; it will fail anyway and this prevents confusing
     multiple prompts and warnings.  mindrot #1138, ok djm@@
   - djm@@cvs.openbsd.org 2006/03/14 00:15:39
     [canohost.c]
     log the originating address and not just the name when a reverse
     mapping check fails, requested by linux AT linuon.com
   - markus@@cvs.openbsd.org 2006/03/14 16:32:48
     [ssh_config.5 sshd_config.5]
     *AliveCountMax applies to protcol v2 only; ok dtucker, djm
   - djm@@cvs.openbsd.org 2006/03/07 09:07:40
     [kex.c kex.h monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
     Implement the diffie-hellman-group-exchange-sha256 key exchange method
     using the SHA256 code in libc (and wrapper to make it into an OpenSSL
     EVP), interop tested against CVS PuTTY
     NB. no portability bits committed yet
 - (djm) [configure.ac defines.h kex.c md-sha256.c]
   [openbsd-compat/sha2.h openbsd-compat/openbsd-compat.h]
   [openbsd-compat/sha2.c] First stab at portability glue for SHA256
   KEX support, should work with libc SHA256 support or OpenSSL
   EVP_sha256 if present
 - (djm) [includes.h] Restore accidentally dropped netinet/in.h
 - (djm) [Makefile.in openbsd-compat/Makefile.in] Add added files
 - (djm) [md-sha256.c configure.ac] md-sha256.c needs sha2.h if present
 - (djm) [regress/.cvsignore] Ignore Makefile here
 - (djm) [loginrec.c] Need stat.h
 - (djm) [openbsd-compat/sha2.h] Avoid include macro clash with
   system sha2.h
 - (djm) [ssh-rand-helper.c] Needs a bunch of headers
 - (djm) [ssh-agent.c] Restore dropped stat.h
 - (djm) [openbsd-compat/sha2.h openbsd-compat/sha2.c] Comment out 
   SHA384, which we don't need and doesn't compile without tweaks
 - (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c]
   [sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c]
   [sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c]
   [openbsd-compat/glob.c openbsd-compat/mktemp.c]
   [openbsd-compat/readpassphrase.c] Lots of include fixes for
   OpenSolaris
 - (tim) [includes.h] put sys/stat.h back in to quiet some "macro redefined:"
 - (tim) [openssh/sshpty.c openssh/openbsd-compat/port-tun.c] put in some
   includes removed from includes.h
 - (dtucker) [configure.ac] Fix glob test conversion to AC_TRY_COMPILE
 - (djm) [includes.h] Put back paths.h, it is needed in defines.h
 - (dtucker) [openbsd-compat/openbsd-compat.h] AIX (at least) needs
   sys/ioctl.h for struct winsize.
 - (dtucker) [configure.ac] login_cap.h requires sys/types.h on NetBSD.

20060313
 - (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong)
   since not all platforms support it.  Instead, use internal equivalent while
   computing LLONG_MIN and LLONG_MAX.  Remove special case for alpha-dec-osf*
   as it's no longer required.  Tested by Bernhard Simon, ok djm@@

20060304
 - (dtucker) [contrib/cygwin/ssh-host-config] Require use of lastlog as a
   file rather than directory, required as Cygwin will be importing lastlog(1).
   Also tightens up permissions on the file.  Patch from vinschen@@redhat.com.
 - (dtucker) [gss-serv-krb5.c] Bug #1166: Correct #ifdefs for gssapi_krb5.h
   includes.  Patch from gentoo.riverrat at gmail.com.

20060226
 - (dtucker) [configure.ac] Bug #1156: QNX apparently needs SSHD_ACQUIRES_CTTY
   patch from kraai at ftbfs.org.

20060223
 - (dtucker) [sshd_config sshd_config.5] Update UsePAM to reflect current
   reality.  Pointed out by tryponraj at gmail.com.

20060222
 - (dtucker) [openbsd-compat/openssl-compat.{c,h}] Minor tidy up: only
   compile in compat code if required.

20060221
 - (dtucker) [openbsd-compat/openssl-compat.h] Prevent warning about
   redefinition of SSLeay_add_all_algorithms.

20060220
 - (dtucker) [INSTALL configure.ac openbsd-compat/openssl-compat.{c,h}]
   Add optional enabling of OpenSSL's (hardware) Engine support, via
   configure --with-ssl-engine.  Based in part on a diff by michal at
   logix.cz.

20060219
 - (dtucker) [Makefile.in configure.ac, added openbsd-compat/regress/]
   Add first attempt at regress tests for compat library.  ok djm@@

20060214
 - (tim) [buildpkg.sh.in] Make the names consistent.
   s/pkg_post_make_install_fixes.sh/pkg-post-make-install-fixes.sh/ OK dtucker@@

20060212
 - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Make loop counter unsigned
   to silence compiler warning, from vinschen at redhat.com.
 - (tim) [configure.ac] Bug #1149. Disable /etc/default/login check for QNX.
 - (dtucker) [README version.h contrib/caldera/openssh.spec
   contrib/redhat/openssh.spec contrib/suse/openssh.spec] Bump version
   strings to match 4.3p2 release.

20060208
 - (tim) [session.c] Logout records were not updated on systems with
   post auth privsep disabled due to bug 1086 changes. Analysis and patch
   by vinschen at redhat.com. OK tim@@, dtucker@@.
 - (dtucker) [configure.ac] Typo in Ultrix and NewsOS sections (NEED_SETPRGP
   -> NEED_SETPGRP), reported by Bernhard Simon.  ok tim@@

20060206
 - (tim) [configure.ac] Remove unnecessary tests for net/if.h and 
   netinet/in_systm.h. OK dtucker@@.

20060205
 - (tim) [configure.ac] Add AC_REVISION. Add sys/time.h to lastlog.h test
   for Solaris. OK dtucker@@.
 - (tim) [configure.ac] Bug #1149. Changes in QNX section only. Patch by
   kraai at ftbfs.org.

20060203
 - (tim) [configure.ac] test for egrep (AC_PROG_EGREP) before first
   AC_CHECK_HEADERS test. Without it, if AC_CHECK_HEADERS is first run
   by a platform specific check, builtin standard includes tests will be
   skipped on the other platforms.
   Analysis and suggestion by vinschen at redhat.com, patch by dtucker@@.
   OK tim@@, djm@@.

20060202
 - (dtucker) [configure.ac] Bug #1148: Fix "crippled AES" test so that it
   works with picky compilers.  Patch from alex.kiernan at thus.net.

d3821 1
a3821 1
$Id: ChangeLog,v 1.4558.2.2 2006/09/26 10:57:05 dtucker Exp $
@


1.1.1.14
log
@Vendor import of OpenSSH 4.5p1.
@
text
@a0 109
20061107
 - (dtucker) [sshd.c] Use privsep_pw if we have it, but only require it
   if we absolutely need it.  Pointed out by Corinna, ok djm@@
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2006/11/06 21:25:28
     [auth-rsa.c kexgexc.c kexdhs.c key.c ssh-dss.c sshd.c kexgexs.c
     ssh-keygen.c bufbn.c moduli.c scard.c kexdhc.c sshconnect1.c dh.c rsa.c]
     add missing checks for openssl return codes; with & ok djm@@
   - markus@@cvs.openbsd.org 2006/11/07 10:31:31
     [monitor.c version.h]
     correctly check for bad signatures in the monitor, otherwise the monitor
     and the unpriv process can get out of sync. with dtucker@@, ok djm@@,
     dtucker@@
 - (dtucker) [README contrib/{caldera,redhat,contrib}/openssh.spec] Bump
   versions.
 - (dtucker) [dh.c] Type fix for BN_hex2bn; ok markus@@
 - (dtucker) Release 4.5p1.

20061105
 - (djm) OpenBSD CVS Sync
   - otto@@cvs.openbsd.org 2006/10/28 18:08:10
     [ssh.1]
     correct/expand example of usage of -w; ok jmc@@ stevesk@@
   - markus@@cvs.openbsd.org 2006/10/31 16:33:12
     [kexdhc.c kexdhs.c kexgexc.c kexgexs.c]
     check DH_compute_key() for -1 even if it should not happen because of
     earlier calls to dh_pub_is_valid(); report krahmer at suse.de; ok djm

20061101
 - (dtucker) [openbsd-compat/port-solaris.c] Bug #1255: Make only hwerr
   events fatal in Solaris process contract support and tell it to signal
   only processes in the same process group when something happens.
   Based on information from andrew.benham at thus.net and similar to
   a patch from Chad Mynhier.  ok djm@@

20061027
- (djm) [auth.c] gc some dead code

20061023
 - (djm) OpenBSD CVS Sync
   - ray@@cvs.openbsd.org 2006/09/30 17:48:22
     [sftp.c]
     Clear errno before calling the strtol functions.
     From Paul Stoeber <x0001 at x dot de1 dot cc>.
     OK deraadt@@.
   - djm@@cvs.openbsd.org 2006/10/06 02:29:19
     [ssh-agent.c ssh-keyscan.c ssh.c]
     sys/resource.h needs sys/time.h; prompted by brad@@
     (NB. Id sync only for portable)
   - djm@@cvs.openbsd.org 2006/10/09 23:36:11
     [session.c]
     xmalloc -> xcalloc that was missed previously, from portable
     (NB. Id sync only for portable, obviously)
   - markus@@cvs.openbsd.org 2006/10/10 10:12:45
     [sshconnect.c]
     sleep before retrying (not after) since sleep changes errno; fixes
     pr 5250; rad@@twig.com; ok dtucker djm
   - markus@@cvs.openbsd.org 2006/10/11 12:38:03
     [clientloop.c serverloop.c]
     exit instead of doing a blocking tcp send if we detect a client/server
     timeout, since the tcp sendqueue might be already full (of alive
     requests); ok dtucker, report mpf
   - djm@@cvs.openbsd.org 2006/10/22 02:25:50
     [sftp-client.c]
     cancel progress meter when upload write fails; ok deraadt@@
 - (tim) [Makefile.in scard/Makefile.in] Add datarootdir= lines to keep
   autoconf 2.60 from complaining.

20061018
 - (dtucker) OpenBSD CVS Sync
   - ray@@cvs.openbsd.org 2006/09/25 04:55:38
     [ssh-keyscan.1 ssh.1]
     Change "a SSH" to "an SSH".  Hurray, I'm not the only one who
     pronounces "SSH" as "ess-ess-aich".
     OK jmc@@ and stevesk@@.
 - (dtucker) [sshd.c] Reshuffle storing of pw struct; prevents warnings
   on older versions of OS X.  ok djm@@

20061016
 - (dtucker) [monitor_fdpass.c] Include sys/in.h, required for cmsg macros
   on older (2.0) Linuxes.  Based on patch from thmo-13 at gmx de.

20061006
 - (tim) [buildpkg.sh.in] Use uname -r instead of -v in OS_VER for Solaris.
   Differentiate between OpenServer 5 and OpenServer 6
 - (dtucker) [configure.ac] Set put -lselinux into $LIBS while testing for
   SELinux functions so they're detected correctly.  Patch from pebenito at
   gentoo.org.
 - (tim) [buildpkg.sh.in] Some systems have really limited nawk (OpenServer).
   Allow setting alternate awk in openssh-config.local.

20061003
 - (tim) [configure.ac] Move CHECK_HEADERS test before platform specific
   section so additional platform specific CHECK_HEADER tests will work
   correctly. Fixes "<net/if_tap.h> on FreeBSD" problem report by des AT des.no
   Feedback and "seems like a good idea" dtucker@@

20061001
 - (dtucker) [audit-bsm.c] Include errno.h.  Pointed out by des at des.no.

20060929
 - (dtucker) [configure.ac] Bug #1239: Fix configure test for OpenSSH engine
   support.  Patch from andrew.benham at thus net.

20060928
 - (dtucker) [entropy.c] Bug #1238: include signal.h to fix compilation error
   on Solaris 8 w/out /dev/random or prngd.  Patch from rl at
   math.technion.ac.il.

a4 1
 - (dtucker) Release 4.4p1.
d2499 2992
a5490 1
$Id: ChangeLog,v 1.4588.2.1 2006/11/07 13:02:59 dtucker Exp $
@


1.1.1.14.2.1
log
@SVN rev 182634 on 2008-09-01 20:03:13Z by des

MFH OpenSSH 5.1p1
@
text
@a0 2105
20080721
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2008/07/18 22:51:01
     [sftp-server.8]
     no need for .Pp before or after .Sh;
   - djm@@cvs.openbsd.org 2008/07/21 08:19:07
     [version.h]
     openssh-5.1
 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Update version number in README and RPM specs
 - (djm) Release OpenSSH-5.1

20080717
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/07/17 08:48:00
     [sshconnect2.c]
     strnvis preauth banner; pointed out by mpf@@ ok markus@@
   - djm@@cvs.openbsd.org 2008/07/17 08:51:07
     [auth2-hostbased.c]
     strip trailing '.' from hostname when HostbasedUsesNameFromPacketOnly=yes
     report and patch from res AT qoxp.net (bz#1200); ok markus@@
 - (dtucker) [openbsd-compat/bsd-cygwin_util.c]  Remove long-unneeded compat
   code, replace with equivalent cygwin library call.  Patch from vinschen
   at redhat.com, ok djm@@.
 - (djm) [sshconnect2.c] vis.h isn't available everywhere

20080716
 - OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/07/15 02:23:14
     [sftp.1]
     number of pipelined requests is now 64;
     prodded by Iain.Morgan AT nasa.gov
   - djm@@cvs.openbsd.org 2008/07/16 11:51:14
     [clientloop.c]
     rename variable first_gc -> last_gc (since it is actually the last
     in the list).
   - djm@@cvs.openbsd.org 2008/07/16 11:52:19
     [channels.c]
     this loop index should be automatic, not static

20080714
 - (djm) OpenBSD CVS Sync
   - sthen@@cvs.openbsd.org 2008/07/13 21:22:52
     [ssh-keygen.c]
     Change "ssh-keygen -F [host] -l" to not display random art unless
     -v is also specified, making it consistent with the manual and other
     uses of -l.
     ok grunk@@
   - djm@@cvs.openbsd.org 2008/07/13 22:13:07
     [channels.c]
     use struct sockaddr_storage instead of struct sockaddr for accept(2)
     address argument. from visibilis AT yahoo.com in bz#1485; ok markus@@
   - djm@@cvs.openbsd.org 2008/07/13 22:16:03
     [sftp.c]
     increase number of piplelined requests so they properly fill the
     (recently increased) channel window. prompted by rapier AT psc.edu;
     ok markus@@
   - djm@@cvs.openbsd.org 2008/07/14 01:55:56
     [sftp-server.8]
     mention requirement for /dev/log inside chroot when using sftp-server
     with ChrootDirectory
 - (djm) [openbsd-compat/bindresvport.c] Rename variables s/sin/in/ to
   avoid clash with sin(3) function; reported by
   cristian.ionescu-idbohrn AT axis.com
 - (djm) [openbsd-compat/rresvport.c] Add unistd.h for missing close()
   prototype; reported by cristian.ionescu-idbohrn AT axis.com
 - (djm) [umac.c] Rename variable s/buffer_ptr/bufp/ to avoid clash;
   reported by cristian.ionescu-idbohrn AT axis.com
 - (djm) [contrib/cygwin/Makefile contrib/cygwin/ssh-host-config]
   [contrib/cygwin/ssh-user-config contrib/cygwin/sshd-inetd]
   Revamped and simplified Cygwin ssh-host-config script that uses
   unified csih configuration tool. Requires recent Cygwin.
   Patch from vinschen AT redhat.com

20080712
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/07/12 04:52:50
     [channels.c]
     unbreak; move clearing of cctx struct to before first use
     reported by dkrause@@
   - djm@@cvs.openbsd.org 2008/07/12 05:33:41
     [scp.1]
     better description for -i flag:
     s/RSA authentication/public key authentication/
 - (djm) [openbsd-compat/fake-rfc2553.c openbsd-compat/fake-rfc2553.h]
   return EAI_FAMILY when trying to lookup unsupported address family;
   from vinschen AT redhat.com

20080711
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2008/07/07 00:31:41
     [ttymodes.c]
     we don't need arg after the debug3() was removed.  from lint.
     ok djm@@
   - stevesk@@cvs.openbsd.org 2008/07/07 23:32:51
     [key.c]
     /*NOTREACHED*/ for lint warning:
       warning: function key_equal falls off bottom without returning value
     ok djm@@
   - markus@@cvs.openbsd.org 2008/07/10 18:05:58
     [channels.c]
     missing bzero; from mickey; ok djm@@
   - markus@@cvs.openbsd.org 2008/07/10 18:08:11
     [clientloop.c monitor.c monitor_wrap.c packet.c packet.h sshd.c]
     sync v1 and v2 traffic accounting; add it to sshd, too;
     ok djm@@, dtucker@@

20080709
 - (djm) [Makefile.in] Print "all tests passed" when all regress tests pass
 - (djm) [auth1.c] Fix format string vulnerability in protocol 1 PAM
   account check failure path. The vulnerable format buffer is supplied
   from PAM and should not contain attacker-supplied data.
 - (djm) [auth.c] Missing unistd.h for close()
 - (djm) [configure.ac] Add -Wformat-security to CFLAGS for gcc 3.x and 4.x

20080705
 - (djm) [auth.c] Fixed test for locked account on HP/UX with shadowed
   passwords disabled. bz#1083 report & patch from senthilkumar_sen AT
   hotpop.com, w/ dtucker@@
 - (djm) [atomicio.c configure.ac] Disable poll() fallback in atomiciov for
   Tru64. readv doesn't seem to be a comparable object there.
   bz#1386, patch from dtucker@@ ok me
 - (djm) [Makefile.in] Pass though pass to conch for interop tests
 - (djm) [configure.ac] unbreak: remove extra closing brace
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/07/04 23:08:25
     [packet.c]
     handle EINTR in packet_write_poll()l ok dtucker@@
   - djm@@cvs.openbsd.org 2008/07/04 23:30:16
     [auth1.c auth2.c]
     Make protocol 1 MaxAuthTries logic match protocol 2's.
     Do not treat the first protocol 2 authentication attempt as
     a failure IFF it is for method "none".
     Makes MaxAuthTries' user-visible behaviour identical for
     protocol 1 vs 2.
     ok dtucker@@
   - djm@@cvs.openbsd.org 2008/07/05 05:16:01
     [PROTOCOL]
     grammar

20080704
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/07/02 13:30:34
     [auth2.c]
     really really remove the freebie "none" auth try for protocol 2
   - djm@@cvs.openbsd.org 2008/07/02 13:47:39
     [ssh.1 ssh.c]
     When forking after authentication ("ssh -f") with ExitOnForwardFailure
     enabled, delay the fork until after replies for any -R forwards have
     been seen. Allows for robust detection of -R forward failure when
     using -f (similar to bz#92); ok dtucker@@
   - otto@@cvs.openbsd.org 2008/07/03 21:46:58
     [auth2-pubkey.c]
     avoid nasty double free; ok dtucker@@ djm@@
   - djm@@cvs.openbsd.org 2008/07/04 03:44:59
     [servconf.c groupaccess.h groupaccess.c]
     support negation of groups in "Match group" block (bz#1315); ok dtucker@@
   - dtucker@@cvs.openbsd.org 2008/07/04 03:47:02
     [monitor.c]
     Make debug a little clearer.  ok djm@@
   - djm@@cvs.openbsd.org 2008/06/30 08:07:34
     [regress/key-options.sh]
     shell portability: use "=" instead of "==" in test(1) expressions,
     double-quote string with backslash escaped /
   - djm@@cvs.openbsd.org 2008/06/30 10:31:11
     [regress/{putty-transfer,putty-kex,putty-ciphers}.sh]
     remove "set -e" left over from debugging
   - djm@@cvs.openbsd.org 2008/06/30 10:43:03
     [regress/conch-ciphers.sh]
     explicitly disable conch options that could interfere with the test
 - (dtucker) [sftp-server.c] Bug #1447: fall back to racy rename if link
   returns EXDEV.  Patch from Mike Garrison, ok djm@@
 - (djm) [atomicio.c channels.c clientloop.c defines.h includes.h]
   [packet.c scp.c serverloop.c sftp-client.c ssh-agent.c ssh-keyscan.c]
   [sshd.c] Explicitly handle EWOULDBLOCK wherever we handle EAGAIN, on
   some platforms (HP nonstop) it is a distinct errno;
   bz#1467 reported by sconeu AT yahoo.com; ok dtucker@@

20080702
 - (dtucker) OpenBSD CVS Sync
    - djm@@cvs.openbsd.org 2008/06/30 08:05:59
      [PROTOCOL.agent]
      typo: s/constraint_date/constraint_data/
   - djm@@cvs.openbsd.org 2008/06/30 12:15:39
     [serverloop.c]
     only pass channel requests on session channels through to the session
     channel handler, avoiding spurious log messages; ok! markus@@
   - djm@@cvs.openbsd.org 2008/06/30 12:16:02
     [nchan.c]
     only send eow@@openssh.com notifications for session channels; ok! markus@@
   - djm@@cvs.openbsd.org 2008/06/30 12:18:34
     [PROTOCOL]
     clarify that eow@@openssh.com is only sent on session channels
   - dtucker@@cvs.openbsd.org 2008/07/01 07:20:52
     [sshconnect.c]
     Check ExitOnForwardFailure if forwardings are disabled due to a failed
     host key check.  ok djm@@
   - dtucker@@cvs.openbsd.org 2008/07/01 07:24:22
     [sshconnect.c sshd.c]
     Send CR LF during protocol banner exchanges, but only for Protocol 2 only,
     in order to comply with RFC 4253.  bz #1443, ok djm@@
   - stevesk@@cvs.openbsd.org 2008/07/01 23:12:47
     [PROTOCOL.agent]
     fix some typos; ok djm@@
   - djm@@cvs.openbsd.org 2008/07/02 02:24:18
     [sshd_config sshd_config.5 sshd.8 servconf.c]
     increase default size of ssh protocol 1 ephemeral key from 768 to 1024
     bits; prodded by & ok dtucker@@ ok deraadt@@
   - dtucker@@cvs.openbsd.org 2008/07/02 12:03:51
     [auth-rsa.c auth.c auth2-pubkey.c auth.h]
     Merge duplicate host key file checks, based in part on a patch from Rob
     Holland via bz #1348 .  Also checks for non-regular files during protocol
     1 RSA auth.  ok djm@@
   - djm@@cvs.openbsd.org 2008/07/02 12:36:39
     [auth2-none.c auth2.c]
     Make protocol 2 MaxAuthTries behaviour a little more sensible:
     Check whether client has exceeded MaxAuthTries before running
     an authentication method and skip it if they have, previously it
     would always allow one try (for "none" auth).
     Preincrement failure count before post-auth test - previously this
     checked and postincremented, also to allow one "none" try.
     Together, these two changes always count the "none" auth method
     which could be skipped by a malicious client (e.g. an SSH worm)
     to get an extra attempt at a real auth method. They also make
     MaxAuthTries=0 a useful way to block users entirely (esp. in a
     sshd_config Match block).
     Also, move sending of any preauth banner from "none" auth method
     to the first call to input_userauth_request(), so worms that skip
     the "none" method get to see it too.

20080630
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2008/06/10 23:13:43
     [regress/Makefile regress/key-options.sh]
     Add regress test for key options.  ok djm@@
   - dtucker@@cvs.openbsd.org 2008/06/11 23:11:40
     [regress/Makefile]
     Don't run cipher-speed test by default; mistakenly enabled by me
   - djm@@cvs.openbsd.org 2008/06/28 13:57:25
     [regress/Makefile regress/test-exec.sh regress/conch-ciphers.sh]
     very basic regress test against Twisted Conch in "make interop"
     target (conch is available in ports/devel/py-twisted/conch);
     ok markus@@
 - (djm) [regress/Makefile] search for conch by path, like we do putty

20080629
 - (djm) OpenBSD CVS Sync
   - martynas@@cvs.openbsd.org 2008/06/21 07:46:46
     [sftp.c]
     use optopt to get invalid flag, instead of return value of getopt,
     which is always '?';  ok djm@@
   - otto@@cvs.openbsd.org 2008/06/25 11:13:43
     [key.c]
     add key length to visual fingerprint; zap magical constants;
     ok grunk@@ djm@@
   - djm@@cvs.openbsd.org 2008/06/26 06:10:09
     [sftp-client.c sftp-server.c]
     allow the sftp chmod(2)-equivalent operation to set set[ug]id/sticky
     bits. Note that this only affects explicit setting of modes (e.g. via
     sftp(1)'s chmod command) and not file transfers. (bz#1310)
     ok deraadt@@ at c2k8
   - djm@@cvs.openbsd.org 2008/06/26 09:19:40
     [dh.c dh.h moduli.c]
     when loading moduli from /etc/moduli in sshd(8), check that they
     are of the expected "safe prime" structure and have had
     appropriate primality tests performed;
     feedback and ok dtucker@@
   - grunk@@cvs.openbsd.org 2008/06/26 11:46:31
     [readconf.c readconf.h ssh.1 ssh_config.5 sshconnect.c]
     Move SSH Fingerprint Visualization away from sharing the config option
     CheckHostIP to an own config option named VisualHostKey.
     While there, fix the behaviour that ssh would draw a random art picture
     on every newly seen host even when the option was not enabled.
     prodded by deraadt@@, discussions,
     help and ok markus@@ djm@@ dtucker@@
   - jmc@@cvs.openbsd.org 2008/06/26 21:11:46
     [ssh.1]
     add VisualHostKey to the list of options listed in -o;
   - djm@@cvs.openbsd.org 2008/06/28 07:25:07
     [PROTOCOL]
     spelling fixes
   - djm@@cvs.openbsd.org 2008/06/28 13:58:23
     [ssh-agent.c]
     refuse to add a key that has unknown constraints specified;
     ok markus
   - djm@@cvs.openbsd.org 2008/06/28 14:05:15
     [ssh-agent.c]
     reset global compat flag after processing a protocol 2 signature
     request with the legacy DSA encoding flag set; ok markus
   - djm@@cvs.openbsd.org 2008/06/28 14:08:30
     [PROTOCOL PROTOCOL.agent]
     document the protocol used by ssh-agent; "looks ok" markus@@

20080628
 - (djm) [RFC.nroff contrib/cygwin/Makefile contrib/suse/openssh.spec]
   RFC.nroff lacks a license, remove it (it is long gone in OpenBSD).

20080626
 - (djm) [Makefile.in moduli.5] Include moduli(5) manpage from OpenBSD.
   (bz#1372)
 - (djm) [ contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Include moduli.5 in RPM spec files.

20080616
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2008/06/16 13:22:53
     [session.c channels.c]
     Rename the isatty argument to is_tty so we don't shadow
     isatty(3).  ok markus@@
 - (dtucker) [channels.c] isatty -> is_tty here too.

20080615
 - (dtucker) [configure.ac] Enable -fno-builtin-memset when using gcc.
 - OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2008/06/14 15:49:48
     [sshd.c]
     wrap long line at 80 chars
   - dtucker@@cvs.openbsd.org 2008/06/14 17:07:11
     [sshd.c]
     ensure default umask disallows at least group and world write; ok djm@@
   - djm@@cvs.openbsd.org 2008/06/14 18:33:43
     [session.c]
     suppress the warning message from chdir(homedir) failures
     when chrooted (bz#1461); ok dtucker
   - dtucker@@cvs.openbsd.org 2008/06/14 19:42:10
     [scp.1]
     Mention that scp follows symlinks during -r.  bz #1466,
     from nectar at apple
   - dtucker@@cvs.openbsd.org 2008/06/15 16:55:38
     [sshd_config.5]
     MaxSessions is allowed in a Match block too
   - dtucker@@cvs.openbsd.org 2008/06/15 16:58:40
     [servconf.c sshd_config.5]
     Allow MaxAuthTries within a Match block.  ok djm@@
   - djm@@cvs.openbsd.org 2008/06/15 20:06:26
     [channels.c channels.h session.c]
     don't call isatty() on a pty master, instead pass a flag down to
     channel_set_fds() indicating that te fds refer to a tty. Fixes a
     hang on exit on Solaris (bz#1463) in portable but is actually
     a generic bug; ok dtucker deraadt markus

20080614
 - (djm) [openbsd-compat/sigact.c] Avoid NULL derefs in ancient sigaction
   replacement code; patch from ighighi AT gmail.com in bz#1240;
   ok dtucker

20080613
 - (dtucker) OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2008/06/13 09:44:36
     [packet.c]
     compile on older gcc; no decl after code
   - dtucker@@cvs.openbsd.org 2008/06/13 13:56:59
     [monitor.c]
     Clear key options in the monitor on failed authentication, prevents
     applying additional restrictions to non-pubkey authentications in
     the case where pubkey fails but another method subsequently succeeds.
     bz #1472, found by Colin Watson, ok markus@@ djm@@
   - dtucker@@cvs.openbsd.org 2008/06/13 14:18:51
     [auth2-pubkey.c auth-rhosts.c]
     Include unistd.h for close(), prevents warnings in -portable
   - dtucker@@cvs.openbsd.org 2008/06/13 17:21:20
     [mux.c]
     Friendlier error messages for mux fallback.  ok djm@@
   - dtucker@@cvs.openbsd.org 2008/06/13 18:55:22
     [scp.c]
     Prevent -Wsign-compare warnings on LP64 systems.  bz #1192, ok deraadt@@
   - grunk@@cvs.openbsd.org 2008/06/13 20:13:26
     [ssh.1]
     Explain the use of SSH fpr visualization using random art, and cite the
     original scientific paper inspiring that technique.
     Much help with English and nroff by jmc@@, thanks.
 - (dtucker) [configure.ac] Bug #1276: avoid linking against libgssapi, which
   despite its name doesn't seem to implement all of GSSAPI.  Patch from
   Jan Engelhardt, sanity checked by Simon Wilkinson.

20080612
 - (dtucker) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2008/06/11 07:30:37
     [sshd.8]
     kill trailing whitespace;
   - grunk@@cvs.openbsd.org 2008/06/11 21:01:35
     [ssh_config.5 key.h readconf.c readconf.h ssh-keygen.1 ssh-keygen.c key.c
      sshconnect.c]
     Introduce SSH Fingerprint ASCII Visualization, a technique inspired by the
     graphical hash visualization schemes known as "random art", and by
     Dan Kaminsky's musings on the subject during a BlackOp talk at the
     23C3 in Berlin.
     Scientific publication (original paper):
     "Hash Visualization: a New Technique to improve Real-World Security",
     Perrig A. and Song D., 1999, International Workshop on Cryptographic
     Techniques and E-Commerce (CrypTEC '99)
     http://sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf
     The algorithm used here is a worm crawling over a discrete plane,
     leaving a trace (augmenting the field) everywhere it goes.
     Movement is taken from dgst_raw 2bit-wise.  Bumping into walls
     makes the respective movement vector be ignored for this turn,
     thus switching to the other color of the chessboard.
     Graphs are not unambiguous for now, because circles in graphs can be
     walked in either direction.
     discussions with several people,
     help, corrections and ok markus@@ djm@@
   - grunk@@cvs.openbsd.org 2008/06/11 21:38:25
     [ssh-keygen.c]
     ssh-keygen -lv -f /etc/ssh/ssh_host_rsa_key.pub
     would not display you the random art as intended, spotted by canacar@@
   - grunk@@cvs.openbsd.org 2008/06/11 22:20:46
     [ssh-keygen.c ssh-keygen.1]
     ssh-keygen would write fingerprints to STDOUT, and random art to STDERR,
     that is not how it was envisioned.
     Also correct manpage saying that -v is needed along with -l for it to work.
     spotted by naddy@@
   - otto@@cvs.openbsd.org 2008/06/11 23:02:22
     [key.c]
     simpler way of computing the augmentations; ok grunk@@
   - grunk@@cvs.openbsd.org 2008/06/11 23:03:56
     [ssh_config.5]
     CheckHostIP set to ``fingerprint'' will display both hex and random art
     spotted by naddy@@
   - grunk@@cvs.openbsd.org 2008/06/11 23:51:57
     [key.c]
     #define statements that are not atoms need braces around them, else they
     will cause trouble in some cases.
     Also do a computation of -1 once, and not in a loop several times.
     spotted by otto@@
   - dtucker@@cvs.openbsd.org 2008/06/12 00:03:49
     [dns.c canohost.c sshconnect.c]
     Do not pass "0" strings as ports to getaddrinfo because the lookups
     can slow things down and we never use the service info anyway. bz
     #859, patch from YOSHIFUJI Hideaki and John Devitofranceschi.  ok
     deraadt@@ djm@@
     djm belives that the reason for the "0" strings is to ensure that
     it's not possible to call getaddrinfo with both host and port being
     NULL.  In the case of canohost.c host is a local array.  In the
     case of sshconnect.c, it's checked for null immediately before use.
     In dns.c it ultimately comes from ssh.c:main() and is guaranteed to
     be non-null but it's not obvious, so I added a warning message in
     case it is ever passed a null.
   - grunk@@cvs.openbsd.org 2008/06/12 00:13:55
     [sshconnect.c]
     Make ssh print the random art also when ssh'ing to a host using IP only.
     spotted by naddy@@, ok and help djm@@ dtucker@@
   - otto@@cvs.openbsd.org 2008/06/12 00:13:13
     [key.c]
     use an odd number of rows and columns and a separate start marker, looks
     better; ok grunk@@
   - djm@@cvs.openbsd.org 2008/06/12 03:40:52
     [clientloop.h mux.c channels.c clientloop.c channels.h]
     Enable ~ escapes for multiplex slave sessions; give each channel
     its own escape state and hook the escape filters up to muxed
     channels. bz #1331
     Mux slaves do not currently support the ~^Z and ~& escapes.
     NB. this change cranks the mux protocol version, so a new ssh
     mux client will not be able to connect to a running old ssh
     mux master.
     ok dtucker@@
   - djm@@cvs.openbsd.org 2008/06/12 04:06:00
     [clientloop.h ssh.c clientloop.c]
     maintain an ordered queue of outstanding global requests that we
     expect replies to, similar to the per-channel confirmation queue.
     Use this queue to verify success or failure for remote forward
     establishment in a race free way.
     ok dtucker@@
   - djm@@cvs.openbsd.org 2008/06/12 04:17:47
     [clientloop.c]
     thall shalt not code past the eightieth column
   - djm@@cvs.openbsd.org 2008/06/12 04:24:06
     [ssh.c]
     thal shalt not code past the eightieth column
   - djm@@cvs.openbsd.org 2008/06/12 05:15:41
     [PROTOCOL]
     document tun@@openssh.com forwarding method
   - djm@@cvs.openbsd.org 2008/06/12 05:32:30
     [mux.c]
     some more TODO for me
   - grunk@@cvs.openbsd.org 2008/06/12 05:42:46
     [key.c]
     supply the key type (rsa1, rsa, dsa) as a caption in the frame of the
     random art.  while there, stress the fact that the field base should at
     least be 8 characters for the pictures to make sense.
     comment and ok djm@@
   - grunk@@cvs.openbsd.org 2008/06/12 06:32:59
     [key.c]
     We already mark the start of the worm, now also mark the end of the worm
     in our random art drawings.
     ok djm@@
   - djm@@cvs.openbsd.org 2008/06/12 15:19:17
     [clientloop.h channels.h clientloop.c channels.c mux.c]
     The multiplexing escape char handler commit last night introduced a
     small memory leak per session; plug it.
   - dtucker@@cvs.openbsd.org 2008/06/12 16:35:31
     [ssh_config.5 ssh.c]
     keyword expansion for localcommand.  ok djm@@
   - jmc@@cvs.openbsd.org 2008/06/12 19:10:09
     [ssh_config.5 ssh-keygen.1]
     tweak the ascii art text; ok grunk
   - dtucker@@cvs.openbsd.org 2008/06/12 20:38:28
     [sshd.c sshconnect.c packet.h misc.c misc.h packet.c]
     Make keepalive timeouts apply while waiting for a packet, particularly
     during key renegotiation (bz #1363).  With djm and Matt Day, ok djm@@
   - djm@@cvs.openbsd.org 2008/06/12 20:47:04
     [sftp-client.c]
     print extension revisions for extensions that we understand
   - djm@@cvs.openbsd.org 2008/06/12 21:06:25
     [clientloop.c]
     I was coalescing expected global request confirmation replies at
     the wrong end of the queue - fix; prompted by markus@@
   - grunk@@cvs.openbsd.org 2008/06/12 21:14:46
     [ssh-keygen.c]
     make ssh-keygen -lf show the key type just as ssh-add -l would do it
     ok djm@@ markus@@
   - grunk@@cvs.openbsd.org 2008/06/12 22:03:36
     [key.c]
     add my copyright, ok djm@@
   - ian@@cvs.openbsd.org 2008/06/12 23:24:58
     [sshconnect.c]
     tweak wording in message, ok deraadt@@ jmc@@
   - dtucker@@cvs.openbsd.org 2008/06/13 00:12:02
     [sftp.h log.h]
     replace __dead with __attribute__((noreturn)), makes things
     a little easier to port.  Also, add it to sigdie().  ok djm@@
   - djm@@cvs.openbsd.org 2008/06/13 00:16:49
     [mux.c]
     fall back to creating a new TCP connection on most multiplexing errors
     (socket connect fail, invalid version, refused permittion, corrupted
     messages, etc.); bz #1329 ok dtucker@@
   - dtucker@@cvs.openbsd.org 2008/06/13 00:47:53
     [mux.c]
     upcast size_t to u_long to match format arg; ok djm@@
   - dtucker@@cvs.openbsd.org 2008/06/13 00:51:47
     [mac.c]
     upcast another size_t to u_long to match format
   - dtucker@@cvs.openbsd.org 2008/06/13 01:38:23
     [misc.c]
     upcast uid to long with matching %ld, prevents warnings in portable
   - djm@@cvs.openbsd.org 2008/06/13 04:40:22
     [auth2-pubkey.c auth-rhosts.c]
     refuse to read ~/.shosts or ~/.ssh/authorized_keys that are not
     regular files; report from Solar Designer via Colin Watson in bz#1471
     ok dtucker@@ deraadt
  - (dtucker) [clientloop.c serverloop.c]  channel_register_filter now
    takes 2 more args.  with djm@@
  - (dtucker) [defines.h] Bug #1112: __dead is, well dead. Based on a patch
    from Todd Vierling.
  - (dtucker) [auth-sia.c] Bug #1241: support password expiry on Tru64 SIA
    systems.  Patch from R. Scott Bailey.
  - (dtucker) [umac.c] STORE_UINT32_REVERSED and endian_convert are never used
    on big endian machines, so ifdef them for little-endian only to prevent
    unused function warnings on big-endians.
  - (dtucker) [openbsd-compat/setenv.c] Make offsets size_t to prevent
    compiler warnings on some platforms.  Based on a discussion with otto@@

20080611
 - (djm) [channels.c configure.ac]
   Do not set SO_REUSEADDR on wildcard X11 listeners (X11UseLocalhost=no)
   bz#1464; ok dtucker 

20080610
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/06/10 03:57:27
     [servconf.c match.h sshd_config.5]
     support CIDR address matching in sshd_config "Match address" blocks, with
     full support for negation and fall-back to classic wildcard matching.
     For example:
     Match address 192.0.2.0/24,3ffe:ffff::/32,!10.*
         PasswordAuthentication yes
     addrmatch.c code mostly lifted from flowd's addr.c
     feedback and ok dtucker@@
   - djm@@cvs.openbsd.org 2008/06/10 04:17:46
     [sshd_config.5]
     better reference for pattern-list
   - dtucker@@cvs.openbsd.org 2008/06/10 04:50:25
     [sshd.c channels.h channels.c log.c servconf.c log.h servconf.h sshd.8]
     Add extended test mode (-T) and connection parameters for test mode (-C).
     -T causes sshd to write its effective configuration to stdout and exit.
     -C causes any relevant Match rules to be applied before output.  The
     combination allows tesing of the parser and config files.  ok deraadt djm
   - jmc@@cvs.openbsd.org 2008/06/10 07:12:00
     [sshd_config.5]
     tweak previous;
   - jmc@@cvs.openbsd.org 2008/06/10 08:17:40
     [sshd.8 sshd.c]
     - update usage()
     - fix SYNOPSIS, and sort options
     - some minor additional fixes
   - dtucker@@cvs.openbsd.org 2008/06/09 18:06:32
     [regress/test-exec.sh]
     Don't generate putty keys if we're not going to use them.  ok djm
   - dtucker@@cvs.openbsd.org 2008/06/10 05:23:32
     [regress/addrmatch.sh regress/Makefile]
     Regress test for Match CIDR rules.  ok djm@@
   - dtucker@@cvs.openbsd.org 2008/06/10 15:21:41
     [test-exec.sh]
     Use a more portable construct for checking if we're running a putty test
   - dtucker@@cvs.openbsd.org 2008/06/10 15:28:49
     [test-exec.sh]
     Add quotes
   - dtucker@@cvs.openbsd.org 2008/06/10 18:21:24
     [ssh_config.5]
     clarify that Host patterns are space-separated.  ok deraadt
   - djm@@cvs.openbsd.org 2008/06/10 22:15:23
     [PROTOCOL ssh.c serverloop.c]
     Add a no-more-sessions@@openssh.com global request extension that the
     client sends when it knows that it will never request another session
     (i.e. when session multiplexing is disabled). This allows a server to
     disallow further session requests and terminate the session.
     Why would a non-multiplexing client ever issue additional session
     requests? It could have been attacked with something like SSH'jack:
     http://www.storm.net.nz/projects/7
     feedback & ok markus
   - djm@@cvs.openbsd.org 2008/06/10 23:06:19
     [auth-options.c match.c servconf.c addrmatch.c sshd.8]
     support CIDR address matching in .ssh/authorized_keys from="..." stanzas
     ok and extensive testing dtucker@@
   - dtucker@@cvs.openbsd.org 2008/06/10 23:21:34
     [bufaux.c]
     Use '\0' for a nul byte rather than unadorned 0.  ok djm@@
   - dtucker@@cvs.openbsd.org 2008/06/10 23:13:43
     [Makefile regress/key-options.sh]
     Add regress test for key options.  ok djm@@
 - (dtucker) [openbsd-compat/fake-rfc2553.h] Add sin6_scope_id to sockaddr_in6
   since the new CIDR code in addmatch.c references it.
 - (dtucker) [Makefile.in configure.ac regress/addrmatch.sh] Skip IPv6
   specific tests on platforms that don't do IPv6.
 - (dtucker) [Makefile.in] Define TEST_SSH_IPV6 in make's arguments as well
   as environment.
 - (dtucker) [Makefile.in] Move addrmatch.o to libssh.a where it's needed now.

20080609
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2008/06/08 17:04:41
     [sftp-server.c]
     Add case for ENOSYS in errno_to_portable; ok deraadt
   - dtucker@@cvs.openbsd.org 2008/06/08 20:15:29
     [sftp.c sftp-client.c sftp-client.h]
     Have the sftp client store the statvfs replies in wire format,
     which prevents problems when the server's native sizes exceed the
     client's.
     Also extends the sizes of the remaining 32bit wire format to 64bit,
     they're specified as unsigned long in the standard.
   - dtucker@@cvs.openbsd.org 2008/06/09 13:02:39
     [sftp-server.c]
     Extend 32bit -> 64bit values for statvfs extension missed in previous
     commit.
   - dtucker@@cvs.openbsd.org 2008/06/09 13:38:46
     [PROTOCOL]
     Use a $OpenBSD tag so our scripts will sync changes.

20080608
 - (dtucker) [configure.ac defines.h sftp-client.c sftp-server.c sftp.c
   openbsd-compat/Makefile.in openbsd-compat/openbsd-compat.h
   openbsd-compat/bsd-statvfs.{c,h}] Add a null implementation of statvfs and
   fstatvfs and remove #defines around statvfs code.  ok djm@@
 - (dtucker) [configure.ac defines.h sftp-client.c M sftp-server.c] Add a
   macro to convert fsid to unsigned long for platforms where fsid is a
   2-member array.

20080607
 - (dtucker) [mux.c] Include paths.h inside ifdef HAVE_PATHS_H.
 - (dtucker) [configure.ac defines.h sftp-client.c sftp-server.c sftp.c]
   Do not enable statvfs extensions on platforms that do not have statvfs.
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/05/19 06:14:02
     [packet.c] unbreak protocol keepalive timeouts bz#1465; ok dtucker@@
   - djm@@cvs.openbsd.org 2008/05/19 15:45:07
     [sshtty.c ttymodes.c sshpty.h]
     Fix sending tty modes when stdin is not a tty (bz#1199). Previously
     we would send the modes corresponding to a zeroed struct termios,
     whereas we should have been sending an empty list of modes.
     Based on patch from daniel.ritz AT alcatel.ch; ok dtucker@@ markus@@
   - djm@@cvs.openbsd.org 2008/05/19 15:46:31
     [ssh-keygen.c]
     support -l (print fingerprint) in combination with -F (find host) to
     search for a host in ~/.ssh/known_hosts and display its fingerprint;
     ok markus@@
   - djm@@cvs.openbsd.org 2008/05/19 20:53:52
     [clientloop.c]
     unbreak tree by committing this bit that I missed from:
     Fix sending tty modes when stdin is not a tty (bz#1199). Previously
     we would send the modes corresponding to a zeroed struct termios,
     whereas we should have been sending an empty list of modes.
     Based on patch from daniel.ritz AT alcatel.ch; ok dtucker@@ markus@@ 

20080604
 - (djm) [openbsd-compat/bsd-arc4random.c] Fix math bug that caused bias
   in arc4random_uniform with upper_bound in (2^30,2*31). Note that 
   OpenSSH did not make requests with upper bounds in this range.

20080519
 - (djm) [configure.ac mux.c sftp.c openbsd-compat/Makefile.in]
   [openbsd-compat/fmt_scaled.c openbsd-compat/openbsd-compat.h]
   Fix compilation on Linux, including pulling in fmt_scaled(3)
   implementation from OpenBSD's libutil.

20080518
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/04/04 05:14:38
     [sshd_config.5]
     ChrootDirectory is supported in Match blocks (in fact, it is most useful
     there). Spotted by Minstrel AT minstrel.org.uk
   - djm@@cvs.openbsd.org 2008/04/04 06:44:26
     [sshd_config.5]
     oops, some unrelated stuff crept into that commit - backout.
     spotted by jmc@@
   - djm@@cvs.openbsd.org 2008/04/05 02:46:02
     [sshd_config.5]
     HostbasedAuthentication is supported under Match too
 - (djm) [openbsd-compat/bsd-arc4random.c openbsd-compat/openbsd-compat.c]
     [configure.ac] Implement arc4random_buf(), import implementation of
     arc4random_uniform() from OpenBSD
 - (djm) [openbsd-compat/bsd-arc4random.c] Warning fixes
 - (djm) [openbsd-compat/port-tun.c] needs sys/queue.h
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2008/04/13 00:22:17
     [dh.c sshd.c]
     Use arc4random_buf() when requesting more than a single word of output
     Use arc4random_uniform() when the desired random number upper bound
     is not a power of two
     ok deraadt@@ millert@@
   - djm@@cvs.openbsd.org 2008/04/18 12:32:11
     [sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c sftp.h]
     introduce sftp extension methods statvfs@@openssh.com and
     fstatvfs@@openssh.com that implement statvfs(2)-like operations,
     based on a patch from miklos AT szeredi.hu (bz#1399)
     also add a "df" command to the sftp client that uses the
     statvfs@@openssh.com to produce a df(1)-like display of filesystem
     space and inode utilisation
     ok markus@@
   - jmc@@cvs.openbsd.org 2008/04/18 17:15:47
     [sftp.1]
     macro fixage;
   - djm@@cvs.openbsd.org 2008/04/18 22:01:33
     [session.c]
     remove unneccessary parentheses
   - otto@@cvs.openbsd.org 2008/04/29 11:20:31
     [monitor_mm.h]
     garbage collect two unused fields in struct mm_master; ok markus@@
   - djm@@cvs.openbsd.org 2008/04/30 10:14:03
     [ssh-keyscan.1 ssh-keyscan.c]
     default to rsa (protocol 2) keys, instead of rsa1 keys; spotted by
     larsnooden AT openoffice.org
   - pyr@@cvs.openbsd.org 2008/05/07 05:49:37
     [servconf.c servconf.h session.c sshd_config.5]
     Enable the AllowAgentForwarding option in sshd_config (global and match
     context), to specify if agents should be permitted on the server.
     As the man page states:
     ``Note that disabling Agent forwarding does not improve security
     unless users are also denied shell access, as they can always install
     their own forwarders.''
     ok djm@@, ok and a mild frown markus@@
   - pyr@@cvs.openbsd.org 2008/05/07 06:43:35
     [sshd_config]
     push the sshd_config bits in, spotted by ajacoutot@@
   - jmc@@cvs.openbsd.org 2008/05/07 08:00:14
     [sshd_config.5]
     sort;
   - markus@@cvs.openbsd.org 2008/05/08 06:59:01
     [bufaux.c buffer.h channels.c packet.c packet.h]
     avoid extra malloc/copy/free when receiving data over the net;
     ~10% speedup for localhost-scp; ok djm@@
   - djm@@cvs.openbsd.org 2008/05/08 12:02:23
     [auth-options.c auth1.c channels.c channels.h clientloop.c gss-serv.c]
     [monitor.c monitor_wrap.c nchan.c servconf.c serverloop.c session.c]
     [ssh.c sshd.c]
     Implement a channel success/failure status confirmation callback
     mechanism. Each channel maintains a queue of callbacks, which will
     be drained in order (RFC4253 guarantees confirm messages are not
     reordered within an channel).
     Also includes a abandonment callback to clean up if a channel is
     closed without sending confirmation messages. This probably
     shouldn't happen in compliant implementations, but it could be
     abused to leak memory.
     ok markus@@ (as part of a larger diff)
   - djm@@cvs.openbsd.org 2008/05/08 12:21:16
     [monitor.c monitor_wrap.c session.h servconf.c servconf.h session.c]
     [sshd_config sshd_config.5]
     Make the maximum number of sessions run-time controllable via
     a sshd_config MaxSessions knob. This is useful for disabling
     login/shell/subsystem access while leaving port-forwarding working
     (MaxSessions 0), disabling connection multiplexing (MaxSessions 1) or
     simply increasing the number of allows multiplexed sessions.
     Because some bozos are sure to configure MaxSessions in excess of the
     number of available file descriptors in sshd (which, at peak, might be
     as many as 9*MaxSessions), audit sshd to ensure that it doesn't leak fds
     on error paths, and make it fail gracefully on out-of-fd conditions -
     sending channel errors instead of than exiting with fatal().
     bz#1090; MaxSessions config bits and manpage from junyer AT gmail.com
     ok markus@@
   - djm@@cvs.openbsd.org 2008/05/08 13:06:11
     [clientloop.c clientloop.h ssh.c]
     Use new channel status confirmation callback system to properly deal
     with "important" channel requests that fail, in particular command exec,
     shell and subsystem requests. Previously we would optimistically assume
     that the requests would always succeed, which could cause hangs if they
     did not (e.g. when the server runs out of fds) or were unimplemented by
     the server (bz #1384)
     Also, properly report failing multiplex channel requests via the mux
     client stderr (subject to LogLevel in the mux master) - better than
     silently failing.
     most bits ok markus@@ (as part of a larger diff)
   - djm@@cvs.openbsd.org 2008/05/09 04:55:56
     [channels.c channels.h clientloop.c serverloop.c]
     Try additional addresses when connecting to a port forward destination
     whose DNS name resolves to more than one address. The previous behaviour
     was to try the first address and give up.
     Reported by stig AT venaas.com in bz#343
     great feedback and ok markus@@
   - djm@@cvs.openbsd.org 2008/05/09 14:18:44
     [clientloop.c clientloop.h ssh.c mux.c]
     tidy up session multiplexing code, moving it into its own file and
     making the function names more consistent - making ssh.c and
     clientloop.c a fair bit more readable.
     ok markus@@
   - djm@@cvs.openbsd.org 2008/05/09 14:26:08
     [ssh.c]
     dingo stole my diff hunk
   - markus@@cvs.openbsd.org 2008/05/09 16:16:06
     [session.c]
     re-add the USE_PIPES code and enable it.
     without pipes shutdown-read from the sshd does not trigger
     a SIGPIPE when the forked program does a write.
     ok djm@@
     (Id sync only, USE_PIPES never left portable OpenSSH)
   - markus@@cvs.openbsd.org 2008/05/09 16:17:51
     [channels.c]
     error-fd race: don't enable the error fd in the select bitmask
     for channels with both in- and output closed, since the channel
     will go away before we call select();
     report, lots of debugging help and ok djm@@
   - markus@@cvs.openbsd.org 2008/05/09 16:21:13
     [channels.h clientloop.c nchan.c serverloop.c]
     unbreak
        ssh -2 localhost od /bin/ls | true
     ignoring SIGPIPE by adding a new channel message (EOW) that signals
     the peer that we're not interested in any data it might send.
     fixes bz #85; discussion, debugging and ok djm@@
   - pvalchev@@cvs.openbsd.org 2008/05/12 20:52:20
     [umac.c]
     Ensure nh_result lies on a 64-bit boundary (fixes warnings observed
     on Itanium on Linux); from Dale Talcott (bug #1462); ok djm@@
   - djm@@cvs.openbsd.org 2008/05/15 23:52:24
     [nchan2.ms]
     document eow message in ssh protocol 2 channel state machine;
     feedback and ok markus@@
   - djm@@cvs.openbsd.org 2008/05/18 21:29:05
     [sftp-server.c]
     comment extension announcement
   - djm@@cvs.openbsd.org 2008/05/16 08:30:42
     [PROTOCOL]
     document our protocol extensions and deviations; ok markus@@
   - djm@@cvs.openbsd.org 2008/05/17 01:31:56
     [PROTOCOL]
     grammar and correctness fixes from stevesk@@

20080403
 - (djm) [openbsd-compat/bsd-poll.c] Include stdlib.h to avoid compile-
   time warnings on LynxOS. Patch from ops AT iki.fi
 - (djm) Force string arguments to replacement setproctitle() though
   strnvis first. Ok dtucker@@

20080403
 - (djm) OpenBSD CVS sync:
   - markus@@cvs.openbsd.org 2008/04/02 15:36:51
     [channels.c]
     avoid possible hijacking of x11-forwarded connections (back out 1.183)
     CVE-2008-1483; ok djm@@
   - jmc@@cvs.openbsd.org 2008/03/27 22:37:57
     [sshd.8]
     remove trailing whitespace;
   - djm@@cvs.openbsd.org 2008/04/03 09:50:14
     [version.h]
     openssh-5.0
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Crank version numbers in RPM spec files
 - (djm) [README] Update link to release notes
 - (djm) Release 5.0p1

20080315
 - (djm) [regress/test-exec.sh] Quote putty-related variables in case they are
   empty; report and patch from Peter Stuge
 - (djm) [regress/test-exec.sh] Silence noise from detection of putty
   commands; report from Peter Stuge
 - (djm) [session.c] Relocate incorrectly-placed closefrom() that was causing
   crashes when used with ChrootDirectory


20080327
 - (dtucker) Cache selinux status earlier so we know if it's enabled after a
   chroot.  Allows ChrootDirectory to work with selinux support compiled in
   but not enabled.  Using it with selinux enabled will require some selinux
   support inside the chroot.  "looks sane" djm@@
 - (djm) Fix RCS ident in sftp-server-main.c
 - (djm) OpenBSD CVS sync:
   - jmc@@cvs.openbsd.org 2008/02/11 07:58:28
     [ssh.1 sshd.8 sshd_config.5]
     bump Mdocdate for pages committed in "febuary", necessary because
     of a typo in rcs.c;
   - deraadt@@cvs.openbsd.org 2008/03/13 01:49:53
     [monitor_fdpass.c]
     Correct CMSG_SPACE and CMSG_LEN usage everywhere in the tree. Due to
     an extensive discussion with otto, kettenis, millert, and hshoexer
   - deraadt@@cvs.openbsd.org 2008/03/15 16:19:02
     [monitor_fdpass.c]
     Repair the simple cases for msg_controllen where it should just be
     CMSG_SIZE(sizeof(int)), not sizeof(buffer) which may be larger because
     of alignment; ok kettenis hshoexer
   - djm@@cvs.openbsd.org 2008/03/23 12:54:01
     [sftp-client.c]
     prefer POSIX-style file renaming over filexfer rename behaviour if the
     server supports the posix-rename@@openssh.com extension.
     Note that the old (filexfer) behaviour would refuse to clobber an
     existing file. Users who depended on this should adjust their sftp(1)
     usage.
     ok deraadt@@ markus@@
   - deraadt@@cvs.openbsd.org 2008/03/24 16:11:07
     [monitor_fdpass.c]
     msg_controllen has to be CMSG_SPACE so that the kernel can account for
     each cmsg_len (ie. msg_controllen = sum of CMSG_ALIGN(cmsg_len).  This
     works now that kernel fd passing has been fixed to accept a bit of
     sloppiness because of this ABI repair.
     lots of discussion with kettenis
   - djm@@cvs.openbsd.org 2008/03/25 11:58:02
     [session.c sshd_config.5]
     ignore ~/.ssh/rc if a sshd_config ForceCommand is specified;
     from dtucker@@ ok deraadt@@ djm@@
   - djm@@cvs.openbsd.org 2008/03/25 23:01:41
     [session.c]
     last patch had backwards test; spotted by termim AT gmail.com
   - djm@@cvs.openbsd.org 2008/03/26 21:28:14
     [auth-options.c auth-options.h session.c sshd.8]
     add no-user-rc authorized_keys option to disable execution of ~/.ssh/rc
   - djm@@cvs.openbsd.org 2008/03/27 00:16:49
     [version.h]
     openssh-4.9
   - djm@@cvs.openbsd.org 2008/03/24 21:46:54
     [regress/sftp-badcmds.sh]
     disable no-replace rename test now that we prefer a POSIX rename; spotted
     by dkrause@@
 - (djm) [configure.ac] fix alignment of --without-stackprotect description
 - (djm) [configure.ac] --with-selinux too
 - (djm) [regress/Makefile] cleanup PuTTY interop test droppings
 - (djm) [README] Update link to release notes
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] Crank version numbers in RPM spec files
 - (djm) Release 4.9p1

20080315
 - (djm) [regress/test-exec.sh] Quote putty-related variables in case they are
   empty; report and patch from Peter Stuge
 - (djm) [regress/test-exec.sh] Silence noise from detection of putty
   commands; report from Peter Stuge
 - (djm) [session.c] Relocate incorrectly-placed closefrom() that was causing
   crashes when used with ChrootDirectory

20080314
 - (tim) [regress/sftp-cmds.sh] s/cd/lcd/ in lls test. Reported by
   vinschen at redhat.com. Add () to put echo commands in subshell for lls test
   I mistakenly left out of last commit.
 - (tim) [regress/localcommand.sh] Shell portability fix. Reported by imorgan at
   nas.nasa.gov

20080313
 - (djm) [Makefile.in regress/Makefile] Fix interop-tests target (note to
   self: make changes to Makefile.in next time, not the generated Makefile).
 - (djm) [Makefile.in regress/test-exec.sh] Find installed plink(1) and
   puttygen(1) by $PATH
 - (tim) [scp.c] Use poll.h if available, fall back to sys/poll.h if not. Patch
   by vinschen at redhat.com.
 - (tim) [regress/sftp-cmds.sh regress/ssh2putty.sh] Shell portability fixes
   from vinschen at redhat.com and imorgan at nas.nasa.gov

20080312
 - (djm) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2007/10/29 06:57:13
     [regress/Makefile regress/localcommand.sh]
     Add simple regress test for LocalCommand; ok djm@@
   - jmc@@cvs.openbsd.org 2007/11/25 15:35:09
     [regress/agent-getpeereid.sh regress/agent.sh]
     more existant -> existent, from Martynas Venckus;
     pfctl changes: ok henning
     ssh changes: ok deraadt
   - djm@@cvs.openbsd.org 2007/12/12 05:04:03
     [regress/sftp-cmds.sh]
     unbreak lls command and add a regress test that would have caught the
     breakage; spotted by mouring@@
     NB. sftp code change already committed.
   - djm@@cvs.openbsd.org 2007/12/21 04:13:53
     [regress/Makefile regress/test-exec.sh regress/putty-ciphers.sh]
     [regress/putty-kex.sh regress/putty-transfer.sh regress/ssh2putty.sh]
     basic (crypto, kex and transfer) interop regression tests against putty
     To run these, install putty and run "make interop-tests" from the build
     directory - the tests aren't run by default yet.

20080311
 - (dtucker) [auth-pam.c monitor.c session.c sshd.c] Bug #926: Move
   pam_open_session and pam_close_session into the privsep monitor, which
   will ensure that pam_session_close is called as root.  Patch from Tomas
   Mraz.

20080309
 - (dtucker) [configure.ac] It turns out gcc's -fstack-protector-all doesn't
   always work for all platforms and versions, so test what we can and
   add a configure flag to turn it of if needed.  ok djm@@
 - (dtucker) [openbsd-compat/port-aix.{c,h}] Remove AIX specific initgroups
   implementation.  It's not needed to fix bug #1081 and breaks the build
   on some AIX configurations.
 - (dtucker) [openbsd-compat/regress/strtonumtest.c] Bug #1347: Use platform's
   equivalent of LLONG_MAX for the compat regression tests, which makes them
   run on AIX and HP-UX.  Patch from David Leonard.
 - (dtucker) [configure.ac] Run stack-protector tests with -Werror to catch
   platforms where gcc understands the option but it's not supported (and
   thus generates a warning).

20080307
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2008/02/11 07:58:28
     [ssh.1 sshd.8 sshd_config.5]
     bump Mdocdate for pages committed in "febuary", necessary because
     of a typo in rcs.c;
   - djm@@cvs.openbsd.org 2008/02/13 22:38:17
     [servconf.h session.c sshd.c]
     rekey arc4random and OpenSSL RNG in postauth child
     closefrom fds > 2 before shell/command execution
     ok markus@@
   - mbalmer@@cvs.openbsd.org 2008/02/14 13:10:31
     [sshd.c]
     When started in configuration test mode (-t) do not check that sshd is
     being started with an absolute path.
     ok djm
   - markus@@cvs.openbsd.org 2008/02/20 15:25:26
     [session.c]
     correct boolean encoding for coredump; der Mouse via dugsong
   - djm@@cvs.openbsd.org 2008/02/22 05:58:56
     [session.c]
     closefrom() call was too early, delay it until just before we execute
     the user's rc files (if any).
   - dtucker@@cvs.openbsd.org 2008/02/22 20:44:02
     [clientloop.c packet.c packet.h serverloop.c]
     Allow all SSH2 packet types, including UNIMPLEMENTED to reset the
     keepalive timer (bz #1307).  ok markus@@
   - djm@@cvs.openbsd.org 2008/02/27 20:21:15
     [sftp-server.c]
     add an extension method "posix-rename@@openssh.com" to perform POSIX atomic
     rename() operations. based on patch from miklos AT szeredi.hu in bz#1400;
     ok dtucker@@ markus@@
   - deraadt@@cvs.openbsd.org 2008/03/02 18:19:35
     [monitor_fdpass.c]
     use a union to ensure alignment of the cmsg (pay attention: various other
     parts of the tree need this treatment too); ok djm
   - deraadt@@cvs.openbsd.org 2008/03/04 21:15:42
     [version.h]
     crank version; from djm
 - (tim) [regress/sftp-glob.sh] Shell portability fix.

20080302
 - (dtucker) [configure.ac] FreeBSD's glob() doesn't behave the way we expect
   either, so use our own.

20080229
 - (dtucker) [openbsd-compat/bsd-poll.c] We don't check for select(2) in
   configure (and there's not much point, as openssh won't work without it)
   so HAVE_SELECT is not defined and the poll(2) compat code doesn't get
   built in.  Remove HAVE_SELECT so we can build on platforms without poll.
 - (dtucker) [scp.c] Include sys/poll.h inside HAVE_SYS_POLL_H.
 - (djm) [contrib/gnome-ssh-askpass2.h] Keep askpass windown on top. From
   Debian patch via bernd AT openbsd.org

20080228
 - (dtucker) [configure.ac] Add -fstack-protector to LDFLAGS too, fixes
   linking problems on AIX with gcc 4.1.x.
 - (dtucker) [includes.h ssh-add.c ssh-agent.c ssh-keygen.c ssh.c sshd.c
   openbsd-compat/openssl-compat.{c,h}] Bug #1437 Move the OpenSSL compat
   header to after OpenSSL headers, since some versions of OpenSSL have
   SSLeay_add_all_algorithms as a macro already.
 - (dtucker) [key.c defines.h openbsd-compat/openssl-compat.h] Move old OpenSSL
   compat glue into openssl-compat.h.
 - (dtucker) [configure.ac openbsd-compat/port-aix.{c,h}] Bug #1081: Implement
   getgrouplist via getgrset on AIX, rather than iterating over getgrent.
   This allows, eg, Match and AllowGroups directives to work with NIS and
   LDAP groups.
 - (dtucker) [sshd.c] Bug #1042: make log messages for tcpwrappers use the
   same SyslogFacility as the rest of sshd.  Patch from William Knox,
   ok djm@@.

20080225
 - (dtucker) [openbsd-compat/fake-rfc2553.h] rename ssh_gai_strerror hack
   since it now conflicts with the helper function in misc.c.  From
   vinschen AT redhat.com.
 - (dtucker) [configure.ac audit-bsm.c] Bug #1420: Add a local implementation
   of aug_get_machine for systems that don't have their own (eg OS X, FreeBSD).
   Help and testing from csjp at FreeBSD org, vgiffin at apple com.  ok djm@@
 - (dtucker) [includes.h openbsd-compat/openssl-compat.c] Bug #1437: reshuffle
   headers so ./configure --with-ssl-engine actually works.  Patch from
   Ian Lister.

20080224
 - (tim) [contrib/cygwin/ssh-host-config]
   Grammar changes on SYSCONFDIR LOCALSTATEDIR messages.
   Check more thoroughly that it's possible to create the /var/empty directory.
   Patch by vinschen AT redhat.com

20080210
 - OpenBSD CVS Sync
   - chl@@cvs.openbsd.org 2008/01/11 07:22:28
     [sftp-client.c sftp-client.h]
     disable unused functions
     initially from tobias@@, but disabled them by placing them in
     "#ifdef notyet" which was asked by djm@@
     ok djm@@ tobias@@
   - djm@@cvs.openbsd.org 2008/01/19 19:13:28
     [ssh.1]
     satisfy the pedants: -q does not suppress all diagnostic messages (e.g.
     some commandline parsing warnings go unconditionally to stdout).
   - djm@@cvs.openbsd.org 2008/01/19 20:48:53
     [clientloop.c]
     fd leak on session multiplexing error path. Report and patch from
     gregory_shively AT fanniemae.com
   - djm@@cvs.openbsd.org 2008/01/19 20:51:26
     [ssh.c]
     ignore SIGPIPE in multiplex client mode - we can receive this if the
     server runs out of fds on us midway. Report and patch from
     gregory_shively AT fanniemae.com
   - djm@@cvs.openbsd.org 2008/01/19 22:04:57
     [sftp-client.c]
     fix remote handle leak in do_download() local file open error path;
     report and fix from sworley AT chkno.net
   - djm@@cvs.openbsd.org 2008/01/19 22:22:58
     [ssh-keygen.c]
     when hashing individual hosts (ssh-keygen -Hf hostname), make sure we
     hash just the specified hostname and not the entire hostspec from the
     keyfile. It may be of the form "hostname,ipaddr", which would lead to
     a hash that never matches. report and fix from jp AT devnull.cz
   - djm@@cvs.openbsd.org 2008/01/19 22:37:19
     [ssh-keygen.c]
     unbreak line numbering (broken in revision 1.164), fix error message
   - djm@@cvs.openbsd.org 2008/01/19 23:02:40
     [channels.c]
     When we added support for specified bind addresses for port forwards, we
     added a quirk SSH_OLD_FORWARD_ADDR. There is a bug in our handling of
     this for -L port forwards that causes the client to listen on both v4
     and v6 addresses when connected to a server with this quirk, despite
     having set 0.0.0.0 as a bind_address.
     report and patch from Jan.Pechanec AT Sun.COM; ok dtucker@@
   - djm@@cvs.openbsd.org 2008/01/19 23:09:49
     [readconf.c readconf.h sshconnect2.c]
     promote rekeylimit to a int64 so it can hold the maximum useful limit
     of 2^32; report and patch from Jan.Pechanec AT Sun.COM, ok dtucker@@
   - djm@@cvs.openbsd.org 2008/01/20 00:38:30
     [sftp.c]
     When uploading, correctly handle the case of an unquoted filename with
     glob metacharacters that match a file exactly but not as a glob, e.g. a
     file called "[abcd]". report and test cases from duncan2nd AT gmx.de
   - djm@@cvs.openbsd.org 2008/01/21 17:24:30
     [sftp-server.c]
     Remove the fixed 100 handle limit in sftp-server and allocate as many
     as we have available file descriptors. Patch from miklos AT szeredi.hu;
     ok dtucker@@ markus@@
   - djm@@cvs.openbsd.org 2008/01/21 19:20:17
     [sftp-client.c]
     when a remote write error occurs during an upload, ensure that ACKs for
     all issued requests are properly drained. patch from t8m AT centrum.cz
   - dtucker@@cvs.openbsd.org 2008/01/23 01:56:54
     [clientloop.c packet.c serverloop.c]
     Revert the change for bz #1307 as it causes connection aborts if an IGNORE
     packet arrives while we're waiting in packet_read_expect (and possibly
     elsewhere).
   - jmc@@cvs.openbsd.org 2008/01/31 20:06:50
     [scp.1]
     explain how to handle local file names containing colons;
     requested by Tamas TEVESZ
     ok dtucker
   - markus@@cvs.openbsd.org 2008/02/04 21:53:00
     [session.c sftp-server.c sftp.h]
     link sftp-server into sshd; feedback and ok djm@@
   - mcbride@@cvs.openbsd.org 2008/02/09 12:15:43
     [ssh.1 sshd.8]
     Document the correct permissions for the ~/.ssh/ directory.
     ok jmc
   - djm@@cvs.openbsd.org 2008/02/10 09:55:37
     [sshd_config.5]
     mantion that "internal-sftp" is useful with ForceCommand too
   - djm@@cvs.openbsd.org 2008/02/10 10:54:29
     [servconf.c session.c]
     delay ~ expansion for ChrootDirectory so it expands to the logged-in user's
     home, rather than the user who starts sshd (probably root)

20080119
 - (djm) Silence noice from expr in ssh-copy-id; patch from
   mikel AT mikelward.com
 - (djm) Only listen for IPv6 connections on AF_INET6 sockets; patch from
   tsr2600 AT gmail.com

20080102
 - (dtucker) [configure.ac] Fix message for -fstack-protector-all test.

20080101
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2007/12/31 10:41:31
     [readconf.c servconf.c]
     Prevent strict-aliasing warnings on newer gcc versions.  bz #1355, patch
     from Dmitry V. Levin, ok djm@@
   - dtucker@@cvs.openbsd.org 2007/12/31 15:27:04
     [sshd.c]
     When in inetd mode, have sshd generate a Protocol 1 ephemeral server
     key only for connections where the client chooses Protocol 1 as opposed
     to when it's enabled in the server's config.  Speeds up Protocol 2
     connections to inetd-mode servers that also allow Protocol 1.  bz #440,
     based on a patch from bruno at wolff.to, ok markus@@
   - dtucker@@cvs.openbsd.org 2008/01/01 08:47:04
     [misc.c]
     spaces -> tabs from my previous commit
   - dtucker@@cvs.openbsd.org 2008/01/01 09:06:39
     [scp.c]
     If scp -p encounters a pre-epoch timestamp, use the epoch which is
     as close as we can get given that it's used unsigned.  Add a little
     debugging while there.  bz #828, ok djm@@
   - dtucker@@cvs.openbsd.org 2008/01/01 09:27:33
     [sshd_config.5 servconf.c]
     Allow PermitRootLogin in a Match block.  Allows for, eg, permitting root
     only from the local network.  ok markus@@, man page bit ok jmc@@
   - dtucker@@cvs.openbsd.org 2008/01/01 08:51:20
     [moduli]
     Updated moduli file; ok djm@@

20071231
 - (dtucker) [configure.ac openbsd-compat/glob.{c,h}] Bug #1407: force use of
   builtin glob implementation on Mac OS X.  Based on a patch from
   vgiffin at apple.

20071229
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2007/12/12 05:04:03
     [sftp.c]
     unbreak lls command and add a regress test that would have caught the
     breakage; spotted by mouring@@
   - dtucker@@cvs.openbsd.org 2007/12/27 14:22:08
     [servconf.c canohost.c misc.c channels.c sshconnect.c misc.h ssh-keyscan.c
      sshd.c]
     Add a small helper function to consistently handle the EAI_SYSTEM error
     code of getaddrinfo.  Prompted by vgiffin at apple com via bz #1417.
     ok markus@@ stevesk@@
   - dtucker@@cvs.openbsd.org 2007/12/28 15:32:24
     [clientloop.c serverloop.c packet.c]
     Make SSH2_MSG_UNIMPLEMENTED and SSH2_MSG_IGNORE messages reset the
     ServerAlive and ClientAlive timers.  Prevents dropping a connection
     when these are enabled but the peer does not support our keepalives.
     bz #1307, ok djm@@.
   - dtucker@@cvs.openbsd.org 2007/12/28 22:34:47
     [clientloop.c]
     Use the correct packet maximum sizes for remote port and agent forwarding.
     Prevents the server from killing the connection if too much data is queued
     and an excessively large packet gets sent.  bz #1360, ok djm@@.

20071202
 - (dtucker) [configure.ac] Enable -fstack-protector-all on systems where
   gcc supports it.  ok djm@@
 - (dtucker) [scp.c] Update $OpenBSD tag missing from rev 1.175 and remove
   leftover debug code.
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2007/10/29 00:52:45
     [auth2-gss.c]
     Allow build without -DGSSAPI; ok deraadt@@
     (Id sync only, Portable already has the ifdefs)
   - dtucker@@cvs.openbsd.org 2007/10/29 01:55:04
     [ssh.c]
     Plug tiny mem leaks in ControlPath and ProxyCommand option processing;
     ok djm@@
   - dtucker@@cvs.openbsd.org 2007/10/29 04:08:08
     [monitor_wrap.c monitor.c]
     Send config block back to slave for invalid users too so options
     set by a Match block (eg Banner) behave the same for non-existent
     users.  Found by and ok djm@@
   - dtucker@@cvs.openbsd.org 2007/10/29 06:51:59
     [ssh_config.5]
     ProxyCommand and LocalCommand use the user's shell, not /bin/sh; ok djm@@
   - dtucker@@cvs.openbsd.org 2007/10/29 06:54:50
     [ssh.c]
     Make LocalCommand work for Protocol 1 too; ok djm@@
   - jmc@@cvs.openbsd.org 2007/10/29 07:48:19
     [ssh_config.5]
     clean up after previous macro removal;
   - djm@@cvs.openbsd.org 2007/11/03 00:36:14
     [clientloop.c]
     fix memory leak in process_cmdline(), patch from Jan.Pechanec AT Sun.COM;
     ok dtucker@@
   - deraadt@@cvs.openbsd.org 2007/11/03 01:24:06
     [ssh.c]
     bz #1377: getpwuid results were being clobbered by another getpw* call
     inside tilde_expand_filename(); save the data we need carefully
     ok djm
   - dtucker@@cvs.openbsd.org 2007/11/03 02:00:32
     [ssh.c]
     Use xstrdup/xfree when saving pwname and pwdir; ok deraadt@@
   - deraadt@@cvs.openbsd.org 2007/11/03 02:03:49
     [ssh.c]
     avoid errno trashing in signal handler; ok dtucker

20071030
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2007/10/29 23:49:41
     [openbsd-compat/sys-tree.h]
     remove extra backslash at the end of RB_PROTOTYPE, report from
     Jan.Pechanec AT Sun.COM; ok deraadt@@

20071026
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2007/09/11 23:49:09
     [sshpty.c]
     remove #if defined block not needed; ok markus@@ dtucker@@
     (NB. RCD ID sync only for portable)
   - djm@@cvs.openbsd.org 2007/09/21 03:05:23
     [ssh_config.5]
     document KbdInteractiveAuthentication in ssh_config.5;
     patch from dkg AT fifthhorseman.net
   - djm@@cvs.openbsd.org 2007/09/21 08:15:29
     [auth-bsdauth.c auth-passwd.c auth.c auth.h auth1.c auth2-chall.c]
     [monitor.c monitor_wrap.c]
     unifdef -DBSD_AUTH
     unifdef -USKEY
     These options have been in use for some years;
     ok markus@@ "no objection" millert@@
     (NB. RCD ID sync only for portable)
   - canacar@@cvs.openbsd.org 2007/09/25 23:48:57
     [ssh-agent.c]
     When adding a key that already exists, update the properties
     (time, confirm, comment) instead of discarding them. ok djm@@ markus@@
   - ray@@cvs.openbsd.org 2007/09/27 00:15:57
     [dh.c]
     Don't return -1 on error in dh_pub_is_valid(), since it evaluates
     to true.
     Also fix a typo.
     Initial diff from Matthew Dempsky, input from djm.
     OK djm, markus.
   - dtucker@@cvs.openbsd.org 2007/09/29 00:25:51
     [auth2.c]
     Remove unused prototype.  ok djm@@
   - chl@@cvs.openbsd.org 2007/10/02 17:49:58
     [ssh-keygen.c]
     handles zero-sized strings that fgets can return
     properly removes trailing newline
     removes an unused variable
     correctly counts line number
     "looks ok" ray@@ markus@@
   - markus@@cvs.openbsd.org 2007/10/22 19:10:24
     [readconf.c]
     make sure that both the local and remote port are correct when
     parsing -L; Jan Pechanec (bz #1378)
   - djm@@cvs.openbsd.org 2007/10/24 03:30:02
     [sftp.c]
     rework argument splitting and parsing to cope correctly with common
     shell escapes and make handling of escaped characters consistent
     with sh(1) and between sftp commands (especially between ones that
     glob their arguments and ones that don't).
     parse command flags using getopt(3) rather than hand-rolled parsers.
     ok dtucker@@
  - djm@@cvs.openbsd.org 2007/10/24 03:44:02
     [scp.c]
     factor out network read/write into an atomicio()-like function, and
     use it to handle short reads, apply bandwidth limits and update
     counters. make network IO non-blocking, so a small trickle of
     reads/writes has a chance of updating the progress meter; bz #799
     ok dtucker@@
   - djm@@cvs.openbsd.org 2006/08/29 09:44:00
     [regress/sftp-cmds.sh]
     clean up our mess
   - markus@@cvs.openbsd.org 2006/11/06 09:27:43
     [regress/cfgmatch.sh]
     fix quoting for non-(c)sh login shells.
   - dtucker@@cvs.openbsd.org 2006/12/13 08:36:36
     [regress/cfgmatch.sh]
     Additional test for multiple PermitOpen entries.  ok djm@@
   - pvalchev@@cvs.openbsd.org 2007/06/07 19:41:46
     [regress/cipher-speed.sh regress/try-ciphers.sh]
     test umac-64@@openssh.com
     ok djm@@
   - djm@@cvs.openbsd.org 2007/10/24 03:32:35
     [regress/sftp-cmds.sh regress/sftp-glob.sh regress/test-exec.sh]
     comprehensive tests for sftp escaping its interaction with globbing;
     ok dtucker@@
   - djm@@cvs.openbsd.org 2007/10/26 05:30:01
     [regress/sftp-glob.sh regress/test-exec.sh]
     remove "echo -E" crap that I added in last commit and use printf(1) for
     cases where we strictly require echo not to reprocess escape characters.
   - deraadt@@cvs.openbsd.org 2005/11/28 17:50:12
     [openbsd-compat/glob.c]
     unused arg in internal static API
   - jakob@@cvs.openbsd.org 2007/10/11 18:36:41
     [openbsd-compat/getrrsetbyname.c openbsd-compat/getrrsetbyname.h]
     use RRSIG instead of SIG for DNSSEC. ok djm@@
   - otto@@cvs.openbsd.org 2006/10/21 09:55:03
     [openbsd-compat/base64.c]
     remove calls to abort(3) that can't happen anyway; from
     <bret dot lambert at gmail.com>; ok millert@@ deraadt@@
   - frantzen@@cvs.openbsd.org 2004/04/24 18:11:46
     [openbsd-compat/sys-tree.h]
     sync to Niels Provos' version.  avoid unused variable warning in
     RB_NEXT()
   - tdeval@@cvs.openbsd.org 2004/11/24 18:10:42
     [openbsd-compat/sys-tree.h]
     typo
   - grange@@cvs.openbsd.org 2004/05/04 16:59:32
     [openbsd-compat/sys-queue.h]
     Remove useless ``elm'' argument from the SIMPLEQ_REMOVE_HEAD macro.
     This matches our SLIST behaviour and NetBSD's SIMPLEQ as well.
     ok millert krw deraadt
   - deraadt@@cvs.openbsd.org 2005/02/25 13:29:30
     [openbsd-compat/sys-queue.h]
     minor white spacing
   - otto@@cvs.openbsd.org 2005/10/17 20:19:42
     [openbsd-compat/sys-queue.h]
     Performing certain operations on queue.h data structurs produced
     funny results.  An example is calling  LIST_REMOVE on the same
     element twice. This will not fail, but result in a data structure
     referencing who knows what. Prevent these accidents by NULLing some
     fields on remove and replace. This way, either a panic or segfault
     will be produced on the faulty operation.
   - otto@@cvs.openbsd.org 2005/10/24 20:25:14
     [openbsd-compat/sys-queue.h]
     Partly backout. NOLIST, used in LISTs is probably interfering.
     requested by deraadt@@
   - otto@@cvs.openbsd.org 2005/10/25 06:37:47
     [openbsd-compat/sys-queue.h]
     Some uvm problem is being exposed with the more strict macros.
     Revert until we've found out what's causing the panics.
   - otto@@cvs.openbsd.org 2005/11/25 08:06:25
     [openbsd-compat/sys-queue.h]
     Introduce debugging aid for queue macros. Disabled by default; but
     developers are encouraged to run with this enabled.
     ok krw@@ fgsch@@ deraadt@@
   - otto@@cvs.openbsd.org 2007/04/30 18:42:34
     [openbsd-compat/sys-queue.h]
     Enable QUEUE_MACRO_DEBUG on DIAGNOSTIC kernels.
     Input and okays from krw@@, millert@@, otto@@, deraadt@@, miod@@.
   - millert@@cvs.openbsd.org 2004/10/07 16:56:11
     GLOB_NOESCAPE is POSIX so move it out of the #ifndef _POSIX_SOURCE
     block.
     (NB. mostly an RCS ID sync, as portable strips out the conditionals)
 - (djm) [regress/sftp-cmds.sh]
   Use more restrictive glob to pick up test files from /bin - some platforms
   ship broken symlinks there which could spoil the test.
 - (djm) [openbsd-compat/bindresvport.c]
   Sync RCS ID after irrelevant (for portable OpenSSH) header shuffling

20070927
 - (dtucker) [configure.ac atomicio.c] Fall back to including <sys/poll.h> if
   we don't have <poll.h> (eq QNX).  From bacon at cs nyu edu.
 - (dtucker) [configure.ac defines.h] Shadow expiry does not work on QNX6
   so disable it for that platform.  From bacon at cs nyu edu.

20070921
 - (djm) [atomicio.c] Fix spin avoidance for platforms that define
   EWOULDBLOCK; patch from ben AT psc.edu

20070917
 - (djm) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2007/08/23 02:49:43
     [auth-passwd.c auth.c session.c]
     unifdef HAVE_LOGIN_CAP; ok deraadt@@ millert@@
     NB. RCS ID sync only for portable
   - djm@@cvs.openbsd.org 2007/08/23 02:55:51
     [auth-passwd.c auth.c session.c]
     missed include bits from last commit
     NB. RCS ID sync only for portable
   - djm@@cvs.openbsd.org 2007/08/23 03:06:10
     [auth.h]
     login_cap.h doesn't belong here
     NB. RCS ID sync only for portable
   - djm@@cvs.openbsd.org 2007/08/23 03:22:16
     [auth2-none.c sshd_config sshd_config.5]
     Support "Banner=none" to disable displaying of the pre-login banner;
     ok dtucker@@ deraadt@@
   - djm@@cvs.openbsd.org 2007/08/23 03:23:26
     [sshconnect.c]
     Execute ProxyCommands with $SHELL rather than /bin/sh unconditionally
   - djm@@cvs.openbsd.org 2007/09/04 03:21:03
     [clientloop.c monitor.c monitor_fdpass.c monitor_fdpass.h]
     [monitor_wrap.c ssh.c]
     make file descriptor passing code return an error rather than call fatal()
     when it encounters problems, and use this to make session multiplexing
     masters survive slaves failing to pass all stdio FDs; ok markus@@
   - djm@@cvs.openbsd.org 2007/09/04 11:15:56
     [ssh.c sshconnect.c sshconnect.h]
     make ssh(1)'s ConnectTimeout option apply to both the TCP connection and
     SSH banner exchange (previously it just covered the TCP connection).
     This allows callers of ssh(1) to better detect and deal with stuck servers
     that accept a TCP connection but don't progress the protocol, and also
     makes ConnectTimeout useful for connections via a ProxyCommand;
     feedback and "looks ok" markus@@
   - sobrado@@cvs.openbsd.org 2007/09/09 11:38:01
     [ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.c]
     sort synopsis and options in ssh-agent(1); usage is lowercase
     ok jmc@@
   - stevesk@@cvs.openbsd.org 2007/09/11 04:36:29
     [sshpty.c]
     sort #include
     NB. RCS ID sync only
   - gilles@@cvs.openbsd.org 2007/09/11 15:47:17
     [session.c ssh-keygen.c sshlogin.c]
     use strcspn to properly overwrite '\n' in fgets returned buffer
     ok pyr@@, ray@@, millert@@, moritz@@, chl@@
   - stevesk@@cvs.openbsd.org 2007/09/11 23:49:09
     [sshpty.c]
     remove #if defined block not needed; ok markus@@ dtucker@@
     NB. RCS ID sync only
   - stevesk@@cvs.openbsd.org 2007/09/12 19:39:19
     [umac.c]
     use xmalloc() and xfree(); ok markus@@ pvalchev@@
   - djm@@cvs.openbsd.org 2007/09/13 04:39:04
     [sftp-server.c]
     fix incorrect test when setting syslog facility; from Jan Pechanec
   - djm@@cvs.openbsd.org 2007/09/16 00:55:52
     [sftp-client.c]
     use off_t instead of u_int64_t for file offsets, matching what the
     progressmeter code expects; bz #842
 - (tim) [defines.h] Fix regression in long password support on OpenServer 6.
   Problem report and additional testing rac AT tenzing.org.

20070914
 - (dtucker) [openbsd-compat/bsd-asprintf.c] Plug mem leak in error path.
   Patch from Jan.Pechanec at sun com.

20070910
 - (dtucker) [openbsd-compat/regress/closefromtest.c] Bug #1358: Always
   return 0 on successful test.  From David.Leonard at quest com.
 - (tim) [configure.ac] Autoconf didn't define HAVE_LIBIAF because we
   did a AC_CHECK_FUNCS within the AC_CHECK_LIB test.

20070817
 - (dtucker) [sshd.8] Many Linux variants use a single "!" to denote locked
   accounts and that's what the code looks for, so make man page and code
   agree.  Pointed out by Roumen Petrov.
 - (dtucker) [INSTALL] Group the parts describing random options and PAM
   implementations together which is hopefully more coherent.
 - (dtucker) [INSTALL] the pid file is sshd.pid not ssh.pid.
 - (dtucker) [INSTALL] Give PAM its own heading.
 - (dtucker) [INSTALL] Link to tcpwrappers.

20070816
 - (dtucker) [session.c] Call PAM cleanup functions for unauthenticated
   connections too.  Based on a patch from Sandro Wefel, with & ok djm@@

20070815
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2007/08/15 08:14:46
     [clientloop.c]
     do NOT fall back to the trused x11 cookie if generation of an untrusted
     cookie fails; from Jan Pechanec, via security-alert at sun.com;
     ok dtucker
   - markus@@cvs.openbsd.org 2007/08/15 08:16:49
     [version.h]
     openssh 4.7
   - stevesk@@cvs.openbsd.org 2007/08/15 12:13:41
     [ssh_config.5]
     tun device forwarding now honours ExitOnForwardFailure; ok markus@@
 - (dtucker) [openbsd-compat/bsd-cray.c] Remove debug from signal handler.
   ok djm@@
 - (dtucker) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec
   contrib/suse/openssh.spec] Crank version.

20070813
 - (dtucker) [session.c] Bug #1339: ensure that pam_setcred() is always
   called with PAM_ESTABLISH_CRED at least once, which resolves a problem
   with pam_dhkeys.  Patch from David Leonard, ok djm@@

20070810
 - (dtucker) [auth-pam.c] Use sigdie here too.  ok djm@@
 - (dtucker) [configure.ac] Bug #1343: Set DISABLE_FD_PASSING for QNX6. From 
   Matt Kraai, ok djm@@ 

20070809
 - (dtucker) [openbsd-compat/port-aix.c] Comment typo.
 - (dtucker) [README.platform] Document the interaction between PermitRootLogin
   and the AIX native login restrictions.
 - (dtucker) [defines.h] Remove _PATH_{CSHELL,SHELLS} which aren't
   used anywhere and are a potential source of warnings.

20070808
 - (djm) OpenBSD CVS Sync
   - ray@@cvs.openbsd.org 2007/07/12 05:48:05
     [key.c]
     Delint: remove some unreachable statements, from Bret Lambert.
     OK markus@@ and dtucker@@.
   - sobrado@@cvs.openbsd.org 2007/08/06 19:16:06
     [scp.1 scp.c]
     the ellipsis is not an optional argument; while here, sync the usage
     and synopsis of commands
     lots of good ideas by jmc@@
     ok jmc@@
   - djm@@cvs.openbsd.org 2007/08/07 07:32:53
     [clientloop.c clientloop.h ssh.c]
     bz#1232: ensure that any specified LocalCommand is executed after the
     tunnel device is opened. Also, make failures to open a tunnel device
     fatal when ExitOnForwardFailure is active.
     Reported by h.goebel AT goebel-consult.de; ok dtucker markus reyk deraadt

20070724
 - (tim) [openssh.xml.in] make FMRI match what package scripts use.
 - (tim) [openbsd-compat/regress/closefromtest.c] Bug 1345: fix open() call.
   Report/patch by David.Leonard AT quest.com (and Bernhard Simon)
 - (tim) [buildpkg.sh.in openssh.xml.in] Allow more flexibility where smf(5)
 - (tim) [buildpkg.sh.in] s|$FAKE_ROOT/${sysconfdir}|$FAKE_ROOT${sysconfdir}|

20070628
 - (djm) bz#1325: Fix SELinux in permissive mode where it would
   incorrectly fatal() on errors. patch from cjwatson AT debian.org;
   ok dtucker

20070625
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2007/06/13 00:21:27
     [scp.c]
     don't ftruncate() non-regular files; bz#1236 reported by wood AT
     xmission.com; ok dtucker@@
   - djm@@cvs.openbsd.org 2007/06/14 21:43:25
     [ssh.c]
     handle EINTR when waiting for mux exit status properly
   - djm@@cvs.openbsd.org 2007/06/14 22:48:05
     [ssh.c]
     when waiting for the multiplex exit status, read until the master end
     writes an entire int of data *and* closes the client_fd; fixes mux
     regression spotted by dtucker, ok dtucker@@
   - djm@@cvs.openbsd.org 2007/06/19 02:04:43
     [atomicio.c]
     if the fd passed to atomicio/atomiciov() is non blocking, then poll() to
     avoid a spin if it is not yet ready for reading/writing; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2007/06/25 08:20:03
     [channels.c]
     Correct test for window updates every three packets; prevents sending
     window updates for every single packet.  ok markus@@
   - dtucker@@cvs.openbsd.org 2007/06/25 12:02:27
     [atomicio.c]
     Include <poll.h> like the man page says rather than <sys/poll.h>.  ok djm@@
 - (dtucker) [atomicio.c] Test for EWOULDBLOCK in atomiciov to match
   atomicio.
 - (dtucker) [atomicio.c configure.ac openbsd-compat/Makefile.in
   openbsd-compat/bsd-poll.{c,h} openbsd-compat/openbsd-compat.h]
   Add an implementation of poll() built on top of select(2).  Code from
   OpenNTPD with changes suggested by djm.  ok djm@@

20070614
 - (dtucker) [cipher-ctr.c umac.c openbsd-compat/openssl-compat.h] Move the
   USE_BUILTIN_RIJNDAEL compat goop to openssl-compat.h so it can be
   shared with umac.c.  Allows building with OpenSSL 0.9.5 again including
   umac support.  With tim@@ djm@@, ok djm.
 - (dtucker) [openbsd-compat/openssl-compat.h] Merge USE_BUILTIN_RIJNDAEL
   sections.  Fixes builds with early OpenSSL 0.9.6 versions.
 - (dtucker) [openbsd-compat/openssl-compat.h] Remove redundant definition
   of USE_BUILTIN_RIJNDAEL since the <0.9.6 test is covered by the
   subsequent <0.9.7 test.

20070612
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2007/06/11 09:14:00
     [channels.h]
     increase default channel windows; ok djm
   - djm@@cvs.openbsd.org 2007/06/12 07:41:00
     [ssh-add.1]
     better document ssh-add's -d option (delete identies from agent), bz#1224
     new text based on some provided by andrewmc-debian AT celt.dias.ie;
     ok dtucker@@
   - djm@@cvs.openbsd.org 2007/06/12 08:20:00
     [ssh-gss.h gss-serv.c gss-genr.c]
     relocate server-only GSSAPI code from libssh to server; bz #1225
     patch from simon AT sxw.org.uk; ok markus@@ dtucker@@
   - djm@@cvs.openbsd.org 2007/06/12 08:24:20
     [scp.c]
     make scp try to skip FIFOs rather than blocking when nothing is listening.
     depends on the platform supporting sane O_NONBLOCK semantics for open
     on FIFOs (apparently POSIX does not mandate this), which OpenBSD does.
     bz #856; report by cjwatson AT debian.org; ok markus@@
   - djm@@cvs.openbsd.org 2007/06/12 11:11:08
     [ssh.c]
     fix slave exit value when a control master goes away without passing the
     full exit status by ensuring that the slave reads a full int. bz#1261
     reported by frekko AT gmail.com; ok markus@@ dtucker@@
   - djm@@cvs.openbsd.org 2007/06/12 11:15:17
     [ssh.c ssh.1]
     Add "-K" flag for ssh to set GSSAPIAuthentication=yes and
     GSSAPIDelegateCredentials=yes. This is symmetric with -k (disable GSSAPI)
     and is useful for hosts with /home on Kerberised NFS; bz #1312
     patch from Markus.Kuhn AT cl.cam.ac.uk; ok dtucker@@ markus@@
   - djm@@cvs.openbsd.org 2007/06/12 11:45:27
     [ssh.c]
     improved exit message from multiplex slave sessions; bz #1262
     reported by alexandre.nunes AT gmail.com; ok dtucker@@
   - dtucker@@cvs.openbsd.org 2007/06/12 11:56:15
     [gss-genr.c]
     Pass GSS OID to gss_display_status to provide better information in
     error messages.  Patch from Simon Wilkinson via bz 1220.  ok djm@@
   - jmc@@cvs.openbsd.org 2007/06/12 13:41:03
     [ssh-add.1]
     identies -> identities;
   - jmc@@cvs.openbsd.org 2007/06/12 13:43:55
     [ssh.1]
     add -K to SYNOPSIS;
   - dtucker@@cvs.openbsd.org 2007/06/12 13:54:28
     [scp.c]
     Encode filename with strnvis if the name contains a newline (which can't
     be represented in the scp protocol), from bz #891.  ok markus@@

20070611
 - (djm) Bugzilla #1306: silence spurious error messages from hang-on-exit
   fix; tested by dtucker@@ and jochen.kirn AT gmail.com
   - pvalchev@@cvs.openbsd.org 2007/06/07 19:37:34
     [kex.h mac.c mac.h monitor_wrap.c myproposal.h packet.c ssh.1]
     [ssh_config.5 sshd.8 sshd_config.5]
     Add a new MAC algorithm for data integrity, UMAC-64 (not default yet,
     must specify umac-64@@openssh.com). Provides about 20% end-to-end speedup
     compared to hmac-md5. Represents a different approach to message
     authentication to that of HMAC that may be beneficial if HMAC based on
     one of its underlying hash algorithms is found to be vulnerable to a
     new attack.  http://www.ietf.org/rfc/rfc4418.txt
     in conjunction with and OK djm@@
   - pvalchev@@cvs.openbsd.org 2007/06/08 04:40:40
     [ssh_config]
     Add a "MACs" line after "Ciphers" with the default MAC algorithms,
     to ease people who want to tweak both (eg. for performance reasons).
     ok deraadt@@ djm@@ dtucker@@
   - jmc@@cvs.openbsd.org 2007/06/08 07:43:46
     [ssh_config.5]
     put the MAC list into a display, like we do for ciphers,
     since groff has trouble handling wide lines;
   - jmc@@cvs.openbsd.org 2007/06/08 07:48:09
     [sshd_config.5]
     oops, here too: put the MAC list into a display, like we do for
     ciphers, since groff has trouble with wide lines;
   - markus@@cvs.openbsd.org 2007/06/11 08:04:44
     [channels.c]
     send 'window adjust' messages every tree packets and do not wait
     until 50% of the window is consumed.  ok djm dtucker
 - (djm) [configure.ac umac.c] If platform doesn't provide swap32(3), then
   fallback to provided bit-swizzing functions
 - (dtucker) [openbsd-compat/bsd-misc.c] According to the spec the "remainder"
   argument to nanosleep may be NULL.  Currently this never happens in OpenSSH,
   but check anyway in case this changes or the code gets used elsewhere.
 - (dtucker) [includes.h] Bug #1243: HAVE_PATHS -> HAVE_PATHS_H.  Should
   prevent warnings about redefinitions of various things in paths.h.
   Spotted by cartmanltd at hotmail.com.

20070605
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2007/05/22 10:18:52
     [sshd.c]
     zap double include; from p_nowaczyk AT o2.pl
     (not required in -portable, Id sync only)
   - djm@@cvs.openbsd.org 2007/05/30 05:58:13
     [kex.c]
     tidy: KNF, ARGSUSED and u_int
   - jmc@@cvs.openbsd.org 2007/05/31 19:20:16
     [scp.1 ssh_config.5 sftp-server.8 ssh-agent.1 sshd_config.5 sftp.1
     ssh-keygen.1 ssh-keyscan.1 ssh-add.1 sshd.8 ssh.1 ssh-keysign.8]
     convert to new .Dd format;
     (We will need to teach mdoc2man.awk to understand this too.)
   - djm@@cvs.openbsd.org 2007/05/31 23:34:29
     [packet.c]
     gc unreachable code; spotted by Tavis Ormandy
   - djm@@cvs.openbsd.org 2007/06/02 09:04:58
     [bufbn.c]
     memory leak on error path; from arnaud.lacombe.1 AT ulaval.ca
   - djm@@cvs.openbsd.org 2007/06/05 06:52:37
     [kex.c monitor_wrap.c packet.c mac.h kex.h mac.c]
     Preserve MAC ctx between packets, saving 2xhash calls per-packet.
     Yields around a 12-16% end-to-end speedup for arcfour256/hmac-md5
     patch from markus@@ tested dtucker@@ and myself, ok markus@@ and me (I'm
     committing at his request)
 - (dtucker) [mdoc2man.awk] Teach it to deal with $Mdocdate tags that
   OpenBSD's cvs now adds.
 - (dtucker) [mdoc2man.awk] Remove trailing "$" from Mdocdate regex so
   mindrot's cvs doesn't expand it on us.
 - (dtucker) [mdoc2man.awk] Add support for %R references, used for RFCs.

20070520
 - (dtucker) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2007/04/14 22:01:58
     [auth2.c]
     remove unused macro; from Dmitry V. Levin <ldv@@altlinux.org>
   - stevesk@@cvs.openbsd.org 2007/04/18 01:12:43
     [sftp-server.c]
     cast "%llu" format spec to (unsigned long long); do not assume a
     u_int64_t arg is the same as 'unsigned long long'.
     from Dmitry V. Levin <ldv@@altlinux.org>
     ok markus@@ 'Yes, that looks correct' millert@@
   - dtucker@@cvs.openbsd.org 2007/04/23 10:15:39
     [servconf.c]
     Remove debug() left over from development.  ok deraadt@@
   - djm@@cvs.openbsd.org 2007/05/17 07:50:31
     [log.c]
     save and restore errno when logging; ok deraadt@@
   - djm@@cvs.openbsd.org 2007/05/17 07:55:29
     [sftp-server.c]
     bz#1286 stop reading and processing commands when input or output buffer
     is nearly full, otherwise sftp-server would happily try to grow the
     input/output buffers past the maximum supported by the buffer API and
     promptly fatal()
     based on patch from Thue Janus Kristensen; feedback & ok dtucker@@
   - djm@@cvs.openbsd.org 2007/05/17 20:48:13
     [sshconnect2.c]
     fall back to gethostname() when the outgoing connection is not
     on a socket, such as is the case when ProxyCommand is used.
     Gives hostbased auth an opportunity to work; bz#616, report
     and feedback stuart AT kaloram.com; ok markus@@
   - djm@@cvs.openbsd.org 2007/05/17 20:52:13
     [monitor.c]
     pass received SIGINT from monitor to postauth child so it can clean
     up properly. bz#1196, patch from senthilkumar_sen AT hotpop.com;
     ok markus@@
   - jolan@@cvs.openbsd.org 2007/05/17 23:53:41
     [sshconnect2.c]
     djm owes me a vb and a tism cd for breaking ssh compilation
 - (dtucker) [auth-pam.c] malloc+memset -> calloc.  Patch from
   ldv at altlinux.org.
 - (dtucker) [auth-pam.c] Return empty string if fgets fails in
   sshpam_tty_conv.  Patch from ldv at altlinux.org.

20070509
 - (tim) [configure.ac] Bug #1287: Add missing test for ucred.h.

20070429
 - (dtucker) [openbsd-compat/bsd-misc.c] Include unistd.h and sys/types.h
   for select(2) prototype.
 - (dtucker) [auth-shadow.c loginrec.c] Include time.h for time(2) prototype.
 - (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Bug #1299: Use the
   platform's _res if it has one.  Should fix problem of DNSSEC record lookups
   on NetBSD as reported by Curt Sampson.
 - (dtucker) [openbsd-compat/xmmap.c] Include stdlib.h for mkstemp prototype.
 - (dtucker) [configure.ac defines.h] Have configure check for MAXSYMLINKS
   so we don't get redefinition warnings.
 - (dtucker) [openbsd-compat/xmmap.c] Include stdlib.h for mkstemp prototype.
 - (dtucker) [configure.ac defines.h] Prevent warnings about __attribute__
   __nonnull__ for versions of GCC that don't support it.
 - (dtucker) [configure.ac defines.h] Have configure check for offsetof
   to prevent redefinition warnings.

20070406
 - (dtucker) [INSTALL] Update the systems that have PAM as standard.  Link
   to OpenPAM too.
 - (dtucker) [INSTALL] prngd lives at sourceforge these days.

20070326
 - (tim) [auth.c configure.ac defines.h session.c openbsd-compat/port-uw.c
   openbsd-compat/port-uw.h openbsd-compat/xcrypt.c] Rework libiaf test/defines
   to account for IRIX having libiaf but not set_id(). Patch with & ok dtucker@@

20070325
 - (dtucker) [Makefile.in configure.ac] Replace single-purpose LIBSELINUX,
   LIBWRAP and LIBPAM variables in Makefile with the general-purpose
   SSHDLIBS.  "I like" djm@@

20070321
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2007/03/09 05:20:06
     [servconf.c sshd.c]
     Move C/R -> kbdint special case to after the defaults have been
     loaded, which makes ChallengeResponse default to yes again.  This
     was broken by the Match changes and not fixed properly subsequently.
     Found by okan at demirmen.com, ok djm@@ "please do it" deraadt@@
   - djm@@cvs.openbsd.org 2007/03/19 01:01:29
     [sshd_config]
     Disable the legacy SSH protocol 1 for new installations via
     a configuration override. In the future, we will change the
     server's default itself so users who need the legacy protocol
     will need to turn it on explicitly
   - dtucker@@cvs.openbsd.org 2007/03/19 12:16:42
     [ssh-agent.c]
     Remove the signal handler that checks if the agent's parent process
     has gone away, instead check when the select loop returns.  Record when
     the next key will expire when scanning for expired keys.  Set the select
     timeout to whichever of these two things happens next.  With djm@@, with &
     ok deraadt@@ markus@@
   - tedu@@cvs.openbsd.org 2007/03/20 03:56:12
     [readconf.c clientloop.c]
     remove some bogus *p tests from charles longeau
     ok deraadt millert
   - jmc@@cvs.openbsd.org 2007/03/20 15:57:15
     [sshd.8]
     - let synopsis and description agree for -f
     - sort FILES
     - +.Xr ssh-keyscan 1 ,
     from Igor Sobrado
 - (dtucker) [configure.ac openbsd-compat/bsd-getpeereid.c] Bug #1287: Use
   getpeerucred to implement getpeereid (currently only Solaris 10 and up).
   Patch by Jan.Pechanec at Sun.
 - (dtucker) [regress/agent-getpeereid.sh] Do peereid test if we have
   HAVE_GETPEERUCRED too.  Also from Jan Pechanec.

20070313
 - (dtucker) [entropy.c scard-opensc.c ssh-rand-helper.c] Bug #1294: include
   string.h to prevent warnings, from vapier at gentoo.org.
 - (dtucker) [LICENCE] Add Daniel Walsh as a copyright holder for the
   selinux bits in -portable.
 - (dtucker) [cipher-3des1.c cipher-bf1.c] The OpenSSL 0.9.8e problem in
   bug #1291 also affects Protocol 1 3des.  While at it, use compat-openssl.h
   in cipher-bf1.c.  Patch from Juan Gallego.
 - (dtucker) [README.platform] Info about blibpath on AIX.

20070306
 - (djm) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2007/03/01 16:19:33
     [sshd_config.5]
     sort the `match' keywords;
   - djm@@cvs.openbsd.org 2007/03/06 10:13:14
     [version.h]
     openssh-4.6; "please" deraadt@@
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
   [contrib/suse/openssh.spec] crank spec files for release
 - (djm) [README] correct link to release notes
 - (djm) Release 4.6p1

20070304
 - (djm) [configure.ac] add a --without-openssl-header-check option to
   configure, as some platforms (OS X) ship OpenSSL headers whose version
   does not match that of the shipping library. ok dtucker@@
 - (dtucker) [openbsd-compat/openssl-compat.h] Bug #1291: Work around a
   bug in OpenSSL 0.9.8e that prevents aes256-ctr, aes192-ctr and arcfour256
   ciphers from working correctly (disconnects with "Bad packet length"
   errors) as found by Ben Harris.  ok djm@@

20070303
 - (dtucker) [regress/agent-ptrace.sh] Make ttrace gdb error a little more
   general to cover newer gdb versions on HP-UX.

20070302
 - (dtucker) [configure.ac] For Cygwin, read files in textmode (which allows
   CRLF as well as LF lineendings) and write in binary mode.  Patch from
   vinschen at redhat.com.
 - (dtucker) [INSTALL] Update to autoconf-2.61.

20070301
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2007/03/01 10:28:02
     [auth2.c sshd_config.5 servconf.c]
     Remove ChallengeResponseAuthentication support inside a Match
     block as its interaction with KbdInteractive makes it difficult to
     support.  Also, relocate the CR/kbdint option special-case code into
     servconf.  "please commit" djm@@, ok markus@@ for the relocation.
 - (tim) [buildpkg.sh.in openssh.xml.in] Clean up Solaris 10 smf(5) bits.
   "Looks sane" dtucker@@

20070228
 - (dtucker) OpenBSD CVS Sync
   - dtucker@@cvs.openbsd.org 2007/02/28 00:55:30
     [ssh-agent.c]
     Remove expired keys periodically so they don't remain in memory when
     the agent is entirely idle, as noted by David R. Piegdon.  This is the
     simple fix, a more efficient one will be done later.  With markus,
     deraadt, with & ok djm.

20070225
 - (dtucker) OpenBSD CVS Sync
   - djm@@cvs.openbsd.org 2007/02/20 10:25:14
     [clientloop.c]
     set maximum packet and window sizes the same for multiplexed clients
     as normal connections; ok markus@@
   - dtucker@@cvs.openbsd.org 2007/02/21 11:00:05
     [sshd.c]
     Clear alarm() before restarting sshd on SIGHUP.  Without this, if there's
     a SIGALRM pending (for SSH1 key regeneration) when sshd is SIGHUP'ed, the
     newly exec'ed sshd will get the SIGALRM and not have a handler for it,
     and the default action will terminate the listening sshd.  Analysis and
     patch from andrew at gaul.org.
   - dtucker@@cvs.openbsd.org 2007/02/22 12:58:40
     [servconf.c]
     Check activep so Match and GatewayPorts work together; ok markus@@
   - ray@@cvs.openbsd.org 2007/02/24 03:30:11
     [moduli.c]
     - strlen returns size_t, not int.
     - Pass full buffer size to fgets.
     OK djm@@, millert@@, and moritz@@.

20070219
  - (dtucker) OpenBSD CVS Sync
   - jmc@@cvs.openbsd.org 2007/01/10 13:23:22
     [ssh_config.5]
     do not use a list for SYNOPSIS;
     this is actually part of a larger report sent by eric s. raymond
     and forwarded by brad, but i only read half of it. spotted by brad.
   - jmc@@cvs.openbsd.org 2007/01/12 20:20:41
     [ssh-keygen.1 ssh-keygen.c]
     more secsh -> rfc 4716 updates;
     spotted by wiz@@netbsd
     ok markus
   - dtucker@@cvs.openbsd.org 2007/01/17 23:22:52
     [readconf.c]
     Honour activep for times (eg ServerAliveInterval) while parsing
     ssh_config and ~/.ssh/config so they work properly with Host directives.
     From mario.lorenz@@wincor-nixdorf.com via bz #1275.  ok markus@@
   - stevesk@@cvs.openbsd.org 2007/01/21 01:41:54
     [auth-skey.c kex.c ssh-keygen.c session.c clientloop.c]
     spaces
   - stevesk@@cvs.openbsd.org 2007/01/21 01:45:35
     [readconf.c]
     spaces
   - djm@@cvs.openbsd.org 2007/01/22 11:32:50
     [sftp-client.c]
     return error from do_upload() when a write fails. fixes bz#1252: zero
     exit status from sftp when uploading to a full device. report from
     jirkat AT atlas.cz; ok dtucker@@
   - djm@@cvs.openbsd.org 2007/01/22 13:06:21
     [scp.c]
     fix detection of whether we should show progress meter or not: scp
     tested isatty(stderr) but wrote the progress meter to stdout. This patch
     makes it test stdout. bz#1265 reported by junkmail AT bitsculpture.com;
     of dtucker@@
   - stevesk@@cvs.openbsd.org 2007/02/14 14:32:00
     [bufbn.c]
     typos in comments; ok jmc@@
   - dtucker@@cvs.openbsd.org 2007/02/19 10:45:58
     [monitor_wrap.c servconf.c servconf.h monitor.c sshd_config.5]
     Teach Match how handle config directives that are used before
     authentication.  This allows configurations such as permitting password
     authentication from the local net only while requiring pubkey from
     offsite.  ok djm@@, man page bits ok jmc@@
 - (dtucker) [contrib/findssl.sh] Add "which" as a shell function since some
   platforms don't have it.  Patch from dleonard at vintela.com.
 - (dtucker) [openbsd-compat/getrrsetbyname.c] Don't attempt to calloc
   an array for signatures when there are none since "calloc(0, n) returns
   NULL on some platforms (eg Tru64), which is explicitly permitted by
   POSIX.  Diagnosis and patch by svallet genoscope.cns.fr.

20070128
 - (djm) [channels.c serverloop.c] Fix so-called "hang on exit" (bz #52)
   when closing a tty session when a background process still holds tty
   fds open. Great detective work and patch by Marc Aurele La France,
   slightly tweaked by me; ok dtucker@@

20070123
 - (dtucker) [openbsd-compat/bsd-snprintf.c] Static declarations for public
   library interfaces aren't very helpful. Fix up the DOPR_OUTCH macro
   so it works properly and modify its callers so that they don't pre or
   post decrement arguments that are conditionally evaluated. While there,
   put SNPRINTF_CONST back as it prevents build failures in some
   configurations.  ok djm@@ (for most of it)

20070122
 - (djm) [ssh-rand-helper.8] manpage nits;
   from dleonard AT vintela.com (bz#1529)

20070117
 - (dtucker) [packet.c] Re-remove in_systm.h since it's already in includes.h
   and multiple including it causes problems on old IRIXes.  (It snuck back
   in during a sync.)  Found (again) by Georg Schwarz.

20070114
 - (dtucker) [ssh-keygen.c] av -> argv to match earlier sync.
 - (djm) [openbsd-compat/bsd-snprintf.c] Fix integer overflow in return
   value of snprintf replacement, similar to bugs in various libc
   implementations. This overflow is not exploitable in OpenSSH. 
   While I'm fiddling with it, make it a fair bit faster by inlining the
   append-char routine; ok dtucker@@

20070105
 - (djm) OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2006/11/14 19:41:04
     [ssh-keygen.c]
     use argc and argv not some made up short form
   - ray@@cvs.openbsd.org 2006/11/23 01:35:11
     [misc.c sftp.c]
     Don't access buf[strlen(buf) - 1] for zero-length strings.
     ``ok by me'' djm@@.
   - markus@@cvs.openbsd.org 2006/12/11 21:25:46
     [ssh-keygen.1 ssh.1]
     add rfc 4716 (public key format); ok jmc
   - djm@@cvs.openbsd.org 2006/12/12 03:58:42
     [channels.c compat.c compat.h]
     bz #1019: some ssh.com versions apparently can't cope with the
     remote port forwarding bind_address being a hostname, so send
     them an address for cases where they are not explicitly
     specified (wildcard or localhost bind).  reported by daveroth AT
     acm.org; ok dtucker@@ deraadt@@
   - dtucker@@cvs.openbsd.org 2006/12/13 08:34:39
     [servconf.c]
     Make PermitOpen work with multiple values like the man pages says.
     bz #1267 with details from peter at dmtz.com, with & ok djm@@
   - dtucker@@cvs.openbsd.org 2006/12/14 10:01:14
     [servconf.c]
     Make "PermitOpen all" first-match within a block to match the way other
     options work.  ok markus@@ djm@@
   - jmc@@cvs.openbsd.org 2007/01/02 09:57:25
     [sshd_config.5]
     do not use lists for SYNOPSIS;
     from eric s. raymond via brad
   - stevesk@@cvs.openbsd.org 2007/01/03 00:53:38
     [ssh-keygen.c]
     remove small dead code; arnaud.lacombe.1@@ulaval.ca via Coverity scan
   - stevesk@@cvs.openbsd.org 2007/01/03 03:01:40
     [auth2-chall.c channels.c dns.c sftp.c ssh-keygen.c ssh.c]
     spaces
   - stevesk@@cvs.openbsd.org 2007/01/03 04:09:15
     [sftp.c]
     ARGSUSED for lint
   - stevesk@@cvs.openbsd.org 2007/01/03 07:22:36
     [sftp-server.c]
     spaces

20061205
 - (djm) [auth.c] Fix NULL pointer dereference in fakepw().  Crash would
   occur if the server did not have the privsep user and an invalid user
   tried to login and both privsep and krb5 auth are disabled; ok dtucker@@
 - (djm) [bsd-asprintf.c] Better test for bad vsnprintf lengths; ok dtucker@@

20061108
 - (dtucker) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2006/11/07 13:02:07
     [dh.c]
     BN_hex2bn returns int; from dtucker@@

d16 1
d2609 1
a2609 1
$Id: ChangeLog,v 1.5095 2008/07/21 08:22:25 djm Exp $
@


1.1.1.2.4.1
log
@Merge OpenSSH, OPIE, PAM and a number of dependencies from -STABLE.
@
text
@@


1.1.1.2.2.1
log
@Synch up to OpenSSH 3.4p1 - very nearly the same sources as in -CURRENT,
with a slightly different config.h to account for differences between
-CURRENT and -STABLE.

Privilege separation defaults to off for now as it breaks some aspects
of Kerberos authentication.

Sponsored by:	DARPA, NAI Labs
@
text
@@


1.1.1.2.2.2
log
@MFC: OpenSSH 3.5p1, with all FreeBSD patches.
@
text
@a0 596
20021003
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/10/01 20:34:12
     [ssh-agent.c]
     allow root to access the agent, since there is no protection from root.
   - markus@@cvs.openbsd.org 2002/10/01 13:24:50
     [version.h]
     OpenSSH 3.5
 - (djm) Bump RPM spec version numbers
 - (djm) Bug #406 s/msg_send/ssh_msh_send/ for Mac OS X 1.2

20020930
 - (djm) Tidy contrib/, add Makefile for GNOME passphrase dialogs, 
   tweak README
 - (djm) OpenBSD CVS Sync
   - mickey@@cvs.openbsd.org 2002/09/27 10:42:09
     [compat.c compat.h sshd.c]
     add a generic match for a prober, such as sie big brother; 
     idea from stevesk@@; markus@@ ok
   - stevesk@@cvs.openbsd.org 2002/09/27 15:46:21
     [ssh.1]
     clarify compression level protocol 1 only; ok markus@@ deraadt@@

20020927
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/09/25 11:17:16
     [sshd_config]
     sync LoginGraceTime with default
   - markus@@cvs.openbsd.org 2002/09/25 15:19:02
     [sshd.c]
     typo; pilot@@monkey.org
   - markus@@cvs.openbsd.org 2002/09/26 11:38:43
     [auth1.c auth.h auth-krb4.c monitor.c monitor.h monitor_wrap.c]
     [monitor_wrap.h]
     krb4 + privsep; ok dugsong@@, deraadt@@

20020925
 - (bal) Fix issue where successfull login does not clear failure counts
   in AIX.  Patch by dtucker@@zip.com.au ok by djm
 - (tim) Cray fixes (bug 367) based on patch from Wendy Palm @@ cray.
    This does not include the deattack.c fixes.

20020923
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2002/09/23 20:46:27
     [canohost.c]
     change get_peer_ipaddr() and get_local_ipaddr() to not return NULL for
     non-sockets; fixes a problem passing NULL to snprintf(). ok markus@@
   - markus@@cvs.openbsd.org 2002/09/23 22:11:05
     [monitor.c]
     only call auth_krb5 if kerberos is enabled; ok deraadt@@
   - markus@@cvs.openbsd.org 2002/09/24 08:46:04
     [monitor.c]
     only call kerberos code for authctxt->valid
   - todd@@cvs.openbsd.org 2002/09/24 20:59:44
     [sshd.8]
     tweak the example $HOME/.ssh/rc script to not show on any cmdline the
     sensitive data it handles. This fixes bug # 402 as reported by
     kolya@@mit.edu (Nickolai Zeldovich).
     ok markus@@ and stevesk@@

20020923
 - (tim) [configure.ac] s/return/exit/ patch by dtucker@@zip.com.au

20020922
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2002/09/19 14:53:14
     [compat.c]
   - markus@@cvs.openbsd.org 2002/09/19 15:51:23
     [ssh-add.c]
     typo; cd@@kalkatraz.de
   - stevesk@@cvs.openbsd.org 2002/09/19 16:03:15
     [serverloop.c]
     log IP address also; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/09/20 18:41:29
     [auth.c]
     log illegal user here for missing privsep case (ssh2).
     this is executed in the monitor. ok markus@@

20020919
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2002/09/12 19:11:52
     [ssh-agent.c]
     %u for uid print; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/09/12 19:50:36
     [session.c ssh.1]
     add SSH_CONNECTION and deprecate SSH_CLIENT; bug #384.  ok markus@@
   - stevesk@@cvs.openbsd.org 2002/09/13 19:23:09
     [channels.c sshconnect.c sshd.c]
     remove use of SO_LINGER, it should not be needed. error check
     SO_REUSEADDR. fixup comments. ok markus@@
   - stevesk@@cvs.openbsd.org 2002/09/16 19:55:33
     [session.c]
     log when _PATH_NOLOGIN exists; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/09/16 20:12:11
     [sshd_config.5]
     more details on X11Forwarding security issues and threats; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/09/16 22:03:13
     [sshd.8]
     reference moduli(5) in FILES /etc/moduli.
   - itojun@@cvs.openbsd.org 2002/09/17 07:47:02
     [channels.c]
     don't quit while creating X11 listening socket.
     http://mail-index.netbsd.org/current-users/2002/09/16/0005.html
     got from portable.  markus ok
   - djm@@cvs.openbsd.org 2002/09/19 01:58:18
     [ssh.c sshconnect.c]
     bugzilla.mindrot.org #223 - ProxyCommands don't exit.
     Patch from dtucker@@zip.com.au; ok markus@@

20020912
 - (djm) Made GNOME askpass programs return non-zero if cancel button is 
   pressed.
 - (djm) Added getpeereid() replacement. Properly implemented for systems
   with SO_PEERCRED support. Faked for systems which lack it.
 - (djm) Sync sys/tree.h with OpenBSD -current. Rename tree.h and 
   fake-queue.h to sys-tree.h and sys-queue.h
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/09/08 20:24:08
     [hostfile.h]
     no comma at end of enumerator list
   - itojun@@cvs.openbsd.org 2002/09/09 06:48:06
     [auth1.c auth.h auth-krb5.c monitor.c monitor.h]
     [monitor_wrap.c monitor_wrap.h]
     kerberos support for privsep.  confirmed to work by lha@@stacken.kth.se
     patch from markus
   - markus@@cvs.openbsd.org 2002/09/09 14:54:15
     [channels.c kex.h key.c monitor.c monitor_wrap.c radix.c uuencode.c]
     signed vs unsigned from -pedantic; ok henning@@
   - markus@@cvs.openbsd.org 2002/09/10 20:24:47
     [ssh-agent.c]
     check the euid of the connecting process with getpeereid(2); 
     ok provos deraadt stevesk
   - stevesk@@cvs.openbsd.org 2002/09/11 17:55:03
     [ssh.1]
     add agent and X11 forwarding warning text from ssh_config.5; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/09/11 18:27:26
     [authfd.c authfd.h ssh.c]
     don't connect to agent to test for presence if we've previously
     connected; ok markus@@
   - djm@@cvs.openbsd.org 2002/09/11 22:41:50
     [sftp.1 sftp-client.c sftp-client.h sftp-common.c sftp-common.h]
     [sftp-glob.c sftp-glob.h sftp-int.c sftp-server.c]
     support for short/long listings and globbing in "ls"; ok markus@@
   - djm@@cvs.openbsd.org 2002/09/12 00:13:06
     [sftp-int.c]
     zap unused var introduced in last commit

20020911
 - (djm) Sync openbsd-compat with OpenBSD -current

20020910
 - (djm) Bug #365: Read /.ssh/environment properly under CygWin. 
   Patch from Mark Bradshaw <bradshaw@@staff.crosswalk.com>
 - (djm) Bug #138: Make protocol 1 blowfish work with old OpenSSL. 
   Patch from Robert Halubek <rob@@adso.com.pl>

20020905 
 - (djm) OpenBSD CVS Sync
   - stevesk@@cvs.openbsd.org 2002/09/04 18:52:42
     [servconf.c sshd.8 sshd_config.5]
     default LoginGraceTime to 2m; 1m may be too short for slow systems.
     ok markus@@
 - (djm) Merge openssh-TODO.patch from Redhat (null) beta
 - (djm) Add gnome-ssh-askpass2.c (gtk2) by merge with patch from 
    Nalin Dahyabhai <nalin@@redhat.com>
 - (djm) Add support for building gtk2 password requestor from Redhat beta

20020903
 - (djm) Patch from itojun@@ for Darwin OS: test getaddrinfo, reorder libcrypt
 - (djm) Fix Redhat RPM build dependancy test
 - (djm) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/08/12 10:46:35
     [ssh-agent.c]
     make ssh-agent setgid, disallow ptrace.
   - espie@@cvs.openbsd.org 2002/08/21 11:20:59
     [sshd.8]
     `RSA' updated to refer to `public key', where it matters.
     okay markus@@
   - stevesk@@cvs.openbsd.org 2002/08/21 19:38:06
     [servconf.c sshd.8 sshd_config sshd_config.5]
     change LoginGraceTime default to 1 minute; ok mouring@@ markus@@
   - stevesk@@cvs.openbsd.org 2002/08/21 20:10:28
     [ssh-agent.c]
     raise listen backlog; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/22 19:27:53
     [ssh-agent.c]
     use common close function; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/22 19:38:42
     [clientloop.c]
     format with current EscapeChar; bugzilla #388 from wknox@@mitre.org.
     ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/22 20:57:19
     [ssh-agent.c]
     shutdown(SHUT_RDWR) not needed before close here; ok markus@@
   - markus@@cvs.openbsd.org 2002/08/22 21:33:58
     [auth1.c auth2.c]
     auth_root_allowed() is handled by the monitor in the privsep case,
     so skip this for use_privsep, ok stevesk@@, fixes bugzilla #387/325
   - markus@@cvs.openbsd.org 2002/08/22 21:45:41
     [session.c]
     send signal name (not signal number) in "exit-signal" message; noticed
     by galb@@vandyke.com
   - stevesk@@cvs.openbsd.org 2002/08/27 17:13:56
     [ssh-rsa.c]
     RSA_public_decrypt() returns -1 on error so len must be signed; 
     ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/27 17:18:40
     [ssh_config.5]
     some warning text for ForwardAgent and ForwardX11; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/29 15:57:25
     [monitor.c session.c sshlogin.c sshlogin.h]
     pass addrlen with sockaddr *; from Hajimu UMEMOTO <ume@@FreeBSD.org>
     NOTE: there are also p-specific parts to this patch. ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/29 16:02:54
     [ssh.1 ssh.c]
     deprecate -P as UsePrivilegedPort defaults to no now; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/29 16:09:02
     [ssh_config.5]
     more on UsePrivilegedPort and setuid root; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/29 19:49:42
     [ssh.c]
     shrink initial privilege bracket for setuid case; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/29 22:54:10
     [ssh_config.5 sshd_config.5]
     state XAuthLocation is a full pathname

20020820
 - OpenBSD CVS Sync
   - millert@@cvs.openbsd.org 2002/08/02 14:43:15
     [monitor.c monitor_mm.c]
     Change mm_zalloc() sanity checks to be more in line with what
     we do in calloc() and add a check to monitor_mm.c.
     OK provos@@ and markus@@
   - marc@@cvs.openbsd.org 2002/08/02 16:00:07
     [ssh.1 sshd.8]
     note that .ssh/environment is only read when
     allowed (PermitUserEnvironment in sshd_config).
     OK markus@@
   - markus@@cvs.openbsd.org 2002/08/02 21:23:41
     [ssh-rsa.c]
     diff is u_int (2x); ok deraadt/provos
   - markus@@cvs.openbsd.org 2002/08/02 22:20:30
     [ssh-rsa.c]
     replace RSA_verify with our own version and avoid the OpenSSL ASN.1 parser
     for authentication; ok deraadt/djm
   - aaron@@cvs.openbsd.org 2002/08/08 13:50:23
     [sshconnect1.c]
     Use & to test if bits are set, not &&; markus@@ ok.
   - stevesk@@cvs.openbsd.org 2002/08/08 23:54:52
     [auth.c]
     typo in comment
   - stevesk@@cvs.openbsd.org 2002/08/09 17:21:42
     [sshd_config.5]
     use Op for mdoc conformance; from esr@@golux.thyrsus.com
     ok aaron@@
   - stevesk@@cvs.openbsd.org 2002/08/09 17:41:12
     [sshd_config.5]
     proxy vs. fake display
   - stevesk@@cvs.openbsd.org 2002/08/12 17:30:35
     [ssh.1 sshd.8 sshd_config.5]
     more PermitUserEnvironment; ok markus@@
   - stevesk@@cvs.openbsd.org 2002/08/17 23:07:14
     [ssh.1]
     ForwardAgent has defaulted to no for over 2 years; be more clear here.
   - stevesk@@cvs.openbsd.org 2002/08/17 23:55:01
     [ssh_config.5]
     ordered list here
 - (bal) [defines.h] Some platforms don't have SIZE_T_MAX.  So assign 
   it to ULONG_MAX.

20020813
 - (tim) [configure.ac] Display OpenSSL header/library version.
   Patch by dtucker@@zip.com.au

20020731
 - (bal) OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/07/24 16:11:18
     [hostfile.c hostfile.h sshconnect.c]
     print out all known keys for a host if we get a unknown host key,
     see discussion at http://marc.theaimsgroup.com/?t=101069210100016&r=1&w=4

     the ssharp mitm tool attacks users in a similar way, so i'd like to
     pointed out again:
        A MITM attack is always possible if the ssh client prints:
        The authenticity of host 'bla' can't be established.
     (protocol version 2 with pubkey authentication allows you to detect
     MITM attacks)
   - mouring@@cvs.openbsd.org 2002/07/25 01:16:59
     [sftp.c]
     FallBackToRsh does not exist anywhere else.  Remove it from here.
     OK deraadt.
   - markus@@cvs.openbsd.org 2002/07/29 18:57:30
     [sshconnect.c]
     print file:line
   - markus@@cvs.openbsd.org 2002/07/30 17:03:55
     [auth-options.c servconf.c servconf.h session.c sshd_config sshd_config.5]
     add PermitUserEnvironment (off by default!); from dot@@dotat.at;
     ok provos, deraadt

20020730
 - (bal) [uidswap.c] SCO compile correction by gert@@greenie.muc.de

20020728
 - (stevesk) [auth-pam.c] should use PAM_MSG_MEMBER(); from solar
 - (stevesk) [CREDITS] solar
 - (stevesk) [ssh-rand-helper.c] RAND_bytes() and SHA1_Final() unsigned
   char arg.

20020725
 - (djm) Remove some cruft from INSTALL
 - (djm) Latest config.guess and config.sub from ftp://ftp.gnu.org/gnu/config/

20020723
 - (bal) [bsd-cray.c bsd-cray.h] Part 2 of Cray merger. 
 - (bal) sync ID w/ ssh-agent.c
 - (bal) OpenBSD Sync
   - markus@@cvs.openbsd.org 2002/07/19 15:43:33
     [log.c log.h session.c sshd.c]
     remove fatal cleanups after fork; based on discussions with and code
     from solar.
   - stevesk@@cvs.openbsd.org 2002/07/19 17:42:40
     [ssh.c]
     display a warning from ssh when XAuthLocation does not exist or xauth
     returned no authentication data. ok markus@@
   - stevesk@@cvs.openbsd.org 2002/07/21 18:32:20
     [auth-options.c]
     unneeded includes
   - stevesk@@cvs.openbsd.org 2002/07/21 18:34:43
     [auth-options.h]
     remove invalid comment
   - markus@@cvs.openbsd.org 2002/07/22 11:03:06
     [session.c]
     fallback to _PATH_STDPATH on setusercontext+LOGIN_SETPATH errors;
   - stevesk@@cvs.openbsd.org 2002/07/22 17:32:56
     [monitor.c]
     u_int here; ok provos@@
   - stevesk@@cvs.openbsd.org 2002/07/23 16:03:10
     [sshd.c]
     utmp_len is unsigned; display error consistent with other options.
     ok markus@@
   - stevesk@@cvs.openbsd.org 2002/07/15 17:15:31
     [uidswap.c]
     little more debugging; ok markus@@

20020722
 - (bal) AIX tty data limiting patch fix by leigh@@solinno.co.uk
 - (stevesk) [xmmap.c] missing prototype for fatal()
 - (bal) [configure.ac defines.h loginrec.c sshd.c sshpty.c] Partial sync
   with Cray (mostly #ifdef renaming).  Patch by wendyp@@cray.com.
 - (bal) [configure.ac]  Missing ;; from cray patch.
 - (bal) [monitor_mm.c openbsd-compat/xmmap.h] Move xmmap() defines
   into it's own header.
 - (stevesk) [auth-pam.[ch] session.c] pam_getenvlist() must be
   freed by the caller; add free_pam_environment() and use it.
 - (stevesk) [auth-pam.c] typo in comment

20020721
 - (stevesk) [auth-pam.c] merge cosmetic changes from solar's
   openssh-3.4p1-owl-password-changing.diff
 - (stevesk) [auth-pam.c] merge rest of solar's PAM patch;
   PAM_NEW_AUTHTOK_REQD remains in #if 0 for now.
 - (stevesk) [auth-pam.c] cast to avoid initialization type mismatch
   warning on pam_conv struct conversation function.
 - (stevesk) [auth-pam.h] license
 - (stevesk) [auth-pam.h] unneeded include
 - (stevesk) [auth-pam.[ch] ssh.h] move SSHD_PAM_SERVICE to auth-pam.h

20020720
 - (stevesk) [ssh-keygen.c] bug #231: always init/seed_rng().

20020719
 - (tim) [contrib/solaris/buildpkg.sh] create privsep user/group if needed.
   Patch by dtucker@@zip.com.au
 - (tim) [configure.ac]  test for libxnet on HP. Patch by dtucker@@zip.com.au

20020718
 - (tim) [defines.h] Bug 313 patch by dirk.meyer@@dinoex.sub.org
 - (tim) [monitor_mm.c] add missing declaration for xmmap(). Reported
   by ayamura@@ayamura.org
 - (tim) [configure.ac] Bug 267 rework int64_t test.
 - (tim) [includes.h] Bug 267 add stdint.h

20020717
 - (bal) aixbff package updated by dtucker@@zip.com.au
 - (tim) [configure.ac] change how we do paths in AC_PATH_PROGS tests
   for autoconf 2.53. Based on a patch by jrj@@purdue.edu

20020716
 - (tim) [contrib/solaris/opensshd.in] Only kill sshd if .pid file found

20020715
 - (bal) OpenBSD CVS Sync
   - itojun@@cvs.openbsd.org 2002/07/12 13:29:09
     [sshconnect.c]
     print connect failure during debugging mode.
   - markus@@cvs.openbsd.org 2002/07/12 15:50:17
     [cipher.c]
     EVP_CIPH_CUSTOM_IV for our own rijndael
 - (bal) Remove unused tty defined in do_setusercontext() pointed out by
   dtucker@@zip.com.au plus a a more KNF since I am near it.
 - (bal) Privsep user creation support in Solaris buildpkg.sh by 
   dtucker@@zip.com.au

20020714
 - (tim) [Makefile.in] replace "id sshd" with "sshd -t"
 - (bal/tim) [acconfig.h configure.ac monitor_mm.c servconf.c
   openbsd-compat/Makefile.in] support compression on platforms that
   have no/broken MAP_ANON. Moved code to openbsd-compat/xmmap.c
   Based on patch from nalin@@redhat.com of code extracted from Owl's package
 - (tim) [ssh_prng_cmds.in] Bug 323 arp -n flag doesn't exist under Solaris.
   report by chris@@by-design.net
 - (tim) [loginrec.c] Bug 347: Fix typo (WTMPX_FILE) report by rodney@@bond.net
 - (tim) [loginrec.c] Bug 348: add missing found = 1; to wtmpx_islogin()
   report by rodney@@bond.net

20020712
 - (tim) [Makefile.in] quiet down install-files: and check-user:
 - (tim) [configure.ac] remove unused filepriv line

20020710
 - (tim) [contrib/cygwin/ssh-host-config] explicitely sets the permissions
   on /var/empty to 755 Patch by vinschen@@redhat.com
 - (bal) OpenBSD CVS Sync
   - itojun@@cvs.openbsd.org 2002/07/09 11:56:50
     [sshconnect.c]
     silently try next address on connect(2).  markus ok
   - itojun@@cvs.openbsd.org 2002/07/09 11:56:27
     [canohost.c]
     suppress log on reverse lookup failiure, as there's no real value in
     doing so.
     markus ok
   - itojun@@cvs.openbsd.org 2002/07/09 12:04:02
     [sshconnect.c]
     ed static function (less warnings)
   - stevesk@@cvs.openbsd.org 2002/07/09 17:46:25
     [sshd_config.5]
     clarify no preference ordering in protocol list; ok markus@@
   - itojun@@cvs.openbsd.org 2002/07/10 10:28:15
     [sshconnect.c]
     bark if all connection attempt fails.
   - deraadt@@cvs.openbsd.org 2002/07/10 17:53:54
     [rijndael.c]
     use right sizeof in memcpy; markus ok

20020709
 - (bal) NO_IPPORT_RESERVED_CONCEPT used instead of CYGWIN so other platforms
   lacking that concept can share it. Patch by vinschen@@redhat.com

20020708
 - (tim) [openssh/contrib/solaris/buildpkg.sh] add PKG_INSTALL_ROOT to
   work in a jumpstart environment. patch by kbrint@@rufus.net
 - (tim) [Makefile.in] workaround for broken pakadd on some systems.
 - (tim) [configure.ac] fix libc89 utimes test. Mention default path for
   --with-privsep-path=

20020707
 - (tim) [Makefile.in] use umask instead of chmod on $(PRIVSEP_PATH)
 - (tim) [acconfig.h configure.ac sshd.c]
   s/BROKEN_FD_PASSING/DISABLE_FD_PASSING/
 - (tim) [contrib/cygwin/ssh-host-config] sshd account creation fixes
   patch from vinschen@@redhat.com
 - (bal) [realpath.c] Updated with OpenBSD tree.
 - (bal) OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2002/07/04 04:15:33
     [key.c monitor_wrap.c sftp-glob.c ssh-dss.c ssh-rsa.c]
     patch memory leaks; grendel@@zeitbombe.org
   - deraadt@@cvs.openbsd.org 2002/07/04 08:12:15
     [channels.c packet.c]
     blah blah minor nothing as i read and re-read and re-read...
   - markus@@cvs.openbsd.org 2002/07/04 10:41:47
     [key.c monitor_wrap.c ssh-dss.c ssh-rsa.c]
     don't allocate, copy, and discard if there is not interested in the data; 
     ok deraadt@@
   - deraadt@@cvs.openbsd.org 2002/07/06 01:00:49
     [log.c]
     KNF
   - deraadt@@cvs.openbsd.org 2002/07/06 01:01:26
     [ssh-keyscan.c]
     KNF, realloc fix, and clean usage
   - stevesk@@cvs.openbsd.org 2002/07/06 17:47:58
     [ssh-keyscan.c]
     unused variable
 - (bal) Minor KNF on ssh-keyscan.c

20020705
 - (tim) [configure.ac] AIX 4.2.1 has authenticate() in libs.
   Reported by Darren Tucker <dtucker@@zip.com.au>
 - (tim) [contrib/cygwin/ssh-host-config] double slash corrction
   from vinschen@@redhat.com

20020704
 - (bal) Limit data to TTY for AIX only (Newer versions can't handle the
   faster data rate)  Bug #124
 - (bal) glob.c defines TILDE and AIX also defines it.  #undef it first.
   bug #265
 - (bal) One too many nulls in ports-aix.c
 
20020703
 - (bal) Updated contrib/cygwin/  patch by vinschen@@redhat.com 
 - (bal) minor correction to utimes() replacement.  Patch by
   onoe@@sm.sony.co.jp
 - OpenBSD CVS Sync
   - markus@@cvs.openbsd.org 2002/06/27 08:49:44
     [dh.c ssh-keyscan.c sshconnect.c]
     more checks for NULL pointers; from grendel@@zeitbombe.org; ok deraadt@@
   - deraadt@@cvs.openbsd.org 2002/06/27 09:08:00
     [monitor.c]
     improve mm_zalloc check; markus ok
   - deraadt@@cvs.openbsd.org 2002/06/27 10:35:47
     [auth2-none.c monitor.c sftp-client.c]
     use xfree()
   - stevesk@@cvs.openbsd.org 2002/06/27 19:49:08
     [ssh-keyscan.c]
     use convtime(); ok markus@@
   - millert@@cvs.openbsd.org 2002/06/28 01:49:31
     [monitor_mm.c]
     tree(3) wants an int return value for its compare functions and
     the difference between two pointers is not an int.  Just do the
     safest thing and store the result in a long and then return 0,
     -1, or 1 based on that result.
   - deraadt@@cvs.openbsd.org 2002/06/28 01:50:37
     [monitor_wrap.c]
     use ssize_t
   - deraadt@@cvs.openbsd.org 2002/06/28 10:08:25
     [sshd.c]
     range check -u option at invocation
   - deraadt@@cvs.openbsd.org 2002/06/28 23:05:06
     [sshd.c]
     gidset[2] -> gidset[1]; markus ok
   - deraadt@@cvs.openbsd.org 2002/06/30 21:54:16
     [auth2.c session.c sshd.c]
     lint asks that we use names that do not overlap
   - deraadt@@cvs.openbsd.org 2002/06/30 21:59:45
     [auth-bsdauth.c auth-skey.c auth2-chall.c clientloop.c key.c
      monitor_wrap.c monitor_wrap.h scard.h session.h sftp-glob.c ssh.c
      sshconnect2.c sshd.c]
     minor KNF
   - deraadt@@cvs.openbsd.org 2002/07/01 16:15:25
     [msg.c]
     %u
   - markus@@cvs.openbsd.org 2002/07/01 19:48:46
     [sshconnect2.c]
     for compression=yes, we fallback to no-compression if the server does
     not support compression, vice versa for compression=no. ok mouring@@
   - markus@@cvs.openbsd.org 2002/07/03 09:55:38
     [ssh-keysign.c]
     use RSA_blinding_on() for rsa hostkeys (suggested by Bill Sommerfeld)
     in order to avoid a possible Kocher timing attack pointed out by Charles
     Hannum; ok provos@@
   - markus@@cvs.openbsd.org 2002/07/03 14:21:05
     [ssh-keysign.8 ssh-keysign.c ssh.c ssh_config]
     re-enable ssh-keysign's sbit, but make ssh-keysign read 
     /etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled 
     globally. based on discussions with deraadt, itojun and sommerfeld; 
     ok itojun@@
 - (bal) Failed password attempts don't increment counter on AIX. Bug #145
 - (bal) Missed Makefile.in change.  keysign needs readconf.o
 - (bal) Clean up aix_usrinfo().  Ignore TTY= period I guess.
  
20020702
 - (djm) Use PAM_MSG_MEMBER for PAM_TEXT_INFO messages, use xmalloc & 
   friends consistently. Spotted by Solar Designer <solar@@openwall.com>

20020629
 - (bal) fix to auth2-pam.c to swap fatal() arguments,  A bit of style
   clean up while I'm near it.

20020628
 - (stevesk) [sshd_config] PAMAuthenticationViaKbdInt no; commented
   options should contain default value.  from solar.
 - (bal) Cygwin uid0 fix by vinschen@@redhat.com
 - (bal) s/config.h/includes.h/ in openbsd-compat/ for *.c.  Otherwise wise
   have issues of our fixes not propogating right (ie bcopy instead of
   memmove).  OK tim
 - (bal) FreeBSD needs <sys/types.h> to detect if mmap() is supported.
   Bug #303

20020627
 - OpenBSD CVS Sync
   - deraadt@@cvs.openbsd.org 2002/06/26 14:49:36
     [monitor.c]
     correct %u
   - deraadt@@cvs.openbsd.org 2002/06/26 14:50:04
     [monitor_fdpass.c]
     use ssize_t for recvmsg() and sendmsg() return
   - markus@@cvs.openbsd.org 2002/06/26 14:51:33
     [ssh-add.c]
     fix exit code for -X/-x
   - deraadt@@cvs.openbsd.org 2002/06/26 15:00:32
     [monitor_wrap.c]
     more %u
   - markus@@cvs.openbsd.org 2002/06/26 22:27:32
     [ssh-keysign.c]
     bug #304, xfree(data) called to early; openssh@@sigint.cs.purdue.edu

a70 2
 - (tim) [contrib/caldera/openssh.spec] remove 2 configure options I put in
   by mistake
d162 1009
a1170 1
$Id: ChangeLog,v 1.2491.2.1 2002/10/03 05:45:53 djm Exp $
@


