Test snapshot
Damien Miller
djm at mindrot.org
Wed Aug 23 11:54:40 EST 2000
I have just tarred up a snapshot and uploaded it to:
http://www.mindrot.org/misc/openssh/openssh-SNAP-20000823.tar.gz
The snapshot incorporates the last month's fixes and enhancements from
the openssh-unix-dev mailing list and from the OpenBSD developers.
In particular:
- ssh-agent and ssh-add now handle DSA keys. NB. this does not interop
with ssh.com's ssh-agent. (Markus Friedl)
- Fix crashes when sshd is run out of inetd
- More fixes for SunOS4 and NeXT (Nate Itkin and Charles Levert)
- Add Solaris package support in contrib/solaris/ (Rip Loomis)
- Random Early Drop connection rate limiting for sshd (Markus Friedl)
- Fix duplicate lastlog logging (Markus & me)
- Add -u option to sshd to make wtmp logging more like login's (Markus)
- Use pipes instead of socketpairs to avoid scp not exiting problem
on SunOS4 and HPUX 10. (Klaus Engelhardt, Tamito KAJIYAMA & Lutz
Jaenicke)
- Lots of other fixes (see changelog below)
Please give the snapshot a good run and report problems back to the
mailing list.
If you have received this email twice, it is because you are on the
list of testers. I will be setting up a seperate email list over the
weekend.
Regards,
Damien Miller
Changelog:
20000823
- (djm) Define USE_PIPES to avoid socketpair problems on HPUX 10 and SunOS 4
Avoids "scp never exits" problem. Reports from Lutz Jaenicke
<Lutz.Jaenicke at aet.TU-Cottbus.DE> and Tamito KAJIYAMA
<kajiyama at grad.sccs.chukyo-u.ac.jp>
- (djm) Pick up LOGIN_PROGRAM from environment or PATH if not set by headers
- (djm) Add local version to version.h
- (djm) OpenBSD CVS updates:
- deraadt at cvs.openbsd.org 2000/08/18 20:07:23
[ssh.c]
accept remsh as a valid name as well; roman at buildpoint.com
- deraadt at cvs.openbsd.org 2000/08/18 20:17:13
[deattack.c crc32.c packet.c]
rename crc32() to ssh_crc32() to avoid zlib name clash. do not move to
libz crc32 function yet, because it has ugly "long"'s in it;
oneill at cs.sfu.ca
- deraadt at cvs.openbsd.org 2000/08/18 20:26:08
[scp.1 scp.c]
-S prog support; tv at debian.org
- deraadt at cvs.openbsd.org 2000/08/18 20:50:07
[scp.c]
knf
- deraadt at cvs.openbsd.org 2000/08/18 20:57:33
[log-client.c]
shorten
- markus at cvs.openbsd.org 2000/08/19 12:48:11
[channels.c channels.h clientloop.c ssh.c ssh.h]
support for ~. in ssh2
- deraadt at cvs.openbsd.org 2000/08/19 15:29:40
[crc32.h]
proper prototype
- markus at cvs.openbsd.org 2000/08/19 15:34:44
[authfd.c authfd.h key.c key.h ssh-add.1 ssh-add.c ssh-agent.1]
[ssh-agent.c ssh-keygen.c sshconnect1.c sshconnect2.c Makefile]
[fingerprint.c fingerprint.h]
add SSH2/DSA support to the agent and some other DSA related cleanups.
(note that we cannot talk to ssh.com's ssh2 agents)
- markus at cvs.openbsd.org 2000/08/19 15:55:52
[channels.c channels.h clientloop.c]
more ~ support for ssh2
- markus at cvs.openbsd.org 2000/08/19 16:21:19
[clientloop.c]
oops
- millert at cvs.openbsd.org 2000/08/20 12:25:53
[session.c]
We have to stash the result of get_remote_name_or_ip() before we
close our socket or getpeername() will get EBADF and the process
will exit. Only a problem for "UseLogin yes".
- millert at cvs.openbsd.org 2000/08/20 12:30:59
[session.c]
Only check /etc/nologin if "UseLogin no" since login(1) may have its
own policy on determining who is allowed to login when /etc/nologin
is present. Also use the _PATH_NOLOGIN define.
- millert at cvs.openbsd.org 2000/08/20 12:42:43
[auth1.c auth2.c session.c ssh.c]
Add calls to setusercontext() and login_get*(). We basically call
setusercontext() in most places where previously we did a setlogin().
Add default login.conf file and put root in the "daemon" login class.
- millert at cvs.openbsd.org 2000/08/21 10:23:31
[session.c]
Fix incorrect PATH setting; noted by Markus.
20000818
- (djm) OpenBSD CVS changes:
- markus at cvs.openbsd.org 2000/07/22 03:14:37
[servconf.c servconf.h sshd.8 sshd.c sshd_config]
random early drop; ok theo, niels
- deraadt at cvs.openbsd.org 2000/07/26 11:46:51
[ssh.1]
typo
- deraadt at cvs.openbsd.org 2000/08/01 11:46:11
[sshd.8]
many fixes from pepper at mail.reppep.com
- provos at cvs.openbsd.org 2000/08/01 13:01:42
[Makefile.in util.c aux.c]
rename aux.c to util.c to help with cygwin port
- deraadt at cvs.openbsd.org 2000/08/02 00:23:31
[authfd.c]
correct sun_len; Alexander at Leidinger.net
- provos at cvs.openbsd.org 2000/08/02 10:27:17
[readconf.c sshd.8]
disable kerberos authentication by default
- provos at cvs.openbsd.org 2000/08/02 11:27:05
[sshd.8 readconf.c auth-krb4.c]
disallow kerberos authentication if we can't verify the TGT; from
dugsong@
kerberos authentication is on by default only if you have a srvtab.
- markus at cvs.openbsd.org 2000/08/04 14:30:07
[auth.c]
unused
- markus at cvs.openbsd.org 2000/08/04 14:30:35
[sshd_config]
MaxStartups
- markus at cvs.openbsd.org 2000/08/15 13:20:46
[authfd.c]
cleanup; ok niels@
- markus at cvs.openbsd.org 2000/08/17 14:05:10
[session.c]
cleanup login(1)-like jobs, no duplicate utmp entries
- markus at cvs.openbsd.org 2000/08/17 14:06:34
[session.c sshd.8 sshd.c]
sshd -u len, similar to telnetd
- (djm) Lastlog was not getting closed after writing login entry
- (djm) Add Solaris package support from Rip Loomis <loomisg at cist.saic.com>
20000816
- (djm) Replacement for inet_ntoa for Irix (which breaks on gcc)
- (djm) Fix strerror replacement for old SunOS. Based on patch from
Charles Levert <charles at comm.polymtl.ca>
- (djm) Seperate arc4random into seperate file and use OpenSSL's RC4
implementation.
- (djm) SUN_LEN macro for systems which lack it
20000815
- (djm) More SunOS 4.1.x fixes from Nate Itkin <nitkin at europa.com>
- (djm) Avoid failures on Irix when ssh is not setuid. Fix from
Michael Stone <mstone at cs.loyola.edu>
- (djm) Don't seek in directory based lastlogs
- (djm) Fix --with-ipaddr-display configure option test. Patch from
Jarno Huuskonen <jhuuskon at messi.uku.fi>
- (djm) Fix AIX limits from Alexandre Oliva <oliva at lsd.ic.unicamp.br>
20000813
- (djm) Add $(srcdir) to includes when compiling (for VPATH). Report from
Fabrice bacchella <fabrice.bacchella at marchfirst.fr>
20000809
- (djm) Define AIX hard limits if headers don't. Report from
Bill Painter <william.t.painter at lmco.com>
- (djm) utmp direct write & SunOS 4 patch from Charles Levert
<charles at comm.polymtl.ca>
20000808
- (djm) Cleanup Redhat RPMs. Generate keys at runtime rather than install
time, spec file cleanup.
20000807
- (djm) Set 0755 on binaries during install. Report from Lutz Jaenicke
- (djm) Suppress error messages on channel close shutdown() failurs
works around Linux bug. Patch from Zack Weinberg <zack at wolery.cumb.org>
- (djm) Add some more entropy collection commands from Lutz Jaenicke
20000725
- (djm) Fix autoconf typo: HAVE_BINRESVPORT_AF -> HAVE_BINDRESVPORT_AF
20000721
- (djm) OpenBSD CVS updates:
- markus at cvs.openbsd.org 2000/07/16 02:27:22
[authfd.c authfd.h channels.c clientloop.c ssh-add.c ssh-agent.c ssh.c]
[sshconnect1.c sshconnect2.c]
make ssh-add accept dsa keys (the agent does not)
- djm at cvs.openbsd.org 2000/07/17 19:25:02
[sshd.c]
Another closing of stdin; ok deraadt
- markus at cvs.openbsd.org 2000/07/19 18:33:12
[dsa.c]
missing free, reorder
- markus at cvs.openbsd.org 2000/07/20 16:23:14
[ssh-keygen.1]
document input and output files
20000720
- (djm) Spec file fix from Petr Novotny <Petr.Novotny at antek.cz>
--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm at mindrot.org (home) -or- djm at ibs.com.au (work)
More information about the openssh-unix-dev
mailing list