Subject: Re: CVS commit: pkgsrc
To: None <>
From: None <>
List: source-changes
Date: 03/26/2000 23:38:40
>Module Name:	pkgsrc
>Committed By:	itojun
>Date:		Sun Mar 26 14:36:25 UTC 2000
>Modified Files:
>	pkgsrc/security/openssh: Makefile
>	pkgsrc/security/openssh/files: md5 patch-sum
>	pkgsrc/security/openssh/patches: patch-aa patch-ah
>Log Message:
>upgrade to 1.2.3.  make it conflict with security/ssh6.

--- 1.2.2 -> 1.2.3
 - Released 1.2.3

 - Clarified --with-default-path option.
 - Added -blibpath handling for AIX to work around stupid runtime linking.
   Problem elucidated by gshapiro@SENDMAIL.ORG by way of Jim Knoble
 - Checks for 64 bit int types. Problem report from Mats Fredholm
 - OpenBSD CVS updates:
   - [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c] 
     [packet.h radix.c rsa.c scp.c ssh-agent.c ssh-keygen.c sshconnect.c]
     pedantic: signed vs. unsigned, void*-arithm, etc
   - [ssh.1 sshd.8]
     Various cleanups and standardizations.
 - Runtime error fix for HPUX from Otmar Stahl 

 - Fixed configure not passing LDFLAGS to Solaris. Report from David G. 
   Hesprich <>
 - Propogate LD through to Makefile
 - Doc cleanups
 - Added blurb about "scp: command not found" errors to UPGRADING

 - Fix broken CFLAGS handling during search for OpenSSL. Fixes va_list
   problems with gcc/Solaris.
 - Don't free argument to putenv() after use (in setenv() replacement). 
   Report from Seigo Tanimura <>
 - Created contrib/ subdirectory. Included helpers from Phil Hands' 
   Debian package, README file and chroot patch from Ricardo Cerqueira
 - Moved gnome-ssh-askpass.c to contrib directory and removed config 
 - Slight cleanup to doc files
 - Configure fix from Bratislav ILICH <>

 - Include macro for IN6_IS_ADDR_V4MAPPED. Report from
 - Include /usr/local/include and /usr/local/lib for systems that don't
   do it themselves
 - -R/usr/local/lib for Solaris
 - Fix RSAref detection
 - Fix IN6_IS_ADDR_V4MAPPED macro

 - Detect RSAref
 - OpenBSD CVS change
    - disallow guessing of root password
 - More configure fixes
 - IPv6 workarounds from Hideaki YOSHIFUJI <>

 - OpenBSD CVS updates to v1.2.3
	[ssh.h atomicio.c]
	 - int atomicio -> ssize_t (for alpha). ok deraadt@
	 - delay MD5 computation until client sends response, free() early, cleanup.
	 - void* -> unsigned char*, ok niels@
	 - remove unused variable 'len'. fix comments.
	 - remove unused variable
	[log-client.c log-server.c]
	 - rename a cpp symbol, to avoid param.h collision
	 - missing xfree()
	 - getsockname() requires initialized tolen;
	 - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
	from Holger.Trapp@Informatik.TU-Chemnitz.DE
	[pty.c pty.h]
	 - register cleanup for pty earlier. move code for pty-owner handling to 
   	pty.c ok provos@, dugsong@
	 - turn off x11-fwd for the client, too.
	 - PKCS#1 padding
	 - allow '.' in usernames; from
	 - typo: ignore_user_known_hosts int->flag;
	 - sync with sshd_config
	 - enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@
	 - Change invalid 'CHAT' loglevel to 'VERBOSE'
	 - suppress AAAA query host when '-4' is used; from
	 - turn off x11-fwd for the client, too.
	 - missing xfree()
	 - retry rresvport_af(), too. from
	 - read error vs. "Connection closed by remote host"
	 - ie. -> i.e.,
	 - do not link to a commercial page..
	 - sync with sshd_config
	 - no need for poll.h; from
	 - log with level log() not fatal() if peer behaves badly.
	 - don't panic if client behaves strange. ok deraadt@
	 - make no-port-forwarding for RSA keys deny both -L and -R style fwding
	 - delay close() of pty until the pty has been chowned back to root
	 - oops, fix comment, too.
	 - missing xfree()
	 - move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907, too.
	 - register cleanup for pty earlier. move code for pty-owner handling to 
      pty.c ok provos@, dugsong@
	 - create x11 cookie file
	 - fix pr 1113, fclose() -> pclose(), todo: remote popen()
	 - version 1.2.3
 - Cleaned up
 - Removed warning workaround for Linux and devpts filesystems (no longer 
   required after OpenBSD updates)

 - Configure fix from Hiroshi Takekawa <>

 - Released 1.2.2p1

 - Fix DEC compile fix
 - Explicitly seed OpenSSL's PRNG before checking rsa_alive()
 - Check for getpagesize in libucb.a if not found in libc. Fix for old
   Solaris from Andre Lucas <>
 - Check for libwrap if --with-tcp-wrappers option specified. Suggestion 
   Mate Wierdl <>

 - Added "make host-key" target, Suggestion from Dominik Brettnacher
 - Don't permanently fail on bind() if getaddrinfo has more choices left for 
   us. Needed to work around messy IPv6 on Linux. Patch from Arkadiusz
   Miskiewicz <>
 - DEC Unix compile fix from David Del Piero <>
 - Manpage fix from David Del Piero <>

 - Big cleanup of autoconf code
   - Rearranged to be a little more logical
   - Added -R option for Solaris
   - Rewrote OpenSSL detection code. Now uses AC_TRY_RUN with a test program
     to detect library and header location _and_ ensure library has proper
     RSA support built in (this is a problem with OpenSSL 0.9.5).
 - Applied pty cleanup patch from
 - Avoid warning message with Unix98 ptys
 - Warning was valid - possible race condition on PTYs. Avoided using 
   platform-specific code.
 - Document some common problems
 - Allow root access to any key. Patch from

 - Removed SOCKS code. Will support through a ProxyCommand.

 - Fixed SEGVs in authloop, fix from
 - Add --with-ssl-dir option

 - Fix lastlog code for directory based lastlogs. Fix from Josh Durham 
 - Documentation fixes from HARUYAMA Seigo <>
 - Added URLs to Japanese translations of documents by HARUYAMA Seigo 

 - Use socket pairs by default (instead of pipes). Prevents race condition
   on several (buggy) OSs. Report and fix from

 - Seed OpenSSL's random number generator before generating RSA keypairs
 - Split random collector into seperate file
 - Compile fix from Andre Lucas <>

 - Released 1.2.2 stable

 - NeXT keeps it lastlog in /usr/adm. Report from
 - Added note in UPGRADING re interop with commercial SSH using idea. 
   Report from Jim Knoble <>
 - Fix linking order for Kerberos/AFS. Fix from Holget Trapp

 - Fix NULL pointer dereference in login.c. Fix from Andre Lucas 
 - Reorder PAM initialisation so it does not mess up lastlog. Reported
   by Andre Lucas <>
 - Use preformatted manpages on SCO, report from Gary E. Miller 
 - New URL for x11-ssh-askpass.
 - Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble 
 - Added 'DESTDIR' option to Makefile to ease package building. Patch from 
   Jim Knoble <>
 - Updated RPM spec files to use DESTDIR

 - Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number