Subject: CVS commit: pkgsrc
To: None <source-changes@netbsd.org>
From: Jun-ichiro itojun Hagino <itojun@netbsd.org>
List: source-changes
Date: 11/09/2000 11:18:25
Module Name: pkgsrc
Committed By: itojun
Date: Thu Nov 9 09:18:25 UTC 2000
Modified Files:
pkgsrc/security/openssh: Makefile
pkgsrc/security/openssh/files: md5 patch-sum
pkgsrc/security/openssh/patches: patch-aa patch-ae patch-ah
pkgsrc/security/openssh/pkg: PLIST
Removed Files:
pkgsrc/security/openssh/patches: patch-aj
Log Message:
upgrade to 2.3.0p1. XXX pathname for ssh-askpass?
20001106
- (djm) Use Jim's new 1.0.3 askpass in Redhat RPMs
- (djm) Manually fix up missed diff hunks (mainly RCS idents)
- (djm) Remove UPGRADING document in favour of a link to the better
maintained FAQ on www.openssh.com
- (djm) Fix multiple dependancy on gnome-libs from Pekka Savola
<pekkas@netcore.fi>
- (djm) Don't need X11-askpass in RPM spec file if building without it
from Pekka Savola <pekkas@netcore.fi>
- (djm) Release 2.3.0p1
20001105
- (bal) Sync with OpenBSD:
- markus@cvs.openbsd.org 2000/10/31 9:31:58
[compat.c]
handle all old openssh versions
- markus@cvs.openbsd.org 2000/10/31 13:1853
[deattack.c]
so that large packets do not wrap "n"; from netbsd
- (bal) rijndel.c - fix up RCSID to match OpenBSD tree
- (bal) auth2-skey.c - Checked in. Missing from portable tree.
- (bal) Reworked NEWS-OS and NeXT ports to extract waitpid() and
setsid() into more common files
- (stevesk) pty.c: use __hpux to identify HP-UX.
- (bal) Missed auth-skey.o in Makefile.in and minor correction to
bsd-waitpid.c
20001029
- (stevesk) Fix typo in auth.c: USE_PAM not PAM
- (stevesk) Create contrib/cygwin/ directory; patch from
Corinna Vinschen <vinschen@redhat.com>
- (bal) Resolved more $xno and $xyes issues in configure.in
- (bal) next-posix.h - spelling and forgot a prototype
20001028
- (djm) fix select hack in serverloop.c from Philippe WILLEM
<Philippe.WILLEM@urssaf.fr>
- (djm) Fix mangled AIXAUTHENTICATE code
- (djm) authctxt->pw may be NULL. Fix from Markus Friedl
<markus.friedl@informatik.uni-erlangen.de>
- (djm) Sync with OpenBSD:
- markus@cvs.openbsd.org 2000/10/16 15:46:32
[ssh.1]
fixes from pekkas@netcore.fi
- markus@cvs.openbsd.org 2000/10/17 14:28:11
[atomicio.c]
return number of characters processed; ok deraadt@
- markus@cvs.openbsd.org 2000/10/18 12:04:02
[atomicio.c]
undo
- markus@cvs.openbsd.org 2000/10/18 12:23:02
[scp.c]
replace atomicio(read,...) with read(); ok deraadt@
- markus@cvs.openbsd.org 2000/10/18 12:42:00
[session.c]
restore old record login behaviour
- deraadt@cvs.openbsd.org 2000/10/19 10:41:13
[auth-skey.c]
fmt string problem in unused code
- provos@cvs.openbsd.org 2000/10/19 10:45:16
[sshconnect2.c]
don't reference freed memory. okay deraadt@
- markus@cvs.openbsd.org 2000/10/21 11:04:23
[canohost.c]
typo, eramore@era-t.ericsson.se; ok niels@
- markus@cvs.openbsd.org 2000/10/23 13:31:55
[cipher.c]
non-alignment dependent swap_bytes(); from
simonb@wasabisystems.com/netbsd
- markus@cvs.openbsd.org 2000/10/26 12:38:28
[compat.c]
add older vandyke products
- markus@cvs.openbsd.org 2000/10/27 01:32:19
[channels.c channels.h clientloop.c serverloop.c session.c]
[ssh.c util.c]
enable non-blocking IO on channels, and tty's (except for the
client ttys).
20001027
- (djm) Increase REKEY_BYTES to 2^24 for arc4random
20001025
- (djm) Added WARNING.RNG file and modified configure to ask users of the
builtin entropy code to read it.
- (djm) Prefer builtin regex to PCRE.
- (bal) Added USE_PIPS defined to NeXT configure.in since scp hangs randomly.
- (bal) Apply fixes to configure.in pointed out by Pavel Roskin
<proski@gnu.org>
20001020
- (djm) Don't define _REENTRANT for SNI/Reliant Unix
- (bal) Imported NEWS-OS waitpid() macros into NeXT. Since implementation
is more correct then current version.
20001018
- (stevesk) Add initial support for setproctitle(). Current
support is for the HP-UX pstat(PSTAT_SETCMD, ...) method.
- (stevesk) Add egd startup scripts to contrib/hpux/
20001017
- (djm) Add -lregex to cywin libs from Corinna Vinschen
<vinschen@cygnus.com>
- (djm) Don't rely on atomicio's retval to determine length of askpass
supplied passphrase. Problem report from Lutz Jaenicke
<Lutz.Jaenicke@aet.TU-Cottbus.DE>
- (bal) Changed from GNU rx to PCRE on suggestion from djm.
- (bal) Integrated Sony NEWS-OS patches from NAKAJI Hirouyuki
<nakaji@tutrp.tut.ac.jp>
20001016
- (djm) Sync with OpenBSD:
- markus@cvs.openbsd.org 2000/10/14 04:01:15
[cipher.c]
debug3
- markus@cvs.openbsd.org 2000/10/14 04:07:23
[scp.c]
remove spaces from arguments; from djm@mindrot.org
- markus@cvs.openbsd.org 2000/10/14 06:09:46
[ssh.1]
Cipher is for SSH-1 only
- markus@cvs.openbsd.org 2000/10/14 06:12:09
[servconf.c servconf.h serverloop.c session.c sshd.8]
AllowTcpForwarding; from naddy@
- markus@cvs.openbsd.org 2000/10/14 06:16:56
[auth2.c compat.c compat.h sshconnect2.c version.h]
OpenSSH_2.3; note that is is not complete, but the version number
needs to be changed for interoperability reasons
- markus@cvs.openbsd.org 2000/10/14 06:19:45
[auth-rsa.c]
do not send RSA challenge if key is not allowed by key-options; from
eivind@ThinkSec.com
- markus@cvs.openbsd.org 2000/10/15 08:14:01
[rijndael.c session.c]
typos; from stevesk@sweden.hp.com
- markus@cvs.openbsd.org 2000/10/15 08:18:31
[rijndael.c]
typo
- (djm) Copy manpages back over from OpenBSD - too tedious to wade
through diffs
- (djm) Added condrestart to Redhat init script. Patch from Pekka Savola
<pekkas@netcore.fi>
- (djm) Update version in Redhat spec file
- (djm) Merge some of Nalin Dahyabhai <nalin@redhat.com> changes from the
Redhat 7.0 spec file
- (djm) Make inability to read/write PRNG seedfile non-fatal
20001015
- (djm) Fix ssh2 hang on background processes at logout.
20001014
- (bal) Add support for realpath and getcwd for platforms with broken
or missing realpath implementations for sftp-server.
- (bal) Corrected mistake in INSTALL in regards to GNU rx library
- (bal) Add support for GNU rx library for those lacking regexp support
- (djm) Don't accept PAM_PROMPT_ECHO_ON messages during initial auth
- (djm) Revert SSH2 serverloop hack, will find a better way.
- (djm) Add workaround for Linux 2.4's gratuitious errno change. Patch
from Martin Johansson <fatbob@acc.umu.se>
- (djm) Big OpenBSD sync:
- markus@cvs.openbsd.org 2000/09/30 10:27:44
[log.c]
allow loglevel debug
- markus@cvs.openbsd.org 2000/10/03 11:59:57
[packet.c]
hmac->mac
- markus@cvs.openbsd.org 2000/10/03 12:03:03
[auth-krb4.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth1.c]
move fake-auth from auth1.c to individual auth methods, disables s/key in
debug-msg
- markus@cvs.openbsd.org 2000/10/03 12:16:48
ssh.c
do not resolve canonname, i have no idea why this was added oin ossh
- markus@cvs.openbsd.org 2000/10/09 15:30:44
ssh-keygen.1 ssh-keygen.c
-X now reads private ssh.com DSA keys, too.
- markus@cvs.openbsd.org 2000/10/09 15:32:34
auth-options.c
clear options on every call.
- markus@cvs.openbsd.org 2000/10/09 15:51:00
authfd.c authfd.h
interop with ssh-agent2, from <res@shore.net>
- markus@cvs.openbsd.org 2000/10/10 14:20:45
compat.c
use rexexp for version string matching
- provos@cvs.openbsd.org 2000/10/10 22:02:18
[kex.c kex.h myproposal.h ssh.h ssh2.h sshconnect2.c sshd.c dh.c dh.h]
First rough implementation of the diffie-hellman group exchange. The
client can ask the server for bigger groups to perform the diffie-hellman
in, thus increasing the attack complexity when using ciphers with longer
keys. University of Windsor provided network, T the company.
- markus@cvs.openbsd.org 2000/10/11 13:59:52
[auth-rsa.c auth2.c]
clear auth options unless auth sucessfull
- markus@cvs.openbsd.org 2000/10/11 14:00:27
[auth-options.h]
clear auth options unless auth sucessfull
- markus@cvs.openbsd.org 2000/10/11 14:03:27
[scp.1 scp.c]
support 'scp -o' with help from mouring@pconline.com
- markus@cvs.openbsd.org 2000/10/11 14:11:35
[dh.c]
Wall
- markus@cvs.openbsd.org 2000/10/11 14:14:40
[auth.h auth2.c readconf.c readconf.h readpass.c servconf.c servconf.h]
[ssh.h sshconnect2.c sshd_config auth2-skey.c cli.c cli.h]
add support for s/key (kbd-interactive) to ssh2, based on work by
mkiernan@avantgo.com and me
- markus@cvs.openbsd.org 2000/10/11 14:27:24
[auth.c auth1.c auth2.c authfile.c cipher.c cipher.h kex.c kex.h]
[myproposal.h packet.c readconf.c session.c ssh.c ssh.h sshconnect1.c]
[sshconnect2.c sshd.c]
new cipher framework
- markus@cvs.openbsd.org 2000/10/11 14:45:21
[cipher.c]
remove DES
- markus@cvs.openbsd.org 2000/10/12 03:59:20
[cipher.c cipher.h sshconnect1.c sshconnect2.c sshd.c]
enable DES in SSH-1 clients only
- markus@cvs.openbsd.org 2000/10/12 08:21:13
[kex.h packet.c]
remove unused
- markus@cvs.openbsd.org 2000/10/13 12:34:46
[sshd.c]
Kludge for F-Secure Macintosh < 1.0.2; appro@fy.chalmers.se
- markus@cvs.openbsd.org 2000/10/13 12:59:15
[cipher.c cipher.h myproposal.h rijndael.c rijndael.h]
rijndael/aes support
- markus@cvs.openbsd.org 2000/10/13 13:10:54
[sshd.8]
more info about -V
- markus@cvs.openbsd.org 2000/10/13 13:12:02
[myproposal.h]
prefer no compression
- (djm) Fix scp user@host handling
- (djm) Don't clobber ssh_prng_cmds on install
- (stevesk) Include config.h in rijndael.c so we define intXX_t and
u_intXX_t types on all platforms.
- (stevesk) rijndael.c: cleanup missing declaration warnings.
- (stevesk) ~/.hushlogin shouldn't cause required password change to
be bypassed.
- (stevesk) Display correct path to ssh-askpass in configure output.
Report from Lutz Jaenicke.
20001007
- (stevesk) Print PAM return value in PAM log messages to aid
with debugging.
- (stevesk) Fix detection of pw_class struct member in configure;
patch from KAMAHARA Junzo <kamahara@cc.kshosen.ac.jp>
20001002
- (djm) Fix USER_PATH, report from Kevin Steves <stevesk@sweden.hp.com>
- (djm) Add host system and CC to end-of-configure report. Suggested by
Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
20000931
- (djm) Cygwin fixes from Corinna Vinschen <vinschen@cygnus.com>
20000930
- (djm) Irix ssh_prng_cmds path fix from Pekka Savola <pekkas@netcore.fi>
- (djm) Support in bsd-snprintf.c for long long conversions from
Ben Lindstrom <mouring@pconline.com>
- (djm) Cleanup NeXT support from Ben Lindstrom <mouring@pconline.com>
- (djm) Ignore SIGPIPEs from serverloop to child. Fixes crashes with
very short lived X connections. Bug report from Tobias Oetiker
<oetiker@ee.ethz.ch>. Fix from Markus Friedl <markus@cvs.openbsd.org>
- (djm) Add recent InitScripts as a RPM dependancy for openssh-server
patch from Pekka Savola <pekkas@netcore.fi>
- (djm) Forgot to cvs add LICENSE file
- (djm) Add LICENSE to RPM spec files
- (djm) CVS OpenBSD sync:
- markus@cvs.openbsd.org 2000/09/26 13:59:59
[clientloop.c]
use debug2
- markus@cvs.openbsd.org 2000/09/27 15:41:34
[auth2.c sshconnect2.c]
use key_type()
- markus@cvs.openbsd.org 2000/09/28 12:03:18
[channels.c]
debug -> debug2 cleanup
- (djm) Irix strips "/dev/tty" from [uw]tmp entries (other systems only
strip "/dev/"). Fix loginrec.c based on patch from Alain St-Denis
<Alain.St-Denis@ec.gc.ca>
- (djm) Fix 9 character passphrase failure with gnome-ssh-askpass.
Problem was caused by interrupted read in ssh-add. Report from Donald
J. Barry <don@astro.cornell.edu>
20000929
- (djm) Fix SSH2 not terminating until all background tasks done problem.
- (djm) Another off-by-one fix from Pavel Kankovsky
<peak@argo.troja.mff.cuni.cz>
- (djm) Clean up. Strip some unnecessary differences with OpenBSD's code,
tidy necessary differences. Use Markus' new debugN() in entropy.c
- (djm) Merged big SCO portability patch from Tim Rice
<tim@multitalents.net>
20000926
- (djm) Update X11-askpass to 1.0.2 in RPM spec file
- (djm) Define _REENTRANT to pickup strtok_r() on HP/UX
- (djm) Security: fix off-by-one buffer overrun in fake-getnameinfo.c.
Report and fix from Pavel Kankovsky <peak@argo.troja.mff.cuni.cz>
20000924
- (djm) Merged cleanup patch from Mark Miller <markm@swoon.net>
- (djm) A bit more cleanup - created cygwin_util.h
- (djm) Include strtok_r() from OpenBSD libc. Fixes report from Mark Miller
<markm@swoon.net>
20000923
- (djm) Fix address logging in utmp from Kevin Steves
<stevesk@sweden.hp.com>
- (djm) Redhat spec and manpage fixes from Pekka Savola <pekkas@netcore.fi>
- (djm) Seperate tests for int64_t and u_int64_t types
- (djm) Tweak password expiry checking at suggestion of Kevin Steves
<stevesk@sweden.hp.com>
- (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com>
- (djm) Use printf %lld instead of %qd in sftp-server.c. Fix from
Michael Stone <mstone@cs.loyola.edu>
- (djm) OpenBSD CVS sync:
- markus@cvs.openbsd.org 2000/09/17 09:38:59
[sshconnect2.c sshd.c]
fix DEBUG_KEXDH
- markus@cvs.openbsd.org 2000/09/17 09:52:51
[sshconnect.c]
yes no; ok niels@
- markus@cvs.openbsd.org 2000/09/21 04:55:11
[sshd.8]
typo
- markus@cvs.openbsd.org 2000/09/21 05:03:54
[serverloop.c]
typo
- markus@cvs.openbsd.org 2000/09/21 05:11:42
scp.c
utime() to utimes(); mouring@pconline.com
- markus@cvs.openbsd.org 2000/09/21 05:25:08
sshconnect2.c
change login logic in ssh2, allows plugin of other auth methods
- markus@cvs.openbsd.org 2000/09/21 05:25:35
[auth2.c channels.c channels.h clientloop.c dispatch.c dispatch.h]
[serverloop.c]
add context to dispatch_run
- markus@cvs.openbsd.org 2000/09/21 05:07:52
authfd.c authfd.h ssh-agent.c
bug compat for old ssh.com software
20000920
- (djm) Fix bad path substitution. Report from Andrew Miner
<asminer@cs.iastate.edu>
20000916
- (djm) Fix SSL search order from Lutz Jaenicke
<Lutz.Jaenicke@aet.TU-Cottbus.DE>
- (djm) New SuSE spec from Corinna Vinschen <corinna@vinschen.de>
- (djm) Update CygWin support from Corinna Vinschen <vinschen@cygnus.com>
- (djm) Use a real struct sockaddr inside the fake struct sockaddr_storage.
Patch from Larry Jones <larry.jones@sdrc.com>
- (djm) Add Steve VanDevender's <stevev@darkwing.uoregon.edu> PAM
password change patch.
- (djm) Bring licenses on my stuff in line with OpenBSD's
- (djm) Cleanup auth-passwd.c and unify HP/UX authentication. Patch from
Kevin Steves <stevesk@sweden.hp.com>
- (djm) Shadow expiry check fix from Pavel Troller <patrol@omni.sinus.cz>
- (djm) Re-enable int64_t types - we need them for sftp
- (djm) Use libexecdir from configure , rather than libexecdir/ssh
- (djm) Update Redhat SPEC file accordingly
- (djm) Add Kevin Steves <stevesk@sweden.hp.com> HP/UX contrib files
- (djm) Add Charles Levert <charles@comm.polymtl.ca> getpgrp patch
- (djm) Fix password auth on HP/UX 10.20. Patch from Dirk De Wachter
<Dirk.DeWachter@rug.ac.be>
- (djm) Fixprogs and entropy list fixes from Larry Jones
<larry.jones@sdrc.com>
- (djm) Fix for SuSE spec file from Takashi YOSHIDA
<tyoshida@gemini.rc.kyushu-u.ac.jp>
- (djm) Merge OpenBSD changes:
- markus@cvs.openbsd.org 2000/09/05 02:59:57
[session.c]
print hostname (not hushlogin)
- markus@cvs.openbsd.org 2000/09/05 13:18:48
[authfile.c ssh-add.c]
enable ssh-add -d for DSA keys
- markus@cvs.openbsd.org 2000/09/05 13:20:49
[sftp-server.c]
cleanup
- markus@cvs.openbsd.org 2000/09/06 03:46:41
[authfile.h]
prototype
- deraadt@cvs.openbsd.org 2000/09/07 14:27:56
[ALL]
cleanup copyright notices on all files. I have attempted to be
accurate with the details. everything is now under Tatu's licence
(which I copied from his readme), and/or the core-sdi bsd-ish thing
for deattack, or various openbsd developers under a 2-term bsd
licence. We're not changing any rules, just being accurate.
- markus@cvs.openbsd.org 2000/09/07 14:40:30
[channels.c channels.h clientloop.c serverloop.c ssh.c]
cleanup window and packet sizes for ssh2 flow control; ok niels
- markus@cvs.openbsd.org 2000/09/07 14:53:00
[scp.c]
typo
- markus@cvs.openbsd.org 2000/09/07 15:13:37
[auth-options.c auth-options.h auth-rh-rsa.c auth-rsa.c auth.c]
[authfile.h canohost.c channels.h compat.c hostfile.h log.c match.h]
[pty.c readconf.c]
some more Copyright fixes
- markus@cvs.openbsd.org 2000/09/08 03:02:51
[README.openssh2]
bye bye
- deraadt@cvs.openbsd.org 2000/09/11 18:38:33
[LICENCE cipher.c]
a few more comments about it being ARC4 not RC4
- markus@cvs.openbsd.org 2000/09/12 14:53:11
[log-client.c log-server.c log.c ssh.1 ssh.c ssh.h sshd.8 sshd.c]
multiple debug levels
- markus@cvs.openbsd.org 2000/09/14 14:25:15
[clientloop.c]
typo
- deraadt@cvs.openbsd.org 2000/09/15 01:13:51
[ssh-agent.c]
check return value for setenv(3) for failure, and deal appropriately
20000913
- (djm) Fix server not exiting with jobs in background.
20000905
- (djm) Import OpenBSD CVS changes
- markus@cvs.openbsd.org 2000/08/31 15:52:24
[Makefile sshd.8 sshd_config sftp-server.8 sftp-server.c]
implement a SFTP server. interops with sftp2, scp2 and the windows
client from ssh.com
- markus@cvs.openbsd.org 2000/08/31 15:56:03
[README.openssh2]
sync
- markus@cvs.openbsd.org 2000/08/31 16:05:42
[session.c]
Wall
- markus@cvs.openbsd.org 2000/08/31 16:09:34
[authfd.c ssh-agent.c]
add a flag to SSH2_AGENTC_SIGN_REQUEST for future extensions
- deraadt@cvs.openbsd.org 2000/09/01 09:25:13
[scp.1 scp.c]
cleanup and fix -S support; stevesk@sweden.hp.com
- markus@cvs.openbsd.org 2000/09/01 16:29:32
[sftp-server.c]
portability fixes
- markus@cvs.openbsd.org 2000/09/01 16:32:41
[sftp-server.c]
fix cast; mouring@pconline.com
- itojun@cvs.openbsd.org 2000/09/03 09:23:28
[ssh-add.1 ssh.1]
add missing .El against .Bl.
- markus@cvs.openbsd.org 2000/09/04 13:03:41
[session.c]
missing close; ok theo
- markus@cvs.openbsd.org 2000/09/04 13:07:21
[session.c]
fix get_last_login_time order; from andre@van-veen.de
- markus@cvs.openbsd.org 2000/09/04 13:10:09
[sftp-server.c]
more cast fixes; from mouring@pconline.com
- markus@cvs.openbsd.org 2000/09/04 13:06:04
[session.c]
set SSH_ORIGINAL_COMMAND; from Leakin@dfw.nostrum.com, bet@rahul.net
- (djm) Cleanup after import. Fix sftp-server compilation, Makefile
- (djm) Merge cygwin support from Corinna Vinschen <vinschen@cygnus.com>
20000903
- (djm) Fix Redhat init script
20000901
- (djm) Pick up Jim's new X11-askpass
- (djm) Release 2.2.0p1
To generate a diff of this commit:
cvs rdiff -r1.30 -r1.31 pkgsrc/security/openssh/Makefile
cvs rdiff -r1.9 -r1.10 pkgsrc/security/openssh/files/md5
cvs rdiff -r1.20 -r1.21 pkgsrc/security/openssh/files/patch-sum
cvs rdiff -r1.12 -r1.13 pkgsrc/security/openssh/patches/patch-aa
cvs rdiff -r1.5 -r1.6 pkgsrc/security/openssh/patches/patch-ae
cvs rdiff -r1.8 -r1.9 pkgsrc/security/openssh/patches/patch-ah
cvs rdiff -r1.2 -r0 pkgsrc/security/openssh/patches/patch-aj
cvs rdiff -r1.5 -r1.6 pkgsrc/security/openssh/pkg/PLIST
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.