Annotation of src/usr.bin/ssh/ChangeLog, Revision 1.1
1.1 ! deraadt 1: Fri Nov 17 16:19:20 1995 Tatu Ylonen <ylo@trance.olari.clinet.fi>
! 2:
! 3: * Released 1.2.12.
! 4:
! 5: * channels.c: Commented out debugging messages about output draining.
! 6:
! 7: * Added file OVERVIEW to give some idea about the structure of the
! 8: ssh software.
! 9:
! 10: Thu Nov 16 16:40:17 1995 Tatu Ylonen <ylo@trance.olari.clinet.fi>
! 11:
! 12: * canohost.c (get_remote_hostname): Don't ever return NULL (causes
! 13: segmentation violation).
! 14:
! 15: * sshconnect.c: Host ip address printed incorrectly with -v.
! 16:
! 17: * Implemented SSH_TTY environment variable.
! 18:
! 19: Wed Nov 15 01:47:40 1995 Tatu Ylonen <ylo@trance.olari.clinet.fi>
! 20:
! 21: * Implemented server and client option KeepAlive to specify
! 22: whether to set SO_KEEPALIVE. Both default to "yes"; to disable
! 23: keepalives, set the value to "no" in both the server and the
! 24: client configuration files. Updated manual pages.
! 25:
! 26: * sshd.c: Fixed Solaris utmp problem: wrong pid stored in utmp
! 27: (patch from Petri Virkkula <argon@bat.cs.hut.fi>).
! 28:
! 29: * login.c (record_logout): Fixed removing user from utmp on BSD
! 30: (with HAVE_LIBUTIL_LOGIN).
! 31:
! 32: * Added cleanup functions to be called from fatal(). Arranged for
! 33: utmp to be cleaned if sshd terminates by calling fatal (e.g.,
! 34: after dropping connection). Eliminated separate client-side
! 35: fatal() functions and moved fatal() to log-client.c. Made all
! 36: cleanups, including channel_stop_listening() and packet_close()
! 37: be called using this mechanism.
! 38:
! 39: Thu Nov 9 09:58:05 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
! 40:
! 41: * sshd.c: Permit immediate login with empty password only if
! 42: password authentication is allowed.
! 43:
! 44: Wed Nov 8 00:43:55 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
! 45:
! 46: * Eliminated unix-domain X11 forwarding. Inet-domain forwarding is
! 47: now the only supported form. Renamed server option
! 48: X11InetForwarding to X11Forwarding, and eliminated
! 49: X11UnixForwarding. Updated documentation. Updated RFC (marked
! 50: the SSH_CMSG_X11_REQUEST_FORWARDING message (code 26) as
! 51: obsolete, and removed all references to it). Increased protocol
! 52: version number to 1.3.
! 53:
! 54: * scp.c (main): Added -B (BatchMode). Updated manual page.
! 55:
! 56: * Cleaned up and updated all manual pages.
! 57:
! 58: * clientloop.c: Added new escape sequences ~# (lists forwarded
! 59: connections), ~& (background ssh when waiting for forwarded
! 60: connections to terminate), ~? (list available escapes).
! 61: Polished the output of the connection listing. Updated
! 62: documentation.
! 63:
! 64: * uidswap.c: If _POSIX_SAVED_IDS is defined, don't change the real
! 65: uid. Assume that _POSIX_SAVED_IDS also applies to seteuid.
! 66: This may solve problems with tcp_wrappers (libwrap) showing
! 67: connections as coming from root.
! 68:
! 69: Tue Nov 7 20:28:57 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
! 70:
! 71: * Added RandomSeed server configuration option. The argument
! 72: specifies the location of the random seed file. Updated
! 73: documentation.
! 74:
! 75: * Locate perl5 in configure. Generate make-ssh-known-hosts (with
! 76: the correct path for perl5) in Makefile.in, and install it with
! 77: the other programs. Updated manual page.
! 78:
! 79: * sshd.c (main): Added a call to umask to set the umask to a
! 80: reasonable value.
! 81:
! 82: * compress.c (buffer_compress): Fixed to follow the zlib
! 83: documentation (which is slightly confusing).
! 84:
! 85: * INSTALL: Added information about Linux libc.so.4 problem.
! 86:
! 87: Mon Nov 6 15:42:36 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
! 88:
! 89: * (Actually autoconf fix) Installed patch to AC_ARG_PROGRAM.
! 90:
! 91: * sshd.c, sshd.8.in: Renamed $HOME/.environment ->
! 92: $HOME/.ssh/environment.
! 93:
! 94: * configure.in: Disable shadow password checking on convex.
! 95: Convex has /etc/shadow, but sets pw_passwd automatically if
! 96: running as root.
! 97:
! 98: * Eliminated HAVE_ETC_MASTER_PASSWD (NetBSD, FreeBSD); the
! 99: pw_passwd field is automatically filled if running as root.
! 100: Put explicit code in configure.in to prevent shadow password
! 101: checking on FreeBSD and NetBSD.
! 102:
! 103: * serverloop.c (signchld_handler): Don't print error if wait
! 104: returns -1.
! 105:
! 106: * Makefile.in (install): Fixed modes of data files.
! 107:
! 108: * Makefile.in (install): Make links for slogin.1.
! 109:
! 110: * make-ssh-known-hosts: Merged a patch from melo@ci.uminho.pt to
! 111: fix the ping command.
! 112:
! 113: Fri Nov 3 16:25:28 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
! 114:
! 115: * ssh.1.in: Added more information about X11 forwarding.
! 116:
! 117: Thu Nov 2 18:42:13 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
! 118:
! 119: * Changes to use O_NONBLOCK_BROKEN consistently.
! 120:
! 121: * pty.c (pty_make_controlling_tty): Use setpgid instead of
! 122: setsid() on Ultrix.
! 123:
! 124: * includes.h: Removed redundant #undefs for Ultrix and Sony News;
! 125: these are already handled in configure.in.
! 126:
! 127: Tue Oct 31 13:31:28 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
! 128:
! 129: * configure.in: Define SSH_WTMP to /var/adm/wtmp is wtmp not found.
! 130:
! 131: * configure.in: Disable vhangup on Ultrix. I am told this fixes
! 132: the server problems.
! 133:
! 134: Sat Oct 28 14:22:05 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
! 135:
! 136: * sshconnect.c: Fixed a bug in connecting to a multi-homed host.
! 137: Restructured the connecting code to never try to use the same
! 138: socket a second time after a failed connection.
! 139:
! 140: * Makefile.in: Added explicit -m option to install, and umask 022
! 141: when creating directories and the host key.
! 142:
! 143: Fri Oct 27 01:05:10 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
! 144:
! 145: * Makefile.in: Added cleaning of $(ZLIBDIR) to clean and distclean.
! 146:
! 147: * login.c (get_last_login_time): Fixed a typo (define -> defined).
! 148:
! 149: Thu Oct 26 01:28:07 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
! 150:
! 151: * configure.in: Moved testing for ANSI C compiler after the host
! 152: specific code (problems on HPUX).
! 153:
! 154: * Minor fixes to /etc/default/login stuff from Bryan O'Sullivan.
! 155:
! 156: * Fixed .SH NAME sections in manual pages.
! 157:
! 158: * compress.c: Trying to fix a mysterious bug in the compression
! 159: glue.
! 160:
! 161: * ssh-1.2.11.
! 162:
! 163: * scp.c: disable agent forwarding when running ssh from scp.
! 164:
! 165: * Added compression of plaintext packets using the gzip library
! 166: (zlib). Client configuration options Compression and
! 167: CompressionLevel (1-9 as in gzip). New ssh and scp option -C
! 168: (to enable compression). Updated RFC.
! 169:
! 170: Wed Oct 25 05:11:55 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
! 171:
! 172: * Implemented ProxyCommand stuff based on patches from Bryan
! 173: O'Sullivan <bos@serpentine.com>.
! 174:
! 175: * Merged BSD login/logout/lastlog patches from Mark Treacy
! 176: <mark@labtam.oz.au>.
! 177:
! 178: * sshd.c: Added chdir("/").
! 179:
! 180: Tue Oct 24 00:29:01 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
! 181:
! 182: * Merged RSA environment= patches from Felix Leitner
! 183: <leitner@prz.tu-berlin.de> with some changes.
! 184:
! 185: * sshd.c: Made the packet code use two separate descriptors for
! 186: the connection (one for input, the other for output). This will
! 187: make future extensions easier (e.g., non-socket transports, etc.).
! 188: sshd -i now uses both stdin and stdout separately.
! 189:
! 190: Mon Oct 23 21:29:28 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
! 191:
! 192: * sshd.c: Merged execle -> execve patches from Mark Martinec
! 193: <Mark.Martinec@nsc.ijs.si>. This may help with execle bugs on
! 194: Convex (environment not getting passed properly). This might
! 195: also solve similar problems on Sonys; please test!
! 196:
! 197: * Removed all compatibility code for protocol version 1.0.
! 198: THIS MEANS THAT WE ARE NO LONGER COMPATIBLE WITH SSH VERSIONS
! 199: PRIOR TO 1.1.0.
! 200:
! 201: * randoms.c (random_acquire_light_environmental_noise): If
! 202: /dev/random is available, read up to 32 bytes (256 bits) from
! 203: there in non-blocking mode, and mix the new random bytes into
! 204: the pool.
! 205:
! 206: * Added client configuration option StrictHostKeyChecking
! 207: (disabled by default). If this is enabled, the client will not
! 208: automatically add new host keys to $HOME/.ssh/known_hosts;
! 209: instead the connection will be refused if the host key is not
! 210: known. Similarly, if the host key has changed, the connection
! 211: will be refused instead if just issuing a warning. This
! 212: provides additional security against man-in-the-middle/trojan
! 213: horse attacks (especially in scripts where there is no-one to
! 214: see the warnings), but may be quite inconvenient in everyday
! 215: interactive use unless /etc/ssh_known_hosts is very complete,
! 216: because new host keys must now be added manually.
! 217:
! 218: * sshconnect.c (ssh_connect): Use the user's uid when creating the
! 219: socket and connecting it. I am hoping that this might help with
! 220: tcp_wrappers showing the remote user as root.
! 221:
! 222: * ssh.c: Try inet-domain X11 forwarding regardless of whether we
! 223: can get local authorization information. If we don't, we just
! 224: come up with fake information; the forwarding code will anyway
! 225: generate its own fake information and validate that the client
! 226: knows that information. It will then substitute our fake
! 227: information for that, but that info should get ignored by the
! 228: server if it doesn't support it.
! 229:
! 230: * Added option BatchMode to disable password/passphrase querying
! 231: in scripts.
! 232:
! 233: * auth-rh-rsa.c: Changed to use uid-swapping when reading
! 234: .ssh/known_hosts.
! 235:
! 236: * sshd.8.in (command): Improved documentation of file permissions
! 237: on the manual pages.
! 238:
! 239: Thu Oct 19 21:05:51 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
! 240:
! 241: * ssh-add.c (add_file): Fixed a bug causing ssh to sometimes refer
! 242: to freed memory (comment -> saved_comment).
! 243:
! 244: * log-server.c: Added a prefix to debug/warning/error/fatal
! 245: messages describing message types. Syslog does not include that
! 246: information automatically.
! 247:
! 248: Sun Oct 8 01:56:01 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 249:
! 250: * Merged /etc/default/login and MAIL environment variable changes
! 251: from Bryan O'Sullivan <bos@serpentine.com>.
! 252: - mail spool file location
! 253: - process /etc/default/login
! 254: - add HAVE_ETC_DEFAULT_LOGIN
! 255: - new function child_get_env and read_etc_default_login (sshd.c)
! 256:
! 257: * ssh-add.c (add_file): Fixed asking for passphrase.
! 258:
! 259: * Makefile.in: Fixed installing configure-generated man pages when
! 260: compiling in a separate object directory.
! 261:
! 262: * sshd.c (main): Moved RSA key generation until after allocating
! 263: the port number. (Actually, the code got duplicated because we
! 264: never listen when run from inetd.)
! 265:
! 266: * ssh.c: Fixed a problem that caused scp to hang when called with
! 267: stdin closed.
! 268:
! 269: Sat Oct 7 03:08:06 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 270:
! 271: * Added server config option StrictModes. It specifies whether to
! 272: check ownership and modes of home directory and .rhosts files.
! 273:
! 274: * ssh.c: If ssh is renamed/linked to a host name, connect to that
! 275: host.
! 276:
! 277: * serverloop.c, clientloop.c: Ignore EAGAIN reported on read from
! 278: connection. Solaris has a kernel bug which causes select() to
! 279: sometimes wake up even though there is no data available.
! 280:
! 281: * Display all open connections when printing the "Waiting for
! 282: forwarded connections to terminate" message.
! 283:
! 284: * sshd.c, readconf.c: Added X11InetForwarding and
! 285: X11UnixForwarding server config options.
! 286:
! 287: Thu Oct 5 17:41:16 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 288:
! 289: * Some more SCO fixes.
! 290:
! 291: Tue Oct 3 01:04:34 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 292:
! 293: * Fixes and cleanups in README, INSTALL, COPYING.
! 294:
! 295: Mon Oct 2 03:36:08 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 296:
! 297: * ssh-add.c (add_file): Fixed a bug in ssh-add (xfree: NULL ...).
! 298:
! 299: * Removed .BR from ".SH NAME" in man pages.
! 300:
! 301: Sun Oct 1 04:16:07 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 302:
! 303: * ssh-1.2.10.
! 304:
! 305: * configure.in: When checking that the compiler works, check that
! 306: it understands ANSI C prototypes.
! 307:
! 308: * Made uidswap error message a debug() to avoid confusing errors
! 309: on AIX (AIX geteuid is brain-damaged and fails even for root).
! 310:
! 311: * Fixed an error in sshd.8 (FacistLogging -> FascistLogging).
! 312:
! 313: * Fixed distribution in Makefile.in (missing manual page .in files).
! 314:
! 315: Sat Sep 30 17:38:46 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 316:
! 317: * auth-rhosts.c: Fixed serious security problem in
! 318: /etc/hosts.equiv authentication.
! 319:
! 320: Fri Sep 29 00:41:02 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 321:
! 322: * Include machine/endian.h on Paragon.
! 323:
! 324: * ssh-add.c (add_file): Made ssh-add keep asking for the
! 325: passphrase until the user just types return or cancels.
! 326: Make the dialog display the comment of the key.
! 327:
! 328: * Read use shosts.equiv in addition to /etc/hosts.equiv.
! 329:
! 330: * sshd.8 is now sshd.8.in and is processed by configure to
! 331: substitute the proper paths for various files. Ditto for ssh.1.
! 332: Ditto for make-ssh-known-hosts.1.
! 333:
! 334: * configure.in: Moved /etc/sshd_pid to PIDDIR/sshd.pid. PIDDIR
! 335: will be /var/run if it exists, and ETCDIR otherwise.
! 336:
! 337: Thu Sep 28 21:52:42 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 338:
! 339: * On Ultrix, check if sys/syslog.h needs to be included in
! 340: addition to syslog.h.
! 341:
! 342: * make-ssh-known-hosts.pl: Merged Kivinen's fixes for HPUX.
! 343:
! 344: * configure.in: Put -lwrap, -lsocks, etc. at the head of LIBS.
! 345:
! 346: * Fixed case-insensitivity in auth-rhosts.c.
! 347:
! 348: * Added missing socketpair.c to EXTRA_SRCS (needed on SCO), plus
! 349: other SCO fixes.
! 350:
! 351: * Makefile.in: Fixed missing install_prefixes.
! 352:
! 353: Wed Sep 27 03:57:00 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 354:
! 355: * ssh-1.2.9.
! 356:
! 357: * Added SOCKS support.
! 358:
! 359: * Fixed default setting of IgnoreRhosts option.
! 360:
! 361: * Pass the magic cookie to xauth in stdin instead of command line;
! 362: the command line is visible in ps.
! 363:
! 364: * Added processing $HOME/.ssh/rc and /etc/sshrc.
! 365:
! 366: * Added a section to sshd.8 on what happens at login time.
! 367:
! 368: Tue Sep 26 01:27:40 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 369:
! 370: * Don't define speed_t on SunOS 4.1.1; it conflicts with system
! 371: headers.
! 372:
! 373: * Added support for .hushlogin.
! 374:
! 375: * Added --with-etcdir.
! 376:
! 377: * Read $HOME/.environment after /etc/environment.
! 378:
! 379: Mon Sep 25 03:26:06 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 380:
! 381: * Merged patches for SCO Unix (from Michael Henits).
! 382:
! 383: Sun Sep 24 22:28:02 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 384:
! 385: * Added ssh option ConnectionAttempts.
! 386:
! 387: Sat Sep 23 12:30:15 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 388:
! 389: * sshd.c: Don't print last login time and /etc/motd if a command
! 390: has been specified (with ssh -t host command).
! 391:
! 392: * Added support for passing the screen number in X11 forwarding.
! 393: It is implemented as a compatible protocol extension, signalled
! 394: by SSH_PROTOFLAG_SCREEN_NUMBER by the child.
! 395:
! 396: * clientloop.c: Fixed bugs in the order in which things were
! 397: processed. This may solve problems with some data not getting
! 398: sent to the server as soon as possible (probably solves the TCP
! 399: forwarding delayed close problem). Also, it looked like window
! 400: changes might not get transmitted as early as possible in some
! 401: cases.
! 402:
! 403: * clientloop.c: Changed to detect window size change that
! 404: happened while ssh was suspended.
! 405:
! 406: * ssh.c: Moved the do_session function (client main loop) to
! 407: clientloop.c. Divided it into smaller functions. General cleanup.
! 408:
! 409: * ssh-1.2.8
! 410:
! 411: Fri Sep 22 22:07:46 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 412:
! 413: * sshconnect.c (ssh_login): Made ssh_login take the options
! 414: structure as argument, instead of the individual arguments.
! 415:
! 416: * auth-rhosts.c (check_rhosts_file): Added support for netgroups.
! 417:
! 418: * auth-rhosts.c (check_rhosts_file): Added support for negated
! 419: entries.
! 420:
! 421: Thu Sep 21 00:07:56 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 422:
! 423: * auth-rhosts.c: Restructured rhosts authentication code.
! 424: Hosts.equiv now has same format as .rhosts: user names are allowed.
! 425:
! 426: * Added support for the Intel Paragon.
! 427:
! 428: * sshd.c: Don't use X11 forwarding with spoofing if no xauth
! 429: program. Changed configure.in to not define XAUTH_PATH if
! 430: there is no xauth program.
! 431:
! 432: * ssh-1.2.7
! 433:
! 434: * sshd.c: Rewrote the code to build the environment. Now also reads
! 435: /etc/environment.
! 436:
! 437: * sshd.c: Fixed problems in libwrap code. --with-libwrap now
! 438: takes optional library name/path.
! 439:
! 440: * ssh-1.2.6
! 441:
! 442: * Define USE_PIPES by default.
! 443:
! 444: * Added support for Univel Unixware and MachTen.
! 445:
! 446: * Added IgnoreRhosts server option.
! 447:
! 448: * Added USE_STRLEN_FOR_AF_UNIX; it is needed at least on MachTen.
! 449:
! 450: Wed Sep 20 02:41:02 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 451:
! 452: * sshd.c (do_child): don't call packet_close when /etc/nologin,
! 453: because packet_close does shutdown, and the message does not get
! 454: sent.
! 455:
! 456: * pty.c (pty_allocate): Push ttcompat streams module.
! 457:
! 458: * randoms.c (random_acquire_light_environmental_noise): Don't use
! 459: the second argument to gettimeofday as it is not supported on
! 460: all systems.
! 461:
! 462: * login.c (record_login): Added NULL second argument to gettimeofday.
! 463:
! 464: Tue Sep 19 13:25:48 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 465:
! 466: * fixed pclose wait() in sshd key regeneration (now only collects
! 467: easily available noise).
! 468:
! 469: * configure.in: test for bsdi before bsd*.
! 470:
! 471: * ssh.c: Don't print "Connection closed" if -q.
! 472:
! 473: Wed Sep 13 04:19:52 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 474:
! 475: * Released ssh-1.2.5.
! 476:
! 477: * Hopefully fixed "Waiting for forwarded connections to terminate"
! 478: message.
! 479:
! 480: * randoms.c, md5.c: Large modifications to make these work on Cray
! 481: (which has no 32 bit integer type).
! 482:
! 483: * Fixed a problem with forwarded connection closes not being
! 484: reported immediately.
! 485:
! 486: * ssh.c: fixed rhosts authentication (broken by uid-swapping).
! 487:
! 488: * scp.c: Don't use -l if server user not specified (it made
! 489: setting User in the configuration file not work).
! 490:
! 491: * configure.in: don't use -pipe on BSDI.
! 492:
! 493: * randoms.c: Major modifications to make it work without 32 bit
! 494: integers (e.g. Cray).
! 495:
! 496: * md5.c: Major modifications to make it work without 32 bit
! 497: integers (e.g. Cray).
! 498:
! 499: * Eliminated HPSUX_BROKEN_PTYS. The code is now enabled by
! 500: default on all systems.
! 501:
! 502: Mon Sep 11 00:53:12 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 503:
! 504: * sshd.c: don't include sshd pathname in log messages.
! 505:
! 506: * Added libwrap stuff (includes support for identd).
! 507:
! 508: * Added OSF/1 C2 extended security stuff.
! 509:
! 510: * Fixed interactions between getuid() and uid-swap stuff.
! 511:
! 512: Sun Sep 10 00:29:27 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 513:
! 514: * serverloop.c: Don't send stdout data to client until after a few
! 515: milliseconds if there is very little data. This is because some
! 516: systems give data from pty one character at a time, which would
! 517: multiply data size by about 16.
! 518:
! 519: * serverloop.c: Moved server do_session to a separate file and
! 520: renamed it server_loop. Split it into several functions and
! 521: partially rewrote it. Fixed "cat /etc/termcap | ssh foo cat" hangup.
! 522:
! 523: * Screwed up something while checking stuff in under cvs. No harm,
! 524: but bogus log entries...
! 525:
! 526: Sat Sep 9 02:24:51 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 527:
! 528: * minfd.c (_get_permanent_fd): Use SHELL environment variable.
! 529:
! 530: * channels.c (x11_create_display_inet): Created
! 531: HPSUX_NONSTANDARD_X11_KLUDGE; it causes DISPLAY to contain the
! 532: IP address of the host instead of the name, because HPSUX uses
! 533: some magic shared memory communication for local connections.
! 534:
! 535: * Changed SIGHUP processing in server; it should now work multiple
! 536: times.
! 537:
! 538: * Added length limits in many debug/log/error/fatal calls just in
! 539: case.
! 540:
! 541: * login.c (get_last_login_time): Fixed location of lastlog.
! 542:
! 543: * Rewrote all uid-swapping code. New files uidswap.h, uidswap.c.
! 544:
! 545: * Fixed several security problems involving chmod and chgrp (race
! 546: conditions). Added warnings about dubious modes for /tmp/.X11-unix.
! 547:
! 548: Fri Sep 8 20:03:36 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
! 549:
! 550: * Changed readconf.c to never display anything from the config
! 551: file. This should now be prevented otherwise, but let's play safe.
! 552:
! 553: * log-server.c: Use %.500s in syslog() just to be sure (they
! 554: should already be shorter than 1024 though).
! 555:
! 556: * sshd.c: Moved setuid in child a little earlier (just to be
! 557: conservative, there was no security problem that I could detect).
! 558:
! 559: * README, INSTALL: Added info about mailing list and WWW page.
! 560:
! 561: * sshd.c: Added code to use SIGCHLD and wait zombies immediately.
! 562:
! 563: * Merged patch to set ut_addr in utmp.
! 564:
! 565: * Created ChangeLog and added it to Makefile.in.
! 566:
! 567: * Use read_passphrase instead of getpass().
! 568:
! 569: * Added SSH_FALLBACK_CIPHER. Fixed a bug in default cipher
! 570: selection (IDEA used to be selected even if not supported by the
! 571: server).
! 572:
! 573: * Use no encryption for key files if empty passphrase.
! 574:
! 575: * Added section about --without-idea in INSTALL.
! 576:
! 577: * Version 1.2.0 was released a couple of days ago.
! 578: