Subject: CVS commit: pkgsrc
To: None <pkgsrc-changes@netbsd.org>
From: Jun-ichiro itojun Hagino <itojun@netbsd.org>
List: pkgsrc-changes
Date: 02/20/2001 18:33:15
Module Name:	pkgsrc
Committed By:	itojun
Date:		Tue Feb 20 16:33:15 UTC 2001

Modified Files:
	pkgsrc/security/openssh: Makefile
	pkgsrc/security/openssh/files: md5 patch-sum
	pkgsrc/security/openssh/patches: patch-ah
	pkgsrc/security/openssh/pkg: PLIST
Removed Files:
	pkgsrc/security/openssh/patches: patch-aa patch-an patch-ao

Log Message:
upgrade to 2.5.1p1.

20010219
 - (bal) Markus' blessing to rename login.[ch] -> sshlogin.[ch] and
   pty.[ch] -> sshpty.[ch]
 - (djm) Rework search for OpenSSL location. Skip directories which don't
   exist, don't add -L$ssldir/lib if it doesn't exist. Should help SCO
   with its limit of 6 -L options.
 - OpenBSD CVS Sync:
   - reinhard@cvs.openbsd.org        2001/02/17 08:24:40
     [sftp.1]
     typo
   - deraadt@cvs.openbsd.org 2001/02/17 16:28:58
     [ssh.c]
     cleanup -V output; noted by millert
   - deraadt@cvs.openbsd.org 2001/02/17 16:48:48
     [sshd.8]
     it's the OpenSSH one
   - markus@cvs.openbsd.org  2001/02/18 11:33:54
     [dispatch.c]
     typo, SSH2_MSG_KEXINIT, from aspa@kronodoc.fi
   - markus@cvs.openbsd.org  2001/02/19 02:53:32
     [compat.c compat.h serverloop.c]
     ssh-1.2.{18-22} has broken handling of ignore messages; report from
     itojun@
   - markus@cvs.openbsd.org  2001/02/19 03:35:23
     [version.h]
     OpenSSH_2.5.1 adds bug compat with 1.2.{18-22}
   - deraadt@cvs.openbsd.org 2001/02/19 03:36:25
     [scp.c]
     np is changed by recursion; vinschen@redhat.com
 - Update versions in RPM spec files
 - Release 2.5.1p1

20010218
 - (bal) Patch for fix FCHMOD reference in ftp-client.c by Tim Rice
   <tim@multitalents.net>
 - (Bal) Patch for lack of RA_RESTART in misc.c for mysignal by
   stevesk
 - (djm) Fix my breaking of cygwin builds, Patch from Corinna Vinschen
   <vinschen@redhat.com> and myself.
 - (djm) Close listen_sock on bind() failures. Patch from Arkadiusz
   Miskiewicz <misiek@pld.ORG.PL>
 - (djm) Robustify EGD/PRNGd code in face of socket closures. Patch from
   Todd C. Miller <Todd.Miller@courtesan.com>
 - (djm) Use ttyname() to determine name of tty returned by openpty()
   rather then risking overflow. Patch from Marek Michalkiewicz
   <marekm@amelek.gda.pl>
 - (djm) Swapped tests for no_libsocket and no_libnsl in configure.in.
   Patch from Marek Michalkiewicz <marekm@amelek.gda.pl>
 - (djm) Doc fixes from Pekka Savola <pekkas@netcore.fi>
 - (djm) Use SA_INTERRUPT along SA_RESTART if present (equivalent for
   SunOS)
 - (djm) SCO needs librpc for libwrap. Patch from Tim Rice
   <tim@multitalents.net>
 - (stevesk) misc.c: cpp rework of SA_(INTERRUPT|RESTART) handling.
 - (stevesk) scp.c: use mysignal() for updateprogressmeter() handler.
 - (djm) SA_INTERRUPT is the converse of SA_RESTART, apply it only for
   SIGALRM.
 - (djm) Move entropy.c over to mysignal()
 - (djm) SunOS 4.x also needs to define HAVE_BOGUS_SYS_QUEUE_H as it has
   a <sys/queue.h> that lacks the TAILQ_* macros. Patch from Todd C.
   Miller <Todd.Miller@courtesan.com>
 - (djm) Update RPM spec files for 2.5.0p1
 - (djm) Merge BSD_AUTH support from Markus Friedl and David J. MacKenzie
   enable with --with-bsd-auth.
 - (stevesk) entropy.c: typo; should be SIGPIPE

20010217
 - (bal) OpenBSD Sync:
   - markus@cvs.openbsd.org 2001/02/16 13:38:18
     [channel.c]
     remove debug
   - markus@cvs.openbsd.org 2001/02/16 14:03:43
     [session.c]
     proper payload-length check for x11 w/o screen-number

20010216
 - (bal) added '--with-prce'  to allow overriding of system regex when
   required (tested by David Dulek <ddulek@fastenal.com>)
 - (bal) Added DG/UX case and set that they have a broken IPTOS.
 - (djm) Mini-configure reorder patch from Tim Rice <tim@multitalents.net>
   Fixes linking on SCO.
 - (djm) Make gnome-ssh-askpass handle multi-line prompts. Patch from
   Nalin Dahyabhai <nalin@redhat.com>
 - (djm) BSD license for gnome-ssh-askpass (was X11)
 - (djm) KNF on gnome-ssh-askpass
 - (djm) USE_PIPES for a few more sysv platforms
 - (djm) Cleanup configure.in a little
 - (djm) Ask users to check config.log when we can't find necessary libs
 - (djm) Set "login ID" on systems with setluid. Only enabled for SCO
   OpenServer for now. Based on patch from svaughan <svaughan@asterion.com>
 - (djm) OpenBSD CVS:
   - markus@cvs.openbsd.org  2001/02/15 16:19:59
     [channels.c channels.h serverloop.c sshconnect.c sshconnect.h]
     [sshconnect1.c sshconnect2.c]
     genericize password padding function for SSH1 and SSH2.
     add stylized echo to 2, too.
 - (djm) Add roundup() macro to defines.h
 - (stevesk) set SA_RESTART flag in mysignal() for SIGCHLD;
   needed on Unixware 2.x.

20010215
 - (djm) Move PAM session setup back to before setuid to user. Fixes
   problems on Solaris-derived PAMs.
 - (djm) Clean up PAM namespace. Suggested by Darren Moffat
   <Darren.Moffat@eng.sun.com>
 - (bal) Sync w/ OpenSSH for new release
   - markus@cvs.openbsd.org 2001/02/12 12:45:06
     [sshconnect1.c]
     fix xmalloc(0), ok dugsong@
   - markus@cvs.openbsd.org 2001/02/11 12:59:25
     [Makefile.in sshd.8 sshconnect2.c readconf.h readconf.c packet.c
      sshd.c ssh.c ssh.1 servconf.h servconf.c myproposal.h kex.h kex.c]
     1) clean up the MAC support for SSH-2
     2) allow you to specify the MAC with 'ssh -m'
     3) or the 'MACs' keyword in ssh(d)_config
     4) add hmac-{md5,sha1}-96
             ok stevesk@, provos@
   - markus@cvs.openbsd.org 2001/02/12 16:16:23
     [auth-passwd.c auth.c auth.h auth1.c auth2.c servconf.c servconf.h
      ssh-keygen.c sshd.8]
     PermitRootLogin={yes,without-password,forced-commands-only,no}
     (before this change, root could login even if PermitRootLogin==no)
   - deraadt@cvs.openbsd.org 2001/02/12 22:56:09
     [clientloop.c packet.c ssh-keyscan.c]
     deal with EAGAIN/EINTR selects which were skipped
   - markus@cvs.openssh.org 2001/02/13 22:49:40
     [auth1.c auth2.c]
     setproctitle(user) only if getpwnam succeeds
   - markus@cvs.openbsd.org 2001/02/12 23:26:20
     [sshd.c]
     missing memset; from solar@openwall.com
   - stevesk@cvs.openbsd.org 2001/02/12 20:53:33
     [sftp-int.c]
     lumask now works with 1 numeric arg; ok markus@, djm@
   - djm@cvs.openbsd.org 2001/02/14 9:46:03
     [sftp-client.c sftp-int.c sftp.1]
     Fix and document 'preserve modes & times' option ('-p' flag in sftp);
     ok markus@
 - (bal) replaced PATH_MAX in sftp-int.c w/ MAXPATHLEN.
 - (djm) Move to Jim's 1.2.0 X11 askpass program
 - (stevesk) OpenBSD sync:
   - deraadt@cvs.openbsd.org 2001/02/15 01:38:04
     [serverloop.c]
     indent

20010214
 - (djm) Don't try to close PAM session or delete credentials if the
   session has not been open or credentials not set. Based on patch from
   Andrew Bartlett <abartlet@pcug.org.au>
 - (djm) Move PAM session initialisation until after fork in sshd. Patch
   from Nalin Dahyabhai <nalin@redhat.com>
 - (bal) Missing function prototype in bsd-snprintf.c patch by
   Mark Miller <markm@swoon.net>
 - (djm) Split out and improve OSF SIA auth code. Patch from Chris Adams
   <cmadams@hiwaay.net> with a little modification and KNF.
 - (stevesk) fix for SIA patch, misplaced session_setup_sia()

20010213
 - (djm) Only test -S potential EGD sockets if they exist and are readable.
 - (bal) Cleaned out bsd-snprintf.c.  VARARGS have been banished and
   I did a base KNF over the whe whole file to make it more acceptable.
   (backed out of original patch and removed it from ChangeLog)
 - (bal) Use chown() if fchown() does not exist in ftp-server.c patch by
   Tim Rice <tim@multitalents.net>
 - (stevesk) auth1.c: fix PAM passwordless check.

20010212
 - (djm) Update Redhat specfile to allow --define "skip_x11_askpass 1",
   --define "skip_gnome_askpass 1", --define "rh7 1" and make the
   implicit rpm-3.0.5 dependancy explicit. Patch and suggestions from
   Pekka Savola <pekkas@netcore.fi>
 - (djm) Clean up PCRE text in INSTALL
 - (djm) Fix OSF SIA auth NULL pointer deref. Report from Mike Battersby
   <mib@unimelb.edu.au>
 - (bal) NCR SVR4 compatiblity provide by Don Bragg <thewizarddon@yahoo.com>
 - (stevesk) session.c: remove debugging code.

20010211
 - (bal) OpenBSD Sync
   - markus@cvs.openbsd.org 2001/02/07 22:35:46
     [auth1.c auth2.c sshd.c]
     move k_setpag() to a central place; ok dugsong@
   - markus@cvs.openbsd.org 2001/02/10 12:52:02
     [auth2.c]
     offer passwd before s/key
   - markus@cvs.openbsd.org 2001/02/8 22:37:10
     [canohost.c]
     remove last call to sprintf; ok deraadt@
   - markus@cvs.openbsd.org 2001/02/10 1:33:32
     [canohost.c]
     add debug message, since sshd blocks here if DNS is not available
   - markus@cvs.openbsd.org 2001/02/10 12:44:02
     [cli.c]
     don't call vis() for \r
   - danh@cvs.openbsd.org 2001/02/10 0:12:43
     [scp.c]
     revert a small change to allow -r option to work again; ok deraadt@
   - danh@cvs.openbsd.org 2001/02/10 15:14:11
     [scp.c]
     fix memory leak; ok markus@
   - djm@cvs.openbsd.org 2001/02/10 0:45:52
     [scp.1]
     Mention that you can quote pathnames with spaces in them
   - markus@cvs.openbsd.org 2001/02/10 1:46:28
     [ssh.c]
     remove mapping of argv[0] -> hostname
   - markus@cvs.openbsd.org 2001/02/06 22:26:17
     [sshconnect2.c]
     do not ask for passphrase in batch mode; report from ejb@ql.org
   - itojun@cvs.opebsd.org 2001/02/08 10:47:05
     [sshconnect.c sshconnect1.c sshconnect2.c]
     %.30s is too short for IPv6 numeric address.  use %.128s for now.
     markus ok
   - markus@cvs.openbsd.org 2001/02/09 12:28:35
     [sshconnect2.c]
     do not free twice, thanks to /etc/malloc.conf
   - markus@cvs.openbsd.org 2001/02/09 17:10:53
     [sshconnect2.c]
     partial success: debug->log; "Permission denied" if no more auth methods
   - markus@cvs.openbsd.org 2001/02/10 12:09:21
     [sshconnect2.c]
     remove some lines
   - markus@cvs.openbsd.org 2001/02/09 13:38:07
     [auth-options.c]
     reset options if no option is given; from han.holl@prismant.nl
   - markus@cvs.openbsd.org 2001/02/08 21:58:28
     [channels.c]
     nuke sprintf, ok deraadt@
   - markus@cvs.openbsd.org 2001/02/08 21:58:28
     [channels.c]
     nuke sprintf, ok deraadt@
   - markus@cvs.openbsd.org 2001/02/06 22:43:02
     [clientloop.h]
     remove confusing callback code
   - deraadt@cvs.openbsd.org 2001/02/08 14:39:36
     [readconf.c]
     snprintf
   - itojun@cvs.openbsd.org 2001/02/08 19:30:52
     sync with netbsd tree changes.
     - more strict prototypes, include necessary headers
     - use paths.h/pathnames.h decls
     - size_t typecase to int -> u_long
   - itojun@cvs.openbsd.org 2001/02/07 18:04:50
     [ssh-keyscan.c]
     fix size_t -> int cast (use u_long).  markus ok
   - markus@cvs.openbsd.org 2001/02/07 22:43:16
     [ssh-keyscan.c]
     s/getline/Linebuf_getline/; from roumen.petrov@skalasoft.com
   - itojun@cvs.openbsd.org 2001/02/09 9:04:59
     [ssh-keyscan.c]
     do not assume malloc() returns zero-filled region.  found by
     malloc.conf=AJ.
   - markus@cvs.openbsd.org 2001/02/08 22:35:30
     [sshconnect.c]
     don't connect if batch_mode is true and stricthostkeychecking set to
    'ask'
   - djm@cvs.openbsd.org 2001/02/04 21:26:07
     [sshd_config]
     type: ok markus@
   - deraadt@cvs.openbsd.org 2001/02/06 22:07:50
     [sshd_config]
     enable sftp-server by default
   - deraadt 2001/02/07 8:57:26
     [xmalloc.c]
     deal with new ANSI malloc stuff
   - markus@cvs.openbsd.org 2001/02/07 16:46:08
     [xmalloc.c]
     typo in fatal()
   - itojun@cvs.openbsd.org 2001/02/07 18:04:50
     [xmalloc.c]
     fix size_t -> int cast (use u_long).  markus ok
   - 1.47 Thu Feb 8 23:11:42 GMT 2001 by dugsong
     [serverloop.c sshconnect1.c]
     mitigate SSH1 traffic analysis - from Solar Designer
     <solar@openwall.com>, ok provos@
 - (bal) fixed sftp-client.c.  Return 'status' instead of '0'
   (from the OpenBSD tree)
 - (bal) Synced ssh.1, ssh-add.1 and sshd.8 w/ OpenBSD
 - (bal) sftp-sever.c  '%8lld' to '%8llu' (OpenBSD Sync)
 - (bal) uuencode.c resync w/ OpenBSD tree, plus whitespace.
 - (bal) A bit more whitespace cleanup
 - (djm) Set PAM_RHOST earlier, patch from Andrew Bartlett
   <abartlet@pcug.org.au>
 - (stevesk) misc.c: ssh.h not needed.
 - (stevesk) compat.c: more friendly cpp error
 - (stevesk) OpenBSD sync:
   - stevesk@cvs.openbsd.org 2001/02/11 06:15:57
     [LICENSE]
     typos and small cleanup; ok deraadt@

20010210
 - (djm) Sync sftp and scp stuff from OpenBSD:
   - djm@cvs.openbsd.org     2001/02/07 03:55:13
     [sftp-client.c]
     Don't free handles before we are done with them. Based on work from
     Corinna Vinschen <vinschen@redhat.com>. ok markus@
   - djm@cvs.openbsd.org     2001/02/06 22:32:53
     [sftp.1]
     Punctuation fix from Pekka Savola <pekkas@netcore.fi>
   - deraadt@cvs.openbsd.org 2001/02/07 04:07:29
     [sftp.1]
     pretty up significantly
   - itojun@cvs.openbsd.org  2001/02/07 06:49:42
     [sftp.1]
     .Bl-.El mismatch.  markus ok
   - djm@cvs.openbsd.org     2001/02/07 06:12:30
     [sftp-int.c]
     Check that target is a directory before doing ls; ok markus@
   - itojun@cvs.openbsd.org  2001/02/07 11:01:18
     [scp.c sftp-client.c sftp-server.c]
     unsigned long long -> %llu, not %qu.  markus ok
   - stevesk@cvs.openbsd.org 2001/02/07 11:10:39
     [sftp.1 sftp-int.c]
     more man page cleanup and sync of help text with man page; ok markus@
   - markus@cvs.openbsd.org  2001/02/07 14:58:34
     [sftp-client.c]
     older servers reply with SSH2_FXP_NAME + count==0 instead of EOF
   - djm@cvs.openbsd.org     2001/02/07 15:27:19
     [sftp.c]
     Don't forward agent and X11 in sftp. Suggestion from Roumen Petrov
     <roumen.petrov@skalasoft.com>
   - stevesk@cvs.openbsd.org 2001/02/07 15:36:04
     [sftp-int.c]
     portable; ok markus@
   - stevesk@cvs.openbsd.org 2001/02/07 15:55:47
     [sftp-int.c]
     lowercase cmds[].c also; ok markus@
   - markus@cvs.openbsd.org  2001/02/07 17:04:52
     [pathnames.h sftp.c]
     allow sftp over ssh protocol 1; ok djm@
   - deraadt@cvs.openbsd.org 2001/02/08 07:38:55
     [scp.c]
     memory leak fix, and snprintf throughout
   - deraadt@cvs.openbsd.org 2001/02/08 08:02:02
     [sftp-int.c]
     plug a memory leak
   - stevesk@cvs.openbsd.org 2001/02/08 10:11:23
     [session.c sftp-client.c]
     %i -> %d
   - stevesk@cvs.openbsd.org 2001/02/08 10:57:59
     [sftp-int.c]
     typo
   - stevesk@cvs.openbsd.org 2001/02/08 15:28:07
     [sftp-int.c pathnames.h]
     _PATH_LS; ok markus@
   - djm@cvs.openbsd.org     2001/02/09 04:46:25
     [sftp-int.c]
     Check for NULL attribs for chown, chmod & chgrp operations, only send
     relevant attribs back to server; ok markus@
   - djm@cvs.openbsd.org     2001/02/06 15:05:25
     [sftp.c]
     Use getopt to process commandline arguments
   - djm@cvs.openbsd.org     2001/02/06 15:06:21
     [sftp.c ]
     Wait for ssh subprocess at exit
   - djm@cvs.openbsd.org     2001/02/06 15:18:16
     [sftp-int.c]
     stat target for remote chdir before doing chdir
   - djm@cvs.openbsd.org     2001/02/06 15:32:54
     [sftp.1]
     Punctuation fix from Pekka Savola <pekkas@netcore.fi>
   - provos@cvs.openbsd.org  2001/02/05 22:22:02
     [sftp-int.c]
     cleanup get_pathname, fix pwd after failed cd. okay djm@
 - (djm) Update makefile.in for _PATH_SFTP_SERVER
 - (bal) sftp-client.c replace NULL w/ 0 in do_ls() (pending in OpenBSD tree)

20010209
 - (bal) patch to vis.c to deal with HAVE_VIS right by Robert Mooney
   <rjmooney@mediaone.net>
 - (bal) .c.o rule in openbsd-compat/Makefile.in did not make it to the
   main tree while porting forward.  Pointed out by Lutz Jaenicke
   <Lutz.Jaenicke@aet.TU-Cottbus.DE>
 - (bal) double entry in configure.in.  Pointed out by Lutz Jaenicke
   <Lutz.Jaenicke@aet.TU-Cottbus.DE>
 - (stevesk) OpenBSD sync:
   - markus@cvs.openbsd.org  2001/02/08 11:20:01
     [auth2.c]
     strict checking
   - markus@cvs.openbsd.org  2001/02/08 11:15:22
     [version.h]
     update to 2.3.2
   - markus@cvs.openbsd.org  2001/02/08 11:12:30
     [auth2.c]
     fix typo
 - (djm) Update spec files
 - (bal) OpenBSD sync:
   - deraadt@cvs.openbsd.org 2001/02/08 14:38:54
     [scp.c]
     memory leak fix, and snprintf throughout
   - markus@cvs.openbsd.org 2001/02/06 22:43:02
     [clientloop.c]
     remove confusing callback code
 - (djm) Add CVS Id's to files that we have missed
 - (bal) OpenBSD Sync (more):
   - itojun@cvs.openbsd.org 2001/02/08 19:30:52
     sync with netbsd tree changes.
     - more strict prototypes, include necessary headers
     - use paths.h/pathnames.h decls
     - size_t typecase to int -> u_long
   - markus@cvs.openbsd.org 2001/02/06 22:07:42
     [ssh.c]
     fatal() if subsystem fails
   - markus@cvs.openbsd.org 2001/02/06 22:43:02
     [ssh.c]
     remove confusing callback code
   - jakob@cvs.openbsd.org 2001/02/06 23:03:24
     [ssh.c]
     add -1 option (force protocol version 1). ok markus@
   - jakob@cvs.openbsd.org 2001/02/06 23:06:21
     [ssh.c]
     reorder -{1,2,4,6} options. ok markus@
 - (bal) Missing 'const' in readpass.h
 - (bal) OpenBSD Sync (so at least the thing compiles for 2.3.2 =)
   - djm@cvs.openbsd.org 2001/02/06 23:30:28
     [sftp-client.c]
     replace arc4random with counter for request ids; ok markus@
 - (djm) Define _PATH_TTY for systems that don't. Report from Lutz
   Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>

20010208
 - (djm) Don't delete external askpass program in make uninstall target.
   Report and fix from Roumen Petrov <roumen.petrov@skalasoft.com>
 - (djm) Fix linking of sftp, don't need arc4random any more.
 - (djm) Try to use shell that supports "test -S" for EGD socket search.
   Based on patch from Tim Rice <tim@multitalents.net>

20010207
 - (bal) Save the whole path to AR in configure.  Some Solaris 2.7 installs
   seem lose track of it while in openbsd-compat/  (two confirmed reports)
 - (djm) Much KNF on PAM code
 - (djm) Revise auth-pam.c conversation function to be a little more
   readable.
 - (djm) Revise kbd-int PAM conversation function to fold all text messages
   to before first prompt. Fixes hangs if last pam_message did not require
   a reply.
 - (djm) Fix password changing when using PAM kbd-int authentication

20010205
 - (bal) Disable groupaccess by setting NGROUPS_MAX to 0 for platforms
   that don't have NGROUPS_MAX.
 - (bal) AIX patch for auth1.c by William L. Jones <jones@hpc.utexas.edu>
 - (stevesk) OpenBSD sync:
   - stevesk@cvs.openbsd.org 2001/02/04 08:32:27
     [many files; did this manually to our top-level source dir]
     unexpand and remove end-of-line whitespace; ok markus@
   - stevesk@cvs.openbsd.org 2001/02/04 15:21:19
     [sftp-server.c]
     SSH2_FILEXFER_ATTR_UIDGID support; ok markus@
   - deraadt@cvs.openbsd.org 2001/02/04 17:02:32
     [sftp-int.c]
     ? == help
   - deraadt@cvs.openbsd.org 2001/02/04 16:47:46
     [sftp-int.c]
     sort commands, so that abbreviations work as expected
   - stevesk@cvs.openbsd.org 2001/02/04 15:17:52
     [sftp-int.c]
     debugging sftp: precedence and missing break.  chmod, chown, chgrp
     seem to be working now.
   - markus@cvs.openbsd.org 2001/02/04 14:41:21
     [sftp-int.c]
     use base 8 for umask/chmod
   - markus@cvs.openbsd.org 2001/02/04 11:11:54
     [sftp-int.c]
     fix LCD
   - markus@cvs.openbsd.org  2001/02/04 08:10:44
     [ssh.1]
     typo; dpo@club-internet.fr
   - stevesk@cvs.openbsd.org 2001/02/04 06:30:12
     [auth2.c authfd.c packet.c]
     remove duplicate #include's; ok markus@
   - deraadt@cvs.openbsd.org 2001/02/04 16:56:23
     [scp.c sshd.c]
     alpha happiness
   - stevesk@cvs.openbsd.org 2001/02/04 15:12:17
     [sshd.c]
     precedence; ok markus@
   - deraadt@cvs.openbsd.org 2001/02/04 08:14:15
     [ssh.c sshd.c]
     make the alpha happy
   - markus@cvs.openbsd.org  2001/01/31 13:37:24
     [channels.c channels.h serverloop.c ssh.c]
     do not disconnect if local port forwarding fails, e.g. if port is
     already in use
   - markus@cvs.openbsd.org  2001/02/01 14:58:09
     [channels.c]
     use ipaddr in channel messages, ietf-secsh wants this
   - markus@cvs.openbsd.org  2001/01/31 12:26:20
     [channels.c]
     ssh.com-2.0.1x does not send additional info in CHANNEL_OPEN_FAILURE
     messages; bug report from edmundo@rano.org
   - markus@cvs.openbsd.org  2001/01/31 13:48:09
     [sshconnect2.c]
     unused
   - deraadt@cvs.openbsd.org 2001/02/04 08:23:08
     [sftp-client.c sftp-server.c]
     make gcc on the alpha even happier

20010204
 - (bal) I think this is the last of the bsd-*.h that don't belong.
 - (bal) Minor Makefile fix
 - (bal) openbsd-compat/Makefile minor fix.  Ensure dependancies are done
   right.
 - (bal) Changed order of LIB="" in -with-skey due to library resolving.
 - (bal) next-posix.h changed to bsd-nextstep.h
 - (djm) OpenBSD CVS sync:
   - markus@cvs.openbsd.org  2001/02/03 03:08:38
     [auth-options.c auth-rh-rsa.c auth-rhosts.c auth.c canohost.c]
     [canohost.h servconf.c servconf.h session.c sshconnect1.c sshd.8]
     [sshd_config]
     make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@
   - markus@cvs.openbsd.org  2001/02/03 03:19:51
     [ssh.1 sshd.8 sshd_config]
     Skey is now called ChallengeResponse
   - markus@cvs.openbsd.org  2001/02/03 03:43:09
     [sshd.8]
     use no-pty option in .ssh/authorized_keys* if you need a 8-bit clean
     channel. note from Erik.Anggard@cygate.se (pr/1659)
   - stevesk@cvs.openbsd.org 2001/02/03 10:03:06
     [ssh.1]
     typos; ok markus@
   - djm@cvs.openbsd.org     2001/02/04 04:11:56
     [scp.1 sftp-server.c ssh.1 sshd.8 sftp-client.c sftp-client.h]
     [sftp-common.c sftp-common.h sftp-int.c sftp-int.h sftp.1 sftp.c]
     Basic interactive sftp client; ok theo@
 - (djm) Update RPM specs for new sftp binary
 - (djm) Update several bits for new optional reverse lookup stuff. I
   think I got them all.
 - (djm) Makefile.in fixes
 - (stevesk) add mysignal() wrapper and use it for the protocol 2
   SIGCHLD handler.
 - (djm) Use setvbuf() instead of setlinebuf(). Suggest from stevesk@

20010203
 - (bal) Cygwin clean up by Corinna Vinschen <vinschen@redhat.com>
 - (bal) renamed queue.h to fake-queue.h (even if it's an OpenBSD
   based file) to ensure #include space does not get confused.
 - (bal) Minor Makefile.in tweak.  dirname may not exist on some
   platforms so builds fail.  (NeXT being a well known one)

20010202
 - (bal) Makefile fix where sourcedir != builddir by Corinna Vinschen
   <vinschen@redhat.com>
 - (bal) Makefile fix to use $(MAKE) instead of 'make'  for platforms
   that use 'gmake'.   Patch by Tim Rice <tim@multitalents.net>

20010201
 - (bal) Minor fix to Makefile to stop rebuilding executables if no
   changes have occured to any of the supporting code.  Patch by
   Roumen Petrov <roumen.petrov@skalasoft.com>

20010131
 - (djm) OpenBSD CVS Sync:
   - djm@cvs.openbsd.org     2001/01/30 15:48:53
     [sshconnect.c]
     Make warning message a little more consistent. ok markus@
 - (djm) Fix autoconf logic for --with-lastlog=no Report and diagnosis from
   Philipp Buehler <lists@fips.de> and Kevin Steves <stevesk@sweden.hp.com>
   respectively.
 - (djm) Don't log SSH2 PAM KbdInt responses to debug, they may contain
   passwords.
 - (bal) Reorder.  Move all bsd-*, fake-*, next-*, and cygwin* stuff to
   openbsd-compat/.  And resolve all ./configure and Makefile.in issues
   assocated.

20010130
 - (djm) OpenBSD CVS Sync:
   - markus@cvs.openbsd.org  2001/01/29 09:55:37
     [channels.c channels.h clientloop.c serverloop.c]
     fix select overflow; ok deraadt@ and stevesk@
   - markus@cvs.openbsd.org  2001/01/29 12:42:35
     [canohost.c canohost.h channels.c clientloop.c]
     add get_peer_ipaddr(socket), x11-fwd in ssh2 requires ipaddr, not DNS
   - markus@cvs.openbsd.org  2001/01/29 12:47:32
     [rsa.c rsa.h ssh-agent.c sshconnect1.c sshd.c]
     handle rsa_private_decrypt failures; helps against the Bleichenbacher
     pkcs#1 attack
   - djm@cvs.openbsd.org     2001/01/29 05:36:11
     [ssh.1 ssh.c]
     Allow invocation of sybsystem by commandline (-s); ok markus@
 - (stevesk) configure.in: remove duplicate PROG_LS

20010129
 - (stevesk) sftp-server.c: use %lld vs. %qd

20010128
 - (bal) Put USE_PIPES back into sco3.2v5
 - (bal) OpenBSD Sync
   - markus@cvs.openbsd.org 2001/01/28 10:15:34
     [dispatch.c]
     re-keying is not supported; ok deraadt@
   - markus@cvs.openbsd.org 2001/01/28 10:24:04
     [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
     cleanup AUTHORS sections
   - markus@cvs.openbsd.org 2001/01/28 10:37:26
     [sshd.c sshd.8]
     remove -Q, no longer needed
   - stevesk@cvs.openbsd.org 2001/01/28 20:36:16
     [readconf.c ssh.1]
     ``StrictHostKeyChecking ask'' documentation and small cleanup.
     ok markus@
   - stevesk@cvs.openbsd.org 2001/01/28 20:43:25
     [sshd.8]
     spelling.  ok markus@
   - stevesk@cvs.openbsd.org 2001/01/28 20:53:21
     [xmalloc.c]
     use size_t for strlen() return.  ok markus@
   - stevesk@cvs.openbsd.org 2001/01/28 22:27:05
     [authfile.c]
     spelling.  use sizeof vs. strlen().  ok markus@
   - niklas@cvs.openbsd.org 2001/01/29 1:59:14
     [atomicio.h canohost.h clientloop.h deattack.h dh.h dispatch.h
      groupaccess.c groupaccess.h hmac.h hostfile.h includes.h kex.h
      key.h log.h login.h match.h misc.h myproposal.h nchan.ms pathnames.h
      radix.h readpass.h rijndael.h serverloop.h session.h sftp.h ssh-add.1
      ssh-dss.h ssh-keygen.1 ssh-keyscan.1 ssh-rsa.h ssh1.h ssh_config
      sshconnect.h sshd_config tildexpand.h uidswap.h uuencode.h]
     $OpenBSD$
  - (bal) Minor auth2.c resync.  Whitespace and moving of an #include.

20010126
 - (bal) SSH_PROGRAM vs _PATH_SSH_PROGRAM fix pointed out by Roumen
   Petrov <roumen.petrov@skalasoft.com>
 - (bal) OpenBSD Sync
   - deraadt@cvs.openbsd.org 2001/01/25 8:06:33
     [ssh-agent.c]
     call _exit() in signal handler

20010125
 - (djm) Sync bsd-* support files:
   - deraadt@cvs.openbsd.org 2000/01/26 03:43:20
     [rresvport.c bindresvport.c]
     new bindresvport() semantics that itojun, shin, jean-luc and i have
     agreed on, which will be happy for the future. bindresvport_sa() for
     sockaddr *, too.  docs later..
   - deraadt@cvs.openbsd.org 2000/01/24 02:24:21
     [bindresvport.c]
     in bindresvport(), if sin is non-NULL, example sin->sin_family for
     the actual family being processed
 - (djm) Mention PRNGd in documentation, it is nicer than EGD
 - (djm) Automatically search for "well-known" EGD/PRNGd sockets in autoconf
 - (bal) AC_FUNC_STRFTIME added to autoconf
 - (bal) OpenBSD Resync
   - stevesk@cvs.openbsd.org 2001/01/24 21:03:50
     [channels.c]
     missing freeaddrinfo(); ok markus@

20010124
 - (bal) OpenBSD Resync
   - markus@cvs.openbsd.org 2001/01/23 10:45:10
     [ssh.h]
     nuke comment
 - (bal) no 64bit support patch from Tim Rice <tim@multitalents.net>
 - (bal) #ifdef around S_IFSOCK if platform does not support it.
   patch by Tim Rice <tim@multitalents.net>
 - (bal) fake-regex.h cleanup based on Tim Rice's patch.
 - (stevesk) sftp-server.c: fix chmod() mode mask

20010123
 - (bal) regexp.h typo in configure.in.  Should have been regex.h
 - (bal) SSH_USER_DIR to _PATH_SSH_USER_DIR patch by stevesk@
 - (bal) SSH_ASKPASS_DEFAULT to _PATH_SSH_ASKPASS_DEFAULT
 - (bal) OpenBSD Resync
   - markus@cvs.openbsd.org 2001/01/22 8:15:00
     [auth-krb4.c sshconnect1.c]
     only AFS needs radix.[ch]
   - markus@cvs.openbsd.org 2001/01/22 8:32:53
     [auth2.c]
     no need to include; from mouring@etoh.eviladmin.org
   - stevesk@cvs.openbsd.org 2001/01/22 16:55:21
     [key.c]
     free() -> xfree(); ok markus@
   - stevesk@cvs.openbsd.org 2001/01/22 17:22:28
     [sshconnect2.c sshd.c]
     fix memory leaks in SSH2 key exchange; ok markus@
   - markus@cvs.openbsd.org 2001/01/22 23:06:39
     [auth1.c auth2.c readconf.c readconf.h servconf.c servconf.h
      sshconnect1.c sshconnect2.c sshd.c]
     rename skey -> challenge response.
     auto-enable kbd-interactive for ssh2 if challenge-reponse is enabled.

20010122
 - (bal) OpenBSD Resync
   - markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus
     [servconf.c ssh.h sshd.c]
     only auth-chall.c needs #ifdef SKEY
   - markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus
     [auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
      auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c
      packet.c pathname.h readconf.c scp.c servconf.c serverloop.c
      session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h
      ssh1.h sshconnect1.c sshd.c ttymodes.c]
     move ssh1 definitions to ssh1.h, pathnames to pathnames.h
   - markus@cvs.openbsd.org 2001/01/19 16:48:14
     [sshd.8]
     fix typo; from stevesk@
   - markus@cvs.openbsd.org 2001/01/19 16:50:58
     [ssh-dss.c]
     clear and free digest, make consistent with other code (use dlen); from
     stevesk@
   - markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus
     [auth-options.c auth-options.h auth-rsa.c auth2.c]
     pass the filename to auth_parse_options()
   - markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001
     [readconf.c]
     fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com
   - stevesk@cvs.openbsd.org 2001/01/20 18:20:29
     [sshconnect2.c]
     dh_new_group() does not return NULL.  ok markus@
   - markus@cvs.openbsd.org 2001/01/20 21:33:42
     [ssh-add.c]
     do not loop forever if askpass does not exist; from
     andrew@pimlott.ne.mediaone.net
   - djm@cvs.openbsd.org 2001/01/20 23:00:56
     [servconf.c]
     Check for NULL return from strdelim; ok markus
   - djm@cvs.openbsd.org 2001/01/20 23:02:07
     [readconf.c]
     KNF; ok markus
   - jakob@cvs.openbsd.org 2001/01/21 9:00:33
     [ssh-keygen.1]
     remove -R flag; ok markus@
   - markus@cvs.openbsd.org 2001/01/21 19:05:40
     [atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c
      auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
      auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c
      bufaux.c  bufaux.h buffer.c canahost.c canahost.h channels.c
      cipher.c cli.c clientloop.c clientloop.h compat.c compress.c
      deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c
      key.c key.h log-client.c log-server.c log.c log.h login.c login.h
      match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c
      readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h
      session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c
      ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h
      sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h
      ttysmodes.c uidswap.c xmalloc.c]
     split ssh.h and try to cleanup the #include mess. remove unnecessary
     #includes.  rename util.[ch] -> misc.[ch]
 - (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree
 - (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve
   conflict when compiling for non-kerb install
 - (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes
   on 1/19.

20010120
 - (bal) OpenBSD Resync
   - markus@cvs.openbsd.org 2001/01/19 12:45:26
     [ssh-chall.c servconf.c servconf.h ssh.h sshd.c]
     only auth-chall.c needs #ifdef SKEY
 - (bal) Slight auth2-pam.c clean up.
 - (bal) Includes a fake-regexp.h to be only used if regcomp() is found,
   but no 'regexp.h' found (SCO OpenServer 3 lacks the header).

20010119
 - (djm) Update versions in RPM specfiles
 - (bal) OpenBSD Resync
   - markus@cvs.openbsd.org 2001/01/18 16:20:21
     [log-client.c log-server.c log.c readconf.c servconf.c ssh.1 ssh.h
      sshd.8 sshd.c]
     log() is at pri=LOG_INFO, since LOG_NOTICE goes to /dev/console on many
     systems
   - markus@cvs.openbsd.org 2001/01/18 16:59:59
     [auth-passwd.c auth.c auth.h auth1.c auth2.c serverloop.c session.c
      session.h sshconnect1.c]
     1) removes fake skey from sshd, since this will be much
        harder with /usr/libexec/auth/login_XXX
     2) share/unify code used in ssh-1 and ssh-2 authentication (server side)
     3) make addition of BSD_AUTH and other challenge reponse methods
        easier.
   - markus@cvs.openbsd.org 2001/01/18 17:12:43
     [auth-chall.c auth2-chall.c]
     rename *-skey.c *-chall.c since the files are not skey specific
 - (djm) Merge patch from Tim Waugh (via Nalin Dahyabhai <nalin@redhat.com>)
   to fix NULL pointer deref and fake authloop breakage in PAM code.
 - (bal) Updated contrib/cygwin/ by Corinna Vinschen <vinschen@redhat.com>
 - (bal) Minor cygwin patch to auth1.c.  Suggested by djm.

20010118
 - (bal) Super Sized OpenBSD Resync
   - markus@cvs.openbsd.org 2001/01/11 22:14:20 GMT 2001 by markus
     [sshd.c]
     maxfd+1
   - markus@cvs.openbsd.org 2001/01/13 17:59:18
     [ssh-keygen.1]
     small ssh-keygen manpage cleanup; stevesk@pobox.com
   - markus@cvs.openbsd.org 2001/01/13 18:03:07
     [scp.c ssh-keygen.c sshd.c]
     getopt() returns -1 not EOF; stevesk@pobox.com
   - markus@cvs.openbsd.org 2001/01/13 18:06:54
     [ssh-keyscan.c]
     use SSH_DEFAULT_PORT; from stevesk@pobox.com
   - markus@cvs.openbsd.org 2001/01/13 18:12:47
     [ssh-keyscan.c]
     free() -> xfree(); fix memory leak; from stevesk@pobox.com
   - markus@cvs.openbsd.org 2001/01/13 18:14:13
     [ssh-add.c]
     typo, from stevesk@sweden.hp.com
   - markus@cvs.openbsd.org 2001/01/13 18:32:50
     [packet.c session.c ssh.c sshconnect.c sshd.c]
     split out keepalive from packet_interactive (from dale@accentre.com)
     set IPTOS_LOWDELAY TCP_NODELAY IPTOS_THROUGHPUT for ssh2, too.
   - markus@cvs.openbsd.org 2001/01/13 18:36:45
     [packet.c packet.h]
     reorder, typo
   - markus@cvs.openbsd.org 2001/01/13 18:38:00
     [auth-options.c]
     fix comment
   - markus@cvs.openbsd.org 2001/01/13 18:43:31
     [session.c]
     Wall
   - markus@cvs.openbsd.org 2001/01/13 19:14:08
     [clientloop.h clientloop.c ssh.c]
     move callback to headerfile
   - markus@cvs.openbsd.org 2001/01/15 21:40:10
     [ssh.c]
     use log() instead of stderr
   - markus@cvs.openbsd.org 2001/01/15 21:43:51
     [dh.c]
     use error() not stderr!
   - markus@cvs.openbsd.org 2001/01/15 21:45:29
     [sftp-server.c]
     rename must fail if newpath exists, debug off by default
   - markus@cvs.openbsd.org 2001/01/15 21:46:38
     [sftp-server.c]
     readable long listing for sftp-server, ok deraadt@
   - markus@cvs.openbsd.org 2001/01/16 19:20:06
     [key.c ssh-rsa.c]
     make "ssh-rsa" key format for ssh2 confirm to the ietf-drafts; from
     galb@vandyke.com.  note that you have to delete older ssh2-rsa keys,
     since they are in the wrong format, too. they must be removed from
     .ssh/authorized_keys2 and .ssh/known_hosts2, etc.
     (cd; grep -v ssh-rsa .ssh/authorized_keys2 > TMP && mv TMP
     .ssh/authorized_keys2) additionally, we now check that
     BN_num_bits(rsa->n) >= 768.
   - markus@cvs.openbsd.org 2001/01/16 20:54:27
     [sftp-server.c]
     remove some statics. simpler handles; idea from nisse@lysator.liu.se
   - deraadt@cvs.openbsd.org 2001/01/16 23:58:08
     [bufaux.c radix.c sshconnect.h sshconnect1.c]
     indent
 - (bal) Added bsd-strmode.[ch] since some non-OpenBSD platforms may
   be missing such feature.

20010117
 - (djm) Only write random seed file at exit
 - (djm) Make PAM support optional, enable with --with-pam
 - (djm) Try to use libcrypt on Linux, but link it after OpenSSL (which
   provides a crypt() of its own)
 - (djm) Avoid a warning in bsd-bindresvport.c
 - (djm) Try to avoid adding -I/usr/include to CPPFLAGS during SSL tests. This
   can cause weird segfaults errors on Solaris
 - (djm) Avoid warning in PAM code by making read_passphrase arguments const
 - (djm) Add --with-pam to RPM spec files

20010115
 - (bal) sftp-server.c change to use chmod() if fchmod() does not exist.
 - (bal) utimes() support via utime() interface on machine that lack utimes().

20010114
 - (stevesk) initial work for OpenBSD "support supplementary group in
   {Allow,Deny}Groups" patch:
   - import getgrouplist.c from OpenBSD (bsd-getgrouplist.c)
   - add bsd-getgrouplist.h
   - new files groupaccess.[ch]
   - build but don't use yet (need to merge auth.c changes)
 - (stevesk) complete:
   - markus@cvs.openbsd.org  2001/01/13 11:56:48
     [auth.c sshd.8]
     support supplementary group in {Allow,Deny}Groups
     from stevesk@pobox.com

20010112
 - (bal) OpenBSD Sync
   - markus@cvs.openbsd.org 2001/01/10 22:56:22
     [bufaux.h bufaux.c sftp-server.c sftp.h getput.h]
     cleanup sftp-server implementation:
     add buffer_get_int64, buffer_put_int64, GET_64BIT, PUT_64BIT
     parse SSH2_FILEXFER_ATTR_EXTENDED
     send SSH2_FX_EOF if readdir returns no more entries
     reply to SSH2_FXP_EXTENDED message
     use #defines from the draft
     move #definations to sftp.h
     more info:
     http://www.ietf.org/internet-drafts/draft-ietf-secsh-filexfer-00.txt
   - markus@cvs.openbsd.org 2001/01/10 19:43:20
     [sshd.c]
     XXX - generate_empheral_server_key() is not safe against races,
     because it calls log()
   - markus@cvs.openbsd.org 2001/01/09 21:19:50
     [packet.c]
     allow TCP_NDELAY for ipv6; from netbsd via itojun@

20010110
 - (djm) SNI/Reliant Unix needs USE_PIPES and $DISPLAY hack. Report from
   Bladt Norbert <Norbert.Bladt@adi.ch>

20010109
 - (bal) Resync CVS ID of cli.c
 - (stevesk) auth1.c: free should be after WITH_AIXAUTHENTICATE
   code.
 - (bal) OpenBSD Sync
   - markus@cvs.openbsd.org 2001/01/08 22:29:05
     [auth2.c compat.c compat.h servconf.c servconf.h sshd.8
      sshd_config version.h]
     implement option 'Banner /etc/issue.net' for ssh2, move version to
     2.3.1 (needed for bugcompat detection, 2.3.0 would fail if Banner
     is enabled).
   - markus@cvs.openbsd.org 2001/01/08 22:03:23
     [channels.c ssh-keyscan.c]
     O_NDELAY -> O_NONBLOCK; thanks stevesk@pobox.com
   - markus@cvs.openbsd.org 2001/01/08 21:55:41
     [sshconnect1.c]
     more cleanups and fixes from stevesk@pobox.com:
     1) try_agent_authentication() for loop will overwrite key just
        allocated with key_new(); don't alloc
     2) call ssh_close_authentication_connection() before exit
        try_agent_authentication()
     3) free mem on bad passphrase in try_rsa_authentication()
   - markus@cvs.openbsd.org 2001/01/08 21:48:17
     [kex.c]
     missing free; thanks stevesk@pobox.com
  - (bal) Detect if clock_t structure exists, if not define it.
  - (bal) Detect if O_NONBLOCK exists, if not define it.
  - (bal) removed news4-posix.h (now empty)
  - (bal) changed bsd-bindresvport.c and bsd-rresvport.c to use 'socklen_t'
    instead of 'int'
 - (stevesk) sshd_config: sync
 - (stevesk) defines.h: remove spurious ``;''

20010108
 - (bal) Fixed another typo in cli.c
 - (bal) OpenBSD Sync
   - markus@cvs.openbsd.org 2001/01/07 21:26:55
     [cli.c]
     typo
   - markus@cvs.openbsd.org 2001/01/07 21:26:55
     [cli.c]
     missing free, stevesk@pobox.com
   - markus@cvs.openbsd.org 2001/01/07 19:06:25
     [auth1.c]
     missing free, stevesk@pobox.com
   - markus@cvs.openbsd.org 2001/01/07 11:28:04
     [log-client.c log-server.c log.c readconf.c servconf.c ssh.1
      ssh.h sshd.8 sshd.c]
     rename SYSLOG_LEVEL_INFO->SYSLOG_LEVEL_NOTICE
     syslog priority changes:
             fatal() LOG_ERR  -> LOG_CRIT
             log()   LOG_INFO -> LOG_NOTICE
 - Updated TODO

20010107
 - (bal) OpenBSD Sync
   - markus@cvs.openbsd.org 2001/01/06 11:23:27
     [ssh-rsa.c]
     remove unused
   - itojun@cvs.openbsd.org 2001/01/05 08:23:29
     [ssh-keyscan.1]
     missing .El
   - markus@cvs.openbsd.org 2001/01/04 22:41:03
     [session.c sshconnect.c]
     consistent use of _PATH_BSHELL; from stevesk@pobox.com
   - djm@cvs.openbsd.org 2001/01/04 22:35:32
     [ssh.1 sshd.8]
     Mention AES as available SSH2 Cipher; ok markus
   - markus@cvs.openbsd.org 2001/01/04 22:25:58
     [sshd.c]
     sync usage()/man with defaults; from stevesk@pobox.com
   - markus@cvs.openbsd.org 2001/01/04 22:21:26
     [sshconnect2.c]
     handle SSH2_MSG_USERAUTH_BANNER; fixes bug when connecting to a server
     that prints a banner (e.g. /etc/issue.net)

20010105
 - (bal) contrib/caldera/ provided by Tim Rice <tim@multitalents.net>
 - (bal) bsd-getcwd.c and bsd-setenv.c changed from bcopy() to memmove()

20010104
 - (djm) Fix memory leak on systems with BROKEN_GETADDRINFO. Based on
   work by Chris Vaughan <vaughan99@yahoo.com>

20010103
 - (bal) fixed up sshconnect.c so it was closer inline with the OpenBSD
   tree (mainly positioning)
 - (bal) OpenSSH CVS Update
   - markus@cvs.openbsd.org 2001/01/02 20:41:02
     [packet.c]
     log remote ip on disconnect; PR 1600 from jcs@rt.fm
   - markus@cvs.openbsd.org 2001/01/02 20:50:56
     [sshconnect.c]
     strict_host_key_checking for host_status != HOST_CHANGED &&
     ip_status == HOST_CHANGED
 - (bal) authfile.c: Synced CVS ID tag
 - (bal) UnixWare 2.0 fixes by Tim Rice <tim@multitalents.net>
 - (bal) Disable sftp-server if no 64bit int support exists.  Based on
   patch by Tim Rice <tim@multitalents.net>
 - (bal) Makefile.in changes to uninstall: target to remove sftp-server
   and sftp-server.8 manpage.

20010102
 - (bal) OpenBSD CVS Update
   - markus@cvs.openbsd.org 2001/01/01 14:52:49
     [scp.c]
     use shared fatal(); from stevesk@pobox.com

20001231
 - (bal) Reverted out of MAXHOSTNAMELEN.  This should be set per OS.
   for multiple reasons.
 - (bal) Reverted out of a partial NeXT patch.

20001230
 - (bal) OpenBSD CVS Update
   - markus@cvs.openbsd.org 2000/12/28 18:58:30
     [ssh-keygen.c]
     enable 'ssh-keygen -l -f ~/.ssh/{authorized_keys,known_hosts}{,2}
   - markus@cvs.openbsd.org 2000/12/29 22:19:13
     [channels.c]
     missing xfree; from vaughan99@yahoo.com
 - (bal) Resynced CVS ID with OpenBSD for channel.c and uidswap.c
 - (bal) if no MAXHOSTNAMELEN is defined.  Default to 64 character defination.
   Suggested by Christian Kurz <shorty@debian.org>
 - (bal) Add in '.c.o' section to Makefile.in to address make programs that
    don't honor CPPFLAGS by default.  Suggested by Lutz Jaenicke
    <Lutz.Jaenicke@aet.TU-Cottbus.DE>

20001229
 - (bal) Fixed spelling of 'authorized_keys' in ssh-copy-id.1 by Christian
   Kurz <shorty@debian.org>
 - (bal) OpenBSD CVS Update
   - markus@cvs.openbsd.org 2000/12/28 14:25:51
     [auth.h auth2.c]
     count authentication failures only
   - markus@cvs.openbsd.org 2000/12/28 14:25:03
     [sshconnect.c]
     fingerprint for MITM attacks, too.
   - markus@cvs.openbsd.org 2000/12/28 12:03:57
     [sshd.8 sshd.c]
     document -D
   - markus@cvs.openbsd.org 2000/12/27 14:19:21
     [serverloop.c]
     less chatty
   - markus@cvs.openbsd.org 2000/12/27 12:34
     [auth1.c sshconnect2.c sshd.c]
     typo
   - markus@cvs.openbsd.org 2000/12/27 12:30:19
     [readconf.c readconf.h ssh.1 sshconnect.c]
     new option: HostKeyAlias: allow the user to record the host key
     under a different name. This is useful for ssh tunneling over
     forwarded connections or if you run multiple sshd's on different
     ports on the same machine.
   - markus@cvs.openbsd.org 2000/12/27 11:51:53
     [ssh.1 ssh.c]
     multiple -t force pty allocation, document ORIGINAL_COMMAND
   - markus@cvs.openbsd.org 2000/12/27 11:41:31
     [sshd.8]
     update for ssh-2
 - (stevesk) compress.[ch] sync with openbsd; missed in prototype
   fix merge.

20001228
 - (bal) Patch to add libutil.h to loginrec.c only if the platform has
   libutil.h.  Suggested by Pekka Savola <pekka@netcore.fi>
 - (djm) Update to new x11-askpass in RPM spec
 - (bal) SCO patch to not include <sys/queue.h> since it's unrelated
   header.  Patch by Tim Rice <tim@multitalents.net>
 - Updated TODO w/ known HP/UX issue
 - (bal) removed extra <netdb.h> noticed by Kevin Steves and removed the
   bad reference to 'NeXT including it else were' on the #ifdef version.

20001227
 - (bal) Typo in configure.in: entut?ent should be endut?ent.  Suggested by
   Takumi Yamane <yamtak@b-session.com>
 - (bal) Checks for getrlimit(), sysconf(), and setdtablesize().  Patch
   by Corinna Vinschen <vinschen@redhat.com>
 - (djm) Fix catman-do target for non-bash
 - (bal) Typo in configure.in: entut?ent should be endut?ent.  Suggested by
   Takumi Yamane <yamtak@b-session.com>
 - (bal) Checks for getrlimit(), sysconf(), and setdtablesize().  Patch
   by Corinna Vinschen <vinschen@redhat.com>
 - (djm) Fix catman-do target for non-bash
 - (bal) Fixed NeXT's lack of CPPFLAGS honoring.
 - (bal) ssh-keyscan.c: NeXT (and older BSDs) don't support getrlimit() w/
   'RLIMIT_NOFILE'
 - (djm) Remove *.Ylonen files. They are no longer in the OpenBSD tree,
   the info in COPYING.Ylonen has been moved to the start of each
   SSH1-derived file and README.Ylonen is well out of date.

20001223
 - (bal) Fixed Makefile.in to support recompile of all ssh and sshd objects
   if a change to config.h has occurred.  Suggested by Gert Doering
   <gert@greenie.muc.de>
 - (bal) OpenBSD CVS Update:
   - markus@cvs.openbsd.org 2000/12/22 16:49:40
     [ssh-keygen.c]
     fix ssh-keygen -x -t type > file; from Roumen.Petrov@skalasoft.com

20001222
 - Updated RCSID for pty.c
 - (bal) OpenBSD CVS Updates:
  - markus@cvs.openbsd.org 2000/12/21 15:10:16
    [auth-rh-rsa.c hostfile.c hostfile.h sshconnect.c]
    print keyfile:line for changed hostkeys, for deraadt@, ok deraadt@
  - markus@cvs.openbsd.org 2000/12/20 19:26:56
    [authfile.c]
    allow ssh -i userkey for root
  - markus@cvs.openbsd.org 2000/12/20 19:37:21
    [authfd.c authfd.h kex.c sshconnect2.c sshd.c uidswap.c uidswap.h]
    fix prototypes; from stevesk@pobox.com
  - markus@cvs.openbsd.org 2000/12/20 19:32:08
    [sshd.c]
    init pointer to NULL; report from Jan.Ivan@cern.ch
  - markus@cvs.openbsd.org 2000/12/19 23:17:54
    [auth-krb4.c auth-options.c auth-options.h auth-rhosts.c auth-rsa.c
     auth1.c auth2-skey.c auth2.c authfd.c authfd.h authfile.c bufaux.c
     bufaux.h buffer.c canohost.c channels.c clientloop.c compress.c
     crc32.c deattack.c getput.h hmac.c hmac.h hostfile.c kex.c kex.h
     key.c key.h log.c login.c match.c match.h mpaux.c mpaux.h packet.c
     packet.h radix.c readconf.c rsa.c scp.c servconf.c servconf.h
     serverloop.c session.c sftp-server.c ssh-agent.c ssh-dss.c ssh-dss.h
     ssh-keygen.c ssh-keyscan.c ssh-rsa.c ssh-rsa.h ssh.c ssh.h  uuencode.c
     uuencode.h sshconnect1.c sshconnect2.c sshd.c tildexpand.c]
    replace 'unsigned bla' with 'u_bla' everywhere. also replace 'char
    unsigned' with u_char.

20001221
 - (stevesk) OpenBSD CVS updates:
   - markus@cvs.openbsd.org 2000/12/19 15:43:45
     [authfile.c channels.c sftp-server.c ssh-agent.c]
     remove() -> unlink() for consistency
   - markus@cvs.openbsd.org 2000/12/19 15:48:09
     [ssh-keyscan.c]
     replace <ssl/x.h> with <openssl/x.h>
   - markus@cvs.openbsd.org 2000/12/17 02:33:40
     [uidswap.c]
     typo; from wsanchez@apple.com

20001220
 - (djm) Workaround PAM inconsistencies between Solaris derived PAM code
   and Linux-PAM. Based on report and fix from Andrew Morgan
   <morgan@transmeta.com>

20001218
 - (stevesk) rsa.c: entropy.h not needed.
 - (bal) split CFLAGS into CFLAGS and CPPFLAGS in configure.in and Makefile.
   Suggested by Wilfredo Sanchez <wsanchez@apple.com>

20001216
 - (stevesk) OpenBSD CVS updates:
   - markus@cvs.openbsd.org 2000/12/16 02:53:57
     [scp.c]
     allow + in usernames; request from Florian.Weimer@RUS.Uni-Stuttgart.DE
   - markus@cvs.openbsd.org 2000/12/16 02:39:57
     [scp.c]
     unused; from stevesk@pobox.com

20001215
 - (stevesk) Old OpenBSD patch wasn't completely applied:
   - markus@cvs.openbsd.org 2000/01/24 22:11:20
     [scp.c]
     allow '.' in usernames; from jedgar@fxp.org
 - (stevesk) OpenBSD CVS updates:
   - markus@cvs.openbsd.org 2000/12/13 16:26:53
     [ssh-keyscan.c]
     fatal already adds \n; from stevesk@pobox.com
   - markus@cvs.openbsd.org 2000/12/13 16:25:44
     [ssh-agent.c]
     remove redundant spaces; from stevesk@pobox.com
   - ho@cvs.openbsd.org 2000/12/12 15:50:21
     [pty.c]
     When failing to set tty owner and mode on a read-only filesystem, don't
     abort if the tty already has correct owner and reasonably sane modes.
     Example; permit 'root' to login to a firewall with read-only root fs.
     (markus@ ok)
   - deraadt@cvs.openbsd.org 2000/12/13 06:36:05
     [pty.c]
     KNF
   - markus@cvs.openbsd.org 2000/12/12 14:45:21
     [sshd.c]
     source port < 1024 is no longer required for rhosts-rsa since it
     adds no additional security.
   - markus@cvs.openbsd.org 2000/12/12 16:11:49
     [ssh.1 ssh.c]
     rhosts-rsa is no longer automagically disabled if ssh is not privileged.
     UsePrivilegedPort=no disables rhosts-rsa _only_ for old servers.
     these changes should not change the visible default behaviour of the ssh client.
   - deraadt@cvs.openbsd.org 2000/12/11 10:27:33
     [scp.c]
     when copying 0-sized files, do not re-print ETA time at completion
   - provos@cvs.openbsd.org 2000/12/15 10:30:15
     [kex.c kex.h sshconnect2.c sshd.c]
     compute diffie-hellman in parallel between server and client. okay markus@

20001213
 - (djm) Make sure we reset the SIGPIPE disposition after we fork. Report
   from Andreas M. Kirchwitz <amk@krell.zikzak.de>
 - (stevesk) OpenBSD CVS update:
   - markus@cvs.openbsd.org 2000/12/12 15:30:02
     [ssh-keyscan.c ssh.c sshd.c]
     consistently use __progname; from stevesk@pobox.com

20001211
 - (bal) Applied patch to include ssh-keyscan into Redhat's package, and
   patch to install ssh-keyscan manpage.  Patch by Pekka Savola
   <pekka@netcore.fi>
 - (bal) OpenbSD CVS update
   - markus@cvs.openbsd.org 2000/12/10 17:01:53
     [sshconnect1.c]
     always request new challenge for skey/tis-auth, fixes interop with
     other implementations; report from roth@feep.net

20001210
 - (bal) OpenBSD CVS updates
   - markus@cvs.openbsd.org 2000/12/09 13:41:51
     [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h]
     undo rijndael changes
   - markus@cvs.openbsd.org 2000/12/09 13:48:31
     [rijndael.c]
     fix byte order bug w/o introducing new implementation
   - markus@cvs.openbsd.org 2000/12/09 14:08:27
     [sftp-server.c]
     "" -> "." for realpath; from vinschen@redhat.com
   - markus@cvs.openbsd.org 2000/12/09 14:06:54
     [ssh-agent.c]
     extern int optind; from stevesk@sweden.hp.com
   - provos@cvs.openbsd.org 2000/12/09 23:51:11
     [compat.c]
     remove unnecessary '\n'

20001209
 - (bal) OpenBSD CVS updates:
   - djm@cvs.openbsd.org 2000/12/07 4:24:59
     [ssh.1]
     Typo fix from Wilfredo Sanchez <wsanchez@apple.com>; ok theo

20001207
 - (bal) OpenBSD CVS updates:
   - markus@cvs.openbsd.org 2000/12/06 22:58:14
     [compat.c compat.h packet.c]
     disable debug messages for ssh.com/f-secure 2.0.1x, 2.1.0
   - markus@cvs.openbsd.org 2000/12/06 23:10:39
     [rijndael.c]
     unexpand(1)
   - markus@cvs.openbsd.org 2000/12/06 23:05:43
     [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h]
     new rijndael implementation. fixes endian bugs

20001206
 - (bal) OpenBSD CVS updates:
   - markus@cvs.openbsd.org 2000/12/05 20:34:09
     [channels.c channels.h clientloop.c serverloop.c]
     async connects for -R/-L; ok deraadt@
   - todd@cvs.openssh.org 2000/12/05 16:47:28
     [sshd.c]
     tweak comment to reflect real location of pid file; ok provos@
 - (stevesk) Import <sys/queue.h> from OpenBSD for systems that don't
   have it (used in ssh-keyscan).
 - (stevesk) OpenBSD CVS update:
   - markus@cvs.openbsd.org 2000/12/06 19:57:48
     [ssh-keyscan.c]
     err(3) -> internal error(), from stevesk@sweden.hp.com

20001205
 - (bal) OpenBSD CVS updates:
   - markus@cvs.openbsd.org 2000/12/04 19:24:02
     [ssh-keyscan.c ssh-keyscan.1]
     David Maziere's ssh-keyscan, ok niels@
 - (bal) Updated Makefile.in to include ssh-keyscan that was just added
   to the recent OpenBSD source tree.
 - (stevesk) fix typos in contrib/hpux/README

20001204
 - (bal) More C functions defined in NeXT that are unaccessable without
   defining -POSIX.
 - (bal) OpenBSD CVS updates:
   - markus@cvs.openbsd.org 2000/12/03 11:29:04
     [compat.c]
     remove fallback to SSH_BUG_HMAC now that the drafts are updated
   - markus@cvs.openbsd.org 2000/12/03 11:27:55
     [compat.c]
     correctly match "2.1.0.pl2 SSH" etc; from
     pekkas@netcore.fi/bugzilla.redhat
   - markus@cvs.openbsd.org 2000/12/03 11:15:03
     [auth2.c compat.c compat.h sshconnect2.c]
     support f-secure/ssh.com 2.0.12; ok niels@

20001203
 - (bal) OpenBSD CVS updates:
  - markus@cvs.openbsd.org 2000/11/30 22:54:31
    [channels.c]
    debug->warn if tried to do -R style fwd w/o client requesting this;
    ok neils@
  - markus@cvs.openbsd.org 2000/11/29 20:39:17
    [cipher.c]
    des_cbc_encrypt -> des_ncbc_encrypt since it already updates the IV
  - markus@cvs.openbsd.org 2000/11/30 18:33:05
    [ssh-agent.c]
    agents must not dump core, ok niels@
  - markus@cvs.openbsd.org 2000/11/30 07:04:02
    [ssh.1]
    T is for both protocols
  - markus@cvs.openbsd.org 2000/12/01 00:00:51
    [ssh.1]
    typo; from green@FreeBSD.org
  - markus@cvs.openbsd.org 2000/11/30 07:02:35
    [ssh.c]
    check -T before isatty()
  - provos@cvs.openbsd.org 2000/11/29 13:51:27
    [sshconnect.c]
    show IP address and hostname when new key is encountered. okay markus@
  - markus@cvs.openbsd.org 2000/11/30 22:53:35
    [sshconnect.c]
    disable agent/x11/port fwding if hostkey has changed; ok niels@
  - marksu@cvs.openbsd.org 2000/11/29 21:11:59
    [sshd.c]
    sshd -D, startup w/o deamon(), for monitoring scripts or inittab;
    from handler@sub-rosa.com and eric@urbanrange.com; ok niels@
 - (djm) Added patch from Nalin Dahyabhai <nalin@redhat.com> to enable
   PAM authentication using KbdInteractive.
 - (djm) Added another TODO

20001202
 - (bal) Backed out of part of Alain St-Denis' loginrec.c patch.
 - (bal) Irix need some sort of mansubdir, patch by Michael Stone
   <mstone@cs.loyola.edu>

20001129
 - (djm) Back out all the serverloop.c hacks. sshd will now hang again
   if there are background children with open fds.
 - (djm) bsd-rresvport.c bzero -> memset
 - (djm) Don't fail in defines.h on absence of 64 bit types (we will
   still fail during compilation of sftp-server).
 - (djm) Fail if ar is not found during configure
 - (djm) OpenBSD CVS updates:
   - provos@cvs.openbsd.org  2000/11/22 08:38:31
     [sshd.8]
     talk about /etc/primes, okay markus@
   - markus@cvs.openbsd.org  2000/11/23 14:03:48
     [ssh.c sshconnect1.c sshconnect2.c]
     complain about invalid ciphers for ssh1/ssh2, fall back to reasonable
     defaults
   - markus@cvs.openbsd.org  2000/11/25 09:42:53
     [sshconnect1.c]
     reorder check for illegal ciphers, bugreport from espie@
   - markus@cvs.openbsd.org  2000/11/25 10:19:34
     [ssh-keygen.c ssh.h]
     print keytype when generating a key.
     reasonable defaults for RSA1/RSA/DSA keys.
 - (djm) Patch from Pekka Savola <Pekka.Savola@netcore.fi> to include a few
   more manpage paths in fixpaths calls
 - (djm) Also add xauth path at Pekka's suggestion.
 - (djm) Add Redhat RPM patch for AUTHPRIV SyslogFacility

20001125
 - (djm) Give up privs when reading seed file

20001123
 - (bal) Merge OpenBSD changes:
   - markus@cvs.openbsd.org  2000/11/15 22:31:36
     [auth-options.c]
     case insensitive key options; from stevesk@sweeden.hp.com
   - markus@cvs.openbsd.org  2000/11/16 17:55:43
     [dh.c]
     do not use perror() in sshd, after child is forked()
   - markus@cvs.openbsd.org  2000/11/14 23:42:40
     [auth-rsa.c]
     parse option only if key matches; fix some confusing seen by the client
   - markus@cvs.openbsd.org  2000/11/14 23:44:19
     [session.c]
     check no_agent_forward_flag for ssh-2, too
   - markus@cvs.openbsd.org  2000/11/15
     [ssh-agent.1]
     reorder SYNOPSIS; typo, use .It
   - markus@cvs.openbsd.org  2000/11/14 23:48:55
     [ssh-agent.c]
     do not reorder keys if a key is removed
   - markus@cvs.openbsd.org  2000/11/15 19:58:08
     [ssh.c]
     just ignore non existing user keys
   - millert@cvs.openbsd.org  200/11/15 20:24:43
     [ssh-keygen.c]
     Add missing \n at end of error message.

20001122
 - (bal) Minor patch to ensure platforms lacking IRIX job limit supports
   are compilable.
 - (bal) Updated TODO as of 11/18/2000 with known things to resolve.

20001117
 - (bal) Changed from 'primes' to 'primes.out' for consistancy sake.  It
   has no affect the output.  Patch by Corinna Vinschen <vinschen@redhat.com>
 - (stevesk) Reworked progname support.
 - (bal) Misplaced #include "includes.h" in bsd-setproctitle.c.  Patch by
   Shinichi Maruyama <marya@st.jip.co.jp>

20001116
 - (bal) Added in MAXSYMLINK test in bsd-realpath.c.  Required for some SCO
   releases.
 - (bal) Make builds work outside of source tree.  Patch by Mark D. Roth
   <roth@feep.net>

20001113
 - (djm) Add pointer to http://www.imasy.or.jp/~gotoh/connect.c to
   contrib/README
 - (djm) Merge OpenBSD changes:
   - markus@cvs.openbsd.org  2000/11/06 16:04:56
     [channels.c channels.h clientloop.c nchan.c serverloop.c]
     [session.c ssh.c]
     agent forwarding and -R for ssh2, based on work from
     jhuuskon@messi.uku.fi
   - markus@cvs.openbsd.org  2000/11/06 16:13:27
     [ssh.c sshconnect.c sshd.c]
     do not disabled rhosts(rsa) if server port > 1024; from
     pekkas@netcore.fi
   - markus@cvs.openbsd.org  2000/11/06 16:16:35
     [sshconnect.c]
     downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net
   - markus@cvs.openbsd.org  2000/11/09 18:04:40
     [auth1.c]
     typo; from mouring@pconline.com
   - markus@cvs.openbsd.org  2000/11/12 12:03:28
     [ssh-agent.c]
     off-by-one when removing a key from the agent
   - markus@cvs.openbsd.org  2000/11/12 12:50:39
     [auth-rh-rsa.c auth2.c authfd.c authfd.h]
     [authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h]
     [readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c]
     [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config]
     [sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c]
     [ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h]
     add support for RSA to SSH2.  please test.
     there are now 3 types of keys: RSA1 is used by ssh-1 only,
     RSA and DSA are used by SSH2.
     you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA
     keys for SSH2 and use the RSA keys for hostkeys or for user keys.
     SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before.
 - (djm) Fix up Makefile and Redhat init script to create RSA host keys
 - (djm) Change to interim version
 - (djm) Fix RPM spec file stupidity
 - (djm) fixpaths to DSA and RSA keys too

20001112
 - (bal) SCO Patch to add needed libraries for configure.in.  Patch by
   Phillips Porch <root@theporch.com>
 - (bal) IRIX patch to adding Job Limits.  Patch by Denis Parker
   <dcp@sgi.com>
 - (stevesk) pty.c: HP-UX 10 and 11 don't define TIOCSCTTY.  Add error() to
   failed ioctl(TIOCSCTTY) call.

20001111
 - (djm) Added /etc/primes for kex DH group neg, fixup Makefile.in and
   packaging files
 - (djm) Fix new Makefile.in warnings
 - (djm) Fix vsprintf("%h") in bsd-snprintf.c, short int va_args are
   promoted to type int. Report and fix from Dan Astoorian
   <djast@cs.toronto.edu>
 - (djm) Hardwire sysconfdir in RPM spec files as some RPM versions get
   it wrong. Report from Bennett Todd <bet@rahul.net>

20001110
 - (bal) Fixed dropped answer from skey_keyinfo() in auth1.c
 - (bal) Changed from --with-skey to --with-skey=PATH in configure.in
 - (bal) Added in check to verify S/Key library is being detected in
   configure.in
 - (bal) next-posix.h - added another prototype wrapped in POSIX ifdef/endif.
   Patch by Mark Miller <markm@swoon.net>
 - (bal) Added 'util.h' header to loginrec.c only if HAVE_UTIL_H is defined
   to remove warnings under MacOS X.  Patch by Mark Miller <markm@swoon.net>
 - (bal) Fixed LDFLAG mispelling in configure.in for --with-afs

20001107
 - (bal) acconfig.in - removed the double "USE_PIPES" entry. Patch by
   Mark Miller <markm@swoon.net>
 - (bal) sshd.init files corrected to assign $? to RETVAL.  Patch by
   Jarno Huuskonen <jhuuskon@messi.uku.fi>
 - (bal) fixpaths fixed to stop it from quitely failing. Patch by
   Mark D. Roth <roth@feep.net>

20001106
 - (djm) Use Jim's new 1.0.3 askpass in Redhat RPMs
 - (djm) Manually fix up missed diff hunks (mainly RCS idents)
 - (djm) Remove UPGRADING document in favour of a link to the better
   maintained FAQ on www.openssh.com
 - (djm) Fix multiple dependancy on gnome-libs from Pekka Savola
   <pekkas@netcore.fi>
 - (djm) Don't need X11-askpass in RPM spec file if building without it
   from Pekka Savola <pekkas@netcore.fi>
 - (djm) Release 2.3.0p1
 - (bal) typo in configure.in in regards to --with-ldflags from Marko
   Asplund <aspa@kronodoc.fi>
 - (bal) fixed next-posix.h.  Forgot prototype of getppid().


To generate a diff of this commit:
cvs rdiff -r1.39 -r1.40 pkgsrc/security/openssh/Makefile
cvs rdiff -r1.10 -r1.11 pkgsrc/security/openssh/files/md5
cvs rdiff -r1.23 -r1.24 pkgsrc/security/openssh/files/patch-sum
cvs rdiff -r1.13 -r0 pkgsrc/security/openssh/patches/patch-aa
cvs rdiff -r1.9 -r1.10 pkgsrc/security/openssh/patches/patch-ah
cvs rdiff -r1.1 -r0 pkgsrc/security/openssh/patches/patch-an
cvs rdiff -r1.3 -r0 pkgsrc/security/openssh/patches/patch-ao
cvs rdiff -r1.6 -r1.7 pkgsrc/security/openssh/pkg/PLIST

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.