ChangeLog 443 KB
Newer Older
1
2
2012-07-13  Niels Möller  <nisse@lysator.liu.se>

3
4
5
	* src/lsh.c (main_argp_parser): Pass on --hostkey-algorithm and
	new option --kex-algorithm to lsh-transport.

6
7
8
	* src/lsh-transport.c (main_argp_parser): Configure key exchange
	algorithms via algorithm_options.

Niels Möller's avatar
Niels Möller committed
9
10
2012-07-12  Niels Möller  <nisse@lysator.liu.se>

11
12
13
14
15
16
17
18
19
20
	* src/algorithms.h (class algorithms_options): New attribute
	kex_algorithms.
	* src/algorithms.c (default_kex_algorithms): New function.
	(lookup_kex_algorithm): New function.
	(list_kex_algorithms): New function.
	(algorithms_options): Added --kex-algorithm.
	(init_algorithms_options): Initialize kex_algorithms.
	(algorithms_argp_parser): Handle --kex-algorithm, and default
	value. Use list_kex_algorithms for --list-algorithms.

Niels Möller's avatar
Niels Möller committed
21
22
	* doc/Makefile.in (.nroff.txt): Pass -Tutf8 to groff.

Niels Möller's avatar
Niels Möller committed
23
24
2012-07-10  Niels Möller  <nisse@lysator.liu.se>

25
26
27
	* src/testsuite/mini-inetd.c (usage): Take a FILE * as argument.
	Called with stdout in response to --help, and stderr otherwise.

Niels Möller's avatar
Niels Möller committed
28
29
30
	* src/testsuite/prgrp-timeout.c: Added missing include of
	config.h.

31
32
33
34
35
36
37
2012-07-08  Niels Möller  <nisse@lysator.liu.se>

	* src/testsuite/Makefile.in (TARGETS): Added tcpconnnect.

	* src/testsuite/tcpconnect.c: New file. Reimplemented the program
	with the same name in tcputils.

38
39
40
41
42
2012-06-19  Niels Möller  <nisse@lysator.liu.se>

	* src/transport.c (transport_process_packet): Disconnect on
	reception of an SSH_MSG_UNIMPLEMENTED message.

Niels Möller's avatar
Niels Möller committed
43
44
2012-02-03  Niels Möller  <nisse@lysator.liu.se>

45
46
47
	* doc/index.html: Updated to xhtml, and added charset declaration.
	Added git instructions.

Niels Möller's avatar
Niels Möller committed
48
49
	* doc/lsh.texinfo: Updated charset declaration.

Niels Möller's avatar
Niels Möller committed
50
2011-11-24  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
51
52
53
54
55

	* misc/run-tests (test_program): If EMULATOR is set in the
	environment, and the testprogram is not a script, use EMULATOR to
	run it. Typical use is EMULATUR=wine.

Niels Möller's avatar
Niels Möller committed
56
2011-09-21  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
57
58
59

	* src/Makefile.in (SOURCES): Added pidfile.c.

Niels Möller's avatar
Niels Möller committed
60
2011-09-07  Niels Möller  <nisse@lysator.liu.se>
61
62
63
64
65

	* config.guess: Upgraded to current version, timestamp 2011-08-20.
	Needed to recognize osx (darwin) on x86_64.
	* config.sub: Upgraded to current version, timestamp 2011-08-23.

Niels Möller's avatar
Niels Möller committed
66
2011-09-06  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
67
68
69
70
71
72
73
74
75
76
77

	* src/testsuite/Makefile.in (TS_SH): Added gateway-close-test.

	* src/gateway_channel.c (do_kill_gateway_channel): Arrange for the
	chained connection to be closed.
	(do_gateway_channel_event): Start by checking if the chained
	connection is alive. If it is not, we should only handle the
	CONFIRM event.

	* src/testsuite/gateway-close-test: New test case.

Niels Möller's avatar
Niels Möller committed
78
2011-09-05  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93

	* src/testsuite/gateway-stop-test: Check that the pidfile is
	deleted (indicating that the process has cleaned up and exited
	like it should).

	* src/testsuite/functions.sh (test_result): Use --pid-file option
	to lsh. Check for existence of file before killing the process.

	* src/Makefile.in (PIDFILE_SOURCES): Arrange so that both lsh and
	lshd are linked with pidfile.o.

	* src/lsh.c (main_options): New option --pid-file.
	(main): Moved writing of pid to child process. For --pid-file, use
	make_pid_file_resource.

Niels Möller's avatar
Niels Möller committed
94
2011-09-02  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
95

Niels Möller's avatar
Niels Möller committed
96
	* src/.dist_classes: Added pidfile.c.x.
Niels Möller's avatar
Niels Möller committed
97
	* src/.dist_headers: Added pidfile.h.
Niels Möller's avatar
Niels Möller committed
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117

	* src/daemon.c (daemon_pidfile): Deleted function. The
	functionality moved to pidfile.c.

	* src/lshd.c (main): make_pid_file_resource now also creates the
	file, so need to call daemon_pidfile.
	(make_pid_file_resource): Moved to src/pidfile.c
	(class pid_file_resource): Likewise.
	(do_kill_pid_file): Likewise.

	* src/Makefile.in (lshd_SOURCES): Added pidfile.c.

	* src/pidfile.h: New file.

	* src/pidfile.c: New file.
	(make_pid_file_resource): Moved function from lshd.c, and
	incorporate the writing of the file from daemon.c:daemon_pidfile.
	(class pid_file_resource): Moved from lshd.c.
	(do_kill_pid_file): Likewise.

Niels Möller's avatar
Niels Möller committed
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
	* src/testsuite/Makefile.in (TS_SH): Added gateway-stop-test.

	* src/testsuite/gateway-stop-test: New file.

	* src/testsuite/functions.sh (spawn_lsh): Check if pid-file exists
	before trying to kill the process.

	* src/lsh.c (main): Fixed --stop-gateway. Must read the hello
	message before we write the stop message.

	* src/gateway.c (kill_gateway_connection): Deleted loop to close
	channels.
	(gateway_packet_handler): When receiving LSH_GATEWAY_STOP message,
	call ssh_connection_pending_close to close the shared connection
	after all currently open channels are closed.

	* src/connection.c (ssh_connection_pending_close): Check
	channel_count, and kill connection immediately if zero.

Niels Möller's avatar
Niels Möller committed
137
2011-05-02  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
138
139
140
141

	* src/testsuite/serpent-test.c: Updated for correct serpent byte
	order.

Niels Möller's avatar
Niels Möller committed
142
2011-03-28  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
143
144
145
146

	* src/unix_random.c (random_init): Display errno when locking
	fails.

Niels Möller's avatar
Niels Möller committed
147
2011-03-23  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
148
149
150
151
152
153
154
155
156
157
158
159
160

	* doc/lsh.texinfo: Fixed "service ssh-userauth" and "service
	ssh-connection" examples.
	(Invoking lshd): Reviewed and updated.
	(Files and environment variables): Likewise.

	* src/lshd.c (lshd_options): New options --add-port,
	--add-interface and --no-syslog.
	(lshd_argp_parser): Implement them.

	* src/lshd-userauth.c (start_service): Pass on the
	LSHD_CONNECTION_CONF environment variable.

Niels Möller's avatar
Niels Möller committed
161
2011-02-21  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
162
163
164
165

	* src/lsh.c (parse_forward_arg): Support for optional brackets, to
	support IPv6 literal addresses.

Niels Möller's avatar
Niels Möller committed
166
2011-02-18  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
167

Niels Möller's avatar
Niels Möller committed
168
169
170
	* doc/Makefile.in (DISTFILES): Deleted srp-spec.txt, reverting
	change from 2011-02-10. It is already included, via $(TARGETS).

Niels Möller's avatar
Niels Möller committed
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
	* src/testsuite/Makefile.in (TS_SH): Added ipv4-test and
	ipv6-test.

	* src/testsuite/functions.sh (need_ipv6): New function.
	(LOCALHOST): New variable. Use it in all functions starting the
	lsh client.
	(at_connect): Use new --background option to mini-inetd, to
	improve robustness.

	* src/testsuite/tcpip-remote-test: Added a sleep call, to let the
	server side setup the port forwarding before we use it.

	* src/testsuite/mini-inetd.c (main): New --background option.

	* src/testsuite/ipv6-test: New file.
	* src/testsuite/ipv4-test: New file.

	* src/lshd.c (open_port): More info when getaddrinfo fails.
	(parse_interface): Allow optional brackets around ip address,
	needed for IPv6 literal addresses.

Niels Möller's avatar
Niels Möller committed
192
2011-02-14  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
193
194
195
196
197
198

	* src/testsuite/x11-3-test: Export DISPLAY before running
	exec_lsh.

	* src/testsuite/functions.sh (spawn_xvfb): Use rm -f.

Niels Möller's avatar
Niels Möller committed
199
2011-02-10  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
200
201
202
203

	* doc/Makefile.in (DISTFILES): Added srp-spec.txt, to avoid
	requiring groff.

Niels Möller's avatar
Niels Möller committed
204
2011-01-31  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
205
206
207
208
209
210
211
212
213

	* doc/lsh.texinfo (Server configuration): Describe all config options.

	* src/lshd-connection.c (main_argp_parser): Warn if shell, exec or
	subsystem requests are enabled, but session channels are disabled.

	* src/lshd-userauth.c (main_argp_parser): Add --helper-fd option
	to the default lshd-connection command line.

Niels Möller's avatar
Niels Möller committed
214
2011-01-07  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
215
216
217
218
219
220
221
222
223
224
225

	* src/lsh.c (OPT_HOST_DB_UPDATE): Rennamed, from...
	(OPT_CAPTURE_TO): ...old name.
	(main_argp_parser): For '-D' option, initialize socks_port.

	* src/lsh-transport.c (OPT_HOST_DB_UPDATE): Rennamed, from...
	(OPT_CAPTURE_TO): ...old name.

	* doc/lsh.texinfo (Hostauth options): Updated --host-db-update
	(used to be ---captured-to).

Niels Möller's avatar
Niels Möller committed
226
2010-12-14  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
227
228
229
230
231
232
233

	* doc/lsh.texinfo (Gateway options): New node.
	(Invoking lshg): Deleted node.

	* src/lsh.c (main_options): Moved gateway options to a new group,
	and updated the description of -G. Fixed --stop-gateway option.

Niels Möller's avatar
Niels Möller committed
234
2010-12-09  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
235
236
237
238

	* doc/lsh.texinfo (lshd basics): Rewrote node.
	(srp): Deleted node, and other references to SRP.

Niels Möller's avatar
Niels Möller committed
239
2010-11-17  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
240
241
242
243

	* misc/xenofarm.sh: Copy list of files in $pfx into result
	package.

Niels Möller's avatar
Niels Möller committed
244
2010-11-16  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
245
246
247

	* misc/xenofarm.sh: Improved crude gmp check to look for
	mpz_getlimbn.
Niels Möller's avatar
Niels Möller committed
248
249
	(cfgargs): Tweaked order for --with-include-path and
	--with-lib-path, to put $pfx before /usr/local.
Niels Möller's avatar
Niels Möller committed
250

Niels Möller's avatar
Niels Möller committed
251
2010-11-15  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
252

Niels Möller's avatar
Niels Möller committed
253
254
255
256
	* misc/xenofarm.sh (dotask): Display the correct status value when
	the step is skipped.
	(LIBGMPDIST): Initialize.

Niels Möller's avatar
Niels Möller committed
257
258
259
260
261
262
263
264
	* src/testsuite/Makefile.in (OTHER_SOURCES): Added getopt.c getopt1.c.
	(DISTFILES): Added getopt.h.
	(GETOPT_OBJS): New variable.
	(prgrp-timeout): Depend on and link with getopt files.
	(mini-inetd): Likewise.

	* .bootstrap: Link getopt files to the src/testsuite directory.

Niels Möller's avatar
Niels Möller committed
265
266
267
268
	* misc/xenofarm.sh: If a gmp dist is included in the build
	package, and gmp is not already installed on the system, install
	it in $pfx before trying to build lsh.

Niels Möller's avatar
Niels Möller committed
269
270
271
	* src/testsuite/mini-inetd.c: Include netinet/in.h, needed for
	IPPROTO_TCP on FreeBSD.

Niels Möller's avatar
Niels Möller committed
272
273
274
275
276
277
278
279
280
281
282
	* src/server_x11.c (do_kill_x11_listen_port): Close self->dir,
	even if lsh_pushd_fd fails.
	(open_x11_socket): Stop trying higher display numbers if bind
	fails with an error other then EADDRINUSE.

	* src/io.c (io_bind_sockaddr): Save and restore errno when
	returning failure.

	* src/server.c (service_config_option): Avoid using the
	non-standard strnlen function; plain strlen is good enough here.

Niels Möller's avatar
Niels Möller committed
283
2010-11-14  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
284

Niels Möller's avatar
Niels Möller committed
285
	* src/testsuite/Makefile.in (mini-inetd): Fixed typo with EXEEXT.
Niels Möller's avatar
Niels Möller committed
286

Niels Möller's avatar
Niels Möller committed
287
288
289
290
	* src/lshd-connection.c (make_lshd_connection): Warning message
	for attempt to enable features which were disabled at compile
	time.

Niels Möller's avatar
Niels Möller committed
291
2010-11-13  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338

	* src/testsuite/config/lshd-connection.conf: Use new config file
	options to enable all features.

	* src/lshd-connection.c (enum tcpforward_type): New enum.
	(class lshd_connection_config): Added attributes subsystem_config,
	allow_tcpforward, allow_session, allow_shell, allow_exec,
	allow_pty, allow_x11.
	(make_lshd_connection): Make all session and forwarding features
	configurable.
	(make_lshd_connection_config): Initialize new atttributes, and
	link to new lshd_connection_config_parser.
	(main_options): New command line options: --allow-tcpip-forward,
	--deny-tcpip-forward, --allow-session, --deny-session,
	--allow-shell, --deny-shell, --allow-exec, --deny-exec,
	--subsystem, and --add-subsystem.
	(CASE_FLAG): New macro.
	(main_argp_parser): Sanity check configuration at ARGP_KEY_END.
	Handle new command line options (see above).
	(lshd_connection_config_options): New list of config file options.
	(lshd_connection_config_handler): New function.
	(lshd_connection_config_parser): New config file parser.

	* src/server_session.c (class subsystem_request): Use
	service_config to represent subsystems.
	(quote_argument_length): New function.
	(quote_argument): New function.
	(subsystem_command_line): New function.
	(do_spawn_subsystem): Rewritten to use service_config_lookup and
	subsystem_command_line.
	(make_subsystem_handler): Changed argument type to const struct
	service_config *.

	* src/lshd-userauth.c (main): Use libexec_dir from the
	service_config class.
	(start_service): Propagate environment variable $LSHD_LIBEXEC_DIR.

	* src/lshd.c (lshd_service_request_handler): Use libexec_dir from
	the service_config class.

	* src/server.c (server_lookup_module): Deleted function.
	(make_service_config): Set libexec_dir, taking environment
	variable $LSHD_LIBEXEC_DIR into account.
	(service_config_lookup): Declare argument const.

	* src/server.h (class service_config): New attribute libexec_dir.

Niels Möller's avatar
Niels Möller committed
339
2010-11-12  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354

	* src/lshd-userauth.c (main_options): Fixed double ':' in header.
	(class lshd_userauth_config): Deleted werror_config attribute;
	this class is already inherited.
	(make_lshd_userauth_config): Deleted initialization of
	werror_config attribute.
	(CASE_FLAG): New macro.
	(main_argp_parser): Use CASE_FLAG.
	(lshd_userauth_config_handler): Updated child state initialization
	to point to inherited werror config.
	(lshd_userauth_config_handler): Added missing break.
	(main): Use trace, not werror, for startup message.

	* src/lshd.c (lshd_config_handler): Added missing break.

Niels Möller's avatar
Niels Möller committed
355
2010-11-10  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401

	* src/lsh.c (parse_arg_unsigned): New argument with expected
	terminator.
	(parse_forward_arg): Return targret address on success. Don't
	modify the input string, using updated parse_arg_unsigned. Don't
	use io_lookup_address; names are resolved later.
	(main_argp_parser): Use make_string. Updated to parse_forward_arg
	changes. When setting up tcp forwarding, use "" to denote any
	address, and "localhost" to denote any local addresses.

	* src/lshd.c (make_lshd_port): Use io_bind_sockaddr.
	(open_port): Unconditionally set AI_PASSIVE.

	* src/server_tcpforward.c (make_server_forward): Use
	tcpforward_listen, replacing calls to make_tcpforward_listen_port
	and io_listen.
	* src/client_tcpforward.c (do_forward_local_port): Likewise.

	* src/socks.c (make_socks_listen_port): Rewritten, analogously to
	tcpforward_listen, below.
	(do_make_socks_server): Updated to use new make_socks_listen_port.

	* src/tcpforward.c (tcpforward_listen): New function, replacing
	make_tcpforward_listen_port. Does address lookups via
	io_getaddrinfo, and may bind multiple interfaces using IPv4 or
	IPv6. Trace message with each bound interface. Call io_listen, not
	just io_bind_sockaddr.
	(make_tcpforward_listen_port): Deleted.
	(class io_connect_state): New ttributes to keep track of list of
	addresses.
	(tcpforward_connect_error): Try next address, if available.
	(tcpforward_connect): Use io_getaddrinfo, and attempt connection
	to each address on the list.

	* src/io.c (io_getaddrinfo): New helper function.
	(io_make_sockaddr): Deleted function.
	(io_lookup_address): Deleted function.
	(io_bind_sockaddr): Set IPV6_V6ONLY. Report errors using werror.

	* src/server_x11.c (do_x11_listen_port_accept): Fixed error
	message.
	(open_x11_socket): Use make_string.

	* src/queue.h (class addr_queue): Deleted unused class.
	* src/queue.c: Deleted all addr_queue related functions.

Niels Möller's avatar
Niels Möller committed
402
2010-11-09  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417

	* src/lshd-connection.c (oop_read_service): Use verbose, not
	werror, for message on EOF.
	(main): Use trace, not werror, for startup message.

	* src/lsh-decode-key.c (main_argp_parser): Use make_string.
	* src/lsh-keygen.c (main_argp_parser): Likewise.
	* src/srp-gen.c (srp_gen): Likewise.
	(main_argp_parser): Likewise.

	* src/testsuite/lshg-tcpip-remote-test: Deleted sleep.
	* src/testsuite/tcpip-remote-test: Likewise.

	* src/testsuite/lsh-encrypted-key-test: Reenabled test.

Niels Möller's avatar
Niels Möller committed
418
2010-11-08  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
419

Niels Möller's avatar
Niels Möller committed
420
421
422
	* src/testsuite/functions.sh (at_connect): Don't use -m flag to
	mini-inetd.

Niels Möller's avatar
Niels Möller committed
423
424
425
	* src/atoms.in: Deleted ssh-userauth and ssh-connection (no longer
	hardcoded).

Niels Möller's avatar
Niels Möller committed
426
2010-11-07  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442

	* src/testsuite/functions.sh (LSHD_CONNECTION): Deleted variable.
	(LSHD_PTY_HELPER): Deleted variable.

	* src/lshd-userauth.c (main_argp_parser): Use FILE_LSHD_CONNECTION
	directly, without consulting $LSHD_CONNECTION in the environment.
	$LSHD_LIBEXEC_DIR is consulted later.
	(main): Use FILE_LSHD_PTY_HELPER, also without cunsulting environment.
	* src/lshd.c (lshd_argp_parser): Analogous change to use
	FILE_LSHD_USERAUTH directly.

	* src/environ.h.in (ENV_LSHD_CONNECTION): Deleted,
	LSHD_LIBEXEC_DIR or service option should be sufficient.
	(ENV_LSHD_PTY_HELPER): Likewise.
	(ENV_LSHD_USERAUTH): Likewise.

Niels Möller's avatar
Niels Möller committed
443
2010-11-03  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501

	* src/testsuite/Makefile.in (TS_SH): Added lshd-example-config-test.

	* src/environ.h.in (FILE_LSHD_CONNECTION): Deleted directory part.
	(FILE_LSHD_PTY_HELPER): Likewise.

	* src/lshd.c (lshd_service_request_handler): Fixed error message
	for bad $LSHD_LIBEEXEC_DIR. Leave unrecognized "$(foo)" in the
	argument list untouched (previously, skipped the initial "$").
	(class server_config): New attributes ports_override_config_file
	and interfaces_override_config_file.
	(make_lshd_config): Initialize ports_override_config_file and
	interfaces_override_config_file.
	(OPT_NO, OPT_SETSID): Deleted constants.
	(lshd_options): Added --service and --add-service.
	(lshd_argp_children): Deleted service_argp.
	(lshd_argp_parser): Updated child init in ARGP_KEY_INIT.
	Set ports_override_config_file and interfaces_override_config_file
	if the corresponding option occurs on the command line.
	Handle --service and --add-service.
	(lshd_config_options): Added config option "service".
	(lshd_config_handler): Fixed child initialization. Check
	ports_override_config_file and interfaces_override_config_file.
	Handle "service" option.

	* src/lshd-userauth.c (handle_userauth): Use
	service_config_lookup, instead of hard-coding ssh-connection.
	Changed return type to return struct service_entry pointer.
	(main_options): Added --service and --add-service.
	(class server_config): Added service_config atttribute.
	(make_lshd_userauth_config): Call make_service_config.
	(main_argp_parser): Setup default service in ARGP_KEY_END case.
	Handle --service and --add-service.
	(lshd_userauth_config_options): New config option "service".
	(lshd_userauth_config_handler): Handle service option.
	(main): Take environment variable LSHD_LIBEXEC_DIR and compiled in
	LIBEXECDIR into account when interpreting the name of the hepler
	program and the service program. Use the service_entry returned
	from handle_userauth. Expand "$(helper_fd)" in the argument list,
	and spawn the helper program only if this expansion is used.

	* src/xalloc.h (lsh_space_free) [!DEBUG_ALLOC]: Defined to
	lsh_free rather then free, to avoid warnings when freeing const
	pointers.

	* src/server.c (service_config_lookup): Renamed and updated
	callers, from...
	(server_lookup_service): ... old name.
	(service_config_argp): New function, doing the main work for an
	argp service parser, without being one.
	(service_config_option): New function, analogous but for config
	file parsing.
	(service_argp): Deleted argp parser.
	(service_config_parser): Deleted config file parser.

	* src/server_config.c (list_append): Fixed broken indirection.
	(server_config_parse_example): Fixed CONFIG_TYPE_LIST case.

Niels Möller's avatar
Niels Möller committed
502
2010-11-01  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
503

Niels Möller's avatar
Niels Möller committed
504
505
	* src/testsuite/lshd-example-config-test: New test case.

Niels Möller's avatar
Niels Möller committed
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
	* src/server_config.c (list_append): Deleted return value. Instead
	aborts if allocation fails. Call config_tokenizer_next to get
	first string. Use lsh_space_free rather than plain free.
	(parser_parse_option): Call config_tokenizer_next
	after config_tokenizer_looking_at. Separate error message for
	missing '='.
	(server_config_parse_example): Handle CONFIG_TYPE_LIST (not yet
	tested).

	* src/parse_config.c (parse_setting): Call config_tokenizer_next
	after config_tokenizer_looking_at.
	(parse_groups): Likewise.

	* src/tokenize_config.c (config_tokenizer_looking_at): Don't call
	config_tokenizer_next.

	* src/testsuite/functions.sh (LSHD_USERAUTH): Partly reverted
	previous change. Define, but don't export.

Niels Möller's avatar
Niels Möller committed
525
2010-10-29  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
526

Niels Möller's avatar
Niels Möller committed
527
528
529
530
531
532
533
	* src/testsuite/functions.sh (LSHD_LIBEXEC_DIR): Define and
	export.
	(LSHD_USERAUTH): Deleted.

	* src/server_config.c (parser_parse_option): Don't check for
	proper end of line if we already had a syntax error.

Niels Möller's avatar
Niels Möller committed
534
535
536
537
538
539
540
541
	* src/lshd.c (lshd_service_request_handler): Take
	environment variable LSHD_LIBEXEC_DIR and compiled in LIBEXECDIR
	into account when interpreting the program name. Added the
	resulting name to debug output. Also deleted local variable hex.

	* src/environ.h.in (FILE_LSHD_USERAUTH): Stripped directory part.
	(ENV_LSHD_LIBEXEC_DIR): New define.

Niels Möller's avatar
Niels Möller committed
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
	* src/lshd.c (lshd_service_request_handler): Use
	server_lookup_service.
	(lshd_argp_parser): Updated handling of default service.
	(lshd_config_handler): Initialize service_config child.
	(lshd_config_children): Added service_config_parser.

	* src/server.c (make_service_entry): New function.
	(make_service_config): Updated initialization.
	(server_lookup_service): New function.
	(service_options): New option --service-add.
	(service_argp_parser): Support --service-add. Support multiple
	--service and --service-add options.
	(service_config_options): New config option "service".
	(service_config_handler): New function.
	(service_config_parser): New config file parser.

	* src/server.h (class service_entry): New class.
	(class service_config): Support multiple services.

Niels Möller's avatar
Niels Möller committed
561
562
563
564
565
566
567
568
569
570
571
572
	* src/tcpforward.c (make_tcpforward_listen_port): Trace output of
	requested port and the bound ip address.
	(tcpforward_connect_error): Convert error number to string.
	(tcpforward_connect): Trace output of target port.
	(tcpforward_connect): Fixed logging of errno when io_connect
	fails.

	* src/client_x11.c (x11_connect_error): Convert error number to
	string.

	* src/io.c (oop_io_connect): Use errno if getsockopt fails.

Niels Möller's avatar
Niels Möller committed
573
2010-10-28  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
574
575
576
577
578
579
580
581

	* src/testsuite/functions.sh (at_connect): Use our own mini-inetd.
	* src/testsuite/rapid7-lsh-test: Likewise.

	* src/testsuite/Makefile.in (TS_SH): Omit obsolete
	lshd-no-auth-test.
	(TARGETS): Added mini-inetd.
	(OTHER_SOURCES): Added mini-inetd.c.
Niels Möller's avatar
Niels Möller committed
582
	(mini-inetd): New rule.
Niels Möller's avatar
Niels Möller committed
583
584
585
586
587

	* src/testsuite/mini-inetd.c: New file. Reimplementation of
	mini-inetd, hopefully working better with IPv6 than the version in
	tcputils.

Niels Möller's avatar
Niels Möller committed
588
2010-10-26  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
589
590

	* src/werror.c (werror_format): Made static.
Niels Möller's avatar
Niels Möller committed
591

Niels Möller's avatar
Niels Möller committed
592
593
	* src/testsuite/server-config-test.c: Added '=' tokens in input.

Niels Möller's avatar
Niels Möller committed
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
	* src/testsuite/config/lshd-connection.conf: Updated to new syntax
	with '=' tokens.
	* src/testsuite/config/lshd-userauth.conf: Likewise.
	* src/testsuite/config/lshd.conf: Likewise.

	* src/server_config.c (parser_init): Deleted unnecessary cast.
	(parser_finalize): Deleted err argument and return value. Updated
	callers.
	(list_append): New function.
	(parse_value_list): New function.
	(parser_parse_option): Recognize CONFIG_TYPE_LIST. Require '='
	token for all other types.
	(server_config_print_example): Output '=' tokens. Handle
	CONFIG_TYPE_LIST.

	* src/server_config.h (enum config_type): Renamed
	CONFIG_TYPE_UNSIGNED to CONFIG_TYPE_NUMBER. Added
	CONFIG_TYPE_LIST.

	* src/tokenize_config.c (char_class): Added '=' as separator.
	(config_tokenizer_next): Recognize '='.

	* src/tokenize_config.h (enum config_token_type): Added TOK_EQUAL.

Niels Möller's avatar
Niels Möller committed
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
	* src/pkcs5-test.c (main): Added long options. Deleted -?, and
	fixed handling of bad options.
	* src/testsuite/prgrp-timeout.c (main): Likewise.

	* src/lshd-userauth.c (read_packet): Don't treat EOF at start of
	header as an error.
	(main): Deleted useless trace call before arpg_parse.

	* src/lshd-pty-helper.c (utmp_gettimeofday): New function, to work
	around ut_tv 32-bit backwards compatibility hack for 64-bit
	systems.

	* src/tcpforward.c (tcpforward_connect_error): Use STRERROR to
	display socket error code.
	(make_tcpforward_listen_port): Trace output of local and target
	ports.

	* src/client_x11.c (x11_connect_error): Use STRERROR to display
	socket error code.

Niels Möller's avatar
Niels Möller committed
638
2010-08-24  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
639
640
641
642
643
644

	* src/scm/guile-compat.scm: Use the rdelim module, for the
	read-line. Needed at least for guile-1.8.7.

	* doc/fixff.pl: Use regexp m modifier rather than the arcane $*.

Niels Möller's avatar
Niels Möller committed
645
2010-07-23  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
646
647
648
649

	* src/lshd-userauth.c (lookup_user): Set user->shell before use.
	(handle_userauth): More verbose output.

Niels Möller's avatar
Niels Möller committed
650
2010-07-20  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
651
652
653
654

	* src/crypto.c (make_des3_cbc_instance): Updated to Nettle's new
	DES interface.

Niels Möller's avatar
Niels Möller committed
655
2010-06-04  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
656

Niels Möller's avatar
Niels Möller committed
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
	* src/testsuite/Makefile.in (TS_SH): Added passwd-1-test and
	passwd-2-test.
	(check): Don't pass on PASSWD_PRELOAD, leave that for
	functions.sh.

	* src/testsuite/passwd-1-test: New test, using dummy passwd
	database.
	* src/testsuite/passwd-2-test: New test, password authentication.

	* src/testsuite/setup-env: Fixed setup of test password.

	* src/testsuite/functions.sh (need_getpwnam_wrapper): New function.
	(ENV_PROGRAM, GETPWNAM_PRELOAD): New variables.

	* src/testsuite/getpwnam-wrapper.c (getpwnam): Added
	empty-passwd-testuser to the dummy passwd database.

	* src/lshd.c (lshd_service_request_handler): Don't hard code
	--session-id argument, instead substitute "$(session_id)" if
	appearing on the argument list.
	(lshd_argp_parser): For the default service, ssh-userauth, add
	--session-id $(session_id) to the argument list.

	* src/lshd-userauth.c (lookup_user): If there's no login shell,
	consider the account disabled. Improved check for missing home
	directory.

	* src/Makefile.in (stamp-h): Standard rule for config.h via
	stamp-h.

Niels Möller's avatar
Niels Möller committed
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
	* src/lshd.c (read_host_key): Recognize dsa-sha256.

	* src/lshd-userauth.c (get_verifier): Recognize ssh-dsa-sha256.

	* src/lsh-transport.c (read_user_key): Recognize dsa-sha256.
	(lsh_transport_lookup_verifier): Recognize ssh-dsa-sha256.

	* src/lsh-decode-key.c (lsh_decode_key): Recognise ssh-dsa-sha256.
	Also slight code cleanup.

	* src/dsa.c: Updated dsa-sha1 functions for renamed constants.
	(do_dsa_verify): Require signature blob to be precisely 40 octets.
	(do_dsa_sha256_verify): New function.
	(do_dsa_sha256_public_key): New function.
	(do_dsa_sha256_public_spki_key): New function.
	(init_dsa_sha256_verifier): New function.
	(parse_ssh_dsa_sha256_public): New function.
	(do_dsa_sha256_sign): New function.
	(do_dsa_sha256_get_verifier): New function.
	(make_dsa_sha256_verifier): New function.
	(make_dsa_sha256_signer): New function.
	(dsa_sha256_algorithm): New algorithm.
	(make_ssh_dsa_sha256_verifier): New function.

	* src/crypto.h: Declarations for dsa-sha256.

	* src/algorithms.c (lookup_hostkey_algorithm): Recognize
	dsa-sha256.

Niels Möller's avatar
Niels Möller committed
716
	* src/Makefile.in (GPERF_FLAGS): Tweaked positions, to distinguish
Niels Möller's avatar
Niels Möller committed
717
718
719
720
721
	between ssh-rsa and ssh-dsa.

	* src/atoms.in: Added ssh-dsa, ssh-dsa-sha256@lysator.liu.se,
	and dsa-sha256.

Niels Möller's avatar
Niels Möller committed
722
2010-06-03  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
723
724
725
726
727
728
729

	* src/lsh-keygen.c: Added support for dsa-sha256 keys.
	(main_options): Improved descriptions.
	(dsa_sha1_generate_key): Renamed, was dsa_generate_key.
	(dsa_sha256_generate_key): New function.
	(enum config_algorithm): New enum.

Niels Möller's avatar
Niels Möller committed
730
2010-06-02  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
731
732
733
734
735

	* src/testsuite/getpwnam-wrapper.c (getpwnam): Use
	GETWPWNAM_WRAPPER_DIR to locate configuration directory.

	* src/testsuite/setup-env: Create a password for testing.
Niels Möller's avatar
Niels Möller committed
736

Niels Möller's avatar
Niels Möller committed
737
2010-06-01  Niels Möller  <nisse@lysator.liu.se>
738
739
740
741
742

	* configure.ac (LOCAL_NETTLE_DEP): When building with the bundled
	nettle library, setup a dependency when linking.
	* src/Makefile.in (LOCAL_NETTLE_DEP): Use it here.

Niels Möller's avatar
Niels Möller committed
743
2010-05-25  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
744
745
746
747

	* src/lsh-keygen.c (dsa_generate_key): Updated call to
	dsa_generate_keypair to explicitly specify a 160 bit q.

Niels Möller's avatar
Niels Möller committed
748
2010-03-30  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
749

Niels Möller's avatar
Niels Möller committed
750
751
752
753
754
	* src/dsa.c (do_dsa_verify): Updated for Nettle's dsa_sha1_verify
	rename.
	(do_dsa_sign): Updated for Nettle's dsa_sha1_sign rename, and
	check return value.

Niels Möller's avatar
Niels Möller committed
755
756
757
758
759
760
	* src/server_session.c (stdin_eof): New function. If we have a
	pty, send EOF and ignore error.
	(oop_write_stdin): Use it.
	(do_receive): Use it.
	(do_server_session_event): Use it, replacing old code to send EOF.

Niels Möller's avatar
Niels Möller committed
761
2010-03-24  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
762
763
764
765
766
767
768

	* src/lsh-transport.c (start_userauth): Check return value from
	the SIGN method.
	* src/server_keyexchange.c (server_dh_handler): Likewise.

	* src/rsa.c (do_rsa_sign): Check return value from rsa_sha1_sign.

Niels Möller's avatar
Niels Möller committed
769
2010-03-23  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
770
771
772
773

	* src/client_x11.c (do_client_channel_x11_receive): Fixed broken,
	too short(!), allocation for X11 connection failure message.

Niels Möller's avatar
Niels Möller committed
774
2010-03-04  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
775

Niels Möller's avatar
Niels Möller committed
776
777
778
779
	* src/testsuite/functions.sh (spawn_xvfb): Explicitly setup the
	xauthority file using xauth add, don't rely on xauth generate and
	the X11 security extension.

Niels Möller's avatar
Niels Möller committed
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
	* src/lsh-keygen.c (main_argp_parser): Added --bit-length option,
	to replace the old --level option. Added sypport for -a symmetric,
	which generates random keys for use as a shared secret.
	(check_file): Allow file to be NULL.
	(process_private): Hex encode symmetric keys.
	(main): Use the value of the --bit-length option. New logic to
	handle generation of symmetric keys.
	(dsa_generate_key): Take bit size as input, not a NIST security
	level.
	(main_argp_parser): By default, don't encrypt symmetric keys.

	* src/lshd.c: Updated for service_config being a class.

	* src/server.c (make_service_config): New function, replacing
	init_service_config.

	* src/server.h (service_config): Make this into a class rather
	than a struct, for safer casting in service_argp_parser.

Niels Möller's avatar
Niels Möller committed
799
2010-02-23  Niels Möller  <nisse@lysator.liu.se>
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819

	* src/lshd.c (lshd_context): Added service_config, deleted
	commented-out attributes.
	(lshd_service_request_handler): Made service configurable.
	(make_lshd_context): Use init_transport_context and
	init_service_config.
	(lshd_config): Deleted werror_config (it's inherited via
	server_config).
	(make_lshd_config): Deleted call to make_werror_config.
	(lshd_argp_children): Added service_argp.
	(lshd_argp_parser): Updated initialization of child_inputs. Setup
	default service, ssh-userauth.
	(lshd_config_handler): Fixed references to the inherited
	werror_config.

	* src/Makefile.in (COMMON_SOURCES): Added arglist.c.

	* src/server.h (service_config): New class.

	* src/server.c (init_service_config): New function.
Niels Möller's avatar
Niels Möller committed
820
	(service_argp, service_argp_parser): New parser för --service {
821
822
	... } argument.

Niels Möller's avatar
Niels Möller committed
823
2010-02-20  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
824
825
826
827
828
829
830
831
832
833

	* src/lsh-transport.c (make_lsh_transport_config): Use
	init_transport_context.
	(start_userauth): In verbose mode, display the user name we're
	trying to authenticate.
	(try_password_auth): Likewise.
	(try_keyboard_interactive_auth): Likewise.

	* src/transport.c (init_transport_context): New function.

Niels Möller's avatar
Niels Möller committed
834
2010-02-15  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
835

Niels Möller's avatar
Niels Möller committed
836
837
838
	* src/lshd.c (make_lshd_port): Check that IPV6_V6ONLY is defined
	before trying to setsockopt it.

Niels Möller's avatar
Niels Möller committed
839
840
841
	* src/testsuite/Makefile.in (OTHER_SOURCES): Added
	getpwnam-wrapper.c.

Niels Möller's avatar
Niels Möller committed
842
2010-02-11  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
843
844
845
846

	* src/lshd-userauth.c (main_options): Renamed options to start
	with --allow or --deny.

Niels Möller's avatar
Niels Möller committed
847
2010-02-08  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
848

Niels Möller's avatar
Niels Möller committed
849
850
851
	* configure.ac: When looking for a shared libc, look for the
	symlink /libc.so.* rather than the glibc-specific name libc-*.so.

Niels Möller's avatar
Niels Möller committed
852
853
854
855
	* src/lshd-userauth.c: Renamed configuration parameters and
	corresonding variables to allow-password, allow-publickey and
	allow-root-login.

Niels Möller's avatar
Niels Möller committed
856
2010-02-05  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
857
858
859
860
861
862
863
864
865
866
867
868
869
870

	* src/testsuite/config/lshd-userauth.conf: Added enable-publickey
	option.

	* src/testsuite/lsh-4-test: Added missing call to test_done.

	* src/lshd-userauth.c (lshd_userauth_config_handler): New
	function.
	(main_options): New options --password, --publickey, --root-login,
	and negated versions.
	(handle_userauth): Implement the the options.
	(handle_publickey, handle_password): Take the configuration as
	argument, and return 0 if the method is not enabled.

Niels Möller's avatar
Niels Möller committed
871
2010-02-04  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
872

Niels Möller's avatar
Niels Möller committed
873
874
875
876
877
878
	* src/server_config.c (parser_parse_option): Require new line at
	end of option-value pair, and warn for spurious tokens before the
	end of line.

	* src/tokenize_config.c (config_tokenizer_eolp): New function.

Niels Möller's avatar
Niels Möller committed
879
880
	* src/testsuite/Makefile.in (PASSWD_PRELOAD): New variable, set
	depending on IF_LD_PRELOAD, and passed to the environment of
Niels Möller's avatar
Niels Möller committed
881
	run-tests.
Niels Möller's avatar
Niels Möller committed
882
883
884
885
886
887
888
889
890
891
	(getpwnam-wrapper): Use $(CCPIC). Deleted -rdynamic when compiling
	and -Wl,-soname when linking.

	* configure.ac: Use LSH_CCPIC.
	(IF_LD_PRELOAD): New substituted variable, set if we apepar to
	use dynamic libraries.
	(KRB_PROGRAM, PAM_PROGRAM): Deleted.

	* src/config.make.in (CCPIC): New variable.

Niels Möller's avatar
Niels Möller committed
892
2010-02-02  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
893

Niels Möller's avatar
Niels Möller committed
894
895
896
897
898
899
	* src/testsuite/Makefile.in: Added rules for building
	getpwnam-wrapper.so. Needs to be configured.

	* src/testsuite/getpwnam-wrapper.c: New file, intended to be used
	for lshd test cases.

Niels Möller's avatar
Niels Möller committed
900
901
902
	* src/client.c (kill_client_connection): Use trace rather than
	werror.

Niels Möller's avatar
Niels Möller committed
903
2010-01-12  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
904
905
906
907
908

	* src/lshd-userauth.c (handle_password): New function, currently
	untested and #if:ed out.

	* src/crypto.h (hash_algorithm): Deleted class, just use the
909
	corresponding struct nettle_hash.
Niels Möller's avatar
Niels Möller committed
910

Niels Möller's avatar
Niels Möller committed
911
2009-10-25  Niels Möller  <nisse@lysator.liu.se>
912
913
914
915

	* configure.ac: Updated URL for liboop, it's now
	http://liboop.ofb.net.

Niels Möller's avatar
Niels Möller committed
916
2009-10-21  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
917
918
919
920

	* src/lshd.c (make_lshd_port): Set the IPPROTO_IPV6ONLY socket
	option when listening on an IPv6 socket.

Niels Möller's avatar
Niels Möller committed
921
2009-10-07  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
922
923
924
925

	* src/lshd-userauth.c (lookup_user): Added support for shadow
	passwords.

Niels Möller's avatar
Niels Möller committed
926
2009-09-22  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945

	* src/testsuite/lsh-6-test (ALGORITHMS): Updated list to include
	aes128 in cbc and ctr modes.

	* src/testsuite/aes-test.c: Added tests for aes128-cbc, aes128-ctr
	and aes256-ctr.

	* src/crypto.c (crypto_aes128_cbc_algorithm): New algorithm.
	(crypto_aes128_ctr_algorithm): Likewise.

	* src/algorithms.c (all_symmetric_algorithms): Added aes128-cbc
	and aes128-ctr.
	(all_crypto_algorithms): Likewise.
	(default_crypto_algorithms): Replaced aes256-cbc by aes128-ctr, as
	the preferred choice.
	(lookup_crypto): Added "aes128-cbc" with alias "aes-cbc", added
	"aes-128-ctr" with aliases "aes", "aes128", "aes-ctr". Removed
	some aliases for "aes256-cbc" and "aes256-ctr", including the old
	"rijndael" alias.
Niels Möller's avatar
Niels Möller committed
946

Niels Möller's avatar
Niels Möller committed
947
2009-09-05  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
948
949
950
951

	* src/server_config.c (server_config_parse_example): Don't use
	options where the example is NULL.

Niels Möller's avatar
Niels Möller committed
952
2009-09-01  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
953

Niels Möller's avatar
Niels Möller committed
954
955
956
957
958
959
960
961
	* src/testsuite/functions.sh (XAUTHORITY): Put xauthority file in
	$TEST_HOME.

	* src/Makefile.in (uninstall): Delete files in $(libexecdir).

	* doc/Makefile.in (DISTFILES): Removed explicit
	srp-spec.txt (already included via $(TARGETS)).

Niels Möller's avatar
Niels Möller committed
962
	* src/Makefile.in: Added make rules for autoheader.
Niels Möller's avatar
Niels Möller committed
963

Niels Möller's avatar
Niels Möller committed
964
	* configure.ac: Test for $with_system_argp != no, rather than =
Niels Möller's avatar
Niels Möller committed
965
	yes.
Niels Möller's avatar
Niels Möller committed
966

Niels Möller's avatar
Niels Möller committed
967
2009-08-31  Niels Möller  <nisse@lysator.liu.se>
968

Niels Möller's avatar
Niels Möller committed
969
970
971
972
	* doc/Makefile.in (DISTFILES): Distribute TODO file.

	* Makefile.in (install uninstall): Recurse into sftp directory.

Niels Möller's avatar
Niels Möller committed
973
2009-08-24  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
974
975
976

	* .bootstrap, Makefile.in, configure.ac: Reenable building of sftp.

Niels Möller's avatar
Niels Möller committed
977
2009-05-30  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
978
979
980
981

	* doc/Makefile.in (.texinfo.info): Don't use a temporary output file
	$@T, trust makeinfo to not remove output file on errors.

Niels Möller's avatar
Niels Möller committed
982
2009-05-04  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
983
984
985

	* texinfo.tex: Upgrade to version 2009-03-22.17.

Niels Möller's avatar
Niels Möller committed
986
2009-02-24  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
987

Niels Möller's avatar
Niels Möller committed
988
989
990
	* src/server_pty.c (pty_open_slave): Work around Solaris problem
	with bogus definition of TIOCSCTTY.

Niels Möller's avatar
Niels Möller committed
991
992
993
	* src/lshd-pty-helper.c (die, werror, process_request): Improved
	error messages.

Niels Möller's avatar
Niels Möller committed
994
2009-02-23  Niels Möller  <nisse@lysator.liu.se>
Niels Möller's avatar
Niels Möller committed
995
996
997
998
999
1000

	* src/testsuite/x11-4-test: Explicitly start /bin/sh at the remote
	end. Avoid recursive use of here-documents. Use $XAUTH, $XMODMAP
	and friends.

	* src/client_x11.c (make_client_x11_display): Use KILL_RESOURCE on failure.