ChangeLog 239 KB
Newer Older
Niels Möller's avatar
Niels Möller committed
1
2
2006-05-08  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
3
4
5
	* src/connection.c (do_connection_flow_controlled) 
	(connection_send_kex): Trace output for hard_limit changes.

Niels Möller's avatar
Niels Möller committed
6
7
8
	* Man pages: Applied patch from Stefan Pfetzing, addressing long
	lines and non-ascii caharacters.

Niels Möller's avatar
Niels Möller committed
9
10
11
12
13
2006-05-04  Niels Mller  <niels@s3.kth.se>

	* src/testsuite/daemon-fd-test: Reverted previous change. Use a
	single-digit fd.

Niels Möller's avatar
Niels Möller committed
14
15
16
17
18
19
20
2006-05-03  Niels Mller  <niels@s3.kth.se>

	* src/testsuite/daemon-fd-test: Avoid using exec with no arg, for
	better portability.

	* src/daemon.c (daemon_started_by_inetd): Deleted debug message.

Niels Möller's avatar
Niels Möller committed
21
22
2006-05-01  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
23
24
25
26
27
28
29
30
31
	* src/testsuite/lshg-cat-test: Fixed message for compare_output.

	* src/daemon.c (daemon_init): When backgrounding, let the parent
	process use _exit rather than exit. We used to let the
	intermediate process wait on the child, in order to print out a
	message for any unexpected status code. But then we get a race in
	the testsuite, because that process may keep the listen sockets
	open even after the main process has deleted its pid file.

Niels Möller's avatar
Niels Möller committed
32
33
	* src/lshd.c (main): Fixed handling of stderr, with --no-syslog.

Niels Möller's avatar
Niels Möller committed
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
2006-04-29  Niels Mller  <nisse@lysator.liu.se>

	* configure.ac: Check for function getdtablesize.

	* src/testsuite/Makefile.am (TS_SH): Added daemon-fd-test.

	* src/testsuite/daemon-1-test: Renamed file to...
	* src/testsuite/daemon-fd-test: ... new file. Improved test, using
	/proc/self/fd.

	* src/lshd.c (main): Improved daemonic behaviour. Call
	daemon_close_fds. When --daemonic --no-syslog is given, still perform all
	daemonic processing except for the redirect of stderr to /dev/null.

	* src/daemon.h: Updated prototypes. Deleted C++ guard.

	* src/daemon.c (daemon_pidfile): Deleted #if:ed out file locking
	code.
	(daemon_started_by_init, daemon_started_by_inetd): Made static.
	(daemon_detect): New function, split out from daemon_init.
	(daemon_dup_null): Likewise.
	(getdtablesize): New function, for systems that don't have it in
	libc.
	(daemon_close_fds): New function.
	(daemon_init): New argument with the daemon mode. Split handling
	of fd:s to the new functions daemon_dup_null and daemon_close_fds.

Niels Möller's avatar
Niels Möller committed
61
62
63
64
65
2006-04-28  Niels Mller  <niels@s3.kth.se>

	* src/testsuite/daemon-1-test: New test. Test that lshd doesn't
	leak any fd:s to child processes.

Niels Möller's avatar
Niels Möller committed
66
67
68
69
70
2006-02-09  Niels Mller  <nisse@lysator.liu.se>

	* doc/index.html: Updated sshtools link, after prodding from
	Jerrad Pierce.

Niels Möller's avatar
Niels Möller committed
71
72
2006-01-27  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
73
74
	* configure.ac: Bumped version to 2.0.3.

Niels Möller's avatar
Niels Möller committed
75
76
77
78
	* Released lsh-2.0.2.

	* NEWS: Entry for 2.0.2.

Niels Möller's avatar
Niels Möller committed
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
2006-01-23  Niels Mller  <niels@s3.kth.se>

	* src/xauth.c (x11_forward): Commented out unused class. 

	* src/lsh-make-seed.c (spawn_source_process): Explicitly close
	dev_null fd in child process.

	* src/unix_random.c (do_device_source, random_init): Use
	io_set_close_on_exec, to avoid fd:s leaking to user shells.
	* src/werror.c (werror_argp_parser): Likewise.
	* src/server_pty.c (pty_open_master): Likewise.
	* src/unix_interact.c (make_unix_interact): Likewise (even if this
	is in the client).
	* src/io.c (lsh_pushd_fd): Likewise.
	(lsh_pushd): Likewise. Also fixed EINTR logic.

Niels Möller's avatar
Niels Möller committed
95
96
97
98
2005-11-28  Niels Mller  <nisse@lysator.liu.se>

	* src/testsuite/lcp-test: Skip test if /bin/bash doesn't exist.

Niels Möller's avatar
Niels Möller committed
99
100
2005-11-26  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
101
102
103
	* src/testsuite/lsh-6-test (ALGORITHMS): Try both aes-cbc and
	aes-ctr.

Niels Möller's avatar
Niels Möller committed
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
	* src/dummy.c (ctr_crypt): New dummy implementation.

	* src/lsh_string.c (lsh_string_ctr_crypt): New function.

	* src/crypto.c (class aes_cbc_instance): Renamed class, was
	aes_instance. Renamed the corresponding functions too. 
	(aes_ctr_instance): New class.
	(do_aes_ctr_crypt, make_aes_ctr_instance): New functions.
	(crypto_aes256_ctr_algorithm): New algorithm.

	* src/algorithms.c (all_symmetric_algorithms): Added
	ATOM_AES256_CTR.
	(all_crypto_algorithms): Likewise.
	(lookup_crypto): Check for "aes256-ctr" and "aes-ctr".

	* src/atoms.in: Added symbols for counter mode ciphers.

Niels Möller's avatar
Niels Möller committed
121
122
123
124
125
126
127
128
129
130
131
132
133
2005-11-25  Niels Mller  <nisse@lysator.liu.se>

	* misc/run-tests (find_program): If argument contains a slash
	(most likely because VPATH expansion in make), return the filename
	as is.

	* .bootstrap: Don't exit if src/nettle/aclocal.m4 already exists.
	Make all symlinks before checking for the "links" argument.

	* configure.ac (LSH_GCC_FUNCTION_NAME): Deleted use of this macro.
	Deleted the checks for the sizes of short, int and long. Use
	-Wno-pointer-sign when compiling with gcc-4.x.

Niels Möller's avatar
Niels Möller committed
134
135
136
137
138
139
2005-11-25  Niels Mller  <niels@s3.kth.se>

	* misc/run-tests: New -v option, propagated to test programs.

	* src/ssh-conv: Fixed syntax error in awk program.

Niels Möller's avatar
Niels Möller committed
140
141
142
143
2005-11-23  Niels Mller  <niels@s3.kth.se>

	* src/xalloc.h (number_of_strings): Deleted declaration.

Niels Möller's avatar
Niels Möller committed
144
145
146
147
148
149
150
151
2005-11-20  Niels Mller  <nisse@lysator.liu.se>

	* src/ssh-conv: In the awk script, check for ssh-dsa and ssh-rsa
	only when state == 0.

	* misc/run-tests: Added --debug option. If used, the teardown-env
	script is not run.

Niels Möller's avatar
Niels Möller committed
152
153
2005-11-07  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
154
155
156
157
158
159
160
	* .bootstrap: Link config.sub and config.guess to the nettle and
	spki subdirectories.

	* acinclude.m4 (LSH_CCPIC): AC_REQUIRE AC_CANONICAL_HOST, and use
	$host_os instead of uname.
	(LSH_RPATH_INIT): Likewise.

Niels Möller's avatar
Niels Möller committed
161
162
	* config.guess, config.sub: Moved files from src/nettle.

163
164
165
166
167
168
2005-10-16  Niels Mller  <nisse@lysator.liu.se>

	* acinclude.m4 (LSH_GCC_ATTRIBUTES): Put the declaration and
	definition of the test function in the declarations argument of
	AC_TRY_COMPILE. It used to end up inside main.

Niels Möller's avatar
Niels Möller committed
169
170
171
172
2005-10-15  Niels Mller  <nisse@lysator.liu.se>

	* acinclude.m4 (GMP_TRY_ASSEMBLE): New macro.

Niels Möller's avatar
Niels Möller committed
173
174
175
176
2005-10-05  Niels Mller  <nisse@lysator.liu.se>

	* doc/lsh.texinfo: Use @documentencoding ISO-8859-1.

Niels Möller's avatar
Niels Möller committed
177
178
179
2005-09-23  Niels Mller  <nisse@lysator.liu.se>

	* acinclude.m4 (LSH_FUNC_ALLOCA): Moved inclucion of malloc.h and
Niels Möller's avatar
Niels Möller committed
180
181
	check of HAVE_MALLOC_H inside #ifndef __GNUC__. On FreeBSD 4.9,
	malloc.h exists but generates obsoleteness warnings when used.
Niels Möller's avatar
Niels Möller committed
182

Niels Möller's avatar
Niels Möller committed
183
184
185
186
187
2005-09-07  Niels Mller  <niels@s3.kth.se>

	* doc/lsh.texinfo (sexp): Updated documentation on sexp-conv
	--hash. 

Niels Möller's avatar
Niels Möller committed
188
189
190
191
192
193
194
2005-09-06  Niels Mller  <niels@s3.kth.se>

	* src/parse_config.c (parse_groups): Made group name optional.

	* src/lsh-decode-key.c (lsh_decode_key): Removed redundant
	"lsh-decode-key:" prefix from messages.

Niels Möller's avatar
Niels Möller committed
195
196
197
198
199
2005-07-02  Niels Mller  <nisse@lysator.liu.se>

	* src/client.c (init_client_options): Use gc_global for the
	resource list. Needed for consistent gc if the connection fails.

Niels Möller's avatar
Niels Möller committed
200
201
2005-03-16  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
202
203
204
205
	* configure.ac: Bumped version to 2.0.2.

	* Released 2.0.1.

Niels Möller's avatar
Niels Möller committed
206
207
208
209
210
211
212
	* NEWS: Entry for 2.0.1.

	* src/atoms.in: Deleted diffie-hellman-group2-sha1.
	* src/lsh.c (main_argp_parser): Deleted support for
	diffie-hellman-group2-sha1.
	* src/lshd.c (main_argp_parser): Likewise.

Niels Möller's avatar
Niels Möller committed
213
214
215
216
217
218
219
220
221
222
223
224
2005-03-14  Niels Mller  <nisse@lysator.liu.se>

	* src/testsuite/lsh-7-test: Set $HOME when invoking lsh, to
	prevent it from picking up files in the real $HOME/.lsh directory.
	* src/testsuite/rapid7-lsh-test: Likewise.

	* src/unix_interact.c (read_password): Ask for passwords also in
	quiet mode. Reported by Georg Sauthoff.

	* src/charset.c (ucs4_is_control): Don't treat '\n' as a dangerous
	control character. Reported by Georg Sauthoff.

Niels Möller's avatar
Niels Möller committed
225
226
227
228
2005-02-12  Niels Mller  <nisse@lysator.liu.se>

	* src/keyexchange.c (parse_kexinit): Bugfix (DOS). 

229
230
231
232
233
234
235
236
237
2005-02-01  Niels Mller  <nisse@lysator.liu.se>

	* src/exception.h (HANDLER_CONTEXT): Don't use FUNCTION_NAME.
	* src/lsh_string.h (lsh_string_alloc): Likewise.

	* acinclude.m4 (LSH_GCC_FUNCTION_NAME): The __FUNCTION__ feature
	of gcc has been obsoleted, so don't bother testing for it. (This
	makes trace messages less useful). 

Niels Möller's avatar
Niels Möller committed
238
239
240
241
242
2004-12-22  Niels Mller  <niels@s3.kth.se>

	* src/lsh-make-seed.c (get_system): Fixed handling of error from
	read, bug #1477.

Niels Möller's avatar
Niels Möller committed
243
244
245
246
2004-12-08  Niels Mller  <nisse@lysator.liu.se>

	* configure.ac: Bumped version to 2.0.1.

Niels Möller's avatar
Niels Möller committed
247
248
2004-12-07  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
249
250
	* Released lsh-2.0.

Niels Möller's avatar
Niels Möller committed
251
252
253
	* src/environ.h.in (USER_NAME_FROM_ENV): Examine $LOGNAME before
	$USER. This is the same behaviour as emacs and rcs.

254
255
2004-12-07  Pontus Freyhult  <pont@soua.net>

256
257
	* doc/lsh.texinfo (Action options): Added --detach and
	--write-pid options.
258
259
	(Features): Added section about gateway mode.
	(Invoking lshg): New node.
260
261
	(Action options): Added --subsystem option.
	(Invoking lshd): Added --subsystems option.
262

Niels Möller's avatar
Niels Möller committed
263
264
265
266
2004-12-06  Niels Mller  <nisse@lysator.liu.se>

	* configure.ac: Bumped version to 2.0.

Niels Möller's avatar
Niels Möller committed
267
268
269
270
271
2004-12-05  Niels Mller  <nisse@lysator.liu.se>

	* src/lshg.c (do_exc_lshg_handler): Exit only for EXC_IO_CONNECT
	errors. 

Niels Möller's avatar
Niels Möller committed
272
273
274
275
276
277
2004-12-05  Niels Mller  <nisse@lysator.liu.se>

	* src/testsuite/tcpip-remote-test: Don't run tcpconnect with
	/dev/null as standard input; for some reason, that doesn't work on
	SunOS-5.4. 

Niels Möller's avatar
Niels Möller committed
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
2004-11-30  Niels Mller  <nisse@lysator.liu.se>

	* src/testsuite/functions.sh (test_done): New function, used when
	exiting the testscripts. This is instead of using trap, which
	seemed to be unreliable on SunOS-5.4.
	(spawn_lshd): On failure, return exit code 1 from the function,
	instead of invoking test_fail.

	* src/testsuite/lsh-6-test: Fixed handling of return value from
	spawn_lshd. 

	* src/testsuite/lcp-test: Use die instead of test_fail.
	* src/testsuite/lsh-decrypt-key-test: Likewise.

	* src/testsuite/inetd-test: Use test_done.
	* src/testsuite/keygen-1-test: Likewise.
	* src/testsuite/keygen-2-test: Likewise.
	* src/testsuite/lsh-1-test: Likewise.
	* src/testsuite/lsh-2-test: Likewise.
	* src/testsuite/lsh-3-test: Likewise.
	* src/testsuite/lsh-5-test: Likewise.
	* src/testsuite/lsh-7-test: Likewise.
	* src/testsuite/lsh-8-test: Likewise.
	* src/testsuite/lsh-9-test: Likewise.
	* src/testsuite/lsh-encrypted-key-test: Likewise.
	* src/testsuite/lshd-no-auth-test: Likewise.
	* src/testsuite/lshg-1-test: Likewise.
	* src/testsuite/lshg-tcpip-local-test: Likewise.
	* src/testsuite/seed-test: Likewise.
	* src/testsuite/socks4-test: Likewise.
	* src/testsuite/socks5-test: Likewise.
	* src/testsuite/tcpip-local-in-use-test: Likewise.
	* src/testsuite/tcpip-local-test: Likewise.
	* src/testsuite/tcpip-remote-test: Likewise.
	* src/testsuite/write-key-1-test: Likewise.
	* src/testsuite/write-key-2-test: Likewise.
	* src/testsuite/x11-1-test: Likewise.

Niels Möller's avatar
Niels Möller committed
316
317
318
319
2004-11-26  Niels Mller  <nisse@lysator.liu.se>

	* src/io.c (io_bind_local): NUL-terminate AF_UNIX socket name.

320
321
322
323
324
325
2004-11-25  Niels Mller  <nisse@lysator.liu.se>

	* misc/xenofarm.sh: Don't insist on using GNU make. If we're not
	using GNU make, disable dependency tracking, since it wont' work
	with nettle.

Niels Möller's avatar
Niels Möller committed
326
327
2004-11-23  Niels Mller  <nisse@lysator.liu.se>

328
329
330
	* acinclude.m4 (LSH_DEPENDENCY_TRACKING): New configure flag
	--disable-dependency-tracking. New substitution DEP_INCLUDE.

Niels Möller's avatar
Niels Möller committed
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
	* src/lshg.c (make_lshg_connect): New argument, resource.
	(main): Pass options->super.resources to make_lshg_connect.

	* src/gateway_commands.c (gateway_make_connection): New argument,
	a resource to be adopted by the connection.
	(gateway_init): Likewise.
	(gateway_accept): Pass a NULL-resource to gateway_make_connection.

2004-11-22  Niels Mller  <nisse@lysator.liu.se>

	* src/client.c (init_client_options): Init the resources list.
	(make_client_session): Use IO_STDERR. Add the session resources to
	options->resources, instead of calling gc_global.

	* src/client.h (client_options): New attribute, resources.

	* src/srp-gen.c (main_argp_parser): Updated for changes to
	io_write_file. 

	* src/lshd.c: Updated for changes to handshake_command. Pass a
	NULL resource.
	(make_lshd_listen_callback): Updated for changes to
	make_handshake_info. 

	* src/lsh.c (do_lsh_lookup): Use a single A_WRITE to write the
	acl-entry to a file.
	(make_lsh_connect): New argument resource. Deleted kexinit
	argument (it's now part of handshake_info). Use the new protect
	command, to pass the resource to handshake, and destroy it on
	exceptions.
	(main_argp_parser): Updated for changes io_write_file.
	(main): Updated for changes to make_lsh_connect and
	make_handshake_info. Pass options->super.resources to the
	handshake command.

	* src/io.c (WITH_LIBOOP_SIGNAL_ADAPTER): Compile time choice of
	whether or not to use the liboop signal adapter.
	(io_init) [WITH_LIBOOP_SIGNAL_ADAPTER]: Create signal adapter.
	(io_final) [WITH_LIBOOP_SIGNAL_ADAPTER]: Destroy signal adapter.
	(make_lsh_fd): Files of both types IO_STDIO and IO_STDERR are
	shared. Bugfix: Don't reset type to zero.	
	(write_only_file): New class.
	(do_write_only_file, make_io_write_file): New function.
	(io_write_file): Don't create a lsh_fd. Instead, use the simpler
	write_only_file, and return a struct abstract_write *. These files
	are never closed.
	(close_fd): Don't close files of type IO_STDERR. For files of type
	IO_STDIO, close them, and map the fd to /dev/null.

	* src/io.h (io_type): New enum constant IO_STDERR.

	* src/handshake.c (make_handshake_info): New argument kexinit.
	(handshake_command): New first argument, a resource to be adopted
	by the connection. Deleted the kexinit argument, kexinit is now
	passed as an attribute of handshake_info.

	* src/handshake.h (handshake_info): New attribute kexinit.

	* src/gc.c (gc_iterate_objects): New function (#if:ed out), for
	debugging purposes.

	* src/command.c (catch_collect_body): Deleted unused class.
	(do_catch_collect_body, make_catch_collect_body, do_catch_simple):
	Deleted functions. 
	(protect_handler): New class.
	(protect_command)): New command.

	* src/command.h (catch_command): Deleted unused class.

Pontus Freyhult's avatar
Pontus Freyhult committed
400
401
2004-11-20  Pontus Freyhult  <pont@soua.net>

402
403
404
405
	* doc/Makefile.am (man_MANS): Added new manpages so they'll
	be installed.
	(EXTRA_DIST): Added man_MANS.

406
407
408
409
410
411
412
413
414
	* doc/lsh.texinfo (Files and environment variables): Added
	documentation for LSHFLAGS, LSHGFLAGS, SSH_CLIENT and SSH_TTY.
	(Converting keys): Added lsh-export-key example. Rewrote part
	about lshs SPKI format slightly.

	* doc/lshg.1: LSHGFLAGS, not LSHG_FLAGS.

	* doc/lshg.1: LSHFLAGS, not LSH_FLAGS.	

415
416
417
418
419
420
421
422
423
424
425
426
427
428
	* doc/ssh-conv.1, doc/lsh-upgrade.1, doc/lsh-make-seed.1,
	doc/lsh-keygen.1, doc/lsh-keygen.1, doc/lsh-export-key.1,
	doc/lsh-decrypt-key.1, doc/lsh-decode-key.1, doc/lsh-writekey.1,
	doc/lsh-authorize.1, doc/lsh-upgrade-key.1, doc/lsh.1, 
	doc/lshd.8, doc/lshg.1: Added disclaimer pointing to info system.
	
	* doc/ssh-conv.1 (lsh-decode-key): New manpage.

	* doc/lsh-upgrade.1: Misc. fixes.

	* doc/lsh-make-seed.1: New manpage.

	* doc/lsh-keygen.1: New manpage.

Pontus Freyhult's avatar
Pontus Freyhult committed
429
430
431
432
433
434
435
436
	* doc/lsh-export-key.1: New manpage.

	* doc/lsh-decrypt-key.1: New manpage.

	* doc/lsh-decode-key.1: New manpage.

	* doc/lsh-writekey.1: New manpage.

Niels Möller's avatar
Niels Möller committed
437
438
2004-11-19  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
439
440
441
442
443
444
	* src/io.c (io_final): Assert that nfiles == 0.
	(do_buffered_read): Added trace output on EOF.
	(do_consuming_read): Likewise.
	(close_fd_write): Added trace output. Close the file if there's no
	write buffer and no read callback.

Niels Möller's avatar
Niels Möller committed
445
446
	* src/io.h (class lsh_fd): Deleted unused attribute next.

447
448
2004-11-19  Pontus Freyhult  <pont@soua.net>

449
450
451
452
	* doc/lsh-authorize.1, doc/lsh-upgrade-key.1, doc/lsh-upgrade.1,
	doc/lsh.1, doc/lshd.8, doc/lshg.1: Added missing dot in AUTHOR
	sentence.

453
454
455
	* doc/lsh.texinfo (Converting keys): Added example for sshd host.
	(Features): Added bit about SOCKS proxy feature.

456
457
	* src/lshg.c (main_options): Added missing dot in -G option help.

458
459
460
461
462
463
464
465
466
467
468
469
	* doc/lsh.1: Updated for lsh 2.0.
	
	* doc/lshd.8: Updated for lsh 2.0.
	
	* doc/lshg.1: New man page.

	* doc/lsh-authorize.1: New man page.

	* doc/lsh-upgrade.1: New man page.

	* doc/lsh-upgrade-key.1: New man page.

Niels Möller's avatar
Niels Möller committed
470
471
2004-11-18  Niels Mller  <nisse@lysator.liu.se>

472
473
474
	* acinclude.m4 (LSH_DEPENDENCY_TRACKING): Use [!...] instead of
	[^...] for inverted character classes in case.

Niels Möller's avatar
Niels Möller committed
475
476
	* src/Makefile.am (bin_SCRIPTS): Install the lcp script.

Niels Möller's avatar
Niels Möller committed
477
478
479
480
481
482
483
484
485
486
487
	* src/lsh-export-key.c (enum output_mode): New enum.
	(encode_base64_line): New function.
	(sexp_to_ssh2_key): Alternative output formats, fingerprint and
	openssh single-line format.
	(main_options): New options --fingerprint and --openssh.
	(make_options): Make standard format the default output format.
	(main_argp_parser): Handle new options.

	* src/spki.c (spki_make_verifier): New third argument for
	returning the name of the algorithm. Updated callers.

Niels Möller's avatar
Niels Möller committed
488
489
490
	* misc/xenofarm.sh (oopcfgargs): Disable all add-on liboop
	adapters. 

Niels Möller's avatar
Niels Möller committed
491
492
2004-11-18  Niels Mller  <niels@s3.kth.se>

493
494
495
	* README: Updated examples, and the lists of needed tools and
	libraries. 

Niels Möller's avatar
Niels Möller committed
496
497
498
	* misc/xenofarm.sh (oopcfgargs): Build liboop with
	--disable-shared.

Niels Möller's avatar
Niels Möller committed
499
500
2004-11-17  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
501
502
	* src/unix_random.c (do_trivia_source): Check HAVE_GETRUSAGE.

Niels Möller's avatar
Niels Möller committed
503
504
	* src/lsh-writekey.c (main_argp_parser): Fixed C99-ism.

Niels Möller's avatar
Niels Möller committed
505
506
2004-11-16  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
507
508
509
	* misc/getopt.h: Deleted __ from argument names in prototypes,
	i.e. "argc", not "__argc". Needed for mingw compilation.

Niels Möller's avatar
Niels Möller committed
510
511
512
513
514
515
516
	* .bootstrap: Typo fix.

	* misc/getopt.c, misc/getopt1.c, misc/getopt.h: Moved files here.
	Linked into the directories that need them by ./.bootstrap.

	* src/environ.h.in (USER_NAME_FROM_ENV): Check $USER first.

Niels Möller's avatar
Niels Möller committed
517
518
2004-11-14  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
519
520
521
	* src/io.c (handle_nonblock_error): Ignore errno ENOTTY. FreeBSD 5
	returns this error code when we try to set /dev/null in
	non-blocking mode.
Niels Möller's avatar
Niels Möller committed
522

Niels Möller's avatar
Niels Möller committed
523
524
525
526
527
528
529
	* src/environ.h.in (USER_NAME_FROM_ENV): New macro, which consults
	both $LOGNAME and $USER.
	* src/client.c (init_client_options): Use it.
	* src/srp-gen.c (make_srp_gen_options): Likewise.
	* src/lshd.c (main_argp_parser): Likewise.
	* src/lsh-writekey.c (main_argp_parser): Likewise.

Niels Möller's avatar
Niels Möller committed
530
531
532
533
534
535
536
537
538
539
540
	* src/server_pty.c: When using snprintf, NUL-terminate the strings
	explicitly.

	* .bootstrap: Link misc/vsnprintf.c info the argp and sftp
	directories.

	* misc/vsnprintf.c: Portable and public domain implementation of
	snprintf and vsnprintf, copied from
	http://www.fiction.net/blong/programs/snprintf.c, with some minor
	fixes. This file is moved here from the src/argp directory.

Niels Möller's avatar
Niels Möller committed
541
542
543
544
545
	* src/testsuite/Makefile.am (CLEANFILES): Delete testfiles lcp-file-*.txt
	(TS_SH): Added lcp-test.

	* src/testsuite/lcp-test: Test cases for lcp.

Niels Möller's avatar
Niels Möller committed
546
547
2004-11-13  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
548
549
550
	* src/lcp: Reviewed, and fixed some bugs. Looks at $LCP_RSH,
	instead of $LCP_SSH.

551
552
553
	* acinclude.m4 (LSH_DEPENDENCY_TRACKING): Don't add dependency
	files themselves as targets.

Niels Möller's avatar
Niels Möller committed
554
555
556
	* misc/xenofarm.sh (status): There's no config.h in the liboop
	directory, so don't try to copy it.

Niels Möller's avatar
Niels Möller committed
557
558
559
560
2004-11-12  Niels Mller  <nisse@lysator.liu.se>

	* misc/xenofarm.sh (--make-program): New command line option.

561
562
563
564
565
566
567
568
2004-11-09  Niels Mller  <niels@s3.kth.se>

	* src/lsh-krb-checkpw.c (main): Noted that the current code seems
	to work only with Heimdal, not MIT kerberos.

	* configure.ac: Check for krb5_verify_user_lrealm, and disable
	kerberos support if not found.

Niels Möller's avatar
Niels Möller committed
569
570
571
572
573
574
2004-11-09  Niels Mller  <nisse@lysator.liu.se>

	* doc/lsh.texinfo: Set UPDATED-FOR to 2.0.

	* misc/xenofarm.sh: Fixed typos in the oop-related tasks.

575
576
2004-11-07  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
577
578
579
	* doc/lsh.texinfo (Action options): Documented -D (socks
	forwarding).

580
581
582
	* misc/xenofarm.sh: If a liboop dist is included in the build
	package, install it in $pfx before trying to build lsh.

583
584
585
586
587
2004-10-26  Niels Mller  <nisse@lysator.liu.se>

	* acinclude.m4 (LSH_DEPENDENCY_TRACKING): Need extra quoting in
	case pattern.

588
589
590
591
592
2004-10-20  Niels Mller  <niels@s3.kth.se>

	* acinclude.m4 (LSH_DEPENDENCY_TRACKING): Disable dependency
	tracking for gcc-2.

Niels Möller's avatar
Niels Möller committed
593
594
595
596
597
2004-10-20  Niels Mller  <nisse@lysator.liu.se>

	* .bootstrap: Link install-sh, texinfo.tex, COPYING and INSTALL
	into the nettle subdir.

Niels Möller's avatar
Niels Möller committed
598
599
600
601
602
603
604
605
2004-10-19  Niels Mller  <nisse@lysator.liu.se>

	* acinclude.m4 (LSH_DEPENDENCY_TRACKING): New macro.
	(LSH_MAKE_CONDITIONAL): New macro.

	* .bootstrap: In the nettle subdir, link acinclude.m4 as
	aclocal.m4, not acinclude.m4.

Niels Möller's avatar
Niels Möller committed
606
607
608
2004-10-08  Niels Mller  <niels@s3.kth.se>

	* src/client_userauth.c (do_userauth_info_request): Enforce limits
Niels Möller's avatar
Niels Möller committed
609
610
	on the length of name and instruction. Prepend the name and an
	empty line to the instruction.
Niels Möller's avatar
Niels Möller committed
611
612
613
614
615
616
617
618
619

	* src/unix_interact.c (unix_dialog): Deleted instruction argument,
	display dialog->instruction instead.

	* src/interact.h (interact_dialog): New instruction attribute.
	(INTERACT_DIALOG): Deleted instruction argument.
	* src/interact.c (make_interact_dialog): Initialize
	self->instruction to NULL.

Niels Möller's avatar
Niels Möller committed
620
621
2004-10-07  Niels Mller  <niels@s3.kth.se>

Niels Möller's avatar
Niels Möller committed
622
623
624
625
626
627
	* src/lsh-writekey.c (main_argp_parser): When --server is given,
	don't use encryption by default.

	* src/testsuite/login-auth-test (LSHD_FLAGS): Use --login-shell
	instead of --login-program.

Niels Möller's avatar
Niels Möller committed
628
629
	* doc/lsh.texinfo: Updated for version 1.5.6.

Niels Möller's avatar
Niels Möller committed
630
631
	* src/lshd.c (make_lshd_options): New default: Enable X11
	forwarding.
Niels Möller's avatar
Niels Möller committed
632
	(main_options): Deleted broken --login-program option.
Niels Möller's avatar
Niels Möller committed
633
634
635
636
637
638
639
640
641
642
643
644
645
646

	* src/lsh-writekey.c (make_lsh_writekey_options): New default:
	Encrypt private key using aes256-cbc.

	* src/lsh-keygen.c (make_lsh_keygen_options): New default:
	Generate RSA keys.

	* src/testsuite/keygen-1-test: Pass -c none to lsh-writekey.
	* src/testsuite/keygen-2-test: Likewise.
	* src/testsuite/lsh-decrypt-key-test: Likewise.
	* src/testsuite/setup-env: Likewise.
	* src/testsuite/write-key-1-test: Likewise.
	* src/testsuite/write-key-2-test: Likewise.
	
Niels Möller's avatar
Niels Möller committed
647
648
649
650
2004-10-06  Niels Mller  <nisse@lysator.liu.se>

	* src/testsuite/Makefile.am (EXTRA_DIST): Added UTF-8-test.txt.

Niels Möller's avatar
Niels Möller committed
651
652
2004-10-05  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
653
654
655
656
657
658
659
660
661
	* src/Makefile.am (GPERF_FLAGS): Added -k21, to distinguish
	diffie-hellman-group1-sha1 and diffie-hellman-group2-sha1.

	* src/lsh.c (main_argp_parser): Support "diffie-hellman-group2-sha1".
	* src/lshd.c (main_argp_parser): Likewise.

	* src/atoms.in (diffie-hellman-group2-sha1): New name, for now an
	alias to diffie-hellman-group14-sha1.

Niels Möller's avatar
Niels Möller committed
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
	* src/testsuite/inetd-test: Start lshd with --daemon --no-syslog.
	Note that this test is not yet enabled, and inetd mode not working.

	* src/parse.c (parse_utf8): Keep track of the length of invalid
	sequences. Moved the check for overlong sequences, not it's done
	after the complete sequence is processed.

	* src/charset.c (low_utf8_to_local): If utf8_tolerant is set,
	replace invalid utf8 sequences with '?'. Used mainly by the
	testsuite. 

	* src/charset.h (enum utf8_flag): New flag utf8_tolerant.

	* src/testsuite/utf8-test.c: New test program.
	* src/testsuite/Makefile.am (TS_PROGS): Added utf8-test.
	* src/testsuite/UTF-8-test.txt: Markus Kuhn's utf8 testfile.

	* src/testsuite/functions.sh: Added -q to LSHD_FLAGS again.

Niels Möller's avatar
Niels Möller committed
681
682
2004-10-02  Niels Mller  <nisse@lysator.liu.se>

683
684
	* src/daemon.c (daemon_started_by_inetd): More debug output.

Niels Möller's avatar
Niels Möller committed
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
	Implemented client-side "keyboard-interactive".
	* src/unix_interact.c (unix_read_password): Split off...
	(read_password): New function, reads password and doesn't free
	prompt. 
	(unix_dialog): New function.

	* src/ssh.h (SSH_MSG_USERAUTH_INFO_REQUEST) 
	(SSH_MSG_USERAUTH_INFO_RESPONSE): New constants.

	* src/server_password.c (do_authenticate): Disallow control
	characters in user names.
	* src/server_userauth.c (do_none_preauth): Likewise.
	* src/server_publickey.c (do_authenticate): Likewise.

	* src/parse.c (parse_utf8): New argument *utf8_length. Treat
	overlong sequences surrigates and the non-characters 0xfffe and
	0xffff as errors.

	* src/lsh.c (make_lsh_login): Use keyboard-interactive, if the
	other methods fail.

Niels Möller's avatar
Niels Möller committed
706
707
708
	* src/scm/gaba.scm (make-freer): Free elements of allocated
	arrays, i.e. variables of type "space".

Niels Möller's avatar
Niels Möller committed
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
	* src/interact.h (interact_dialog): New class. 
	(INTERACT_DIALOG): New method.

	* src/interact.c (make_interact_dialog): New function.

	* src/debug.c (do_debug): Censor packets of type
	SSH_MSG_USERAUTH_INFO_RESPONSE. 

	* src/client_userauth.c (client_password_method): Renamed class
	to...
	(client_userauth_interactive_method): ... Used for both "password"
	and "keyboard-interactive".
	(format_userauth_kbdinteract, format_userauth_info_response): New
	functions.
	(client_kbdinteract_state, userauth_info_request_handler): New
	classes.
	(do_userauth_info_request, make_userauth_info_request_handler)
	(do_kbdinteract_failure, make_client_kbdinteract_state)
	(do_kbdinteract_login, make_client_kbdinteract_auth): New
	functions.

	* src/atoms.in: Added "keyboard-interactive". 

	Changes to utf8 decoding.
	* src/charset.h (enum utf8_flag): New enum.

	* src/charset.c (utf8_to_local, low_utf8_to_local): Implemented
	control character fitlering. Replaced STRICT argument with two
	flags utf8_replace and utf8_paranoid.
	(ucs4_is_control): New function.
	(local_is_utf8): Deleted function.

	* src/werror.c (werror_vformat): Improved utf8 handling. Always
	convert with utf8_replace, and add utf8_paranoid in paranoia mode.
	
Niels Möller's avatar
Niels Möller committed
744
745
746
747
2004-09-22  Niels Mller  <niels@s3.kth.se>

	* acinclude.m4 (LSH_CCPIC): Don't use -fpic on cygwin.

Niels Möller's avatar
Niels Möller committed
748
749
750
751
2004-08-31  Niels Mller  <nisse@lysator.liu.se>

	* acinclude.m4 (LSH_CCPIC): New macro.

Niels Möller's avatar
Niels Möller committed
752
753
754
755
2004-07-16  Niels Mller  <nisse@lysator.liu.se>

	* src/client.c (do_background_process): Fixed C99-ism.

Niels Möller's avatar
Niels Möller committed
756
757
2004-06-22  Niels Mller  <niels@s3.kth.se>

Niels Möller's avatar
Niels Möller committed
758
759
	* src/parse.c (parse_utf8): Use unsigned variables.

Niels Möller's avatar
Niels Möller committed
760
761
	* src/testsuite/inetd-test: New test case, not yet enabled.

Niels Möller's avatar
Niels Möller committed
762
763
764
765
766
2004-06-17  Niels Mller  <nisse@lysator.liu.se>

	* src/parse.c (parse_utf8): Check that the buffer doesn't end in
	the middle of an utf8 sequence.

Niels Möller's avatar
Niels Möller committed
767
768
2004-06-15  Niels Mller  <niels@s3.kth.se>

Niels Möller's avatar
Niels Möller committed
769
770
771
	* src/version.h (SOFTWARE_SLOGAN): New macro; string appended to
	the software version in the initial handshake.

Niels Möller's avatar
Niels Möller committed
772
773
774
775
776
777
	* src/lsh.c (main_argp_parser): Added support for
	diffie-hellman-group14-sha1. 
	* src/lshd.c (main_argp_parser): Likewise.

	* src/dh_exchange.c (make_dh14): New function.

Niels Möller's avatar
Niels Möller committed
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
	* src/publickey_crypto.c (zn_member): Deleted unused method.
	(zn_range, zn_invert, zn_mul, zn_exp, zn_exp_ui, zn_add, zn_sub):
	Non-static functions replaces the GROUP_COMBINE etc methods.
	(make_group_zn, make_ring_zn): Deleted functions...
	(make_ssh_group): ... replaced by new funtion.
	(make_ssh_group1, make_ssh_ring_srp_1): Use make_ssh_group.
	(make_ssh_group14): New function.

	* src/publickey_crypto.h (abstract_group): Deleted class and
	methods.
	(zn_group): Declare class here, and plain functions for using it.
	Replaced all uses of struct abstract_group with const struct
	zn_group.
	(dh_instance): Use const for the dh_method pointer.
	
	* src/atoms.in: Added diffie-hellman-group14-sha1.

Niels Möller's avatar
Niels Möller committed
795
796
2004-06-12  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
797
798
	* configure.ac: Bumped version to 1.5.6.

Niels Möller's avatar
Niels Möller committed
799
800
	* Released lsh-1.5.5.

Niels Möller's avatar
Niels Möller committed
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
2004-06-10  Niels Mller  <nisse@lysator.liu.se>

	* src/keyexchange.c (parse_kexinit): Deleted unused argument
	peer_flags.

	* misc/Makefile.am (EXTRA_DIST): Include tsocks-forcelocal.patch.

	* src/algorithms.c (lookup_hash): Deleted unused function.
	(all_symmetric_algorithms): Deleted old aes alias
	rijndael-cbc@lysator.liu.se. Added official serpent name
	serpent256-cbc. The alias serpent-cbc@lysator.liu.se should be
	removed at a later date.	
	(all_crypto_algorithms): Likewise.
	(lookup_crypto): Likewise.

	* src/atoms.in: Deleted spki-related atoms, now handled by
	libspki. Also deleted pkcs5-related atoms that aren't used.
	Deleted rijndael-cbc@lysator.liu.se.
	
Niels Möller's avatar
Niels Möller committed
820
821
2004-06-09  Niels Mller  <niels@s3.kth.se>

Niels Möller's avatar
Niels Möller committed
822
823
824
825
826
	* src/testsuite/functions.sh: Removed -q from LSHD_FLAGS.

	* src/server_pty.c (SYSTEM_GROUP): New macro.
	(pty_check_permissions): If there's no "tty" group, try "system".

Niels Möller's avatar
Niels Möller committed
827
828
829
	* src/testsuite/Makefile.am (TS_SH): Removed ssh1-fallback-test.
	(EXTRA_DIST): Removed fake-sshd1.

Niels Möller's avatar
Niels Möller committed
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
	* src/testsuite/fake-sshd1, src/testsuite/ssh1-fallback-test:
	Deleted files.

	* src/version.h (SSH1_SERVER_PROTOCOL_VERSION): Deleted.

	* src/Makefile.am (liblsh_a_SOURCES): Removed ssh1_fallback.c.

	* src/lshd.c: Removed the ssh1-fallback option.

	* src/handshake.c (do_line): Made the server disallow banner lines
	from clients.

	* configure.ac: Deleted option --with-sshd1.

	* src/io.c (io_set_blocking): Deleted function.

	* src/handshake.c (connection_line_handler): Deleted fd and
	fallback attributes.
	(make_connection_read_line): Deleted fd and fallback arguments.
	(make_handshake_info): Deleted fallback argument. Updated callers.
	(do_line): Deleted ssh1-fallback handling.
	
	* src/ssh1_fallback.h, src/ssh1_fallback.c: Deleted file.

	* src/handshake.h (handshake_info): Deleted fallback attribute.

	* doc/lsh.texinfo (Invoking lshd): Deleted --ssh1-fallback.

	* src/keyexchange.c (KEXINIT_MAX_ALGORITMS): Increased limit to
	500.
	(parse_kexinit): Deleted code handling of
	PEER_KEXINIT_LANGUAGE_KLUDGE.

	* src/handshake.c (compat_peer_flags): #if:ed out function.

	* src/connection.h (enum peer_flags): Deleted constants.

	* configure.ac: Deleted option --disable-datafellows-workarounds.

	* src/proxy_x11forward.c (do_proxy_open_x11): Deleted code
	handling PEER_X11_OPEN_KLUDGE.

Niels Möller's avatar
Niels Möller committed
872
873
2004-06-08  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
874
875
	* src/client.c (client_prepend_action): New function.

Niels Möller's avatar
Niels Möller committed
876
877
878
879
880
881
882
883
	* src/client.c (client_options): New option --write-pid, to be
	used together with -B.
	(do_background_process): Optionally write the child pid to stdout.
	(make_background_process): New function.
	(client_argp_parser): When processing -B, pass the value of
	write_pid to make_background_process.
	(client_argp_parser): Handle --write-pid.

Niels Möller's avatar
Niels Möller committed
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
	Testsuite tweaks.
	* src/testsuite/lshg-1-test, src/testsuite/lshg-cat-2-test,
	src/testsuite/lshg-cat-test, src/testsuite/lshg-tcpip-local-test,
	src/testsuite/socks4-test, src/testsuite/socks5-test,
	src/testsuite/tcpip-local-in-use-test,
	src/testsuite/tcpip-local-test: Deleted unnessary sleep calls.

	* src/testsuite/functions.sh (at_connect): For the
	tcpip-local-in-use-test to work, we must record the mini-inetd
	pid, and kill it before exiting.

	* src/testsuite/functions.sh (spawn_lsh, spawn_lshg): Use new
	--write-pd option and -B to start processes in the background.

	* src/lsh.c (main_argp_parser): Use client_prepend_action to make
	sure that the gateway is started first.

	Removal of old bug-compatibility code.
	* src/handshake.c: Deleted most of the bug-compatibility flags. 

Niels Möller's avatar
Niels Möller committed
904
905
906
907
908
909
910
911
912
913
914
915
	* src/client_userauth.c (do_userauth_pk_ok): Deleted handling of
	PEER_USERAUTH_REQUEST_KLUDGE. 
	* src/server_publickey.c (do_authenticate): Likewise.

	* src/server.c (format_service_accept_kludge): Deleted function.
	(do_service_request): Deleted handling of
	PEER_SERVICE_ACCEPT_KLUDGE.

	* src/client.c (do_accept_service): Deleted handling of
	PEER_SERVICE_ACCEPT_KLUDGE. 
	* src/proxy.c (do_proxy_accept_service): Likewise.

Niels Möller's avatar
Niels Möller committed
916
917
918
919
920
921
922
923
924
925
	* src/dsa.c (do_dsa_verify, do_dsa_sign): Deleted handling of
	ATOM_SSH_DSS_KLUDGE_LOCAL. 

	* src/client_keyexchange.c (do_handle_dh_reply): Deleted handling
	of PEER_SSH_DSS_KLUDGE.
	* src/server_keyexchange.c (do_init_server_dh): Likewise.
	* src/server_publickey.c (do_authenticate): Likewise.

	* src/atoms.in: Deleted ssh-dss-kludge@lysator.liu.se.

Niels Möller's avatar
Niels Möller committed
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
2004-06-08  Niels Mller  <niels@s3.kth.se>

	* src/client.c (client_options): Deleted --cvs-workaround option.
	(client_argp_parser): Deleted handling of --cvs-workaround.
	(fork_input): Deleted function.
	(fork_output): Deleted function.
	(make_client_session): Keep our original stdio fd:s in blocking
	mode, and pass the type IO_STDIO to make_lsh_fd when appropriate.
	(do_detach_cb): Resetting stdio to blocking mode is no longer
	needed.

	* src/client.h (client_options): Deleted stdin_fork, stdout_fork
	and stderr_fork attributes.

	* src/werror.c (set_error_nonblocking): Deleted function.

	* src/server_session.c (spawn_process): Pass correct type
	(IO_NORMAL or IO_PTY) to make_lsh_fd. io_set_type is no longer
	needed. 

	* src/io.h (enum io_type): New type IO_STDIO.

	* src/io.c (io_final): No longer any need to reset stdio file
	descriptors to blocking mode.
	(write_raw_with_poll): Deleted function.
	(io_set_type): Deleted function.
	(io_init_fd): New argument, allowing certain fd:s to remain in
	blocking mode.
	(make_lsh_fd): New argument TYPE. Updated callers.
	(close_fd): Don't close fd:s that are of type IO_STDIO.

Niels Möller's avatar
Niels Möller committed
957
958
959
960
961
962
963
2004-04-07  Niels Mller  <nisse@lysator.liu.se>

	* src/server_pty.c (pty_open_slave): More verbose messages on failure.

	* src/write_packet.c (do_write_packet): Deleted debug output that
	may contain passwords.

964
965
966
967
2004-03-20  Niels Mller  <nisse@lysator.liu.se>

	* configure.ac: Use AC_CONFIG_AUX_DIR([.]).

Niels Möller's avatar
Niels Möller committed
968
969
970
971
2004-03-18  Niels Mller  <niels@s3.kth.se>

	* misc/run-tests (test_program): Strip .exe suffix from name.

Niels Möller's avatar
Niels Möller committed
972
973
2004-03-17  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
974
975
976
977
978
979
980
981
982
983
984
985
	* src/testsuite/Makefile.am (TS_SH): Run the socks4 and socks5
	tests. This is pointless, and hopefully harmless, on machines that
	don't have my hacked version of tsocks.

	* src/socks.c (socks_reply): Send a version 4 reply, if
	appropriate.
	(do_read_socks): Almost implemented socks4. Handling of username
	is slightly broken.

	* src/testsuite/socks4-test: New file.
	* src/testsuite/socks4-config: New file.

Niels Möller's avatar
Niels Möller committed
986
987
	* misc/tsocks-forcelocal.patch: New file.

Niels Möller's avatar
Niels Möller committed
988
989
990
	* misc/tsocks-forcelocal.patch: Also patch the tsocks script to
	look for the library in $libdir.

Niels Möller's avatar
Niels Möller committed
991
992
993
994
2004-03-15  Niels Mller  <nisse@lysator.liu.se>

	* src/testsuite/socks5-config: Added forcelocal keyword.

Niels Möller's avatar
Niels Möller committed
995
996
997
998
2004-03-01  Niels Mller  <nisse@lysator.liu.se>

	* src/testsuite/functions.sh (need_tsocks): New function.

999
1000
1001
1002
1003
2004-03-01  Niels Mller  <niels@s3.kth.se>

	* acinclude.m4 (LSH_FUNC_ALLOCA): Check for malloc.h, and include
	it if it exists. Needed for alloca on windows.

Niels Möller's avatar
Niels Möller committed
1004
1005
2004-02-29  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
	* src/testsuite/socks5-config: tsocks configuration file for
	socks5 test case.

	* src/testsuite/socks5-test: New socks5 test.

	* src/testsuite/tcpip-local-test: Check both directions of
	forwarded channel.

	* src/io.c (io_connect_list): Avoid resource leakage if the
	address list is empty, or all connection attempts fail
	immediately. 

Niels Möller's avatar
Niels Möller committed
1018
1019
1020
1021
	* src/socks.c (do_read_socks): Bugfix, update self->pos.

	* src/client.c (client_arg_unsigned): Typo fix.

Niels Möller's avatar
Niels Möller committed
1022
1023
1024
1025
1026
1027
	* src/lshg.c (main_options): Deleted short options -I and -D. The
	corresponding long options --send-debug and --send-ignore remains.

	* src/socks.c (do_read_socks): Fixed bugs in parsing of client's
	first message.

Niels Möller's avatar
Niels Möller committed
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
2004-02-27  Niels Mller  <nisse@lysator.liu.se>

	* src/client.c (client_argp_parser): New command line option -D,
	--forward-socks. 	
	(client_arg_unsigned): New function.

	* src/lshd.c: Don't include tcpforward_commands.h.

	* src/tcpforward_commands.c (make_open_tcpip_command): Made non-static.
	(open_direct_tcpip): Moved declaration back here, reverting
	yesterday's change.
	
	* src/tcpforward_commands.h: Deleted file. Prototypes moved to...
	* src/tcpforward.h: ...here.

	* src/socks.c: Rewritten. A successful connect should transform
	the control channel into a data channel.

	* src/process_atoms: Added extra quotes needed to get the length
	of "*" into atoms_table.c.

	* src/lsh.c (main): make_lsh_connect now returns a struct command *, so
	can delete one CAST_SUBTYPE.

	* src/channel_forward.c (channel_forward_start_io_read): New function.

Niels Möller's avatar
Niels Möller committed
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
2004-02-26  Niels Mller  <nisse@lysator.liu.se>

	* src/lsh_string.c (lsh_string_ntop): Use const void * for the
	input. 

	* src/tcpforward_commands.h (open_direct_tcpip,
	OPEN_DIRECT_TCPIP): Moved declarations here...
	* src/tcpforward_commands.c: ... from here.

	* src/socks.c: New file.
	* src/Makefile.am (liblsh_a_SOURCES): Added socks.c.

	* src/scm/gaba.scm (process-expr): Let the generated code return a
	struct command *, not a struct lsh_object *.

	* src/dummy.c (cbc_encrypt, cbc_decrypt): Use nettle_crypt_func
	for typing. 

1072
1073
1074
1075
1076
2004-02-25  Niels Mller  <nisse@lysator.liu.se>

	* misc/xenofarm.sh (cfgwarn, makewarn, ckprgwarn): Renamed
	variables log, warn and fail. 

1077
1078
2004-02-24  Niels Mller  <nisse@lysator.liu.se>

1079
1080
1081
1082
	* misc/xenofarm.sh (dotask): Fixed handling of $var.
	(cfgwarn, makewarn, ckprgwarn): Use $task when constructing
	filenames.

1083
1084
1085
	* misc/xenofarm.sh: Fixed tasks argpmake and nettlemake. New tasks
	ckargp and cknettle.

Niels Möller's avatar
Niels Möller committed
1086
1087
1088
1089
1090
	* src/Makefile.am (lshg_SOURCES, lshg_LDADD): Avoid linking with
	nettle. Need to link with dummy.o instead.

	* src/dummy.c: New file.

1091
1092
1093
	* misc/xenofarm.sh (cfgargs): Add the flags we want to use to cfgargs.
	(dotask): New optional argument with the name of the status variable.

1094
1095
1096
1097
1098
1099
2004-02-20  Niels Mller  <nisse@lysator.liu.se>

	* src/process_atoms: Fixes to make it work with Solaris /bin/sh.
	Replaced uses of echo -n with printf(1), and ${#foo} with `expr
	$foo : '.*'`.

Niels Möller's avatar
Niels Möller committed
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
2004-02-20  Niels Mller  <niels@s3.kth.se>

	* src/scm/Makefile.am (EXTRA_DIST): Deleted make-char-classes.

	* configure.ac: Deleted tests for bash.

	* src/Makefile.am (atoms_gperf.c, atoms_table.c): Don't use
	bash to run process_atoms script.
	(packet_types.h): Don't use bash to run the invert-defs script.

Niels Möller's avatar
Niels Möller committed
1110
1111
2004-02-19  Niels Mller  <niels@s3.kth.se>

Niels Möller's avatar
Niels Möller committed
1112
1113
	* src/scm/guile-compat.scm: Deleted most of the contents.

Niels Möller's avatar
Niels Möller committed
1114
1115
	* src/scm/make-char-classes.scm: Deleted obsolete file.

Niels Möller's avatar
Niels Möller committed
1116
1117
1118
1119
1120
2004-02-18  Niels Mller  <niels@s3.kth.se>

	* src/Makefile.am (prime_table.h, sexp_table.h, digit_table.h):
	Deleted rules for building obsolete files.

Pontus Freyhult's avatar
Pontus Freyhult committed
1121
1122
2004-02-18  Pontus Skld  <pont@soua.net>

Niels Möller's avatar
Niels Möller committed
1123
	* src/process_atoms: Converted script from bash to /bin/sh.
Pontus Freyhult's avatar
Pontus Freyhult committed
1124

Niels Möller's avatar
Niels Möller committed
1125
1126
2004-02-17  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
1127
1128
1129
	* src/unix_user.c (do_lookup_user) [!HAVE_SHADOW_H]: Enable shadow
	database code only if shadow.h can be included.

Niels Möller's avatar
Niels Möller committed
1130
1131
1132
1133
1134
1135
1136
1137
	* src/unix_process.c (do_logout_notice): Deleted gratious
	semicolon at end of function definition.
	(do_utmp_cleanup): Use UTMPX_UT_EXIT___E_TERMINATION and
	UTMPX_UT_EXIT_UT_TERMINATION. 

	* configure.ac: Check for ut_exit.__e_termination and
	ut_exit.ut_termination in struct utmp and struct utmpx.

Niels Möller's avatar
Niels Möller committed
1138
1139
1140
1141
1142
2004-02-16  Niels Mller  <niels@s3.kth.se>

	* configure.ac: Added gss-related configure checks (patch from
	Simon Josefsson).

Niels Möller's avatar
Niels Möller committed
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
2004-02-15  Niels Mller  <nisse@lysator.liu.se>

	* src/testsuite/Makefile.am (AM_CPPFLAGS): Need -I.., in order to
	include nettle-types.h.

	* src/unix_user.c (do_lookup_user): Just ignore shadow database if
	getspnam returns NULL.

	* src/lsh.h: #include nettle/types.h instead of inttypes.h.

	* src/atoms.h: #include lsh.h instead of inttypes.h.
	* src/charset.h: Likewise.
	* src/tty.h: Likewise.
	* src/testsuite/testutils.h: Likewise.

	* configure.ac: Bumped version to 1.5.5.

Niels Möller's avatar
Niels Möller committed
1160
1161
1162
1163
1164
2004-02-13  Niels Mller  <niels@s3.kth.se>

	* src/ssh.h: Added GSSAPI constants (patch from Simon Josefsson).
	* src/atoms.in: New symbol "gssapi".

Niels Möller's avatar
Niels Möller committed
1165
1166
1167
1168
1169
2004-02-12  Niels Mller  <nisse@lysator.liu.se>

	* src/io.c (address_info2sockaddr) [!HAVE_GETADDRINFO]: Updated
	code to work with new string abstraction.

1170
1171
1172
1173
2004-02-12  Niels Mller  <niels@s3.kth.se>

	* configure.ac: No space between "-I" and include directories.

Niels Möller's avatar
Niels Möller committed
1174
1175
2004-02-08  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
1176
1177
	* Released lsh-1.5.4.

Niels Möller's avatar
Niels Möller committed
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
	Implemented flow control for the connections write_buffer. The
	buffer is now of limited size. When it starts to get large, channel
	i/o is disabled. If it hits the limit, the connection is closed.

	* src/connection.c (WRITE_BUFFER_MAX, WRITE_BUFFER_MARGIN): New
	constants.
	(connection_flow_controlled): New class.
	(do_connection_flow_controlled): Reenable channel i/o when we have
	room in the write buffer.
	(make_ssh_connection): Initialize ssh_connection attributes
	wakeup, soft_limit and hard_limit.
	(connection_init_io): Changed argument type from struct
	abstract_write to struct lsh_fd. Install flow control on the
	socket's write_buffer. Deleted the randomness argument, and don't
	call make_packet_write. This way, both handshake_command and
	gateway_make_connection can call this function.
	(connection_wakeup): New function, which installs a wakeup
	callback on the connection.
	(connection_send_kex): Compare the size of the write_buffer to the
	soft and hard limits.
	(connection_send_kex_end): Invoke wakeup callback, if it's
	non-NULL.

	* src/connection.h (ssh_connection): New attribute socket,
	replaces old attribute raw. New attributes hard_limit and
	soft_limit. 

	* src/read_data.c (do_read_data_query): Stop reading, if
	connection->hard_limit is set, indicating an almost full
	write_buffer for the connection.

	* src/handshake.c (handshake_command): Adapt to changed
	connection_init_io. Use connection->socket instead of
	connection->raw. 

	* src/gateway_commands.c (gateway_make_connection): Use
	connection_init_io, so that flow control is set up properly.

	* src/channel.c (window_adjust_handler): Deleted redundant assert.
	(do_channels_after_keyexchange): Renamed to do_channels_wakeup. No
	longer needs to reinstall the handler.
	(init_connection_service): Use connection_wakeup, not
	connection_after_keyexchange. 

1222
1223
2004-02-07  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
1224
1225
	* install-sh: Removed from CVS repository. Let automake supply it.

1226
1227
1228
	* acinclude.m4 (LSH_FUNC_ALLOCA): Include <alloca.h>, if
	available, also when compiling with gcc.

Niels Möller's avatar
Niels Möller committed
1229
1230
2004-01-08  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
1231
1232
1233
	* src/rsync/rsync.h: Don't include inttypes.h, just let
	<nettle/md5.h> define uint8_t and other types.

Niels Möller's avatar
Niels Möller committed
1234
1235
1236
1237
1238
1239
1240
1241
	* src/Makefile.am (AM_CPPFLAGS): Added -I./nettle. Needed to find
	the nettle-types.h include file when building outside of the
	source directory.
	(packet_types.h): Changed rule to use $< to refer to the input
	file. 
	* src/testsuite/Makefile.am (AM_CPPFLAGS): Added -I../nettle.
	* src/rsync/Makefile.am (AM_CPPFLAGS): Added -I../nettle.

Niels Möller's avatar
Niels Möller committed
1242
1243
1244
1245
1246
1247
2004-01-08  Niels Mller  <niels@s3.kth.se>

	* src/tcpforward.c (do_channel_open_direct_tcpip): Log
	direct-tcpip request.
	(do_tcpip_forward_request): Log forward-tcpip request.

Niels Möller's avatar
Niels Möller committed
1248
1249
1250
1251
2004-01-08  Niels Mller  <nisse@harpo.hack.org>

	* configure.ac: No space between "-L" and library directories.

Niels Möller's avatar
Niels Möller committed
1252
1253
1254
1255
1256
2004-01-07  Niels Mller  <nisse@harpo.hack.org>

	* acinclude.m4 (AX_CREATE_STDINT_H): Copied macro definition from
	http://ac-archive.sourceforge.net/guidod/ax_create_stdint_h.html.

Niels Möller's avatar
Niels Möller committed
1257
1258
1259
1260
1261
2003-11-18  Niels Mller  <niels@s3.kth.se>

	* src/unix_process.c (utmp_book_keeping) [UTMPX_UT_SYSLEN]: Use
	lsh_string_length. 

Niels Möller's avatar
Niels Möller committed
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
2003-11-17  Niels Mller  <nisse@harpo.hack.org>

	* src/read_packet.c (class read_packet): New attribute
	mac_computed.
	(lsh_string_realloc): Deleted function.
	(do_read_packet, make_read_packet): Allocate block_buffer,
	mac_buffer and mac_computed at creation time, using
	SSH_MAX_BLOCK_SIZE and SSH_MAX_MAC_SIZE.

	* src/ssh.h (SSH_MAX_BLOCK_SIZE, SSH_MAX_MAC_SIZE): New constants,
	with the implementations's maximum block size and mac size.

Niels Möller's avatar
Niels Möller committed
1274
1275
2003-11-16  Niels Mller  <nisse@harpo.hack.org>

1276
1277
1278
	* src/lsh-writekey.c (main_argp_parser): Move declaration to
	support C90.

Niels Möller's avatar
Niels Möller committed
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
	* src/Makefile.am (liblsh_a_SOURCES): Added lsh_string.c.

	* src/lsh_string.c, src/lsh_string.h: New files, with a private
	string implementation. The point is that no other code should
	write directly into strings or other buffers.

	* src/gateway_commands.c (class read_gateway_packet): Use an
	lsh_string for the header buffer, not a plain char array.
	* src/read_line.c (class read_line): Likewise, for the line buffer.
	* src/write_buffer.h, src/write_buffer.c (class write_buffer):
	Likewise for the output buffer.

	* src/pkcs5.c (pkcs5_derive_key): Take lsh_string arguments, and
	return key as an lsh_string. Also use lsh_strings internally,
	instead of plain char buffers.

	* src/format.c (ssh_format_write, ssh_vformat_write)
	(format_hex_string, format_decimal, write_decimal_length): Take a
	lsh_string and position for the destination. Updated to use
	functions from lsh_string.c. Moved some functions to lsh_string.c.
	(lsh_string_colonize): Use const for input string. Use
	lsh_string_putc.
	(lsh_string_bubblebabble): Use lsh_string_putc. No need for
	explicit NUL-termination. Use const for input string.
	
	* src/format.c (ssh_format): Changed definition of %r, now stores
	the start position of the reserved area, not a pointer. Updated
	all callers.

	* src/lock_file.c, src/lsh-make-seed.c, src/server_session.c,
	src/server_x11.c: #include lsh_string.h.

	* src/spki.c (spki_hash_data): Rewritten to use hash_digest_string
	instead of hash_digest.

	* src/testsuite/testutils.c (decode_hex): Use const for input.
	Also other updates for lsh_string changes.
	
	* src/zlib.c (do_zlib): Use lsh_string_zlib. Updated for
	lsh_string changes.

	* src/werror.c (werror_decimal): Rewrote to not use
	format_decimal.
	(werror_hexdump): Use const for input.
	(werror_vformat): Updated for lsh_string changes.

	* src/unix_user.c (kerberos_check_pw, do_verify_password): Updated
	for lsh_string changes.

	* src/unix_interact.c (unix_yes_or_no): Updated for lsh_string
	changes.

	* src/string_buffer.h (struct string_buffer): Replaced current
	pointer with an integer position.
	* src/string_buffer.c: Updated for lsh_string changes.

	* src/spki.c (spki_pkcs5_encrypt): Use const for input argument.

	* src/server_userauth.c (do_handle_userauth): Updated for
	lsh_string changes.

	* src/server_publickey.c (do_authenticate): Updated for lsh_string
	changes. 

	* src/server_pty.c (pty_open_slave): Updated for lsh_string changes.

	* src/read_file.c (do_read_file): Updated for lsh_string changes.

	* src/parse_config.c: #include lsh_string.h.

	* src/lsh.h: Removed declarations for lsh_string. This is now
	provate to lsh_string.c. Only kept a forward declaration of struct
	lsh_string, and a declaration of lsh_string_free.

	* src/lsh-export-key.c (encode_base64): Use lsh_string.c functions.

	* src/lsh-decrypt-key.c (main): Updated for lsh_string changes.

	* src/lsh-decode-key.c (main): Use lsh_string_base64_decode.

	* src/io.c (do_consuming_read, io_read_file_raw): Use lsh_string_read.
	(do_write_callback): Updated for lsh_string changes.
	(sockaddr2info): Use lsh_string_ntop.

	* src/handshake.c (compat_peer_flags, split_version_string) 
	(do_line): Use const for input strings.

	* src/read_line.h (class line_handler): Use a const for the
	handler method.

	* src/dsa.c (make_ssh_dss_verifier): Use a lsh_string for the
	input. Updated for lsh_string changes.
	* src/rsa.c (make_ssh_rsa_verifier): Likewise.
	* src/publickey_crypto.h: Updated prototypes.

	* src/sexp.c (lsh_sexp_format): Function renamed to
	lsh_string_format_sexp, and moved to lsh_string.c. Updated
	callers.

	* src/daemon.c (daemon_pidfile): Updated for lsh_string changes.

	* src/client_keyexchange.c (do_handle_dh_reply): Updated for
	lsh_string changes. 

	* src/client.c (rebuild_command_line): Use lsh_string_write.

	* src/charset.c: Updated for lsh_string changes.
	(low_utf8_to_local): Use const for input.

	* src/xalloc.c: Removed string related functions. Moved to
	lsh_string.c. 

	* src/gc.c (gc): Use lsh_get_number_of_strings to access string
	counter. 
	(gc_final): Call lsh_string_final_check. 

	* src/abstract_crypto.h (CRYPT): Changed method to take an
	lsh_string and an index for source and destination. Also changed
	the order of source and destination arguments.
	(MAC_DIGEST): Take a lsh_string and index for the destination.

	* src/crypto.c: Rewrote cipher classes to use functions in
	lsh_string.c, instead of writing directly into the output string.
	(hash_digest_string): New function.
	(hash_digest): New function.
	(do_hmac_digest): Use lsh_string_write_hmac.

	* src/channel.c: Updated for lsh_string changes.
	* src/client_escape.c: Likewise.
	* src/client_userauth.c: Likewise.
	* src/client_x11.c: Likewise.
	* src/connection.c: Likewise.
	* src/debug.c: Likewise.
	* src/dh_exchange.c: Likewise.
	* src/keyexchange.c: Likewise.
	* src/lsh-writekey.c: Likewise.
	* src/lsh.c: Likewise.
	* src/read_packet.c: Likewise.
	* src/server.c: Likewise.
	* src/spki.c: Likewise.
	* src/srp-gen.c: Likewise.
	* src/srp_exchange.c: Likewise.
	* src/tcpforward.c: Likewise.
	* src/tty.c: Likewise.
	* src/unix_process.c: Likewise.
	* src/unix_random.c: Likewise.
	* src/write_packet.c: Likewise.
	* src/xauth.c: Likewise.

Niels Möller's avatar
Niels Möller committed
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
2003-11-11  Niels Mller  <nisse@harpo.hack.org>

	* src/Makefile.am (liblsh_a_SOURCES): Deleted unpad.c.

	* src/xalloc.c (lsh_object_free): Changed to take a const argument.

	* src/read_packet.c (do_read_packet): Moved code for stripping
	padding and inflating read packets to this function.
	* src/handshake.c (do_line): Deleted calls to make_packet_unpad
	and make_packet_inflate. 
	* src/unpad.c, src/unpad.h: Deleted files.
	* src/compress.c (class packet_compressor): Deleted class.
	(make_packet_codec): Deleted function.
	* src/compress.h (make_packet_deflate, make_packet_inflate):
	Deleted macros.

Niels Möller's avatar
Niels Möller committed
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
2003-11-10  Niels Mller  <nisse@harpo.hack.org>

	* src/connection.c (connection_send_kex): New function, replacing
	macro C_WRITE_NOW. Updated all callers.

	* src/read_file.h: Deleted file. Moved declarations to...
	* src/abstract_io.h: ... here. Deleted all inclusions of read_file.h.

2003-11-09  Niels Mller  <nisse@harpo.hack.org>

	* src/debug.h: Deleted file. Moved declarations to...
	* src/connection.h: ... here. Deleted all inclusions of debug.h.

Niels Möller's avatar
Niels Möller committed
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
2003-11-08  Niels Mller  <nisse@harpo.hack.org>

	* src/Makefile.am (liblsh_a_SOURCES): Removed pad.c, encrypt.c.
	Added write_packet.c. 

	* src/compress.c (do_packet_inflate): Keep sequence number.

	* src/pad.c, src/pad.h, src/encrypt.c, src/encrypt.h: Deleted
	files.
	* src/write_packet.c: New file and function, to replace pad.c and
	encrypt.c. 	
	* src/client.c, src/connection.c: Don't include pad.h and encrypt.h.
	* src/connection.h: Prototype for make_write_packet.

	* src/connection.c (connection_init_io): Use make_write_packet.

Niels Möller's avatar
Niels Möller committed
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
2003-10-30  Niels Mller  <nisse@harpo.hack.org>

	* src/connection.h (C_WRITE): Deleted macro. Updated all callers
	to use connection_send directly.

	Changed gateway protocol, to not use any extra padding.
	* src/gateway_commands.c (do_read_gateway): New function
	(make_read_gateway): New function.
	(do_gateway_pad): New extra padding.
	(gateway_make_connection): No need to call make_packet_unpad.

	* src/abstract_io.h (class read_handler): Use a const uint8_t *
	argument for the handler method.
	* src/read_file.c (do_read_file): Const argument.
	* src/read_line.c (do_read_line): Likewise.
	* src/read_packet.c (do_read_packet): Likewise.

Niels Möller's avatar
Niels Möller committed
1490
1491
2003-10-23  Niels Mller  <niels@s3.kth.se>

Niels Möller's avatar
Niels Möller committed
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
	* src/server_userauth.c: Rewrote comment about userauth
	serialization. 

	* src/io.c (close_fd): Deleted fd = -1 special case. 

	* src/connection.c (connection_lock, connection_unlock): Simplified.
	(do_exc_connection_handler): Deleted handling of
	EXC_PAUSE_CONNECTION and EXC_PAUSE_START_CONNECTION.
	* src/exception.h (EXC_PAUSE_CONNECTION) 
	(EXC_PAUSE_START_CONNECTION): Deleted exception types.

Niels Möller's avatar
Niels Möller committed
1503
1504
1505
1506
1507
1508
1509
	* src/dsa_keygen.c, src/rsa_keygen.c: Deleted files. Moved the
	dsa_generate_key and rsa_generate_key functions to ...
	* src/lsh-keygen.c: ... here.

	* src/dsa.c (generic_dsa_verify): Deleted function.
	(generic_dsa_sign): Likewise.

Niels Möller's avatar
Niels Möller committed
1510
1511
2003-10-22  Niels Mller  <niels@s3.kth.se>

Niels Möller's avatar
Niels Möller committed
1512
1513
1514
	* src/client_x11.c (client_x11_auth_info): Deleted commented out
	class.

Niels Möller's avatar
Niels Möller committed
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
	* src/server_session.c (do_alloc_pty): Return channel in question.
	(do_window_change_request): Likewise.
	(do_spawn_subsystem): Likewise.

	* src/gateway_channel.c (do_gateway_channel_request): Added FIXME
	on returned value.
	* src/server_x11.c (do_xauth_exit): Likewise.

	* src/client.c (do_exit_status): Return the channel in question to
	the continuation.
	(do_exit_signal): Likewise.

	* src/channel.c (channel_request_continuation): Expanded FIXME
	comment. 

Niels Möller's avatar
Niels Möller committed
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
	* src/parse.h: Include nettle/bignum.h instead of bignum.h.

	* src/format.h: Don't include bignum.h.
	* src/keyexchange.h: Likewise.
	* src/publickey_crypto.c: Likewise.
	* src/werror.h: Likewise.

	* src/dh_exchange.c (dh_generate_secret): Use nettle_mpz_random.
	Needs inclusion of nettle/bignum.h.

	* src/bignum.c, src/bignum.h: Deleted files.
	* src/Makefile.am (liblsh_a_SOURCES): Deleted bignum.c

Niels Möller's avatar
Niels Möller committed
1543
1544
	* configure.ac: Bumped version to 1.5.4.

Niels Möller's avatar
Niels Möller committed
1545
1546
1547
1548
1549
1550
	* src/interact.h (INTERACT_READ_PASSWORD): Deleted the forth
	argument FREE. Now the prompt string is always consumed. Updated
	all callers.
	* src/unix_interact.c (unix_read_password): Deleted fourth
	argument FREE.

Niels Möller's avatar
Niels Möller committed
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
	* src/lsh.h: Forward declaration of catch_report_collect.
	* src/channel_forward.h: ... and deleted corresponding declaration
	here. 

	* src/abstract_compress.c, src/abstract_compress.h: Deleted files.
	Moved contents to...
	* src/compress.c, src/compress.h: ... here. Updated users.

	* src/Makefile.am (liblsh_a_SOURCES): Removed abstract_compress.

Niels Möller's avatar
Niels Möller committed
1561
1562
1563
1564
1565
1566
1567
1568
2003-10-10  Niels Mller  <niels@s3.kth.se>

	* src/unix_user.c (do_read_file_fail): Return the created
	exception. 

	* src/lshd.c (main_argp_parser): Use getenv(ENV_LOGNAME), not
	getenv("LOGNAME"). 

Niels Möller's avatar
Niels Möller committed
1569
1570
1571
1572
1573
1574
2003-10-05  Niels Mller  <nisse@cuckoo.hack.org>

	* src/lsh.c (read_user_keys): Display error message for missing
	identity file only in verbose mode. Suggested by Thomas
	Krennwallner.

Niels Möller's avatar
Niels Möller committed
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
2003-09-27  Niels Mller  <nisse@cuckoo.hack.org>

	* src/gateway_channel.c (do_channel_open_forward): Moved creation
	of ORIGIN channel object from here...
	(do_gateway_channel_open_continuation): ... to here.
	(make_gateway_channel_open_continuation): Deleted ORIGIN argument.

	* src/channel.c (channel_open_handler): Bugfix for the case that
	alloc_channel fails.

Niels Möller's avatar
Niels Möller committed
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
2003-09-26  Niels Mller  <nisse@cuckoo.hack.org>

	* src/channel.c (login_service_command): Deleted redundant command.

	* src/lshd.c (main_options): #if:ed out login-auth-mode-user.
	(main_argp_parser): For login-auth-mode, we don't need a user
	database. Instead use make_unix_user_self and
	make_userauth_none_permit. 
	(install_session_handler): New command.
	(lshd_login_service): Take the "session" channel open handler as
	argument. We don't need a general list of connection hooks. Use
	init_connection_service, not the reduntant init_login_service.
	(make_lshd_login_service): Simplified a little.

	* src/server_userauth.c (do_none_preauth,
	server_userauth_none_preauth):  Userauth "none" handler which
	succeeds only if the user was authenticated during key exchange.	
	(userauth_none_permit): New class.
	(do_none_permit): Userauth "none" handler which always succeeds.
	(make_userauth_none_permit): New function.
	(userauth_none): Deleted class.
	(do_none_authenticate, make_userauth_none): Deleted functions.

	* src/unix_user.c (chdir_home): Deleted function.
	(exec_shell): Take separate arguments for shell, home, name, uid
	and gid, not a struct unix_user.
	(spawn_error, spawn_parent, spawn_child): New helper functions,
	broken out of do_spawn.
	(do_spawn): Use helper functions.
	(unix_user_self): New class.
	(do_verify_password_fail, do_file_exists_fail, do_read_file_fail):
	Dummy methods. 
	(do_spawn_self): Spawn method for unix_user_self class. 
	(make_unix_user_self): New function.
	(unix_current_user): Deleted function.

Niels Möller's avatar
Niels Möller committed
1621
1622
1623
1624
1625
2003-09-25  Niels Mller  <niels@s3.kth.se>

	* src/io.c (do_connect_list_callback): Fixed error message. errno
	is not valid here.

Pontus Freyhult's avatar
Pontus Freyhult committed
1626
1627
1628
1629
1630
1631
2003-09-25  Pontus Skld  <pont@soua.net>

	* src/channel.c (login_service_command): Use
	init_connection_service instead of init_login_service.
	(init_login_service): Removed redundant function.
	
1632
1633
1634
1635
1636
2003-09-22  Niels Mller  <nisse@cuckoo.hack.org>

	* README: Updated the instructions for building from CVS. List
	tcputils as a program needed for the testsuite.

Niels Möller's avatar
Niels Möller committed
1637
1638
1639
1640
2003-09-20  Niels Mller  <nisse@cuckoo.hack.org>

	* misc/mkdiff: Copied mkdiff script from the old lsh_1_2_BRANCH.

Niels Möller's avatar
Niels Möller committed
1641
1642
1643
1644
1645
1646
1647
1648
1649
2003-09-19  Niels Mller  <nisse@cuckoo.hack.org>

	* Released lsh-1.5.3.

	* src/channel.c (init_login_service): Added FIXME: for the purpose
	of this function.

	* src/io.c (close_fd): Added FIXME: on the fd->fd == -1 hack.

Niels Möller's avatar
Niels Möller committed
1650
1651
2003-09-19  Niels Mller  <niels@s3.kth.se>

Niels Möller's avatar
Niels Möller committed
1652
1653
	* configure.ac: Bumped version to 1.5.3.

Niels Möller's avatar
Niels Möller committed
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
	* src/client_keyexchange.c (do_handle_srp_reply): Fixed missing
	returns after disconnect_kex_failed and PROTOCOL_ERROR.

	* src/client_userauth.c (do_exc_userauth_disconnect): Clarified
	comment. 

	* src/channel_commands.c (do_channel_open_command): Added missing
	return EXCEPTION_RAISE. Fixed also in 1.4.3.

	* src/testsuite/Makefile.am (TS_SH): Fixed syntax error.

	* src/testsuite/lshd-random-input-test: New test case that
	connects to lshd and sends some random data.

Niels Möller's avatar
Niels Möller committed
1668
1669
1670
1671
1672
2003-09-18  Niels Mller  <nisse@cuckoo.hack.org>

	* src/read_line.c (do_read_line): Fixed buffer overrun bug,
	initially reported by Bennett Todd. Fixed also in stable branch.

1673
1674
1675
1676
1677
2003-09-18  Niels Mller  <nisse@lysator.liu.se>

	* distribution-key.gpg: Updated key, new signatures and new expire
	date. 

Pontus Freyhult's avatar
Pontus Freyhult committed
1678
1679
2003-09-16  Pontus Skld  <pont@soua.net>

Pontus Freyhult's avatar
Pontus Freyhult committed
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
	* src/lsh-writekey.c (main): Check that the given key isn't empty.

	* src/lsh-upgrade-key: Set a restrictive umask. Encrypted keys are
	no longer stored unencrypted in a temporary file, just piped
	through the conversion chain like unencrypted keys are.
 
	* src/lsh-writekey.c (process_private): Moved reading of
	passphrase here.
	(main_argp_parser): Reading of passphrase from tty is now done in
	process_private if required.

Pontus Freyhult's avatar
Pontus Freyhult committed
1691
1692
1693
1694
1695
	* src/testsuite/lshd-no-auth-test: New test to verify lshd fails
	gracefully when it may use no authentication method.

	* src/testsuite/Makefile.am (TS_SH): Use new lshd-no-auth-test.

Pontus Freyhult's avatar
Pontus Freyhult committed
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
2003-09-15  Pontus Skld  <pont@soua.net>

	* src/testsuite/Makefile.am (TS_SH): Use new test for login-auth
	mode.

	* src/testsuite/login-auth-test: New test for login-auth mode.

	* src/lshd.c: New defines OPT_LOGIN_AUTH_USER,
	OPT_OPT_NO_LOGIN_AUTH_MODE, OPT_LOGIN_AUTH_USER and
	OPT_BANNER_FILE.
	(lshd_options): New attributes with_loginauthmode,
	loginauthmode_user and banner_file.
	(make_lshd_options): Initialize new attributes.
	(main_options): New options for login-auth-mode and banner-file.
	(main_argp_parser): Make a userdb if using login-auth-mode too.
	Bugfix; make sure self->userauth_algorithms is initialized, even
	if we're using srp. Add a permissive userauth_none to
	self->userauth_algorithms if using login-auth mode. Handle new
	options.
	(lshd_login_service): New class.
	(make_lshd_login_service): New function.
	(make_lshd_listen_callback): Read banner-file and pass as a string
	to make_handshake_info is desired.
	(main): Use the login service in login-auth mode.

	* src/server_userauth.c (userauth_none): New class.
	(do_none_authenticate): Added code for login-auth-mode to
	auto login a specific user.
	(make_userauth_none): New function.

	* src/server_userauth.h (make_userauth_none): Declaration, removed
	static userauth_none.

	* src/unix_user.c (unix_current_user): New function, return
	username of current user.

	* src/lsh.c (main): Pass extra NULL to make_handshake_info.

	* src/handshake.c (make_handshake_info): New parameter
	banner_text, init attribute.

	* src/handshake.h (handshake_info): New attribute banner_text. 
	(make_handshake_info): New parameter.

	* src/channel.h: Declarataions for init_login_service,
	login_service_command annd INIT_LOGIN_SERVICE.

	* src/channel.c (init_login_service): New function to setup a
	login service.
	(login_service_command): Command to setup a connection for login
	service.

Niels Möller's avatar
Niels Möller committed
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
2003-08-17  Niels Mller  <nisse@cuckoo.hack.org>

	* src/scm/gaba.scm (out): Ignore #f entries.
	(process-class): New keyword condition, for preprocessor
	conditionals. 

2003-06-28  Niels Mller  <nisse@cuckoo.hack.org>

	* src/zlib.c (do_zlib): Changed messages from verbose to debug, to
	reduce clutter.

Niels Möller's avatar
Niels Möller committed
1759
1760
1761
1762
2003-06-12  Niels Mller  <nisse@cuckoo.hack.org>

	* Released lsh-1.5.2

Niels Möller's avatar
Niels Möller committed
1763
1764
2003-06-10  Niels Mller  <niels@s3.kth.se>

Niels Möller's avatar
Niels Möller committed
1765
1766
1767
	* src/lsh.c (read_known_hosts): Fixed error message when host-acls
	doesn't exist.

Niels Möller's avatar
Niels Möller committed
1768
1769
1770
	* src/testsuite/lsh-decrypt-key-test (fname, keyname): Store files
	in $TEST_HOME.

Niels Möller's avatar
Niels Möller committed
1771
1772
1773
1774
2003-06-06  Niels Mller  <nisse@cuckoo.hack.org>

	* src/Makefile.am (EXTRA_DIST): Added lsh-upgrade-key.

Pontus Freyhult's avatar
Pontus Freyhult committed
1775
1776
1777
1778
1779
1780
2003-06-06  Pontus Skld  <pont@soua.net>

	* src/lsh-upgrade-key: New script to upgrade keys.

	* src/Makefile.am (bin_SCRIPTS): Added lsh-upgrade-key.

Niels Möller's avatar
Niels Möller committed
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
2003-06-05  Niels Mller  <nisse@lysator.liu.se>

	* src/testsuite/lsh-encrypted-key-test: The lsh-authorize script
	is located in the source directory.

	* src/unix_interact.c (unix_read_password): Added trace messages.
	(unix_set_askpass): Added trace message. Assert that askpass is
	non-NULL.

	* src/spki.c (spki_pkcs5_decrypt): Cosmetic fix of warning message.

	* src/lsh.c (read_user_keys): Cosmetic fix of trace message.

	* src/client.c (client_argp_parser): Fixed --askpass option. The
	argp parser should never use optarg.

Niels Möller's avatar
Niels Möller committed
1797
1798
1799
1800
1801
2003-06-05  Niels Mller  <niels@s3.kth.se>

	* src/unix_interact.c (unix_read_password): Prompt for password
	only if we have a tty, and the quiet flag is unset.

Pontus Freyhult's avatar
Pontus Freyhult committed
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
2003-06-05  Pontus Skld  <pont@soua.net>

	* src/lsh-decrypt-key.c: New file to provide new utility
	lsh-decrypt-key.

	* src/Makefile.am (bin_PROGRAMS): Added new utility
	lsh-decrypt-key.

	* src/testsuite/lsh-decrypt-key-test: New test to test
	lsh-decrypt-key.

	* src/testsuite/Makefile.am (TS_SH): Use new lsh-decrypt-key-test.
	
Niels Möller's avatar
Niels Möller committed
1815
1816
1817
1818
1819
1820
1821
2003-06-05  Niels Mller  <nisse@lysator.liu.se>

	* src/io.c (io_resolv_address): In the code using getaddrinfo,
	zero the sockaddr_in first using memset, to ensure that
	sockaddr_in.sin_zero really is zero, on the systems (e.g. AIX)
	that need that.

Niels Möller's avatar
Niels Möller committed
1822
1823
2003-06-04  Niels Mller  <niels@s3.kth.se>

Niels Möller's avatar
Niels Möller committed
1824
1825
1826
1827
	* src/testsuite/lsh-encrypted-key-test: Use printf instead of echo
	in the askpass helper program. There should be no trailing newline
	character. 

Niels Möller's avatar
Niels Möller committed
1828
1829
1830
1831
1832
1833
1834
1835
	* src/lsh-krb-checkpw.c: Include <string.h>.

	* src/unix_interact.c (unix_read_password): The askpass code
	leaked the prompt string. Fixed.

	* src/spki.c (spki_pkcs5_decrypt): The label string was leaked.
	Fixed. 

Niels Möller's avatar
Niels Möller committed
1836
1837
1838
1839
1840
1841
1842
1843
2003-06-04  Niels Mller  <nisse@cuckoo.hack.org>

	* src/spki.c (spki_pkcs5_encrypt): The method identifier is
	"Xpkcs5v2", not "xpkcs5v2".
	(spki_pkcs5_decrypt): Rewrote function.
	(parse_pkcs5, parse_pkcs5_payload): New helper functions for
	spki_pkcs5_decrypt.

Pontus Freyhult's avatar
Pontus Freyhult committed
1844
1845
1846
1847
1848
1849
1850
2003-06-03  Pontus Skld  <pont@soua.net>

	* src/testsuite/Makefile.am (TS_SH): Added lsh-encrypted-key-test.

	* src/testsuite/lsh-encrypted-key-test: Test for encrypted
	(password protected) key functionality in lsh.

Niels Möller's avatar
Niels Möller committed
1851
1852
1853
1854
1855
1856
2003-06-01  Niels Mller  <nisse@cuckoo.hack.org>

	* src/io.c (do_listen_callback): To get enough space, PEER must be
	a sockaddr_in (if the IPv6 type sockaddr_storage isn't available).
	(fd2info): Likewise.

Niels Möller's avatar
Niels Möller committed
1857
1858
2003-05-24  Niels Mller  <nisse@cuckoo.hack.org>

Niels Möller's avatar
Niels Möller committed
1859
1860
1861
	* src/lsh-make-seed.c: Fixed nesting of WITH_ZLIB #if:s. Also
	disable the zlib code.

Niels Möller's avatar
Niels Möller committed
1862
1863
1864
	* misc/xenofarm.sh: Use cp in stead of mv, when putting files into
	the result package.

Niels Möller's avatar
Niels Möller committed
1865
1866
1867
	* src/server_x11.c (server_x11_setup): Don't use non-constant
	initializer. Sun cc doesn't support it.

Niels Möller's avatar
Niels Möller committed
1868
1869
1870
1871
1872
2003-05-22  Niels Mller  <niels@s3.kth.se>

	* src/testsuite/Makefile.am: Don't use -O0 in AM_CFLAGS, as it
	breaks the AIX build.

Niels Möller's avatar
Niels Möller committed
1873
1874
1875
1876
1877
2003-05-21  Niels Mller  <niels@s3.kth.se>

	* src/reaper.c (do_reaper_callback): Check if WCOREDUMP is defined
	before using it.

Niels Möller's avatar
Niels Möller committed
1878
1879
2003-05-20  Niels Mller  <niels@s3.kth.se>

Niels Möller's avatar
Niels Möller committed
1880
1881
1882
	* src/unix_interact.c (unix_read_password): Fixed argv bug for the
	askpass program.

Niels Möller's avatar
Niels Möller committed
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
	* src/client.c: Implemented --askpass option.

	* src/unix_interact.c (unix_read_password): Use any specified
	askpass program. Deleted the password_fd code.
	(unix_set_askpass): New function.
	(make_unix_interact): Initialize askpass and set_askpass.

	* src/interact.h (INTERACT_SET_ASKPASS): New method.

	* src/io.c (lsh_popen_read): Improved warning messages.

Niels Möller's avatar
Niels Möller committed
1894
1895
1896
	* configure.ac: If seteuid is not available, but setresuid is,
	let config.h #define seteuid in terms of setresuid.

Niels Möller's avatar
Niels Möller committed
1897
1898
1899
1900
1901
1902
1903
2003-05-19  Niels Mller  <nisse@cuckoo.hack.org>

	* src/unix_user.c (do_read_file): Set the process gid, and reset
	the supplimentary groups list, before opening the file.

	* configure.ac: Check for seteuid and setresuid.

Niels Möller's avatar
Niels Möller committed
1904
1905
1906
1907
1908
1909
1910
1911
2003-05-16  Niels Mller  <niels@s3.kth.se>

	* configure.ac: Check for struct utmp.ut_exit.e_termination and
	struct utmpx.ut_exit.e_termination.

	* src/unix_process.c (do_utmp_cleanup): Fix for HPUX, which uses
	non-standard names for the fields of struct utmpx's ut_exit.

Niels Möller's avatar
Niels Möller committed
1912
1913
1914
1915
1916
2003-05-14  Niels Mller  <niels@s3.kth.se>

	* src/io.c (io_resolv_address): More fixes for the non getaddrinfo
	code.

Niels Möller's avatar
Niels Möller committed
1917
1918
1919
1920
1921
1922
1923
2003-05-14  Niels Mller  <nisse@cuckoo.hack.org>

	* src/unix_interact.c (unix_interact): New attribute password_fd.
	(unix_read_password): Read password from password_fd, unless it's
	-1. 
	(make_unix_interact): Initialize password_fd to -1.

Niels Möller's avatar
Niels Möller committed
1924
1925
1926
1927
1928
2003-05-13  Niels Mller  <nisse@cuckoo.hack.org>

	* src/io.c (io_resolv_address): Fixes for the non getaddrinfo
	code. 

Niels Möller's avatar
Niels Möller committed
1929
1930
1931
1932
1933
1934
1935
2003-05-13  Niels Mller  <niels@s3.kth.se>

	* acinclude.m4 (LSH_FUNC_STRSIGNAL): Use a dummy STRSIGNAL if none
	of strsignal, sys_siglist or _sys_siglist exists.

	* src/io.c (lsh_popen_read): Use STRSIGNAL macro.

1936
1937
2003-05-12  Niels Mller  <nisse@cuckoo.hack.org>

Niels Möller's avatar
Niels Möller committed
1938
1939
	* src/crypto.h (FOR_BLOCKS): Deleted unused macro.

Niels Möller's avatar
Niels Möller committed
1940
1941
1942
1943
1944
1945
	* src/lsh-execuv.c: Don't include lsh_types.h.
	* src/lsh-krb-checkpw.c: Likewise.

	* src/lsh.c (do_lsh_lookup): Fix syntax of generated ACL entries
	(bug 1030).

Niels Möller's avatar
Niels Möller committed
1946
1947
1948
1949
1950
1951
	* misc/make-am (environ_deps): Deleted code for generating
	.dist_deps. 

	* src/.dist_headers: Deleted memxor.h and lsh_types.h. 
	* src/.dist_headers, src/.dist_classes: Deleted proxy-related
	files. 
Niels Möller's avatar
Niels Möller committed
1952

1953
1954
1955
	* configure.ac: Updated AC_CONFIG_SRCDIR, as lsh_types.h no longer
	exists. 

Niels Möller's avatar
Niels Möller committed
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
2003-05-12  Niels Mller  <niels@s3.kth.se>

	* configure.ac: Don't AC_REPLACE_FUNCS(memxor), just use the
	memxor function in nettle.

	* doc/HACKING: Documented current include file ordering rules.

	* src/lsh.h (MAX, MIN, SQR, STRING_LINE): Moved miscellaneous
	macros here. Used to be in lsh_types.h.

	* Reordered includes in most or all .c-files. All should now
	include config.h.

	* src/lsh_types.h: Deleted file.
	* src/.dist_deps: Deleted file.
	* src/memxor.h, src/memxor.c: Deleted files.

	* src/Makefile.am (BUILT_SOURCES): Use BUILT_SOURCES to get
	environ.h built. .dist_deps no longer needed.

	* acinclude.m4 (LSH_GCC_FUNCTION_NAME, LSH_FUNC_ALLOCA) 
	(LSH_FUNC_STRERROR, LSH_FUNC_STRSIGNAL): New macros.
	* configure.ac: Use them.

1980
1981
1982
1983
1984
2003-05-12  Pontus Skld  <pont@soua.net>

	* src/lsh-upgrade: Upgrade any authorized public keys and
	re-authorize them.

Niels Möller's avatar
Niels Möller committed
1985
1986
1987
1988
1989
1990
1991
2003-04-23  Niels Mller  <niels@s3.kth.se>

	* src/Makefile.am (gcov-list): Don't include files with full code
	coverage in the list.

	* src/testsuite/Makefile.am (TS_SH): Added
	tcpip-local-in-use-test. 
Niels Möller's avatar
Niels Möller committed
1992
1993
	
2003-04-22  Niels Mller  <niels@s3.kth.se>
Niels Möller's avatar
Niels Möller committed
1994

Niels Möller's avatar
Niels Möller committed
1995
1996
1997
1998
1999
2000
	* src/tcpforward_commands.c (forward_local_port): Use prog1 to
	delay bind call until the connection is established.

	* src/testsuite/tcpip-local-in-use-test: New test case, to check
	the error handling for "address already in use".

Niels Möller's avatar
Niels Möller committed
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
	* src/unix_user.c (exec_shell): Build the argument list for
	lsh-execuv only if we need to change uid. Include the name of the
	exec:ed program if exec fails.

	* src/lsh.c (main): Use addr_queue instead of sockaddr_list.
	* src/lshd.c: Likewise.

	* src/io_commands.c (connect_list_command): Take a
	connect_list_state as argument.

	* src/io.h (connect_list_state): Moved class definition to the
	header file.

	* src/io.c (sockaddr_cons): Deleted function.
	(io_resolv_address) Use addr_queue instead of sockaddr_list.
	(io_listen_list): Likewise.
	(connect_attempt): Likewise.
	(make_connect_list_state): Made non-static.
	(connect_list_callback): Moved c and e attributes here, from
	connect_list_state.
	(io_connect_list): Take a connect_list_state as argument.

	* src/queue.c (make_addr_queue_node): Initialize the size field. 

	* src/queue.h (struct lsh_queue): Added length field.

	* src/queue.c: New queue type addr_queue, for handling lists of
	sockaddr:esses. Let lsh_queue keep track of the length.

	* src/lsh.c (do_lsh_lookup): Deleted old code handling the
	ssh-rsa-pkcs1@lysator.liu.se algorithm id.

Niels Möller's avatar
Niels Möller committed
2033
2034
2035
2036
2037
2038
2039
2040
2003-04-22  Niels Mller  <nisse@cuckoo.hack.org>

	* src/lsh.c (lsh_verifier_command): Deleted command.
	(make_lsh_login): New function, replacing lsh_login_command.
	(make_lsh_userauth): Deleted GABA-expression.
	(make_lsh_connect): Take a login command as a parameter.
	(main): Updated calls to make_lsh_connect and make_lsh_login.

Niels Möller's avatar
Niels Möller committed
2041
2042
2043
2003-04-21  Niels Mller  <nisse@cuckoo.hack.org>

	* src/lsh.c (make_lsh_connect): Take actions as a parameter.
Niels Möller's avatar
Niels Möller committed
2044
2045
2046
2047
2048
2049
2050
2051
2052
	(options2service): Deleted command.
	(lsh_options): Deleted service attribute. Always ask for the
	userauth service.
	(make_lsh_userauth): Deleted expression.
	(make_lsh_connect): Take keys as parameter. Always ask for
	userauth service.
	(main): Deleted call of make_lsh_userauth. Pass keys to
	make_lsh_connect instead.

Niels Möller's avatar
Niels Möller committed
2053
2054
2055
2056
2057
2058
2059
2060
	* src/lshg.c (make_lshg_connect): Likewise.

	* src/gateway.c: Include string.h.

	* src/client.c (client_options2actions): Deleted command.

	* src/io.c (make_address_info_c): Deleted function.

Niels Möller's avatar
Niels Möller committed
2061
2062
2003-04-20  Niels Mller  <niels@s3.kth.se>

Niels Möller's avatar
Niels Möller committed
2063
	* src/spki.c (make_ssh_hostkey_tag): Use a plain NUL-terminated
Niels Möller's avatar
Niels Möller committed
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
	string to identify the host.
	(spki_pkcs5_decrypt): Fixed string leak. The label string wasn't
	freed properly on failure.

	* src/lshd.c (do_exc_lshd_handler): It seems we need an exception
	handler after all, which catches and logs i/o errors.

	* src/lsh.c (options2identities): Deleted command.
	(lsh_host_db): Use a NUL-terminated string to identify the host.
	(do_lsh_lookup): Likewise.
	(make_lsh_host_db): Likewise.
	(make_lsh_userauth): Take keys as a parameter. Don't use
	options2identities. 
	(make_lsh_connect): Take options as a parameter, and the remote
	address list as argument. Use connect_list.
	(main): Call io_resolv_address, read_known_hosts, read_user_keys
	and make_lsh_userauth here.

	* src/io_commands.c (connect_list_command): New command.

	* src/io.c (do_connect_list_callback): Update fd->label.

	* src/handshake.c (handshake_command): Allow a NULL lv->peer.

	* src/gateway.c (make_gateway_address): Take a plain
	NUL-termianted string to identify the target.

	* src/client.c (client_options2remote): Deleted command.
	(client_argp_parser): Don't call make_address_info_c.

	* src/client.h (client_options): Replaced remote attribute with a
	plain NUL-termianted string, and renamed to target.
	* src/lshg.c: Updated for the struct client_options renaming
	remote->target. 

	* src/testsuite/functions.sh (spawn_lshd): Reduced sleep.

Niels Möller's avatar
Niels Möller committed
2101
2102
2003-04-16  Niels Mller  <niels@s3.kth.se>

Niels Möller's avatar
Niels Möller committed
2103
2104
2105
	* src/lshd.c (main): No need to check for make_lshd_options
	returnning NULL.

Niels Möller's avatar
Niels Möller committed
2106
2107
2108
2109
2110
	* src/.dist_classes (dist_classes): Deleted io_commands.h.x.
	* src/io_commands.h (io_write_file_info): Deleted class.
	* src/io_commands.c (io_write_file_command) 
	(make_io_write_file_info): Deleted unused functions.

Niels Möller's avatar
Niels Möller committed
2111
2112
2113
2114
2115
2116
2117
2118
	* src/lshd.c (do_exc_lshd_handler, make_lshd_exception_handler):
	Deleted functions.

	* src/exception.h (EXC_RANDOMNESS_LOW_ENTROPY, EXC_APP): Deleted
	unused exceptions.

	* src/io.c (io_read_file): Deleted unused function.

Niels Möller's avatar
Niels Möller committed
2119
2120
2121
2122
2123
2124
2125
	* src/testsuite/functions.sh (spawn_lshd): Check exit code from
	lshd. Print out the lshd pid.
	(spawn_lsh): Print out the lsh pid.

	* src/Makefile.am (gcov-list): New target for running gcov.

	* src/io_commands.c (listen_list_command): Deleted command.
Niels Möller's avatar
Niels Möller committed
2126
	Replaced by the io_listen_list function.
Niels Möller's avatar
Niels Möller committed
2127

Niels Möller's avatar
Niels Möller committed
2128
	* src/lshd.c (options2local, options2keys, options2tcp_wrapper)
Niels Möller's avatar
Niels Möller committed
2129
2130
2131
2132
	(close_on_sighup): Deleted commands.

	* src/keyexchange.c (kexinit_filter): Deleted command.

Niels Möller's avatar
Niels Möller committed
2133
	* src/lshd.c (main): Reorganization, do more work before io_run,
Niels Möller's avatar
Niels Möller committed
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
	including reading host keys and binding sockets directly in main.
	Moved the daemonization later, so that the forground process
	doesn't exit until after the ports are bound.

	Fixed an fd leak in the server tcpip-forwarding code.
	* src/tcpforward.c (do_tcpip_forward_request_continuation): Use
	remember_resource to associate the bound fd to the connection.
	(make_tcpip_forward_request_continuation): New argument,
	connection. 
	(do_tcpip_forward_request): Pass the connection to
	make_tcpip_forward_request_continuation.

	* src/io.c (io_listen_list): New function.

Niels Möller's avatar
Niels Möller committed
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2003-04-15  Niels Mller  <niels@s3.kth.se>

	* src/testsuite/functions.sh (spawn_lshd): Use -HUP, not -9, for
	killing lshd.

	* src/werror.c (fatal) [WITH_GCOV]: Call fork, so that we can
	call exit() and also dump core.

	* src/server.c (read_host_key): Fixed string leak.

	* src/io.c (make_connect_callback): Made non-static.
	(io_connect): Changed interface, to take an io_callback instead of
	a continuation. The caller has to use make_connect_callback to get
	the old functionality.
Niels Möller's avatar
Niels Möller committed
2162
	(io_connect_local): Adapted to new io_connect interface, and call
Niels Möller's avatar
Niels Möller committed
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
	make_connect_list_callback. 
	* src/client_x11.c (channel_open_x11): Likewise.
	* src/io_commands.c (do_connect): Likewise.

	* src/io.c (connect_list_state): New class.
	(do_connect_list_kill): New function.
	(make_connect_list_state): New function.
	(connect_attempt): New function.
	(connect_list_callback): New class.
	(do_connect_list_callback): New function.
	(make_connect_list_callback): New function.
	(io_connect_list): New function. 

	* src/io.h (sockaddr_list): Renamed attribute, addr -> address.

	* configure.ac: New option --enable-profiling.

	* src/.gdbinit: New file.

Niels Möller's avatar
Niels Möller committed
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2003-04-14  Niels Mller  <nisse@cuckoo.hack.org>

	* src/io.c (io_resolv_address): Changed interface, to avoid local
	conversion of service names to port numbers. This way, all that's
	needed for SRV-records is proper support in getaddrinfo.

	* src/lshd.c (parse_interface): Changed interface to use plain
	NUL-terminated strings.
	(main_argp_parser): Updated for new io_resolv_address interface.