diff --git a/ChangeLog b/ChangeLog
index 3988e2b84c2d30ac8af68df3b9a1fdd1e16b7b34..22f5235c843a9befe0957d14f9b81009653ee1c9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,58 @@
 1999-11-29  Niels M�ller  <nisse@cuckoo.localdomain>
 
+	* src/client_userauth.h (format_userauth_password,
+	make_client_userauth, make_client_password_auth,
+	make_client_publickey_auth): Moved from userauth.h.	
+
+	* src/userauth.h: Moved stuff to server_userauth.h.
+
+	* src/userauth.c (format_userauth_failure,
+	format_userauth_success): Moved to server_userauth.c.
+
+	* src/server_session.c (server_connection_service): Removed
+	backend attribute.
+	(make_server_connection_service): Removed backend argument.
+
+	* src/server_password.c (do_authenticate): Added service
+	argument. 
+
+	* src/server_publickey.c (do_authenticate): Added service
+	argument. 
+
+	* src/connection.h (ssh_connection): Added chain attribute, needed
+	for proxying.
+
+	* src/lshd.c (main): Don't pass backend to
+	make_server_connection_service. 
+
+	* src/lsh.c: #include client_userauth.h
+
+	* src/server_userauth.c (make_userauth_handler): New function. 
+	(format_userauth_failure): Moved here.
+	(format_userauth_success): Moved here.
+	(do_userauth): Use make_userauth_handler().
+	(userauth_service): Moved to header file.
+	
+	* src/server_userauth.h (userauth_service): Moved from
+	server_userauth.c. 
+	(userauth): Moved from userauth.h. 
+
+	* src/client_userauth.c (format_userauth_password): Made non-static.
+
+	* src/proxy.c, src/proxy.h, src/proxy_session.c,
+	src/proxy_session.h, src/proxy_userauth.h, src/proxy_userauth.c:
+	New files (Bazsi)
+
+	* src/lsh_proxy.c: New program (Bazsi). 
+
+	* src/Makefile.am.in (sbin_PROGRAMS): Added lsh_proxy.
+	(liblsh_a_SOURCES): Added proxy.c proxy_session.c
+	and proxy_userauth.c. 
+
+	* configure.in: Bumped version to 0.1.17.
+
+	* AUTHORS: Added Bazsi to the list of authors.
+
 	* src/sexp.c (sexp_assq): Bug fix.
 
 	* src/lshd.c (main): Changed invocation of read_spki_key_file. 
diff --git a/NEWS b/NEWS
index 35d8d4ef32a08042f337b27f50ef13733f5fd0a6..4eb60e46845ec676d284266886762ccaebd1fa08 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,13 @@
+News for the lsh-0.1.17 release
+
+	More support for host authentication and SPKI.
+
+	First version that includes Bazsi's work on an ssh-proxy (i.e.
+	a program that implements the traditional Man-in-the-middle
+	attack on the ssh2 protocol). Could be useful for people
+	running firewalls, and also for those of us who want to point
+	out that it's a bad idea to use unauthenticated hostkeys.
+
 News for the lsh-0.1.16 release
 
 	Some preparations for real host authentication.
diff --git a/src/.cvsignore b/src/.cvsignore
index 90e047eee4c8e36f18754d5c9225af6fb3d90684..52e34a3d87b77aa026e7d12c542c30360948315d 100644
--- a/src/.cvsignore
+++ b/src/.cvsignore
@@ -20,6 +20,7 @@ digit_table
 digit_table.h
 lsh
 lsh_keygen
+lsh_proxy
 lsh_writekey
 lshd
 packet_types.h
diff --git a/src/.gitignore b/src/.gitignore
index 949568385c621ff70210700d5f18e94e96414f02..24b4f9726a9486d0acbbf88c7a666d70e408e5a9 100644
--- a/src/.gitignore
+++ b/src/.gitignore
@@ -20,6 +20,7 @@
 /digit_table.h
 /lsh
 /lsh_keygen
+/lsh_proxy
 /lsh_writekey
 /lshd
 /packet_types.h