Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: OpenSSH: Dev

ANNOUNCE: openssh-1.2pre13

  

 
OpenSSH dev RSS feed   Index | Next | Previous | View Threaded


djm at mindrot

Nov 19, 1999, 2:06 AM

Post #1 of 9 (776 views)
Permalink
ANNOUNCE: openssh-1.2pre13
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


I have just uploaded 1.2pre13 to http://violet.ibs.com.au/openssh/

Imporant changes:

- - Fixes a single-byte buffer overrun in the PAM code.

- - Quite a bit more Solaris support. EGD should work now (please test).

- - Lots more autoconf options to enable Kerberos, AFS, TCP Wrappers and
S/Key (all untested).

- - MD5 passwords for Slackware Linux and other non-PAM MD5 platforms.

- - Portability fixes, including replacements for BSD functions.

- - ssh-askpass now lives in ${libexecdir}. This makes a lot more sense.

- - Heaps of OpenBSD CVS changes merged.


Full changelog:

19991119
- Merged PAM buffer overrun patch from Chip Salzenberg <chip [at] valinux>
- Merged OpenBSD CVS changes
- [auth-rhosts.c auth-rsa.c ssh-agent.c sshconnect.c sshd.c]
more %d vs. %s in fmt-strings
- [authfd.c]
Integers should not be printed with %s
- EGD uses a socket, not a named pipe. Duh.
- Fix includes in fingerprint.c
- Fix scp progress bar bug again.
- Move scp from ${libdir}/ssh to ${libexecdir}/ssh at request of
David Rankin <drankin [at] bohemians>
- Added autoconf option to enable Kerberos 4 support (untested)
- Added autoconf option to enable AFS support (untested)
- Added autoconf option to enable S/Key support (untested)
- Added autoconf option to enable TCP wrappers support (compiles OK)
- Renamed BSD helper function files to bsd-*
- Added tests for login and daemon and enable OpenBSD replacements for
when they are absent.
- Added non-PAM MD5 password support patch from Tudor Bosman <tudorb [at] jm>

19991118
- Merged OpenBSD CVS changes
- [scp.c] foregroundproc() in scp
- [sshconnect.h] include fingerprint.h
- [sshd.c] bugfix: the log() for passwd-auth escaped during logging
changes.
- [ssh.1] Spell my name right.
- Added openssh.com info to README

19991117
- Merged OpenBSD CVS changes
- [ChangeLog.Ylonen] noone needs this anymore
- [authfd.c] close-on-exec for auth-socket, ok deraadt
- [hostfile.c]
in known_hosts key lookup the entry for the bits does not need
to match, all the information is contained in n and e. This
solves the problem with buggy servers announcing the wrong
modulus length. markus and me.
- [serverloop.c]
bugfix: check for space if child has terminated, from:
iedowse [at] maths
- [ssh-add.1 ssh-add.c ssh-keygen.1 ssh-keygen.c sshconnect.c]
[fingerprint.c fingerprint.h]
rsa key fingerprints, idea from Bjoern Groenvall <bg [at] sics>
- [ssh-agent.1] typo
- [ssh.1] add OpenSSH information to AUTHOR section. okay markus@
- [sshd.c]
force logging to stderr while loading private key file
(lost while converting to new log-levels)

19991116
- Fix some Linux libc5 problems reported by Miles Wilson <mw [at] mctitle>
- Merged OpenBSD CVS changes:
- [auth-rh-rsa.c auth-rsa.c authfd.c authfd.h hostfile.c mpaux.c]
[mpaux.h ssh-add.c ssh-agent.c ssh.h ssh.c sshd.c]
the keysize of rsa-parameter 'n' is passed implizit,
a few more checks and warnings about 'pretended' keysizes.
- [cipher.c cipher.h packet.c packet.h sshd.c]
remove support for cipher RC4
- [ssh.c]
a note for legay systems about secuity issues with permanently_set_uid(),
the private hostkey and ptrace()
- [sshconnect.c]
more detailed messages about adding and checking hostkeys


Regards,
Damien Miller

- --
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm [at] mindrot (home) -or- djm [at] ibs (work)


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE4NSEOormJ9RG1dI8RApQ7AKCIk4uJSvFSUBmiBkkJbqw6vVAzSgCgrcLI
mrRbt27UKvNqewCJLHolahw=
=evRz
-----END PGP SIGNATURE-----


Harald at iki

Nov 19, 1999, 2:28 AM

Post #2 of 9 (763 views)
Permalink
Re: ANNOUNCE: openssh-1.2pre13 [In reply to]
Ok, ssh and sshd compiles, but I get this on slackware-4.0, egcs-1.1.2:

$ make
gcc -g -O2 -Wall -I/usr/local/ssl/include
-DETCDIR=\"/usr/local/etc\" -DSSH_PROGRAM=\"/usr/local/bin/ssh\" -DASKPASS_PROGRAM=\"/usr/local/libexec/ssh/ssh-askpass\" -DHAVE_CONFIG_H
-c scp.c -o scp.o
scp.c: In function `progressmeter':
scp.c:1177: `quad_t' undeclared (first use in this function)
scp.c:1177: (Each undeclared identifier is reported only once
scp.c:1177: for each function it appears in.)
scp.c:1177: parse error before `abbrevsize'
scp.c:1180: warning: implicit declaration of function `timersub'
make: *** [scp.o] Error 1


ssh seems to work ok! Keep up the good work!!




===========================================================
Harald H Hannelius | Harald [at] iki | GSM +358405470870
===========================================================


djm at mindrot

Nov 19, 1999, 2:28 AM

Post #3 of 9 (767 views)
Permalink
Re: ANNOUNCE: openssh-1.2pre13 [In reply to]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 19 Nov 1999, Harald Hannelius wrote:

>
> Ok, ssh and sshd compiles, but I get this on slackware-4.0, egcs-1.1.2:
>
> scp.c:1177: `quad_t' undeclared (first use in this function)

!!! Does Slackware lack the definition of int64_t? If not, can you
point me to the include file where it is defined?

Thanks,
Damien

- --
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm [at] mindrot (home) -or- djm [at] ibs (work)


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE4NSZjormJ9RG1dI8RAibxAJ9y/02xndlC5vOyOHwrGxY4uczfnACgsv5Y
ELaIdjN2A9mUk283HHGDVKo=
=KKkF
-----END PGP SIGNATURE-----


djm at mindrot

Nov 19, 1999, 2:45 AM

Post #4 of 9 (765 views)
Permalink
Re: ANNOUNCE: openssh-1.2pre13 [In reply to]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 19 Nov 1999, Harald Hannelius wrote:

>
> On Fri, 19 Nov 1999, Damien Miller wrote:
> > !!! Does Slackware lack the definition of int64_t? If not, can you
> > point me to the include file where it is defined?
>
> $ find /usr/include -type f -exec grep -l int64_t {} \;
> /usr/include/sys/bitypes.h

As a temporary fix, add "#include <sys/bitypes.h>" to the start
of config.h

I will add a better fix to the next version.

Damien
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE4NSo2ormJ9RG1dI8RAvBSAJ4hbOT4nnWzyQ92Ts8eHyZveoGo+QCgndCU
WhnhGx/64Fwm1WOfaBJMLzw=
=pQhI
-----END PGP SIGNATURE-----


Harald at iki

Nov 19, 1999, 2:46 AM

Post #5 of 9 (775 views)
Permalink
Re: ANNOUNCE: openssh-1.2pre13 [In reply to]
On Fri, 19 Nov 1999, Damien Miller wrote:
> !!! Does Slackware lack the definition of int64_t? If not, can you
> point me to the include file where it is defined?

$ find /usr/include -type f -exec grep -l int64_t {} \;
/usr/include/db.h
/usr/include/_G_config.h
/usr/include/sys/bitypes.h
$ grep -n int64_t /usr/include/db.h /usr/include/_G_config.h
/usr/include/sys/bitypes.h
/usr/include/db.h:61:typedef long long int64_t;
/usr/include/db.h:62:typedef unsigned long long u_int64_t;
/usr/include/_G_config.h:56:typedef int _G_int64_t
__attribute__((__mode__(__DI__)));
/usr/include/_G_config.h:57:typedef unsigned int _G_uint64_t
__attribute__((__mode__(__DI__)));
/usr/include/sys/bitypes.h:88: typedef long long int64_t;
/usr/include/sys/bitypes.h:89: typedef unsigned long long u_int64_t;


===========================================================
Harald H Hannelius | Harald [at] iki | GSM +358405470870
===========================================================


Harald at iki

Nov 19, 1999, 2:58 AM

Post #6 of 9 (768 views)
Permalink
Re: ANNOUNCE: openssh-1.2pre13 [In reply to]
On Fri, 19 Nov 1999, Damien Miller wrote:

> As a temporary fix, add "#include <sys/bitypes.h>" to the start
> of config.h

Ok, _lots_ of warnings:
/usr/include/linux/types.h:90: warning: redefinition of `u_int64_t'
/usr/include/sys/bitypes.h:89: warning: `u_int64_t' previously declared
here
/usr/include/linux/types.h:91: warning: redefinition of `int64_t'
/usr/include/sys/bitypes.h:88: warning: `int64_t' previously declared here

And then compiling of scp: (drums rolling)

gcc -g -O2 -Wall -I/usr/local/ssl/include
-DETCDIR=\"/usr/local/etc\" -DSSH_PROGRAM=\"/usr/local/bin/ssh\" -DASKPASS_PROGRAM=\"/usr/local/libexec/ssh/ssh-askpass\" -DHAVE_CONFIG_H
-c scp.c -o scp.o
In file included from /usr/include/sys/types.h:4,
from config.h:118,
from includes.h:22,
from scp.c:48:
/usr/include/linux/types.h:90: warning: redefinition of `u_int64_t'
/usr/include/sys/bitypes.h:89: warning: `u_int64_t' previously declared
here
/usr/include/linux/types.h:91: warning: redefinition of `int64_t'
/usr/include/sys/bitypes.h:88: warning: `int64_t' previously declared here
scp.c: In function `progressmeter':
scp.c:1177: `quad_t' undeclared (first use in this function)
scp.c:1177: (Each undeclared identifier is reported only once
scp.c:1177: for each function it appears in.)
scp.c:1177: parse error before `abbrevsize'
scp.c:1180: warning: implicit declaration of function `timersub'
make: *** [scp.o] Error 1


===========================================================
Harald H Hannelius | Harald [at] iki | GSM +358405470870
===========================================================


phil at hands

Nov 19, 1999, 4:25 AM

Post #7 of 9 (764 views)
Permalink
Re: ANNOUNCE: openssh-1.2pre13 [In reply to]
Damien Miller <djm [at] mindrot> writes:

> I have just uploaded 1.2pre13 to http://violet.ibs.com.au/openssh/

Hi Damien,

It looks like you've fixed a load of recently reported Debian bugs :-)

Am I right in thinking that you've been keeping an eye on the bug
reports page? If so, could you tell me the numbers of the bugs you
reckon you have fixed, so that I can close them with impunity.
Otherwise, I may end up assuming that you've fixed something that you
actually didn't know about.

If it is the case that you are keeping an eye on the Debian BTS, and
fixing bug found, please could you put some reference to the bug
number in your changelog in future to make my life easy (if it's not
too much effort. If you're not, I'll start forwarding the ones I
think are upstream problems to you, but I didn't want to clog up your
mailbox if you're seeing them all anyway.

BTW, this is all looking really good --- now that the 1023/1024 bug's
gone I think I can get rid of most of the warnings regarding upgrades
from ssh-nonfree, and leave just a FYI note.

Cheers, Phil


provos at citi

Nov 19, 1999, 5:26 AM

Post #8 of 9 (763 views)
Permalink
Re: ANNOUNCE: openssh-1.2pre13 [In reply to]
In message <87yabu8y8q.fsf [at] sheikh>, Philip Hands writes:
>BTW, this is all looking really good --- now that the 1023/1024 bug's
>gone I think I can get rid of most of the warnings regarding upgrades
>from ssh-nonfree, and leave just a FYI note.
Yes, it also was a really easy fix. I wonder what took Markus and me
so long to fix it correctly. Though, OpenSSH will still print
warnings about incorrect bit sizes in the known_hosts files in the
hope that that will help to move towards correct known_hosts files.

Niels.


djm at mindrot

Nov 21, 1999, 12:13 AM

Post #9 of 9 (765 views)
Permalink
Re: ANNOUNCE: openssh-1.2pre13 [In reply to]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 19 Nov 1999, Philip Hands wrote:

> It looks like you've fixed a load of recently reported Debian bugs :-)
>
> Am I right in thinking that you've been keeping an eye on the bug
> reports page?

Not as often as a I should :( The buffer overrun was reported to me
by Dane Brosemer, all the other bugfixes were coincidences :)

If there are critical bugs in the future (such as the overrun), would
it be possible for yourself or someone else to email me direct?


> If it is the case that you are keeping an eye on the Debian BTS, and
> fixing bug found, please could you put some reference to the bug
> number in your changelog in future to make my life easy (if it's not
> too much effort. If you're not, I'll start forwarding the ones I
> think are upstream problems to you, but I didn't want to clog up your
> mailbox if you're seeing them all anyway.

I will try to check the Debian bugs page more often, and will try
to include bug numbers on fixes that close them.

BTW where can I find the ssh package under debian-non-US, I want to
provide a pointer to it on the webpage.

Thanks,
Damien Miller

- --
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm [at] mindrot (home) -or- djm [at] ibs (work)


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE4N6m0ormJ9RG1dI8RAn6WAKDE+c+yHV9ePoPtmjGztaSkxNbqSQCfUEil
lNqPQSoRTfxTJYlXgkm6qkI=
=KlPb
-----END PGP SIGNATURE-----

OpenSSH dev RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.