The Unix/Linux port of OpenSSH 1.2.3 was released yesterday and should be available from a mirror near you. A mirror list is available from: http://violet.ibs.com.au/openssh/files/MIRRORS.html This release fixes the bugs reported since 1.2.2p1 and contains many cleanups from the OpenBSD tree. In particular, the OpenSSL detection problems have been resolved. The layout has changed a little bit. The packages/ subdirectory has been replaced with a contrib/ subdirectory which contains platform specific code and other patches. Submissions are welcome. Enjoy, Damien Miller 20000317 - Clarified --with-default-path option. - Added -blibpath handling for AIX to work around stupid runtime linking. Problem elucidated by gshapiro@SENDMAIL.ORG by way of Jim Knoble - Checks for 64 bit int types. Problem report from Mats Fredholm - OpenBSD CVS updates: - [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c] [packet.h radix.c rsa.c scp.c ssh-agent.c ssh-keygen.c sshconnect.c] [sshd.c] pedantic: signed vs. unsigned, void*-arithm, etc - [ssh.1 sshd.8] Various cleanups and standardizations. - Runtime error fix for HPUX from Otmar Stahl 20000316 - Fixed configure not passing LDFLAGS to Solaris. Report from David G. Hesprich - Propogate LD through to Makefile - Doc cleanups - Added blurb about "scp: command not found" errors to UPGRADING 20000315 - Fix broken CFLAGS handling during search for OpenSSL. Fixes va_list problems with gcc/Solaris. - Don't free argument to putenv() after use (in setenv() replacement). Report from Seigo Tanimura - Created contrib/ subdirectory. Included helpers from Phil Hands' Debian package, README file and chroot patch from Ricardo Cerqueira - Moved gnome-ssh-askpass.c to contrib directory and removed config option. - Slight cleanup to doc files - Configure fix from Bratislav ILICH 20000314 - Include macro for IN6_IS_ADDR_V4MAPPED. Report from peter@frontierflying.com - Include /usr/local/include and /usr/local/lib for systems that don't do it themselves - -R/usr/local/lib for Solaris - Fix RSAref detection - Fix IN6_IS_ADDR_V4MAPPED macro 20000311 - Detect RSAref - OpenBSD CVS change [sshd.c] - disallow guessing of root password - More configure fixes - IPv6 workarounds from Hideaki YOSHIFUJI 20000309 - OpenBSD CVS updates to v1.2.3 [ssh.h atomicio.c] - int atomicio -> ssize_t (for alpha). ok deraadt@ [auth-rsa.c] - delay MD5 computation until client sends response, free() early, cleanup. [cipher.c] - void* -> unsigned char*, ok niels@ [hostfile.c] - remove unused variable 'len'. fix comments. - remove unused variable [log-client.c log-server.c] - rename a cpp symbol, to avoid param.h collision [packet.c] - missing xfree() - getsockname() requires initialized tolen; andy@guildsoftware.com - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i; from Holger.Trapp@Informatik.TU-Chemnitz.DE [pty.c pty.h] - register cleanup for pty earlier. move code for pty-owner handling to pty.c ok provos@, dugsong@ [readconf.c] - turn off x11-fwd for the client, too. [rsa.c] - PKCS#1 padding [scp.c] - allow '.' in usernames; from jedgar@fxp.org [servconf.c] - typo: ignore_user_known_hosts int->flag; naddy@mips.rhein-neckar.de - sync with sshd_config [ssh-keygen.c] - enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@ [ssh.1] - Change invalid 'CHAT' loglevel to 'VERBOSE' [ssh.c] - suppress AAAA query host when '-4' is used; from shin@nd.net.fujitsu.co.jp - turn off x11-fwd for the client, too. [sshconnect.c] - missing xfree() - retry rresvport_af(), too. from sumikawa@ebina.hitachi.co.jp. - read error vs. "Connection closed by remote host" [sshd.8] - ie. -> i.e., - do not link to a commercial page.. - sync with sshd_config [sshd.c] - no need for poll.h; from bright@wintelcom.net - log with level log() not fatal() if peer behaves badly. - don't panic if client behaves strange. ok deraadt@ - make no-port-forwarding for RSA keys deny both -L and -R style fwding - delay close() of pty until the pty has been chowned back to root - oops, fix comment, too. - missing xfree() - move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907, too. (http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907) - register cleanup for pty earlier. move code for pty-owner handling to pty.c ok provos@, dugsong@ - create x11 cookie file - fix pr 1113, fclose() -> pclose(), todo: remote popen() - version 1.2.3 - Cleaned up - Removed warning workaround for Linux and devpts filesystems (no longer required after OpenBSD updates) 20000308 - Configure fix from Hiroshi Takekawa