This to announce a test release of 2.1.0p1 before making it widely
available.
This release includes many fixes to problems reported over the last
week. In particular:
- spurious error and coredumps caused by the inbuilt entropy gathering
- RSAref detection
- Compilation fixes for Solaris and others
It also contains (completely untested) support for compiling without
RSA support. This may be useful to those of you in the USA. I am
interested to hear whether and how well this works. RSAless support
is enabled if a) OpenSSL is available, b) OpenSSL is built without
RSAref and c) RSAref cannot be found. In future it will be a config
option.
Please report bugs to this mailing list directly. It is open again to
non-subscribers.
Regards,
Damien
Full Changelog:
20000517
- Fix from Andre Lucas <andre.lucas@dial.pipex.com>
- Fixes command line printing segfaults (spotter: Bladt Norbert)
- Fixes erroneous printing of debug messages to syslog
- Fixes utmp for MacOS X (spotter: Aristedes Maniatis)
- Gives useful error message if PRNG initialisation fails
- Reduced ssh startup delay
- Measures cumulative command time rather than the time between reads
after select()
- 'fixprogs' perl script to eliminate non-working entropy commands, and
optionally run 'ent' to measure command entropy
- Applied Tom Bertelson's <tbert@abac.com> AIX authentication fix
- Avoid WCOREDUMP complation errors for systems that lack it
- Avoid SIGCHLD warnings from entropy commands
- Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw@dcs.ed.ac.uk>
- OpenBSD CVS update:
- markus@cvs.openbsd.org
[ssh.c]
fix usage()
[ssh2.h]
draft-ietf-secsh-architecture-05.txt
[ssh.1]
document ssh -T -N (ssh2 only)
[channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c]
enable nonblocking IO for sshd w/ proto 1, too; split out common code
[aux.c]
missing include
- Several patches from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp>
- INSTALL typo and URL fix
- Makefile fix
- Solaris fixes
- Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka
<ksakai@kso.netwk.ntt-at.co.jp>
- RSAless operation patch from kevin_oconnor@standardandpoors.com
- Detect OpenSSL seperatly from RSA
- Better test for RSA (more compatible with RSAref). Based on work by
Ed Eden <ede370@stl.rural.usda.gov>
20000513
- Fix for non-recognised DSA keys from Arkadiusz Miskiewicz
<misiek@pld.org.pl>
20000511
- Fix for prng_seed permissions checking from Lutz Jaenicke
<Lutz.Jaenicke@aet.TU-Cottbus.DE>
- "make host-key" fix for Irix
--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm@mindrot.org (home) -or- djm@ibs.com.au (work)
available.
This release includes many fixes to problems reported over the last
week. In particular:
- spurious error and coredumps caused by the inbuilt entropy gathering
- RSAref detection
- Compilation fixes for Solaris and others
It also contains (completely untested) support for compiling without
RSA support. This may be useful to those of you in the USA. I am
interested to hear whether and how well this works. RSAless support
is enabled if a) OpenSSL is available, b) OpenSSL is built without
RSAref and c) RSAref cannot be found. In future it will be a config
option.
Please report bugs to this mailing list directly. It is open again to
non-subscribers.
Regards,
Damien
Full Changelog:
20000517
- Fix from Andre Lucas <andre.lucas@dial.pipex.com>
- Fixes command line printing segfaults (spotter: Bladt Norbert)
- Fixes erroneous printing of debug messages to syslog
- Fixes utmp for MacOS X (spotter: Aristedes Maniatis)
- Gives useful error message if PRNG initialisation fails
- Reduced ssh startup delay
- Measures cumulative command time rather than the time between reads
after select()
- 'fixprogs' perl script to eliminate non-working entropy commands, and
optionally run 'ent' to measure command entropy
- Applied Tom Bertelson's <tbert@abac.com> AIX authentication fix
- Avoid WCOREDUMP complation errors for systems that lack it
- Avoid SIGCHLD warnings from entropy commands
- Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw@dcs.ed.ac.uk>
- OpenBSD CVS update:
- markus@cvs.openbsd.org
[ssh.c]
fix usage()
[ssh2.h]
draft-ietf-secsh-architecture-05.txt
[ssh.1]
document ssh -T -N (ssh2 only)
[channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c]
enable nonblocking IO for sshd w/ proto 1, too; split out common code
[aux.c]
missing include
- Several patches from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp>
- INSTALL typo and URL fix
- Makefile fix
- Solaris fixes
- Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka
<ksakai@kso.netwk.ntt-at.co.jp>
- RSAless operation patch from kevin_oconnor@standardandpoors.com
- Detect OpenSSL seperatly from RSA
- Better test for RSA (more compatible with RSAref). Based on work by
Ed Eden <ede370@stl.rural.usda.gov>
20000513
- Fix for non-recognised DSA keys from Arkadiusz Miskiewicz
<misiek@pld.org.pl>
20000511
- Fix for prng_seed permissions checking from Lutz Jaenicke
<Lutz.Jaenicke@aet.TU-Cottbus.DE>
- "make host-key" fix for Irix
--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm@mindrot.org (home) -or- djm@ibs.com.au (work)