Sophie: pam_ssh-1.91-3mdv2008.1 x86

pam_ssh-1.91-3mdv2008.1.x86_64.rpm

Version 1.91 released
=====================

2004-04-12  Andrew J. Korty  <ajk@iu.edu>

	* pam_ssh.spec: Updated for use with Fedora Core 2 Test.  Thanks
	to Patrice Dumas.

	* pam_ssh.c (pam_sm_authenticate): We probably shouldn't allow
	blank passphrases by default.  Add option allow_blank_passphrase
	to re-enable them.  Thanks to red0x for the suggestion.

Version 1.9 released
====================

2004-02-20  Andrew J. Korty  <ajk@iu.edu>

	* cipher-3des.c, cipher-bf1.c, cipher-ctr.c, strnvis.c: Include
	<sys/types.h> and <limits.h> in various places to appease FreeBSD.

	* pam_ssh.spec (Version): Bump.

	* acinclude.m4: Use AC_REPLACE_FUNCS to provide OpenPAM cred
	functions.

	* strnvis.c, strnvis.h, vis.c, vis.h: Rename vis -> strnvis so
	AC_REPLACE_FUNCS will pick it up.

	* pam_ssh.c (pam_sm_authenticate): Simplify conditional
	complication for code that gets passphrase.

	* Makefile.am (pam_ssh_la_SOURCES): Move header files for
	replacement functions to EXTRA_pam_ssh_la_SOURCES.

	* configure.ac: Use AC_REPLACE_FUNCS to provide strnvis if needed.

	* log.c: Include the right header for strnvis().

	* Makefile.am (EXTRA_DIST): Add bootstrap.sh and pam_test.c.

2004-02-19  Andrew J. Korty  <ajk@iu.edu>

	* pam_test.c: Test dlopening pam_ssh.so and print any resulting
	error messages.

	* pam.conf.example: Example PAM configuration.

	* pam_ssh.c (add_keys, auth_via_key, pam_sm_authenticate): Improve
	integer handling.

	* ltconfig: Deleted this file because -avoid-version is all we
	need.
	
	* atomicio.c, authfd.c, authfile.c, bufaux.c, buffer.c, cipher.c,
	cipher-3des1.c, cipher-bf1.c, cipher-ctr.c, key.c, log.c,
	openpam_borrow_cred.c, openpam_restore_cred.c, pam_get_pass.c,
	pam_ssh.c, pam_std_option.c, vis.c, xmalloc.c: Use autoheader.

	* atomicio.c, atomicio.h, authfd.c, authfd.h, authfile.c,
	authfile.h, bufaux.c, buffer.c, buffer.h, cipher.c,
	cipher-3des1.c, cipher-bf1.c, cipher-ctr.c, kex.h, key.c, key.h,
	log.c, log.h, rijndael.c rijndael.h, vis.c, vis.h, xmalloc.c,
	xmalloc.h: Updated to OpenSSH 3.7.1p2.

	* Makefile.am: Use -avoid-version flag to suppress version numbers
	on installed module.  Add more source files from OpenSSH.

	* openpam_restore_cred.c (openpam_restore_cred), pam_ssh.c: Use
	some voodoo to suppress strict aliasing warnings.

	* acinclude.m4: Link against pam_misc if necessary.  Square
	brackets in AC_CHECK_LIB clauses avoid syntax error when running
	configure.  Use full options to AC_DEFINE to make autoheader
	happy.

	* configure.ac: Use autoheader.  Update with autoupdate.  Bump
	version number.  Check for strnvis() and vis.h.

	* bootstrap.sh: Script to bootstrap configure.ac and friends.

Version 1.8 released
====================

2002-12-04  Andrew J. Korty  <ajk@iu.edu>

	* pam_ssh.c: Add NAI copyright message, which was always there in
	the manual page but omitted from this source file.  When the
	OpenPAM support code was introduced, we credited the FreeBSD
	project in general.  Specifically, Dag-Erling Smorgrav developed
	this code with funding from NAI and DARPA.

2002-11-05  Michael Kiernan

	* pam_ssh.c, configure.ac: Use fork() instead of vfork(), which
	doesn't like us to call anything before execve() on some systems.

2002-11-04  Patrice Dumas

	* Makefile.am: Add new files to SOURCES.

2002-11-04  Andrew J. Korty  <ajk@iu.edu>

	* log.h: Define function name macros for systems that don't have them.

2002-11-04  Michael Kiernan

	* pam_ssh.c: System V won't let us use setuid() unless euid == 0,
	so we temporarily regain root privileges first with
	openpam_restore_cred() (which calls seteuid()).

2002-10-30  Andrew J. Korty  <ajk@iu.edu>

	* pam_ssh.c: Change real user ID to that of user before executing
	ssh-agent.  ssh-agent in OpenSSH 3.5 doesn't like the real and
	effective user IDs to be different but doesn't treat the error as
	fatal and keeps on running in a weird state.

2002-09-23  Andrew J. Korty  <ajk@iu.edu>

	* pam_ssh.c: Prepare options parsing code for when we have more
	than one custom option.

	* authfd.c, strlcpy.h, xmalloc.c: Include strlcpy() declaration on
	platforms that don't have it.

	* acinclude.m4, openpam_cred.h, pam_ssh.c: Portability changes.

	* pam_ssh.h: Obsoleted--moved into pam_ssh.c.

2002-09-23  Patrice DUMAS

	* pam_ssh.spec: Adjust to work with new install target (which uses
	libtool).

2002-09-23  Andrew J. Korty  <ajk@iu.edu>

	* Makefile.am, acinclude.m4, configure.ac, openpam_borrow_cred.c,
	openpam_cred.h, openpam_restore_cred.c, pam_get_pass.c,
	pam_get_pass.h, pam_option.h, pam_opttab.h, pam_ssh.c,
	pam_std_option.c: Now builds and seems to work on Mac OS X.

2002-09-13  Andrew J. Korty  <ajk@iu.edu>

	* Makefile.am, configure.ac, ltconfig: Let libtool install the PAM
	module.

2002-09-12  Andrew J. Korty  <ajk@iu.edu>

	* Makefile.am, acinclude.m4, openpam_borrow_cred.c,
	openpam_restore_cred.c, pam_get_pass.c, pam_ssh.c,
	pam_std_option.c, pam_test_option.c: Minor changes for Mac OS X
	compatibility (support for Mac OS X still doesn't quite work).

2002-09-09  Andrew J. Korty  <ajk@iu.edu>

	* pam_ssh.c: Try to stay on borrowed creds as long as possible.

2002-09-01  Andrew J. Korty  <ajk@iu.edu>

	* pam_ssh.c: Make the agent only produce Bourne-style shell
	commands.  Unfortunately that makes the environment file useless
	for users of other csh-style shells, but since we're parsing the
	file now, we need it to be consistent.  Maybe we should learn how
	to parse either file, or to translate the commands into those
	appropriate for the user's shell.

2002-08-22  Patrice DUMAS

	* Makefile.am, pam_ssh.spec: RPM specfile.

2002-08-14  Patrice DUMAS

	* pam_ssh.c: Do the fork/exec ourselves instead of calling
	popen().

2002-08-11  Roderick Schertler

	* pam_ssh.8: Document the "keyfiles" option.

	* pam_ssh.c: Check strdup() return values and avoid errno when it
	can't be trusted).  Also, don't use openpam_log() even if its
	available.

2002-08-10  Roderick Schertler

	* pam_ssh.c: Two bug fixes: handle asprintf error values correctly
	and substitute for slashes in tty names when creating the agent
	environment file.

Version 1.7 released
====================	

2002-08-09  Andrew J. Korty  <ajk@iu.edu>

	* authfd.c, authfd.h, authfile.c, authfile.h bufaux.c, bufaux.h,
	buffer.c, buffer.h, cipher.c, cipher.h, getput.h, kex.h, key.c,
	key.h, log.c, log.h, pam_ssh.c, rijndael.c, rijndael.h: Import
	changes from OpenSSH 3.4p1.
	
	* pam_ssh.c: Import changes from FreeBSD: remove extraneous
	free()s, add __unused qualifiers, add support for OpenPAM, add
	support for pam_std_option().  Retire old options mechanism.

	* pam_std_option.c: Import from FreeBSD for platforms that need
	it.
	
	* pam_get_pass.c, pam_mod_misc.h: Imported changes from FreeBSD.

	* openpam_borrow_cred.c, openpam_restore_cred.c: Imported from
	FreeBSD--use these functions for dropping and restoring
	privileges.

	* acinclude.m4: Provide pam_std_option() if needed.

	* Makefile.am, acinclude.m4: Support modern versions of automake
	and autoconf.

2002-04-09  Andrew J. Korty  <ajk@iu.edu>

	* pam_ssh.h: FreeBSD changed the keyfile separator to ",".  I
	don't know why they did this, but I don't really care, so I'll
	change it too to remain consistent.

	* pam_ssh.8: Import of manual page from FreeBSD.

	* pam_ssh.c: Import changes from FreeBSD--mostly bugfixes.  Define
	null PAM methods for phases we don't support.  Also, avoid freeing
	data referenced by PAM--thanks to Michael Tokarev and Thomas
	Moestl for pointing out this bug.

2002-04-07  Andrew J. Korty  <ajk@iu.edu>

	* Makefile: Makefile is no longer needed--we use Autoconf and
	Automake.

	* pam_get_pass.c, pam_mod_misc.h, strlcpy.c: Provided for systems
	which lack these facilities.

	* acinclude.m4: Our own M4 macros for Autoconf.  Just one macro
	for checking PAM, actually.

	* Makefile.am, configure.in: Input files for Automake and
	Autoconf.

	* AUTHORS, COPYING, INSTALL, README: Documentation files required
	by GNU Coding Standards.

	* pam_ssh.h: Add copyright notice.

	* pam_ssh.c: For portability, check for existence of certain
	header files and macros before trying to use them.

Version 1.6 released
====================	

2001-08-19  Andrew J. Korty  <ajk@iu.edu>

	* authfd.c: Remove code that dealt with environment variables
	(obsoleted by argument passing) which had previously been ifdeffed
	out.

	* pam_ssh.c, pam_ssh.h: Added keyfiles option to specify which key
	files to use for authentication.  Only these keys will be given to
	the agent in the session phase.

	* log-client.c, log-client.h: Removed--moved functionality into
	log.c and log.h.
	
	* authfd.c, authfd.h, authfile.c, authfile.h, cipher.c, key.c,
	key.h, log.c, log.h, rijndael.c, rijndael.h, xmalloc.c: Updated
	OpenSSH files to version 2.9p2.

2001-08-19  Andrew J. Korty  <ajk@iu.edu>

	* pam_ssh.c: Only start one agent per user per host.  Thanks to
	hmh@debian.org for the idea.  Keep a reference count by hard
	linking files to the env file.