2000-02-21  Sami Lehtinen  <sjl@ssh.fi>

	* Implemented escape char "~s", with which you can dump statistics 
	  and other information about the connection during the
	  session.

	* Fixed authentication methods to return same kind of errors when
	  the user doesn't exist or host is not allowed to connect as when
	  failing an authentication method.

	* Changed scp2 globbing to be more intelligent, by using Huima's
	  sshregex-library.

	* Changed default value of RequireReverseMapping to ``no'' in the
	  example configuration file (which is also installed as the default
	  configuration file on new installs). This was apparently giving
	  headaches for many people, as the server would only respond ``No
	  more authentication methods available.''.

2000-02-20  Sami Lehtinen  <sjl@ssh.fi>

	* Implemented BatchMode configuration option for ssh2. Also added
	  it to scp2 as ``-B''.

2000-02-17  Sami Lehtinen  <sjl@ssh.fi>

	* Re-wrote globbing for scp2 and sftp2. Seems to work _much_
 	  better than before, and because it uses common code with recurse,
 	  code maintainability also soared. (the old globbing was very very
 	  ugly)

2000-02-15  Sami Lehtinen  <sjl@ssh.fi>

	* Fixed a bug in sshchsession, which caused a protocol error, if,
 	  for example, an xterm was resized before the server had accepted
 	  the request for shell.

2000-02-14  Sami Lehtinen  <sjl@ssh.fi>

	* sftp2 is now rewritten to use SshFileCopy (by ttsalo). scp2 is
 	  also quite stable. SshFileCopy itself still needs a couple of
 	  modifications, but considering what has already been done, the
 	  changes will be quite small (just a re-write of the ssh_glob_*
 	  interface...).

2000-02-04  Sami Lehtinen  <sjl@ssh.fi>

	* Fixed problems in {Allowed,Required}Authentications. Don't know
	  how I could've missed those.

2000-01-18  Sami Lehtinen  <sjl@ssh.fi>

	* Updated config.guess and config.sub. Should take away a few
	  problems.

1999-12-23  Sami Lehtinen  <sjl@ssh.fi>

	* (ssh2) Fixed to accept absolute pathnames with IdentityFile
	  option (also applies to '-i' command-line option), instead of
	  always prepending them with the user's .ssh2-directory. Did the
	  same for IdentityFile internals, ie. you can specify 'IdKey
	  /etc/puppa' from your identification-file.

1999-12-18  Sami Lehtinen  <sjl@ssh.fi>

	* Fixed a draft incompatibility with
	  SSH_MSG_DISCONNECT. Previously SSH_DISCONNECT_AUTHENTICATION_ERROR
	  was often sent as reason code, which was not specified in the
	  draft. This was used as a cathc-all authentication error in the
	  implementation. Still should fix sshauth[sc].c to use more
	  approriate reason codes, depending on the situation.

1999-12-16  Sami Lehtinen  <sjl@ssh.fi>

	* Fixed SSH_MSG_USERAUTH_PK_OK draft incompatibility
	  bug. Previously, field "public key algorithm from the request" was
	  omitted. Added compatibility code to server for older versions
	  (client doesn't care about the rest of the fields; it only uses
	  the packet type).

	* Fixed a draft incompatibility in handling
	  SSH_MSG_CHANNEL_OPEN_FAILURE messages. Previously, reason string
	  and language tag were not sent. Added compatibility code for older
	  versions.

1999-12-13  Sami Lehtinen  <sjl@ssh.fi>

	* Fixed a draft incompatibility bug in sshchx11.c. The
	  SSH_MSG_CHANNEL_OPEN message for "x11" was constructed
	  wrong. Added compatibility code for older versions.

1999-11-13  Sami Lehtinen  <sjl@ssh.fi>

	* Implemented StrictHostKeyChecking. Totally re-wrote the
	  keychecking functions. Should now look very similar to ssh1.

1999-11-12  Sami Lehtinen  <sjl@ssh.fi>

	* Changed behaviour of '-f' parameter in ssh2. Now, if specified,
 	  implies '-S' (client doesn't request session channel, ie. tty from
 	  server), and client doesn't die if a locally forwarded channel is
 	  closed. The listener stays there, waiting for
 	  connections. Persistent forwarding works only with ssh-2.1.0 and
 	  newer servers (older servers incorrectly close the
 	  command-channel). With optional 'o' argument (specified '-fo' on
 	  the command-line), goes to one-shot mode, which is the same
 	  behaviour as before (ie. as soon as forwardings close, client
 	  exits).
	
	* Fixed authentication code bugs. Should now work. Even with
	  hostbased. And with the order "hostbased,publickey,password".

1999-11-04  Sami Lehtinen  <sjl@ssh.fi>

	* Implemented what Tatu asked; "file/.." style constructs are
	  pruned from filenames to avoid situations where a user asks to
	  transfer files like 'scp2 -r "*/../*/../*/../*/../*"' after
	  which there would very much load in the server end.

1999-10-22  Sami Lehtinen  <sjl@ssh.fi>

	* Fixed issues sshreadline and termcap/ncurses/xcurses & tgetent
 	  detection. Now, if configure doesn't find any of the above
 	  libraries (or they don't contain tgetent), sshreadline default to
 	  builtin vt100 functionality.

	* Re-wrote scp2. The code is now cleaner, and does things more
 	  efficiently. The 'real' transfer part should still be written
 	  again to gain speed.

1999-09-15  Sami Lehtinen  <sjl@ssh.fi>

	* Fixed EscapeChar ('-e' on ssh2's commandline) to handle 'none'
 	  correctly.

	* Fixed a bug in ssh-signer2, which was reportedly causing
	  ssh-signer2 to deadlock.

	* Fixed ssh-add2 to use the guessed filename (if no filename or
 	  PGP-key are specified) even when command-line arguments are
	  given.

	* Fixed a draft incompatibility in publickey authentication. We
 	  used the wrong service name, when constructing the throw-away
 	  package for signing. Thanks to the lsh-people for pointing this
 	  one out.

1999-08-16  Sami Lehtinen  <sjl@ssh.fi>

	* Fixed a bug in agentpath.c, which caused that existing
	  agent-sockets weren't properly removed in most cases.

1999-08-12  Sami Lehtinen  <sjl@ssh.fi>

	* Fixed a draft inconsistency with SSH_MSG_SERVICE_ACCEPT (now
 	  service name is also sent). Added compatibility code, so that we
 	  can work with older versions of ssh2 too.

	* Fixed a bug in chown()in the new allocated tty. This caused a
 	  situation where a user might have a terminal belonging to some
 	  other user. This bug manifested itself in 4.4 BSD variants, where
 	  chown() by the super-user could fail if a user had set some
 	  file-flags with chflags. (for example, 'chflags uappnd `tty`',
 	  done by a normal user, caused the chown to fail)

	* Fixed a bug, which caused a SIGSEGV if tty-allocation didn't
	  succeed for some reason.

	* "hostbased" authentication to be tried first in the
 	  server. However, because of some unimplemeted parts in the
 	  sshproto-library, trying "hostbased" first in the client doesn't
 	  work yet. I'll fix it.

1999-06-15  Sami Lehtinen  <sjl@ssh.fi>

	* Previous: Fixed couple of bugs in trcommon.c and trkex.c. The
	  code couldn't of worked correctly if more than one
	  hostkey-algorithm or kex-algorithm were given.

	* Added '--with-pty' option for configure to let advanced users
	  override configure's pty-selection, if so needed.

1999-06-01  Sami Lehtinen  <sjl@ssh.fi>

	* ssh-keygen2: removed '-o' option (isn't needed, you can specify
 	  the file names on the command-line as the last arguments anyway)
 	  and renamed '-v' option to '-V' for consistency.

1999-05-20  Sami Lehtinen  <sjl@ssh.fi>

	* Previous by tri: added SO_LINGER socket option.

	* Fixed a bug in sftp2 ( sshfilexferc.c ), which caused a SIGSEGV
 	  if cd:ing to a directory, that user didn't have execute
 	  permissions.

	* Fixed AIX compilation problems (by tri), possibly fixed Solaris
	  hanging problems, when compiled with libwrap, and should now
	  compile and work on Ultrix.

1999-05-12  Sami Lehtinen  <sjl@ssh.fi>

	* ssh-2.0.13.

	* Fixes for pty-handling and wtmp-handling for linux 2.2.x with
       	  glibc-2.1.x.

1999-04-29  Sami Lehtinen  <sjl@ssh.fi>

	* Previous by tri: Added NoDelay config parameter. Used to toggle
	  TCP_NODELAY socket option.

	* Added configuration parameter KeepAlive and LoginGraceTime.

1999-04-26  Sami Lehtinen  <sjl@ssh.fi>

	* Added configure-parameters --disable-tcp-port-forwarding and
	  --disable-X11-forwarding.

1999-04-23  Sami Lehtinen  <sjl@ssh.fi>

	* ssh-2.0.13.pre1 (ie. pre-release 1).

1999-04-20  Sami Lehtinen  <sjl@ssh.fi>

	* Fixed passing of arguments when executing ssh1 in compatibility
	  mode. Now uses ssh_getopt.

	* Fixed code in wtmp.c, which caused the compilation to fail on
	  newer Linux/Glibc 2.x systems. 

1999-04-16  Sami Lehtinen  <sjl@ssh.fi>

	* Fixed a draft incompatibility in public key
	  authentication. Works with older versions too, because of a
	  compatibility work-around.

	* "hostbased"-authentication is now working. Uses /etc/hosts.equiv
	  and /etc/shosts.equiv, plus the user's .rhosts and .shosts
	  files. Note that you don't have to run ssh2 as suid for this, as
	  the challenge is signed by ssh-signer2, a small program which is
	  considered bug-free :), which does run as suid.

	  Read 'man sshd2' for additional configuration parameters etc.

1999-04-09  Sami Lehtinen  <sjl@ssh.fi>

	* Added "CheckMail" configuration parameter.

	* "hostbased"-authentication method is almost done. Needs to be
 	  polished a bit still, though.

1999-04-07  Timo J. Rinne  <tri@ssh.fi>

	* Integrated sshpgp library into ssh2.  Now ssh2 is able
	  to use pgp keys.

1999-02-16  Sami Lehtinen  <sjl@ssh.fi>

	* Added configuration parameter AllowedAuthentications, which
	  obsoletes {Password,Pubkey}Authentication config-parameters,
	  and RequiredAuthentications, which is a list of authentication
	  methods required from users before they are allowed access.

	* Added code to send and parse tty-modes.

	* Fixed a bug in wildcard expansion. It didn't correctly expand
 	  paths which started from the root directory. Also fixed a
	  misfeature, which re-opened the connection, and started the
	  authentication again after wildcard-expansion. Very annoying.

1999-01-29  Sami Lehtinen  <sjl@ssh.fi>

	* ssh-2.0.12.

	* Fixed a deficiency in the configure script. Because of it the
 	  sp_expire and sp_inact fields of shadow-password-struct were
 	  overlooked.

1999-01-27  Sami Lehtinen  <sjl@ssh.fi>

	* Added code to trcommon.c/ssh_tr_input_kex2 to check for return
	  value of tr->kex->{server,client}_input_kex2, and to send
	  disconnect if return value was FALSE. Should make error messages
	  in certain situations more clear.

	* Added code to sshconn.c to check if we receive EOF from the main
	  stream. Didn't seem to brake anything, and should fix some hanging
	  problems.

	* Fixed a bug in lib/sshutil/sshtcp.c. Previously, it ignored
	  definition for port with SSH_SOCKS_SERVER.

	* Fixed check for broken inet_ntoa, and it now seems to work (it
	  compiled and worked ok on mips-sgi-irix6.2 with gcc 2.8.1, where
	  it didn't before).

1999-01-18  Sami Lehtinen  <sjl@ssh.fi>

	* ssh-2.0.12.pre1 (ie. pre-release 1).

	* Changed ssh2 so that if we are root, it won't fetch keys and
	  config from /etc/ssh2, but from $HOME/.ssh2. 

	* Added code to configure to better check for minor (is a macro in
	  atleast Solaris) and S_IFSOCK (isn't defined in SCO). Also added
	  code to check for broken inet_ntoa, but it doesn't seem to work
	  as expected. Studies continue.

	* Fixed a bug in ssh_user_dir() and ssh2.c , which caused ssh2 to
 	  crash when run on the first time in some systems.

	* Added FAQ. Send me good questions, and (more importantly) good
	  answers, and I will put them to the FAQ.

	* Added signal handlers for various fatal signals in sftp2 and in
 	  scp2. If we receive a fatal signal, we will also kill the
 	  ssh2-child. Fixed a bug in filecontrol (or rather added a
 	  kludge). We set stdio and stdout to blocking mode now in main(),
 	  as they are somewhere (eventloop_initialize ?) put to non-blocking
 	  mode. This broke output in, for example, the "ls" command. Also
 	  rewrote bits of code, sftp_page_prompt_return for example.

1999-01-17  Timo J. Rinne  <tri@ssh.fi>

	* Added configuration option --with(out)-ssh-agent1-compat
	  to make ssh-agent1 support (RSA-decryption) optional
	  in ssh-agent2.  Default is on.

1999-01-12  Timo J. Rinne  <tri@ssh.fi>

	* Added ssh1 challenge-response mechanism into ssh-agent2.

1998-12-29  Sami Lehtinen  <sjl@ssh.fi>

	* Added configuration parameter SyslogFacility. Now you can define
	  exactly where you want to log things. Sorry it took so long.

	* Fixed a security bug which allowed  any eligible user to request
	  remote forwarding from privileged ports without being root. 

	* Previous: Modified the configuration script so that it should
	  compile on HP-UX 9.x now.

1998-12-10  Sami Lehtinen  <sjl@ssh.fi>

	* Added {Allow,Deny}Hosts configuration parameters to
	  sshd2. Accepts wildcards (*, ?). Will accept in the future:
	  address ranges, subnets. Also a access-control-file is planned,
	  which would make this obsolete, as the new format would be much
	  more powerful and intuitive.

1998-12-08  Sami Lehtinen  <sjl@ssh.fi>

	* Added SIGHUP handling to sshd2. (now restarts on SIGHUP)

1998-11-26  Sami Lehtinen  <sjl@ssh.fi>

	* Tweaked logging in sshd2.c.

	* Added reverse-mapping for the remote host's hostname in the
 	  server.

	* Fixed a bug in auths-{passwd,pubkey}.c, which caused a SIGSEGV
 	  if user didn't exist. Tweaked logging in same file.

1998-11-16  Sami Lehtinen  <sjl@ssh.fi>

	* Released  ssh-2.0.11.
	
	* Previous: Fixed a draft inconsistency in the client's version
 	  string handling. Should reduce those "Protocol error"'s.

	* Hopefully fixed the busyloop-timeout problem in scp2. Now it
	  kills the background ssh2 process before exiting itself.

1998-11-12  Timo J. Rinne  <tri@ssh.fi>

	* Added twofish encryption.

1998-11-12  Sami Lehtinen  <sjl@ssh.fi>

	* Previous: the #include bug in sshreadline.c, which manifested
	  itself in solaris 2.[456].x, should now be fixed. (atleast in our
	  server compiles ok).

	* Added --disable-asm flag to configure. If asm-optimizations
	  don't work, use this.

	* Added code to configure to properly add libipc for
	  bsdi2.1. In AIX 4.* utmpx is now disabled (utmpx.h is reportedly
	  broken). With HPUX _HPUX_SOURCE is now properly defined.

	* Changed handling of setsid-errors in ssh2 and sshd2. Previously
	  if setsid() call failed, ssh{2,d2} called ssh_fatal. Now, it gives
	  warning in ssh2 and logs the event in sshd2. This is the same
	  behavior as in ssh1.

	* Implemented '-r'-flag (copy directories recursively) in
	  scp2. Also cleaned up code in scp2.

1998-11-05  Sami Lehtinen  <sjl@ssh.fi>

	* Added '-1' flag, which enables scp1 compatibility. Use it as the
 	  first argument to scp2. Implemented wildcard-expansion
 	  (globbing). Currently supported wildcards are '?' and '*'.

1998-10-29  Sami Lehtinen  <sjl@ssh.fi>

	* Made progress-indicator default in scp2. Added some code to
	  display transfer-times and transfer-speed.

1998-10-29  Timo J. Rinne  <tri@ssh.fi>

	* Ssh-agent2 now more or less fully supports also requests
	  sent by ssh1 and ssh-add1. To enable ssh1 compatibility
	  in ssh-agent2 you have to start it with option -1.
	  CAUTION: ssh-agent2 works properly only with versions
	  ssh-2.0.11 and above, if run with -1 option.  Without
	  -1 option it's compatible with earlier ssh-2.0.* versions
	  too.

1998-10-21  Timo J. Rinne  <tri@ssh.fi>

	* Moved utmp update to the child.  It now seems to work
	  at least in BSD.

1998-10-19  Sami Lehtinen  <sjl@ssh.fi>

	* Added correct parsing for specifying 'user@host' on the
	  commandline. (`ssh2 user@host' equals `ssh2 -luser host')

	* Fixed --with-etcdir and --with-libwrap options in configure and
	  apps/ssh/Makefile.am.

	* Fixed calculating MAC, as it was done against the draft. Added
	  compatibility code, so that we can work with older
	  ssh-2.0.x-versions (2.0.[789]) still.

	* Implemented PasswordAuthentication and PubkeyAuthentication
	  keywords in the server. Still need to be done in the client.
	
1998-10-07  Sami Lehtinen  <sjl@ssh.fi>

	* Added code to configure, so that it detects whether compiled
	  symbols are prepended with underscore or not. With changes to the
	  assembler files, this should fix the problems with commercial
	  versions assembler-optimized crypto functions.

	* Fixed a _lot_ of buggy code in sftp2. Shouldn't seg fault
 	  anymore.

1998-10-06  Timo J. Rinne  <tri@ssh.fi>

	* Fixed -t flag in ssh2 client to have an desired 
	  effect (force pty allocation).

1998-10-02  Timo J. Rinne  <tri@ssh.fi>

	* Added O_TRUNC into scp.  Existing target files are now
	  also truncated.

1998-09-30  Timo J. Rinne  <tri@ssh.fi>

	* Added ssh_getopt.

	* Fixed command line parsing of ssh2 and sshd2.

	* Modified ssh-add2, ssh-agent2, ssh-keygen2 and scp2 to
	  use ssh_getopt2.

1998-09-17  Sami Lehtinen  <sjl@ssh.fi>

	* Added support for environment variable DESTDIR in
 	  apps/ssh/Makefile.

	* Added --with-etcdir configuration option.

	* Added libwrap-support. (still partially untested)

	* Fixed a bug in sshd2, which caused sshd2  to go to busy-loop if
	  ssh2-client was killed with, for example, kill -9 .

	* Fixed bug in sshmp.c, which caused FPE in ssh-keygen2, when it
	  was compiled on Alpha with gcc.

	* Fixed little bugs here and there.
	
1998-09-07  Sami Lehtinen  <sjl@ssh.fi>

	* Added clean-up-old -target to apps/ssh/Makefile.am to allow easy
	  removal of the *.old-files made by the installation.

	* Fixed a bug in initilization of variables in ssh2 (and other
	  programs, which were run with user-privileges) which caused
	  annoying messages with shadow passwords etc.

	* Fixed a bug in 'make install'.

1998-08-27  Sami Lehtinen  <sjl@ssh.fi>

	* Changed 'make install' so that it now renames the old files to
	  have '.old'-trailer.

1998-08-26  Sami Lehtinen  <sjl@ssh.fi>

	* Earlier addition: Fixed ssh2-client to not kill all forwarded
	  connections on session_close, but instead fork to background to
	  wait for their completion.

	* Fixed problems with compilation.
	
1998-08-06  Timo J. Rinne  <tri@ssh.fi>

	* Made ssh forward also ssh1 agent connections.

1998-08-05  Sami Lehtinen  <sjl@ssh.fi>

	* Changed ssh-add2 to fetch first key named 'id_*' when executed
	  without arguments.
	
	* Changed ssh-add2 to use ssh-askpass2 instead of ssh2-askpass.
	
