OpenSSH Unix Dev,

Mac OS X 10.5 recently shipped with OpenSSH 4.5p1. This build
includes a number of patches, some general bug fixes and some platform-
specific fixes and enhancements. These patches are available from our
open source site (http://www.opensource.apple.com/darw....5/OpenSSH-87/
).
Following is a brief description of each patch. We'd be more than
happy to see any of these patches integrated into the official
portable OpenSSH distribution.

AJ-5229538+5383306_keychain.patch
Allows users to store key passphrases in the Mac OS X Keychain.

DVG+AJ-5370108_fix_globbing_in_Leopard_sftp.patch
sftp makes certain assumptions about the behavior of glob(3) that no
longer hold on Mac OS X. This patch forces the openbsd-compat
implementation.

DVG-3977221_manpage_tweaks.patch
Removes references to login.conf from sshd_config man page.

DVG-4122722+5277818_new_EA.patch & DVG-4648874_preserve_EA_mtime.patch
Adds a scp -E option, which preserves HFS+ extended attributes.

DVG-4157448+4920695_corrected_UsePAM_comment.patch
Corrects comments in sshd_config about using PAM with OpenSSH.

DVG-4212542_auth_error_logging_fix.patch
Keeps sshd from logging to the console.

DVG-4694589_16_group_limit_fix.patch
Fixes issue with users in more than 16 groups.

DVG-4748610+4897588_ssh-agent_via_launchd.patch
Adds support for launching ssh-agent from Mac OS X's launchd.

DVG-4808140_getpwuid_botch.patch
Fixes a bug where ssh makes calls to getpwuid and expects the
returned value to remain unchanged after subsequent calls, which is
not guaranteed by POSIX.

DVG-4853931_enable_GSSAPI.patch & pam.patch
Changes some default settings on Mac OS X.

DVG-4853931_enable_GSSAPI_AfterInstall.patch & apple-bsm.patch
Unused.

DVG-4907495_name_resolution_error_message.patch
Improves a generic "System error" message when hostname resolution
fails.

DVG-5142987_launchd_DISPLAY_for_X11.patch
Fixes issue with X11 forwarding on Mac OS X.

DVG-5258734_pty_permission_fix.patch & sshpty.c.patch
Fixes PTY handling on Mac OS X.

bsm.patch
Part of BSM support.

lastlog.patch
Fixes lastlog on Mac OS X.

openssh-4.4p1-gsskex-20061002.patch
Kerberos GSS Key Exchange support.

sacl.patch
Service ACL support.


- Disco Vince Giffin
OS Security Engineer
Apple Inc.

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/li...enssh-unix-dev