annotate CHANGES @ 421:dbb607d72d01 channel-fix

propagate from branch 'au.asn.ucc.matt.dropbear' (head eac2a177021cfa0cbf365d5821fe6c8a0a5dc758) to branch 'au.asn.ucc.matt.dropbear.channel-fix' (head be0d837816e2e985c7b2d80614d5df3496028e94)
author Matt Johnston <matt@ucc.asn.au>
date Sun, 11 Feb 2007 10:46:57 +0000 (2007-02-11)
parents bfa09e369e0e
children 67689b7ceaf0
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
337
bfa09e369e0e 0.49 is close to done.
Matt Johnston <matt@ucc.asn.au>
parents: 295
diff changeset
1 0.49 - Tues 13 June 2003
bfa09e369e0e 0.49 is close to done.
Matt Johnston <matt@ucc.asn.au>
parents: 295
diff changeset
2
bfa09e369e0e 0.49 is close to done.
Matt Johnston <matt@ucc.asn.au>
parents: 295
diff changeset
3 - Return immediately for "sleep 10 & echo foo", rather than waiting
bfa09e369e0e 0.49 is close to done.
Matt Johnston <matt@ucc.asn.au>
parents: 295
diff changeset
4 for the sleep to return (pointed out by Rob Landley)
bfa09e369e0e 0.49 is close to done.
Matt Johnston <matt@ucc.asn.au>
parents: 295
diff changeset
5
bfa09e369e0e 0.49 is close to done.
Matt Johnston <matt@ucc.asn.au>
parents: 295
diff changeset
6 - Added -P pidfile argument to the server (from Swen Schillig)
bfa09e369e0e 0.49 is close to done.
Matt Johnston <matt@ucc.asn.au>
parents: 295
diff changeset
7
bfa09e369e0e 0.49 is close to done.
Matt Johnston <matt@ucc.asn.au>
parents: 295
diff changeset
8 - Compile fixes, make sure that all variable definitions are at the start
bfa09e369e0e 0.49 is close to done.
Matt Johnston <matt@ucc.asn.au>
parents: 295
diff changeset
9 of a scope.
bfa09e369e0e 0.49 is close to done.
Matt Johnston <matt@ucc.asn.au>
parents: 295
diff changeset
10
bfa09e369e0e 0.49 is close to done.
Matt Johnston <matt@ucc.asn.au>
parents: 295
diff changeset
11 - Use $HOME in preference to that from /etc/passwd, so that it
bfa09e369e0e 0.49 is close to done.
Matt Johnston <matt@ucc.asn.au>
parents: 295
diff changeset
12 dbclient can still work on systems with a broken setup.
bfa09e369e0e 0.49 is close to done.
Matt Johnston <matt@ucc.asn.au>
parents: 295
diff changeset
13
bfa09e369e0e 0.49 is close to done.
Matt Johnston <matt@ucc.asn.au>
parents: 295
diff changeset
14 - Add -N dbclient option for "no command"
bfa09e369e0e 0.49 is close to done.
Matt Johnston <matt@ucc.asn.au>
parents: 295
diff changeset
15
bfa09e369e0e 0.49 is close to done.
Matt Johnston <matt@ucc.asn.au>
parents: 295
diff changeset
16 - Add -f dbclient option for "background after auth"
bfa09e369e0e 0.49 is close to done.
Matt Johnston <matt@ucc.asn.au>
parents: 295
diff changeset
17
bfa09e369e0e 0.49 is close to done.
Matt Johnston <matt@ucc.asn.au>
parents: 295
diff changeset
18 - Try to finally fix ss_family compilation problems
bfa09e369e0e 0.49 is close to done.
Matt Johnston <matt@ucc.asn.au>
parents: 295
diff changeset
19
295
Matt Johnston <matt@ucc.asn.au>
parents: 291
diff changeset
20 0.48.1 - Sat 11 March 2006
Matt Johnston <matt@ucc.asn.au>
parents: 291
diff changeset
21
Matt Johnston <matt@ucc.asn.au>
parents: 291
diff changeset
22 - Compile fix for scp
Matt Johnston <matt@ucc.asn.au>
parents: 291
diff changeset
23
291
55a99934db87 0.48 bump
Matt Johnston <matt@ucc.asn.au>
parents: 290
diff changeset
24 0.48 - Thurs 9 March 2006
290
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
25
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
26 - Check that the circular buffer is properly empty before
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
27 closing a channel, which could cause truncated transfers
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
28 (thanks to Tomas Vanek for helping track it down)
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
29
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
30 - Implement per-IP pre-authentication connection limits
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
31 (after some poking from Pablo Fernandez)
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
32
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
33 - Exit gracefully if trying to connect to as SSH v1 server
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
34 (reported by Rushi Lala)
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
35
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
36 - Only read /dev/random once at startup when in non-inetd mode
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
37
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
38 - Allow ctrl-c to close a dbclient password prompt (may
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
39 still have to press enter on some platforms)
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
40
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
41 - Merged in uClinux patch for inetd mode
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
42
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
43 - Updated to scp from OpenSSH 4.3p2 - fixes a security issue
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
44 where use of system() could cause users to execute arbitrary
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
45 code through malformed filenames, ref CVE-2006-0225
94ee16f5b8a8 0.48 progress
Matt Johnston <matt@ucc.asn.au>
parents: 265
diff changeset
46
265
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
47 0.47 - Thurs Dec 8 2005
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
48
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
49 - SECURITY: fix for buffer allocation error in server code, could potentially
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
50 allow authenticated users to gain elevated privileges. All multi-user systems
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
51 running the server should upgrade (or apply the patch available on the
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
52 Dropbear webpage).
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
53
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
54 - Fix channel handling code so that redirecting to /dev/null doesn't use
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
55 100% CPU.
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
56
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
57 - Turn on zlib compression for dbclient.
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
58
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
59 - Set "low delay" TOS bit, can significantly improve interactivity
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
60 over some links.
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
61
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
62 - Added client keyboard-interactive mode support, allows operation with
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
63 newer OpenSSH servers in default config.
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
64
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
65 - Log when pubkey auth fails because of bad ~/.ssh/authorized_keys permissions
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
66
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
67 - Improve logging of assertions
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
68
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
69 - Added aes-256 cipher and sha1-96 hmac.
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
70
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
71 - Fix twofish so that it actually works.
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
72
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
73 - Improve PAM prompt comparison.
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
74
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
75 - Added -g (dbclient) and -a (dropbear server) options to allow
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
76 connections to listening forwarded ports from remote machines.
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
77
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
78 - Various other minor fixes
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
79
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
80 - Compile fixes for glibc 2.1 (ss_family vs __ss_family) and NetBSD
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
81 (netinet/in_systm.h needs to be included).
9b9664204b97 * Update changelogs for 0.47 release
Matt Johnston <matt@ucc.asn.au>
parents: 224
diff changeset
82
223
f3ef0d29ab65 * 0.46 CHANGES done
Matt Johnston <matt@ucc.asn.au>
parents: 220
diff changeset
83 0.46 - Sat July 9 2005
193
ca6a7c7a925c Preparing for 0.46
Matt Johnston <matt@ucc.asn.au>
parents: 176
diff changeset
84
ca6a7c7a925c Preparing for 0.46
Matt Johnston <matt@ucc.asn.au>
parents: 176
diff changeset
85 - Fix long-standing bug which caused connections to be closed if an ssh-agent
ca6a7c7a925c Preparing for 0.46
Matt Johnston <matt@ucc.asn.au>
parents: 176
diff changeset
86 socket was no longer available
ca6a7c7a925c Preparing for 0.46
Matt Johnston <matt@ucc.asn.au>
parents: 176
diff changeset
87
220
9089929fb2b7 * preparing for 0.46 release
Matt Johnston <matt@ucc.asn.au>
parents: 193
diff changeset
88 - Print a warning if we seem to be blocking on /dev/random