Mercurial > dropbear
comparison CHANGES @ 285:1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
to branch 'au.asn.ucc.matt.dropbear' (head fdf4a7a3b97ae5046139915de7e40399cceb2c01)
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Wed, 08 Mar 2006 13:23:58 +0000 |
| parents | 9b9664204b97 |
| children | 94ee16f5b8a8 |
comparison
equal
deleted
inserted
replaced
| 281:997e6f7dc01e | 285:1b9e69c058d2 |
|---|---|
| 1 0.47 - Thurs Dec 8 2005 | |
| 2 | |
| 3 - SECURITY: fix for buffer allocation error in server code, could potentially | |
| 4 allow authenticated users to gain elevated privileges. All multi-user systems | |
| 5 running the server should upgrade (or apply the patch available on the | |
| 6 Dropbear webpage). | |
| 7 | |
| 8 - Fix channel handling code so that redirecting to /dev/null doesn't use | |
| 9 100% CPU. | |
| 10 | |
| 11 - Turn on zlib compression for dbclient. | |
| 12 | |
| 13 - Set "low delay" TOS bit, can significantly improve interactivity | |
| 14 over some links. | |
| 15 | |
| 16 - Added client keyboard-interactive mode support, allows operation with | |
| 17 newer OpenSSH servers in default config. | |
| 18 | |
| 19 - Log when pubkey auth fails because of bad ~/.ssh/authorized_keys permissions | |
| 20 | |
| 21 - Improve logging of assertions | |
| 22 | |
| 23 - Added aes-256 cipher and sha1-96 hmac. | |
| 24 | |
| 25 - Fix twofish so that it actually works. | |
| 26 | |
| 27 - Improve PAM prompt comparison. | |
| 28 | |
| 29 - Added -g (dbclient) and -a (dropbear server) options to allow | |
| 30 connections to listening forwarded ports from remote machines. | |
| 31 | |
| 32 - Various other minor fixes | |
| 33 | |
| 34 - Compile fixes for glibc 2.1 (ss_family vs __ss_family) and NetBSD | |
| 35 (netinet/in_systm.h needs to be included). | |
| 36 | |
| 37 0.46 - Sat July 9 2005 | |
| 38 | |
| 39 - Fix long-standing bug which caused connections to be closed if an ssh-agent | |
| 40 socket was no longer available | |
| 41 | |
| 42 - Print a warning if we seem to be blocking on /dev/random | |
| 43 (suggested by Paul Fox) | |
| 44 | |
| 45 - Fixed a memory leak in DSS code (thanks to Boris Berezovsky for the patch) | |
| 46 | |
| 47 - dbclient -L no longer segfaults, allocate correct buffer size (thanks | |
| 48 to David Cook for reporting it, and Christopher Faylor for independently | |
| 49 sending in a patch) | |
| 50 | |
| 51 - Added RSA blinding to signing code (suggested by Dan Kaminsky) | |
| 52 | |
| 53 - Rearranged bignum reading/random generation code | |
| 54 | |
| 55 - Reset the non-blocking status on stderr and stdout as well as stdin, | |
| 56 fixes a problem where the shell running dbclient will exit (thanks to | |
| 57 Brent Roman for reporting it) | |
| 58 | |
| 59 - Fix so that all file descriptors are closed so the child shell doesn't | |
| 60 inherit descriptors (thanks to Linden May for the patch) | |
| 61 | |
| 62 - Change signkey.c to avoid gcc 4 generating incorrect code | |
| 63 | |
| 64 - After both sides of a file descriptor have been shutdown(), close() | |
| 65 it to avoid leaking descriptors (thanks to Ari Hyttinen for a patch) | |
| 66 | |
| 67 - Update to LibTomCrypt 1.05 and LibTomMath 0.35 | |
| 68 | |
| 69 0.45 - Mon March 7 2005 | |
| 70 | |
| 71 - Makefile no longer appends 'static' to statically linked binaries | |
| 72 | |
| 73 - Add optional SSH_ASKPASS support to the client | |
| 74 | |
| 75 - Respect HOST_LOOKUP option | |
| 76 | |
| 77 - Fix accidentally removed "return;" statement which was removed in 0.44 | |
| 78 (causing clients which sent an empty terminal-modes string to fail to | |
| 79 connect - including pssh, ssh.com, danger hiptop). (patches | |
| 80 independently from Paul Fox, David Horwitt and Sven-Ola Tuecke) | |
| 81 | |
| 82 - Read "y/n" response for fingerprints from /dev/tty directly so that dbclient | |
| 83 will work with scp. | |
| 84 | |
| 85 0.44 - Mon Jan 3 2005 | |
| 86 | |
| 87 - SECURITY: Fix for PAM auth so that usernames are logged and conversation | |
| 88 function responses are allocated correctly - all 0.44test4 users with PAM | |
| 89 compiled in (not default) are advised to upgrade. | |
| 90 | |
| 91 - Fix calls to getnameinfo() for compatibility with Solaris | |
| 92 | |
| 93 - Pristine compilation works (run 'configure' from a fresh dir and make it | |
| 94 there) | |
| 95 | |
| 96 - Fixes for compiling with most options disabled. | |
| 97 | |
| 98 - Upgraded to LibTomCrypt 0.99 and LibTomMath 0.32 | |
| 99 | |
| 100 - Make sure that zeroing out of values in LTM and LTC won't get optimised away | |
| 101 | |
| 102 - Removed unused functions from loginrec.c | |
| 103 | |
| 104 - /dev/random is now the default entropy source rather than /dev/urandom | |
| 105 | |
| 106 - Logging of IPs in auth success/failure messages for improved greppability | |
| 107 | |
| 108 - Fix dbclient so that "scp -i keyfile" works. (It can handle "-ikeyfile | |
| 109 properly) | |
| 110 | |
| 111 - Avoid a race in server shell-handling code which prevents the exit-code | |
| 112 from being returned to the client in some circumstances. | |
| 113 | |
| 114 - Makefile modified so that install target works correctly (doesn't try | |
| 115 to install "all" binary) - patch from Juergen Daubert | |
| 116 | |
| 117 - Various minor fixes and compile warnings. | |
| 118 | |
| 119 0.44test4 - Tue Sept 14 2004 21:15:54 +0800 | |
| 120 | |
| 121 - Fix inetd mode so it actually loads the hostkeys (oops) | |
| 122 | |
| 123 - Changed DROPBEAR_DEFPORT properly everywhere | |
| 124 | |
| 125 - Fix a small memory leak in the auth code | |
| 126 | |
| 127 - WCOREDUMP is only used on systems which support it (ie not cygwin or AIX) | |
| 128 | |
| 129 - Check (and fail for) cases when we can't negotiate algorithms with the | |
| 130 remote side successfully (rather than bombing out ungracefully) | |
| 131 | |
| 132 - Handle authorized_keys files without a terminating newline | |
| 133 | |
| 134 - Fiddle the channel receive window size for possibly better performance | |
| 135 | |
| 136 - Added in the PAM authentication code (finally! thanks to Martin Carlsson) | |
| 137 | |
| 138 0.44test3 - Fri Aug 27 22:20:54 +0800 | |
| 139 | |
| 140 - Fixed a bunch of warnings. | |
| 141 | |
| 142 - scp works correctly when passed a username (fix for the dbclient program | |
| 143 itself as well, "-lmatt" works as well as "-l matt"). | |
| 144 | |
| 145 - Remove unrequired debian files | |
| 146 | |
| 147 - Exit with the remote process's return code for dbclient | |
| 148 | |
| 149 - Display stderr messages from the server in the client | |
| 150 | |
| 151 - Add circular buffering to the channel code. This should dramatically reduce | |
| 152 the amount of backtraffic sent in response to traffic incoming to the | |
| 153 Dropbear end - improves high-latency performance (ie dialup). | |
| 154 | |
| 155 - Various other related channel-handling fixups. | |
| 156 | |
| 157 - Allow leading lines in the banner when connecting to servers | |
| 158 | |
| 159 - Fixed printing out errors onto the network socket with stderr (for inetd | |
| 160 mode when using xinetd) | |
| 161 | |
| 162 - Remove obselete documentation | |
| 163 | |
| 164 - Fix a null-pointer exception when trying to free non-existant listeners | |
| 165 at cleanup. | |
| 166 | |
| 167 - DEBUG_TRACE now only works if you add "-v" to the program commandline | |
| 168 | |
| 169 - Don't leave stdin non-blocking on exit - this caused the parent shell | |
| 170 of dbclient to close when dbclient exited, for some shells in BusyBox | |
| 171 | |
| 172 - Server connections no longer timeout after 5 minutes | |
| 173 | |
| 174 - Fixed stupid DSS hostkey typo (server couldn't load host keys) | |
| 175 | |
| 176 0.44test2 - Tues Aug 17 2004 17:43:54 +0800 | |
| 177 | |
| 178 - Fix up dropbearmulti targets in the Makefile - symlinks are now created | |
| 179 | |
| 180 - Compile fake-rfc2553 even with dropbearconvert/dropbearkey - this | |
| 181 allows them to work on platforms without a native getaddrinfo() | |
| 182 | |
| 183 - Create ~/.ssh/known_hosts properly if it doesn't exist | |
| 184 | |
| 185 - Fix basename() function prototype | |
| 186 | |
| 187 - Backport some local changes (more #ifdefs for termcodes.c, a fix for missing | |
| 188 defines on AIX). | |
| 189 | |
| 190 - Let dbclient be run as "ssh" | |
| 191 | |
| 192 - Initialise mp_ints by default | |
| 193 | |
| 194 0.44test1 - Sun Aug 16 2005 17:43:54 +0800 | |
| 195 | |
| 196 - TESTING RELEASE - this is the first public release of the client codebase, | |
| 197 so there are sure to be bugs to be found. In addition, if you're just using | |
| 198 the server portion, the final binary size probably will increase - I'll | |
| 199 be trying to get it back down in future releases. | |
| 200 | |
| 201 - Dropbear client added - lots of changes to the server code as well to | |
| 202 generalise things | |
| 203 | |
| 204 - IPv6 support added for client, server, and forwarding | |
| 205 | |
| 206 - New makefile with more generic support for multiple-program binaries | |
| 207 | |
| 208 0.43 - Fri Jul 16 2004 17:44:54 +0800 | |
| 209 | |
| 210 - SECURITY: Don't try to free() uninitialised variables in DSS verification | |
| 211 code. Thanks to Arne Bernin for pointing out this bug. This is possibly | |
| 212 exploitable, all users with DSS and pubkey-auth compiled in are advised to | |
| 213 upgrade. | |
| 214 | |
| 215 - Clean up agent forwarding socket files correctly, patch from Gerrit Pape. | |
| 216 | |
| 217 - Don't go into an infinite loop when portforwarding to servers which don't | |
| 218 send any initial data/banner. Patch from Nikola Vladov | |
| 219 | |
| 220 - Fix for network vs. host byte order in logging remote TCP ports, also | |
| 221 from Gerrit Pape. | |
| 222 | |
| 223 - Initialise many pointers to NULL, for general safety. Also checked cleanup | |
| 224 code for mp_ints (related to security issues above). | |
| 225 | |
| 226 0.42 - Wed Jun 16 2004 12:44:54 +0800 | |
| 227 | |
| 228 - Updated to Gerrit Pape's official Debian subdirectory | |
| 229 | |
| 230 - Fixed bad check when opening /dev/urandom - thanks to Danny Sung. | |
| 231 | |
| 232 - Added -i inetd mode flag, and associated options in options.h . Dropbear | |
| 233 can be compiled with either normal mode, inetd, or both modes. Thanks | |
| 234 to Gerrit Pape for basic patch and motivation. | |
| 235 | |
| 236 - Use <dirent.h> rather than <sys/dir.h> for POSIX compliance. Thanks to Bill | |
| 237 Sommerfield. | |
| 238 | |
| 239 - Fixed a TCP forwarding (client-local, -L style) bug which caused the whole | |
| 240 session to close if the TCP connection failed. Thanks to Andrew Braund for | |
| 241 reporting it and helping track it down. | |
| 242 | |
| 243 - Re-enable sigpipe for child processes. Thanks to Gerrit Pape for some | |
| 244 suggestions, and BSD manpages for a clearer explanation of the behaviour. | |
| 245 | |
| 246 - Added manpages, thanks to Gerrit Pape. | |
| 247 | |
| 248 - Changed license text for LibTomCrypt and LibTomMath. | |
| 249 | |
| 250 - Added strip-static target | |
| 251 | |
| 252 - Fixed a bug in agent-forwarding cleanup handler - would segfault | |
| 253 (dereferencing a null pointer) if agent forwarding had failed. | |
| 254 | |
| 255 - Fix behaviour of authorized_keys parsing, so larger (>1024 bit) DSA keys will | |
| 256 work. Thanks to Dr. Markus Waldeck for the report. | |
| 257 | |
| 258 - Fixed local port forwarding code so that the "-j" option will make forwarding | |
| 259 attempts fail more gracefully. | |
| 260 | |
| 261 - Allow repeated requests in a single session if previous ones fail - this fixes PuTTY and some other SCP clients, which try SFTP, then fall-back to SCP if it | |
| 262 isn't available. Thanks to Stirling Westrup for the report. | |
| 263 | |
| 264 - Updated to LibTomCrypt 0.96 and LibTomMath 0.30. The AES code now uses | |
| 265 smaller non-precomputed tables if DROPBEAR_SMALL_CODE is defined in | |
| 266 options.h, leading to a significant reduction in the binary size. | |
| 267 | |
| 268 0.41 - Mon Jan 19 2004 22:40:19 +0800 | |
| 269 | |
| 270 - Fix in configure so that cross-compiling works, thanks to numerous people for | |
| 271 reporting and testing | |
| 272 | |
| 273 - Terminal mode parsing now handles empty terminal mode strings (sent by | |
| 274 Windows ssh.com clients), thanks to Ricardo Derbes for the report | |
| 275 | |
| 276 - Handling is improved for users with no shell specified in /etc/passwd, | |
| 277 thanks again to Ricardo Derbes | |
| 278 | |
| 279 - Fix for compiling with --disable-syslog, thanks to gordonfh | |
| 280 | |
| 281 - Various minor fixes allow scp to work with irix, thanks to Paul Marinceu for | |
| 282 fixing it up | |
| 283 | |
| 284 - Use <stropts.h> not <sys/stropts.h>, since the former seems more common | |
| 285 | |
| 286 0.40 - Tue Jan 13 2004 21:05:19 +0800 | |
| 287 | |
| 288 - Remote TCP forwarding (-R) style implemented | |
| 289 | |
| 290 - Local and remote TCP forwarding can each be disabled at runtime (-k and -j | |
| 291 switches) | |
| 292 | |
| 293 - Fix for problems detecting openpty() with uClibc - many thanks to various | |
| 294 people for reporting and testing fixes, including (in random order) Cristian | |
| 295 Ionescu-Idbohrn, James Ewing, Steve Dover, Thomas Lundquist and Frederic | |
| 296 Lavernhe | |
| 297 | |
| 298 - Improved portability for IRIX, thanks to Paul Marinceu | |
| 299 | |
| 300 - AIX and HPUX portability fixes, thanks to Darren Tucker for patches | |
| 301 | |
| 302 - prngd should now work correctly, thanks to Darren Tucker for the patch | |
| 303 | |
| 304 - scp compilation on systems without strlcpy() is fixed, thanks to Peter | |
| 305 Jannesen and David Muse for reporting it (independently and simultaneously :) | |
| 306 | |
| 307 - Merged in new LibTomCrypt 0.92 and LibTomMath 0.28 | |
| 308 | |
| 309 0.39 - Tue Dec 16 2003 15:19:19 +0800 | |
| 310 | |
| 311 - Better checking of key lengths and parameters for DSS and RSA auth | |
| 312 | |
| 313 - Print fingerprint of keys used for pubkey auth | |
| 314 | |
| 315 - More consistent logging of usernames and IPs | |
| 316 | |
| 317 - Added option to disable password auth (or just for root) at runtime | |
| 318 | |
| 319 - Avoid including bignum functions which don't give much speed benefit but | |
| 320 take up binary size | |
| 321 | |
| 322 - Added a stripped down version of OpenSSH's scp binary | |
| 323 | |
| 324 - Added additional supporting functions for Irix, thanks to Paul Marinceu | |
| 325 | |
| 326 - Don't check for unused libraries in configure script | |
| 327 | |
| 328 - Removed trailing comma in algorithm lists (thanks to Mihnea Stoenescu) | |
| 329 | |
| 330 - Fixed up channel close handling, always send close packet in response | |
| 331 (also thanks to Mihnea Stoenescu) | |
| 332 | |
| 333 - Various makefile improvements for cross-compiling, thanks to Friedrich | |
| 334 Lobenstock and Mihnea Stoenescu | |
| 335 | |
| 336 - Use daemon() function if available (or our own copy) rather than separate | |
| 337 code (thanks to Fr�d�ric Lavernhe for the report and debugging, and Bernard | |
| 338 Blackham for his suggestion on what to look at) | |
| 339 | |
| 340 - Fixed up support for first_kex_packet_follows, required to talk to ssh.com | |
| 341 clients. Thanks to Marian Stagarescu for the bug report. | |
| 342 | |
| 343 - Avoid using MAXPATHLEN, pointer from Ian Morris | |
| 344 | |
| 345 - Improved input sanity checking | |
| 346 | |
| 347 0.38 - Sat Oct 11 2003 16:28:13 +0800 | |
| 348 | |
| 349 - Default hostkey path changed to /etc/dropbear/dropbear_{rsa,dss}_host_key | |
| 350 rather than /etc/dropbear_{rsa,dss}_host_key | |
| 351 | |
| 352 - Added SMALL and MULTI text files which have info on compiling for multiple | |
| 353 binaries or small binaries | |
| 354 | |
| 355 - Allow for commandline definition of some options.h settings | |
| 356 (without warnings) | |
| 357 | |
| 358 - Be more careful handling EINTR | |
| 359 | |
| 360 - More fixes for channel closing | |
| 361 | |
| 362 - Added multi-binary support | |
| 363 | |
| 364 - Improved logging of IPs, now get logged in all cases | |
| 365 | |
| 366 - Don't chew cpu when waiting for version identification string, also | |
| 367 make sure that we kick off people if they don't auth within 5 minutes. | |
| 368 | |
| 369 - Various small fixes, warnings etc | |
| 370 | |
| 371 - Display MOTD if requested - suggested by | |
| 372 Trent Lloyd <lathiat at sixlabs.org> and | |
| 373 Zach White <zwhite at darkstar.frop.org> | |
| 374 | |
| 375 - sftp support works (relies on OpenSSH sftp binary or similar) | |
| 376 | |
| 377 - Added --disable-shadow option (requested by the floppyfw guys) | |
| 378 | |
| 379 0.37 - Wed Sept 24 2003 19:42:12 +0800 | |
| 380 | |
| 381 - Various portability fixes, fixes for Solaris 9, Tru64 5.1, Mac OS X 10.2, | |
| 382 AIX, BSDs | |
| 383 | |
| 384 - Updated LibTomMath to 0.27 and LibTomCrypt to 0.90 | |
| 385 | |
| 386 - Renamed util.{c,h} to dbutil.{c,h} to avoid conflicts with system util.h | |
| 387 | |
| 388 - Added some small changes so it'll work with AIX (plus Linux Affinity). | |
| 389 Thanks to Shig for them. | |
| 390 | |
| 391 - Improved the closing messages, so a clean exit is "Exited normally" | |
| 392 | |
| 393 - Added some more robust integer/size checking in buffer.c as a backstop for | |
| 394 integer overflows | |
| 395 | |
| 396 - X11 forwarding fixed for OSX, path for xauth changed to /usr/X11R6/bin/xauth | |
| 397 | |
| 398 - Channel code handles closing more nicely, doesn't sit waiting for an extra | |
| 399 keystroke on BSD/OSX platforms, and data is flushed fully before closing | |
| 400 child processes (thanks to | |
| 401 Cristian Ionescu-Idbohrn <cristian.ionescu-idbohrn at axis.com> for | |
| 402 pointing that out). | |
| 403 | |
| 404 - Changed "DISABLE_TCPFWD" to "ENABLE_TCPFWD" (and for x11/auth) so | |
| 405 "disable DISABLE_TCPWD" isn't so confusing. | |
| 406 | |
| 407 - Fix authorized_keys handling (don't crash on too-long keys, and | |
| 408 use fgetc not getc to avoid strange macro-related issues), thanks to | |
| 409 Cristian Ionescu-Idbohrn <cristian.ionescu-idbohrn at axis.com> | |
| 410 and Steve Rodgers <hwstar at cox.net> for reporting and testing. | |
| 411 | |
| 412 - Fixes to the README with regard to uClibc systems, thanks to | |
| 413 Cristian Ionescu-Idbohrn <cristian.ionescu-idbohrn at axis.com>, | |
| 414 as well as general improvements to documentation (split README/INSTALL) | |
| 415 | |
| 416 - Fixed up some compilation problems with dropbearconvert/dropbearkey if | |
| 417 DSS or RSA were disabled, reported by Patrik Karlsson <patrik at cqure.net> | |
| 418 | |
| 419 - Fix double-free bug for hostkeys, reported by | |
| 420 Vincent Sanders <vince at kyllikki.org> | |
| 421 | |
| 422 - Fix up missing \ns from dropbearconvert help message, | |
| 423 thanks to Mordy Ovits <movits at bloomberg.com> for the patch | |
| 424 | |
| 425 0.36 - Tue August 19 2003 12:16:23 +0800 | |
| 426 | |
| 427 - Fix uninitialised temporary variable in DSS signing code | |
| 428 (thanks to Matthew Franz <mdfranz at io.com> for reporting, and the authors | |
| 429 of Valgrind for making it easy to track down) | |
| 430 - Fix remote version-string parsing error | |
| 431 (thanks to Bernard Blackham <bernard at blackham.com.au> for noticing) | |
| 432 - Improved host-algorithm-matching algorithm in algo.c | |
| 433 - Decreased MAX_STRING_LEN to a more realistic value | |
| 434 - Fix incorrect version (0.34) in this CHANGES file for the previous release. | |
| 435 | |
| 436 0.35 - Sun August 17 2003 05:37:47 +0800 | |
| 437 | |
| 438 - Fix for remotely exploitable format string buffer overflow. | |
| 439 (thanks to Joel Eriksson <je at bitnux.com>) | |
| 440 | |
| 441 0.34 - Fri August 15 2003 15:10:00 +0800 | |
| 442 | |
| 443 - Made syslog optional, both at compile time and as a compile option | |
| 444 (suggested by Laurent Bercot <ska at skarnet.org>) | |
| 445 - Fixup for bad base64 parsing in authorized_keys | |
| 446 (noticed by Davyd Madeley <davyd at zdlcomputing.com>) | |
| 447 - Added initial tcp forwarding code, only -L (local) at this stage | |
| 448 - Improved "make install" with DESTDIR and changing ownership seperately, | |
| 449 don't check for setpgrp on Linux for crosscompiling. | |
| 450 (from Erik Andersen <andersen at codepoet.org>) | |
| 451 - More commenting, fix minor compile warnings, make return values more | |
| 452 consistent etc | |
| 453 - Various signedness fixes | |
| 454 - Can listen on multiple ports | |
| 455 - added option to disable openpty with configure script, | |
| 456 (from K.-P. Kirchd�rfer <kapeka at epost.de>) | |
| 457 - Various cleanups to bignum code | |
| 458 (thanks to Tom St Denis <tomstdenis at iahu.ca>) | |
| 459 - Fix compile error when disabling RSA | |
| 460 (from Marc Kleine-Budde <kleine-budde at gmx.de>) | |
| 461 - Other cleanups, splitting large functions for packet and kex handling etc | |
| 462 | |
| 463 0.33 - Sun June 22 2003 22:24:12 +0800 | |
| 464 | |
| 465 - Fixed some invalid assertions in the channel code, fixing the server dying | |
| 466 when forwarding X11 connections. | |
| 467 - Add dropbearconvert to convert to/from OpenSSH host keys and Dropbear keys | |
| 468 - RSA keys now keep p and q parameters for compatibility -- old Dropbear keys | |
| 469 still work, but can't be converted to OpenSSH etc. | |
| 470 - Debian packaging directory added, thanks to | |
| 471 Grahame (grahame at angrygoats.net) | |
| 472 - 'install' target added to the makefile | |
| 473 - general tidying, improve consistency of functions etc | |
| 474 - If RSA or DSS hostkeys don't exist, that algorithm won't be used. | |
| 475 - Improved RSA and DSS key generation, more efficient and fixed some minor bugs | |
| 476 (thanks to Tom St Denis for the advice) | |
| 477 - Merged new versions of LibTomCrypt (0.86) and LibTomMath (0.21) | |
| 478 | |
| 479 0.32 - Sat May 24 2003 12:44:11 +0800 | |
| 480 | |
| 481 - Don't compile unused code from libtomcrypt (test vectors etc) | |
| 482 - Updated to libtommath 0.17 and libtomcrypt 0.83. New libtommath results | |
| 483 in smaller binary size, due to not linking unrequired code | |
| 484 - X11 forwarding added | |
| 485 - Agent forwarding added (for OpenSSH.com ssh client/agent) | |
| 486 - Fix incorrect buffer freeing when banners are used | |
| 487 - Hostname resolution works | |
| 488 - Various minor bugfixes/code size improvements etc | |
| 489 | |
| 490 0.31 - Fri May 9 2003 17:57:16 +0800 | |
| 491 | |
| 492 - Improved syslog messages - IP logging etc | |
| 493 - Strip control characters from log messages (specified username currently) | |
| 494 - Login recording (utmp/wtmp) support, so last/w/who work - taken from OpenSSH | |
| 495 - Shell is started as a proper login shell, so /etc/profile etc is sourced | |
| 496 - Ptys work on Solaris (2.8 x86 tested) now | |
| 497 - Fixed bug in specifying the rsa hostkey | |
| 498 - Fixed bug in compression code, could trigger if compression resulted in | |
| 499 larger output than input (uncommon but possible). | |
| 500 | |
| 501 0.30 - Thu Apr 17 2003 18:46:15 +0800 | |
| 502 | |
| 503 - SECURITY: buffer.c had bad checking for buffer increment length - fixed | |
| 504 - channel code now closes properly on EOF - scp processes don't hang around | |
| 505 - syslog support added - improved auth/login/failure messages | |
| 506 - general code tidying, made return codes more consistent | |
| 507 - Makefile fixed for dependencies and makes libtomcrypt as well | |
| 508 - Implemented sending SSH_MSG_UNIMPLEMENTED :) | |
| 509 | |
| 510 0.29 - Wed Apr 9 2003 | |
| 511 | |
| 512 - Fixed a stupid bug in 0.28 release, 'newstr = strdup(oldstr)', | |
| 513 not 'newstr=oldstr' | |
| 514 | |
| 515 0.28 - Sun Apr 6 2003 | |
| 516 | |
| 517 - Initial public release | |
| 518 | |
| 519 Development was started in October 2002 |