Mercurial > dropbear
comparison CHANGES @ 1069:2fa71c3b2827 pam
merge pam branch up to date
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Mon, 16 Mar 2015 21:34:05 +0800 |
| parents | 0b365b6a6f08 |
| children | 7cb1f49d89a8 |
comparison
equal
deleted
inserted
replaced
| 1068:9a6395ddb1b6 | 1069:2fa71c3b2827 |
|---|---|
| 1 - Improve efficiency of writing data to local program/pipes, measured 30% for | |
| 2 connections to localhost | |
| 3 | |
| 4 - Use TCP Fast Open on Linux if available. saves a round trip at connection | |
| 5 to hosts that have previously been connected. | |
| 6 Needs a recent Linux kernel and possibly "sysctl -w net.ipv4.tcp_fastopen=3" | |
| 7 | |
| 8 - Forwarded TCP ports connect asynchronously and retry with other available | |
| 9 addresses (IPv4 or IPv6) | |
| 10 | |
| 11 - Free memory before exiting, patch from Thorsten Horstmann. Useful for | |
| 12 Dropbear ports to embedded systems and for checking memory leaks | |
| 13 with valgrind. Only partially implemented for client side. | |
| 14 | |
| 15 - Fix small ECC memory leaks | |
| 16 | |
| 17 2015.67 - Wednesday 28 January 2015 | |
| 18 | |
| 19 - Call fsync() after generating private keys to ensure they aren't lost if a | |
| 20 reboot occurs. Thanks to Peter Korsgaard | |
| 21 | |
| 22 - Disable non-delayed zlib compression by default on the server. Can be | |
| 23 enabled if required for old clients with DROPBEAR_SERVER_DELAY_ZLIB | |
| 24 | |
| 25 - Default client key path ~/.ssh/id_dropbear | |
| 26 | |
| 27 - Prefer stronger algorithms by default, from Fedor Brunner. | |
| 28 AES256 over 3DES | |
| 29 Diffie-hellman group14 over group1 | |
| 30 | |
| 31 - Add option to disable CBC ciphers. | |
| 32 | |
| 33 - Disable twofish in default options.h | |
| 34 | |
| 35 - Enable sha2 HMAC algorithms by default, the code was already required | |
| 36 for ECC key exchange. sha1 is the first preference still for performance. | |
| 37 | |
| 38 - Fix installing dropbear.8 in a separate build directory, from Like Ma | |
| 39 | |
| 40 - Allow configure to succeed if libtomcrypt/libtommath are missing, from Elan Ruusamäe | |
| 41 | |
| 42 - Don't crash if ssh-agent provides an unknown type of key. From Catalin Patulea | |
| 43 | |
| 44 - Minor bug fixes, a few issues found by Coverity scan | |
| 45 | |
| 1 2014.66 - Thursday 23 October 2014 | 46 2014.66 - Thursday 23 October 2014 |
| 2 | 47 |
| 3 - Use the same keepalive handling behaviour as OpenSSH. This will work better | 48 - Use the same keepalive handling behaviour as OpenSSH. This will work better |
| 4 with some SSH implementations that have different behaviour with unknown | 49 with some SSH implementations that have different behaviour with unknown |
| 5 message types. | 50 message types. |