Mercurial > dropbear
comparison CHANGES @ 1069:2fa71c3b2827 pam
merge pam branch up to date
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Mon, 16 Mar 2015 21:34:05 +0800 |
parents | 0b365b6a6f08 |
children | 7cb1f49d89a8 |
comparison
equal
deleted
inserted
replaced
1068:9a6395ddb1b6 | 1069:2fa71c3b2827 |
---|---|
1 - Improve efficiency of writing data to local program/pipes, measured 30% for | |
2 connections to localhost | |
3 | |
4 - Use TCP Fast Open on Linux if available. saves a round trip at connection | |
5 to hosts that have previously been connected. | |
6 Needs a recent Linux kernel and possibly "sysctl -w net.ipv4.tcp_fastopen=3" | |
7 | |
8 - Forwarded TCP ports connect asynchronously and retry with other available | |
9 addresses (IPv4 or IPv6) | |
10 | |
11 - Free memory before exiting, patch from Thorsten Horstmann. Useful for | |
12 Dropbear ports to embedded systems and for checking memory leaks | |
13 with valgrind. Only partially implemented for client side. | |
14 | |
15 - Fix small ECC memory leaks | |
16 | |
17 2015.67 - Wednesday 28 January 2015 | |
18 | |
19 - Call fsync() after generating private keys to ensure they aren't lost if a | |
20 reboot occurs. Thanks to Peter Korsgaard | |
21 | |
22 - Disable non-delayed zlib compression by default on the server. Can be | |
23 enabled if required for old clients with DROPBEAR_SERVER_DELAY_ZLIB | |
24 | |
25 - Default client key path ~/.ssh/id_dropbear | |
26 | |
27 - Prefer stronger algorithms by default, from Fedor Brunner. | |
28 AES256 over 3DES | |
29 Diffie-hellman group14 over group1 | |
30 | |
31 - Add option to disable CBC ciphers. | |
32 | |
33 - Disable twofish in default options.h | |
34 | |
35 - Enable sha2 HMAC algorithms by default, the code was already required | |
36 for ECC key exchange. sha1 is the first preference still for performance. | |
37 | |
38 - Fix installing dropbear.8 in a separate build directory, from Like Ma | |
39 | |
40 - Allow configure to succeed if libtomcrypt/libtommath are missing, from Elan Ruusamäe | |
41 | |
42 - Don't crash if ssh-agent provides an unknown type of key. From Catalin Patulea | |
43 | |
44 - Minor bug fixes, a few issues found by Coverity scan | |
45 | |
1 2014.66 - Thursday 23 October 2014 | 46 2014.66 - Thursday 23 October 2014 |
2 | 47 |
3 - Use the same keepalive handling behaviour as OpenSSH. This will work better | 48 - Use the same keepalive handling behaviour as OpenSSH. This will work better |
4 with some SSH implementations that have different behaviour with unknown | 49 with some SSH implementations that have different behaviour with unknown |
5 message types. | 50 message types. |