Mercurial > dropbear
comparison CHANGES @ 1147:809feaa9408f DROPBEAR_2015.68
changelog and version 2015.68
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Sat, 08 Aug 2015 20:35:28 +0800 |
parents | 63ac2261e1b0 |
children | 4ab757b14b2d |
comparison
equal
deleted
inserted
replaced
1146:3c8403f4669d | 1147:809feaa9408f |
---|---|
1 - Improve efficiency of writing data to local program/pipes, measured 30% increase | 1 2015.68 - Saturday 8 August 2015 |
2 | |
3 - Reduce local data copying for improved efficiency. Measured 30% | |
2 increase in throughput for connections to localhost | 4 increase in throughput for connections to localhost |
3 | 5 |
4 - Use TCP Fast Open on Linux if available. saves a round trip at connection | 6 - Forwarded TCP ports connect asynchronously and try all available addresses |
7 (IPv4, IPv6, round robin DNS) | |
8 | |
9 - Fix all compile warnings, many patches from Gaël Portay | |
10 Note that configure with -Werror may not be successful on some platforms (OS X) | |
11 and some configuration options may still result in unused variable | |
12 warnings. | |
13 | |
14 - Use TCP Fast Open on Linux if available. Saves a round trip at connection | |
5 to hosts that have previously been connected. | 15 to hosts that have previously been connected. |
6 Needs a recent Linux kernel and possibly "sysctl -w net.ipv4.tcp_fastopen=3" | 16 Needs a recent Linux kernel and possibly "sysctl -w net.ipv4.tcp_fastopen=3" |
7 Client side is disabled by default pending further compatibility testing | 17 Client side is disabled by default pending further compatibility testing |
8 with networks and systems. | 18 with networks and systems. |
9 | 19 |
10 - Forwarded TCP ports connect asynchronously and retry with other available | 20 - Increase maximum command length to 9000 bytes |
11 addresses (IPv4 versus IPv6, round robin IPs) | |
12 | 21 |
13 - Free memory before exiting, patch from Thorsten Horstmann. Useful for | 22 - Free memory before exiting, patch from Thorsten Horstmann. Useful for |
14 Dropbear ports to embedded systems and for checking memory leaks | 23 Dropbear ports to embedded systems and for checking memory leaks |
15 with valgrind. Only partially implemented for client side. | 24 with valgrind. Only partially implemented for dbclient. |
16 | 25 This is disabled by default, enable with DROPBEAR_CLEANUP in sysoptions.h |
17 - Fix all compile warnings, patch from Gaël Portay | 26 |
18 (note that configure with -Werror may not be successful on some platforms | 27 - DROPBEAR_DEFAULT_CLI_AUTHKEY setting now always prepends home directory unless |
19 such as OS X and some configuration options may result in unused variable | 28 there is a leading slash (~ isn't treated specially) |
20 warnings) | |
21 | 29 |
22 - Fix small ECC memory leaks | 30 - Fix small ECC memory leaks |
23 | 31 |
24 - Tighten validation of Diffie-Hellman parameters, from Florent Daigniere of | 32 - Tighten validation of Diffie-Hellman parameters, from Florent Daigniere of |
25 Matta Consulting. Odds of bad values are around 2**-512 -- improbable. | 33 Matta Consulting. Odds of bad values are around 2**-512 -- improbable. |
27 - Twofish-ctr cipher is supported though disabled by default | 35 - Twofish-ctr cipher is supported though disabled by default |
28 | 36 |
29 - Fix pre-authentication timeout when waiting for client SSH-2.0 banner, thanks | 37 - Fix pre-authentication timeout when waiting for client SSH-2.0 banner, thanks |
30 to CL Ouyang | 38 to CL Ouyang |
31 | 39 |
32 - Increase maximum command size to 9000 bytes | 40 - Fix null pointer crash with restrictions in authorized_keys without a command, patch from |
33 | 41 Guilhem Moulin |
34 - DROPBEAR_DEFAULT_CLI_AUTHKEY setting now always prepends home directory unless | 42 |
35 there is a leading slash (~ isn't treated specially) | 43 - Ensure authentication timeout is handled while reading the initial banner, |
44 thanks to CL Ouyang for finding it. | |
45 | |
46 - Fix null pointer crash when handling bad ECC keys. Found by afl-fuzz | |
36 | 47 |
37 2015.67 - Wednesday 28 January 2015 | 48 2015.67 - Wednesday 28 January 2015 |
38 | 49 |
39 - Call fsync() after generating private keys to ensure they aren't lost if a | 50 - Call fsync() after generating private keys to ensure they aren't lost if a |
40 reboot occurs. Thanks to Peter Korsgaard | 51 reboot occurs. Thanks to Peter Korsgaard |