Mercurial > dropbear
comparison CHANGES @ 1173:d734fe76b72f coverity
merge
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Mon, 23 Nov 2015 23:04:48 +0800 |
| parents | 809feaa9408f |
| children | 4ab757b14b2d |
comparison
equal
deleted
inserted
replaced
| 1144:624fc24cfae5 | 1173:d734fe76b72f |
|---|---|
| 1 - Improve efficiency of writing data to local program/pipes, measured 30% increase | 1 2015.68 - Saturday 8 August 2015 |
| 2 | |
| 3 - Reduce local data copying for improved efficiency. Measured 30% | |
| 2 increase in throughput for connections to localhost | 4 increase in throughput for connections to localhost |
| 3 | 5 |
| 4 - Use TCP Fast Open on Linux if available. saves a round trip at connection | 6 - Forwarded TCP ports connect asynchronously and try all available addresses |
| 7 (IPv4, IPv6, round robin DNS) | |
| 8 | |
| 9 - Fix all compile warnings, many patches from Gaël Portay | |
| 10 Note that configure with -Werror may not be successful on some platforms (OS X) | |
| 11 and some configuration options may still result in unused variable | |
| 12 warnings. | |
| 13 | |
| 14 - Use TCP Fast Open on Linux if available. Saves a round trip at connection | |
| 5 to hosts that have previously been connected. | 15 to hosts that have previously been connected. |
| 6 Needs a recent Linux kernel and possibly "sysctl -w net.ipv4.tcp_fastopen=3" | 16 Needs a recent Linux kernel and possibly "sysctl -w net.ipv4.tcp_fastopen=3" |
| 7 Client side is disabled by default pending further compatibility testing | 17 Client side is disabled by default pending further compatibility testing |
| 8 with networks and systems. | 18 with networks and systems. |
| 9 | 19 |
| 10 - Forwarded TCP ports connect asynchronously and retry with other available | 20 - Increase maximum command length to 9000 bytes |
| 11 addresses (IPv4 versus IPv6, round robin IPs) | |
| 12 | 21 |
| 13 - Free memory before exiting, patch from Thorsten Horstmann. Useful for | 22 - Free memory before exiting, patch from Thorsten Horstmann. Useful for |
| 14 Dropbear ports to embedded systems and for checking memory leaks | 23 Dropbear ports to embedded systems and for checking memory leaks |
| 15 with valgrind. Only partially implemented for client side. | 24 with valgrind. Only partially implemented for dbclient. |
| 16 | 25 This is disabled by default, enable with DROPBEAR_CLEANUP in sysoptions.h |
| 17 - Fix all compile warnings, patch from Gaël Portay | 26 |
| 18 (note that configure with -Werror may not be successful on some platforms | 27 - DROPBEAR_DEFAULT_CLI_AUTHKEY setting now always prepends home directory unless |
| 19 such as OS X and some configuration options may result in unused variable | 28 there is a leading slash (~ isn't treated specially) |
| 20 warnings) | |
| 21 | 29 |
| 22 - Fix small ECC memory leaks | 30 - Fix small ECC memory leaks |
| 23 | 31 |
| 24 - Tighten validation of Diffie-Hellman parameters, from Florent Daigniere of | 32 - Tighten validation of Diffie-Hellman parameters, from Florent Daigniere of |
| 25 Matta Consulting. Odds of bad values are around 2**-512 -- improbable. | 33 Matta Consulting. Odds of bad values are around 2**-512 -- improbable. |
| 27 - Twofish-ctr cipher is supported though disabled by default | 35 - Twofish-ctr cipher is supported though disabled by default |
| 28 | 36 |
| 29 - Fix pre-authentication timeout when waiting for client SSH-2.0 banner, thanks | 37 - Fix pre-authentication timeout when waiting for client SSH-2.0 banner, thanks |
| 30 to CL Ouyang | 38 to CL Ouyang |
| 31 | 39 |
| 32 - Increase maximum command size to 9000 bytes | 40 - Fix null pointer crash with restrictions in authorized_keys without a command, patch from |
| 33 | 41 Guilhem Moulin |
| 34 - DROPBEAR_DEFAULT_CLI_AUTHKEY setting now always prepends home directory unless | 42 |
| 35 there is a leading slash (~ isn't treated specially) | 43 - Ensure authentication timeout is handled while reading the initial banner, |
| 44 thanks to CL Ouyang for finding it. | |
| 45 | |
| 46 - Fix null pointer crash when handling bad ECC keys. Found by afl-fuzz | |
| 36 | 47 |
| 37 2015.67 - Wednesday 28 January 2015 | 48 2015.67 - Wednesday 28 January 2015 |
| 38 | 49 |
| 39 - Call fsync() after generating private keys to ensure they aren't lost if a | 50 - Call fsync() after generating private keys to ensure they aren't lost if a |
| 40 reboot occurs. Thanks to Peter Korsgaard | 51 reboot occurs. Thanks to Peter Korsgaard |