view debian/changelog @ 1672:3a97f14c0235

Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) * Add Chacha20-Poly1305 authenticated encryption * Add general AEAD approach. * Add [email protected] algo using LibTomCrypt chacha and poly1305 routines. Chacha20-Poly1305 is generally faster than AES256 on CPU w/o dedicated AES instructions, having the same key size. Compiling in will add ~5,5kB to binary size on x86-64. function old new delta chacha_crypt - 1397 +1397 _poly1305_block - 608 +608 poly1305_done - 595 +595 dropbear_chachapoly_crypt - 457 +457 .rodata 26976 27392 +416 poly1305_process - 290 +290 poly1305_init - 221 +221 chacha_setup - 218 +218 encrypt_packet 1068 1270 +202 dropbear_chachapoly_getlength - 147 +147 decrypt_packet 756 897 +141 chacha_ivctr64 - 137 +137 read_packet 543 637 +94 dropbear_chachapoly_start - 94 +94 read_kex_algos 792 880 +88 chacha_keystream - 69 +69 dropbear_mode_chachapoly - 48 +48 sshciphers 280 320 +40 dropbear_mode_none 24 48 +24 dropbear_mode_ctr 24 48 +24 dropbear_mode_cbc 24 48 +24 dropbear_chachapoly_mac - 24 +24 dropbear_chachapoly - 24 +24 gen_new_keys 848 854 +6 ------------------------------------------------------------------------------ (add/remove: 14/0 grow/shrink: 10/0 up/down: 5388/0) Total: 5388 bytes * Add AES128-GCM and AES256-GCM authenticated encryption * Add general AES-GCM mode. * Add [email protected] and [email protected] algo using LibTomCrypt gcm routines. AES-GCM is combination of AES CTR mode and GHASH, slower than AES-CTR on CPU w/o dedicated AES/GHASH instructions therefore disabled by default. Compiling in will add ~6kB to binary size on x86-64. function old new delta gcm_process - 1060 +1060 .rodata 26976 27808 +832 gcm_gf_mult - 820 +820 gcm_add_aad - 660 +660 gcm_shift_table - 512 +512 gcm_done - 471 +471 gcm_add_iv - 384 +384 gcm_init - 347 +347 dropbear_gcm_crypt - 309 +309 encrypt_packet 1068 1270 +202 decrypt_packet 756 897 +141 gcm_reset - 118 +118 read_packet 543 637 +94 read_kex_algos 792 880 +88 sshciphers 280 360 +80 gcm_mult_h - 80 +80 dropbear_gcm_start - 62 +62 dropbear_mode_gcm - 48 +48 dropbear_mode_none 24 48 +24 dropbear_mode_ctr 24 48 +24 dropbear_mode_cbc 24 48 +24 dropbear_ghash - 24 +24 dropbear_gcm_getlength - 24 +24 gen_new_keys 848 854 +6 ------------------------------------------------------------------------------ (add/remove: 14/0 grow/shrink: 10/0 up/down: 6434/0) Total: 6434 bytes
author Vladislav Grishenko <themiron@users.noreply.github.com>
date Mon, 25 May 2020 20:50:25 +0500
parents 009d52ae26d3
children 25b0ce1936c4
line wrap: on
line source

dropbear (2019.78-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Wed, 27 Mar 2019 22:51:57 +0800

dropbear (2019.77-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Sat, 23 Mar 2019 22:51:57 +0800

dropbear (2018.76-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Tue, 27 Feb 2018 22:51:57 +0800

dropbear (2017.75-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Thu, 18 May 2017 22:51:57 +0800

dropbear (2016.74-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Thu, 21 Jul 2016 22:51:57 +0800

dropbear (2016.73-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Fri, 18 Mar 2016 22:52:58 +0800

dropbear (2016.72-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Wed, 10 Mar 2016 22:52:58 +0800

dropbear (2015.70-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Thu, 26 Nov 2015 22:52:58 +0800

dropbear (2015.69-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Wed, 25 Nov 2015 22:52:58 +0800

dropbear (2015.68-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Sat, 8 Aug 2015 22:52:58 +0800

dropbear (2015.67-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Wed, 28 Jan 2015 22:53:59 +0800

dropbear (2014.66-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Thu, 23 Oct 2014 22:54:00 +0800

dropbear (2014.65-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Fri, 8 Aug 2014 22:54:00 +0800

dropbear (2014.64-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Sun, 27 Jul 2014 22:54:00 +0800

dropbear (2014.63-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Wed, 19 Feb 2014 22:54:00 +0800

dropbear (2013.62) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Tue, 7 Dec 2013 22:54:00 +0800

dropbear (2013.60-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Wed, 16 Oct 2013 22:54:00 +0800

dropbear (2013.59-0.1) unstable; urgency=low

  * New upstream release.
  * Build with DEB_BUILD_MAINT_OPTIONS = hardening=+all

 -- Matt Johnston <[email protected]>  Fri, 4 Oct 2013 22:54:00 +0800

dropbear (2013.58-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Thu, 18 Apr 2013 22:54:00 +0800

dropbear (2013.57-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Mon, 15 Apr 2013 22:54:00 +0800

dropbear (2013.56-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Thu, 21 Mar 2013 22:54:00 +0800

dropbear (2012.55-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Wed, 22 Feb 2012 22:54:00 +0800

dropbear (2011.54-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Tues, 8 Nov 2011 22:54:00 +0800

dropbear (0.53.1-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Wed, 2 Mar 2011 22:54:00 +0900

dropbear (0.53-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Thu, 24 Feb 2011 22:54:00 +0900

dropbear (0.52-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Wed, 12 Nov 2008 22:54:00 +0900

dropbear (0.51-0.1) unstable; urgency=low

  * New upstream release.

 -- Matt Johnston <[email protected]>  Thu, 27 Mar 2008 19:14:00 +0900

dropbear (0.50-4) unstable; urgency=low

  * debian/dropbear.init: apply patch from Petter Reinholdtsen: add LSB
    formatted dependency info in init.d script (closes: #466257).
  * debian/rules: no longer include symlinks for ./supervise/ subdirectories.
  * debian/dropbear.postinst: upgrade from << 0.50-4: if dropbear is managed
    by runit, remove service, and re-add using update-service(8).
  * debian/control: Standards-Version: 3.7.3.0.
  * debian/rules: target clean: don't ignore errors but check for readable
    ./Makefile.

 -- Gerrit Pape <[email protected]>  Thu, 06 Mar 2008 19:06:58 +0000

dropbear (0.50-3) unstable; urgency=low

  * debian/dropbear.init: use the update-service(8) program from the runit
    package instead of directly checking for the symlink in /var/service/.
  * debian/README.runit: talk about update-service(8) instead of symlinks
    in /var/service/.

 -- Gerrit Pape <[email protected]>  Fri, 15 Feb 2008 00:32:37 +0000

dropbear (0.50-2) unstable; urgency=low

  * debian/dropbear.README.Debian: no longer talk about entropy from
    /dev/random, /dev/urandom is now used by default (thx Joey Hess,
    closes: #441515).

 -- Gerrit Pape <[email protected]>  Mon, 24 Sep 2007 16:49:17 +0000

dropbear (0.50-1) unstable; urgency=low

  * debian/README.runit: minor.
  * new upstream version.
  * debian/diff/0001-options.h-use-dev-urandom-instead-of-dev-random-a.diff:
    remove; fixed upstream.

 -- Gerrit Pape <[email protected]>  Thu, 09 Aug 2007 23:01:01 +0000

dropbear (0.49-2) unstable; urgency=low

  * debian/rules: apply diffs from debian/diff/ with patch -p1 instead of
    -p0.
  * debian/diff/0001-options.h-use-dev-urandom-instead-of-dev-random-a.diff:
    new; options.h: use /dev/urandom instead of /dev/random as
    DROPBEAR_RANDOM_DEV (closes: #386976).
  * debian/rules: target clean: remove libtomcrypt/Makefile,
    libtommath/Makefile.

 -- Gerrit Pape <[email protected]>  Sat, 09 Jun 2007 08:59:59 +0000

dropbear (0.49-1) unstable; urgency=high

  * new upstream release, fixes
    * CVE-2007-1099: dropbear dbclient insufficient warning on hostkey
      mismatch (closes: #412899).
    * dbclient uses static "Password:" prompt instead of using the server's
      prompt (closes: #394996).
  * debian/control: Suggests: openssh-client, not ssh (closes: #405686);
    Standards-Version: 3.7.2.2.
  * debian/README.Debian: ssh -> openssh-server, openssh-client; remove
    'Replacing OpenSSH "sshd" with Dropbear' part, this is simply done by not
    installing the openssh-server package.
  * debian/README.runit: runsvstat -> sv status.

 -- Gerrit Pape <[email protected]>  Fri,  2 Mar 2007 20:48:18 +0000

dropbear (0.48.1-1) unstable; urgency=medium

  * new upstream point release.
    * Compile fix for scp
  * debian/diff/dbclient.1.diff: new: document -R option to dbclient
    accurately (thx Markus Schaber; closes: #351882).
  * debian/dropbear.README.Debian: document a workaround for systems with
    possibly blocking /dev/random device (closes: #355414)..

 -- Gerrit Pape <[email protected]>  Sun, 16 Apr 2006 16:16:40 +0000

dropbear (0.48-1) unstable; urgency=medium

  * New upstream release.
  * SECURITY: Improve handling of denial of service attempts from a single
    IP.

  * debian/implicit: update to revision 1.11.
  * new upstream release updates to scp from OpenSSH 4.3p2 - fixes a
    security issue where use of system() could cause users to execute
    arbitrary code through malformed filenames; CVE-2006-0225 (see also
    #349645); the scp binary is not provided by this package though.

 -- Gerrit Pape <[email protected]>  Fri, 10 Mar 2006 22:00:32 +0000

dropbear (0.47-1) unstable; urgency=high

  * New upstream release.
  * SECURITY: Fix incorrect buffer sizing; CVE-2005-4178.

 -- Matt Johnston <[email protected]>  Thu, 8 Dec 2005 19:20:21 +0800

dropbear (0.46-2) unstable; urgency=low

  * debian/control: Standards-Version: 3.6.2.1; update descriptions to
    mention included server and client (thx Tino Keitel).
  * debian/dropbear.init: allow '/etc/init.d/dropbear stop' even though
    'NO_START is not set to zero.' (closes: #336723).

 -- Gerrit Pape <[email protected]>  Tue,  6 Dec 2005 13:30:49 +0000

dropbear (0.46-1) unstable; urgency=medium

  * New upstream release, various fixes.
  * debian/diff/dbclient-usage-typo.diff, debian/diff/manpages.diff: remove;
    obsolete.
  * debian/dbclient.1: move to ./dbclient.1.

 -- Matt Johnston <[email protected]>  Fri, 8 July 2005 21:32:55 +0800

dropbear (0.45-3) unstable; urgency=low

  * debian/dropbear.init: init script prints human readable message in case
    it's disabled (closes: #309099).
  * debian/dropbear.postinst: configure: restart service through init script
    instead of start.
  * debian/dropbear.prerm: set -u -> set -e.

 -- Gerrit Pape <[email protected]>  Wed, 25 May 2005 22:38:17 +0000

dropbear (0.45-2) unstable; urgency=low

  * Matt Johnston:
    * New upstream release, various fixes.

 -- Gerrit Pape <[email protected]>  Sat, 12 Mar 2005 15:17:55 +0000

dropbear (0.44-1) unstable; urgency=low

  * New upstream release.
  * debian/rules: install /usr/bin/dbclient; handle possible patches more
    gracefully; install debian/dbclient.1 man page; enable target patch;
    minor.
  * debian/implicit: update to revision 1.10.
  * debian/dbclient.1: new; man page.
  * debian/diff/dbclient-usage-typo.diff: new; fix typo.
  * debian/diff/manpages.diff: new; add references to dbclient man page.

 -- Gerrit Pape <[email protected]>  Sat,  8 Jan 2005 22:50:43 +0000

dropbear (0.43-2) unstable; urgency=high

  * Matt Johnston:
    * New upstream release 0.43
    * SECURITY: Don't attempt to free uninitialised buffers in DSS verification
      code
    * Handle portforwarding to servers which don't send any initial data
      (Closes: #258426)
  * debian/dropbear.postinst: remove code causing bothersome warning on
    package install (closes: #256752).
  * debian/README.Debian.diet: new; how to build with the diet libc.
  * debian/dropbear.docs: add debian/README.Debian.diet.
  * debian/rules: support "diet" in DEB_BUILD_OPTIONS; minor cleanup.

 -- Gerrit Pape <[email protected]>  Sat, 17 Jul 2004 19:31:19 +0000

dropbear (0.42-1) unstable; urgency=low

  * New upstream release 0.42.
  * debian/diff/cvs-20040520.diff: remove; obsolete.
  * debian/rules: disable target patch.

 -- Matt Johnston <[email protected]>  Wed, 16 June 2004 12:44:54 +0800

dropbear (0.41-3) unstable; urgency=low

  * 1st upload to the Debian archive (closes: #216553).
  * debian/diff/cvs-20040520.diff: new; stable cvs snapshot.
  * debian/rules: new target patch: apply diffs in debian/diff/, reverse
    apply in target clean; install man pages.
  * debian/control: Priority: optional.

 -- Gerrit Pape <[email protected]>  Sun, 23 May 2004 08:32:37 +0000

dropbear (0.41-2) unstable; urgency=low

  * new maintainer.
  * debian/control: no longer Build-Depends: debhelper; Build-Depends:
    libz-dev; Standards-Version: 3.6.1.0; Suggests: runit; update
    descriptions.
  * debian/rules: stop using debhelper, use implicit rules; cleanup;
    install dropbearconvert into /usr/lib/dropbear/.
  * debian/impicit: new; implicit rules.
  * debian/copyright.in: adapt.
  * debian/dropbear.init: minor adaptions; test for dropbear service
    directory.
  * debian/README.runit: new; how to use dropbear with runit.
  * debian/README.Debian, debian/docs: rename to debian/dropbear.*.
  * debian/dropbear.docs: add debian/README.runit
  * debian/conffiles: rename to debian/dropbear.conffiles; add init
    script, and run scripts.
  * debian/postinst: rename to debian/dropbear.postinst; adapt; use
    invloke-rc.d dropbear start.
  * debian/dropbear.prerm: new; invoke-rc.d dropbear stop.
  * debian/postrm: rename to debian/dropbear.postrm; adapt; clean up
    service directories.
  * debian/compat, debian/dirs, dropbear.default: remove; obsolete.

 -- Gerrit Pape <[email protected]>  Sun, 16 May 2004 16:50:55 +0000

dropbear (0.41-1) unstable; urgency=low

  * Updated to 0.41 release.
  * Various minor fixes

 -- Matt Johnston <[email protected]>  Mon, 19 Jan 2004 23:20:54 +0800

dropbear (0.39-1) unstable; urgency=low

  * updated to 0.39 release. Some new features, some bugfixes.

 -- Matt Johnston <[email protected]>  Tue, 16 Dec 2003 16:20:54 +0800

dropbear (0.38-1) unstable; urgency=medium

  * updated to 0.38 release - various important bugfixes

 -- Matt Johnston <[email protected]>  Sat, 11 Oct 2003 16:28:54 +0800

dropbear (0.37-1) unstable; urgency=medium

  * updated to 0.37 release - various important bugfixes

 -- Matt Johnston <[email protected]>  Wed, 24 Sept 2003 19:43:54 +0800

dropbear (0.36-1) unstable; urgency=high

  * updated to 0.36 release - various important bugfixes

 -- Matt Johnston <[email protected]>  Tues, 19 Aug 2003 12:20:54 +0800

dropbear (0.35-1) unstable; urgency=high

  * updated to 0.35 release - contains fix for remotely exploitable
    vulnerability.

 -- Matt Johnston <[email protected]>  Sun, 17 Aug 2003 05:37:47 +0800

dropbear (0.34-1) unstable; urgency=medium

  * updated to 0.34 release

 -- Matt Johnston <[email protected]>  Fri, 15 Aug 2003 15:10:00 +0800

dropbear (0.33-1) unstable; urgency=medium

  * updated to 0.33 release

 -- Matt Johnston <[email protected]>  Sun, 22 Jun 2003 22:22:00 +0800

dropbear (0.32cvs-1) unstable; urgency=medium

  * now maintained in UCC CVS
  * debian/copyright.in file added, generated from LICENSE

 -- Grahame Bowland <[email protected]>  Tue, 21 Jun 2003 17:57:02 +0800

dropbear (0.32cvs-1) unstable; urgency=medium

  * sync with CVS
  * fixes X crash bug

 -- Grahame Bowland <[email protected]>  Tue, 20 Jun 2003 15:04:47 +0800

dropbear (0.32-2) unstable; urgency=low

  * fix creation of host keys to use correct names in /etc/dropbear
  * init script "restart" function fixed
  * purging this package now deletes the host keys and /etc/dropbear
  * change priority in debian/control to 'standard'

 -- Grahame Bowland <[email protected]>  Tue, 17 Jun 2003 15:04:47 +0800

dropbear (0.32-1) unstable; urgency=low

  * Initial Release.

 -- Grahame Bowland <[email protected]>  Tue, 17 Jun 2003 15:04:47 +0800