changeset 1769:0e178f767ada

Merge from main
author Matt Johnston <matt@ucc.asn.au>
date Thu, 29 Oct 2020 21:51:41 +0800
parents 096a66e45212 (current diff) c05b76c541c9 (diff)
children 66b29b054896
files
diffstat 6 files changed, 29 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/.hgsigs	Mon Oct 26 23:44:43 2020 +0800
+++ b/.hgsigs	Thu Oct 29 21:51:41 2020 +0800
@@ -28,3 +28,4 @@
 ebcdb893992d286d363e60f5353d6e1401e7084b 0 iQIzBAABCgAdFiEE9zR+8u4uB6JnYoypRJMUlPKcZ3MFAlybhXAACgkQRJMUlPKcZ3O7pQ//QuNJfBVa7ROaOJOR2H/xr6PRn1Fnc6rr/GCF9cqWrbGP6wNo24dRjcu5LxviqPvzfwRXIMXwVz8L/y61/sm6XcA7VFP4+MBoltfeUOdMbfBdtwEUo3WMBdP1w2q5GgYj8ZY6MawiLEqFba5aua7dokTNBOQM3Yebj+9I16MiWEaRSnuwYPoieHW2Fo6oftcIgs/GCXwT2xYzc0n3FpYAbK7u6sEkpL16EstV0Y/G70+X1/4Mg3GM96S5fl9Zbun47W7/+gT4AQVQjE+UnPNDudObAe+2BaOZLFvEbd7iJBBcqtjpBktuP58IEAb3A3srUCy49LNLWk43lj+PtoslK/U6TShKQ2vAgfd//bbn6ieXFJY8N+wYPpJo1m7zpTiEtS7J7wu6vkGGZlqUAj6MHXZj223CgazhSAlg/XFPs9oz3Y96c33Tnd4jB9iEXNNt5jzCAMImx2huSGgnP0JFAbcniq/ug5tl1VWaracvSuJl7fmf17DbmehsLbvtZBoMlePY7Ssfb5IokfVvptt4zRpRZnjtWfHCjtC6zYhtvXTmXH/bqWwx9MMjOf5WPfZoCMvXfMqdVI15FVbxU15WnqjvdvKUCkdz1aMFzxqc4MXgyvjtB9CvO/8WwBOJ2m2nDdiZfh8/H8SawYqEHgB61FX5xA5aXecgXcjQnqWDDxw=
 4877afd51e041eca7749cc46b57fd80aa23815b4 0 iQIzBAABCgAdFiEE9zR+8u4uB6JnYoypRJMUlPKcZ3MFAl7nmREACgkQRJMUlPKcZ3PG1BAAnUl0/nTnQ3CMM3S72DT1JQ1eDxZa14r6r1xEPngU83hNNzmPcnfiMDts+Vz1M3PLxNNOXVVt/MTw04+V9joPhhSWEe8O1pd3lAqTPswL7hhIEbVwZwyFCuAV4iAm+tHKzKLjtjgZfMgij6XylOmw18VBw5R+suoOMclJqeHlJ5m0Mq2wRLDE+RdVCAkulTqhGYjJNQUXMMNPx/cxUo3NHsto9pWL3d1285vBByP6BQSaeYlO012InvJRlQuEkK3lnIyzq6voIc6+tMli0q9iyBz+2GIloBQNAnb6EGaXxqAOBW5NRc+/Oauiu8Yf/6JoFlkAIcPXmGRtxiAiynJImhiTaCFdgdxaXLFzjBvq+tcwVXvvNM52fOZ4Z3QgMDu6EgNWfma0lsg4T3ar2ml2/evuWeLVut5ZmYFHarTFX+/pTVy9nAZK/F5ROJM1prTNYI18PZV4qvULta8spGV2Be0rCkQQubp9RWdKHNGZE70lrX5OnNIwE/D3g2QE04243i0IGBwhlDEpYjqujLyHk8W6XE1CORx0hQ0fUjzKZsRvOB7XyMAFpQUVOhoMFcnk5XHDW6B/U7NAxzqNqO+gbHO/UIeuy/KOVlMNJCmtRL/HYNGZ6SCZbRpyX3d8Ow0sasNfJkZrT6a0Tf6lZktWOxtPkoEDLfuCzudzn4JxGQM=
 88f63b8b0f131f24aa90c9b852622b922b1ad738 0 iQIzBAABCgAdFiEE9zR+8u4uB6JnYoypRJMUlPKcZ3MFAl71/sAACgkQRJMUlPKcZ3OlSQ/9GYLotOmsYK0gvSfWLYR9a8WGgT/4EU6RgAkMBLS9TBp0E3V4VUDralnqoId7hNO2cUkRS7boOM2g4/YRShah8gonSJa70lKjUpDeQUPuGwUYWLNKr9qxJtnAcd1rOE4WYxKEUfjPWHBbVsT3QIIdj1Zy31GDKZgELRBQeOyt62RdXYHMaMHHDgg2U/wO9bcRRe5G7mYJf7Vm8sAWyTZXvta2jORxgs4XxWe7xJ9Dj0lMSG5HmfvH5NrGHM1GK3pL0GREKj2+xNSFdkSeHIgSSoHM2qZTVSWtNfx0+fZaRBgvXPPYzDTTghj1mKEaPFoRzg/B8s+NmHupJftT1yyapKFjALo1N6eaPHRRSwVfmnoWSJLu4fwL8TK5wMJr9eGl3QgAnperQPEFT9UHJBIwZ1D+RMuI3pEESdHBJFAYIAyisJI6XyzMhLsysoShlHs6OjFcJ9jTe4pzg9pO+KaPbLYsBJxJUsrtHwV8P9CHxY6CEuKm0AZjYDopYhzLuAUjGJjYDf/C9vJ/xtTOqIm9nywfcFwqgLrmQFhNHHGyOJVr+y/cey1sT9E4/gBv9kor+6qSITALv2g0JTaOpzpkE0zbafUy2r777Wex4WNQEha6bYZFi2aiqxqqX93UHzv+YhmN8n9mlc21xoZMPNtAb2mSxx7rO+PScb5uflKOCYE=
+5879c5829e8569466386e7c64252b01b99705628 0 iQIzBAABCgAdFiEE9zR+8u4uB6JnYoypRJMUlPKcZ3MFAl+axlIACgkQRJMUlPKcZ3PZuhAAkzCj+lOt2hHigIHB0zkNUC9nRIE1TItJD4wqQ03nMY4ycBMsb74o1AHsQTtVG6sm2YGSmQuZ0VxG1iuW9nKTsM1hzB40G45i5waIEzxVG8PbZ2i6zLK2Xz2YQ+FBvIg1EKfH7Dyd3r4FqYxauGOQdrUiKwuc3H4r65HpUmT0tIypqahFoRmj1+K/ZSPak0+ZPL27VQ4b/Ts8QS7XwFYTZsMDovYNdFJmaMhBbBe33/zGFWBPk6NCJWrBd3jmJN/LhZp0a5T4fAZ6iA2WjXDWOSiWZaLLk49zM6WYrc4QihEj7ngecj/UUXKR/sWPva8+rHf9YQLZu2lc6IMABCpUkeKLFoJqzvnKGA2rhl1LpRcnNA30/7yJt0YhfFcKhBkjjSxiOH3v0qMPADHMo5poqCKH/x4TVGVyVgzCqcxd+AzsDu77fzfzbxlyQ7wp+VmwXmeHbPfuBc8u9HUBa6Fc4b667aDD26a2S9VKdRYuSp3DkOwCLJUmRqmw+sXKvXlPyxPMUxOi/4R5nbJacD5Js1AH7WH49pAFMJ6bDCQ8QEmOh+Qpqc3RzTBwt1CLl+zt0NLKDmRYSgAY9GZpuju7r+aj2Semjd7nwmq4Y5xtWCh673lea/n7JS0mtBWouVbGgMJErg7QjuqOS3oE77viLcGLpX9niDcGvCL/N3gE13A=
--- a/.hgtags	Mon Oct 26 23:44:43 2020 +0800
+++ b/.hgtags	Thu Oct 29 21:51:41 2020 +0800
@@ -60,3 +60,4 @@
 009d52ae26d35f3381c801e02318fa9be34be93c DROPBEAR_2019.78
 e2e4929d057b09422f2ea4556fb64209aff58161 DROPBEAR_2020.79
 73646de50f1351735c868d4874f058ff9ad62c96 DROPBEAR_2020.80
+4b984c42372d01fcc2fd487c58af6a5aa65eb88e DROPBEAR_2020.81
--- a/CHANGES	Mon Oct 26 23:44:43 2020 +0800
+++ b/CHANGES	Thu Oct 29 21:51:41 2020 +0800
@@ -1,3 +1,22 @@
+2020.81 - 29 October 2020
+
+- Fix regression in 2020.79 which prevented connecting with some SSH 
+  implementations. Increase MAX_PROPOSED_ALGO to 50, and print a log 
+  message if the limit is hit. This fixes interoperability with sshj 
+  library (used by PyCharm), and GoAnywhere.
+  Reported by Pirmin Walthert and Piotr Jurkiewicz
+
+- Fix building with non-GCC compilers, reported by Kazuo Kuroi
+
+- Fix potential long delay in dbclient, found by OSS Fuzz
+
+- Fix null pointer dereference crash, found by OSS Fuzz
+
+- libtommath now uses the same random source as Dropbear (in 2020.79 
+  and 2020.80 used getrandom() separately)
+
+- Some fuzzing improvements, start of a dbclient fuzzer
+
 2020.80 - 26 June 2020
 
 - Don't block authorized_keys logins with no-X11-forwarding or no-agent-forwarding 
--- a/common-algo.c	Mon Oct 26 23:44:43 2020 +0800
+++ b/common-algo.c	Thu Oct 29 21:51:41 2020 +0800
@@ -396,7 +396,7 @@
 
 		if (algolist[i] == ',') {
 			if (*ret_count >= max_count) {
-				dropbear_log(LOG_WARNING, "Too many remote algorithms");
+				dropbear_exit("Too many remote algorithms");
 				*ret_count = 0;
 				return;
 			}
--- a/debian/changelog	Mon Oct 26 23:44:43 2020 +0800
+++ b/debian/changelog	Thu Oct 29 21:51:41 2020 +0800
@@ -1,3 +1,9 @@
+dropbear (2020.81-0.1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Matt Johnston <[email protected]>  Thu, 29 Oct 2020 22:51:57 +0800
+
 dropbear (2020.80-0.1) unstable; urgency=low
 
   * New upstream release.
--- a/sysoptions.h	Mon Oct 26 23:44:43 2020 +0800
+++ b/sysoptions.h	Thu Oct 29 21:51:41 2020 +0800
@@ -4,7 +4,7 @@
  *******************************************************************/
 
 #ifndef DROPBEAR_VERSION
-#define DROPBEAR_VERSION "2020.80"
+#define DROPBEAR_VERSION "2020.81"
 #endif
 
 #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION