changeset 437:7319d229799a

0.49 probably done
author Matt Johnston <matt@ucc.asn.au>
date Thu, 22 Feb 2007 15:46:57 +0000
parents 7282370416a0
children 4bfd22bac1dc
files CHANGES dbclient.1 debian/changelog options.h
diffstat 4 files changed, 18 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/CHANGES	Thu Feb 22 15:29:32 2007 +0000
+++ b/CHANGES	Thu Feb 22 15:46:57 2007 +0000
@@ -1,4 +1,8 @@
-0.49test1 - Mon 12 February 2007
+0.49 - Fri 23 February 2007
+
+- Security: dbclient previously would prompt to confirm a 
+  mismatching hostkey but wouldn't warn loudly. It will now
+  exit upon a mismatch.
 
 - Compile fixes, make sure that all variable definitions are at the start
   of a scope.
@@ -9,6 +13,9 @@
 
 - Add -f dbclient option for "background after auth"
 
+- Add ability to limit binding to particular addresses, use 
+  -p [address:]port, patch from Max-Gerd Retzlaff.
+
 - Try to finally fix ss_family compilation problems (for old
   glibc systems)
 
--- a/dbclient.1	Thu Feb 22 15:29:32 2007 +0000
+++ b/dbclient.1	Thu Feb 22 15:46:57 2007 +0000
@@ -70,6 +70,10 @@
 Allow non-local hosts to connect to forwarded ports. Applies to -L and -R
 forwarded ports, though remote connections to -R forwarded ports may be limited
 by the ssh server.
+.TP
+.B \-y
+Always accept hostkeys if they are unknown. If a hostkey mismatch occurs the
+connection will abort as normal.
 .SH AUTHOR
 Matt Johnston ([email protected]).
 .br
--- a/debian/changelog	Thu Feb 22 15:29:32 2007 +0000
+++ b/debian/changelog	Thu Feb 22 15:46:57 2007 +0000
@@ -1,8 +1,8 @@
-dropbear (0.49test1-0.1) unstable; urgency=low
+dropbear (0.49-0.1) unstable; urgency=low
 
   * New upstream release.
 
- -- Matt Johnston <[email protected]>  Mon, 12 Feb 2007 23:59:00 +0900
+ -- Matt Johnston <[email protected]>  Fri, 23 Feb 2007 00:44:00 +0900
 
 dropbear (0.48.1-1) unstable; urgency=medium
 
--- a/options.h	Thu Feb 22 15:29:32 2007 +0000
+++ b/options.h	Thu Feb 22 15:46:57 2007 +0000
@@ -133,7 +133,7 @@
  * You can't enable both PASSWORD and PAM. */
 
 #define ENABLE_SVR_PASSWORD_AUTH
-/*#define ENABLE_SVR_PAM_AUTH */
+/*#define ENABLE_SVR_PAM_AUTH */ /* requires ./configure --enable-pam */
 #define ENABLE_SVR_PUBKEY_AUTH
 
 #define ENABLE_CLI_PASSWORD_AUTH
@@ -182,7 +182,8 @@
 #define MAX_AUTH_TRIES 10
 #endif
 
-/* The file to store the daemon's process ID, for shutdown scripts etc */
+/* The default file to store the daemon's process ID, for shutdown
+   scripts etc. This can be overridden with the -P flag */
 #ifndef DROPBEAR_PIDFILE
 #define DROPBEAR_PIDFILE "/var/run/dropbear.pid"
 #endif
@@ -214,7 +215,7 @@
  *******************************************************************/
 
 #ifndef DROPBEAR_VERSION
-#define DROPBEAR_VERSION "0.49test1"
+#define DROPBEAR_VERSION "0.49"
 #endif
 
 #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION