changeset 1125:7cb1f49d89a8

a bit more changelog
author Matt Johnston <>
date Fri, 12 Jun 2015 22:55:10 +0800
parents 6aeadee3f16b
children b803ad2b9f4c
diffstat 1 files changed, 16 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/CHANGES	Thu Jun 04 23:24:08 2015 +0800
+++ b/CHANGES	Fri Jun 12 22:55:10 2015 +0800
@@ -1,19 +1,32 @@
-- Improve efficiency of writing data to local program/pipes, measured 30% for
-  connections to localhost
+- Improve efficiency of writing data to local program/pipes, measured 30% increase
+  increase in throughput for connections to localhost
 - Use TCP Fast Open on Linux if available. saves a round trip at connection
   to hosts that have previously been connected. 
   Needs a recent Linux kernel and possibly "sysctl -w net.ipv4.tcp_fastopen=3"
+  Client side is disabled by default pending further compatibility testing
+  with networks and systems.
 - Forwarded TCP ports connect asynchronously and retry with other available
-  addresses (IPv4 or IPv6)
+  addresses (IPv4 or IPv6, round robin IPs)
 - Free memory before exiting, patch from Thorsten Horstmann. Useful for
   Dropbear ports to embedded systems and for checking memory leaks
   with valgrind. Only partially implemented for client side.
+- Fix all compile warnings, patch from Gaƫl Portay
+  (note that configure with -Werror may not be successful on some platforms
+  such as OS X and some configuration options may result in unused variable
+  warnings)
 - Fix small ECC memory leaks
+- Tighten validation of Diffie-Hellman parameters, from Florent Daigniere of
+  Matt Consulting. Odds of bad values are around 2**-512 -- improbable.
+- Twofish-ctr cipher is supported though disabled by default
 2015.67 - Wednesday 28 January 2015
 - Call fsync() after generating private keys to ensure they aren't lost if a