[no description] https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc-2011Q3 2011-03-10T10:20:16Z 2011-03-10T10:20:16Z drochner drochner@pkgsrc.org 2011-03-10T10:20:16Z urn:sha1:bf61ff2be84144add180b8cfa2e7ffcc442de15b changes: -misc fixes and improvements -build against system libtommath/crypt 2009-08-26T21:10:11Z snj snj@pkgsrc.org 2009-08-26T21:10:11Z urn:sha1:e60135222218c03d1c5b69889206221f6693254a doesn't conflict with openssh. Changes since 0.50: 0.52 - Wed 12 November 2008 - Add "netcat-alike" option (-B) to dbclient, allowing Dropbear to tunnel standard input/output to a TCP port-forwarded remote host. - Add "proxy command" support to dbclient, to allow using a spawned process for IO rather than a direct TCP connection. eg dbclient remotehost is equivalent to dbclient -J 'nc remotehost 22' remotehost (the hostname is still provided purely for looking up saved host keys) - Combine netcat-alike and proxy support to allow "multihop" connections, with comma-separated host syntax. Allows running dbclient user1@host1,user2@host2,user3@host3 to end up at host3 via the other two, using SSH TCP forwarding. It's a bit like onion-routing. All connections are established from the local machine. The comma-separated syntax can also be used for scp/rsync, eg rsync -a -e dbclient m@gateway,m2@host,martello:/home/matt/ ~/backup/ to bounce through a few hosts. - Add -I "idle timeout" option (contributed by Farrell Aultman) - Allow restrictions on authorized_keys logins such as restricting commands to be run etc. This is a subset of those allowed by OpenSSH, doesn't yet allow restricting source host. - Use vfork() for scp on uClinux - Default to PATH=/usr/bin:/bin for shells. - Report errors if -R forwarding fails - Add counter mode cipher support, which avoids some security problems with the standard CBC mode. - Support zlib@openssh.com delayed compression for client/server. It can be required for the Dropbear server with the '-Z' option. This is useful for security as it avoids exposing the server to attacks on zlib by unauthenticated remote users, though requires client side support. - options.h has been split into options.h (user-changable) and sysoptions.h (less commonly changed) - Support "dbclient -s sftp" to specify a subsystem - Fix a bug in replies to channel requests that could be triggered by recent versions of PuTTY 0.51 - Thu 27 March 2008 - Make a copy of password fields rather erroneously relying on getwpnam() to be safe to call multiple times - If $SSH_ASKPASS_ALWAYS environment variable is set (and $SSH_ASKPASS is as well) always use that program, ignoring isatty() and $DISPLAY - Wait until a process exits before the server closes a connection, so that an exit code can be sent. This fixes problems with exit codes not being returned, which could cause scp to fail. 2009-06-14T18:13:25Z joerg joerg@pkgsrc.org 2009-06-14T18:13:25Z urn:sha1:4bfd4a2628453962ab2d8a5e4036aa1cd3352075 2007-09-06T19:15:10Z jlam jlam@pkgsrc.org 2007-09-06T19:15:10Z urn:sha1:86ec3742a6daf24d5686ed679f981a779c9e6e8f ${PKG_SYSCONFDIR}/dropbear. Bump the PKGREVISION to 2. 2007-09-06T16:31:55Z jlam jlam@pkgsrc.org 2007-09-06T16:31:55Z urn:sha1:b1fb9270c55931050a736bec502d99f8aa935f9b 2007-09-06T16:07:51Z jlam jlam@pkgsrc.org 2007-09-06T16:07:51Z urn:sha1:f76b802e8dc1c2e1798f532d55ee595c314fc281 compilers. 2007-09-06T15:55:06Z jlam jlam@pkgsrc.org 2007-09-06T15:55:06Z urn:sha1:f51a7b03240d6907d3664f01f5c4b91f4ed3512d 2007-09-05T21:08:06Z drochner drochner@pkgsrc.org 2007-09-05T21:08:06Z urn:sha1:aaeee9c66883c6c8bdc1656494110eeaa3264977 changes: - Add DROPBEAR_PASSWORD environment variable to specify a dbclient password - Use /dev/urandom by default, since that's what everyone does anyway - Exit with an exit code of 1 if dropbear can't bind to any ports - Improve network performance and add a -W <receive_window> argument for adjusting the tradeoff between network performance and memory consumption - Fix a problem where reply packets could be sent during key exchange, in violation of the SSH spec. This could manifest itself with connections being terminated after 8 hours with new TCP-forward connections being established - Add -K <keepalive_time> argument, ensuring that data is transmitted over the connection at least every N seconds - dropbearkey will no longer generate DSS keys of sizes other than 1024 bits, as required by the DSS specification. (Other sizes are still accepted for use to provide backwards compatibility) 2007-03-23T20:07:02Z drochner drochner@pkgsrc.org 2007-03-23T20:07:02Z urn:sha1:4d67262cc9b38e5044ffeed2651ae01bba88216f change: warn strongly when a hostkey mismatch occurred 2006-03-14T20:03:43Z drochner drochner@pkgsrc.org 2006-03-14T20:03:43Z urn:sha1:6989a54eea2624de25ad81a539f25001b7640109 changes: -a security fix which was already in pkgsrc (0.46nb1) -bugfixes -zlib compression for dbclient -Set "low delay" TOS bit -client keyboard-interactive mode support -logging improvements -Added aes-256 cipher and sha1-96 hmac -allow connections to listening forwarded ports from remote machines