| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
changes:
-IPv6 support
-client added
-bugfixes
XXX dropbear wants to use /dev/random per default now which makes it
unusable on systems w/o entropy source. I've patched it back to
/dev/urandom. There might be security concerns.
|
|
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
|
|
- SECURITY: Don't try to free() uninitialised variables in DSS verification
code. Thanks to Arne Bernin for pointing out this bug. This is possibly
exploitable, all users with DSS and pubkey-auth compiled in are advised to
upgrade.
- Clean up agent forwarding socket files correctly, patch from Gerrit Pape.
- Don't go into an infinite loop when portforwarding to servers which don't
send any initial data/banner. Patch from Nikola Vladov
- Fix for network vs. host byte order in logging remote TCP ports, also
from Gerrit Pape.
- Initialise many pointers to NULL, for general safety. Also checked cleanup
code for mp_ints (related to security issues above).
|
|
|
|
Many fixes and feature additions since 0.38. Too many to list here.
|
|
|
|
Changes:
0.38 - Sat Oct 11 2003 16:28:13 +0800
o Default hostkey path changed to /etc/dropbear/dropbear_{rsa,dss}_host_key
rather than /etc/dropbear_{rsa,dss}_host_key
o Added SMALL and MULTI text files which have info on compiling for multiple
binaries or small binaries
o Allow for commandline definition of some options.h settings
(without warnings)
o Be more careful handling EINTR
o More fixes for channel closing
o Added multi-binary support
o Improved logging of IPs, now get logged in all cases
o Don't chew cpu when waiting for version identification string, also
make sure that we kick off people if they don't auth within 5 minutes.
o Various small fixes, warnings etc
o sftp support works (relies on OpenSSH sftp binary or similar)
o Added --disable-shadow option (requested by the floppyfw guys)
0.37 - Wed Sept 24 2003 19:42:12 +0800
o Various portability fixes, fixes for Solaris 9, Tru64 5.1, Mac OS X 10.2,
AIX, BSDs
o Updated LibTomMath to 0.27 and LibTomCrypt to 0.90
o Renamed util.{c,h} to dbutil.{c,h} to avoid conflicts with system util.h
o Added some small changes so it'll work with AIX (plus Linux Affinity).
Thanks to Shig for them.
More bugfixes, etc.
|
|
The search for a small Secure Shell server to fit on a laptop with 4
megs ram and no hard disk was fruitless, so Matt Johnston decided to
write his own, and Dropbear is the result. It implements various
features of the SSH 2 protocol, including X11 and Authentication Agent
forwarding. Dropbear is Open Source software, distributed under a
MIT-style license.
Features
* A small memory footprint - Dropbear can compile to a 110kB
statically linked binary with uClibc (and only minimal options
selected).
* Implements X11 forwarding, and authentication-agent forwarding
for OpenSSH clients
* Compatible with OpenSSH ~/.ssh/authorized_keys public key
authentication
* Features can easily be disabled when compiling to save space.
* Preliminary TCP forwarding support (-L style only)
|
