|
| 1 | +0.41 - Mon Jan 19 2004 22:40:19 +0800 |
| 2 | + |
| 3 | +- Fix in configure so that cross-compiling works, thanks to numerous people for |
| 4 | + reporting and testing |
| 5 | + |
| 6 | +- Terminal mode parsing now handles empty terminal mode strings (sent by |
| 7 | + Windows ssh.com clients), thanks to Ricardo Derbes for the report |
| 8 | + |
| 9 | +- Handling is improved for users with no shell specified in /etc/passwd, |
| 10 | + thanks again to Ricardo Derbes |
| 11 | + |
| 12 | +- Fix for compiling with --disable-syslog, thanks to gordonfh |
| 13 | + |
| 14 | +- Various minor fixes allow scp to work with irix, thanks to Paul Marinceu for |
| 15 | + fixing it up |
| 16 | + |
| 17 | +- Use <stropts.h> not <sys/stropts.h>, since the former seems more common |
| 18 | + |
| 19 | +0.40 - Tue Jan 13 2004 21:05:19 +0800 |
| 20 | + |
| 21 | +- Remote TCP forwarding (-R) style implemented |
| 22 | + |
| 23 | +- Local and remote TCP forwarding can each be disabled at runtime (-k and -j |
| 24 | + switches) |
| 25 | + |
| 26 | +- Fix for problems detecting openpty() with uClibc - many thanks to various |
| 27 | + people for reporting and testing fixes, including (in random order) Cristian |
| 28 | + Ionescu-Idbohrn, James Ewing, Steve Dover, Thomas Lundquist and Frederic |
| 29 | + Lavernhe |
| 30 | + |
| 31 | +- Improved portability for IRIX, thanks to Paul Marinceu |
| 32 | + |
| 33 | +- AIX and HPUX portability fixes, thanks to Darren Tucker for patches |
| 34 | + |
| 35 | +- prngd should now work correctly, thanks to Darren Tucker for the patch |
| 36 | + |
| 37 | +- scp compilation on systems without strlcpy() is fixed, thanks to Peter |
| 38 | + Jannesen and David Muse for reporting it (independently and simultaneously :) |
| 39 | + |
| 40 | +- Merged in new LibTomCrypt 0.92 and LibTomMath 0.28 |
| 41 | + |
| 42 | +0.39 - Tue Dec 16 2003 15:19:19 +0800 |
| 43 | + |
| 44 | +- Better checking of key lengths and parameters for DSS and RSA auth |
| 45 | + |
| 46 | +- Print fingerprint of keys used for pubkey auth |
| 47 | + |
| 48 | +- More consistent logging of usernames and IPs |
| 49 | + |
| 50 | +- Added option to disable password auth (or just for root) at runtime |
| 51 | + |
| 52 | +- Avoid including bignum functions which don't give much speed benefit but |
| 53 | + take up binary size |
| 54 | + |
| 55 | +- Added a stripped down version of OpenSSH's scp binary |
| 56 | + |
| 57 | +- Added additional supporting functions for Irix, thanks to Paul Marinceu |
| 58 | + |
| 59 | +- Don't check for unused libraries in configure script |
| 60 | + |
| 61 | +- Removed trailing comma in algorithm lists (thanks to Mihnea Stoenescu) |
| 62 | + |
| 63 | +- Fixed up channel close handling, always send close packet in response |
| 64 | + (also thanks to Mihnea Stoenescu) |
| 65 | + |
| 66 | +- Various makefile improvements for cross-compiling, thanks to Friedrich |
| 67 | + Lobenstock and Mihnea Stoenescu |
| 68 | + |
| 69 | +- Use daemon() function if available (or our own copy) rather than separate |
| 70 | + code (thanks to Fr�d�ric Lavernhe for the report and debugging, and Bernard |
| 71 | + Blackham for his suggestion on what to look at) |
| 72 | + |
| 73 | +- Fixed up support for first_kex_packet_follows, required to talk to ssh.com |
| 74 | + clients. Thanks to Marian Stagarescu for the bug report. |
| 75 | + |
| 76 | +- Avoid using MAXPATHLEN, pointer from Ian Morris |
| 77 | + |
| 78 | +- Improved input sanity checking |
| 79 | + |
| 80 | +0.38 - Sat Oct 11 2003 16:28:13 +0800 |
| 81 | + |
| 82 | +- Default hostkey path changed to /etc/dropbear/dropbear_{rsa,dss}_host_key |
| 83 | + rather than /etc/dropbear_{rsa,dss}_host_key |
| 84 | + |
| 85 | +- Added SMALL and MULTI text files which have info on compiling for multiple |
| 86 | + binaries or small binaries |
| 87 | + |
| 88 | +- Allow for commandline definition of some options.h settings |
| 89 | + (without warnings) |
| 90 | + |
| 91 | +- Be more careful handling EINTR |
| 92 | + |
| 93 | +- More fixes for channel closing |
| 94 | + |
| 95 | +- Added multi-binary support |
| 96 | + |
| 97 | +- Improved logging of IPs, now get logged in all cases |
| 98 | + |
| 99 | +- Don't chew cpu when waiting for version identification string, also |
| 100 | + make sure that we kick off people if they don't auth within 5 minutes. |
| 101 | + |
| 102 | +- Various small fixes, warnings etc |
| 103 | + |
| 104 | +- Display MOTD if requested - suggested by |
| 105 | + Trent Lloyd <lathiat at sixlabs.org> and |
| 106 | + Zach White <zwhite at darkstar.frop.org> |
| 107 | + |
| 108 | +- sftp support works (relies on OpenSSH sftp binary or similar) |
| 109 | + |
| 110 | +- Added --disable-shadow option (requested by the floppyfw guys) |
| 111 | + |
| 112 | +0.37 - Wed Sept 24 2003 19:42:12 +0800 |
| 113 | + |
| 114 | +- Various portability fixes, fixes for Solaris 9, Tru64 5.1, Mac OS X 10.2, |
| 115 | + AIX, BSDs |
| 116 | + |
| 117 | +- Updated LibTomMath to 0.27 and LibTomCrypt to 0.90 |
| 118 | + |
| 119 | +- Renamed util.{c,h} to dbutil.{c,h} to avoid conflicts with system util.h |
| 120 | + |
| 121 | +- Added some small changes so it'll work with AIX (plus Linux Affinity). |
| 122 | + Thanks to Shig for them. |
| 123 | + |
| 124 | +- Improved the closing messages, so a clean exit is "Exited normally" |
| 125 | + |
| 126 | +- Added some more robust integer/size checking in buffer.c as a backstop for |
| 127 | + integer overflows |
| 128 | + |
| 129 | +- X11 forwarding fixed for OSX, path for xauth changed to /usr/X11R6/bin/xauth |
| 130 | + |
| 131 | +- Channel code handles closing more nicely, doesn't sit waiting for an extra |
| 132 | + keystroke on BSD/OSX platforms, and data is flushed fully before closing |
| 133 | + child processes (thanks to |
| 134 | + Cristian Ionescu-Idbohrn <cristian.ionescu-idbohrn at axis.com> for |
| 135 | + pointing that out). |
| 136 | + |
| 137 | +- Changed "DISABLE_TCPFWD" to "ENABLE_TCPFWD" (and for x11/auth) so |
| 138 | + "disable DISABLE_TCPWD" isn't so confusing. |
| 139 | + |
| 140 | +- Fix authorized_keys handling (don't crash on too-long keys, and |
| 141 | + use fgetc not getc to avoid strange macro-related issues), thanks to |
| 142 | + Cristian Ionescu-Idbohrn <cristian.ionescu-idbohrn at axis.com> |
| 143 | + and Steve Rodgers <hwstar at cox.net> for reporting and testing. |
| 144 | + |
| 145 | +- Fixes to the README with regard to uClibc systems, thanks to |
| 146 | + Cristian Ionescu-Idbohrn <cristian.ionescu-idbohrn at axis.com>, |
| 147 | + as well as general improvements to documentation (split README/INSTALL) |
| 148 | + |
| 149 | +- Fixed up some compilation problems with dropbearconvert/dropbearkey if |
| 150 | + DSS or RSA were disabled, reported by Patrik Karlsson <patrik at cqure.net> |
| 151 | + |
| 152 | +- Fix double-free bug for hostkeys, reported by |
| 153 | + Vincent Sanders <vince at kyllikki.org> |
| 154 | + |
| 155 | +- Fix up missing \ns from dropbearconvert help message, |
| 156 | + thanks to Mordy Ovits <movits at bloomberg.com> for the patch |
| 157 | + |
| 158 | +0.36 - Tue August 19 2003 12:16:23 +0800 |
| 159 | + |
| 160 | +- Fix uninitialised temporary variable in DSS signing code |
| 161 | + (thanks to Matthew Franz <mdfranz at io.com> for reporting, and the authors |
| 162 | + of Valgrind for making it easy to track down) |
| 163 | +- Fix remote version-string parsing error |
| 164 | + (thanks to Bernard Blackham <bernard at blackham.com.au> for noticing) |
| 165 | +- Improved host-algorithm-matching algorithm in algo.c |
| 166 | +- Decreased MAX_STRING_LEN to a more realistic value |
| 167 | +- Fix incorrect version (0.34) in this CHANGES file for the previous release. |
| 168 | + |
| 169 | +0.35 - Sun August 17 2003 05:37:47 +0800 |
| 170 | + |
| 171 | +- Fix for remotely exploitable format string buffer overflow. |
| 172 | + (thanks to Joel Eriksson <je at bitnux.com>) |
| 173 | + |
| 174 | +0.34 - Fri August 15 2003 15:10:00 +0800 |
| 175 | + |
| 176 | +- Made syslog optional, both at compile time and as a compile option |
| 177 | + (suggested by Laurent Bercot <ska at skarnet.org>) |
| 178 | +- Fixup for bad base64 parsing in authorized_keys |
| 179 | + (noticed by Davyd Madeley <davyd at zdlcomputing.com>) |
| 180 | +- Added initial tcp forwarding code, only -L (local) at this stage |
| 181 | +- Improved "make install" with DESTDIR and changing ownership seperately, |
| 182 | + don't check for setpgrp on Linux for crosscompiling. |
| 183 | + (from Erik Andersen <andersen at codepoet.org>) |
| 184 | +- More commenting, fix minor compile warnings, make return values more |
| 185 | + consistent etc |
| 186 | +- Various signedness fixes |
| 187 | +- Can listen on multiple ports |
| 188 | +- added option to disable openpty with configure script, |
| 189 | + (from K.-P. Kirchd�rfer <kapeka at epost.de>) |
| 190 | +- Various cleanups to bignum code |
| 191 | + (thanks to Tom St Denis <tomstdenis at iahu.ca>) |
| 192 | +- Fix compile error when disabling RSA |
| 193 | + (from Marc Kleine-Budde <kleine-budde at gmx.de>) |
| 194 | +- Other cleanups, splitting large functions for packet and kex handling etc |
| 195 | + |
| 196 | +0.33 - Sun June 22 2003 22:24:12 +0800 |
| 197 | + |
| 198 | +- Fixed some invalid assertions in the channel code, fixing the server dying |
| 199 | + when forwarding X11 connections. |
| 200 | +- Add dropbearconvert to convert to/from OpenSSH host keys and Dropbear keys |
| 201 | +- RSA keys now keep p and q parameters for compatibility -- old Dropbear keys |
| 202 | + still work, but can't be converted to OpenSSH etc. |
| 203 | +- Debian packaging directory added, thanks to |
| 204 | + Grahame (grahame at angrygoats.net) |
| 205 | +- 'install' target added to the makefile |
| 206 | +- general tidying, improve consistency of functions etc |
| 207 | +- If RSA or DSS hostkeys don't exist, that algorithm won't be used. |
| 208 | +- Improved RSA and DSS key generation, more efficient and fixed some minor bugs |
| 209 | + (thanks to Tom St Denis for the advice) |
| 210 | +- Merged new versions of LibTomCrypt (0.86) and LibTomMath (0.21) |
| 211 | + |
| 212 | +0.32 - Sat May 24 2003 12:44:11 +0800 |
| 213 | + |
| 214 | +- Don't compile unused code from libtomcrypt (test vectors etc) |
| 215 | +- Updated to libtommath 0.17 and libtomcrypt 0.83. New libtommath results |
| 216 | + in smaller binary size, due to not linking unrequired code |
| 217 | +- X11 forwarding added |
| 218 | +- Agent forwarding added (for OpenSSH.com ssh client/agent) |
| 219 | +- Fix incorrect buffer freeing when banners are used |
| 220 | +- Hostname resolution works |
| 221 | +- Various minor bugfixes/code size improvements etc |
| 222 | + |
| 223 | +0.31 - Fri May 9 2003 17:57:16 +0800 |
| 224 | + |
| 225 | +- Improved syslog messages - IP logging etc |
| 226 | +- Strip control characters from log messages (specified username currently) |
| 227 | +- Login recording (utmp/wtmp) support, so last/w/who work - taken from OpenSSH |
| 228 | +- Shell is started as a proper login shell, so /etc/profile etc is sourced |
| 229 | +- Ptys work on Solaris (2.8 x86 tested) now |
| 230 | +- Fixed bug in specifying the rsa hostkey |
| 231 | +- Fixed bug in compression code, could trigger if compression resulted in |
| 232 | + larger output than input (uncommon but possible). |
| 233 | + |
| 234 | +0.30 - Thu Apr 17 2003 18:46:15 +0800 |
| 235 | + |
| 236 | +- SECURITY: buffer.c had bad checking for buffer increment length - fixed |
| 237 | +- channel code now closes properly on EOF - scp processes don't hang around |
| 238 | +- syslog support added - improved auth/login/failure messages |
| 239 | +- general code tidying, made return codes more consistent |
| 240 | +- Makefile fixed for dependencies and makes libtomcrypt as well |
| 241 | +- Implemented sending SSH_MSG_UNIMPLEMENTED :) |
| 242 | + |
| 243 | +0.29 - Wed Apr 9 2003 |
| 244 | + |
| 245 | +- Fixed a stupid bug in 0.28 release, 'newstr = strdup(oldstr)', |
| 246 | + not 'newstr=oldstr' |
| 247 | + |
| 248 | +0.28 - Sun Apr 6 2003 |
| 249 | + |
| 250 | +- Initial public release |
| 251 | + |
| 252 | +Development was started in October 2002 |
0 commit comments