mirror of
https://github.com/clearml/dropbear
synced 2025-04-10 07:25:49 +00:00
0.48 progress
--HG-- extra : convert_revision : 23abf9a27f91b8191c12b24a8b2557e5e8750c21
This commit is contained in:
parent
9368e4db33
commit
94b28e420c
23
CHANGES
23
CHANGES
@ -1,3 +1,26 @@
|
||||
0.48 -
|
||||
|
||||
- Check that the circular buffer is properly empty before
|
||||
closing a channel, which could cause truncated transfers
|
||||
(thanks to Tomas Vanek for helping track it down)
|
||||
|
||||
- Implement per-IP pre-authentication connection limits
|
||||
(after some poking from Pablo Fernandez)
|
||||
|
||||
- Exit gracefully if trying to connect to as SSH v1 server
|
||||
(reported by Rushi Lala)
|
||||
|
||||
- Only read /dev/random once at startup when in non-inetd mode
|
||||
|
||||
- Allow ctrl-c to close a dbclient password prompt (may
|
||||
still have to press enter on some platforms)
|
||||
|
||||
- Merged in uClinux patch for inetd mode
|
||||
|
||||
- Updated to scp from OpenSSH 4.3p2 - fixes a security issue
|
||||
where use of system() could cause users to execute arbitrary
|
||||
code through malformed filenames, ref CVE-2006-0225
|
||||
|
||||
0.47 - Thurs Dec 8 2005
|
||||
|
||||
- SECURITY: fix for buffer allocation error in server code, could potentially
|
||||
|
2
README
2
README
@ -25,7 +25,7 @@ the key entries in that file. They should be of the form:
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAwVa6M6cGVmUcLl2cFzkxEoJd06Ub4bVDsYrWvXhvUV+ZAM9uGuewZBDoAqNKJxoIn0Hyd0Nk/yU99UVv6NWV/5YSHtnf35LKds56j7cuzoQpFIdjNwdxAN0PCET/MG8qyskG/2IE2DPNIaJ3Wy+Ws4IZEgdJgPlTYUBWWtCWOGc= someone@hostname
|
||||
|
||||
You must make sure that ~/.ssh, and the key file, are only writable by the
|
||||
user.
|
||||
user. Beware of editors that split the key into multiple lines.
|
||||
|
||||
NOTE: Dropbear ignores authorized_keys options such as those described in the
|
||||
OpenSSH sshd manpage, and will not allow a login for these keys.
|
||||
|
3
TODO
3
TODO
@ -6,8 +6,6 @@ Things which might need doing:
|
||||
|
||||
- Make options.h generated from configure perhaps?
|
||||
|
||||
- Improved queueing of unauthed connections
|
||||
|
||||
- handle /etc/environment in AIX
|
||||
|
||||
- check that there aren't timing issues with valid/invalid user authentication
|
||||
@ -15,7 +13,6 @@ Things which might need doing:
|
||||
|
||||
- Binding to different interfaces
|
||||
|
||||
- check PRNG
|
||||
- CTR mode
|
||||
- SSH_MSG_IGNORE sending to improve CBC security
|
||||
- DH Group Exchange possibly, or just add group14 (whatever it's called today)
|
||||
|
10814
libtommath/tommath.tex
10814
libtommath/tommath.tex
File diff suppressed because it is too large
Load Diff
@ -128,7 +128,7 @@ etc) slower (perhaps by 50%). Recommended for most small systems. */
|
||||
* You can't enable both PASSWORD and PAM. */
|
||||
|
||||
#define ENABLE_SVR_PASSWORD_AUTH
|
||||
/*#define ENABLE_SVR_PAM_AUTH*/
|
||||
/* #define ENABLE_SVR_PAM_AUTH */ /* requires ./configure --enable-pam */
|
||||
#define ENABLE_SVR_PUBKEY_AUTH
|
||||
|
||||
#define ENABLE_CLI_PASSWORD_AUTH
|
||||
|
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Dropbear - a SSH2 server
|
||||
*
|
||||
* Copyright (c) 2002,2003 Matt Johnston
|
||||
* Copyright (c) 2002-2006 Matt Johnston
|
||||
* All rights reserved.
|
||||
*
|
||||
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
@ -48,8 +48,6 @@ int dropbear_main(int argc, char ** argv)
|
||||
int main(int argc, char ** argv)
|
||||
#endif
|
||||
{
|
||||
|
||||
|
||||
_dropbear_exit = svr_dropbear_exit;
|
||||
_dropbear_log = svr_dropbear_log;
|
||||
|
||||
@ -139,7 +137,6 @@ void main_noinetd() {
|
||||
|
||||
commonsetup();
|
||||
|
||||
|
||||
/* should be done after syslog is working */
|
||||
if (svr_opts.forkbg) {
|
||||
dropbear_log(LOG_INFO, "Running in background");
|
||||
@ -161,7 +158,6 @@ void main_noinetd() {
|
||||
bzero(preauth_addrs, sizeof(preauth_addrs));
|
||||
|
||||
/* Set up the listening sockets */
|
||||
/* XXX XXX ports */
|
||||
listensockcount = listensockets(listensocks, MAX_LISTEN_ADDR, &maxsock);
|
||||
if (listensockcount == 0)
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user