Write CHANGES since last release

2025-02-11 23:23:30 +00:00 · 2022-03-30 23:18:00 +08:00 · 2022-03-30 23:18:00 +08:00 · abb577fcba
commit abb577fcba
parent 0e042476a0
1 changed files with 122 additions and 6 deletions
--- a/128
+++ b/128
@ -1,9 +1,125 @@
- The following config paths are now relative to a home directory if
+Future Release
-  starting with "~". Thanks to Begley Brothers Inc
+Features and Changes:
-  *_PRIV_FILENAME
+
-  DROPBEAR_PIDFILE
+- Implement OpenSSH format private key handling for dropbearconvert.
-  SFTPSERVER_PATH
+  Keys can be read in OpenSSH format or the old PEM format, they will be
-  MOTD_FILENAME
+  written in OpenSSH format. (DSS has not been implemented).
  ED25519 support is now correct.
 - Use SHA256 for key fingerprints
 - Reworked -v verbose printing, specifying multiple times will increase
  verbosity. -vvvv is equivalent to the old DEBUG_TRACE -v level, it
  can be configured at compile time in localoptions.h (see default_options.h)
  Lower -v options can be used to check connection progress or algorithm
  negotiation.
  Thanks to Hans Harder for the implementation
  > > localoptions.h DEBUG_TRACE should be set to 4 for the same result as the
  previous DEBUG_TRACE 1.
 - Added server support for U2F/FIDO keys (ecdsa-sk and ed25519-sk) in
  authorized_keys. no-touch-required option isn't allowed yet.
  Thanks to Egor Duda for the implementation
 - autoconf output (configure script etc) is now committed to version control.
  It isn't necessary to run "autoconf" any more on a checkout.
 - sha1 will be omitted from the build if KEX/signing/MAC algorithms don't
  require it. Instead sha256 is used for random number generation.
  See sysoptions.h to see which algorithms require which hashes.
 - Set SSH_PUBKEYINFO environment variable based on the authorized_keys
  entry used for auth. The first word of the comment after the key is used
  (must only have characters a-z A-Z 0-9 .,_-+@)
  Patch from Hans Harder, modified by Matt Johnston
 - Allow home-directory relative paths ~/path for various settings
  and command line options.
  *_PRIV_FILENAME DROPBEAR_PIDFILE SFTPSERVER_PATH MOTD_FILENAME
  Thanks to Begley Brothers Inc
  > > The default DROPBEAR_DEFAULT_CLI_AUTHKEY has now changed, it now needs
  a tilde prefix.
 - LANG environment variable is carried over from the Dropbear server process
  From Maxim Kochetkov
 - Add /usr/sbin and /sbin to $PATH when logging in as root.
  Patch from Raphaël Hertzog
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903403
 - Added client option "-o DisableTrivialAuth". This can be used to prevent
  the server immediately allowing successful authentication (before any auth
  request) which could cause UI confusion and security issues with agent
  forwarding - it isn't clear which host is prompting to use a key.
  Thanks to Manfred Kaiser from Austrian MilCERT
 - Add -q client option to hide remote banner, from Hans Harder
 - Add -e option to pass all server environment variables to child processes.
  This should be used with caution.
  Patch from Roland Vollgraf (github #118)
 - Use DSCP for QoS traffic classes. Priority (tty) traffic is now set to
  AF21 "interactive". Previously TOS classes were used, they are not used by
  modern traffic classifiers. Non-tty traffic is left at default priority.
 - Disable dh-group1 key exchange by default. It has been disabled server
  side by default since 2018.
 - Removed Twofish cipher
 Fixes:
 - Fix flushing channel data when pty was allocated (github #85)
  Data wasn't completely transmitted at channel close.
  Reported and initial patch thanks to Yousong Zhou
 - Dropbear now re-executes itself rather than just forking for each connection
  (only on Linux). This allows ASLR to randomise address space for each
  connection as a security mitigation. It should not have any visible impact
  - if there are any performance impacts in the wild please report it.
 - Check authorized_keys permissions as the user, fixes NFS squash root.
  Patch from Chris Dragan (github #107)
 - A missing home directory is now non-fatal, starting in / instead
 - Improve error logging so that they are logged on the server rather than being
  sent to the client over the connection
 - Max window size is increased to 10MB, more graceful fallback if it's invalid.
 - Fix correctness of Dropbear's handling of global requests.
  Patch from Dirkjan Bussink
 - Fix some small bugs found by fuzzers, null pointer dereference crash and leaks
  (post authentication)
 - $HOME variable is used before /etc/passwd when expanding paths such as
  ~/.ssh/id_dropbear (for the client). Patch from Matt Robinson
 - C89 build fixes from Guillaume Picquet
 Infrastructure:
 - Improvements to fuzzers. Added post-auth fuzzer, and a mutator that can
  handle the structure of SSH packet streams. Added cifuzz to run on commits
  and pull requests.
 - Dropbear source tarballs generated by release.sh are now reproducible from a
  Git or Mercurial checkout, they will be identical on any system. Tested
  on ubuntu and macos.
 - Added some integration testing using pytest. Currently this has tests
  for various channel handling edge cases, ASLR fork randomisation,
  dropbearconvert, and SSH_PUBKEYINFO
 - Set up github actions. This runs the pytest suite and other checks.
  - build matrix includes c89, dropbearmulti, bundled libtom, macos, DEBUG_TRACE
  - test for configure script regeneration
  - build a tarball for external reproducibility
 2020.81 - 29 October 2020