ViewMTN: Diff from [bd8c4eb7..] to [23abf9a2..]

ViewMTN — Everything : Branches | Tags | Help | About | Change DB
Revision [bd8c4eb7..]: Info | Browse Files | Download (tar)
The unified diff between revisions [bd8c4eb7..] and [23abf9a2..] is displayed below. It can also be downloaded as a raw diff.
#
#
# delete "libtommath/tommath.tex"
#
# patch "CHANGES"
#  from [74b24783afa6a56a4e12d6670aa813c1b2cd9a6b]
#    to [2daa0ad92e6f988bd251ce16e413f33fb231779e]
#
# patch "README"
#  from [8348d98ddff0c724e317c22d54a30c949471d82c]
#    to [fa456a2b90f336600bcf58f23fea741e2f0b9ff4]
#
# patch "TODO"
#  from [3f82959bf798a1e75ec6472c5e3d47ebd84444ed]
#    to [bb00a9e2dec6e42677c790124d7232f8e8fcb18a]
#
# patch "options.h"
#  from [d610b9a3da321a29e14c9bcc4c16ca4c3a015240]
#    to [dc72917cc7444e220789e27aa7506a77dfa44fa3]
#
# patch "svr-main.c"
#  from [948adffe37b58b0b102e25128b6b0e5a06b71448]
#    to [7bfc54799240f5085443a31e0dc95c64ab4205b8]
#
============================================================
--- CHANGES	74b24783afa6a56a4e12d6670aa813c1b2cd9a6b
+++ CHANGES	2daa0ad92e6f988bd251ce16e413f33fb231779e
@@ -1,3 +1,26 @@
+0.48 -
+
+- Check that the circular buffer is properly empty before
+  closing a channel, which could cause truncated transfers
+  (thanks to Tomas Vanek for helping track it down)
+
+- Implement per-IP pre-authentication connection limits
+  (after some poking from Pablo Fernandez)
+
+- Exit gracefully if trying to connect to as SSH v1 server
+  (reported by Rushi Lala)
+
+- Only read /dev/random once at startup when in non-inetd mode
+
+- Allow ctrl-c to close a dbclient password prompt (may
+  still have to press enter on some platforms)
+
+- Merged in uClinux patch for inetd mode
+
+- Updated to scp from OpenSSH 4.3p2 - fixes a security issue
+  where use of system() could cause users to execute arbitrary
+  code through malformed filenames, ref CVE-2006-0225
+
 0.47 - Thurs Dec 8 2005

 - SECURITY: fix for buffer allocation error in server code, could potentially
============================================================
--- README	8348d98ddff0c724e317c22d54a30c949471d82c
+++ README	fa456a2b90f336600bcf58f23fea741e2f0b9ff4
@@ -25,7 +25,7 @@
 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAwVa6M6cGVmUcLl2cFzkxEoJd06Ub4bVDsYrWvXhvUV+ZAM9uGuewZBDoAqNKJxoIn0Hyd0Nk/yU99UVv6NWV/5YSHtnf35LKds56j7cuzoQpFIdjNwdxAN0PCET/MG8qyskG/2IE2DPNIaJ3Wy+Ws4IZEgdJgPlTYUBWWtCWOGc= someone@hostname

 You must make sure that ~/.ssh, and the key file, are only writable by the
-user.
+user. Beware of editors that split the key into multiple lines.

 NOTE: Dropbear ignores authorized_keys options such as those described in the
 OpenSSH sshd manpage, and will not allow a login for these keys.
============================================================
--- TODO	3f82959bf798a1e75ec6472c5e3d47ebd84444ed
+++ TODO	bb00a9e2dec6e42677c790124d7232f8e8fcb18a
@@ -6,8 +6,6 @@ Things which might need doing:

 - Make options.h generated from configure perhaps?

-- Improved queueing of unauthed connections
-
 - handle /etc/environment in AIX

 - check that there aren't timing issues with valid/invalid user authentication
@@ -15,7 +13,6 @@ Things which might need doing:

 - Binding to different interfaces

-- check PRNG
 - CTR mode
 - SSH_MSG_IGNORE sending to improve CBC security
 - DH Group Exchange possibly, or just add group14 (whatever it's called today)
============================================================
--- options.h	d610b9a3da321a29e14c9bcc4c16ca4c3a015240
+++ options.h	dc72917cc7444e220789e27aa7506a77dfa44fa3
@@ -128,7 +128,7 @@ etc) slower (perhaps by 50%). Recommende
  * You can't enable both PASSWORD and PAM. */

 #define ENABLE_SVR_PASSWORD_AUTH
-/*#define ENABLE_SVR_PAM_AUTH*/
+/* #define ENABLE_SVR_PAM_AUTH */ /* requires ./configure --enable-pam */
 #define ENABLE_SVR_PUBKEY_AUTH

 #define ENABLE_CLI_PASSWORD_AUTH
============================================================
--- svr-main.c	948adffe37b58b0b102e25128b6b0e5a06b71448
+++ svr-main.c	7bfc54799240f5085443a31e0dc95c64ab4205b8
@@ -1,7 +1,7 @@
 /*
  * Dropbear - a SSH2 server
  *
- * Copyright (c) 2002,2003 Matt Johnston
+ * Copyright (c) 2002-2006 Matt Johnston
  * All rights reserved.
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
@@ -48,8 +48,6 @@ int main(int argc, char ** argv)
 int main(int argc, char ** argv)
 #endif
 {
-
-
 	_dropbear_exit = svr_dropbear_exit;
 	_dropbear_log = svr_dropbear_log;

@@ -139,7 +137,6 @@ void main_noinetd() {

 	commonsetup();

-
 	/* should be done after syslog is working */
 	if (svr_opts.forkbg) {
 		dropbear_log(LOG_INFO, "Running in background");
@@ -161,7 +158,6 @@ void main_noinetd() {
 	bzero(preauth_addrs, sizeof(preauth_addrs));

 	/* Set up the listening sockets */
-	/* XXX XXX ports */
 	listensockcount = listensockets(listensocks, MAX_LISTEN_ADDR, &maxsock);
 	if (listensockcount == 0)
 	{