summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2015-02-13piggyback data on acks when making connections on linuxMatt Johnston
2015-02-13debug should be off by defaultMatt Johnston
2015-02-10Tighten validation of DH values. Odds of x==0 being generated areMatt Johnston
improbable, roughly 2**-1023 Regression in 0.49
2015-02-04twofish ctr modesMatt Johnston
2015-01-29Added signature for changeset 1d2d81b1b7c1Matt Johnston
2015-01-28sha256Matt Johnston
2015-01-28bump versionMatt Johnston
2015-01-28Added tag DROPBEAR_2015.67 for changeset cbd674d63cd4Matt Johnston
2015-01-28changelog for 2015.67Matt Johnston
2015-01-28mergeMatt Johnston
2015-01-28changes for 2015.67Matt Johnston
2015-01-28Fix bad multi-statement define for m_free(), detected by CoverityMatt Johnston
2015-01-28When clearing the memory of 'key' in function openssh_read(), only the sizeChristian Engelmayer
of the pointer to the data instead of the whole size of struct openssh_key is cleared. Correct the size calculation as detected by Coverity CID 1191543.
2015-01-28Initialise sa_maskMatt Johnston
2015-01-28Fix memory leak of ecdsa structure, found by CoverityMatt Johnston
2015-01-28Document ~/.ssh/id_dropbearMatt Johnston
2015-01-28Allow configure with libtomcrypt/libtommath directories missingElan Ruusamäe
if using bundled libraries
2015-01-28Disable non-delayed zlib for serverMatt Johnston
2015-01-24Default client key path ~/.ssh/id_dropbearMatt Johnston
2015-01-23Prefer stronger algorithms in algorithm negotiation.Fedor Brunner
Prefer diffie-hellman-group14-sha1 (2048 bit) over diffie-hellman-group1-sha1 (1024 bit). Due to meet-in-the-middle attacks the effective key length of three key 3DES is 112 bits. AES is stronger and faster then 3DES. Prefer to delay the start of compression until after authentication has completed. This avoids exposing compression code to attacks from unauthenticated users. (github pull request #9)
2015-01-23Fix installing dropbear.8 error when building in a separate directory.Like Ma
(fix pull request #6)
2015-01-23Add config option to disable cbc. Disable twofish by defaultMatt Johnston
2015-01-23Fix variables may be uninitialized.Like Ma
(fixup of pull request #7)
2015-01-23 Integrity error (bad packet size %u) negative lengthFedor Brunner
When corrupted packet is received negative length of packet is displayed. (re-apply of pull request #8)
2015-01-13Enable sha2 HMACs by default, they're required for ecdsa alreadyMatt Johnston
2015-01-04clear hash state memory after useMatt Johnston
2015-01-04clarify bad/unknownMatt Johnston
2015-01-01Handle invalid agent keys by skipping rather than exiting.Catalin Patulea
My agent exposes both conventional keys and certs (ecdsa-sha2-nistp256-cert-v01@openssh.com) and I want dropbear to be able to use the former.
2015-01-04Open directories O_RDONLY for fsync, add debugging if it failsMatt Johnston
2014-11-08Make sure hostkeys are flushed to disk to avoid empty files if the powerMatt Johnston
fails. Based on patch from Peter Korsgaard
2014-10-23Added signature for changeset 2d421bc0545dMatt Johnston
2014-10-23Added tag DROPBEAR_2014.66 for changeset 735511a4c761Matt Johnston
2014-10-23changelog, version number bumpMatt Johnston
2014-10-23Remove -o from scp helpMatt Johnston
2014-10-23increae MAX_STRING_LEN for sun sshMatt Johnston
2014-10-22Don't print "Failed loading hostkey" when -R delayed hostkey option is enabledSteven Honeyman
2014-10-21Combine code for SSH_CONNECTION and SSH_CLIENTMatt Johnston
2014-10-21Merge pull request #5 from rcleere/ssh_clientMatt Johnston
Add SSH_CLIENT environment variable
2014-10-20Add SSH_CLIENT environment variableRyan Cleere
2014-08-19Make keepalive handling more robust, this should now match what OpenSSH doesMatt Johnston
2014-08-13Fix wtmp, testing for wtmp.h and wtmpx.h doesn't make senseWhoopie
2014-08-13Don't send SSH_MSG_UNIMPLEMENTED for keepalive responsesMatt Johnston
2014-08-08Added signature for changeset caac692b366cMatt Johnston
2014-08-08Added tag DROPBEAR_2014.65 for changeset e9579816f20eMatt Johnston
2014-08-082014.64Matt Johnston
2014-08-01use xauth in /usr/binMike Frysinger
Since the x.org rework, X has been installed into standard paths and not its own random prefixes. I think it's time we update the default paths accordingly.
2014-08-06Don't warn about ENOTSOCK when setting priorityMatt Johnston
2014-08-06Be a bit safer in case pw_name doesn't existMatt Johnston
2014-08-06mergeMatt Johnston
2014-08-06Merge pull request #2 from iquaba/patch-1Matt Johnston
Try without identifying current user