Log Message:
dropbear: Update to 2019.78

Changes:

2019.78 - 27 March 2019

- Fix dbclient regression in 2019.77. After exiting the terminal would be left
  in a bad state. Reported by Ryan Woodsmall

2019.77 - 23 March 2019

- Fix server -R option with ECDSA - only advertise one key size which will be \ 
accepted.
  Reported by Peter Krefting, 2018.76 regression.

- Fix server regression in 2018.76 where multiple client -R forwards were all \ 
forwarded
  to the first destination. Reported by Iddo Samet.

- Make failure delay more consistent to avoid revealing valid usernames, set \ 
server password
  limit of 100 characters. Problem reported by usd responsible disclosure team

- Change handling of failed authentication to avoid disclosing valid usernames,
  CVE-2018-15599.

- Fix dbclient to reliably return the exit code from the remote server.
  Reported by W. Mike Petullo

- Fix export of 521-bit ECDSA keys, from Christian Hohnstädt

- Add -o Port=xxx option to work with sshfs, from xcko

- Merged fuzzing code, see FUZZER-NOTES.md

- Add a DROPBEAR_SVR_MULTIUSER=0 compile option to run on
  single-user Linux kernels (CONFIG_MULTIUSER disabled). From Patrick Stewart

- Increase allowed username to 100 characters, reported by W. Mike Petullo

- Update config.sub and config.guess, should now work with RISC-V

- Cygwin compile fix from karel-m

- Don't require GNU sed (accidentally in 2018.76), reported by Samuel Hsu

- Fix for IRIX and writev(), reported by Kazuo Kuroi

- Other fixes and cleanups from François Perrad, Andre McCurdy, Konstantin Demin,
  Michael Jones, Pawel Rapkiewicz

2018.76 - 27 February 2018

> > > Configuration/compatibility changes
  IMPORTANT
  Custom configuration is now specified in localoptions.h rather than options.h
  Available options and defaults can be seen in default_options.h

  To migrate your configuration, compare your customised options.h against the
  upstream options.h from your relevant version. Any customised options should
  be put in localoptions.h in the build directory.

- "configure --enable-static" should now be used instead of "make \ 
STATIC=1"
  This will avoid 'hardened build' flags that conflict with static binaries

- Set 'hardened build' flags by default if supported by the compiler.
  These can be disabled with configure --disable-harden if needed.
  -Wl,-pie
  -Wl,-z,now -Wl,-z,relro
  -fstack-protector-strong
  -D_FORTIFY_SOURCE=2
  # spectre v2 mitigation
  -mfunction-return=thunk
  -mindirect-branch=thunk

  Spectre patch from Loganaden Velvindron

- "dropbear -r" option for hostkeys no longer attempts to load the default
  hostkey paths as well. If desired these can be specified manually.
  Patch from CamVan Nguyen

- group1-sha1 key exchange is disabled in the server by default since
  the fixed 1024-bit group may be susceptible to attacks

- twofish ciphers are now disabled in the default configuration

- Default generated ECDSA key size is now 256 (rather than 521)
  for better interoperability

- Minimum RSA key length has been increased to 1024 bits

> > > Other features and fixes

- Add runtime -T max_auth_tries option from Kevin Darbyshire-Bryant

- Add 'dbclient -J &fd' to allow dbclient to connect over an existing socket.
  See dbclient manpage for a socat example. Patch from Harald Becker

- Add "-c forced_command" option. Patch from Jeremy Kerr

- Restricted group -G option added with patch from stellarpower

- Support server-chosen TCP forwarding ports, patch from houseofkodai

- Allow choosing outgoing address for dbclient with -b [bind_address][:bind_port]
  Patch from houseofkodai

- Makefile will now rebuild object files when header files are modified

- Add group14-256 and group16 key exchange options

- curve25519-sha256 also supported without @libssh.org suffix

- Update bundled libtomcrypt to 1.18.1, libtommath to 1.0.1
  This fixes building with some recent versions of clang

- Set PAM_RHOST which is needed by modules such as pam_abl

- Improvements to DSS and RSA public key validation, found by OSS-Fuzz.

- Don't exit when an authorized_keys file has malformed entries. Found by OSS-Fuzz

- Fix null-pointer crash with malformed ECDSA or DSS keys. Found by OSS-Fuzz

- Numerous code cleanups and small issues fixed by Francois Perrad

- Test for pkt_sched.h rather than SO_PRIORITY which was problematic with some musl
  platforms. Reported by Oliver Schneider and Andrew Bainbridge

- Fix some platform portability problems, from Ben Gardner

- Add EXEEXT filename suffix for building dropbearmulti, from William Foster

- Support --enable-<option> properly for configure, from Stefan Hauser

- configure have_openpty result can be cached, from Eric Bénard

- handle platforms that return close() < -1 on failure, from Marco Wenzel

- Build and configuration cleanups from Michael Witten

- Fix libtomcrypt/libtommath linking order, from Andre McCurdy

- Fix old Linux platforms that have SYS_clock_gettime but not CLOCK_MONOTONIC

- Update curve25519-donna implementation to current version