Navigation:
Browse pkgsrc
(this page) 2012-08-13 19:47:26 by Matthias Drochner | Files touched by this commit (2) |  |
Log message: update to 2012.55 changes: fix a use-after-free bug which could be used to potentially execute arbitrary code with root privileges, provided that the user has been authenticated using a public key and also that a command restriction is enforced (the "command" option must be used in the authorized_keys file) |
| 2011-03-10 11:20:16 by Matthias Drochner | Files touched by this commit (3) | |
Log message: update to 0.53.1 changes: -misc fixes and improvements -build against system libtommath/crypt |
| 2009-08-26 23:10:11 by Soren Jacobsen | Files touched by this commit (5) |
Log message: Update dropbear to 0.52. Build an scp binary and call it dbscp so it doesn't conflict with openssh. Changes since 0.50: 0.52 - Wed 12 November 2008 - Add "netcat-alike" option (-B) to dbclient, allowing Dropbear to tunnel standard input/output to a TCP port-forwarded remote host. - Add "proxy command" support to dbclient, to allow using a spawned process for IO rather than a direct TCP connection. eg dbclient remotehost is equivalent to dbclient -J 'nc remotehost 22' remotehost (the hostname is still provided purely for looking up saved host keys) - Combine netcat-alike and proxy support to allow "multihop" connections, with comma-separated host syntax. Allows running dbclient user1@host1,user2@host2,user3@host3 to end up at host3 via the other two, using SSH TCP forwarding. It's a bit like onion-routing. All connections are established from the local machine. The comma-separated syntax can also be used for scp/rsync, eg rsync -a -e dbclient m@gateway,m2@host,martello:/home/matt/ ~/backup/ to bounce through a few hosts. - Add -I "idle timeout" option (contributed by Farrell Aultman) - Allow restrictions on authorized_keys logins such as restricting commands to be run etc. This is a subset of those allowed by OpenSSH, doesn't yet allow restricting source host. - Use vfork() for scp on uClinux - Default to PATH=/usr/bin:/bin for shells. - Report errors if -R forwarding fails - Add counter mode cipher support, which avoids some security problems with the standard CBC mode. - Support zlib@openssh.com delayed compression for client/server. It can be required for the Dropbear server with the '-Z' option. This is useful for security as it avoids exposing the server to attacks on zlib by unauthenticated remote users, though requires client side support. - options.h has been split into options.h (user-changable) and sysoptions.h (less commonly changed) - Support "dbclient -s sftp" to specify a subsystem - Fix a bug in replies to channel requests that could be triggered by recent versions of PuTTY 0.51 - Thu 27 March 2008 - Make a copy of password fields rather erroneously relying on getwpnam() to be safe to call multiple times - If $SSH_ASKPASS_ALWAYS environment variable is set (and $SSH_ASKPASS is as well) always use that program, ignoring isatty() and $DISPLAY - Wait until a process exits before the server closes a connection, so that an exit code can be sent. This fixes problems with exit codes not being returned, which could cause scp to fail. |
| 2009-06-14 20:13:41 by Joerg Sonnenberger | Files touched by this commit (154) |
Log message: Remove @dirrm entries from PLISTs |
| 2007-09-06 21:15:10 by Johnny C. Lam | Files touched by this commit (3) |
Log message:
Honor PKG_SYSCONFDIR. The default host keys for dropbear are now found in
${PKG_SYSCONFDIR}/dropbear. Bump the PKGREVISION to 2.
|
| 2007-09-06 18:31:55 by Johnny C. Lam | Files touched by this commit (2) |
Log message: Install the manual pages for dropbear. Bump the PKGREVISION to 1. |
| 2007-09-06 18:07:52 by Johnny C. Lam | Files touched by this commit (2) |
Log message: Put variable declarations at beginning of a block to work with older compilers. |
| 2007-09-06 17:55:06 by Johnny C. Lam | Files touched by this commit (1) |
Log message: For the "pam" package option, one needs to include pam.buildlink3.mk. |
| 2007-09-05 23:08:06 by Matthias Drochner | Files touched by this commit (3) | |
Log message: update to 0.50 changes: - Add DROPBEAR_PASSWORD environment variable to specify a dbclient password - Use /dev/urandom by default, since that's what everyone does anyway - Exit with an exit code of 1 if dropbear can't bind to any ports - Improve network performance and add a -W <receive_window> argument for adjusting the tradeoff between network performance and memory consumption - Fix a problem where reply packets could be sent during key exchange, in violation of the SSH spec. This could manifest itself with connections being terminated after 8 hours with new TCP-forward connections being established - Add -K <keepalive_time> argument, ensuring that data is transmitted over the connection at least every N seconds - dropbearkey will no longer generate DSS keys of sizes other than 1024 bits, as required by the DSS specification. (Other sizes are still accepted for use to provide backwards compatibility) |
| 2007-03-23 21:07:02 by Matthias Drochner | Files touched by this commit (3) | |
Log message: update to 0.49 change: warn strongly when a hostkey mismatch occurred |
New packages: