0.44 release changes

8 files changed, 66 insertions, 25 deletions

diff --git a/CHANGES b/CHANGES
index 18c71f9..f2689c1 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,18 +1,38 @@
-0.44test5 - 
+0.44 - Mon Jan 3 2005
+
+- SECURITY: Fix for PAM auth so that usernames are logged and conversation
+  function responses are allocated correctly - all 0.44test4 users with PAM
+  compiled in (not default) are advised to upgrade.
+
+- Fix calls to getnameinfo() for compatibility with Solaris
+
+- Pristine compilation works (run 'configure' from a fresh dir and make it
+  there)
+
+- Fixes for compiling with most options disabled.
+
+- Upgraded to LibTomCrypt 0.99 and LibTomMath 0.32
+
+- Make sure that zeroing out of values in LTM and LTC won't get optimised away
+
+- Removed unused functions from loginrec.c
+
+- /dev/random is now the default entropy source rather than /dev/urandom
+
+- Logging of IPs in auth success/failure messages for improved greppability
 
 - Fix dbclient so that "scp -i keyfile" works. (It can handle "-ikeyfile
   properly)
 
-- Fix for PAM auth so that usernames are logged and conversation function
-  responses are allocated correctly.
-
 - Avoid a race in server shell-handling code which prevents the exit-code
-  from being returned to the client.
+  from being returned to the client in some circumstances.
 
 - Makefile modified so that install target works correctly (doesn't try
   to install "all" binary) - patch from Juergen Daubert
 
-0.44test4 - Tue Sept 14 21:15:54 +0800
+- Various minor fixes and compile warnings.
+
+0.44test4 - Tue Sept 14 2004 21:15:54 +0800
 
 - Fix inetd mode so it actually loads the hostkeys (oops)
 
diff --git a/Makefile.in b/Makefile.in
index 4cad5bf..dfb2004 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,4 +1,5 @@
 # This Makefile is for Dropbear SSH Server and Client
+# @configure_input@
 
 # invocation:
 # make PROGRAMS="dropbear dbclient scp" MULTI=1 STATIC=1 SCPPROGRESS=1
diff --git a/README b/README
index 52e3cf0..43dd1f2 100644
--- a/README
+++ b/README
@@ -69,6 +69,6 @@ pty, and you cannot login as any user other than that running the daemon
 
 The Dropbear distribution includes a standalone version of OpenSSH's scp
 program. You can compile it with "make scp", you may want to change the path
-of the ssh binary, specified near the top of the scp.c file. By default
+of the ssh binary, specified by _PATH_SSH_PROGRAM in options.h . By default
 the progress meter isn't compiled in to save space, you can enable it by 
 adding 'SCPPROGRESS=1' to the make commandline.
diff --git a/SMALL b/SMALL
index a7442aa..babd671 100644
--- a/SMALL
+++ b/SMALL
@@ -1,25 +1,36 @@
 Tips for a small system:
 
-The following are set in options.h
+If you only want server functionality (for example), compile with
+	make PROGRAMS=dropbear
+rather than just
+	make dropbear
+so that client functionality in shared portions of Dropbear won't be included.
+The same applies if you are compiling just a client.
 
-- You can safely disable blowfish and twofish ciphers, and MD5 hmac, without
-  affecting interoperability
+---
 
-- If you're compiling statically, you can turn off host lookups
+The following are set in options.h:
 
-- You can disable either password or public-key authentication, though note
-  that the IETF draft states that pubkey authentication is required.
+	- You can safely disable blowfish and twofish ciphers, and MD5 hmac, without
+	  affecting interoperability
 
-- Similarly with DSS and RSA, you can disable one of these if you know that
-  all clients will be able to support a particular one. The IETF draft
-  states that DSS is required, however you may prefer to use RSA. 
-  DON'T disable either of these on systems where you aren't 100% sure about
-  who will be connecting and what clients they will be using.
+	- If you're compiling statically, you can turn off host lookups
 
-- Disabling the MOTD code and SFTP-SERVER may save a small amount of codesize
+	- You can disable either password or public-key authentication, though note
+	  that the IETF draft states that pubkey authentication is required.
 
-- You can disable x11, tcp and agent forwarding as desired. None of these are
-  essential, although agent-forwarding is often useful even on firewall boxes.
+	- Similarly with DSS and RSA, you can disable one of these if you know that
+	  all clients will be able to support a particular one. The IETF draft
+	  states that DSS is required, however you may prefer to use RSA. 
+	  DON'T disable either of these on systems where you aren't 100% sure about
+	  who will be connecting and what clients they will be using.
+
+	- Disabling the MOTD code and SFTP-SERVER may save a small amount of codesize
+
+	- You can disable x11, tcp and agent forwarding as desired. None of these are
+	  essential, although agent-forwarding is often useful even on firewall boxes.
+
+---
 
 If you are compiling statically, you may want to disable zlib, as it will use
 a few tens of kB of binary-size (./configure --disable-zlib).
diff --git a/TODO b/TODO
index dac9a04..4b82efc 100644
--- a/TODO
+++ b/TODO
@@ -20,10 +20,11 @@ Things which might need doing:
 - CTR mode, SSH_MSG_IGNORE sending to improve CBC security
 - DH Group Exchange possibly, or just add group14 (whatever it's called today)
 
-- Use m_burn for clearing sensitive items in LTM/LTC
-
 - fix scp.c for IRIX
 
 - Be able to use OpenSSH keys for the client? or at least have some form of 
   encrypted keys.
+
 - Client agent forwarding
+
+- Handle restrictions in ~/.ssh/authorized_keys ?
diff --git a/dbutil.c b/dbutil.c
index ce43933..c77386f 100644
--- a/dbutil.c
+++ b/dbutil.c
@@ -603,6 +603,8 @@ void * m_realloc(void* ptr, size_t size) {
 
 /* Clear the data, based on the method in David Wheeler's
  * "Secure Programming for Linux and Unix HOWTO" */
+/* Beware of calling this from within dbutil.c - things might get
+ * optimised away */
 void m_burn(void *data, unsigned int len) {
 	volatile char *p = data;
 
diff --git a/debian/changelog b/debian/changelog
index 279290c..bfc0730 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+dropbear (0.44test4-1) unstable; urgency=high
+
+  * New upstream release, various fixes.
+
+ -- Matt Johnston <matt@ucc.asn.au>  Mon, 3 January 2005 00:44:54 +0800
+
 dropbear (0.44test4-1) unstable; urgency=medium
 
   * New upstream beta, various useful fixes.
diff --git a/options.h b/options.h
index 7a8f1fd..11e7db1 100644
--- a/options.h
+++ b/options.h
@@ -117,7 +117,7 @@ etc) slower (perhaps by 50%). Recommended for most small systems. */
  * simple "Login: " "Password: " (or something like that - if your module is
  * similar but not quite like that, edit the strings in svr-authpam.c).
  * Basically, it's useful for systems like OS X where standard password crypts
- * don't work, but there's and interface via a PAM module. You'll need to
+ * don't work, but there's an interface via a PAM module. You'll need to
  * configure with --enable-pam as well, since it's off by default. And you
  * should only enable either PASSWORD _or_ PAM auth, not both. */
 
@@ -185,7 +185,7 @@ etc) slower (perhaps by 50%). Recommended for most small systems. */
  *******************************************************************/
 
 #ifndef DROPBEAR_VERSION
-#define DROPBEAR_VERSION "0.44test4"
+#define DROPBEAR_VERSION "0.44"
 #endif
 
 #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION