WOLFSSH CHANGELOG

Below you will find the wolfSSH ChangeLog documenting the changes that took place with each release of wolfSSH since the project’s beginning in 2016.

wolfSSH 1.4.8

(11/4/2021)

  • New Feature Additions and Improvements
    • Add remote port forwarding
    • Make loading user created keys into the examples easier
    • Add --with-wolfssl and use --prefix to look for wolfSSL
    • Updated the unsupported GlobalReq response
  • Fixes
    • Fix for RSA public key auth
    • When decoding SFTP messages, fix the size checks so they don't wrap
    • Fix an issue where the testsuite and echoserver a socket failure
    • SFTP fix for getting attribute header
    • Fix for possible null dereference in SendKexDhReply
    • Remove reference to udp from test.h
    • Fixes to local port forwarding

wolfSSH 1.4.7

(07/23/2021)

  • New Feature Additions and Improvements
    • SCP improvements to run on embedded RTOS
    • For SFTP messages, check both minimum bound and maximum bound of the length value
    • Added option for --enable-small-stack
    • Added SFTP support for FatFs
    • Added 192 and 256 bit support for AES-CBC, AES-CTR, and AES-GCM
    • Added options to disable algorithms. (ie WOLFSSH_NO_ECDSA, WOLFSSH_NO_AES_CBC, etc)
    • Improved handling of builds without ECC
  • Fixes
    • When processing public key user auth, initialize the key earlier
    • When processing public key user auth, use GetSize() instead of GetUint32()
    • Fix for better handling rekey
    • Fix for build with NO_WOLFSSH_CLIENT macro and --enable-all
    • Fix configuration with WOLFSSH_NO_DH
    • To add internal function to purge a packet in case building one fails
    • Fix for cleanup in error case with SFTP read packet
    • Fix initialization of DH Size values

wolfSSH 1.4.6

(02/03/2021)

  • New Feature Additions
    • Added optional builds for not using RSA or ECC making the build more modular for resource constrained situations.
    • MQX IDE build added
    • Command line option added for Agent use with the example client
  • Fixes
    • Increase the ID list size for interop with some OpenSSH servers
    • In the case of a network error add a close to any open files with SFTP connection
    • Fix for potential memory leak with agent and a case with wolfSHS_SFTP_GetHandle
    • Fuzzing fix for potential out of bounds read in the public key user auth messages
    • MQX build fixes
    • Sanity check that agent was set before setting the agent’s channel
    • Fuzzing fix for bounds checking with DoKexDhReply internal function
    • Fuzzing fix for clean up of base path with SCP use
    • Fuzzing fix for sanity checks on setting the prime group and generator
    • Fuzzing fix for return result of high water check
    • Fuzzing fix for null terminator in internal ReceiveScpConfirmation function
  • Improvements and Optimizations
    • Example timeout added to SFTP example
    • Update wolfSSH_ReadKey_buffer() to handle P-384 and P-521 when reading a key from a buffer
    • Use internal version of strdup
    • Use strncmp instead of memcmp for comparing session string type

wolfSSH 1.4.5

(08/31/2020)

  • New Feature Additions
    • Added SSH-AGENT support to the echoserver and client
    • For testing purposes, add ability to have named users with authentication type of "none"
    • Added support for building for EWARM
    • Echoserver can now spawn a shell and set up a pty with it
    • Added example to the SCP callback for file transfers without a filesystem
  • Fixes
    • Fixes for clean connection shutdown in the example.
    • Fixes for some issues with DH KEX discovered with fuzz testing
    • Fix for an OOB read around the RSA signature
    • Fix for building with wolfSSL v4.5.0 with respect to `wc_ecc_set_rng()`; configure will detect the function's presence and work around it absence; see note in internal.c regarding the flag `HAVE_WC_ECC_SET_RNG` if not using configure
  • Improvements and Optimizations
    • Improved interoperability with winSCP
    • Improved interoperability with Dropbear
    • Example client can now authenticate with public keys

wolfSSH 1.4.4

(04/28/2020)

  • New Feature Additions
    • Added wolfSCP client example
    • Added support for building for VxWorks
  • Fixes
    • Fixes for some buffer issues discovered with fuzz testing
    • Fixes for some SCP directory issues in Nucleus
    • Fixed an issue where a buffer size went negative, cosmetic
    • Fixed bug in ECDSA when using alt-ecc-size in wolfCrypt
    • Fixed bug with AES-CTR and FIPSv2 build
    • Fixed bug when using single precision
    • Fix for SCP rename action
  • Improvements and Optimizations
    • Improved interoperability with FireZilla
    • Example tool option clarification
    • Better SFTP support in 32-bit environments
    • SFTP and SCP aren't dependent on ioctl() anymore
    • Add password rejection count
    • Public key vs password authentication chosen by user auth callback
    • MQX maintenance