Versions of SSHProxy: (my development notes, so some of this may be a little cryptic) 0.02 (25 Jul 1999) First alpha release version 0.03 (27 Jul 1999) Localhost only hack put in to prevent access from elsewhere (just compares incoming IP addresses to 127.0.0.1 and rejects them otherwise) 0.04 ( 7 Aug 1999) CRLF problems in fixed strings sorted - should work properly with AntTerm now. Should close sockets more neatly - but never gets socket close messages so doesn't ATM. Attempts to sort out reentrancy in ssh.c - coroutine stuff makes this tricky. Currently more than 1 session seems to exhaust stack - why this is I don't know. 0.05 (14 Aug 1999) Tidies up a lot better - should close all sockets properly now. Still haven't worked out why it isn't getting close events - now just checks if recv() returns 0 when we get a data ready event, and flag it as a close if that's the case. Not ideal, but it works... More problems with coroutine stuff - can't reuse ssh session, as static coroutine values don't get reset. Pulled out into array of values in session struct. Now have to have a #defined value between functions that use them to choose correct slot in array. It gets messier and messier. Simon, was there no other way? 0.06 (15 Aug 1999) Static variables that were hidden away in ssh.c have now been pulled out into session structure - multiple sessions should work better now. Still strange bug that causes SSHProxy to die spontaneously when lots of connections are open - a long way down the call chain, the malloc() in sshrsa.c decides that it's going to kill SSHProxy, so next thing I know the atexit() handler has been called and SSHProxy disappears in a puff of smoke, without the malloc ever returning. Bizarre. By popular request, split into binary and source versions for download. 0.07 (30 Oct 1999) Ooops! Release version of 0.06 would allow connections from anywhere - fixed. (Alas little time to work on SSHProxy ATM, but getting heavy testing). 0.07a 0.07 packaged into an application 0.08 (26 Feb 2000) Ctrl-C should now work (out of bound data in telnet is read as well as normal socket data). 0.08a Changed logging levels to: 0 Errors 30 Serious warnings 60 Initialisation 100 Connections 130 Connections (low level) 160 Debug (high level) 200 Debug (low level) 230 Debug (very low level) 260 Code flow tracing 0.09 (17 Sep 2000) ------------------ Support for CryptRandom module plugged in - now uses cryptographically valid random numbers, so should be secure (but still doesn't verify host keys) Tidies up better (frees memory that PuTTY left lying around) Reports failure to open master socket with Wimp error box, not just logfile Workaround for memory bug that crashes second sessions - will run for one session only and quit Takes port number as argument, and shows in TaskManager Now checks first whether connecting host is valid, and then check whether we can open a session - doesn't moan about too many sessions open to invalid connecting hosts Log valid connecting attempts as well as invalid (at level LOG_CONNECTION) Default log level set to 125 (between LOG_CONNECTION and LOG_CONNECTION_LOW) Calls multitasking resolver instead of single tasking one 0.10 (17 Sep 2000) ------------------ Tony Houghton's memleak code put in to check memory accesses sshinterface zeros all SSH structures on entry, to be on safe side memleak picked up overlow in s_wrpkt_start - increased memory claimed by 32 bytes - seems to have fixed crashing problems - works with 16 sessions 17 Oct 2000: Parsing of host/username/password fixed - now accepts basic editing of entries Deprecated running >1 copy together - will break with SSHSockWatch Now logs hosts being connected to explicitly Verification of host keys works, keys are stored in Unix ssh format in Choices:Crpyto.SSH.KnownHosts 0.11 (12 Nov 2000) ------------------ Terminal type passed through from telnet to ssh session 0.12 (12 Dec 2000) ------------------ CryptRandom upgraded to 0.03 (was swallowing second click of double clicks) 0.13 (26 Dec 2000) ------------------ CryptRandom upgraded to 0.04 (now saves seed on Service_Shutdown) Now saves choices using SSHProxy$Choices rather than Choices$Write Problem fixed if telnet client sent IAC SB TERMINAL_TYPE as one message then IS whatever IAC SE as another (client would appear to press return in random places) 0.14 ( 8 Jan 2001) ------------------ Fixed DNS attack hole in hostname lookup (see Subject: [putty-bugs]Non-fully qualified domain names and host keys at http://lists.tartarus.org/pipermail/putty-bugs/2001-January.txt ) CryptRandom upgraded to 0.06 0.15ß(22 Jul 2001) ------------------ Made Run !Syslog rather than Filer_Run - make sure syslog is run before loading sshproxy. Added form of hostname:port entry for specifying ports to connect to the SSH server on other than 22 CryptRandom upgraded to 0.07 (now distributable without helpfiles) 0.16 (27 Jul 2001) ------------------ Fixed pause when sents lots and lots of data Fixed terminal type corruption bug (showed in ANTTerm as vt220vt220...) Fixed getpass() failing under OpenSSH_2.5.2p2 - this broke password entry things like passwd or su (SSHProxy wasn't properly ignoring SSH_MSG_IGNORE) Added support for tcp_wrappers 0.17 (28 May 2002) ------------------ Now sets IPTOS_LOWDELAY flag on telnet and ssh IP datagrams - this means they might get higher priority over other data (like FTP downloads) when traversing a limited bandwidth link. It seems to make a difference (RO->Linux 2.2 doing NAT->dialup->Linux 2.2), but depends on what each part of the link does with the Type of Service flags in an IP datagram. 0.18 (20 Jun 2002) ------------------ Memory leak for host/server keys fixed, supplied by Justin Fletcher. For release: new CryptRandom 0.09 (3 Nov 2002) - fixes security hole in CryptRandom_Block SWI (this is not used by SSHProxy). 0.19 (14 Dec 2003) ------------------ 32-bit compatible release, with new CryptRandom 0.12. Ported to Castle's C/C++ tools. 0.20 (18 Nov 2004) ------------------ Actually released the above, thanks to a prod from John Ballance. Added a few extra fixes from his patch.