From dde673f8d7f2500c00c14384a17f5ee74e80431c Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Wed, 22 Mar 2006 05:12:18 +0000 Subject: [PATCH 1/6] minor cleanups for some warnings --HG-- extra : convert_revision : 6ace12c71fc2773210f2f3d374c96622ca54fe48 --- random.c | 4 ++-- svr-main.c | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/random.c b/random.c index cbbe016..5953a43 100644 --- a/random.c +++ b/random.c @@ -31,7 +31,8 @@ static int donerandinit = 0; /* this is used to generate unique output from the same hashpool */ static uint32_t counter = 0; -#define MAX_COUNTER 1<<31 /* the max value for the counter, so it won't loop */ +/* the max value for the counter, so it won't integer overflow */ +#define MAX_COUNTER 1<<30 static unsigned char hashpool[SHA1_HASH_SIZE]; @@ -167,7 +168,6 @@ void reseedrandom() { gettimeofday(&tv, NULL); hash_state hs; - unsigned char hash[SHA1_HASH_SIZE]; sha1_init(&hs); sha1_process(&hs, (void*)hashpool, sizeof(hashpool)); sha1_process(&hs, (void*)&pid, sizeof(pid)); diff --git a/svr-main.c b/svr-main.c index e06eb5e..e00de6b 100644 --- a/svr-main.c +++ b/svr-main.c @@ -28,6 +28,7 @@ #include "buffer.h" #include "signkey.h" #include "runopts.h" +#include "random.h" static size_t listensockets(int *sock, size_t sockcount, int *maxfd); static void sigchld_handler(int dummy); From 1e03393b6813b8dc77916665d8940475f06acdb2 Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Sat, 25 Mar 2006 12:57:37 +0000 Subject: [PATCH 2/6] Some cleanups/fixes for various TRACE statements --HG-- extra : convert_revision : 84eb6fedc6df0666f8053b9018bf16635dbfb257 --- cli-auth.c | 2 +- cli-chansession.c | 4 ++-- common-channel.c | 2 +- svr-auth.c | 7 ++++--- 4 files changed, 8 insertions(+), 7 deletions(-) diff --git a/cli-auth.c b/cli-auth.c index d08de9a..ba4cf6c 100644 --- a/cli-auth.c +++ b/cli-auth.c @@ -236,8 +236,8 @@ void recv_msg_userauth_success() { void cli_auth_try() { - TRACE(("enter cli_auth_try")) int finished = 0; + TRACE(("enter cli_auth_try")) CHECKCLEARTOWRITE(); diff --git a/cli-chansession.c b/cli-chansession.c index 6d358b7..1dad607 100644 --- a/cli-chansession.c +++ b/cli-chansession.c @@ -162,14 +162,14 @@ void cli_tty_cleanup() { static void put_termcodes() { - TRACE(("enter put_termcodes")) - struct termios tio; unsigned int sshcode; const struct TermCode *termcode; unsigned int value; unsigned int mapcode; + TRACE(("enter put_termcodes")) + unsigned int bufpos1, bufpos2; if (tcgetattr(STDIN_FILENO, &tio) == -1) { diff --git a/common-channel.c b/common-channel.c index 68d2b48..0be354d 100644 --- a/common-channel.c +++ b/common-channel.c @@ -236,7 +236,7 @@ static void checkclose(struct Channel *channel) { TRACE(("checkclose: writefd %d, readfd %d, errfd %d, sentclosed %d, recvclosed %d", channel->writefd, channel->readfd, channel->errfd, channel->sentclosed, channel->recvclosed)) - TRACE(("writebuf %d extrabuf %s extrabuf %d", + TRACE(("writebuf size %d extrabuf ptr 0x%x extrabuf size %d", cbuf_getused(channel->writebuf), channel->writebuf, channel->writebuf ? 0 : cbuf_getused(channel->extrabuf))) diff --git a/svr-auth.c b/svr-auth.c index f0fca38..d0eba9b 100644 --- a/svr-auth.c +++ b/svr-auth.c @@ -315,14 +315,15 @@ void send_msg_userauth_failure(int partial, int incrfail) { buf_setpos(typebuf, 0); buf_putstring(ses.writepayload, buf_getptr(typebuf, typebuf->len), typebuf->len); + + TRACE(("auth fail: methods %d, '%s'", ses.authstate.authtypes, + buf_getptr(typebuf, typebuf->len))); + buf_free(typebuf); buf_putbyte(ses.writepayload, partial ? 1 : 0); encrypt_packet(); - TRACE(("auth fail: methods %d, '%s'", ses.authstate.authtypes, - buf_getptr(typebuf, typebuf->len))); - if (incrfail) { usleep(300000); /* XXX improve this */ ses.authstate.failcount++; From d57a56407b3230672d9320d25d11fc2ec58e359f Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Sun, 26 Mar 2006 09:26:43 +0000 Subject: [PATCH 3/6] A few more fixups, make sure that variable declarations are the first thing in a function --HG-- extra : convert_revision : 5e475ab869513f9ce5baff42838a656f99300487 --- cli-chansession.c | 4 ++-- random.c | 12 ++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/cli-chansession.c b/cli-chansession.c index 1dad607..fee8a22 100644 --- a/cli-chansession.c +++ b/cli-chansession.c @@ -168,10 +168,10 @@ static void put_termcodes() { unsigned int value; unsigned int mapcode; - TRACE(("enter put_termcodes")) - unsigned int bufpos1, bufpos2; + TRACE(("enter put_termcodes")) + if (tcgetattr(STDIN_FILENO, &tio) == -1) { dropbear_log(LOG_WARNING, "Failed reading termmodes"); buf_putint(ses.writepayload, 1); /* Just the terminator */ diff --git a/random.c b/random.c index 5953a43..c836de9 100644 --- a/random.c +++ b/random.c @@ -134,7 +134,7 @@ void seedrandom() { hash_state hs; /* initialise so that things won't warn about - * hashing an undefined buffer */ + * hashing an undefined buffer */ if (!donerandinit) { m_burn(hashpool, sizeof(hashpool)); } @@ -157,17 +157,17 @@ void seedrandom() { * the random pools for fork()ed processes. */ void reseedrandom() { - pid_t pid; - struct timeval tv; + pid_t pid; + hash_state hs; + struct timeval tv; if (!donerandinit) { dropbear_exit("seedrandom not done"); } - pid = getpid(); - gettimeofday(&tv, NULL); + pid = getpid(); + gettimeofday(&tv, NULL); - hash_state hs; sha1_init(&hs); sha1_process(&hs, (void*)hashpool, sizeof(hashpool)); sha1_process(&hs, (void*)&pid, sizeof(pid)); From 719b47e3aabe4c86adc15e8ad0fbea7aea85b81a Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Mon, 27 Mar 2006 15:13:48 +0000 Subject: [PATCH 4/6] send success message for successful window change request --HG-- extra : convert_revision : 2a6c9eb6a9c0f8a0b7b479aaf075c8a195339fcd --- svr-chansession.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/svr-chansession.c b/svr-chansession.c index 0916e7e..605bb60 100644 --- a/svr-chansession.c +++ b/svr-chansession.c @@ -410,7 +410,7 @@ static int sessionwinchange(struct ChanSess *chansess) { pty_change_window_size(chansess->master, termr, termc, termw, termh); - return DROPBEAR_FAILURE; + return DROPBEAR_SUCCESS; } static void get_termmodes(struct ChanSess *chansess) { From c1b602145f51d00d5191cb72ff794bafaadfe80b Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Wed, 12 Apr 2006 05:51:32 +0000 Subject: [PATCH 5/6] don't fail fatally if the client can't get homedir from getpwuid(), fallback to $HOME. --HG-- extra : convert_revision : 279bd16a3e639764df14dce868fdeea7d6a0f317 --- cli-kex.c | 60 ++++++++++++++++++++++++++++++++----------------------- 1 file changed, 35 insertions(+), 25 deletions(-) diff --git a/cli-kex.c b/cli-kex.c index 40d4e95..ea4a2a5 100644 --- a/cli-kex.c +++ b/cli-kex.c @@ -145,6 +145,7 @@ static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) { FILE *hostsfile = NULL; int readonly = 0; struct passwd *pw = NULL; + char * homedir = NULL; unsigned int hostlen, algolen; unsigned long len; const char *algoname = NULL; @@ -153,41 +154,50 @@ static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) { pw = getpwuid(getuid()); - if (pw == NULL) { - dropbear_exit("Failed to get homedir"); + if (pw) + homedir = pw->pw_dir; + } + pw = NULL; + + if (!homedir) + homedir = getenv("HOME"); } - len = strlen(pw->pw_dir); - filename = m_malloc(len + 18); /* "/.ssh/known_hosts" and null-terminator*/ + if (homedir) { - snprintf(filename, len+18, "%s/.ssh", pw->pw_dir); - /* Check that ~/.ssh exists - easiest way is just to mkdir */ - if (mkdir(filename, S_IRWXU) != 0) { - if (errno != EEXIST) { - dropbear_log(LOG_INFO, "Warning: failed creating ~/.ssh: %s", - strerror(errno)); - TRACE(("mkdir didn't work: %s", strerror(errno))) - ask_to_confirm(keyblob, keybloblen); - goto out; /* only get here on success */ + len = strlen(homedir); + filename = m_malloc(len + 18); /* "/.ssh/known_hosts" and null-terminator*/ + + snprintf(filename, len+18, "%s/.ssh", homedir); + /* Check that ~/.ssh exists - easiest way is just to mkdir */ + if (mkdir(filename, S_IRWXU) != 0) { + if (errno != EEXIST) { + dropbear_log(LOG_INFO, "Warning: failed creating ~/.ssh: %s", + strerror(errno)); + TRACE(("mkdir didn't work: %s", strerror(errno))) + ask_to_confirm(keyblob, keybloblen); + goto out; /* only get here on success */ + } } - } - snprintf(filename, len+18, "%s/.ssh/known_hosts", pw->pw_dir); - hostsfile = fopen(filename, "a+"); - - if (hostsfile != NULL) { - fseek(hostsfile, 0, SEEK_SET); - } else { - /* We mightn't have been able to open it if it was read-only */ - if (errno == EACCES || errno == EROFS) { - TRACE(("trying readonly: %s", strerror(errno))) - readonly = 1; - hostsfile = fopen(filename, "r"); + snprintf(filename, len+18, "%s/.ssh/known_hosts", homedir); + hostsfile = fopen(filename, "a+"); + + if (hostsfile != NULL) { + fseek(hostsfile, 0, SEEK_SET); + } else { + /* We mightn't have been able to open it if it was read-only */ + if (errno == EACCES || errno == EROFS) { + TRACE(("trying readonly: %s", strerror(errno))) + readonly = 1; + hostsfile = fopen(filename, "r"); + } } } if (hostsfile == NULL) { TRACE(("hostsfile didn't open: %s", strerror(errno))) + dropbear_log(LOG_WARNING, "Failed to open ~/.ssh/known_hosts"); ask_to_confirm(keyblob, keybloblen); goto out; /* We only get here on success */ } From b6b96f884110f96a31e35139196749ed7f91462c Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Tue, 18 Apr 2006 01:33:30 +0000 Subject: [PATCH 6/6] Include CPPFLAGS in CFLAGS --HG-- extra : convert_revision : 138a11bc1e2babcd8b1182e6cb2a85d4e9404b11 --- Makefile.in | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Makefile.in b/Makefile.in index fc17c1f..1ce13d2 100644 --- a/Makefile.in +++ b/Makefile.in @@ -69,7 +69,8 @@ AR=@AR@ RANLIB=@RANLIB@ STRIP=@STRIP@ INSTALL=@INSTALL@ -CFLAGS=-I. -I$(srcdir)/libtomcrypt/src/headers/ @CFLAGS@ +CPPFLAGS=@CPPFLAGS@ +CFLAGS=-I. -I$(srcdir)/libtomcrypt/src/headers/ $(CPPFLAGS) @CFLAGS@ LIBS=$(LTC) $(LTM) @LIBS@ LDFLAGS=@LDFLAGS@