ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-03-10 05:50:15 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

merge

Browse Source 
--HG--
branch : ecc
This commit is contained in:
Matt Johnston 2013-10-20 21:07:05 +08:00
commit 27510a6e9e
27 changed files with 284 additions and 110 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.hgsigs
View File

@ -4,3 +4,6 @@ aa2f51a6b81d33de5e9898a7f27c792a173d9b26 0 iD8DBQBOuADmjPn4sExkf7wRAv/fAJ9FJFvjD
9b80981212fe6c01b7c16b3ca7c4e66af56f12f1 0 iEYEABECAAYFAlFLKKcACgkQjPn4sExkf7xK7wCfcioCmJPsysSbQO6+4qZMVe0mmLwAn2/o+wRf4MrUXlohrr7aXEF9vdSB 9b80981212fe6c01b7c16b3ca7c4e66af56f12f1 0 iEYEABECAAYFAlFLKKcACgkQjPn4sExkf7xK7wCfcioCmJPsysSbQO6+4qZMVe0mmLwAn2/o+wRf4MrUXlohrr7aXEF9vdSB
095b46180bbc412b029420587736a6185afc17e1 0 iEYEABECAAYFAlFsCnkACgkQjPn4sExkf7xLrwCfeMWjUaSmfU/fvseT5TdrYRqBEVQAoLz5SFLEA40C5f8zE8Ma/vgVJVIC 095b46180bbc412b029420587736a6185afc17e1 0 iEYEABECAAYFAlFsCnkACgkQjPn4sExkf7xLrwCfeMWjUaSmfU/fvseT5TdrYRqBEVQAoLz5SFLEA40C5f8zE8Ma/vgVJVIC
f168962bab857ca030829e4cd73d9b32c868c874 0 iEYEABECAAYFAlFwDNwACgkQjPn4sExkf7wJ6QCePVovn/avKXUyNwNBYCcov6JLYqkAnRCPQdkXgv20N3t10r6PRMBBo1/S f168962bab857ca030829e4cd73d9b32c868c874 0 iEYEABECAAYFAlFwDNwACgkQjPn4sExkf7wJ6QCePVovn/avKXUyNwNBYCcov6JLYqkAnRCPQdkXgv20N3t10r6PRMBBo1/S
deb211f75ca194e2fcf0d2e5f71c60474e42ec95 0 iEYEABECAAYFAlJO01cACgkQjPn4sExkf7yDqACaA/P+Yl/K2Cv3OC5G0b7ck2Kb75EAoIeW7qpCyclzJLWwk95koED+4lxD
025237c9f0a1a60a616f984d82fb2a9270d3b0ea 0 iEYEABECAAYFAlJeqDYACgkQjPn4sExkf7y5nQCfW6t+TJySBTTo+gCfDUBPRVxvNe8AoIn/15aWfqH/A2G9uikfoVtWK3pd
a50a1dc743317fad9b3737bc68fbca640659bb6d 0 iEYEABECAAYFAlJeqL0ACgkQjPn4sExkf7yVqACg6IP0fU29+Feh/TDeemDA+2XAzrIAoIdZfMDvVYlDoWotZD8ACFnf5H1P

2
.hgtags
View File

@ -38,3 +38,5 @@ d7da3b1e15401eb234ec866d5eac992fc4cd5878 t:ltc-0.95-db-merge1
1b8b2b9d6e94bc3cc5e61b620476ea36cc466e1b DROPBEAR_2013.56 1b8b2b9d6e94bc3cc5e61b620476ea36cc466e1b DROPBEAR_2013.56
96b8bcb88017815040949a417caa55686271e8a9 DROPBEAR_2013.57 96b8bcb88017815040949a417caa55686271e8a9 DROPBEAR_2013.57
e76614145aea67f66e4a4257685c771efba21aa1 DROPBEAR_2013.58 e76614145aea67f66e4a4257685c771efba21aa1 DROPBEAR_2013.58
7b68e581985fd4ea50869f8608ab95cda5d17876 DROPBEAR_2013.59
a50a1dc743317fad9b3737bc68fbca640659bb6d DROPBEAR_2013.60

50
CHANGES
View File

@ -1,3 +1,45 @@
2013.60 - Wednesday 16 October 2013
- Fix "make install" so that it doesn't always install to /bin and /sbin
- Fix "make install MULTI=1", installing manpages failed
- Fix "make install" when scp is included since it has no manpage
- Make --disable-bundled-libtom work
2013.59 - Friday 4 October 2013
- Fix crash from -J command
Thanks to Lluís Batlle i Rossell and Arnaud Mouiche for patches
- Avoid reading too much from /proc/net/rt_cache since that causes
system slowness.
- Improve EOF handling for half-closed connections
Thanks to Catalin Patulea
- Send a banner message to report PAM error messages intended for the user
Patch from Martin Donnelly
- Limit the size of decompressed payloads, avoids memory exhaustion denial
of service
Thanks to Logan Lamb for reporting and investigating it. CVE-2013-4421
- Avoid disclosing existence of valid users through inconsistent delays
Thanks to Logan Lamb for reporting. CVE-2013-4434
- Update config.guess and config.sub for newer architectures
- Avoid segfault in server for locked accounts
- "make install" now installs manpages
dropbearkey.8 has been renamed to dropbearkey.1
manpage added for dropbearconvert
- Get rid of one second delay when running non-interactive commands
2013.58 - Thursday 18 April 2013 2013.58 - Thursday 18 April 2013
- Fix building with Zlib disabled, thanks to Hans Harder and cuma@freetz - Fix building with Zlib disabled, thanks to Hans Harder and cuma@freetz
@ -286,7 +328,7 @@ https://secure.ucc.asn.au/hg/dropbear/graph/default
- Security: dbclient previously would prompt to confirm a - Security: dbclient previously would prompt to confirm a
mismatching hostkey but wouldn't warn loudly. It will now mismatching hostkey but wouldn't warn loudly. It will now
exit upon a mismatch. exit upon a mismatch. CVE-2007-1099
- Compile fixes, make sure that all variable definitions are at the start - Compile fixes, make sure that all variable definitions are at the start
of a scope. of a scope.
@ -348,7 +390,7 @@ https://secure.ucc.asn.au/hg/dropbear/graph/default
(thanks to Tomas Vanek for helping track it down) (thanks to Tomas Vanek for helping track it down)
- Implement per-IP pre-authentication connection limits - Implement per-IP pre-authentication connection limits
(after some poking from Pablo Fernandez) (after some poking from Pablo Fernandez) CVE-2006-1206
- Exit gracefully if trying to connect to as SSH v1 server - Exit gracefully if trying to connect to as SSH v1 server
(reported by Rushi Lala) (reported by Rushi Lala)
@ -369,7 +411,7 @@ https://secure.ucc.asn.au/hg/dropbear/graph/default
- SECURITY: fix for buffer allocation error in server code, could potentially - SECURITY: fix for buffer allocation error in server code, could potentially
allow authenticated users to gain elevated privileges. All multi-user systems allow authenticated users to gain elevated privileges. All multi-user systems
running the server should upgrade (or apply the patch available on the running the server should upgrade (or apply the patch available on the
Dropbear webpage). Dropbear webpage). CVE-2005-4178
- Fix channel handling code so that redirecting to /dev/null doesn't use - Fix channel handling code so that redirecting to /dev/null doesn't use
100% CPU. 100% CPU.
@ -576,7 +618,7 @@ https://secure.ucc.asn.au/hg/dropbear/graph/default
- SECURITY: Don't try to free() uninitialised variables in DSS verification - SECURITY: Don't try to free() uninitialised variables in DSS verification
code. Thanks to Arne Bernin for pointing out this bug. This is possibly code. Thanks to Arne Bernin for pointing out this bug. This is possibly
exploitable, all users with DSS and pubkey-auth compiled in are advised to exploitable, all users with DSS and pubkey-auth compiled in are advised to
upgrade. upgrade. CVE-2004-2486
- Clean up agent forwarding socket files correctly, patch from Gerrit Pape. - Clean up agent forwarding socket files correctly, patch from Gerrit Pape.

2
LICENSE
View File

@ -8,7 +8,7 @@ The majority of code is written by Matt Johnston, under the license below.
Portions of the client-mode work are (c) 2004 Mihnea Stoenescu, under the Portions of the client-mode work are (c) 2004 Mihnea Stoenescu, under the
same license: same license:
Copyright (c) 2002-2008 Matt Johnston Copyright (c) 2002-2013 Matt Johnston
Portions copyright (c) 2004 Mihnea Stoenescu Portions copyright (c) 2004 Mihnea Stoenescu
All rights reserved. All rights reserved.

4
MULTI
View File

@ -20,7 +20,3 @@ etc
then execute as normal: then execute as normal:
./dropbear <options here> ./dropbear <options here>
"make install" doesn't currently work for multi-binary configuration, though
in most situations where it is being used, the target and build systems will
differ.

42
Makefile.in
View File

@ -67,9 +67,11 @@ VPATH=@srcdir@
srcdir=@srcdir@ srcdir=@srcdir@
prefix=@prefix@ prefix=@prefix@
exec_prefix=${prefix} exec_prefix=@exec_prefix@
bindir=${exec_prefix}/bin datarootdir = @datarootdir@
sbindir=${exec_prefix}/sbin bindir=@bindir@
sbindir=@sbindir@
mandir=@mandir@
CC=@CC@ CC=@CC@
AR=@AR@ AR=@AR@
@ -121,36 +123,34 @@ strip: $(TARGETS)
install: $(addprefix inst_, $(TARGETS)) install: $(addprefix inst_, $(TARGETS))
installdropbearmulti: insdbmulti $(addprefix insmulti, $(PROGRAMS))
insdbmulti: dropbearmulti
$(INSTALL) -d -m 755 $(DESTDIR)$(bindir)
$(INSTALL) -m 755 dropbearmulti$(EXEEXT) $(DESTDIR)$(bindir)
-chown root $(DESTDIR)$(bindir)/dropbearmulti$(EXEEXT)
-chgrp 0 $(DESTDIR)$(bindir)/dropbearmulti$(EXEEXT)
insmultidropbear: dropbearmulti insmultidropbear: dropbearmulti
$(INSTALL) -d -m 755 $(DESTDIR)$(sbindir) $(INSTALL) -d $(DESTDIR)$(sbindir)
-rm -f $(DESTDIR)$(sbindir)/dropbear$(EXEEXT) -rm -f $(DESTDIR)$(sbindir)/dropbear$(EXEEXT)
-ln -s $(bindir)/dropbearmulti$(EXEEXT) $(DESTDIR)$(sbindir)/dropbear$(EXEEXT) -ln -s $(bindir)/dropbearmulti$(EXEEXT) $(DESTDIR)$(sbindir)/dropbear$(EXEEXT)
$(INSTALL) -d $(DESTDIR)$(mandir)/man8
$(INSTALL) -m 644 dropbear.8 $(DESTDIR)$(mandir)/man8/dropbear.8
insmulti%: dropbearmulti insmulti%: dropbearmulti
$(INSTALL) -d -m 755 $(DESTDIR)$(bindir) $(INSTALL) -d $(DESTDIR)$(bindir)
-rm -f $(DESTDIR)$(bindir)/$*$(EXEEXT) -rm -f $(DESTDIR)$(bindir)/$*$(EXEEXT)
-ln -s $(bindir)/dropbearmulti$(EXEEXT) $(DESTDIR)$(bindir)/$*$(EXEEXT) -ln -s $(bindir)/dropbearmulti$(EXEEXT) $(DESTDIR)$(bindir)/$*$(EXEEXT)
$(INSTALL) -d $(DESTDIR)$(mandir)/man1
$(INSTALL) -m 644 $*.1 $(DESTDIR)$(mandir)/man1/$*.1
# dropbear should go in sbin, so it needs a seperate rule # dropbear should go in sbin, so it needs a seperate rule
inst_dropbear: dropbear inst_dropbear: dropbear
$(INSTALL) -d -m 755 $(DESTDIR)$(sbindir) $(INSTALL) -d $(DESTDIR)$(sbindir)
$(INSTALL) -m 755 dropbear$(EXEEXT) $(DESTDIR)$(sbindir) $(INSTALL) dropbear$(EXEEXT) $(DESTDIR)$(sbindir)
-chown root $(DESTDIR)$(sbindir)/dropbear$(EXEEXT) $(INSTALL) -d $(DESTDIR)$(mandir)/man8
-chgrp 0 $(DESTDIR)$(sbindir)/dropbear$(EXEEXT) $(INSTALL) -m 644 dropbear.8 $(DESTDIR)$(mandir)/man8/dropbear.8
inst_%: $* inst_%: $*
$(INSTALL) -d -m 755 $(DESTDIR)$(bindir) $(INSTALL) -d $(DESTDIR)$(bindir)
$(INSTALL) -m 755 $*$(EXEEXT) $(DESTDIR)$(bindir) $(INSTALL) $*$(EXEEXT) $(DESTDIR)$(bindir)
-chown root $(DESTDIR)$(bindir)/$*$(EXEEXT) $(INSTALL) -d $(DESTDIR)$(mandir)/man1
-chgrp 0 $(DESTDIR)$(bindir)/$*$(EXEEXT) if test -e $*.1; then $(INSTALL) -m 644 $*.1 $(DESTDIR)$(mandir)/man1/$*.1; fi
inst_dropbearmulti: $(addprefix insmulti, $(PROGRAMS))
# for some reason the rule further down doesn't like $($@objs) as a prereq. # for some reason the rule further down doesn't like $($@objs) as a prereq.

2
README
View File

@ -1,4 +1,4 @@
This is Dropbear, a smallish SSH 2 server and client. This is Dropbear, a smallish SSH server and client.
https://matt.ucc.asn.au/dropbear/dropbear.html https://matt.ucc.asn.au/dropbear/dropbear.html
INSTALL has compilation instructions. INSTALL has compilation instructions.

1
auth.h
View File

@ -36,6 +36,7 @@ void cli_authinitialise();
void recv_msg_userauth_request(); void recv_msg_userauth_request();
void send_msg_userauth_failure(int partial, int incrfail); void send_msg_userauth_failure(int partial, int incrfail);
void send_msg_userauth_success(); void send_msg_userauth_success();
void send_msg_userauth_banner(buffer *msg);
void svr_auth_password(); void svr_auth_password();
void svr_auth_pubkey(); void svr_auth_pubkey();
void svr_auth_pam(); void svr_auth_pam();

4
cli-chansession.c
View File

@ -71,7 +71,9 @@ static void cli_chansessreq(struct Channel *channel) {
TRACE(("got exit-signal, ignoring it")) TRACE(("got exit-signal, ignoring it"))
} else { } else {
TRACE(("unknown request '%s'", type)) TRACE(("unknown request '%s'", type))
send_msg_channel_failure(channel); if (wantreply) {
send_msg_channel_failure(channel);
}
goto out; goto out;
} }

7
cli-runopts.c
View File

@ -383,6 +383,13 @@ void cli_getopts(int argc, char ** argv) {
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
#ifdef ENABLE_CLI_PROXYCMD
if (cli_opts.proxycmd) {
/* To match the common path of m_freeing it */
cli_opts.proxycmd = m_strdup(cli_opts.proxycmd);
}
#endif
if (cli_opts.remoteport == NULL) { if (cli_opts.remoteport == NULL) {
cli_opts.remoteport = "22"; cli_opts.remoteport = "22";
} }

5
common-channel.c
View File

@ -307,7 +307,9 @@ static void check_close(struct Channel *channel) {
return; return;
} }
if (channel->recv_eof && !write_pending(channel)) { if ((channel->recv_eof && !write_pending(channel))
/* have a server "session" and child has exited */
|| (channel->type->check_close && close_allowed)) {
close_chan_fd(channel, channel->writefd, SHUT_WR); close_chan_fd(channel, channel->writefd, SHUT_WR);
} }
@ -336,6 +338,7 @@ static void check_close(struct Channel *channel) {
/* And if we can't receive any more data from them either, close up */ /* And if we can't receive any more data from them either, close up */
if (channel->readfd == FD_CLOSED if (channel->readfd == FD_CLOSED
&& channel->writefd == FD_CLOSED
&& (ERRFD_IS_WRITE(channel) || channel->errfd == FD_CLOSED) && (ERRFD_IS_WRITE(channel) || channel->errfd == FD_CLOSED)
&& !channel->sent_close && !channel->sent_close
&& close_allowed && close_allowed

18
configure.ac
View File

@ -364,10 +364,20 @@ AC_CHECK_FUNCS(setutxent utmpxname)
AC_CHECK_FUNCS(logout updwtmp logwtmp) AC_CHECK_FUNCS(logout updwtmp logwtmp)
AC_ARG_ENABLE(bundled-libtom, AC_ARG_ENABLE(bundled-libtom,
[ --enable-bundled-libtom Use bundled libtomcrypt/libtommath even if a system version exists], [ --enable-bundled-libtom Force using bundled libtomcrypt/libtommath even if a system version exists.
[ --disable-bundled-libtom Force using system libtomcrypt/libtommath, fail if it does not exist.
BUNDLED_LIBTOM=1 Default is to use system if available, otherwise bundled.],
AC_MSG_NOTICE(Forcing bundled libtom*) [
if test "x$enableval" = "xyes"; then
BUNDLED_LIBTOM=1
AC_MSG_NOTICE(Forcing bundled libtom*)
else
BUNDLED_LIBTOM=0
AC_CHECK_LIB(tomcrypt, register_cipher, ,
[AC_MSG_ERROR([Missing system libtomcrypt and --disable-bundled-libtom was specified])] )
AC_CHECK_LIB(tommath, mp_exptmod, ,
[AC_MSG_ERROR([Missing system libtomcrypt and --disable-bundled-libtom was specified])] )
fi
], ],
[ [
BUNDLED_LIBTOM=0 BUNDLED_LIBTOM=0

11
dbclient.1
View File

@ -1,6 +1,6 @@
.TH dbclient 1 .TH dbclient 1
.SH NAME .SH NAME
dbclient \- lightweight SSH2 client dbclient \- lightweight SSH client
.SH SYNOPSIS .SH SYNOPSIS
.B dbclient .B dbclient
[\-Tt] [\-p [\-Tt] [\-p
@ -19,7 +19,7 @@ dbclient \- lightweight SSH2 client
.SH DESCRIPTION .SH DESCRIPTION
.B dbclient .B dbclient
is a SSH 2 client designed to be small enough to be used in small memory is a SSH client designed to be small enough to be used in small memory
environments, while still being functional and secure enough for general use. environments, while still being functional and secure enough for general use.
.SH OPTIONS .SH OPTIONS
.TP .TP
@ -31,9 +31,10 @@ Default is 22.
.TP .TP
.B \-i \fIidfile .B \-i \fIidfile
Identity file. Identity file.
Read the identity from file Read the identity key from file
.I idfile .I idfile
(multiple allowed). (multiple allowed). This file is created with dropbearkey(1) or converted
from OpenSSH with dropbearconvert(1).
.TP .TP
.B \-L [\fIlistenaddress\fR]:\fIlistenport\fR:\fIhost\fR:\fIport\fR .B \-L [\fIlistenaddress\fR]:\fIlistenport\fR:\fIhost\fR:\fIport\fR
Local port forwarding. Local port forwarding.
@ -161,6 +162,6 @@ Mihnea Stoenescu wrote initial Dropbear client support
.br .br
Gerrit Pape (pape@smarden.org) wrote this manual page. Gerrit Pape (pape@smarden.org) wrote this manual page.
.SH SEE ALSO .SH SEE ALSO
dropbear(8), dropbearkey(8) dropbear(8), dropbearkey(1)
.P .P
https://matt.ucc.asn.au/dropbear/dropbear.html https://matt.ucc.asn.au/dropbear/dropbear.html

13
dbutil.c
View File

@ -892,3 +892,16 @@ int m_str_to_uint(const char* str, unsigned int *val) {
return DROPBEAR_SUCCESS; return DROPBEAR_SUCCESS;
} }
} }
int constant_time_memcmp(const void* a, const void *b, size_t n)
{
const char *xa = a, *xb = b;
uint8_t c = 0;
size_t i;
for (i = 0; i < n; i++)
{
c |= (xa[i] ^ xb[i]);
}
return c;
}

3
dbutil.h
View File

@ -95,4 +95,7 @@ int m_str_to_uint(const char* str, unsigned int *val);
/* Dropbear assertion */ /* Dropbear assertion */
#define dropbear_assert(X) do { if (!(X)) { fail_assert(#X, __FILE__, __LINE__); } } while (0) #define dropbear_assert(X) do { if (!(X)) { fail_assert(#X, __FILE__, __LINE__); } } while (0)
/* Returns 0 if a and b have the same contents */
int constant_time_memcmp(const void* a, const void *b, size_t n);
#endif /* _DBUTIL_H_ */ #endif /* _DBUTIL_H_ */

13
debian/changelog vendored
View File

@ -1,3 +1,16 @@
dropbear (2013.60-0.1) unstable; urgency=low
* New upstream release.
-- Matt Johnston <matt@ucc.asn.au> Wed, 16 Oct 2013 22:54:00 +0800
dropbear (2013.59-0.1) unstable; urgency=low
* New upstream release.
* Build with DEB_BUILD_MAINT_OPTIONS = hardening=+all
-- Matt Johnston <matt@ucc.asn.au> Fri, 4 Oct 2013 22:54:00 +0800
dropbear (2013.58-0.1) unstable; urgency=low dropbear (2013.58-0.1) unstable; urgency=low
* New upstream release. * New upstream release.

19
debian/rules vendored
View File

@ -1,5 +1,9 @@
#!/usr/bin/make -f #!/usr/bin/make -f
export DEB_BUILD_MAINT_OPTIONS = hardening=+all
DPKG_EXPORT_BUILDFLAGS = 1
include /usr/share/dpkg/buildflags.mk
#export DH_OPTIONS #export DH_OPTIONS
DEB_HOST_GNU_TYPE ?=$(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) DEB_HOST_GNU_TYPE ?=$(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
DEB_BUILD_GNU_TYPE ?=$(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) DEB_BUILD_GNU_TYPE ?=$(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
@ -9,13 +13,6 @@ ifneq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
STRIP =: nostrip STRIP =: nostrip
endif endif
CFLAGS =-Wall -g
ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
CFLAGS +=-O0
else
CFLAGS +=-O2
endif
CONFFLAGS = CONFFLAGS =
CC =gcc CC =gcc
ifneq (,$(findstring diet,$(DEB_BUILD_OPTIONS))) ifneq (,$(findstring diet,$(DEB_BUILD_OPTIONS)))
@ -79,12 +76,12 @@ install: deb-checkdir deb-checkuid build-stamp
ln -s /var/log/dropbear '$(DIR)'/etc/dropbear/log/main ln -s /var/log/dropbear '$(DIR)'/etc/dropbear/log/main
# man pages # man pages
install -d -m0755 '$(DIR)'/usr/share/man/man8 install -d -m0755 '$(DIR)'/usr/share/man/man8
for i in dropbear.8 dropbearkey.8; do \ install -d -m0755 '$(DIR)'/usr/share/man/man1
install -m644 $$i '$(DIR)'/usr/share/man/man8/ || exit 1; \ install -m644 dropbear.8 '$(DIR)'/usr/share/man/man8/
for i in dbclient.1 dropbearkey.1 dropbearconvert.1; do \
install -m644 $$i '$(DIR)'/usr/share/man/man1/ || exit 1; \
done done
gzip -9 '$(DIR)'/usr/share/man/man8/*.8 gzip -9 '$(DIR)'/usr/share/man/man8/*.8
install -d -m0755 '$(DIR)'/usr/share/man/man1
install -m644 dbclient.1 '$(DIR)'/usr/share/man/man1/
gzip -9 '$(DIR)'/usr/share/man/man1/*.1 gzip -9 '$(DIR)'/usr/share/man/man1/*.1
# copyright, changelog # copyright, changelog
cat debian/copyright.in LICENSE >debian/copyright cat debian/copyright.in LICENSE >debian/copyright

13
dropbear.8
View File

@ -1,6 +1,6 @@
.TH dropbear 8 .TH dropbear 8
.SH NAME .SH NAME
dropbear \- lightweight SSH2 server dropbear \- lightweight SSH server
.SH SYNOPSIS .SH SYNOPSIS
.B dropbear .B dropbear
[\-FEmwsgjki] [\-b [\-FEmwsgjki] [\-b
@ -10,7 +10,7 @@ dropbear \- lightweight SSH2 server
.IR [address:]port ] .IR [address:]port ]
.SH DESCRIPTION .SH DESCRIPTION
.B dropbear .B dropbear
is a SSH 2 server designed to be small enough to be used in small memory is a SSH server designed to be small enough to be used in small memory
environments, while still being functional and secure enough for general use. environments, while still being functional and secure enough for general use.
.SH OPTIONS .SH OPTIONS
.TP .TP
@ -29,7 +29,7 @@ Note that
some SSH implementations some SSH implementations
use the term "DSA" rather than "DSS", they mean the same thing. use the term "DSA" rather than "DSS", they mean the same thing.
This file is generated with This file is generated with
.BR dropbearkey (8). .BR dropbearkey (1).
.TP .TP
.B \-r \fIrsakey .B \-r \fIrsakey
rsakeyfile. rsakeyfile.
@ -37,7 +37,7 @@ Use the contents of the file
.I rsakey .I rsakey
for the rsa host key (default: /etc/dropbear/dropbear_rsa_host_key). for the rsa host key (default: /etc/dropbear/dropbear_rsa_host_key).
This file is generated with This file is generated with
.BR dropbearkey (8). .BR dropbearkey (1).
.TP .TP
.B \-F .B \-F
Don't fork into background. Don't fork into background.
@ -180,13 +180,14 @@ in this variable. If a shell was requested this is set to an empty value.
.B SSH_AUTH_SOCK .B SSH_AUTH_SOCK
Set to a forwarded ssh-agent connection. Set to a forwarded ssh-agent connection.
.SH NOTES
Dropbear only supports SSH protocol version 2.
.SH AUTHOR .SH AUTHOR
Matt Johnston (matt@ucc.asn.au). Matt Johnston (matt@ucc.asn.au).
.br .br
Gerrit Pape (pape@smarden.org) wrote this manual page. Gerrit Pape (pape@smarden.org) wrote this manual page.
.SH SEE ALSO .SH SEE ALSO
dropbearkey(8), dbclient(1) dropbearkey(1), dbclient(1), dropbearconvert(1)
.P .P
https://matt.ucc.asn.au/dropbear/dropbear.html https://matt.ucc.asn.au/dropbear/dropbear.html

50
dropbearconvert.1 Normal file
View File

@ -0,0 +1,50 @@
.TH dropbearconvert 1
.SH NAME
dropbearconvert \- convert between Dropbear and OpenSSH private key formats
.SH SYNOPSIS
.B dropbearconvert
.I input_type
.I output_type
.I input_file
.I output_file
.SH DESCRIPTION
.B Dropbear
and
.B OpenSSH
SSH implementations have different private key formats.
.B dropbearconvert
can convert between the two.
.P
Dropbear uses the same SSH public key format as OpenSSH, it can be extracted
from a private key by using
.B dropbearkey \-y
.P
Encrypted private keys are not supported, use ssh-keygen(1) to decrypt them
first.
.SH OPTIONS
.TP
.B input type
Either
.I dropbear
or
.I openssh
.TP
.B output type
Either
.I dropbear
or
.I openssh
.TP
.B input file
An existing Dropbear or OpenSSH private key file
.TP
.B output file
The path to write the converted private key file
.SH EXAMPLE
# dropbearconvert openssh dropbear ~/.ssh/id_rsa ~/.ssh/dropbear_priv
.SH AUTHOR
Matt Johnston (matt@ucc.asn.au).
.SH SEE ALSO
dropbearkey(1), ssh-keygen(1)
.P
https://matt.ucc.asn.au/dropbear/dropbear.html

13
dropbearkey.8 → dropbearkey.1
View File

@ -1,6 +1,6 @@
.TH dropbearkey 8 .TH dropbearkey 1
.SH NAME .SH NAME
dropbearkey \- create private keys for the use with dropbear(8) dropbearkey \- create private keys for the use with dropbear(8) or dbclient(1)
.SH SYNOPSIS .SH SYNOPSIS
.B dropbearkey .B dropbearkey
\-t \-t
@ -16,8 +16,7 @@ generates a
or or
.I DSS .I DSS
format SSH private key, and saves it to a file for the use with the format SSH private key, and saves it to a file for the use with the
.BR dropbear (8) Dropbear client or server.
SSH 2 server.
Note that Note that
some SSH implementations some SSH implementations
use the term "DSA" rather than "DSS", they mean the same thing. use the term "DSA" rather than "DSS", they mean the same thing.
@ -38,6 +37,10 @@ Write the secret key to the file
Set the key size to Set the key size to
.I bits .I bits
bits, should be multiple of 8 (optional). bits, should be multiple of 8 (optional).
.SH NOTES
The program dropbearconvert(1) can be used to convert between Dropbear and OpenSSH key formats.
.P
Dropbear does not support encrypted keys.
.SH EXAMPLE .SH EXAMPLE
# dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key # dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key
.SH AUTHOR .SH AUTHOR
@ -45,6 +48,6 @@ Matt Johnston (matt@ucc.asn.au).
.br .br
Gerrit Pape (pape@smarden.org) wrote this manual page. Gerrit Pape (pape@smarden.org) wrote this manual page.
.SH SEE ALSO .SH SEE ALSO
dropbear(8), dbclient(1) dropbear(8), dbclient(1), dropbearconvert(1)
.P .P
https://matt.ucc.asn.au/dropbear/dropbear.html https://matt.ucc.asn.au/dropbear/dropbear.html

2
packet.c
View File

@ -376,7 +376,7 @@ static int checkmac() {
/* compare the hash */ /* compare the hash */
buf_setpos(ses.readbuf, contents_len); buf_setpos(ses.readbuf, contents_len);
if (memcmp(mac_bytes, buf_getptr(ses.readbuf, mac_size), mac_size) != 0) { if (constant_time_memcmp(mac_bytes, buf_getptr(ses.readbuf, mac_size), mac_size) != 0) {
return DROPBEAR_FAILURE; return DROPBEAR_FAILURE;
} else { } else {
return DROPBEAR_SUCCESS; return DROPBEAR_SUCCESS;

13
random.c
View File

@ -78,7 +78,7 @@ process_file(hash_state *hs, const char *filename,
while (len == 0 || readcount < len) while (len == 0 || readcount < len)
{ {
int readlen, wantread; int readlen, wantread;
unsigned char readbuf[2048]; unsigned char readbuf[4096];
if (!already_blocked) if (!already_blocked)
{ {
int ret; int ret;
@ -209,12 +209,13 @@ void seedrandom() {
process_file(&hs, "/proc/loadavg", 0, 0); process_file(&hs, "/proc/loadavg", 0, 0);
process_file(&hs, "/proc/sys/kernel/random/entropy_avail", 0, 0); process_file(&hs, "/proc/sys/kernel/random/entropy_avail", 0, 0);
/* Mostly network visible but useful in some situations */ /* Mostly network visible but useful in some situations.
process_file(&hs, "/proc/net/netstat", 0, 0); * Limit size to avoid slowdowns on systems with lots of routes */
process_file(&hs, "/proc/net/dev", 0, 0); process_file(&hs, "/proc/net/netstat", 4096, 0);
process_file(&hs, "/proc/net/tcp", 0, 0); process_file(&hs, "/proc/net/dev", 4096, 0);
process_file(&hs, "/proc/net/tcp", 4096, 0);
/* Also includes interface lo */ /* Also includes interface lo */
process_file(&hs, "/proc/net/rt_cache", 0, 0); process_file(&hs, "/proc/net/rt_cache", 4096, 0);
process_file(&hs, "/proc/vmstat", 0, 0); process_file(&hs, "/proc/vmstat", 0, 0);
#endif #endif

63
svr-auth.c
View File

@ -37,7 +37,6 @@
static void authclear(); static void authclear();
static int checkusername(unsigned char *username, unsigned int userlen); static int checkusername(unsigned char *username, unsigned int userlen);
static void send_msg_userauth_banner();
/* initialise the first time for a session, resetting all parameters */ /* initialise the first time for a session, resetting all parameters */
void svr_authinitialise() { void svr_authinitialise() {
@ -82,23 +81,17 @@ static void authclear() {
/* Send a banner message if specified to the client. The client might /* Send a banner message if specified to the client. The client might
* ignore this, but possibly serves as a legal "no trespassing" sign */ * ignore this, but possibly serves as a legal "no trespassing" sign */
static void send_msg_userauth_banner() { void send_msg_userauth_banner(buffer *banner) {
TRACE(("enter send_msg_userauth_banner")) TRACE(("enter send_msg_userauth_banner"))
if (svr_opts.banner == NULL) {
TRACE(("leave send_msg_userauth_banner: banner is NULL"))
return;
}
CHECKCLEARTOWRITE(); CHECKCLEARTOWRITE();
buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_BANNER); buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_BANNER);
buf_putbufstring(ses.writepayload, svr_opts.banner); buf_putbufstring(ses.writepayload, banner);
buf_putstring(ses.writepayload, "en", 2); buf_putstring(ses.writepayload, "en", 2);
encrypt_packet(); encrypt_packet();
buf_free(svr_opts.banner);
svr_opts.banner = NULL;
TRACE(("leave send_msg_userauth_banner")) TRACE(("leave send_msg_userauth_banner"))
} }
@ -109,6 +102,7 @@ void recv_msg_userauth_request() {
unsigned char *username = NULL, *servicename = NULL, *methodname = NULL; unsigned char *username = NULL, *servicename = NULL, *methodname = NULL;
unsigned int userlen, servicelen, methodlen; unsigned int userlen, servicelen, methodlen;
int valid_user = 0;
TRACE(("enter recv_msg_userauth_request")) TRACE(("enter recv_msg_userauth_request"))
@ -120,10 +114,11 @@ void recv_msg_userauth_request() {
/* send the banner if it exists, it will only exist once */ /* send the banner if it exists, it will only exist once */
if (svr_opts.banner) { if (svr_opts.banner) {
send_msg_userauth_banner(); send_msg_userauth_banner(svr_opts.banner);
buf_free(svr_opts.banner);
svr_opts.banner = NULL;
} }
username = buf_getstring(ses.payload, &userlen); username = buf_getstring(ses.payload, &userlen);
servicename = buf_getstring(ses.payload, &servicelen); servicename = buf_getstring(ses.payload, &servicelen);
methodname = buf_getstring(ses.payload, &methodlen); methodname = buf_getstring(ses.payload, &methodlen);
@ -140,12 +135,12 @@ void recv_msg_userauth_request() {
dropbear_exit("unknown service in auth"); dropbear_exit("unknown service in auth");
} }
/* check username is good before continuing */ /* check username is good before continuing.
if (checkusername(username, userlen) == DROPBEAR_FAILURE) { * the 'incrfail' varies depending on the auth method to
/* username is invalid/no shell/etc - send failure */ * avoid giving away which users exist on the system through
TRACE(("sending checkusername failure")) * the time delay. */
send_msg_userauth_failure(0, 1); if (checkusername(username, userlen) == DROPBEAR_SUCCESS) {
goto out; valid_user = 1;
} }
/* user wants to know what methods are supported */ /* user wants to know what methods are supported */
@ -153,7 +148,8 @@ void recv_msg_userauth_request() {
strncmp(methodname, AUTH_METHOD_NONE, strncmp(methodname, AUTH_METHOD_NONE,
AUTH_METHOD_NONE_LEN) == 0) { AUTH_METHOD_NONE_LEN) == 0) {
TRACE(("recv_msg_userauth_request: 'none' request")) TRACE(("recv_msg_userauth_request: 'none' request"))
if (svr_opts.allowblankpass if (valid_user
&& svr_opts.allowblankpass
&& !svr_opts.noauthpass && !svr_opts.noauthpass
&& !(svr_opts.norootpass && ses.authstate.pw_uid == 0) && !(svr_opts.norootpass && ses.authstate.pw_uid == 0)
&& ses.authstate.pw_passwd[0] == '\0') && ses.authstate.pw_passwd[0] == '\0')
@ -167,6 +163,7 @@ void recv_msg_userauth_request() {
} }
else else
{ {
/* 'none' has no failure delay */
send_msg_userauth_failure(0, 0); send_msg_userauth_failure(0, 0);
goto out; goto out;
} }
@ -179,8 +176,10 @@ void recv_msg_userauth_request() {
if (methodlen == AUTH_METHOD_PASSWORD_LEN && if (methodlen == AUTH_METHOD_PASSWORD_LEN &&
strncmp(methodname, AUTH_METHOD_PASSWORD, strncmp(methodname, AUTH_METHOD_PASSWORD,
AUTH_METHOD_PASSWORD_LEN) == 0) { AUTH_METHOD_PASSWORD_LEN) == 0) {
svr_auth_password(); if (valid_user) {
goto out; svr_auth_password();
goto out;
}
} }
} }
#endif #endif
@ -192,8 +191,10 @@ void recv_msg_userauth_request() {
if (methodlen == AUTH_METHOD_PASSWORD_LEN && if (methodlen == AUTH_METHOD_PASSWORD_LEN &&
strncmp(methodname, AUTH_METHOD_PASSWORD, strncmp(methodname, AUTH_METHOD_PASSWORD,
AUTH_METHOD_PASSWORD_LEN) == 0) { AUTH_METHOD_PASSWORD_LEN) == 0) {
svr_auth_pam(); if (valid_user) {
goto out; svr_auth_pam();
goto out;
}
} }
} }
#endif #endif
@ -203,12 +204,17 @@ void recv_msg_userauth_request() {
if (methodlen == AUTH_METHOD_PUBKEY_LEN && if (methodlen == AUTH_METHOD_PUBKEY_LEN &&
strncmp(methodname, AUTH_METHOD_PUBKEY, strncmp(methodname, AUTH_METHOD_PUBKEY,
AUTH_METHOD_PUBKEY_LEN) == 0) { AUTH_METHOD_PUBKEY_LEN) == 0) {
svr_auth_pubkey(); if (valid_user) {
svr_auth_pubkey();
} else {
/* pubkey has no failure delay */
send_msg_userauth_failure(0, 0);
}
goto out; goto out;
} }
#endif #endif
/* nothing matched, we just fail */ /* nothing matched, we just fail with a delay */
send_msg_userauth_failure(0, 1); send_msg_userauth_failure(0, 1);
out: out:
@ -251,7 +257,6 @@ static int checkusername(unsigned char *username, unsigned int userlen) {
dropbear_log(LOG_WARNING, dropbear_log(LOG_WARNING,
"Login attempt for nonexistent user from %s", "Login attempt for nonexistent user from %s",
svr_ses.addrstring); svr_ses.addrstring);
send_msg_userauth_failure(0, 1);
return DROPBEAR_FAILURE; return DROPBEAR_FAILURE;
} }
@ -263,7 +268,6 @@ static int checkusername(unsigned char *username, unsigned int userlen) {
"Login attempt with wrong user %s from %s", "Login attempt with wrong user %s from %s",
ses.authstate.pw_name, ses.authstate.pw_name,
svr_ses.addrstring); svr_ses.addrstring);
send_msg_userauth_failure(0, 1);
return DROPBEAR_FAILURE; return DROPBEAR_FAILURE;
} }
@ -271,7 +275,6 @@ static int checkusername(unsigned char *username, unsigned int userlen) {
if (svr_opts.norootlogin && ses.authstate.pw_uid == 0) { if (svr_opts.norootlogin && ses.authstate.pw_uid == 0) {
TRACE(("leave checkusername: root login disabled")) TRACE(("leave checkusername: root login disabled"))
dropbear_log(LOG_WARNING, "root login rejected"); dropbear_log(LOG_WARNING, "root login rejected");
send_msg_userauth_failure(0, 1);
return DROPBEAR_FAILURE; return DROPBEAR_FAILURE;
} }
@ -300,7 +303,6 @@ static int checkusername(unsigned char *username, unsigned int userlen) {
TRACE(("no matching shell")) TRACE(("no matching shell"))
dropbear_log(LOG_WARNING, "User '%s' has invalid shell, rejected", dropbear_log(LOG_WARNING, "User '%s' has invalid shell, rejected",
ses.authstate.pw_name); ses.authstate.pw_name);
send_msg_userauth_failure(0, 1);
return DROPBEAR_FAILURE; return DROPBEAR_FAILURE;
goodshell: goodshell:
@ -310,7 +312,6 @@ goodshell:
TRACE(("uid = %d", ses.authstate.pw_uid)) TRACE(("uid = %d", ses.authstate.pw_uid))
TRACE(("leave checkusername")) TRACE(("leave checkusername"))
return DROPBEAR_SUCCESS; return DROPBEAR_SUCCESS;
} }
/* Send a failure message to the client, in responds to a userauth_request. /* Send a failure message to the client, in responds to a userauth_request.
@ -355,8 +356,8 @@ void send_msg_userauth_failure(int partial, int incrfail) {
if (incrfail) { if (incrfail) {
unsigned int delay; unsigned int delay;
genrandom((unsigned char*)&delay, sizeof(delay)); genrandom((unsigned char*)&delay, sizeof(delay));
/* We delay for 300ms +- 50ms, 0.1ms granularity */ /* We delay for 300ms +- 50ms */
delay = 250000 + (delay % 1000)*100; delay = 250000 + (delay % 100000);
usleep(delay); usleep(delay);
ses.authstate.failcount++; ses.authstate.failcount++;
} }

24
svr-authpam.c
View File

@ -142,6 +142,22 @@ pamConvFunc(int num_msg,
(*respp) = resp; (*respp) = resp;
break; break;
case PAM_ERROR_MSG:
case PAM_TEXT_INFO:
if (msg_len > 0) {
buffer * pam_err = buf_new(msg_len + 4);
buf_setpos(pam_err, 0);
buf_putbytes(pam_err, "\r\n", 2);
buf_putbytes(pam_err, (*msg)->msg, msg_len);
buf_putbytes(pam_err, "\r\n", 2);
buf_setpos(pam_err, 0);
send_msg_userauth_banner(pam_err);
buf_free(pam_err);
}
break;
default: default:
TRACE(("Unknown message type")) TRACE(("Unknown message type"))
rc = PAM_CONV_ERR; rc = PAM_CONV_ERR;
@ -196,14 +212,14 @@ void svr_auth_pam() {
/* Init pam */ /* Init pam */
if ((rc = pam_start("sshd", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) { if ((rc = pam_start("sshd", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) {
dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s\n", dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s",
rc, pam_strerror(pamHandlep, rc)); rc, pam_strerror(pamHandlep, rc));
goto cleanup; goto cleanup;
} }
/* just to set it to something */ /* just to set it to something */
if ((rc = pam_set_item(pamHandlep, PAM_TTY, "ssh") != PAM_SUCCESS)) { if ((rc = pam_set_item(pamHandlep, PAM_TTY, "ssh") != PAM_SUCCESS)) {
dropbear_log(LOG_WARNING, "pam_set_item() failed, rc=%d, %s\n", dropbear_log(LOG_WARNING, "pam_set_item() failed, rc=%d, %s",
rc, pam_strerror(pamHandlep, rc)); rc, pam_strerror(pamHandlep, rc));
goto cleanup; goto cleanup;
} }
@ -216,7 +232,7 @@ void svr_auth_pam() {
/* (void) pam_set_item(pamHandlep, PAM_FAIL_DELAY, (void*) pamDelayFunc); */ /* (void) pam_set_item(pamHandlep, PAM_FAIL_DELAY, (void*) pamDelayFunc); */
if ((rc = pam_authenticate(pamHandlep, 0)) != PAM_SUCCESS) { if ((rc = pam_authenticate(pamHandlep, 0)) != PAM_SUCCESS) {
dropbear_log(LOG_WARNING, "pam_authenticate() failed, rc=%d, %s\n", dropbear_log(LOG_WARNING, "pam_authenticate() failed, rc=%d, %s",
rc, pam_strerror(pamHandlep, rc)); rc, pam_strerror(pamHandlep, rc));
dropbear_log(LOG_WARNING, dropbear_log(LOG_WARNING,
"Bad PAM password attempt for '%s' from %s", "Bad PAM password attempt for '%s' from %s",
@ -227,7 +243,7 @@ void svr_auth_pam() {
} }
if ((rc = pam_acct_mgmt(pamHandlep, 0)) != PAM_SUCCESS) { if ((rc = pam_acct_mgmt(pamHandlep, 0)) != PAM_SUCCESS) {
dropbear_log(LOG_WARNING, "pam_acct_mgmt() failed, rc=%d, %s\n", dropbear_log(LOG_WARNING, "pam_acct_mgmt() failed, rc=%d, %s",
rc, pam_strerror(pamHandlep, rc)); rc, pam_strerror(pamHandlep, rc));
dropbear_log(LOG_WARNING, dropbear_log(LOG_WARNING,
"Bad PAM password attempt for '%s' from %s", "Bad PAM password attempt for '%s' from %s",

13
svr-authpasswd.c
View File

@ -33,6 +33,17 @@
#ifdef ENABLE_SVR_PASSWORD_AUTH #ifdef ENABLE_SVR_PASSWORD_AUTH
static int constant_time_strcmp(const char* a, const char* b) {
size_t la = strlen(a);
size_t lb = strlen(b);
if (la != lb) {
return 1;
}
return constant_time_memcmp(a, b, la);
}
/* Process a password auth request, sending success or failure messages as /* Process a password auth request, sending success or failure messages as
* appropriate */ * appropriate */
void svr_auth_password() { void svr_auth_password() {
@ -82,7 +93,7 @@ void svr_auth_password() {
return; return;
} }
if (strcmp(testcrypt, passwdcrypt) == 0) { if (constant_time_strcmp(testcrypt, passwdcrypt) == 0) {
/* successful authentication */ /* successful authentication */
dropbear_log(LOG_NOTICE, dropbear_log(LOG_NOTICE,
"Password auth succeeded for '%s' from %s", "Password auth succeeded for '%s' from %s",

2
svr-chansession.c
View File

@ -699,8 +699,6 @@ static int noptycommand(struct Channel *channel, struct ChanSess *chansess) {
ses.maxfd = MAX(ses.maxfd, channel->readfd); ses.maxfd = MAX(ses.maxfd, channel->readfd);
ses.maxfd = MAX(ses.maxfd, channel->errfd); ses.maxfd = MAX(ses.maxfd, channel->errfd);
sleep(1);
addchildpid(chansess, chansess->pid); addchildpid(chansess, chansess->pid);
if (svr_ses.lastexit.exitpid != -1) { if (svr_ses.lastexit.exitpid != -1) {

2
sysoptions.h
View File

@ -4,7 +4,7 @@
*******************************************************************/ *******************************************************************/
#ifndef DROPBEAR_VERSION #ifndef DROPBEAR_VERSION
#define DROPBEAR_VERSION "2013.58" #define DROPBEAR_VERSION "2013.60"
#endif #endif
#define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION