From 44f36d57e637f4a37f5492156f105891c1d49a24 Mon Sep 17 00:00:00 2001 From: Ben Gardner Date: Mon, 5 Jun 2017 08:39:45 -0500 Subject: [PATCH 01/12] sysoptions.h: Add ability to override DROPBEAR_LISTEN_BACKLOG This change allows adding DROPBEAR_LISTEN_BACKLOG to localoptions.h to force the value. --- sysoptions.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sysoptions.h b/sysoptions.h index 441e3a1..601bba5 100644 --- a/sysoptions.h +++ b/sysoptions.h @@ -235,11 +235,13 @@ #define DROPBEAR_VFORK 1 #endif +#ifndef DROPBEAR_LISTEN_BACKLOG #if MAX_UNAUTH_CLIENTS > MAX_CHANNELS #define DROPBEAR_LISTEN_BACKLOG MAX_UNAUTH_CLIENTS #else #define DROPBEAR_LISTEN_BACKLOG MAX_CHANNELS #endif +#endif #ifndef DROPBEAR_NONE_CIPHER #define DROPBEAR_NONE_CIPHER 0 From a94338dc6725f9f2594c6c5e1c9a799c7e11f3f1 Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Sat, 24 Jun 2017 23:32:25 +0800 Subject: [PATCH 02/12] add configuration option for default RSA size. print key size with dropbearkey --- default_options.h | 9 ++++++++- default_options.h.in | 7 ++++++- dropbearkey.c | 5 +++-- gensignkey.c | 21 ++++++++++++--------- gensignkey.h | 1 + options.h | 2 ++ 6 files changed, 32 insertions(+), 13 deletions(-) diff --git a/default_options.h b/default_options.h index e59c338..e7fad80 100644 --- a/default_options.h +++ b/default_options.h @@ -10,7 +10,7 @@ Local customisation should be added to localoptions.h which is used if it exists. Options defined there will override any options in this file (#ifndef guards added by ifndef_wrapper.sh). -Options can also be defined with -DDROPBEAR_XXX Makefile CFLAGS +Options can also be defined with -DDROPBEAR_XXX in Makefile CFLAGS IMPORTANT: Many options will require "make clean" after changes */ @@ -198,6 +198,13 @@ If you test it please contact the Dropbear author */ #define DROPBEAR_ECDSA 1 #endif +/* RSA must be >=1024 */ +#ifndef DROPBEAR_DEFAULT_RSA_SIZE +#define DROPBEAR_DEFAULT_RSA_SIZE 2048 +#endif +/* DSS is always 1024 */ +/* ECDSA defaults to largest size configured, usually 521 */ + /* Add runtime flag "-R" to generate hostkeys as-needed when the first connection using that key type occurs. This avoids the need to otherwise run "dropbearkey" and avoids some problems diff --git a/default_options.h.in b/default_options.h.in index e81eaae..3a55731 100644 --- a/default_options.h.in +++ b/default_options.h.in @@ -10,7 +10,7 @@ Local customisation should be added to localoptions.h which is used if it exists. Options defined there will override any options in this file (#ifndef guards added by ifndef_wrapper.sh). -Options can also be defined with -DDROPBEAR_XXX Makefile CFLAGS +Options can also be defined with -DDROPBEAR_XXX in Makefile CFLAGS IMPORTANT: Many options will require "make clean" after changes */ @@ -130,6 +130,11 @@ If you test it please contact the Dropbear author */ * on x86-64 */ #define DROPBEAR_ECDSA 1 +/* RSA must be >=1024 */ +#define DROPBEAR_DEFAULT_RSA_SIZE 2048 +/* DSS is always 1024 */ +/* ECDSA defaults to largest size configured, usually 521 */ + /* Add runtime flag "-R" to generate hostkeys as-needed when the first connection using that key type occurs. This avoids the need to otherwise run "dropbearkey" and avoids some problems diff --git a/dropbearkey.c b/dropbearkey.c index 5cb12ef..316d27e 100644 --- a/dropbearkey.c +++ b/dropbearkey.c @@ -139,7 +139,7 @@ int main(int argc, char ** argv) { enum signkey_type keytype = DROPBEAR_SIGNKEY_NONE; char * typetext = NULL; char * sizetext = NULL; - unsigned int bits = 0; + unsigned int bits = 0, genbits; int printpub = 0; crypto_init(); @@ -240,7 +240,8 @@ int main(int argc, char ** argv) { check_signkey_bits(keytype, bits);; } - fprintf(stderr, "Generating key, this may take a while...\n"); + genbits = signkey_generate_get_bits(keytype, bits); + fprintf(stderr, "Generating %d bit %s key, this may take a while...\n", genbits, typetext); if (signkey_generate(keytype, bits, filename, 0) == DROPBEAR_FAILURE) { dropbear_exit("Failed to generate key.\n"); diff --git a/gensignkey.c b/gensignkey.c index 4691de0..8317fea 100644 --- a/gensignkey.c +++ b/gensignkey.c @@ -7,9 +7,6 @@ #include "signkey.h" #include "dbrandom.h" -#define RSA_DEFAULT_SIZE 2048 -#define DSS_DEFAULT_SIZE 1024 - /* Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ static int buf_writefile(buffer * buf, const char * filename) { int ret = DROPBEAR_FAILURE; @@ -55,11 +52,12 @@ static int get_default_bits(enum signkey_type keytype) switch (keytype) { #if DROPBEAR_RSA case DROPBEAR_SIGNKEY_RSA: - return RSA_DEFAULT_SIZE; + return DROPBEAR_DEFAULT_RSA_SIZE; #endif #if DROPBEAR_DSS case DROPBEAR_SIGNKEY_DSS: - return DSS_DEFAULT_SIZE; + /* DSS for SSH only defines 1024 bits */ + return 1024; #endif #if DROPBEAR_ECDSA case DROPBEAR_SIGNKEY_ECDSA_KEYGEN: @@ -76,6 +74,14 @@ static int get_default_bits(enum signkey_type keytype) } } +int signkey_generate_get_bits(enum signkey_type keytype, int bits) { + if (bits == 0) + { + bits = get_default_bits(keytype); + } + return bits; +} + /* if skip_exist is set it will silently return if the key file exists */ int signkey_generate(enum signkey_type keytype, int bits, const char* filename, int skip_exist) { @@ -83,10 +89,7 @@ int signkey_generate(enum signkey_type keytype, int bits, const char* filename, buffer *buf = NULL; char *fn_temp = NULL; int ret = DROPBEAR_FAILURE; - if (bits == 0) - { - bits = get_default_bits(keytype); - } + bits = signkey_generate_get_bits(keytype, bits); /* now we can generate the key */ key = new_sign_key(); diff --git a/gensignkey.h b/gensignkey.h index 1cba8d3..73b9c3c 100644 --- a/gensignkey.h +++ b/gensignkey.h @@ -4,5 +4,6 @@ #include "signkey.h" int signkey_generate(enum signkey_type type, int bits, const char* filename, int skip_exist); +int signkey_generate_get_bits(enum signkey_type keytype, int bits); #endif diff --git a/options.h b/options.h index 9350020..c1782d2 100644 --- a/options.h +++ b/options.h @@ -2,6 +2,8 @@ #define DROPBEAR_OPTIONS_H /* + > > > Don't edit this file any more! < < < + Local compile-time configuration should be defined in localoptions.h See default_options.h.in for a description of the available options. */ From e2551012993ea913e23012774330da926366487f Mon Sep 17 00:00:00 2001 From: Kevin Darbyshire-Bryant Date: Mon, 29 May 2017 10:25:09 +0100 Subject: [PATCH 03/12] dropbear server: support -T max auth tries Add support for '-T n' for a run-time specification for maximum number of authentication attempts where 'n' is between 1 and compile time option MAX_AUTH_TRIES. A default number of tries can be specified at compile time using 'DEFAULT_AUTH_TRIES' which itself defaults to MAX_AUTH_TRIES for backwards compatibility. Signed-off-by: Kevin Darbyshire-Bryant --- default_options.h | 6 ++++++ default_options.h.in | 4 ++++ dropbear.8 | 3 +++ runopts.h | 1 + svr-auth.c | 2 +- svr-runopts.c | 17 +++++++++++++++++ 6 files changed, 32 insertions(+), 1 deletion(-) diff --git a/default_options.h b/default_options.h index e7fad80..84adfab 100644 --- a/default_options.h +++ b/default_options.h @@ -385,6 +385,12 @@ Homedir is prepended unless path begins with / */ #define MAX_AUTH_TRIES 10 #endif +/* Default maximum number of failed authentication tries. + * defaults to MAX_AUTH_TRIES */ +#ifndef DEFAULT_AUTH_TRIES +#define DEFAULT_AUTH_TRIES MAX_AUTH_TRIES +#endif + /* The default file to store the daemon's process ID, for shutdown scripts etc. This can be overridden with the -P flag */ #ifndef DROPBEAR_PIDFILE diff --git a/default_options.h.in b/default_options.h.in index 3a55731..d4b6b8b 100644 --- a/default_options.h.in +++ b/default_options.h.in @@ -261,6 +261,10 @@ Homedir is prepended unless path begins with / */ /* Maximum number of failed authentication tries (server option) */ #define MAX_AUTH_TRIES 10 +/* Default maximum number of failed authentication tries. + * defaults to MAX_AUTH_TRIES */ +#define DEFAULT_AUTH_TRIES MAX_AUTH_TRIES + /* The default file to store the daemon's process ID, for shutdown scripts etc. This can be overridden with the -P flag */ #define DROPBEAR_PIDFILE "/var/run/dropbear.pid" diff --git a/dropbear.8 b/dropbear.8 index be73372..2d5f32a 100644 --- a/dropbear.8 +++ b/dropbear.8 @@ -91,6 +91,9 @@ if 0 disables keepalives. If no response is received for 3 consecutive keepalive .B \-I \fIidle_timeout Disconnect the session if no traffic is transmitted or received for \fIidle_timeout\fR seconds. .TP +.B \-T \fImax_authentication_attempts +Disconnect the session if number of authentication attempts is exceeded. default is set at compile time to DEFAULT_AUTH_TRIES which itself defaults to MAX_AUTH_TRIES (10) +.TP .B \-c \fIforced_command Disregard the command provided by the user and always run \fIforced_command\fR. This also overrides any authorized_keys command= option. diff --git a/runopts.h b/runopts.h index cecdc22..47c12f0 100644 --- a/runopts.h +++ b/runopts.h @@ -96,6 +96,7 @@ typedef struct svr_runopts { int noauthpass; int norootpass; int allowblankpass; + unsigned int maxauthtries; #if DROPBEAR_SVR_REMOTETCPFWD int noremotetcp; diff --git a/svr-auth.c b/svr-auth.c index 4dc280c..9636e12 100644 --- a/svr-auth.c +++ b/svr-auth.c @@ -362,7 +362,7 @@ void send_msg_userauth_failure(int partial, int incrfail) { ses.authstate.failcount++; } - if (ses.authstate.failcount >= MAX_AUTH_TRIES) { + if (ses.authstate.failcount >= svr_opts.maxauthtries) { char * userstr; /* XXX - send disconnect ? */ TRACE(("Max auth tries reached, exiting")) diff --git a/svr-runopts.c b/svr-runopts.c index dea4a55..1966f26 100644 --- a/svr-runopts.c +++ b/svr-runopts.c @@ -73,6 +73,7 @@ static void printhelp(const char * progname) { "-g Disable password logins for root\n" "-B Allow blank password logins\n" #endif + "-T <1 to %d> Maximum authentication tries (default %d)\n" #if DROPBEAR_SVR_LOCALTCPFWD "-j Disable local port forwarding\n" #endif @@ -107,6 +108,7 @@ static void printhelp(const char * progname) { #if DROPBEAR_ECDSA ECDSA_PRIV_FILENAME, #endif + MAX_AUTH_TRIES, DEFAULT_AUTH_TRIES, DROPBEAR_MAX_PORTS, DROPBEAR_DEFPORT, DROPBEAR_PIDFILE, DEFAULT_RECV_WINDOW, DEFAULT_KEEPALIVE, DEFAULT_IDLE_TIMEOUT); } @@ -119,6 +121,7 @@ void svr_getopts(int argc, char ** argv) { char* recv_window_arg = NULL; char* keepalive_arg = NULL; char* idle_timeout_arg = NULL; + char* maxauthtries_arg = NULL; char* keyfile = NULL; char c; @@ -132,6 +135,7 @@ void svr_getopts(int argc, char ** argv) { svr_opts.noauthpass = 0; svr_opts.norootpass = 0; svr_opts.allowblankpass = 0; + svr_opts.maxauthtries = DEFAULT_AUTH_TRIES; svr_opts.inetdmode = 0; svr_opts.portcount = 0; svr_opts.hostkey = NULL; @@ -235,6 +239,9 @@ void svr_getopts(int argc, char ** argv) { case 'I': next = &idle_timeout_arg; break; + case 'T': + next = &maxauthtries_arg; + break; #if DROPBEAR_SVR_PASSWORD_AUTH || DROPBEAR_SVR_PAM_AUTH case 's': svr_opts.noauthpass = 1; @@ -331,6 +338,16 @@ void svr_getopts(int argc, char ** argv) { dropbear_exit("Bad recv window '%s'", recv_window_arg); } } + + if (maxauthtries_arg) { + unsigned int val = 0; + if (m_str_to_uint(maxauthtries_arg, &val) == DROPBEAR_FAILURE || + val == 0 || val > MAX_AUTH_TRIES) { + dropbear_exit("Bad maxauthtries '%s'", maxauthtries_arg); + } + svr_opts.maxauthtries = val; + } + if (keepalive_arg) { unsigned int val; From 96382d52ab5edc107adaf4464127f5e9974e40eb Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Tue, 27 Jun 2017 22:18:18 +0800 Subject: [PATCH 04/12] improve configure --help alignment --- configure.ac | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/configure.ac b/configure.ac index 70ed1a7..7eb37c3 100644 --- a/configure.ac +++ b/configure.ac @@ -35,7 +35,7 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])], hardenbuild=1 AC_ARG_ENABLE(harden, - [ --disable-harden Don't set hardened build flags], + [ --disable-harden Don't set hardened build flags], [ if test "x$enableval" = "xno"; then hardenbuild=0 @@ -230,7 +230,7 @@ AC_ARG_WITH(pam, AC_ARG_ENABLE(pam, - [ --enable-pam Try to include PAM support], + [ --enable-pam Try to include PAM support], [ if test "x$enableval" = "xyes"; then AC_CHECK_LIB(pam, pam_authenticate, , AC_MSG_ERROR([*** PAM missing - install first or check config.log ***])) From 74ace058a634d3761725ba7f326ba89142029c39 Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Tue, 27 Jun 2017 22:20:38 +0800 Subject: [PATCH 05/12] Use MAX_AUTH_TRIES rather than DEFAULT_AUTH_TRIES, don't limit argument range --- default_options.h | 9 ++------- default_options.h.in | 7 ++----- dropbear.8 | 2 +- svr-runopts.c | 10 +++++----- 4 files changed, 10 insertions(+), 18 deletions(-) diff --git a/default_options.h b/default_options.h index 84adfab..039d785 100644 --- a/default_options.h +++ b/default_options.h @@ -380,17 +380,12 @@ Homedir is prepended unless path begins with / */ #define MAX_UNAUTH_CLIENTS 30 #endif -/* Maximum number of failed authentication tries (server option) */ +/* Default maximum number of failed authentication tries (server option) */ +/* -T runtime option overrides */ #ifndef MAX_AUTH_TRIES #define MAX_AUTH_TRIES 10 #endif -/* Default maximum number of failed authentication tries. - * defaults to MAX_AUTH_TRIES */ -#ifndef DEFAULT_AUTH_TRIES -#define DEFAULT_AUTH_TRIES MAX_AUTH_TRIES -#endif - /* The default file to store the daemon's process ID, for shutdown scripts etc. This can be overridden with the -P flag */ #ifndef DROPBEAR_PIDFILE diff --git a/default_options.h.in b/default_options.h.in index d4b6b8b..c44fb97 100644 --- a/default_options.h.in +++ b/default_options.h.in @@ -258,13 +258,10 @@ Homedir is prepended unless path begins with / */ * come from many IPs */ #define MAX_UNAUTH_CLIENTS 30 -/* Maximum number of failed authentication tries (server option) */ +/* Default maximum number of failed authentication tries (server option) */ +/* -T server option overrides */ #define MAX_AUTH_TRIES 10 -/* Default maximum number of failed authentication tries. - * defaults to MAX_AUTH_TRIES */ -#define DEFAULT_AUTH_TRIES MAX_AUTH_TRIES - /* The default file to store the daemon's process ID, for shutdown scripts etc. This can be overridden with the -P flag */ #define DROPBEAR_PIDFILE "/var/run/dropbear.pid" diff --git a/dropbear.8 b/dropbear.8 index 2d5f32a..f887083 100644 --- a/dropbear.8 +++ b/dropbear.8 @@ -92,7 +92,7 @@ if 0 disables keepalives. If no response is received for 3 consecutive keepalive Disconnect the session if no traffic is transmitted or received for \fIidle_timeout\fR seconds. .TP .B \-T \fImax_authentication_attempts -Disconnect the session if number of authentication attempts is exceeded. default is set at compile time to DEFAULT_AUTH_TRIES which itself defaults to MAX_AUTH_TRIES (10) +Set the number of authentication attempts allowed per connection. If unspecified the default is 10 (MAX_AUTH_TRIES) .TP .B \-c \fIforced_command Disregard the command provided by the user and always run \fIforced_command\fR. This also diff --git a/svr-runopts.c b/svr-runopts.c index 1966f26..cca5562 100644 --- a/svr-runopts.c +++ b/svr-runopts.c @@ -73,7 +73,7 @@ static void printhelp(const char * progname) { "-g Disable password logins for root\n" "-B Allow blank password logins\n" #endif - "-T <1 to %d> Maximum authentication tries (default %d)\n" + "-T Maximum authentication tries (default %d)\n" #if DROPBEAR_SVR_LOCALTCPFWD "-j Disable local port forwarding\n" #endif @@ -108,7 +108,7 @@ static void printhelp(const char * progname) { #if DROPBEAR_ECDSA ECDSA_PRIV_FILENAME, #endif - MAX_AUTH_TRIES, DEFAULT_AUTH_TRIES, + MAX_AUTH_TRIES, DROPBEAR_MAX_PORTS, DROPBEAR_DEFPORT, DROPBEAR_PIDFILE, DEFAULT_RECV_WINDOW, DEFAULT_KEEPALIVE, DEFAULT_IDLE_TIMEOUT); } @@ -135,7 +135,7 @@ void svr_getopts(int argc, char ** argv) { svr_opts.noauthpass = 0; svr_opts.norootpass = 0; svr_opts.allowblankpass = 0; - svr_opts.maxauthtries = DEFAULT_AUTH_TRIES; + svr_opts.maxauthtries = MAX_AUTH_TRIES; svr_opts.inetdmode = 0; svr_opts.portcount = 0; svr_opts.hostkey = NULL; @@ -341,8 +341,8 @@ void svr_getopts(int argc, char ** argv) { if (maxauthtries_arg) { unsigned int val = 0; - if (m_str_to_uint(maxauthtries_arg, &val) == DROPBEAR_FAILURE || - val == 0 || val > MAX_AUTH_TRIES) { + if (m_str_to_uint(maxauthtries_arg, &val) == DROPBEAR_FAILURE + || val == 0) { dropbear_exit("Bad maxauthtries '%s'", maxauthtries_arg); } svr_opts.maxauthtries = val; From a9a3746d0900bd973cbf164332dc795812a769c7 Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Tue, 27 Jun 2017 22:37:46 +0800 Subject: [PATCH 06/12] add --enable-static configure argument. disable conflicting harden flags --- Makefile.in | 2 ++ configure.ac | 76 +++++++++++++++++++++++++++++++--------------------- 2 files changed, 47 insertions(+), 31 deletions(-) diff --git a/Makefile.in b/Makefile.in index dbd4745..0dfbe18 100644 --- a/Makefile.in +++ b/Makefile.in @@ -94,6 +94,8 @@ LDFLAGS=@LDFLAGS@ EXEEXT=@EXEEXT@ +STATIC=@STATIC@ + # whether we're building client, server, or both for the common objects. # evilness so we detect 'dropbear' by itself as a word space:= $(empty) $(empty) diff --git a/configure.ac b/configure.ac index 7eb37c3..cb22223 100644 --- a/configure.ac +++ b/configure.ac @@ -33,6 +33,17 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])], [AC_MSG_RESULT(no); CFLAGS="$OLDCFLAGS" ] ) +STATIC=0 +AC_ARG_ENABLE(static, + [ --enable-static Build static binaries], + [ + if test "x$enableval" = "xyes"; then + STATIC=1 + AC_MSG_NOTICE(Static Build) + fi + ], []) +AC_SUBST(STATIC) + hardenbuild=1 AC_ARG_ENABLE(harden, [ --disable-harden Don't set hardened build flags], @@ -45,37 +56,40 @@ AC_ARG_ENABLE(harden, if test "$hardenbuild" -eq 1; then AC_MSG_NOTICE(Checking for available hardened build flags:) - # pie - OLDCFLAGS="$CFLAGS" - TESTFLAGS="-fPIE" - CFLAGS="$CFLAGS $TESTFLAGS" - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])], - [AC_MSG_NOTICE([Setting $TESTFLAGS])], - [AC_MSG_NOTICE([Not setting $TESTFLAGS]); CFLAGS="$OLDCFLAGS" ] - ) - OLDLDFLAGS="$LDFLAGS" - TESTFLAGS="-Wl,-pie" - LDFLAGS="$LDFLAGS $TESTFLAGS" - AC_LINK_IFELSE([AC_LANG_PROGRAM([])], - [AC_MSG_NOTICE([Setting $TESTFLAGS])], - [ - LDFLAGS="$OLDLDFLAGS" - TESTFLAGS="-pie" - LDFLAGS="$LDFLAGS $TESTFLAGS" - AC_LINK_IFELSE([AC_LANG_PROGRAM([])], - [AC_MSG_NOTICE([Setting $TESTFLAGS])], - [AC_MSG_NOTICE([Not setting $TESTFLAGS]); LDFLAGS="$OLDLDFLAGS" ] - ) - ] - ) - # readonly elf relocation sections (relro) - OLDLDFLAGS="$LDFLAGS" - TESTFLAGS="-Wl,-z,now -Wl,-z,relro" - LDFLAGS="$LDFLAGS $TESTFLAGS" - AC_LINK_IFELSE([AC_LANG_PROGRAM([])], - [AC_MSG_NOTICE([Setting $TESTFLAGS])], - [AC_MSG_NOTICE([Not setting $TESTFLAGS]); LDFLAGS="$OLDLDFLAGS" ] - ) + # relocation flags don't make sense for static builds + if test "$STATIC" -ne 1; then + # pie + OLDCFLAGS="$CFLAGS" + TESTFLAGS="-fPIE" + CFLAGS="$CFLAGS $TESTFLAGS" + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])], + [AC_MSG_NOTICE([Setting $TESTFLAGS])], + [AC_MSG_NOTICE([Not setting $TESTFLAGS]); CFLAGS="$OLDCFLAGS" ] + ) + OLDLDFLAGS="$LDFLAGS" + TESTFLAGS="-Wl,-pie" + LDFLAGS="$LDFLAGS $TESTFLAGS" + AC_LINK_IFELSE([AC_LANG_PROGRAM([])], + [AC_MSG_NOTICE([Setting $TESTFLAGS])], + [ + LDFLAGS="$OLDLDFLAGS" + TESTFLAGS="-pie" + LDFLAGS="$LDFLAGS $TESTFLAGS" + AC_LINK_IFELSE([AC_LANG_PROGRAM([])], + [AC_MSG_NOTICE([Setting $TESTFLAGS])], + [AC_MSG_NOTICE([Not setting $TESTFLAGS]); LDFLAGS="$OLDLDFLAGS" ] + ) + ] + ) + # readonly elf relocation sections (relro) + OLDLDFLAGS="$LDFLAGS" + TESTFLAGS="-Wl,-z,now -Wl,-z,relro" + LDFLAGS="$LDFLAGS $TESTFLAGS" + AC_LINK_IFELSE([AC_LANG_PROGRAM([])], + [AC_MSG_NOTICE([Setting $TESTFLAGS])], + [AC_MSG_NOTICE([Not setting $TESTFLAGS]); LDFLAGS="$OLDLDFLAGS" ] + ) + fi # non-static # stack protector. -strong is good but only in gcc 4.9 or later OLDCFLAGS="$CFLAGS" TESTFLAGS="-fstack-protector-strong" From 785459d31bca1c4aa940ab62ede659a2d0311ecf Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Tue, 27 Jun 2017 22:42:32 +0800 Subject: [PATCH 07/12] document --enable-static in place of STATIC=1 --- INSTALL | 6 +++++- Makefile.in | 5 ++--- configure.ac | 2 +- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/INSTALL b/INSTALL index 6ccdde8..58ba328 100644 --- a/INSTALL +++ b/INSTALL @@ -22,7 +22,11 @@ recompiling - bad things will happen otherwise) See MULTI for instructions on making all-in-one binaries. -If you want to compile statically, add "STATIC=1" to the make command-line. +If you want to compile statically use ./configure --enable-static + +By default Dropbear adds various build flags that improve robustness +against programming bugs (good for security) - if these cause problems +they can be disabled with ./configure --disable-harden Binaries can be stripped with "make strip" diff --git a/Makefile.in b/Makefile.in index 0dfbe18..f9f9a46 100644 --- a/Makefile.in +++ b/Makefile.in @@ -2,12 +2,11 @@ # @configure_input@ # invocation: -# make PROGRAMS="dropbear dbclient scp" MULTI=1 STATIC=1 SCPPROGRESS=1 +# make PROGRAMS="dropbear dbclient scp" MULTI=1 SCPPROGRESS=1 # -# to make a multiple-program statically linked binary "staticdropbearmulti". +# to make a multiple-program binary "dropbearmulti". # This example will include dropbear, scp, dropbearkey, dropbearconvert, and # dbclient functionality, and includes the progress-bar functionality in scp. -# Hopefully that seems intuitive. ifndef PROGRAMS PROGRAMS=dropbear dbclient dropbearkey dropbearconvert diff --git a/configure.ac b/configure.ac index cb22223..8be542a 100644 --- a/configure.ac +++ b/configure.ac @@ -35,7 +35,7 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])], STATIC=0 AC_ARG_ENABLE(static, - [ --enable-static Build static binaries], + [ --enable-static Build static binaries], [ if test "x$enableval" = "xyes"; then STATIC=1 From a5ec3aca7d9355abf580faf88bd9bf1e871164cb Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Tue, 27 Jun 2017 23:02:05 +0800 Subject: [PATCH 08/12] EXEEXT for a few more targets, dropbearmulti in particular for Cygwin From William K. Foster. --- Makefile.in | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/Makefile.in b/Makefile.in index f9f9a46..5c4e106 100644 --- a/Makefile.in +++ b/Makefile.in @@ -116,7 +116,7 @@ ifeq ($(STATIC), 1) endif ifeq ($(MULTI), 1) - TARGETS=dropbearmulti + TARGETS=dropbearmulti$(EXEEXT) else TARGETS=$(PROGRAMS) endif @@ -133,14 +133,14 @@ strip: $(TARGETS) install: $(addprefix inst_, $(TARGETS)) -insmultidropbear: dropbearmulti +insmultidropbear: dropbearmulti$(EXEEXT) $(INSTALL) -d $(DESTDIR)$(sbindir) -rm -f $(DESTDIR)$(sbindir)/dropbear$(EXEEXT) -ln -s $(bindir)/dropbearmulti$(EXEEXT) $(DESTDIR)$(sbindir)/dropbear$(EXEEXT) $(INSTALL) -d $(DESTDIR)$(mandir)/man8 $(INSTALL) -m 644 $(srcdir)/dropbear.8 $(DESTDIR)$(mandir)/man8/dropbear.8 -insmulti%: dropbearmulti +insmulti%: dropbearmulti$(EXEEXT) $(INSTALL) -d $(DESTDIR)$(bindir) -rm -f $(DESTDIR)$(bindir)/$*$(EXEEXT) -ln -s $(bindir)/dropbearmulti$(EXEEXT) $(DESTDIR)$(bindir)/$*$(EXEEXT) @@ -220,8 +220,9 @@ sizes: dropbear clean: ltc-clean ltm-clean thisclean thisclean: - -rm -f dropbear dbclient dropbearkey dropbearconvert scp scp-progress \ - dropbearmulti *.o *.da *.bb *.bbg *.prof + -rm -f dropbear$(EXEEXT) dbclient$(EXEEXT) dropbearkey$(EXEEXT) \ + dropbearconvert$(EXEEXT) scp$(EXEEXT) scp-progress$(EXEEXT) \ + dropbearmulti$(EXEEXT) *.o *.da *.bb *.bbg *.prof distclean: clean tidy -rm -f config.h From cc803ee802fa032d17caf156ca73e940c59c2903 Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Wed, 4 Oct 2017 22:29:42 +0800 Subject: [PATCH 09/12] fix pubkey authentication return value --- svr-authpubkey.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/svr-authpubkey.c b/svr-authpubkey.c index fbee63f..994e0af 100644 --- a/svr-authpubkey.c +++ b/svr-authpubkey.c @@ -361,8 +361,8 @@ static int checkpubkey(char* algo, unsigned int algolen, } line_num++; - if (checkpubkey_line(line, line_num, filename, - algo, algolen, keyblob, keybloblen) == DROPBEAR_SUCCESS) { + ret = checkpubkey_line(line, line_num, filename, algo, algolen, keyblob, keybloblen); + if (ret == DROPBEAR_SUCCESS) { break; } From dd8988220e810385d17d16f897f24ce05c80df5f Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Wed, 4 Oct 2017 22:30:18 +0800 Subject: [PATCH 10/12] fix checkpubkey_line function name for TRACE --- svr-authpubkey.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/svr-authpubkey.c b/svr-authpubkey.c index 994e0af..1c8b088 100644 --- a/svr-authpubkey.c +++ b/svr-authpubkey.c @@ -196,7 +196,7 @@ static int checkpubkey_line(buffer* line, int line_num, char* filename, int ret = DROPBEAR_FAILURE; if (line->len < MIN_AUTHKEYS_LINE || line->len > MAX_AUTHKEYS_LINE) { - TRACE(("checkpubkey: bad line length %d", line->len)) + TRACE(("checkpubkey_line: bad line length %d", line->len)) return DROPBEAR_FAILURE; } @@ -261,7 +261,7 @@ static int checkpubkey_line(buffer* line, int line_num, char* filename, /* check for space (' ') character */ if (buf_getbyte(line) != ' ') { - TRACE(("checkpubkey: space character expected, isn't there")) + TRACE(("checkpubkey_line: space character expected, isn't there")) goto out; } @@ -273,7 +273,7 @@ static int checkpubkey_line(buffer* line, int line_num, char* filename, buf_setpos(line, pos); buf_setlen(line, line->pos + len); - TRACE(("checkpubkey: line pos = %d len = %d", line->pos, line->len)) + TRACE(("checkpubkey_line: line pos = %d len = %d", line->pos, line->len)) ret = cmp_base64_key(keyblob, keybloblen, (const unsigned char *) algo, algolen, line, NULL); From fa3b0dd3ca62309c7d786df849da31426348c0bf Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Wed, 18 Oct 2017 22:41:27 +0800 Subject: [PATCH 11/12] test close < 0, from Marco Wenzel --- dbutil.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dbutil.c b/dbutil.c index 830e8d2..e5c5a31 100644 --- a/dbutil.c +++ b/dbutil.c @@ -506,7 +506,7 @@ out: void m_close(int fd) { int val; - if (fd == -1) { + if (fd < 0) { return; } From ba23b823dcec4203dcee59204f0a7dac1a390d96 Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Tue, 23 Jan 2018 22:44:18 +0800 Subject: [PATCH 12/12] fix updates to libtomcrypt/libtommath for out of tree builds --- configure.ac | 1 + libtomcrypt/Makefile.in | 3 ++- libtommath/Makefile.in | 5 ++--- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/configure.ac b/configure.ac index 8be542a..a3b61b3 100644 --- a/configure.ac +++ b/configure.ac @@ -828,6 +828,7 @@ AS_MKDIR_P(libtomcrypt/src/modes/ecb) AS_MKDIR_P(libtomcrypt/src/modes/ofb) AS_MKDIR_P(libtomcrypt/src/modes/f8) AS_MKDIR_P(libtomcrypt/src/modes/lrw) +AS_MKDIR_P(libtomcrypt/src/modes/xts) AS_MKDIR_P(libtomcrypt/src/pk/asn1/der/bit) AS_MKDIR_P(libtomcrypt/src/pk/asn1/der/boolean) AS_MKDIR_P(libtomcrypt/src/pk/asn1/der/choice) diff --git a/libtomcrypt/Makefile.in b/libtomcrypt/Makefile.in index d9b3668..1c45186 100644 --- a/libtomcrypt/Makefile.in +++ b/libtomcrypt/Makefile.in @@ -9,7 +9,8 @@ VERSION=1.17 PLATFORM := $(shell uname | sed -e 's/_.*//') -srcdir=. +VPATH=@srcdir@ +srcdir=@srcdir@ # Compiler and Linker Names #CC=gcc diff --git a/libtommath/Makefile.in b/libtommath/Makefile.in index dbcd2a0..d2e78fc 100644 --- a/libtommath/Makefile.in +++ b/libtommath/Makefile.in @@ -2,7 +2,8 @@ # #Tom St Denis -srcdir=. +VPATH=@srcdir@ +srcdir=@srcdir@ # So that libtommath can include Dropbear headers for options and m_burn() CFLAGS += -I$(srcdir) -I../libtomcrypt/src/headers/ -I$(srcdir)/../libtomcrypt/src/headers/ -I../ -I$(srcdir)/../ @@ -26,8 +27,6 @@ endif coverage: LIBNAME:=-Wl,--whole-archive $(LIBNAME) -Wl,--no-whole-archive -include makefile.include - LCOV_ARGS=--directory . #START_INS