From a996e61a2e6b8ba4fb101a50c950a661cb6d770c Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Thu, 9 Jul 2009 16:01:30 +0000 Subject: [PATCH 1/5] - For uclinux, only cleanup on exit for the main process. This avoids trashing the state when a failing child exits. --HG-- extra : convert_revision : 5d029ce4602908c3becf0035cf2b7e62816959bc --- session.h | 4 ++++ svr-session.c | 21 +++++++++++++++++---- 2 files changed, 21 insertions(+), 4 deletions(-) diff --git a/session.h b/session.h index 5a4569e..e52b074 100644 --- a/session.h +++ b/session.h @@ -213,6 +213,10 @@ struct serversession { /* The numeric address they connected from, used for logging */ char * addrstring; +#ifdef __uClinux__ + pid_t server_pid; +#endif + }; typedef enum { diff --git a/svr-session.c b/svr-session.c index eaccfe5..89b16cb 100644 --- a/svr-session.c +++ b/svr-session.c @@ -85,6 +85,10 @@ void svr_session(int sock, int childpipe, /* Initialise server specific parts of the session */ svr_ses.childpipe = childpipe; svr_ses.addrstring = addrstring; +#ifdef __uClinux__ + svr_ses.server_pid = getpid(); +#endif + svr_ses.addrstring = addrstring; svr_authinitialise(); chaninitialise(svr_chantypes); svr_chansessinitialise(); @@ -144,11 +148,20 @@ void svr_dropbear_exit(int exitcode, const char* format, va_list param) { _dropbear_log(LOG_INFO, fmtbuf, param); - /* free potential public key options */ - svr_pubkey_options_cleanup(); +#ifdef __uClinux__ + /* only the main server process should cleanup - we don't want + * forked children doing that */ + if (svr_ses.server_pid == getpid()) +#else + if (1) +#endif + { + /* free potential public key options */ + svr_pubkey_options_cleanup(); - /* must be after we've done with username etc */ - common_session_cleanup(); + /* must be after we've done with username etc */ + common_session_cleanup(); + } exit(exitcode); From 8181d41bb508aeb6c335fe213d1d5e5412d583b4 Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Fri, 24 Jul 2009 13:49:07 +0000 Subject: [PATCH 2/5] Disable Blowfish by default, it has inefficient key memory use --HG-- extra : convert_revision : a37b8ae5fb524be221dbdfd71b4f35eb6a48565c --- options.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/options.h b/options.h index c13a12e..2d6f7b6 100644 --- a/options.h +++ b/options.h @@ -86,7 +86,8 @@ much traffic. */ #define DROPBEAR_AES128 #define DROPBEAR_3DES #define DROPBEAR_AES256 -#define DROPBEAR_BLOWFISH +/* Compiling in Blowfish will add ~6kB to runtime heap memory usage */ +/*#define DROPBEAR_BLOWFISH*/ #define DROPBEAR_TWOFISH256 #define DROPBEAR_TWOFISH128 From 3608775306a0959d6cdbefa428c1e6d3af5d8af2 Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Sun, 26 Jul 2009 15:39:47 +0000 Subject: [PATCH 3/5] - Add option to change zlib windowBits/memLevel --HG-- extra : convert_revision : 5fc51ba0b8f165426c78f8d32162e5ccb51e524f --- common-kex.c | 4 +++- options.h | 21 +++++++++++++++++++++ 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/common-kex.c b/common-kex.c index 052324b..cb5cd96 100644 --- a/common-kex.c +++ b/common-kex.c @@ -371,7 +371,9 @@ static void gen_new_zstreams() { ses.newkeys->trans.zstream->zalloc = Z_NULL; ses.newkeys->trans.zstream->zfree = Z_NULL; - if (deflateInit(ses.newkeys->trans.zstream, Z_DEFAULT_COMPRESSION) + if (deflateInit2(ses.newkeys->trans.zstream, Z_DEFAULT_COMPRESSION, + Z_DEFLATED, DROPBEAR_ZLIB_WINDOW_BITS, + DROPBEAR_ZLIB_MEM_LEVEL, Z_DEFAULT_STRATEGY) != Z_OK) { dropbear_exit("zlib error"); } diff --git a/options.h b/options.h index 2d6f7b6..3cf430b 100644 --- a/options.h +++ b/options.h @@ -130,6 +130,21 @@ much traffic. */ * if the random number source isn't good. In general this isn't required */ /* #define DSS_PROTOK */ +/* Control the memory/performance/compression tradeoff for zlib. + * Set windowBits=8, memLevel=1 for least memory usage, see your system's + * zlib.h for full details. + * Default settings (windowBits=15, memLevel=8) will use + * 256kB for compression + 32kB for decompression. + * windowBits=8, memLevel=1 will use 10kB compression + 32kB decompression. + * Note that windowBits is only set for deflate() - inflate() always uses the + * default of 15 so as to interoperate with other clients. */ +#ifndef DROPBEAR_ZLIB_WINDOW_BITS +#define DROPBEAR_ZLIB_WINDOW_BITS 15 +#endif +#ifndef DROPBEAR_ZLIB_MEM_LEVEL +#define DROPBEAR_ZLIB_MEM_LEVEL 8 +#endif + /* Whether to do reverse DNS lookups. */ #define DO_HOST_LOOKUP @@ -248,13 +263,19 @@ much traffic. */ significant difference to network performance. 24kB was empirically chosen for a 100mbit ethernet network. The value can be altered at runtime with the -W argument. */ +#ifndef DEFAULT_RECV_WINDOW #define DEFAULT_RECV_WINDOW 24576 +#endif /* Maximum size of a received SSH data packet - this _MUST_ be >= 32768 in order to interoperate with other implementations */ +#ifndef RECV_MAX_PAYLOAD_LEN #define RECV_MAX_PAYLOAD_LEN 32768 +#endif /* Maximum size of a transmitted data packet - this can be any value, though increasing it may not make a significant difference. */ +#ifndef TRANS_MAX_PAYLOAD_LEN #define TRANS_MAX_PAYLOAD_LEN 16384 +#endif /* Ensure that data is transmitted every KEEPALIVE seconds. This can be overridden at runtime with -K. 0 disables keepalives */ From bcd541d65f93365ff665749419844620ec2c6eeb Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Sun, 26 Jul 2009 16:11:27 +0000 Subject: [PATCH 4/5] - Payload length doesn't include macsize. --HG-- extra : convert_revision : 98ac17a573ab350cbd6e358b3943237d2ad5c9cf --- debug.h | 2 +- packet.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/debug.h b/debug.h index b8c2a57..a9cc0bd 100644 --- a/debug.h +++ b/debug.h @@ -39,7 +39,7 @@ * Caution: Don't use this in an unfriendly environment (ie unfirewalled), * since the printing may not sanitise strings etc. This will add a reasonable * amount to your executable size. */ -/*#define DEBUG_TRACE*/ +#define DEBUG_TRACE /* All functions writing to the cleartext payload buffer call * CHECKCLEARTOWRITE() before writing. This is only really useful if you're diff --git a/packet.c b/packet.c index 37ffdd2..9621bbd 100644 --- a/packet.c +++ b/packet.c @@ -261,7 +261,7 @@ void decrypt_packet() { /* payload length */ /* - 4 - 1 is for LEN and PADLEN values */ - len = ses.readbuf->len - padlen - 4 - 1; + len = ses.readbuf->len - padlen - 4 - 1 - macsize; if ((len > RECV_MAX_PAYLOAD_LEN) || (len < 1)) { dropbear_exit("bad packet size"); } From 0dcecfa52612df18dd051f72d31d18e76d7848b7 Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Sun, 26 Jul 2009 16:14:50 +0000 Subject: [PATCH 5/5] Turn off DEBUG_TRACE accidentally committed --HG-- extra : convert_revision : bbe4e11695a7b22bd89a722600eb4a4020b6fdf3 --- debug.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debug.h b/debug.h index a9cc0bd..b8c2a57 100644 --- a/debug.h +++ b/debug.h @@ -39,7 +39,7 @@ * Caution: Don't use this in an unfriendly environment (ie unfirewalled), * since the printing may not sanitise strings etc. This will add a reasonable * amount to your executable size. */ -#define DEBUG_TRACE +/*#define DEBUG_TRACE*/ /* All functions writing to the cleartext payload buffer call * CHECKCLEARTOWRITE() before writing. This is only really useful if you're