From dd0352d93b92a4cf78bc05958304bc779233d68c Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Wed, 28 Jan 2015 22:54:23 +0800 Subject: [PATCH 1/7] changelog for 2015.67 --- debian/changelog | 6 ++++++ release.sh | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/debian/changelog b/debian/changelog index d4948ac..12484cc 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +dropbear (2015.67-0.1) unstable; urgency=low + + * New upstream release. + + -- Matt Johnston Wed, 28 Jan 2015 22:53:59 +0800 + dropbear (2014.66-0.1) unstable; urgency=low * New upstream release. diff --git a/release.sh b/release.sh index dccd720..f377d0e 100755 --- a/release.sh +++ b/release.sh @@ -7,7 +7,7 @@ if ! head -n1 CHANGES | grep -q $VERSION ; then fi if ! head -n1 debian/changelog | grep -q $VERSION ; then - echo "CHANGES needs updating" + echo "debian/changelog needs updating" exit 1 fi From 86811f4765c23b1cba6df25b40d7e167de22bb13 Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Wed, 28 Jan 2015 22:55:27 +0800 Subject: [PATCH 2/7] Added tag DROPBEAR_2015.67 for changeset cbd674d63cd4 --- .hgtags | 1 + 1 file changed, 1 insertion(+) diff --git a/.hgtags b/.hgtags index 85d089b..afd75ca 100644 --- a/.hgtags +++ b/.hgtags @@ -46,3 +46,4 @@ e894dbc015ba7ff4c3bf897ee20e28ca90c55a16 DROPBEAR_2013.61test 0d2d39957c029adb7f4327d37fe6b4900f0736d9 DROPBEAR_2014.64 e9579816f20ea85affc6135e87f8477992808948 DROPBEAR_2014.65 735511a4c761141416ad0e6728989d2dafa55bc2 DROPBEAR_2014.66 +cbd674d63cd4f3781464a8d4056a5506c8ae926f DROPBEAR_2015.67 From 19b3f01477dcee57cb0bc151486e98b44e8e9db5 Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Wed, 28 Jan 2015 22:57:33 +0800 Subject: [PATCH 3/7] bump version --- sysoptions.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sysoptions.h b/sysoptions.h index 7ccdd81..bec7246 100644 --- a/sysoptions.h +++ b/sysoptions.h @@ -4,7 +4,7 @@ *******************************************************************/ #ifndef DROPBEAR_VERSION -#define DROPBEAR_VERSION "2014.66" +#define DROPBEAR_VERSION "2015.67" #endif #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION From 4df268f10ea6c4195d0a3179e53e6d33c1cd468e Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Wed, 28 Jan 2015 22:58:52 +0800 Subject: [PATCH 4/7] sha256 --- release.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/release.sh b/release.sh index f377d0e..226cb82 100755 --- a/release.sh +++ b/release.sh @@ -36,5 +36,5 @@ rm -r "$RELDIR/autom4te.cache" || exit 2 (cd $RELDIR/.. && tar cjf $ARCHIVE `basename "$RELDIR"`) || exit 2 ls -l $ARCHIVE -openssl sha1 $ARCHIVE +openssl sha -sha256 $ARCHIVE echo "Done to $ARCHIVE" From 269d690e711ed6f1f445a276807215a63e84bcb4 Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Thu, 29 Jan 2015 21:42:01 +0800 Subject: [PATCH 5/7] Added signature for changeset 1d2d81b1b7c1 --- .hgsigs | 1 + 1 file changed, 1 insertion(+) diff --git a/.hgsigs b/.hgsigs index 10bf8f5..3119347 100644 --- a/.hgsigs +++ b/.hgsigs @@ -13,3 +13,4 @@ a50a1dc743317fad9b3737bc68fbca640659bb6d 0 iEYEABECAAYFAlJeqL0ACgkQjPn4sExkf7yVq 96584b934d04ebab443f603e78d38fe692d36313 0 iEYEABECAAYFAlPVFrQACgkQjPn4sExkf7xr6ACglRiLE21vRrS1rJ809o2yMADIKtwAn1f5SyZUngSde8eE55JxCMwtMC5m caac692b366c153cea0e9cd59aa2d79a7d843d4e 0 iEYEABECAAYFAlPk1mcACgkQjPn4sExkf7wLpgCeOqMYqpkf4lYUuyrn9VYThNpc7PkAn3JOSNgIqkKUcmSy6FstrI8jwJzq 2d421bc0545d1be6d59a4ebfe61606d94b124b0c 0 iEYEABECAAYFAlRJDCQACgkQjPn4sExkf7xUYACcCwVJkYWXJn5x/D5A+qMupy778lEAn0rg1oNiq96YU/4jOPsS5IMItihu +1d2d81b1b7c1b100e9c369e40b9fa5b2d491eea9 0 iEYEABECAAYFAlTKOKUACgkQjPn4sExkf7xWMACfYFozyHiRk5GaocTa5z6Ws1uyB4kAoLubxoxcnM3E7AA9mHAzc3OB5M0Y From b6685bf806b1cf58f194d56261b29db0f235d33b Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Wed, 4 Feb 2015 22:12:06 +0800 Subject: [PATCH 6/7] twofish ctr modes --- common-algo.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/common-algo.c b/common-algo.c index 9abc330..6a20282 100644 --- a/common-algo.c +++ b/common-algo.c @@ -144,6 +144,12 @@ algo_type sshciphers[] = { #ifdef DROPBEAR_AES256 {"aes256-ctr", 0, &dropbear_aes256, 1, &dropbear_mode_ctr}, #endif +#ifdef DROPBEAR_TWOFISH256 + {"twofish256-ctr", 0, &dropbear_twofish256, 1, &dropbear_mode_ctr}, +#endif +#ifdef DROPBEAR_TWOFISH128 + {"twofish128-ctr", 0, &dropbear_twofish128, 1, &dropbear_mode_ctr}, +#endif #endif /* DROPBEAR_ENABLE_CTR_MODE */ #ifdef DROPBEAR_ENABLE_CBC_MODE From c44a78a2e66b666696a944a389c00b1cf0fa49ca Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Tue, 10 Feb 2015 21:46:19 +0800 Subject: [PATCH 7/7] Tighten validation of DH values. Odds of x==0 being generated are improbable, roughly 2**-1023 Regression in 0.49 --- common-kex.c | 18 +++++++++++------- dbrandom.c | 2 +- debug.h | 2 +- options.h | 4 ++-- 4 files changed, 15 insertions(+), 11 deletions(-) diff --git a/common-kex.c b/common-kex.c index 7d93708..f355560 100644 --- a/common-kex.c +++ b/common-kex.c @@ -629,16 +629,20 @@ void free_kexdh_param(struct kex_dh_param *param) void kexdh_comb_key(struct kex_dh_param *param, mp_int *dh_pub_them, sign_key *hostkey) { - mp_int dh_p; + DEF_MP_INT(dh_p); + DEF_MP_INT(dh_p_min1); mp_int *dh_e = NULL, *dh_f = NULL; - /* read the prime and generator*/ - m_mp_init(&dh_p); + m_mp_init_multi(&dh_p, &dh_p_min1, NULL); load_dh_p(&dh_p); - /* Check that dh_pub_them (dh_e or dh_f) is in the range [1, p-1] */ - if (mp_cmp(dh_pub_them, &dh_p) != MP_LT - || mp_cmp_d(dh_pub_them, 0) != MP_GT) { + if (mp_sub_d(&dh_p, 1, &dh_p_min1) != MP_OKAY) { + dropbear_exit("Diffie-Hellman error"); + } + + /* Check that dh_pub_them (dh_e or dh_f) is in the range [2, p-2] */ + if (mp_cmp(dh_pub_them, &dh_p_min1) != MP_LT + || mp_cmp_d(dh_pub_them, 1) != MP_GT) { dropbear_exit("Diffie-Hellman error"); } @@ -649,7 +653,7 @@ void kexdh_comb_key(struct kex_dh_param *param, mp_int *dh_pub_them, } /* clear no longer needed vars */ - mp_clear_multi(&dh_p, NULL); + mp_clear_multi(&dh_p, &dh_p_min1, NULL); /* From here on, the code needs to work with the _same_ vars on each side, * not vice-versaing for client/server */ diff --git a/dbrandom.c b/dbrandom.c index e2f55c2..cf280f4 100644 --- a/dbrandom.c +++ b/dbrandom.c @@ -306,7 +306,7 @@ void gen_random_mpint(mp_int *max, mp_int *rand) { /* keep regenerating until we get one satisfying * 0 < rand < max */ - } while (mp_cmp(rand, max) != MP_LT); + } while (!(mp_cmp(rand, max) == MP_LT && mp_cmp_d(rand, 0) == MP_GT)); m_burn(randbuf, len); m_free(randbuf); } diff --git a/debug.h b/debug.h index 289c577..be09865 100644 --- a/debug.h +++ b/debug.h @@ -39,7 +39,7 @@ * Caution: Don't use this in an unfriendly environment (ie unfirewalled), * since the printing may not sanitise strings etc. This will add a reasonable * amount to your executable size. */ -/* #define DEBUG_TRACE */ +#define DEBUG_TRACE /* All functions writing to the cleartext payload buffer call * CHECKCLEARTOWRITE() before writing. This is only really useful if you're diff --git a/options.h b/options.h index 6339b0a..5c86834 100644 --- a/options.h +++ b/options.h @@ -95,8 +95,8 @@ much traffic. */ #define DROPBEAR_AES256 /* Compiling in Blowfish will add ~6kB to runtime heap memory usage */ /*#define DROPBEAR_BLOWFISH*/ -/*#define DROPBEAR_TWOFISH256*/ -/*#define DROPBEAR_TWOFISH128*/ +#define DROPBEAR_TWOFISH256 +#define DROPBEAR_TWOFISH128 /* Enable CBC mode for ciphers. This has security issues though * is the most compatible with older SSH implementations */