mirror of
https://github.com/clearml/dropbear
synced 2025-03-09 21:41:07 +00:00
Matt Johnston
commit
d96a52541f
10
buffer.c
10
buffer.c
@ -203,10 +203,10 @@ unsigned char* buf_getwriteptr(buffer* buf, unsigned int len) {
|
||||
/* Return a null-terminated string, it is malloced, so must be free()ed
|
||||
* Note that the string isn't checked for null bytes, hence the retlen
|
||||
* may be longer than what is returned by strlen */
|
||||
unsigned char* buf_getstring(buffer* buf, unsigned int *retlen) {
|
||||
char* buf_getstring(buffer* buf, unsigned int *retlen) {
|
||||
|
||||
unsigned int len;
|
||||
unsigned char* ret;
|
||||
char* ret;
|
||||
len = buf_getint(buf);
|
||||
if (len > MAX_STRING_LEN) {
|
||||
dropbear_exit("String too long");
|
||||
@ -262,16 +262,16 @@ void buf_putint(buffer* buf, int unsigned val) {
|
||||
}
|
||||
|
||||
/* put a SSH style string into the buffer, increasing buffer len if required */
|
||||
void buf_putstring(buffer* buf, const unsigned char* str, unsigned int len) {
|
||||
void buf_putstring(buffer* buf, const char* str, unsigned int len) {
|
||||
|
||||
buf_putint(buf, len);
|
||||
buf_putbytes(buf, str, len);
|
||||
buf_putbytes(buf, (const unsigned char*)str, len);
|
||||
|
||||
}
|
||||
|
||||
/* puts an entire buffer as a SSH string. ignore pos of buf_str. */
|
||||
void buf_putbufstring(buffer *buf, const buffer* buf_str) {
|
||||
buf_putstring(buf, buf_str->data, buf_str->len);
|
||||
buf_putstring(buf, (const char*)buf_str->data, buf_str->len);
|
||||
}
|
||||
|
||||
/* put the set of len bytes into the buffer, incrementing the pos, increasing
|
||||
|
||||
4
buffer.h
4
buffer.h
@ -56,11 +56,11 @@ unsigned char buf_getbool(buffer* buf);
|
||||
void buf_putbyte(buffer* buf, unsigned char val);
|
||||
unsigned char* buf_getptr(buffer* buf, unsigned int len);
|
||||
unsigned char* buf_getwriteptr(buffer* buf, unsigned int len);
|
||||
unsigned char* buf_getstring(buffer* buf, unsigned int *retlen);
|
||||
char* buf_getstring(buffer* buf, unsigned int *retlen);
|
||||
buffer * buf_getstringbuf(buffer *buf);
|
||||
void buf_eatstring(buffer *buf);
|
||||
void buf_putint(buffer* buf, unsigned int val);
|
||||
void buf_putstring(buffer* buf, const unsigned char* str, unsigned int len);
|
||||
void buf_putstring(buffer* buf, const char* str, unsigned int len);
|
||||
void buf_putbufstring(buffer *buf, const buffer* buf_str);
|
||||
void buf_putbytes(buffer *buf, const unsigned char *bytes, unsigned int len);
|
||||
void buf_putmpint(buffer* buf, mp_int * mp);
|
||||
|
||||
10
cli-auth.c
10
cli-auth.c
@ -43,9 +43,9 @@ void cli_auth_getmethods() {
|
||||
TRACE(("enter cli_auth_getmethods"))
|
||||
CHECKCLEARTOWRITE();
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST);
|
||||
buf_putstring(ses.writepayload, cli_opts.username,
|
||||
buf_putstring(ses.writepayload, cli_opts.username,
|
||||
strlen(cli_opts.username));
|
||||
buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION,
|
||||
buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION,
|
||||
SSH_SERVICE_CONNECTION_LEN);
|
||||
buf_putstring(ses.writepayload, "none", 4); /* 'none' method */
|
||||
|
||||
@ -75,7 +75,7 @@ void cli_auth_getmethods() {
|
||||
|
||||
void recv_msg_userauth_banner() {
|
||||
|
||||
unsigned char* banner = NULL;
|
||||
char* banner = NULL;
|
||||
unsigned int bannerlen;
|
||||
unsigned int i, linecount;
|
||||
|
||||
@ -151,8 +151,8 @@ void recv_msg_userauth_specific_60() {
|
||||
|
||||
void recv_msg_userauth_failure() {
|
||||
|
||||
unsigned char * methods = NULL;
|
||||
unsigned char * tok = NULL;
|
||||
char * methods = NULL;
|
||||
char * tok = NULL;
|
||||
unsigned int methlen = 0;
|
||||
unsigned int partial = 0;
|
||||
unsigned int i = 0;
|
||||
|
||||
@ -31,10 +31,10 @@
|
||||
|
||||
#ifdef ENABLE_CLI_INTERACT_AUTH
|
||||
|
||||
static unsigned char* get_response(unsigned char* prompt)
|
||||
static char* get_response(char* prompt)
|
||||
{
|
||||
FILE* tty = NULL;
|
||||
unsigned char* response = NULL;
|
||||
char* response = NULL;
|
||||
/* not a password, but a reasonable limit */
|
||||
char buf[DROPBEAR_MAX_CLI_PASS];
|
||||
char* ret = NULL;
|
||||
@ -50,13 +50,13 @@ static unsigned char* get_response(unsigned char* prompt)
|
||||
}
|
||||
|
||||
if (ret == NULL) {
|
||||
response = (unsigned char*)m_strdup("");
|
||||
response = m_strdup("");
|
||||
} else {
|
||||
unsigned int buflen = strlen(buf);
|
||||
/* fgets includes newlines */
|
||||
if (buflen > 0 && buf[buflen-1] == '\n')
|
||||
buf[buflen-1] = '\0';
|
||||
response = (unsigned char*)m_strdup(buf);
|
||||
response = m_strdup(buf);
|
||||
}
|
||||
|
||||
m_burn(buf, sizeof(buf));
|
||||
@ -66,14 +66,14 @@ static unsigned char* get_response(unsigned char* prompt)
|
||||
|
||||
void recv_msg_userauth_info_request() {
|
||||
|
||||
unsigned char *name = NULL;
|
||||
unsigned char *instruction = NULL;
|
||||
char *name = NULL;
|
||||
char *instruction = NULL;
|
||||
unsigned int num_prompts = 0;
|
||||
unsigned int i;
|
||||
|
||||
unsigned char *prompt = NULL;
|
||||
char *prompt = NULL;
|
||||
unsigned int echo = 0;
|
||||
unsigned char *response = NULL;
|
||||
char *response = NULL;
|
||||
|
||||
TRACE(("enter recv_msg_recv_userauth_info_request"))
|
||||
|
||||
@ -121,7 +121,7 @@ void recv_msg_userauth_info_request() {
|
||||
echo = buf_getbool(ses.payload);
|
||||
|
||||
if (!echo) {
|
||||
unsigned char* p = getpass_or_cancel(prompt);
|
||||
char* p = getpass_or_cancel(prompt);
|
||||
response = m_strdup(p);
|
||||
m_burn(p, strlen(p));
|
||||
} else {
|
||||
@ -153,7 +153,7 @@ void cli_auth_interactive() {
|
||||
strlen(cli_opts.username));
|
||||
|
||||
/* service name */
|
||||
buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION,
|
||||
buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION,
|
||||
SSH_SERVICE_CONNECTION_LEN);
|
||||
|
||||
/* method */
|
||||
|
||||
@ -143,10 +143,10 @@ void cli_auth_password() {
|
||||
buf_putstring(ses.writepayload, cli_opts.username,
|
||||
strlen(cli_opts.username));
|
||||
|
||||
buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION,
|
||||
buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION,
|
||||
SSH_SERVICE_CONNECTION_LEN);
|
||||
|
||||
buf_putstring(ses.writepayload, AUTH_METHOD_PASSWORD,
|
||||
buf_putstring(ses.writepayload, AUTH_METHOD_PASSWORD,
|
||||
AUTH_METHOD_PASSWORD_LEN);
|
||||
|
||||
buf_putbyte(ses.writepayload, 0); /* FALSE - so says the spec */
|
||||
|
||||
@ -141,7 +141,7 @@ void cli_buf_put_sign(buffer* buf, sign_key *key, int type,
|
||||
static void send_msg_userauth_pubkey(sign_key *key, int type, int realsign) {
|
||||
|
||||
const char *algoname = NULL;
|
||||
int algolen;
|
||||
unsigned int algolen;
|
||||
buffer* sigbuf = NULL;
|
||||
|
||||
TRACE(("enter send_msg_userauth_pubkey"))
|
||||
@ -152,10 +152,10 @@ static void send_msg_userauth_pubkey(sign_key *key, int type, int realsign) {
|
||||
buf_putstring(ses.writepayload, cli_opts.username,
|
||||
strlen(cli_opts.username));
|
||||
|
||||
buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION,
|
||||
buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION,
|
||||
SSH_SERVICE_CONNECTION_LEN);
|
||||
|
||||
buf_putstring(ses.writepayload, AUTH_METHOD_PUBKEY,
|
||||
buf_putstring(ses.writepayload, AUTH_METHOD_PUBKEY,
|
||||
AUTH_METHOD_PUBKEY_LEN);
|
||||
|
||||
buf_putbyte(ses.writepayload, realsign);
|
||||
|
||||
@ -56,7 +56,7 @@ const struct ChanType clichansess = {
|
||||
|
||||
static void cli_chansessreq(struct Channel *channel) {
|
||||
|
||||
unsigned char* type = NULL;
|
||||
char* type = NULL;
|
||||
int wantreply;
|
||||
|
||||
TRACE(("enter cli_chansessreq"))
|
||||
@ -272,7 +272,7 @@ void cli_chansess_winchange() {
|
||||
|
||||
static void send_chansess_pty_req(struct Channel *channel) {
|
||||
|
||||
unsigned char* term = NULL;
|
||||
char* term = NULL;
|
||||
|
||||
TRACE(("enter send_chansess_pty_req"))
|
||||
|
||||
@ -305,7 +305,7 @@ static void send_chansess_pty_req(struct Channel *channel) {
|
||||
|
||||
static void send_chansess_shell_req(struct Channel *channel) {
|
||||
|
||||
unsigned char* reqtype = NULL;
|
||||
char* reqtype = NULL;
|
||||
|
||||
TRACE(("enter send_chansess_shell_req"))
|
||||
|
||||
@ -392,7 +392,7 @@ static const struct ChanType cli_chan_netcat = {
|
||||
|
||||
void cli_send_netcat_request() {
|
||||
|
||||
const unsigned char* source_host = "127.0.0.1";
|
||||
const char* source_host = "127.0.0.1";
|
||||
const int source_port = 22;
|
||||
|
||||
TRACE(("enter cli_send_netcat_request"))
|
||||
@ -403,7 +403,7 @@ void cli_send_netcat_request() {
|
||||
dropbear_exit("Couldn't open initial channel");
|
||||
}
|
||||
|
||||
buf_putstring(ses.writepayload, cli_opts.netcat_host,
|
||||
buf_putstring(ses.writepayload, cli_opts.netcat_host,
|
||||
strlen(cli_opts.netcat_host));
|
||||
buf_putint(ses.writepayload, cli_opts.netcat_port);
|
||||
|
||||
|
||||
@ -79,7 +79,7 @@ void send_msg_kexdh_init() {
|
||||
}
|
||||
cli_ses.curve25519_param = gen_kexcurve25519_param();
|
||||
}
|
||||
buf_putstring(ses.writepayload, cli_ses.curve25519_param->pub, CURVE25519_LEN);
|
||||
buf_putstring(ses.writepayload, (const char*)cli_ses.curve25519_param->pub, CURVE25519_LEN);
|
||||
#endif
|
||||
break;
|
||||
}
|
||||
|
||||
@ -374,10 +374,10 @@ static void cli_remoteclosed() {
|
||||
/* Operates in-place turning dirty (untrusted potentially containing control
|
||||
* characters) text into clean text.
|
||||
* Note: this is safe only with ascii - other charsets could have problems. */
|
||||
void cleantext(unsigned char* dirtytext) {
|
||||
void cleantext(char* dirtytext) {
|
||||
|
||||
unsigned int i, j;
|
||||
unsigned char c;
|
||||
char c;
|
||||
|
||||
j = 0;
|
||||
for (i = 0; dirtytext[i] != '\0'; i++) {
|
||||
|
||||
@ -325,10 +325,10 @@ void buf_put_algolist(buffer * buf, algo_type localalgos[]) {
|
||||
buf_putbyte(algolist, ',');
|
||||
donefirst = 1;
|
||||
len = strlen(localalgos[i].name);
|
||||
buf_putbytes(algolist, localalgos[i].name, len);
|
||||
buf_putbytes(algolist, (const unsigned char *) localalgos[i].name, len);
|
||||
}
|
||||
}
|
||||
buf_putstring(buf, algolist->data, algolist->len);
|
||||
buf_putstring(buf, (const char*)algolist->data, algolist->len);
|
||||
buf_free(algolist);
|
||||
}
|
||||
|
||||
@ -341,12 +341,12 @@ algo_type * buf_match_algo(buffer* buf, algo_type localalgos[],
|
||||
enum kexguess2_used *kexguess2, int *goodguess)
|
||||
{
|
||||
|
||||
unsigned char * algolist = NULL;
|
||||
const unsigned char *remotenames[MAX_PROPOSED_ALGO], *localnames[MAX_PROPOSED_ALGO];
|
||||
char * algolist = NULL;
|
||||
const char *remotenames[MAX_PROPOSED_ALGO], *localnames[MAX_PROPOSED_ALGO];
|
||||
unsigned int len;
|
||||
unsigned int remotecount, localcount, clicount, servcount, i, j;
|
||||
algo_type * ret = NULL;
|
||||
const unsigned char **clinames, **servnames;
|
||||
const char **clinames, **servnames;
|
||||
|
||||
if (goodguess) {
|
||||
*goodguess = 0;
|
||||
@ -491,7 +491,7 @@ algolist_string(algo_type algos[])
|
||||
buf_setpos(b, b->len);
|
||||
buf_putbyte(b, '\0');
|
||||
buf_setpos(b, 4);
|
||||
ret_list = m_strdup(buf_getptr(b, b->len - b->pos));
|
||||
ret_list = m_strdup((const char *) buf_getptr(b, b->len - b->pos));
|
||||
buf_free(b);
|
||||
return ret_list;
|
||||
}
|
||||
|
||||
@ -38,7 +38,7 @@
|
||||
#include "netio.h"
|
||||
|
||||
static void send_msg_channel_open_failure(unsigned int remotechan, int reason,
|
||||
const unsigned char *text, const unsigned char *lang);
|
||||
const char *text, const char *lang);
|
||||
static void send_msg_channel_open_confirmation(struct Channel* channel,
|
||||
unsigned int recvwindow,
|
||||
unsigned int recvmaxpacket);
|
||||
@ -921,7 +921,7 @@ static void send_msg_channel_window_adjust(struct Channel* channel,
|
||||
/* Handle a new channel request, performing any channel-type-specific setup */
|
||||
void recv_msg_channel_open() {
|
||||
|
||||
unsigned char *type;
|
||||
char *type;
|
||||
unsigned int typelen;
|
||||
unsigned int remotechan, transwindow, transmaxpacket;
|
||||
struct Channel *channel;
|
||||
@ -1039,7 +1039,7 @@ void send_msg_channel_success(struct Channel *channel) {
|
||||
/* Send a channel open failure message, with a corresponding reason
|
||||
* code (usually resource shortage or unknown chan type) */
|
||||
static void send_msg_channel_open_failure(unsigned int remotechan,
|
||||
int reason, const unsigned char *text, const unsigned char *lang) {
|
||||
int reason, const char *text, const char *lang) {
|
||||
|
||||
TRACE(("enter send_msg_channel_open_failure"))
|
||||
CHECKCLEARTOWRITE();
|
||||
@ -1047,8 +1047,8 @@ static void send_msg_channel_open_failure(unsigned int remotechan,
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_OPEN_FAILURE);
|
||||
buf_putint(ses.writepayload, remotechan);
|
||||
buf_putint(ses.writepayload, reason);
|
||||
buf_putstring(ses.writepayload, text, strlen((char*)text));
|
||||
buf_putstring(ses.writepayload, lang, strlen((char*)lang));
|
||||
buf_putstring(ses.writepayload, text, strlen(text));
|
||||
buf_putstring(ses.writepayload, lang, strlen(lang));
|
||||
|
||||
encrypt_packet();
|
||||
TRACE(("leave send_msg_channel_open_failure"))
|
||||
@ -1244,7 +1244,7 @@ struct Channel* get_any_ready_channel() {
|
||||
}
|
||||
|
||||
void start_send_channel_request(struct Channel *channel,
|
||||
unsigned char *type) {
|
||||
char *type) {
|
||||
|
||||
CHECKCLEARTOWRITE();
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_REQUEST);
|
||||
|
||||
18
common-kex.c
18
common-kex.c
@ -525,18 +525,17 @@ void recv_msg_kexinit() {
|
||||
read_kex_algos();
|
||||
|
||||
/* V_C, the client's version string (CR and NL excluded) */
|
||||
buf_putstring(ses.kexhashbuf,
|
||||
(unsigned char*)LOCAL_IDENT, local_ident_len);
|
||||
buf_putstring(ses.kexhashbuf, LOCAL_IDENT, local_ident_len);
|
||||
/* V_S, the server's version string (CR and NL excluded) */
|
||||
buf_putstring(ses.kexhashbuf, ses.remoteident, remote_ident_len);
|
||||
|
||||
/* I_C, the payload of the client's SSH_MSG_KEXINIT */
|
||||
buf_putstring(ses.kexhashbuf,
|
||||
ses.transkexinit->data, ses.transkexinit->len);
|
||||
(const char*)ses.transkexinit->data, ses.transkexinit->len);
|
||||
/* I_S, the payload of the server's SSH_MSG_KEXINIT */
|
||||
buf_setpos(ses.payload, ses.payload_beginning);
|
||||
buf_putstring(ses.kexhashbuf,
|
||||
buf_getptr(ses.payload, ses.payload->len-ses.payload->pos),
|
||||
(const char*)buf_getptr(ses.payload, ses.payload->len-ses.payload->pos),
|
||||
ses.payload->len-ses.payload->pos);
|
||||
ses.requirenext = SSH_MSG_KEXDH_REPLY;
|
||||
} else {
|
||||
@ -547,18 +546,17 @@ void recv_msg_kexinit() {
|
||||
/* V_C, the client's version string (CR and NL excluded) */
|
||||
buf_putstring(ses.kexhashbuf, ses.remoteident, remote_ident_len);
|
||||
/* V_S, the server's version string (CR and NL excluded) */
|
||||
buf_putstring(ses.kexhashbuf,
|
||||
(unsigned char*)LOCAL_IDENT, local_ident_len);
|
||||
buf_putstring(ses.kexhashbuf, LOCAL_IDENT, local_ident_len);
|
||||
|
||||
/* I_C, the payload of the client's SSH_MSG_KEXINIT */
|
||||
buf_setpos(ses.payload, ses.payload_beginning);
|
||||
buf_putstring(ses.kexhashbuf,
|
||||
buf_getptr(ses.payload, ses.payload->len-ses.payload->pos),
|
||||
(const char*)buf_getptr(ses.payload, ses.payload->len-ses.payload->pos),
|
||||
ses.payload->len-ses.payload->pos);
|
||||
|
||||
/* I_S, the payload of the server's SSH_MSG_KEXINIT */
|
||||
buf_putstring(ses.kexhashbuf,
|
||||
ses.transkexinit->data, ses.transkexinit->len);
|
||||
(const char*)ses.transkexinit->data, ses.transkexinit->len);
|
||||
|
||||
ses.requirenext = SSH_MSG_KEXDH_INIT;
|
||||
}
|
||||
@ -783,9 +781,9 @@ void kexcurve25519_comb_key(struct kex_curve25519_param *param, buffer *buf_pub_
|
||||
/* K_S, the host key */
|
||||
buf_put_pub_key(ses.kexhashbuf, hostkey, ses.newkeys->algo_hostkey);
|
||||
/* Q_C, client's ephemeral public key octet string */
|
||||
buf_putstring(ses.kexhashbuf, Q_C, CURVE25519_LEN);
|
||||
buf_putstring(ses.kexhashbuf, (const char*)Q_C, CURVE25519_LEN);
|
||||
/* Q_S, server's ephemeral public key octet string */
|
||||
buf_putstring(ses.kexhashbuf, Q_S, CURVE25519_LEN);
|
||||
buf_putstring(ses.kexhashbuf, (const char*)Q_S, CURVE25519_LEN);
|
||||
/* K, the shared secret */
|
||||
buf_putmpint(ses.kexhashbuf, ses.dh_K);
|
||||
|
||||
|
||||
@ -327,7 +327,7 @@ void session_cleanup() {
|
||||
|
||||
void send_session_identification() {
|
||||
buffer *writebuf = buf_new(strlen(LOCAL_IDENT "\r\n") + 1);
|
||||
buf_putbytes(writebuf, LOCAL_IDENT "\r\n", strlen(LOCAL_IDENT "\r\n"));
|
||||
buf_putbytes(writebuf, (const unsigned char *) LOCAL_IDENT "\r\n", strlen(LOCAL_IDENT "\r\n"));
|
||||
writebuf_enqueue(writebuf, 0);
|
||||
}
|
||||
|
||||
|
||||
6
dss.c
6
dss.c
@ -165,7 +165,7 @@ int buf_dss_verify(buffer* buf, dropbear_dss_key *key, buffer *data_buf) {
|
||||
DEF_MP_INT(val3);
|
||||
DEF_MP_INT(val4);
|
||||
char * string = NULL;
|
||||
int stringlen;
|
||||
unsigned int stringlen;
|
||||
|
||||
TRACE(("enter buf_dss_verify"))
|
||||
dropbear_assert(key != NULL);
|
||||
@ -186,7 +186,7 @@ int buf_dss_verify(buffer* buf, dropbear_dss_key *key, buffer *data_buf) {
|
||||
/* create the signature - s' and r' are the received signatures in buf */
|
||||
/* w = (s')-1 mod q */
|
||||
/* let val1 = s' */
|
||||
bytes_to_mp(&val1, &string[SHA1_HASH_SIZE], SHA1_HASH_SIZE);
|
||||
bytes_to_mp(&val1, (const unsigned char*) &string[SHA1_HASH_SIZE], SHA1_HASH_SIZE);
|
||||
|
||||
if (mp_cmp(&val1, key->q) != MP_LT) {
|
||||
TRACE(("verify failed, s' >= q"))
|
||||
@ -208,7 +208,7 @@ int buf_dss_verify(buffer* buf, dropbear_dss_key *key, buffer *data_buf) {
|
||||
|
||||
/* u2 = ((r')w) mod q */
|
||||
/* let val1 = r' */
|
||||
bytes_to_mp(&val1, &string[0], SHA1_HASH_SIZE);
|
||||
bytes_to_mp(&val1, (const unsigned char*) &string[0], SHA1_HASH_SIZE);
|
||||
if (mp_cmp(&val1, key->q) != MP_LT) {
|
||||
TRACE(("verify failed, r' >= q"))
|
||||
goto out;
|
||||
|
||||
12
ecdsa.c
12
ecdsa.c
@ -83,9 +83,9 @@ ecc_key *buf_get_ecdsa_pub_key(buffer* buf) {
|
||||
ecc_key *new_key = NULL;
|
||||
|
||||
/* string "ecdsa-sha2-[identifier]" */
|
||||
key_ident = buf_getstring(buf, &key_ident_len);
|
||||
key_ident = (unsigned char*)buf_getstring(buf, &key_ident_len);
|
||||
/* string "[identifier]" */
|
||||
identifier = buf_getstring(buf, &identifier_len);
|
||||
identifier = (unsigned char*)buf_getstring(buf, &identifier_len);
|
||||
|
||||
if (key_ident_len != identifier_len + strlen("ecdsa-sha2-")) {
|
||||
TRACE(("Bad identifier lengths"))
|
||||
@ -140,10 +140,10 @@ ecc_key *buf_get_ecdsa_priv_key(buffer *buf) {
|
||||
|
||||
void buf_put_ecdsa_pub_key(buffer *buf, ecc_key *key) {
|
||||
struct dropbear_ecc_curve *curve = NULL;
|
||||
unsigned char key_ident[30];
|
||||
char key_ident[30];
|
||||
|
||||
curve = curve_for_dp(key->dp);
|
||||
snprintf((char*)key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name);
|
||||
snprintf(key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name);
|
||||
buf_putstring(buf, key_ident, strlen(key_ident));
|
||||
buf_putstring(buf, curve->name, strlen(curve->name));
|
||||
buf_put_ecc_raw_pubkey_string(buf, key);
|
||||
@ -161,7 +161,7 @@ void buf_put_ecdsa_sign(buffer *buf, ecc_key *key, buffer *data_buf) {
|
||||
hash_state hs;
|
||||
unsigned char hash[64];
|
||||
void *e = NULL, *p = NULL, *s = NULL, *r;
|
||||
unsigned char key_ident[30];
|
||||
char key_ident[30];
|
||||
buffer *sigbuf = NULL;
|
||||
|
||||
TRACE(("buf_put_ecdsa_sign"))
|
||||
@ -222,7 +222,7 @@ void buf_put_ecdsa_sign(buffer *buf, ecc_key *key, buffer *data_buf) {
|
||||
}
|
||||
}
|
||||
|
||||
snprintf((char*)key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name);
|
||||
snprintf(key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name);
|
||||
buf_putstring(buf, key_ident, strlen(key_ident));
|
||||
/* enough for nistp521 */
|
||||
sigbuf = buf_new(200);
|
||||
|
||||
@ -649,9 +649,9 @@ static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase))
|
||||
modptr = (char *)p;
|
||||
modlen = len;
|
||||
} else if (i >= 2 && i <= 5) {
|
||||
buf_putstring(blobbuf, p, len);
|
||||
buf_putstring(blobbuf, (const char*)p, len);
|
||||
if (i == 2) {
|
||||
buf_putstring(blobbuf, modptr, modlen);
|
||||
buf_putstring(blobbuf, (const char*)modptr, modlen);
|
||||
}
|
||||
}
|
||||
} else if (key->type == OSSH_DSA) {
|
||||
@ -659,7 +659,7 @@ static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase))
|
||||
* OpenSSH key order is p, q, g, y, x,
|
||||
* we want the same.
|
||||
*/
|
||||
buf_putstring(blobbuf, p, len);
|
||||
buf_putstring(blobbuf, (const char*)p, len);
|
||||
}
|
||||
|
||||
/* Skip past the number. */
|
||||
|
||||
2
netio.c
2
netio.c
@ -99,7 +99,7 @@ static void connect_try_next(struct dropbear_progress_connection *c) {
|
||||
message.msg_name = r->ai_addr;
|
||||
message.msg_namelen = r->ai_addrlen;
|
||||
/* 6 is arbitrary, enough to hold initial packets */
|
||||
int iovlen = 6; /* Linux msg_iovlen is a size_t */
|
||||
unsigned int iovlen = 6; /* Linux msg_iovlen is a size_t */
|
||||
struct iovec iov[6];
|
||||
packet_queue_to_iovec(c->writequeue, iov, &iovlen);
|
||||
message.msg_iov = iov;
|
||||
|
||||
@ -138,7 +138,7 @@ signkey_key_ptr(sign_key *key, enum signkey_type type) {
|
||||
* on return is set to the type read (useful when type = _ANY) */
|
||||
int buf_get_pub_key(buffer *buf, sign_key *key, enum signkey_type *type) {
|
||||
|
||||
unsigned char* ident;
|
||||
char *ident;
|
||||
unsigned int len;
|
||||
enum signkey_type keytype;
|
||||
int ret = DROPBEAR_FAILURE;
|
||||
@ -209,7 +209,7 @@ int buf_get_pub_key(buffer *buf, sign_key *key, enum signkey_type *type) {
|
||||
* on return is set to the type read (useful when type = _ANY) */
|
||||
int buf_get_priv_key(buffer *buf, sign_key *key, enum signkey_type *type) {
|
||||
|
||||
unsigned char* ident;
|
||||
char *ident;
|
||||
unsigned int len;
|
||||
enum signkey_type keytype;
|
||||
int ret = DROPBEAR_FAILURE;
|
||||
@ -515,7 +515,7 @@ void buf_put_sign(buffer* buf, sign_key *key, enum signkey_type type,
|
||||
* signature blob */
|
||||
int buf_verify(buffer * buf, sign_key *key, buffer *data_buf) {
|
||||
|
||||
unsigned char * type_name = NULL;
|
||||
char *type_name = NULL;
|
||||
unsigned int type_name_len = 0;
|
||||
enum signkey_type type;
|
||||
|
||||
|
||||
10
svr-auth.c
10
svr-auth.c
@ -36,7 +36,7 @@
|
||||
#include "dbrandom.h"
|
||||
|
||||
static void authclear();
|
||||
static int checkusername(unsigned char *username, unsigned int userlen);
|
||||
static int checkusername(char *username, unsigned int userlen);
|
||||
|
||||
/* initialise the first time for a session, resetting all parameters */
|
||||
void svr_authinitialise() {
|
||||
@ -100,7 +100,7 @@ void send_msg_userauth_banner(buffer *banner) {
|
||||
* checking, and handle success or failure */
|
||||
void recv_msg_userauth_request() {
|
||||
|
||||
unsigned char *username = NULL, *servicename = NULL, *methodname = NULL;
|
||||
char *username = NULL, *servicename = NULL, *methodname = NULL;
|
||||
unsigned int userlen, servicelen, methodlen;
|
||||
int valid_user = 0;
|
||||
|
||||
@ -227,7 +227,7 @@ out:
|
||||
|
||||
/* Check that the username exists and isn't disallowed (root), and has a valid shell.
|
||||
* returns DROPBEAR_SUCCESS on valid username, DROPBEAR_FAILURE on failure */
|
||||
static int checkusername(unsigned char *username, unsigned int userlen) {
|
||||
static int checkusername(char *username, unsigned int userlen) {
|
||||
|
||||
char* listshell = NULL;
|
||||
char* usershell = NULL;
|
||||
@ -333,14 +333,14 @@ void send_msg_userauth_failure(int partial, int incrfail) {
|
||||
typebuf = buf_new(30); /* long enough for PUBKEY and PASSWORD */
|
||||
|
||||
if (ses.authstate.authtypes & AUTH_TYPE_PUBKEY) {
|
||||
buf_putbytes(typebuf, AUTH_METHOD_PUBKEY, AUTH_METHOD_PUBKEY_LEN);
|
||||
buf_putbytes(typebuf, (const unsigned char *)AUTH_METHOD_PUBKEY, AUTH_METHOD_PUBKEY_LEN);
|
||||
if (ses.authstate.authtypes & AUTH_TYPE_PASSWORD) {
|
||||
buf_putbyte(typebuf, ',');
|
||||
}
|
||||
}
|
||||
|
||||
if (ses.authstate.authtypes & AUTH_TYPE_PASSWORD) {
|
||||
buf_putbytes(typebuf, AUTH_METHOD_PASSWORD, AUTH_METHOD_PASSWORD_LEN);
|
||||
buf_putbytes(typebuf, (const unsigned char *)AUTH_METHOD_PASSWORD, AUTH_METHOD_PASSWORD_LEN);
|
||||
}
|
||||
|
||||
buf_putbufstring(ses.writepayload, typebuf);
|
||||
|
||||
@ -188,7 +188,7 @@ void svr_auth_pam() {
|
||||
|
||||
pam_handle_t* pamHandlep = NULL;
|
||||
|
||||
unsigned char * password = NULL;
|
||||
char * password = NULL;
|
||||
unsigned int passwordlen;
|
||||
|
||||
int rc = PAM_SUCCESS;
|
||||
|
||||
@ -52,7 +52,7 @@ void svr_auth_password() {
|
||||
|
||||
char * passwdcrypt = NULL; /* the crypt from /etc/passwd or /etc/shadow */
|
||||
char * testcrypt = NULL; /* crypt generated from the user's password sent */
|
||||
unsigned char * password;
|
||||
char * password;
|
||||
unsigned int passwordlen;
|
||||
|
||||
unsigned int changepw;
|
||||
@ -75,7 +75,7 @@ void svr_auth_password() {
|
||||
password = buf_getstring(ses.payload, &passwordlen);
|
||||
|
||||
/* the first bytes of passwdcrypt are the salt */
|
||||
testcrypt = crypt((char*)password, passwdcrypt);
|
||||
testcrypt = crypt(password, passwdcrypt);
|
||||
m_burn(password, passwordlen);
|
||||
m_free(password);
|
||||
|
||||
|
||||
@ -70,10 +70,10 @@
|
||||
#define MIN_AUTHKEYS_LINE 10 /* "ssh-rsa AB" - short but doesn't matter */
|
||||
#define MAX_AUTHKEYS_LINE 4200 /* max length of a line in authkeys */
|
||||
|
||||
static int checkpubkey(unsigned char* algo, unsigned int algolen,
|
||||
static int checkpubkey(char* algo, unsigned int algolen,
|
||||
unsigned char* keyblob, unsigned int keybloblen);
|
||||
static int checkpubkeyperms();
|
||||
static void send_msg_userauth_pk_ok(unsigned char* algo, unsigned int algolen,
|
||||
static void send_msg_userauth_pk_ok(char* algo, unsigned int algolen,
|
||||
unsigned char* keyblob, unsigned int keybloblen);
|
||||
static int checkfileperm(char * filename);
|
||||
|
||||
@ -82,7 +82,7 @@ static int checkfileperm(char * filename);
|
||||
void svr_auth_pubkey() {
|
||||
|
||||
unsigned char testkey; /* whether we're just checking if a key is usable */
|
||||
unsigned char* algo = NULL; /* pubkey algo */
|
||||
char* algo = NULL; /* pubkey algo */
|
||||
unsigned int algolen;
|
||||
unsigned char* keyblob = NULL;
|
||||
unsigned int keybloblen;
|
||||
@ -173,7 +173,7 @@ out:
|
||||
/* Reply that the key is valid for auth, this is sent when the user sends
|
||||
* a straight copy of their pubkey to test, to avoid having to perform
|
||||
* expensive signing operations with a worthless key */
|
||||
static void send_msg_userauth_pk_ok(unsigned char* algo, unsigned int algolen,
|
||||
static void send_msg_userauth_pk_ok(char* algo, unsigned int algolen,
|
||||
unsigned char* keyblob, unsigned int keybloblen) {
|
||||
|
||||
TRACE(("enter send_msg_userauth_pk_ok"))
|
||||
@ -181,7 +181,7 @@ static void send_msg_userauth_pk_ok(unsigned char* algo, unsigned int algolen,
|
||||
|
||||
buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_PK_OK);
|
||||
buf_putstring(ses.writepayload, algo, algolen);
|
||||
buf_putstring(ses.writepayload, keyblob, keybloblen);
|
||||
buf_putstring(ses.writepayload, (const char*)keyblob, keybloblen);
|
||||
|
||||
encrypt_packet();
|
||||
TRACE(("leave send_msg_userauth_pk_ok"))
|
||||
@ -191,7 +191,7 @@ static void send_msg_userauth_pk_ok(unsigned char* algo, unsigned int algolen,
|
||||
/* Checks whether a specified publickey (and associated algorithm) is an
|
||||
* acceptable key for authentication */
|
||||
/* Returns DROPBEAR_SUCCESS if key is ok for auth, DROPBEAR_FAILURE otherwise */
|
||||
static int checkpubkey(unsigned char* algo, unsigned int algolen,
|
||||
static int checkpubkey(char* algo, unsigned int algolen,
|
||||
unsigned char* keyblob, unsigned int keybloblen) {
|
||||
|
||||
FILE * authfile = NULL;
|
||||
@ -260,9 +260,9 @@ static int checkpubkey(unsigned char* algo, unsigned int algolen,
|
||||
/* check the key type - will fail if there are options */
|
||||
TRACE(("a line!"))
|
||||
|
||||
if (strncmp(buf_getptr(line, algolen), algo, algolen) != 0) {
|
||||
if (strncmp((const char *) buf_getptr(line, algolen), algo, algolen) != 0) {
|
||||
int is_comment = 0;
|
||||
char *options_start = NULL;
|
||||
unsigned char *options_start = NULL;
|
||||
int options_len = 0;
|
||||
int escape, quoted;
|
||||
|
||||
@ -308,7 +308,7 @@ static int checkpubkey(unsigned char* algo, unsigned int algolen,
|
||||
if (line->pos + algolen+3 > line->len) {
|
||||
continue;
|
||||
}
|
||||
if (strncmp(buf_getptr(line, algolen), algo, algolen) != 0) {
|
||||
if (strncmp((const char *) buf_getptr(line, algolen), algo, algolen) != 0) {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
@ -330,7 +330,7 @@ static int checkpubkey(unsigned char* algo, unsigned int algolen,
|
||||
|
||||
TRACE(("checkpubkey: line pos = %d len = %d", line->pos, line->len))
|
||||
|
||||
ret = cmp_base64_key(keyblob, keybloblen, algo, algolen, line, NULL);
|
||||
ret = cmp_base64_key(keyblob, keybloblen, (const unsigned char *) algo, algolen, line, NULL);
|
||||
|
||||
if (ret == DROPBEAR_SUCCESS && options_buf) {
|
||||
ret = svr_add_pubkey_options(options_buf, line_num, filename);
|
||||
|
||||
@ -343,7 +343,7 @@ static void closechansess(struct Channel *channel) {
|
||||
* or x11/authagent forwarding. These are passed to appropriate handlers */
|
||||
static void chansessionrequest(struct Channel *channel) {
|
||||
|
||||
unsigned char * type = NULL;
|
||||
char * type = NULL;
|
||||
unsigned int typelen;
|
||||
unsigned char wantreply;
|
||||
int ret = 1;
|
||||
@ -406,7 +406,7 @@ out:
|
||||
static int sessionsignal(struct ChanSess *chansess) {
|
||||
|
||||
int sig = 0;
|
||||
unsigned char* signame = NULL;
|
||||
char* signame = NULL;
|
||||
int i;
|
||||
|
||||
if (chansess->pid == 0) {
|
||||
@ -557,7 +557,7 @@ static void get_termmodes(struct ChanSess *chansess) {
|
||||
static int sessionpty(struct ChanSess * chansess) {
|
||||
|
||||
unsigned int termlen;
|
||||
unsigned char namebuf[65];
|
||||
char namebuf[65];
|
||||
struct passwd * pw = NULL;
|
||||
|
||||
TRACE(("enter sessionpty"))
|
||||
@ -583,7 +583,7 @@ static int sessionpty(struct ChanSess * chansess) {
|
||||
return DROPBEAR_FAILURE;
|
||||
}
|
||||
|
||||
chansess->tty = (char*)m_strdup(namebuf);
|
||||
chansess->tty = m_strdup(namebuf);
|
||||
if (!chansess->tty) {
|
||||
dropbear_exit("Out of memory"); /* TODO disconnect */
|
||||
}
|
||||
@ -603,6 +603,7 @@ static int sessionpty(struct ChanSess * chansess) {
|
||||
return DROPBEAR_SUCCESS;
|
||||
}
|
||||
|
||||
#ifndef USE_VFORK
|
||||
static void make_connection_string(struct ChanSess *chansess) {
|
||||
char *local_ip, *local_port, *remote_ip, *remote_port;
|
||||
size_t len;
|
||||
@ -624,6 +625,7 @@ static void make_connection_string(struct ChanSess *chansess) {
|
||||
m_free(remote_ip);
|
||||
m_free(remote_port);
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Handle a command request from the client. This is used for both shell
|
||||
* and command-execution requests, and passes the command to
|
||||
|
||||
@ -247,7 +247,7 @@ static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs) {
|
||||
{
|
||||
struct kex_curve25519_param *param = gen_kexcurve25519_param();
|
||||
kexcurve25519_comb_key(param, ecdh_qs, svr_opts.hostkey);
|
||||
buf_putstring(ses.writepayload, param->pub, CURVE25519_LEN);
|
||||
buf_putstring(ses.writepayload, (const char*)param->pub, CURVE25519_LEN);
|
||||
free_kexcurve25519_param(param);
|
||||
}
|
||||
#endif
|
||||
|
||||
@ -30,13 +30,13 @@
|
||||
#include "ssh.h"
|
||||
#include "auth.h"
|
||||
|
||||
static void send_msg_service_accept(unsigned char *name, int len);
|
||||
static void send_msg_service_accept(char *name, int len);
|
||||
|
||||
/* processes a SSH_MSG_SERVICE_REQUEST, returning 0 if finished,
|
||||
* 1 if not */
|
||||
void recv_msg_service_request() {
|
||||
|
||||
unsigned char * name;
|
||||
char * name;
|
||||
unsigned int len;
|
||||
|
||||
TRACE(("enter recv_msg_service_request"))
|
||||
@ -73,7 +73,7 @@ void recv_msg_service_request() {
|
||||
|
||||
}
|
||||
|
||||
static void send_msg_service_accept(unsigned char *name, int len) {
|
||||
static void send_msg_service_accept(char *name, int len) {
|
||||
|
||||
TRACE(("accepting service %s", name))
|
||||
|
||||
|
||||
12
svr-tcpfwd.c
12
svr-tcpfwd.c
@ -65,7 +65,7 @@ static const struct ChanType svr_chan_tcpremote = {
|
||||
* similar to the request-switching in chansession.c */
|
||||
void recv_msg_global_request_remotetcp() {
|
||||
|
||||
unsigned char* reqname = NULL;
|
||||
char* reqname = NULL;
|
||||
unsigned int namelen;
|
||||
unsigned int wantreply = 0;
|
||||
int ret = DROPBEAR_FAILURE;
|
||||
@ -120,7 +120,7 @@ static int matchtcp(void* typedata1, void* typedata2) {
|
||||
static int svr_cancelremotetcp() {
|
||||
|
||||
int ret = DROPBEAR_FAILURE;
|
||||
unsigned char * bindaddr = NULL;
|
||||
char * bindaddr = NULL;
|
||||
unsigned int addrlen;
|
||||
unsigned int port;
|
||||
struct Listener * listener = NULL;
|
||||
@ -155,7 +155,7 @@ out:
|
||||
static int svr_remotetcpreq() {
|
||||
|
||||
int ret = DROPBEAR_FAILURE;
|
||||
unsigned char * request_addr = NULL;
|
||||
char * request_addr = NULL;
|
||||
unsigned int addrlen;
|
||||
struct TCPListener *tcpinfo = NULL;
|
||||
unsigned int port;
|
||||
@ -232,12 +232,12 @@ const struct ChanType svr_chan_tcpdirect = {
|
||||
* address */
|
||||
static int newtcpdirect(struct Channel * channel) {
|
||||
|
||||
unsigned char* desthost = NULL;
|
||||
char* desthost = NULL;
|
||||
unsigned int destport;
|
||||
unsigned char* orighost = NULL;
|
||||
char* orighost = NULL;
|
||||
unsigned int origport;
|
||||
char portstring[NI_MAXSERV];
|
||||
int len;
|
||||
unsigned int len;
|
||||
int err = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED;
|
||||
|
||||
TRACE(("newtcpdirect channel %d", channel->index))
|
||||
|
||||
@ -107,7 +107,7 @@ static void x11accept(struct Listener* listener, int sock) {
|
||||
|
||||
int fd;
|
||||
struct sockaddr_in addr;
|
||||
int len;
|
||||
socklen_t len;
|
||||
int ret;
|
||||
struct ChanSess * chansess = (struct ChanSess *)(listener->typedata);
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user