ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-02-12 07:25:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,567 Commits 5 Branches 63 Tags 14 MiB
1e10af850b
Commit Graph

59 Commits

Author SHA1 Message Date
Matt Johnston
9e25854b41 cast to fix warning 2020-05-26 19:57:28 +08:00
Matt Johnston
701d43b859 send and handle SSH_MSG_EXT_INFO only at the correct point 
- other fixes for rsa pubkey auth
- only include ext-info handling when rsa pubkey auth is compiled
 2020-05-24 14:16:58 +08:00
Matt Johnston
5acee497bf ext-info handling for server-sig-algs 
only client side is handled
 2020-05-19 00:31:41 +08:00
Matt Johnston
972d723484 split signkey_type and signature_type for RSA sha1 vs sha256 2020-05-17 23:58:31 +08:00
Matt Johnston
7dc2f36c3e use sigtype where appropriate 2020-04-06 23:18:26 +08:00
Vladislav Grishenko
3d12521735
Add Ed25519 support (#91) 
* Add support for Ed25519 as a public key type

Ed25519 is a elliptic curve signature scheme that offers
better security than ECDSA and DSA and good performance. It may be
used for both user and host keys.

OpenSSH key import and fuzzer are not supported yet.

Initially inspired by Peter Szabo.

* Add curve25519 and ed25519 fuzzers

* Add import and export of Ed25519 keys
 2020-03-12 00:09:45 +08:00
Matt Johnston
c658b275fd - #if not #ifdef for DROPBEAR_FUZZ 
- fix some unused variables

--HG--
branch : fuzz
 2018-02-28 21:40:08 +08:00
Matt Johnston
7e8094d53a merge from main 
--HG--
branch : fuzz
 2018-02-17 19:29:51 +08:00
Michael Witten
3ee685ad1c options: Complete the transition to numeric toggles (`#if') 
For the sake of review, this commit alters only the code; the affiliated
comments within the source files also need to be updated, but doing so
now would obscure the operational changes that have been made here.

* All on/off options have been switched to the numeric `#if' variant;
  that is the only way to make this `default_options.h.in' thing work
  in a reasonable manner.

* There is now some very minor compile-time checking of the user's
  choice of options.

* NO_FAST_EXPTMOD doesn't seem to be used, so it has been removed.

* ENABLE_USER_ALGO_LIST was supposed to be renamed DROPBEAR_USER_ALGO_LIST,
  and this commit completes that work.

* DROPBEAR_FUZZ seems to be a relatively new, as-yet undocumented option,
  which was added by the following commit:

    commit 6e0b539e9c
    Author: Matt Johnston <matt@ucc.asn.au>
    Date:   Tue May 23 22:29:21 2017 +0800

        split out checkpubkey_line() separately

  It has now been added to `sysoptions.h' and defined as `0' by default.

* The configuration option `DROPBEAR_PASSWORD_ENV' is no longer listed in
  `default_options.h.in'; it is no longer meant to be set by the user, and
  is instead left to be defined in `sysoptions.h' (where it was already being
  defined) as merely the name of the environment variable in question:

    DROPBEAR_PASSWORD

  To enable or disable use of that environment variable, the user must now
  toggle `DROPBEAR_USE_DROPBEAR_PASSWORD'.

* The sFTP support is now toggled by setting `DROPBEAR_SFTPSERVER', and the
  path of the sFTP server program is set independently through the usual
  SFTPSERVER_PATH.
 2018-02-16 23:13:47 +08:00
Francois Perrad
89e64c631e Pointer parameter could be declared as pointing to const 2017-08-19 17:16:13 +02:00
Matt Johnston
25607c04a7 add m_mp_free_multi, be more careful freeing when failing to load keys 
--HG--
branch : fuzz
 2017-05-26 21:08:43 +08:00
Matt Johnston
924b8469cb fix null pointer crash 2017-05-26 00:19:53 +08:00
Matt Johnston
f24d93d4e4 fix null pointer crash 
--HG--
branch : fuzz
 2017-05-26 00:19:53 +08:00
Matt Johnston
ee5769f31f avoid NULL argument to base64 decode 
--HG--
branch : fuzz
 2017-05-25 00:09:40 +08:00
Matt Johnston
0363d3c32e fuzzer-pubkey 
--HG--
branch : fuzz
 2017-05-23 22:43:34 +08:00
Matt Johnston
0ab0687a3a Fix null pointer dereference found by libfuzzer 2017-05-21 18:53:09 +08:00
Matt Johnston
c38927da47 add m_mp_free_multi, be more careful freeing when failing to load keys 2017-05-26 21:08:43 +08:00
Matt Johnston
30d3ccd419 Fix null pointer dereference found by libfuzzer 
--HG--
branch : fuzz
 2017-05-21 18:53:09 +08:00
Matt Johnston
32a28d0d9c Convert #ifdef to #if, other build changes 2016-05-04 15:33:40 +02:00
Matt Johnston
c830d30553 merge 2016-03-16 22:53:27 +08:00
Francois Perrad
893d7be5bf const variables 2016-03-16 22:41:19 +08:00
Matt Johnston
e7828bb911 cast return type to enum 2016-03-15 22:40:15 +08:00
Francois Perrad
23ac7f56fa refactor indentation with hard tab 2015-12-31 16:00:23 +01:00
Matt Johnston
1a4db21fe4 buf_getstring and buf_putstring now use non-unsigned char* 2015-06-04 23:08:50 +08:00
Gaël PORTAY
224b16b247 Fix pointer differ in signess warnings [-Werror=pointer-sign] 2015-05-05 20:39:13 +02:00
Matt Johnston
3317916111 Fix some memory leaks in ecc code 2015-03-01 22:44:36 +08:00
Matt Johnston
364a53577e Move generic network routines to netio.c 
--HG--
branch : fastopen
 2015-02-20 23:16:38 +08:00
Matt Johnston
6b5317e7cc Fix compiling with ECDSA and DSS disabled 2014-06-25 23:37:44 +08:00
Matt Johnston
c5e36f8e3c Fix some warnings 2013-11-25 23:08:33 +08:00
Matt Johnston
de1deaf0bd use oldstyle comments 2013-11-14 22:03:30 +08:00
Matt Johnston
a65f84db38 - Some fixes for old compilers like tru64 v4 from Daniel Richard G. 
- Don't warn about blocking random device for prngd
 2013-11-14 21:36:45 +08:00
Matt Johnston
e60a84d0ed Various cleanups and fixes for warnings 
--HG--
branch : ecc
 2013-11-12 23:02:32 +08:00
Matt Johnston
58fe1c2d2a Add '-R' for delayed hostkey option 
--HG--
branch : keyondemand
 2013-11-07 23:49:37 +08:00
Matt Johnston
4363b8b32d refactor key generation, make it generate as required. 
Needs UI in server command line options

--HG--
branch : keyondemand
 2013-11-07 00:18:52 +08:00
Matt Johnston
082a2dde35 Fix specifying a keysize for key generation, fix key name arguments 
--HG--
branch : ecc
 2013-11-01 00:13:09 +08:00
Matt Johnston
aafeebd0c8 have separate ecdsa keys for each size 
fix crash from the mp_alloc_init_multi change in RSA

--HG--
branch : ecc
 2013-05-25 00:54:19 +08:00
Matt Johnston
04518e9e80 merge in HEAD 
--HG--
branch : ecc
 2013-05-21 12:09:35 +08:00
Matt Johnston
95a21c8fd7 ecdsa is working 
--HG--
branch : ecc
 2013-05-03 23:07:48 +08:00
Matt Johnston
79660f2eb1 more ecdsa signkey work, not correct 
--HG--
branch : ecc
 2013-04-28 23:17:43 +08:00
Matt Johnston
5c87c6a435 A bit of work on ecdsa for host/auth keys 
--HG--
branch : ecc
 2013-04-14 00:50:03 +08:00
Matt Johnston
a8135dec1e Make _sign and _verify functions take a buffer* rather than void* and int 
--HG--
branch : ecc
 2013-04-06 16:00:37 +08:00
Matt Johnston
90cf7f012c Move the more verbose TRACE() statements into TRACE2() 2013-04-01 00:07:26 +08:00
Matt Johnston
fd0b05943d - Fix some format strings in TRACE()s 2011-12-04 05:24:50 +08:00
Matt Johnston
38ed870ffe Improve capitalisation for all logged strings 
--HG--
extra : convert_revision : 997e53cec7a9efb7413ac6e17b6be60a5597bd2e
 2011-02-23 15:50:30 +00:00
Matt Johnston
fced1113d3 Rename rsa_key to dropbear_rsa_key (and same for dss too) so 
we don't conflict with libtomcrypt.

--HG--
extra : convert_revision : 77961344ec415d73d48fdc7b1ebead3099c13394
 2010-07-21 12:55:25 +00:00
Matt Johnston
bb8234c2f1 Agent forwarding works 
--HG--
branch : agent-client
extra : convert_revision : eb0dae4b62e243ba37a897beb7ba81a4f637d8b3
 2009-07-30 15:14:33 +00:00
Matt Johnston
c742137dc8 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList 
--HG--
branch : agent-client
extra : convert_revision : 5465e639cc3f5ee0c6c55f0de6e7b6d5a8769da3
 2009-07-06 12:59:13 +00:00
Matt Johnston
c077f22fb4 Improve known_hosts checking. 
--HG--
extra : convert_revision : b7933fa29cbedeb53b79a0b60aaa0f049e003cb2
 2007-02-22 15:29:32 +00:00
Matt Johnston
744268f388 - add explicit check that correct keytype exists for pubkey verification 
--HG--
extra : convert_revision : 8d86185c9b7efcedc1d640208c03bb1b377cc502
 2005-09-06 03:57:21 +00:00
Matt Johnston
109b87d2a3 Change the format of for loops, gcc4 produces incorrect binaries with 
the previous code.

--HG--
extra : convert_revision : 560fb575d3fa53924774c7db897e304b35ba07e3
 2005-07-08 11:30:54 +00:00