ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-02-01 19:34:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
532 Commits 5 Branches 63 Tags 14 MiB
2bcb60fe56
Commit Graph

31 Commits

Author SHA1 Message Date
Matt Johnston
2bcb60fe56 Fix case where "-K 1" would cause a SSH_MSG_IGNORE packet to be sent 
with the wrong encryption key ("bad packet length" symptom) while
key exchange was happening.

--HG--
extra : convert_revision : f7d27ec094c4aba2a4289c523c722fcb3c3f58ca
 2011-06-07 11:55:44 +00:00
Matt Johnston
d634b502cf - Don't allow setting memLevel since that doesn't work properly 
- Better handling of the case where compressing makes the data
larger (possibly only happens when memLevel is adjusted, but better
to be safe)

--HG--
extra : convert_revision : b31879a384d3bf8cbcbe2ed731d7d79d49799b1d
 2011-02-28 13:51:27 +00:00
Matt Johnston
38ed870ffe Improve capitalisation for all logged strings 
--HG--
extra : convert_revision : 997e53cec7a9efb7413ac6e17b6be60a5597bd2e
 2011-02-23 15:50:30 +00:00
Matt Johnston
642920585f Don't reset last_packet_time when we're transmitting SSH_MSG_IGNORE packets 
(from keepalives)

--HG--
extra : convert_revision : a46ca9204de0df58d8701df0d79b6b8ec601b9ce
 2011-02-23 15:10:28 +00:00
Matt Johnston
f88bed7a30 Rearrange getaddrstring() etc 
--HG--
extra : convert_revision : 8a18c4a60aeaec085923d13d98fa0f93c506ceba
 2009-09-01 16:38:26 +00:00
Matt Johnston
bcd541d65f - Payload length doesn't include macsize. 
--HG--
extra : convert_revision : 98ac17a573ab350cbd6e358b3943237d2ad5c9cf
 2009-07-26 16:11:27 +00:00
Matt Johnston
2b54d3397c Remove extraneous debugging 
--HG--
extra : convert_revision : 58d53a027555e98d6d274b4659d38211eea7ad11
 2009-03-03 13:20:00 +00:00
Matt Johnston
ff763e4005 - Get rid of decryptreadbuf, just decrypt in-place with readbuf 
- Share make_mac function for both packet creation and validation
- Split recv/trans parts of key_context into their own structures

--HG--
extra : convert_revision : 043bc598c76ed43625987e6937e32238f7ed6240
 2009-03-01 16:15:57 +00:00
Matt Johnston
8e72bbaa9d Encrypt in-place, avoid an extra malloc 
--HG--
extra : convert_revision : 981e3e4b44e6fdc8537775518e898a33e76a38db
 2009-03-01 14:38:25 +00:00
Matt Johnston
4b37932ba1 merge of 'e1c100e6366c5d607af08f4abdbb0f4281df4fa9' 
and 'fe8161b0698c9816b98f79e3cab2b9d59f2be71b'

--HG--
extra : convert_revision : 23e1a99e40fc3baad5216b2a7e7318f8243f86a3
 2009-02-26 13:21:14 +00:00
Matt Johnston
d1bfb6bfb7 disapproval of revision 'a101cbd046507cf723e6362a49196dbd4b924042' 
--HG--
extra : convert_revision : e1c100e6366c5d607af08f4abdbb0f4281df4fa9
 2009-02-26 13:20:53 +00:00
Matt Johnston
35f3d2ff90 merge of 'a101cbd046507cf723e6362a49196dbd4b924042' 
and 'c8e1b84cfe874887ad7df0dd95a00de46dbc0136'

--HG--
extra : convert_revision : fe8161b0698c9816b98f79e3cab2b9d59f2be71b
 2009-02-26 12:18:34 +00:00
Matt Johnston
a60cb7dbaa - Try to write out as much as we can 
--HG--
extra : convert_revision : a101cbd046507cf723e6362a49196dbd4b924042
 2009-02-26 12:18:11 +00:00
Matt Johnston
cca4e1a080 - Don't be dumb and encrypt/decrypt in a while() loop - why did I do this?? 
--HG--
extra : convert_revision : c8e1b84cfe874887ad7df0dd95a00de46dbc0136
 2009-02-25 14:04:02 +00:00
Matt Johnston
adc4d0194f Idle timeout patch from Farrell Aultman. Needs testing, unsure if server 
code works

--HG--
extra : convert_revision : ff66e05ae040561110af70114bf83f11ed528f05
 2008-11-07 14:11:06 +00:00
Matt Johnston
511f6555c9 - Add Counter Mode support 
--HG--
extra : convert_revision : 5225162bdf32d70b58b6d3ae375a290326c59f3a
 2008-09-29 13:53:31 +00:00
Matt Johnston
049fcf1ac5 Add support for zlib@openssh.com delayed compression. 
Are still advertising 'zlib' for the server, need to allow
delayed-only as an option

--HG--
extra : convert_revision : 319df675cc3c9b35a10b7d8357c94f33fdab1a46
 2008-09-29 02:23:04 +00:00
Matt Johnston
b619e88f54 - Split main socket var into ses.sock_in/ses.sock_out in preparation 
for -J proxy_cmd option (and some prelim options for that)

--HG--
extra : convert_revision : 47cdea9a7d66c553c6f5eec43b899821939d4e4c
 2008-09-15 12:51:50 +00:00
Matt Johnston
ddb61adcc9 Fix delayed packet queue handling 
--HG--
extra : convert_revision : 53b349938dfae2256e23799fae66edd5fc3e97ee
 2007-08-08 15:48:52 +00:00
Matt Johnston
75ec4d6510 - Add -K keepalive flag for dropbear and dbclient 
- Try to reduce the frequency of select() timeouts
- Add a max receive window size of 1MB

--HG--
extra : convert_revision : 9aa22036cb511cddb35fbc0e09ad05acb39b64d1
 2007-08-08 15:12:06 +00:00
Matt Johnston
57ae0bfedf Prevent invalid packets being sent during key-exchange, instead queue 
them until afterwards. This could sometimes terminate connections
after 8 hours if (for example) a new TCP forwarded connection
was sent at the KEX timeout.

--HG--
extra : convert_revision : 48426bd66b8f5ba50045f7ba190d1672745132e2
 2007-07-27 17:13:42 +00:00
Matt Johnston
2d4d9627a2 Rearrange the channel buffer sizes into three neat use-editable values in 
options.h. Increasing RECV_MAX_WINDOW gives big network performance
increases - even with the present buffers (which haven't changed) it
performs a lot better.
Next step is to make the window size a cmdline option.

--HG--
extra : convert_revision : 24c7cb47fb56cf5b82e3bc0859b45ea83038eab0
 2007-07-24 15:40:23 +00:00
Matt Johnston
c3941698cd Don't erase every buffer, it's too time consuming. 
On systems where it matters encrypted swap should be enabled anyway.

--HG--
extra : convert_revision : 6cb7793493d92968e09b5dea21d71ded5811d21f
 2007-02-12 10:44:47 +00:00
Matt Johnston
53681cbdb6 * use own assertions which should get logged properly 
--HG--
extra : convert_revision : 3dc365619f0840ab5781660b1257a9f22c05d3fe
 2005-09-05 15:16:10 +00:00
Matt Johnston
c804883350 trans, not recv for macsize 
--HG--
extra : convert_revision : 39c4f7320b3a10ef7ef5a41406fe014cc9040ee9
 2005-08-30 17:56:53 +00:00
Matt Johnston
ca77392bd1 - Fixed twofish algorithm naming so it actually works. 
- Added support for aes256, twofish256 and sha1-96
- Fixed some debugging statements

--HG--
extra : convert_revision : 598835dadaddb1e95d4ac99f8a1be4ba51639000
 2005-08-30 16:58:57 +00:00
Matt Johnston
7b403dc57f Switching to libtomcrypt 1.02 
(still has problems)

--HG--
extra : convert_revision : 4dfd70544ed9a766876ddda9f6ac3f26054eb3db
 2005-05-09 09:32:33 +00:00
Matt Johnston
8c1a429c44 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place 
--HG--
extra : convert_revision : d928bc851e32be7bd429bf7504b148c0e4bf7e2f
 2005-01-02 20:25:56 +00:00
Matt Johnston
8e1ec24f55 Merging in the changes from 0.41-0.43 main Dropbear tree 
--HG--
extra : convert_revision : 4c3428781bc8faf0fd7cadd7099fbd7f4ea386e7
 2004-08-12 16:41:58 +00:00
Matt Johnston
a76b1ba068 Progressing client support 
--HG--
extra : convert_revision : 48946be1cef774d1c33b0f78689962b18720c627
 2004-07-27 16:30:46 +00:00
Matt Johnston
471d28bd10 - Rename common-packet.c to packet.c 
- buf_burn the unencrypted read/write payload buffers after use to avoid
  sensitive contents sitting in memory for too long

--HG--
extra : convert_revision : 19227d63bda554e819ae7df919bfd18911d5b4a0
 2004-07-27 02:14:42 +00:00