ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-01-31 02:46:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,863 Commits 5 Branches 63 Tags 14 MiB
36a0313263
Commit Graph

39 Commits

Author SHA1 Message Date
Begley Brothers Inc
f4be5a3c8b Allow user space file locations (rootless support) 
Why:
Running dropbear as a user (rootless) is aided if
files and programs can be saved/removed without
needing sudo.

What:
Use the same convention as DROPBEAR_DEFAULT_CLI_AUTHKEY;
if not starting with '/', then is relative to hedge's /home/hedge:
*_PRIV_FILENAME
DROPBEAR_PIDFILE
SFTPSERVER_PATH

default_options.h commentary added.

Changes kept to a minimum, so log entry in svr_kex.c#163
is refactored.
From:
    Generated hostkey is <path> ... <finger-print>
to:
    Generated hostkey path is <path>
    Generated hostkey fingerprint is <fp>
Otherwise the unexpanded path was reported.

Patch modified by Matt Johnston

Signed-off-by: Begley Brothers Inc <begleybrothers@gmail.com>
 2022-03-30 13:51:57 +08:00
Matt Johnston
701d43b859 send and handle SSH_MSG_EXT_INFO only at the correct point 
- other fixes for rsa pubkey auth
- only include ext-info handling when rsa pubkey auth is compiled
 2020-05-24 14:16:58 +08:00
Matt Johnston
331d4a714f Make server send SSH_MSG_EXT_INFO 
Ensure that only valid hostkey algorithms are sent in the first kex guess
 2020-05-21 23:00:22 +08:00
Matt Johnston
7dc2f36c3e use sigtype where appropriate 2020-04-06 23:18:26 +08:00
Vladislav Grishenko
3d12521735
Add Ed25519 support (#91) 
* Add support for Ed25519 as a public key type

Ed25519 is a elliptic curve signature scheme that offers
better security than ECDSA and DSA and good performance. It may be
used for both user and host keys.

OpenSSH key import and fuzzer are not supported yet.

Initially inspired by Peter Szabo.

* Add curve25519 and ed25519 fuzzers

* Add import and export of Ed25519 keys
 2020-03-12 00:09:45 +08:00
Matt Johnston
c658b275fd - #if not #ifdef for DROPBEAR_FUZZ 
- fix some unused variables

--HG--
branch : fuzz
 2018-02-28 21:40:08 +08:00
Matt Johnston
89bdf3b0b9 add fuzzer-preauth_nomaths 
--HG--
branch : fuzz
 2018-01-23 23:05:47 +08:00
Matt Johnston
45b27b0194 merge 2017.75 2017-05-18 22:59:38 +08:00
Matt Johnston
597f12c44a Use atomic key generation in all cases 2016-11-19 00:31:21 +08:00
Matt Johnston
32a28d0d9c Convert #ifdef to #if, other build changes 2016-05-04 15:33:40 +02:00
Matt Johnston
d6daad29fc options for disabling "normal" DH 2016-05-02 23:48:16 +02:00
Matt Johnston
098aba47c3 assertion for case that shouldn't happen 2016-03-15 23:20:01 +08:00
Matt Johnston
1a4db21fe4 buf_getstring and buf_putstring now use non-unsigned char* 2015-06-04 23:08:50 +08:00
Matt Johnston
634415f79e Open directories O_RDONLY for fsync, add debugging if it fails 2015-01-04 22:22:43 +08:00
Matt Johnston
4ba830fc31 Make sure hostkeys are flushed to disk to avoid empty files if the power 
fails. Based on patch from Peter Korsgaard
 2014-11-08 22:15:16 +08:00
Matt Johnston
55a0c5068f requirenext doesn't need two values 2014-01-23 22:25:52 +08:00
Matt Johnston
b3cab3ce31 Log when generating a hostkey 2013-12-03 21:13:58 +08:00
Matt Johnston
cbe63bbabe rename random.h to dbrandom.h since some OSes have a system random.h 
--HG--
rename : random.c => dbrandom.c
rename : random.h => dbrandom.h
 2013-11-14 22:05:47 +08:00
Matt Johnston
e60a84d0ed Various cleanups and fixes for warnings 
--HG--
branch : ecc
 2013-11-12 23:02:32 +08:00
Matt Johnston
1e00d0b926 - Make curve25519 work after fixing a typo, interoperates with OpenSSH 
- comment on ecc binary size effects

--HG--
branch : ecc
 2013-11-09 00:02:26 +08:00
Matt Johnston
29b1455f36 Merge 
--HG--
branch : ecc
 2013-11-08 23:32:13 +08:00
Matt Johnston
0162c116da curve25519 
--HG--
branch : ecc
 2013-11-08 23:11:43 +08:00
Matt Johnston
58fe1c2d2a Add '-R' for delayed hostkey option 
--HG--
branch : keyondemand
 2013-11-07 23:49:37 +08:00
Matt Johnston
4363b8b32d refactor key generation, make it generate as required. 
Needs UI in server command line options

--HG--
branch : keyondemand
 2013-11-07 00:18:52 +08:00
Matt Johnston
04518e9e80 merge in HEAD 
--HG--
branch : ecc
 2013-05-21 12:09:35 +08:00
Matt Johnston
ef151888fb requirenext fixup for firstkexfollows 2013-04-14 23:16:16 +08:00
Matt Johnston
4f07805d0a - Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string() 
- Reindent ecc.c properly

--HG--
branch : ecc
 2013-04-08 23:56:31 +08:00
Matt Johnston
c6bdc810ab ecc kind of works, needs fixing/testing 
--HG--
branch : ecc
 2013-04-07 01:36:42 +08:00
Matt Johnston
b4bcc60657 More changes for KEX and ECDH. Set up hash descriptors, make ECC code work, 
ses.hash and ses.session_id are now buffers (doesn't compile)

--HG--
branch : ecc
 2013-03-29 00:28:09 +08:00
Matt Johnston
73e22c115c refactor kexdh code a bit, start working on ecdh etc 
--HG--
branch : ecc
 2013-03-26 01:35:22 +08:00
Matt Johnston
3c42c5407c Refer to RFCs rather than drafts, update some section references 
--HG--
extra : convert_revision : b5c5c88e702f427b9d5e8c592e2b7e1bda204ff3
 2011-02-27 13:57:32 +00:00
Matt Johnston
4cb673b644 Fixes from Erik Hovland: 
cli-authpubkey.c:
    fix leak of keybuf

cli-kex.c:
    fix leak of fingerprint fp

cli-service.c:
    remove commented out code

dropbearkey.c:
    don't attepmt to free NULL key on failure

common-kex.c:
    only free key if it is initialised

keyimport.c:
    remove dead encrypted-key code
    don't leak a FILE* loading OpenSSH keys

rsa.c, dss.c:
    check return values for some libtommath functions

svr-kex.c:
    check return value retrieving DH kex mpint

svr-tcpfwd.c:
    fix null-dereference if remote tcp forward request fails

tcp-accept.c:
    don't incorrectly free the tcpinfo var

--HG--
extra : convert_revision : 640a55bc710cbaa6d212453c750026c770e19193
 2006-07-07 09:17:18 +00:00
Matt Johnston
8c1a429c44 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place 
--HG--
extra : convert_revision : d928bc851e32be7bd429bf7504b148c0e4bf7e2f
 2005-01-02 20:25:56 +00:00
Matt Johnston
4a52217ed4 default initialisers for mp_ints 
--HG--
extra : convert_revision : af69bacb50a31523e383e8f73844d04681f9e394
 2004-08-17 10:20:20 +00:00
Matt Johnston
703c9a7370 License boilerplate etc, add Mihnea as an author to some of the files 
--HG--
extra : convert_revision : 75c02f80c4ed25bd4697e7f17ffac6eded54c148
 2004-08-14 17:54:20 +00:00
Matt Johnston
a9c38fb37f snapshot of stuff 
--HG--
extra : convert_revision : 2903853ba24669d01547710986ad531357602633
 2004-07-26 02:44:20 +00:00
Matt Johnston
62aab2227c switching to global vars 
--HG--
extra : convert_revision : 800073097767c2ac153ab834cbcf0121cb765118
 2004-07-20 12:05:00 +00:00
Matt Johnston
09b50641ff merge of abac2150ee4f4031a98016241fbd136d24fed127 
and ffa047425729e478a5b49b1ab0f8ec71c08a1421

--HG--
extra : convert_revision : e9b7d4eda64d70aff736f48cc8dea680b153139b
 2004-06-23 07:14:16 +00:00
Matt Johnston
674a607488 Makefile.in contains updated files required 
--HG--
extra : convert_revision : cc8a8c49dc70e632c352853a39801089b08149be
 2004-06-01 02:46:09 +00:00