keysizes >= 128 octets will be encoded with a 3 byte header
which must be accounted by the optional-header
Reproduce:
master:~/build/dropbear$ ./dropbearkey -t ecdsa -s 521 -f K
Generating 521 bit ecdsa key, this may take a while...
master:~/build/dropbear$ ./dropbearconvert d o K L
Key is a ecdsa-sha2-nistp521 key
Wrote key to 'L'
master:~/build/dropbear$ openssl ec < L
read EC key
unable to load Key
139769806448384:error:0D07209B:asn1 encoding routines:ASN1_get_object:too long:crypto/asn1/asn1_lib.c:91:
* tweak string size
fix gcc8 warnings
```
svr-agentfwd.c: In function 'bindagent':
svr-agentfwd.c:254:53: warning: '%s' directive output may be truncated writing up to 107 bytes into a region of size between 0 and 107 [-Wformat-truncation=]
snprintf(addr.sun_path, sizeof(addr.sun_path), "%s/%s", path, sockfile);
^~ ~~~~~~~~
svr-agentfwd.c:254:2: note: 'snprintf' output between 2 and 216 bytes into a destination of size 108
snprintf(addr.sun_path, sizeof(addr.sun_path), "%s/%s", path, sockfile);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
```
* cleanup signed/unsigned comparison
fix gcc8 warnings
```
scp.c: In function 'do_local_cmd':
scp.c:132:17: warning: comparison of integer expressions of different signedness: 'u_int' {aka 'unsigned int'} and 'int' [-Wsign-compare]
for (i = 0; i < a->num; i++)
^
scpmisc.c: In function 'addargs':
scpmisc.c:161:25: warning: comparison of integer expressions of different signedness: 'int' and 'u_int' {aka 'unsigned int'} [-Wsign-compare]
} else if (args->num+2 >= nalloc)
^~
scpmisc.c: In function 'replacearg':
scpmisc.c:183:12: warning: comparison of integer expressions of different signedness: 'u_int' {aka 'unsigned int'} and 'int' [-Wsign-compare]
if (which >= args->num)
^~
scpmisc.c: In function 'freeargs':
scpmisc.c:196:17: warning: comparison of integer expressions of different signedness: 'u_int' {aka 'unsigned int'} and 'int' [-Wsign-compare]
for (i = 0; i < args->num; i++)
^
```
see https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/misc.h.diff?r1=1.16&r2=1.17
This commit introduces fix for scenario:
1. Root login disabled on dropbear
2. PAM authentication model enabled
While login as root user, after prompt for password
user is being notified about login failrue, but
after second attempt of prompt for password within
same session, login becames succesfull.
Signed-off-by: Pawel Rapkiewicz <pawel.rapkiewicz@gmail.com>
