ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-02-01 11:26:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,458 Commits 5 Branches 63 Tags 14 MiB
76933e6c0a
Commit Graph

64 Commits

Author SHA1 Message Date
Matt Johnston
78e17f6ee9 merge from main 
--HG--
branch : fuzz
 2018-02-28 22:11:39 +08:00
Matt Johnston
5ebc48b3f2 clean some fuzzing conditionals 
--HG--
branch : fuzz
 2018-02-28 22:10:43 +08:00
François Perrad
7f8702d3d6 fix #endif (#59) 2018-02-28 22:10:14 +08:00
Matt Johnston
c658b275fd - #if not #ifdef for DROPBEAR_FUZZ 
- fix some unused variables

--HG--
branch : fuzz
 2018-02-28 21:40:08 +08:00
Matt Johnston
9bbce01e1b merge from main 
--HG--
branch : fuzz
 2018-02-28 21:28:59 +08:00
Matt Johnston
6eabc0fe87 add guard HAVE_GETGROUPLIST 2018-02-27 21:49:10 +08:00
Matt Johnston
5df73215f8 merge from main 
--HG--
branch : fuzz
 2018-02-26 22:44:48 +08:00
Matt Johnston
7435369615 - Don't try to handle changed usernames 
- Avoid logging repeated failed username messages
 2018-02-26 22:07:18 +08:00
François Perrad
2e836bb553 more linting (#58) 
* const parameter

* fix indentation
 2018-02-26 21:31:15 +08:00
Matt Johnston
36ccfd21e7 Fix restricted group code for BSDs, move to separate function 2018-02-26 21:17:13 +08:00
stellarpower
d17dedfa4f Added the -G option to allow logins only for users that are members of a certain group. This allows finer control of an instance on who can and cannot login over a certain instance (e.g. password and not key). Needs double-checking and ensuring it meets platform requirements. 2018-02-20 02:11:55 +00:00
Matt Johnston
7e8094d53a merge from main 
--HG--
branch : fuzz
 2018-02-17 19:29:51 +08:00
Matt Johnston
597f7eb5e9 merge up to date 
--HG--
branch : fuzz
 2018-01-23 22:46:07 +08:00
Francois Perrad
89e64c631e Pointer parameter could be declared as pointing to const 2017-08-19 17:16:13 +02:00
Matt Johnston
4b7105dfea fix DROBPEAR_FUZZ auth delay 
--HG--
branch : fuzz
 2017-06-30 21:10:57 +08:00
Kevin Darbyshire-Bryant
e255101299 dropbear server: support -T max auth tries 
Add support for '-T n' for a run-time specification for maximum number
of authentication attempts where 'n' is between 1 and compile time
option MAX_AUTH_TRIES.

A default number of tries can be specified at compile time using
'DEFAULT_AUTH_TRIES' which itself defaults to MAX_AUTH_TRIES for
backwards compatibility.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
 2017-06-25 11:53:58 +01:00
Matt Johnston
4dae8edb76 merge main to fuzz 
--HG--
branch : fuzz
 2017-05-18 23:45:10 +08:00
Matt Johnston
fb719e3d0b fuzz harness 
--HG--
branch : fuzz
 2017-05-13 22:50:54 +08:00
Matt Johnston
9f24cdf74c copy over some fuzzing code from AFL branch 
--HG--
branch : fuzz
 2017-05-12 23:14:54 +08:00
Matt Johnston
32a28d0d9c Convert #ifdef to #if, other build changes 2016-05-04 15:33:40 +02:00
Francois Perrad
3e20c442de fix empty C prototypes 2016-03-16 22:41:20 +08:00
Matt Johnston
ce59260ee9 Fix problem where auth timeout wasn't checked when waiting for ident 2015-08-03 21:59:40 +08:00
Matt Johnston
1a4db21fe4 buf_getstring and buf_putstring now use non-unsigned char* 2015-06-04 23:08:50 +08:00
Gaël PORTAY
d680a9e3fb Turn username, servicename and methodname local variables into char * 
Changing checkusername()'s username argument into char * as well.
 2015-05-05 20:39:13 +02:00
Gaël PORTAY
224b16b247 Fix pointer differ in signess warnings [-Werror=pointer-sign] 2015-05-05 20:39:13 +02:00
Matt Johnston
f1826ea389 Fix auth timeout regression 2014-07-09 22:02:22 +08:00
Matt Johnston
cbe63bbabe rename random.h to dbrandom.h since some OSes have a system random.h 
--HG--
rename : random.c => dbrandom.c
rename : random.h => dbrandom.h
 2013-11-14 22:05:47 +08:00
Matt Johnston
e60a84d0ed Various cleanups and fixes for warnings 
--HG--
branch : ecc
 2013-11-12 23:02:32 +08:00
Matt Johnston
45bd0edae5 Merge in changes from the past couple of releases 
--HG--
branch : ecc
 2013-10-18 21:38:01 +08:00
Matt Johnston
142a0f8a83 Send PAM error messages as a banner messages 
Patch from Martin Donnelly, modified.
 2013-10-03 23:04:11 +08:00
Matt Johnston
f7ba7444e8 improve auth failure delays to avoid indicating which users exist 2013-05-26 18:39:24 +08:00
Matt Johnston
04518e9e80 merge in HEAD 
--HG--
branch : ecc
 2013-05-21 12:09:35 +08:00
Matt Johnston
54a76342f5 If running as non-root only allow that user to log in 2013-04-17 22:29:18 +08:00
Matt Johnston
c797c1750c - Fix various hardcoded uses of SHA1 
- rename curves to nistp256 etc
- fix svr-auth.c TRACE problem

--HG--
branch : ecc
 2013-04-08 00:10:57 +08:00
Matt Johnston
c6bdc810ab ecc kind of works, needs fixing/testing 
--HG--
branch : ecc
 2013-04-07 01:36:42 +08:00
Paul Eggleton
1205fa68df Allow configuring "allow blank password option" at runtime 
Changes this from a compile-time switch to a command-line option.

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
 2013-02-12 15:52:57 +00:00
Matt Johnston
10d7a35841 Don't TRACE() the pw_passwd 2012-05-09 22:52:58 +08:00
Matt Johnston
6b4105ffe6 Fix empty password immediate login 2012-05-09 22:51:59 +08:00
Matt Johnston
2713445e91 Return immediate success for blank passwords if allowed 2012-05-09 22:37:04 +08:00
Matt Johnston
29e68e9d79 - Add ALLOW_BLANK_PASSWORD option 
- Don't reject blank-password logins via public key

--HG--
extra : convert_revision : 2d4bb3ecb013a7be47a7b470fc6b23e653a43dfb
 2011-10-26 15:49:47 +00:00
Matt Johnston
38ed870ffe Improve capitalisation for all logged strings 
--HG--
extra : convert_revision : 997e53cec7a9efb7413ac6e17b6be60a5597bd2e
 2011-02-23 15:50:30 +00:00
Matt Johnston
52551cb771 - Test for pam_fail_delay() function in configure 
- Recognise "username:" as a PAM prompt
- Add some randomness to the auth-failure delay
- Fix wrongly committed options.h/debug.h

--HG--
extra : convert_revision : f242f0e66fb0ea5d3b374995d2f548d37dd8f3a3
 2009-09-08 14:53:53 +00:00
Matt Johnston
049fcf1ac5 Add support for zlib@openssh.com delayed compression. 
Are still advertising 'zlib' for the server, need to allow
delayed-only as an option

--HG--
extra : convert_revision : 319df675cc3c9b35a10b7d8357c94f33fdab1a46
 2008-09-29 02:23:04 +00:00
Matt Johnston
e44aa503f0 - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. 
--HG--
extra : convert_revision : 45069dd007ebf414330e0a7abf4fb7e0727049c3
 2008-09-15 14:40:30 +00:00
Matt Johnston
f90f64b5c1 fill_passwd() doesn't have a return value 
--HG--
extra : convert_revision : ee6ec7346a5b4e7330f462ec9e4815f73038e8d0
 2008-07-12 17:00:30 +00:00
Matt Johnston
bb0548b3b0 Make a copy of passwd fields since getpwnam()'s retval isn't safe to keep 
--HG--
extra : convert_revision : 295b11312e327fe6c4f33512674ea4a1a9790344
 2008-01-13 03:55:59 +00:00
Matt Johnston
75ec4d6510 - Add -K keepalive flag for dropbear and dbclient 
- Try to reduce the frequency of select() timeouts
- Add a max receive window size of 1MB

--HG--
extra : convert_revision : 9aa22036cb511cddb35fbc0e09ad05acb39b64d1
 2007-08-08 15:12:06 +00:00
Matt Johnston
1e03393b68 Some cleanups/fixes for various TRACE statements 
--HG--
extra : convert_revision : 84eb6fedc6df0666f8053b9018bf16635dbfb257
 2006-03-25 12:57:37 +00:00
Matt Johnston
8c1a429c44 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place 
--HG--
extra : convert_revision : d928bc851e32be7bd429bf7504b148c0e4bf7e2f
 2005-01-02 20:25:56 +00:00
Matt Johnston
9d43183704 Log the IP along with auth success/fail attempts 
--HG--
extra : convert_revision : 25eab43bd46e931fd4afecec49c22b9311062099
 2004-12-23 17:00:15 +00:00