ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-02-12 07:25:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
671 Commits 5 Branches 63 Tags 14 MiB
79a307bca2
Commit Graph

671 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Matt Johnston
024d268d8c Make hmac-sha2-256 and hmac-sha2-512 work 2013-03-21 22:55:12 +08:00
Matt Johnston
eaa737fecd Make sure "struct timeval" is initialised on OS X to avoid valgrind warnings 2013-03-21 21:23:34 +08:00
Matt Johnston
845ad0be39 Fix "-c none" so that it allows aes during authentication 
Default for options.h shouldn't allow "none"
 2013-03-20 23:52:49 +08:00
Matt Johnston
2259ce4cdf Fix "-m none" case and ugly typo 2013-03-20 23:13:45 +08:00
Matt Johnston
34f9b2a8f7 Fix "-m none" case where an entire packet fits in a block and can be 
read by read_packet_init()
 2013-03-20 23:13:19 +08:00
Matt Johnston
d37dcc636f Merge "none" cipher/MAC branch. Also adds sha256 and sha512 2013-03-20 22:41:07 +08:00
Matt Johnston
804a1e69f2 use an empty writebuf rather than a NULL one 2013-03-20 22:31:07 +08:00
Matt Johnston
f7b1222073 document a few more changes 2013-03-20 00:05:19 +08:00
Matt Johnston
4fd4fbc255 Fix memory leak when direct TCP connections time out on connection. 
Long-standing bug probably stemming from the awkwardly named
delete_channel() versus remove_channel()
 2013-03-19 23:54:32 +08:00
Matt Johnston
8393c5f016 Allow specifying server "-p" options with ipv6 bracket notation, 
patch from Ben Jencks
 2013-03-19 20:55:11 +08:00
Matt Johnston
5ff341206e Android returns NULL for pw_crypt, set it to something else 2013-03-19 20:15:44 +08:00
Matt Johnston
da59afe798 ignore I_PUSH if it isn't defined, for Android from Reimar Döffinger 2013-03-19 20:12:19 +08:00
Matt Johnston
6270ed2f8a Fix compat basename() to handle paths with no slashes. Thanks to Frank Teo 2013-03-19 20:04:55 +08:00
Matt Johnston
80e77b5e6d Include /proc/vmstat as another random source 2013-03-19 19:47:29 +08:00
Matt Johnston
58c7d4474c link to Dropbear webpage 2013-03-19 19:43:47 +08:00
Matt Johnston
3af964304f Removed tag t:ltc-0.95-db-merge1 2013-03-19 19:26:54 +08:00
Matt Johnston
4289324c4b Removed tag t:ltc-0.95-orig 2013-03-19 19:26:46 +08:00
Matt Johnston
9f3c817491 fix signedness error in prototype 2013-03-11 23:07:45 +08:00
Matt Johnston
a9cf0ca25f improve subsystem/sftp documentation, and multi-hop manual formatting 2013-03-03 11:47:41 +08:00
Matt Johnston
72a5612a29 fix typo 2013-02-24 00:16:02 +08:00
Matt Johnston
d7f2153631 DSS_PROTOK is not necessary now that private keys are included 
in the random generation input
 2013-02-23 17:55:46 +08:00
Matt Johnston
26b07ccafc add loadavg and entropy_avail as sources 2013-02-23 10:27:49 +08:00
Paul Eggleton
1205fa68df Allow configuring "allow blank password option" at runtime 
Changes this from a compile-time switch to a command-line option.

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
 2013-02-12 15:52:57 +00:00
Matt Johnston
f5be0fb218 Some changes since 2012.55 2013-02-22 23:54:47 +08:00
Matt Johnston
88fc38c8f0 Document "-m" and "-c" 
Update URLs with https
 2013-02-22 23:53:49 +08:00
Matt Johnston
545de7a3a1 /dev/random blocks on busy servers too. 2012-07-19 21:34:27 +08:00
Matt Johnston
6ba2b2b384 Add a few more files in /proc for Linux 2012-06-30 22:12:28 +08:00
Matt Johnston
d5ccc32b4d Improve RNG seeding. 
Try to read from /dev/urandom multiple times, take input from extra sources,
and use /dev/random when generating private keys
 2012-06-29 23:19:43 +08:00
Matt Johnston
e719a9ef6f - Only request "none" cipher after auth has succeeded 
--HG--
branch : insecure-nocrypto
 2012-05-17 20:52:57 +08:00
Matt Johnston
a02d38072a Add ALLOW_NONE_PASSWORD_AUTH option 
--HG--
branch : insecure-nocrypto
 2012-05-17 08:33:11 +08:00
Matt Johnston
f2cd610750 Merge in "-m"/"-c" code 
--HG--
branch : insecure-nocrypto
 2012-05-17 08:09:19 +08:00
Matt Johnston
db34044c7f ENABLE_USER_ALGO_LIST should work for the client 2012-05-17 00:26:12 +08:00
Matt Johnston
036edd6206 Add rough support for choosing ciphers/hashes with "-c" or "-m" 2012-05-17 00:12:42 +08:00
Matt Johnston
f40ed8bad7 Update insecure-nocrypto to current head 
--HG--
branch : insecure-nocrypto
 2012-05-16 22:54:51 +08:00
Matt Johnston
41f50057f1 Disable SHA256 and SHA512 by default in options.h 
--HG--
branch : sha2
 2012-05-16 21:56:50 +08:00
Matt Johnston
c62e53807f - Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be 
getting keyed incorrectly

--HG--
branch : sha2
 2012-05-10 08:38:37 +08:00
Matt Johnston
10d7a35841 Don't TRACE() the pw_passwd 2012-05-09 22:52:58 +08:00
Matt Johnston
6b4105ffe6 Fix empty password immediate login 2012-05-09 22:51:59 +08:00
Matt Johnston
2713445e91 Return immediate success for blank passwords if allowed 2012-05-09 22:37:04 +08:00
Matt Johnston
1984aabc95 Server shouldn't return "localhost" in response to -R forward connections 
if that wasn't what the client requested.
 2012-05-09 21:09:34 +08:00
Matt Johnston
f4c4ca64a8 Initialise agent_fd to -1 so we don't end up closing stdin (fd 0) 
if public key authentication is disabled
 2012-05-09 20:34:55 +08:00
Matt Johnston
2a02c4084a - Don't sent SSH_MSG_UNIMPLEMENTED if we don't have ENABLE_SVR_REMOTETCPFWD 
- Fix build if ENABLE_SVR_REMOTETCPFWD is disabled but ENABLE_SVR_LOCALTCPFWD
  is enabled
 2012-05-09 20:33:16 +08:00
Matt Johnston
e242b2820c Ignore -q if SCP_PROGRESS isn't set 2012-04-24 22:05:55 +08:00
Matt Johnston
6467b8d903 Split listening port argument at the rightmost colon, allows binding to 
specific IPv6 addresses.

From OpenWRT,
https://dev.openwrt.org/browser/trunk/package/dropbear/patches/300-ipv6_addr_port_split.patch
 2012-04-12 22:04:16 +08:00
Matt Johnston
3e2b6a1821 Improve comment about sha1-96 2012-04-12 21:57:30 +08:00
Matt Johnston
4d009daaa0 Slight formatting change for ENABLE_CLI_AGENTFWD if statement 2012-04-09 21:29:41 +08:00
Andrey Mazo
d4a14fcb3d Fixed compilation with unset ENABLE_{SVR,CLI}_AGENTFWD. 
Got rid of ENABLE_AGENTFWD macro.
 2012-03-26 16:17:16 +04:00
Matt Johnston
49b79fa02d Rename HAVE_FORK to USE_VFORK 
It makes it a bit more obvious why there's a test there since HAVE_FORK
is the normal case.
 2012-04-09 20:35:13 +08:00
Mike Frysinger
c957edbe75 check for fork() and not __uClinux__ 2012-04-08 01:50:52 -04:00
Mike Frysinger
33ae2be52e fix out-of-tree cleaning 
If we build out of tree and then run `make clean`, we hit an
infinite loop where libtommath tries to enter subdirs that don't
exist and run `make clean`.
 2012-04-08 02:06:54 -04:00