ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-02-07 13:21:15 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,553 Commits 5 Branches 63 Tags 14 MiB
846b8cdbf7
Commit Graph

1553 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Matt Johnston
846b8cdbf7 Remove unused DEBUG_FORKGPROF 2020-05-29 23:32:19 +08:00
Vladislav Grishenko
b0243b0e7b
Fix ChaCha20 on 32-bit platforms (#99) 
* Fix ChaCha20 on 32-bit platforms

On 32-bit platforms with old compiler STORE64H() parameter is
not auto-expanded to 64-bit value, causing wrong IV data.
Spotted on BCM4706 MIPS32r2 with GCC 4.2.4:
	Exit before auth: Integrity error (bad packet size 2065808956)

* Fix Chacha20-Poly1305 and AES-GCM debug messages

Functions were renamed earlier and trace messages - not.
 2020-05-29 21:26:22 +08:00
Matt Johnston
4faf06aae7 Don't warn when SO_PRIORITY fails 2020-05-28 23:26:34 +08:00
Matt Johnston
07d46f9907 Fix typo DROPBEAR_NORMAL_DH 2020-05-28 23:23:54 +08:00
Vladislav Grishenko
413eaf1ba1
Allow DH to be completely disabled (#97) 
Reduces binary size by ~2kB by default and by 21kB with no other
libtommath functions users, ex. with curve25519 kex and ed25519
key only.
 2020-05-28 23:01:48 +08:00
Matt Johnston
3b359050b4 Fix warning for unused prngd branch 2020-05-28 23:01:15 +08:00
Matt Johnston
a015cc7594 Fix indentation and add braces 2020-05-28 22:55:49 +08:00
Matt Johnston
dc12be0cfe merge 2020-05-28 22:52:01 +08:00
Matt Johnston
89e98a2f83 Use Linux getrandom() to ensure random device is initialised 
Remove old code warning about random device being not ready,
/dev/random isn't used by default anyway.
 2020-05-28 22:50:41 +08:00
Matt Johnston
5027bc4db1 set up early logging name 2020-05-28 22:02:33 +08:00
Matt Johnston
630f6aa6b9 initialise variable to stop warning 2020-05-28 22:02:03 +08:00
Matt Johnston
8048473eb9 Avoid oss-fuzz $SANITIZER causing wrong build 
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22608
 2020-05-27 20:33:45 +08:00
Matt Johnston
4216c984ae Mention libtom version requirements, check for poly1305 in libtomcrypt 2020-05-27 00:05:15 +08:00
Matt Johnston
6abf756e51 Bring back -Werror and improve travis tests 2020-05-26 23:53:50 +08:00
Steffen Jaeckel
b4bd23b4d2
Update LibTomMath to 1.2.0 (#84) 
* update C files

* update other files

* update headers

* update makefiles

* remove mp_set/get_double()

* use ltm 1.2.0 API

* update ltm_desc

* use bundled tommath if system-tommath is too old

* XMALLOC etc. were changed to MP_MALLOC etc.
 2020-05-26 23:36:47 +08:00
Matt Johnston
724e61f8ae try rearrange travis build matrix 2020-05-26 23:27:26 +08:00
Matt Johnston
49667a82de .travis.yml needs spaces not tabs 2020-05-26 23:16:11 +08:00
Matt Johnston
a57114e7fa update travis to Ubuntu focal to provide chacha20 2020-05-26 23:13:48 +08:00
Matt Johnston
cfe90bc6bd Fix untested rsa-sha256 change to fuzzer-verify 2020-05-26 23:13:23 +08:00
Matt Johnston
0aefec6c89 Make "dbclient -m help -c help" work 2020-05-26 20:15:39 +08:00
Matt Johnston
6a3bc73a78 fix typo 2020-05-26 20:15:00 +08:00
Matt Johnston
73aa4f0de9 Get rid of unused "none" cipher option 2020-05-26 20:05:31 +08:00
Matt Johnston
9e25854b41 cast to fix warning 2020-05-26 19:57:28 +08:00
Matt Johnston
d277f140ba merge rsa-sha256 2020-05-26 00:24:02 +08:00
Vladislav Grishenko
61267f8503
CBC mode cleanup (#95) 
* Fix CBC mode can't be fully disabled

* Fix CBC mode can't be the only mode
 2020-05-25 23:55:13 +08:00
Vladislav Grishenko
d3d0d60076
Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93) 
* Add Chacha20-Poly1305 authenticated encryption

* Add general AEAD approach.
* Add chacha20-poly1305@openssh.com algo using LibTomCrypt chacha and
  poly1305 routines.

Chacha20-Poly1305 is generally faster than AES256 on CPU w/o dedicated
AES instructions, having the same key size.
Compiling in will add ~5,5kB to binary size on x86-64.

function                                             old     new   delta
chacha_crypt                                           -    1397   +1397
_poly1305_block                                        -     608    +608
poly1305_done                                          -     595    +595
dropbear_chachapoly_crypt                              -     457    +457
.rodata                                            26976   27392    +416
poly1305_process                                       -     290    +290
poly1305_init                                          -     221    +221
chacha_setup                                           -     218    +218
encrypt_packet                                      1068    1270    +202
dropbear_chachapoly_getlength                          -     147    +147
decrypt_packet                                       756     897    +141
chacha_ivctr64                                         -     137    +137
read_packet                                          543     637     +94
dropbear_chachapoly_start                              -      94     +94
read_kex_algos                                       792     880     +88
chacha_keystream                                       -      69     +69
dropbear_mode_chachapoly                               -      48     +48
sshciphers                                           280     320     +40
dropbear_mode_none                                    24      48     +24
dropbear_mode_ctr                                     24      48     +24
dropbear_mode_cbc                                     24      48     +24
dropbear_chachapoly_mac                                -      24     +24
dropbear_chachapoly                                    -      24     +24
gen_new_keys                                         848     854      +6
------------------------------------------------------------------------------
(add/remove: 14/0 grow/shrink: 10/0 up/down: 5388/0)         Total: 5388 bytes

* Add AES128-GCM and AES256-GCM authenticated encryption

* Add general AES-GCM mode.
* Add aes128-gcm@openssh.com and aes256-gcm@openssh.com algo using
  LibTomCrypt gcm routines.

AES-GCM is combination of AES CTR mode and GHASH, slower than AES-CTR on
CPU w/o dedicated AES/GHASH instructions therefore disabled by default.
Compiling in will add ~6kB to binary size on x86-64.

function                                             old     new   delta
gcm_process                                            -    1060   +1060
.rodata                                            26976   27808    +832
gcm_gf_mult                                            -     820    +820
gcm_add_aad                                            -     660    +660
gcm_shift_table                                        -     512    +512
gcm_done                                               -     471    +471
gcm_add_iv                                             -     384    +384
gcm_init                                               -     347    +347
dropbear_gcm_crypt                                     -     309    +309
encrypt_packet                                      1068    1270    +202
decrypt_packet                                       756     897    +141
gcm_reset                                              -     118    +118
read_packet                                          543     637     +94
read_kex_algos                                       792     880     +88
sshciphers                                           280     360     +80
gcm_mult_h                                             -      80     +80
dropbear_gcm_start                                     -      62     +62
dropbear_mode_gcm                                      -      48     +48
dropbear_mode_none                                    24      48     +24
dropbear_mode_ctr                                     24      48     +24
dropbear_mode_cbc                                     24      48     +24
dropbear_ghash                                         -      24     +24
dropbear_gcm_getlength                                 -      24     +24
gen_new_keys                                         848     854      +6
------------------------------------------------------------------------------
(add/remove: 14/0 grow/shrink: 10/0 up/down: 6434/0)         Total: 6434 bytes
 2020-05-25 23:50:25 +08:00
Vladislav Grishenko
91e537e427
Mention Ed25519 in dropbearkey man (#94) 2020-05-25 21:28:27 +08:00
jcmathews
fb9a78c3ee
Add files via upload (#90) 
When SSHKeepAlive is enabled, dropbear idletimeout is not working as expected.
 2020-05-25 21:02:59 +08:00
Haelwenn Monnier
8f8a3dff70
scp.c: Port OpenSSH CVE-2018-20685 fix (#80) 2020-05-25 20:54:29 +08:00
Matt Johnston
c917807b1c rsa-sha256 for ssh-agent 2020-05-25 20:23:02 +08:00
Matt Johnston
701d43b859 send and handle SSH_MSG_EXT_INFO only at the correct point 
- other fixes for rsa pubkey auth
- only include ext-info handling when rsa pubkey auth is compiled
 2020-05-24 14:16:58 +08:00
Matt Johnston
79bedc90a1 run linter 2020-05-24 13:34:19 +08:00
Matt Johnston
545cc62671 Add linter for #ifdef 2020-05-24 13:15:24 +08:00
Matt Johnston
331d4a714f Make server send SSH_MSG_EXT_INFO 
Ensure that only valid hostkey algorithms are sent in the first kex guess
 2020-05-21 23:00:22 +08:00
Matt Johnston
2a81289ed3 Make DEBUG_NOFORK a #if not #ifdef 2020-05-21 22:58:56 +08:00
Matt Johnston
5acee497bf ext-info handling for server-sig-algs 
only client side is handled
 2020-05-19 00:31:41 +08:00
Matt Johnston
972d723484 split signkey_type and signature_type for RSA sha1 vs sha256 2020-05-17 23:58:31 +08:00
Matt Johnston
7dc2f36c3e use sigtype where appropriate 2020-04-06 23:18:26 +08:00
Alexander Dahl
90cfbe1f7a When explicitly passing --disable-fuzz to ./configure fuzz was actually 
enabled.

Signed-off-by: Alexander Dahl <ada@thorsis.com>
 2020-03-27 23:23:11 +08:00
Alexander Dahl
b681570899 Update remaining advise to edit options.h 
You should edit localoptions.h instead.
 2020-03-10 15:38:38 +01:00
Matt Johnston
201e359363 Handle early exit when addrstring isn't set 2020-03-18 23:37:45 +08:00
Kevin Darbyshire-Bryant
fa4c4646d8
Improve address logging on early exit messages (#83) 
Change 'Early exit' and 'Exit before auth' messages to include the IP
address & port as part of the message.

This allows log scanning utilities such as 'fail2ban' to obtain the
offending IP address as part of the failure event instead of extracting
the PID from the message and then scanning the log again for match
'child connection from' messages

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
 2020-03-18 23:28:56 +08:00
Matt Johnston
6f6aa9db5a merge 2020-03-14 23:33:30 +08:00
Matt Johnston
e35d0784a8 Set SSH_ORIGINAL_COMMAND for "dropbear -c" too, fix build without 
DROPBEAR_SVR_PUBKEY_OPTIONS
 2020-03-14 23:28:18 +08:00
Matt Johnston
cc6fa57a41 Don't log authorized_keys command= every time 2020-03-14 23:26:37 +08:00
Matt Robinson
a26ad21c0a
Fallback for key gen without hard link support (#89) 
Add a non-atomic fallback for key generation on platforms where link()
is not permitted (such as most stock Android installs) or on filesystems
without hard link support (such as FAT).
 2020-03-14 22:37:35 +08:00
zciendor
002b79e2f9
MOTD enabled by default as the manpage says (#87) 
The man page (https://github.com/mkj/dropbear/blob/master/dropbear.8) says MOTD will be printed by default for any login shell, but it was disabled at compile time. Probably happened by accident when this code was moved from `options.h` to `default_options.h`.
 2020-03-14 22:21:01 +08:00
Vladislav Grishenko
3d12521735
Add Ed25519 support (#91) 
* Add support for Ed25519 as a public key type

Ed25519 is a elliptic curve signature scheme that offers
better security than ECDSA and DSA and good performance. It may be
used for both user and host keys.

OpenSSH key import and fuzzer are not supported yet.

Initially inspired by Peter Szabo.

* Add curve25519 and ed25519 fuzzers

* Add import and export of Ed25519 keys
 2020-03-12 00:09:45 +08:00
Matt Johnston
b2007beeb0 bring back fsync_parent_dir 2019-10-18 23:48:16 +08:00
Matt Johnston
8f123fb618 Bring back Dropbear patch to avoid setting AR/LD/RANLIB in LTM 2019-09-17 22:26:03 +08:00