ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-01-31 02:46:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,868 Commits 5 Branches 63 Tags 14 MiB
bd94cb712c
Commit Graph

76 Commits

Author SHA1 Message Date
Matt Johnston
54a90ddac5 Add LTM_CFLAGS configure argument 2022-11-10 17:39:27 +08:00
Matt Johnston
80fa169cb9 Move ./configure CFLAGS to the end of the list 
This allows overriding configure-script provided arguments
such as -Wundef with the user provided CFLAGS
 2022-11-10 11:08:26 +08:00
Matt Johnston
963b9eafaa Add -Wundef and fix missing definitions 2022-11-10 10:19:12 +08:00
Matt Johnston
72d8cae7a4 Test linking for hardening options 
Some options depend on correct library support.
 2022-04-26 22:04:38 +08:00
Matt Johnston
c7b7c9a99d Add re-exec for server 
This allows ASLR to re-randomize the address
space for every connection, preventing some
vulnerabilities from being exploitable by
repeated probing.

Overhead (memory and time) is yet to be confirmed.

At present this is only enabled on Linux. Other BSD platforms
with fexecve() would probably also work though have not been tested.
 2022-01-30 10:14:56 +08:00
Matt Johnston
bcb9d78d83 Add configure --enable-werror argument 
This should be used instead of putting -Werror in CFLAGS
before configure, as -Werror interferes with conftests.

Update github actions to use that.
 2021-10-19 12:16:20 +08:00
Matt Johnston
8b0d31ab20 Add "make test" target to run pytest 
This will create a virtualenv if required.

There is a bit of churn here reverting to autoconf 2.59 in generated
config.h.in and configure
 2021-10-18 14:24:32 +08:00
Matt Johnston
1bf7acc5bd Remove some obselete autoconf bits. 
Keeps autoconf 2.71 happy, though we leave the prereq version at 2.59
 2021-03-30 20:42:04 +08:00
Matt Johnston
03481aba06 Define _GNU_SOURCE properly, other header fixes 
This lets -std=c89 build for gcc 8.4.0
 2021-03-04 21:03:02 +08:00
Matt Johnston
f37def57b0 Move fuzzing code to fuzz/ subdirectory, improve Makefile.in 2020-10-23 23:10:20 +08:00
Matt Johnston
1490c0c3a6 check for poly1305_init in other libtomcrypt configure test 2020-06-23 21:47:54 +08:00
Matt Johnston
89e98a2f83 Use Linux getrandom() to ensure random device is initialised 
Remove old code warning about random device being not ready,
/dev/random isn't used by default anyway.
 2020-05-28 22:50:41 +08:00
Matt Johnston
4216c984ae Mention libtom version requirements, check for poly1305 in libtomcrypt 2020-05-27 00:05:15 +08:00
Steffen Jaeckel
b4bd23b4d2
Update LibTomMath to 1.2.0 (#84) 
* update C files

* update other files

* update headers

* update makefiles

* remove mp_set/get_double()

* use ltm 1.2.0 API

* update ltm_desc

* use bundled tommath if system-tommath is too old

* XMALLOC etc. were changed to MP_MALLOC etc.
 2020-05-26 23:36:47 +08:00
Alexander Dahl
90cfbe1f7a When explicitly passing --disable-fuzz to ./configure fuzz was actually 
enabled.

Signed-off-by: Alexander Dahl <ada@thorsis.com>
 2020-03-27 23:23:11 +08:00
Alexander Dahl
b681570899 Update remaining advise to edit options.h 
You should edit localoptions.h instead.
 2020-03-10 15:38:38 +01:00
Matt Johnston
fa116e983b Rename EPKA -> Plugin 2019-05-15 21:59:45 +08:00
fabriziobertocci
8c6aaf8d36 External Public-Key Authentication API (#72) 
* Implemented dynamic loading of an external plug-in shared library to delegate public key authentication

* Moved conditional compilation of the plugin infrastructure into the configure.ac script to be able to add -ldl to dropbear build only when the flag is enabled

* Added tags file to the ignore list

* Updated API to have the constructor to return function pointers in the pliugin instance. Added support for passing user name to the checkpubkey function. Added options to the session returned by the plugin and have dropbear to parse and process them

* Added -rdynamic to the linker flags when EPKA is enabled

* Changed the API to pass a previously created session to the checkPubKey function (created during preauth)

* Added documentation to the API

* Added parameter addrstring to plugin creation function

* Modified the API to retrieve the auth options. Instead of having them as field of the EPKASession struct, they are stored internally (plugin-dependent) in the plugin/session and retrieved through a pointer to a function (in the session)

* Changed option string to be a simple char * instead of unsigned char *
 2019-05-15 21:43:57 +08:00
Matt Johnston
7e03e4d443 Remove incorrect _POSIX_C_SOURCE 2018-11-06 07:25:53 +08:00
Matt Johnston
02ffdd09dc - Add adaptive authentication failure delay 
- Rework monotonic_now/gettime_wrapper and use clock_gettime on more platforms
 2018-11-05 23:36:34 +08:00
Matt Johnston
1e1e477d85 set up CXX for fuzzing build 2018-03-04 17:08:21 +08:00
Matt Johnston
8d0b48f165 Fix CFLAGS for configure 2018-03-03 10:10:16 +08:00
Matt Johnston
a0ab5e86b5 more portable for which hg test 2018-02-28 23:42:57 +08:00
Matt Johnston
5f2447edbb Fix to be able to compile normal(ish) binaries with --enable-fuzz 
--HG--
branch : fuzz
 2018-02-28 22:02:12 +08:00
Matt Johnston
c658b275fd - #if not #ifdef for DROPBEAR_FUZZ 
- fix some unused variables

--HG--
branch : fuzz
 2018-02-28 21:40:08 +08:00
Matt Johnston
9bbce01e1b merge from main 
--HG--
branch : fuzz
 2018-02-28 21:28:59 +08:00
Matt Johnston
bf6f04cbe6 Remove unused tests for headers and functions 2018-02-27 21:41:56 +08:00
Matt Johnston
573838a027 print hg revid 
--HG--
branch : fuzz
 2018-02-21 21:59:52 +08:00
Matt Johnston
7e8094d53a merge from main 
--HG--
branch : fuzz
 2018-02-17 19:29:51 +08:00
Loganaden Velvindron
017e2f07a7 Add Spectre v2 mitigations for GCC (#54) 2018-02-16 23:35:32 +08:00
Michael Witten
ad9db51434 build: Remove unused constructs: space' and AC_PROG_MAKE_SET' 
The makefile variable `space' is never used.

The autoconf output variable `SET_MAKE' is never used, so the
autoconf macro `AC_PROG_MAKE_SET' has been removed.
 2018-02-11 23:43:19 +08:00
Matt Johnston
d7e12aadbe generate list of libtomcrypt directories automatically 2018-02-09 23:33:41 +08:00
Matt Johnston
debb208553 Test for -Wno-pointer-sign, move CFLAGS tests into a macro 2018-02-08 22:21:47 +08:00
Matt Johnston
3d61b6eab6 Merge pull request #48 from DengkeDu/dengke/configure-add-variable-to-allow-openpty-check-cached 
configure: add a variable to allow openpty check to be cached
 2018-01-25 21:58:00 +08:00
Matt Johnston
597f7eb5e9 merge up to date 
--HG--
branch : fuzz
 2018-01-23 22:46:07 +08:00
Matt Johnston
ba23b823dc fix updates to libtomcrypt/libtommath for out of tree builds 2018-01-23 22:44:18 +08:00
Eric Bénard
22037d5fba configure: add a variable to allow openpty check to be cached 
Signed-off-by: Dengke Du <dengke.du@windriver.com>
 2017-07-11 03:20:08 -04:00
Matt Johnston
785459d31b document --enable-static in place of STATIC=1 2017-06-27 22:42:32 +08:00
Matt Johnston
a9a3746d09 add --enable-static configure argument. disable conflicting harden flags 2017-06-27 22:37:46 +08:00
Matt Johnston
96382d52ab improve configure --help alignment 2017-06-27 22:18:18 +08:00
Matt Johnston
9b6f7fc9af merge from main 
--HG--
branch : fuzz
 2017-06-24 10:34:19 +08:00
Matt Johnston
5896a4941d test for -pie linker flag as well, for Linux 2017-06-24 01:01:11 +08:00
Matt Johnston
5ac4a71000 merge from main 
--HG--
branch : fuzz
 2017-06-24 00:47:07 +08:00
Matt Johnston
521e63529c set hardened compiler/linker flags by default 2017-06-24 00:42:20 +08:00
Matt Johnston
24b446705b test for linux/pkt-sched.h rather than SO_PRIORITY 2017-06-23 23:36:33 +08:00
Matt Johnston
b967dc1fa5 merge 
--HG--
branch : fuzz
 2017-06-23 21:31:49 +08:00
Matt Johnston
af2caaab72 Compile with -fno-strict-overflow if possible. 
Needed for curve25519-donna https://github.com/agl/curve25519-donna/issues/31
 2017-06-23 21:31:25 +08:00
Matt Johnston
88ce30beb6 merge from main 
--HG--
branch : fuzz
 2017-06-14 23:31:42 +08:00
Matt Johnston
7ab8f61974 Merge pull request #38 from armcc/master 
Fix libtomcrypt/libtommath linking order
 2017-06-03 09:45:55 +08:00
Matt Johnston
92c4f20089 Set configure #defines to 1. Escape some strings for m4 2017-06-02 23:35:30 +08:00