ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-02-01 19:34:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
938 Commits 5 Branches 63 Tags 14 MiB
f367273549
Commit Graph

56 Commits

Author SHA1 Message Date
Matt Johnston
f367273549 allocate buffer and data in a single allocation 
--HG--
branch : nocircbuffer
 2015-03-01 21:16:09 +08:00
Matt Johnston
579463933b A bit of a bodge to avoid memcpy if zlib is disabled 
--HG--
branch : nocircbuffer
 2015-03-01 00:57:21 +08:00
Matt Johnston
364a53577e Move generic network routines to netio.c 
--HG--
branch : fastopen
 2015-02-20 23:16:38 +08:00
Matt Johnston
76a3eb393c In theory TFO should work. Needs platform cleanup and testing 
--HG--
branch : fastopen
 2015-02-19 00:32:00 +08:00
Matt Johnston
5f0cc969a0 generalise write iovec handling 
--HG--
branch : fastopen
 2015-02-18 23:02:49 +08:00
Matt Johnston
755c1458f0 async connections working 
--HG--
branch : fastopen
 2015-02-18 22:46:15 +08:00
Matt Johnston
8795d733ec work in progress for async connect 
--HG--
branch : fastopen
 2015-02-18 00:05:27 +08:00
Fedor Brunner
7b2c42aa75 Integrity error (bad packet size %u) negative length 
When corrupted packet is received negative length of packet is
    displayed.
    (re-apply of pull request #8)
 2015-01-23 22:21:06 +08:00
Matt Johnston
628a3f5cca Test for EAGAIN too 2014-08-06 21:55:43 +08:00
Matt Johnston
c884e5000e Make -K keepalive behave like OpenSSH's ServerAliveInterval 2014-07-09 00:15:20 +08:00
Matt Johnston
2a1d28ea3a Be more careful in case a platform doesn't define UIO_MAXIOV nor IOV_MAX 2014-05-20 21:21:02 +08:00
Ronny Meeus
0e0ff51582 Limit size of the iovect passed to writev in packet.c 2014-05-20 21:18:48 +08:00
Ronny Meeus
cd700aaf6e Print errno information in write_packet 2014-05-20 20:56:59 +08:00
Matt Johnston
e767bbb41f Add new monotonic_now() wrapper so that timeouts are unaffected by 
system clock changes
 2014-03-13 23:50:09 +08:00
Yousong Zhou
5baa10a6b6 Use AUTH_TIMEOUT only before authdone != 1. 
While at it, fix a few indentations and typo.
 2014-03-13 16:28:16 +08:00
Matt Johnston
bb7934bf04 A few fixes for cases where compression increases payload sizes, and 
be more precise about maximum channel sizes
 2014-02-22 18:02:09 +08:00
Matt Johnston
cbe63bbabe rename random.h to dbrandom.h since some OSes have a system random.h 
--HG--
rename : random.c => dbrandom.c
rename : random.h => dbrandom.h
 2013-11-14 22:05:47 +08:00
Matt Johnston
de1deaf0bd use oldstyle comments 2013-11-14 22:03:30 +08:00
Matt Johnston
d1dec41f76 Constant time memcmp for the hmac and password crypt 2013-10-03 22:25:30 +08:00
Matt Johnston
49263b5314 Limit decompressed size 2013-05-08 23:23:14 +08:00
Matt Johnston
7f42096d0f Take transmit and receive keys into use separately 2013-04-04 00:18:50 +08:00
Matt Johnston
e2c813df4d Fix MAC bug which would prevent asymmetric hashes 2013-04-03 23:54:58 +08:00
Matt Johnston
90cf7f012c Move the more verbose TRACE() statements into TRACE2() 2013-04-01 00:07:26 +08:00
Matt Johnston
f6b304250b Try using writev() for writing packets out to tcp 2013-03-31 23:15:35 +08:00
Matt Johnston
34f9b2a8f7 Fix "-m none" case where an entire packet fits in a block and can be 
read by read_packet_init()
 2013-03-20 23:13:19 +08:00
Matt Johnston
2bcb60fe56 Fix case where "-K 1" would cause a SSH_MSG_IGNORE packet to be sent 
with the wrong encryption key ("bad packet length" symptom) while
key exchange was happening.

--HG--
extra : convert_revision : f7d27ec094c4aba2a4289c523c722fcb3c3f58ca
 2011-06-07 11:55:44 +00:00
Matt Johnston
d634b502cf - Don't allow setting memLevel since that doesn't work properly 
- Better handling of the case where compressing makes the data
larger (possibly only happens when memLevel is adjusted, but better
to be safe)

--HG--
extra : convert_revision : b31879a384d3bf8cbcbe2ed731d7d79d49799b1d
 2011-02-28 13:51:27 +00:00
Matt Johnston
38ed870ffe Improve capitalisation for all logged strings 
--HG--
extra : convert_revision : 997e53cec7a9efb7413ac6e17b6be60a5597bd2e
 2011-02-23 15:50:30 +00:00
Matt Johnston
642920585f Don't reset last_packet_time when we're transmitting SSH_MSG_IGNORE packets 
(from keepalives)

--HG--
extra : convert_revision : a46ca9204de0df58d8701df0d79b6b8ec601b9ce
 2011-02-23 15:10:28 +00:00
Matt Johnston
f88bed7a30 Rearrange getaddrstring() etc 
--HG--
extra : convert_revision : 8a18c4a60aeaec085923d13d98fa0f93c506ceba
 2009-09-01 16:38:26 +00:00
Matt Johnston
bcd541d65f - Payload length doesn't include macsize. 
--HG--
extra : convert_revision : 98ac17a573ab350cbd6e358b3943237d2ad5c9cf
 2009-07-26 16:11:27 +00:00
Matt Johnston
2b54d3397c Remove extraneous debugging 
--HG--
extra : convert_revision : 58d53a027555e98d6d274b4659d38211eea7ad11
 2009-03-03 13:20:00 +00:00
Matt Johnston
ff763e4005 - Get rid of decryptreadbuf, just decrypt in-place with readbuf 
- Share make_mac function for both packet creation and validation
- Split recv/trans parts of key_context into their own structures

--HG--
extra : convert_revision : 043bc598c76ed43625987e6937e32238f7ed6240
 2009-03-01 16:15:57 +00:00
Matt Johnston
8e72bbaa9d Encrypt in-place, avoid an extra malloc 
--HG--
extra : convert_revision : 981e3e4b44e6fdc8537775518e898a33e76a38db
 2009-03-01 14:38:25 +00:00
Matt Johnston
4b37932ba1 merge of 'e1c100e6366c5d607af08f4abdbb0f4281df4fa9' 
and 'fe8161b0698c9816b98f79e3cab2b9d59f2be71b'

--HG--
extra : convert_revision : 23e1a99e40fc3baad5216b2a7e7318f8243f86a3
 2009-02-26 13:21:14 +00:00
Matt Johnston
d1bfb6bfb7 disapproval of revision 'a101cbd046507cf723e6362a49196dbd4b924042' 
--HG--
extra : convert_revision : e1c100e6366c5d607af08f4abdbb0f4281df4fa9
 2009-02-26 13:20:53 +00:00
Matt Johnston
35f3d2ff90 merge of 'a101cbd046507cf723e6362a49196dbd4b924042' 
and 'c8e1b84cfe874887ad7df0dd95a00de46dbc0136'

--HG--
extra : convert_revision : fe8161b0698c9816b98f79e3cab2b9d59f2be71b
 2009-02-26 12:18:34 +00:00
Matt Johnston
a60cb7dbaa - Try to write out as much as we can 
--HG--
extra : convert_revision : a101cbd046507cf723e6362a49196dbd4b924042
 2009-02-26 12:18:11 +00:00
Matt Johnston
cca4e1a080 - Don't be dumb and encrypt/decrypt in a while() loop - why did I do this?? 
--HG--
extra : convert_revision : c8e1b84cfe874887ad7df0dd95a00de46dbc0136
 2009-02-25 14:04:02 +00:00
Matt Johnston
adc4d0194f Idle timeout patch from Farrell Aultman. Needs testing, unsure if server 
code works

--HG--
extra : convert_revision : ff66e05ae040561110af70114bf83f11ed528f05
 2008-11-07 14:11:06 +00:00
Matt Johnston
511f6555c9 - Add Counter Mode support 
--HG--
extra : convert_revision : 5225162bdf32d70b58b6d3ae375a290326c59f3a
 2008-09-29 13:53:31 +00:00
Matt Johnston
049fcf1ac5 Add support for zlib@openssh.com delayed compression. 
Are still advertising 'zlib' for the server, need to allow
delayed-only as an option

--HG--
extra : convert_revision : 319df675cc3c9b35a10b7d8357c94f33fdab1a46
 2008-09-29 02:23:04 +00:00
Matt Johnston
b619e88f54 - Split main socket var into ses.sock_in/ses.sock_out in preparation 
for -J proxy_cmd option (and some prelim options for that)

--HG--
extra : convert_revision : 47cdea9a7d66c553c6f5eec43b899821939d4e4c
 2008-09-15 12:51:50 +00:00
Matt Johnston
ddb61adcc9 Fix delayed packet queue handling 
--HG--
extra : convert_revision : 53b349938dfae2256e23799fae66edd5fc3e97ee
 2007-08-08 15:48:52 +00:00
Matt Johnston
75ec4d6510 - Add -K keepalive flag for dropbear and dbclient 
- Try to reduce the frequency of select() timeouts
- Add a max receive window size of 1MB

--HG--
extra : convert_revision : 9aa22036cb511cddb35fbc0e09ad05acb39b64d1
 2007-08-08 15:12:06 +00:00
Matt Johnston
57ae0bfedf Prevent invalid packets being sent during key-exchange, instead queue 
them until afterwards. This could sometimes terminate connections
after 8 hours if (for example) a new TCP forwarded connection
was sent at the KEX timeout.

--HG--
extra : convert_revision : 48426bd66b8f5ba50045f7ba190d1672745132e2
 2007-07-27 17:13:42 +00:00
Matt Johnston
2d4d9627a2 Rearrange the channel buffer sizes into three neat use-editable values in 
options.h. Increasing RECV_MAX_WINDOW gives big network performance
increases - even with the present buffers (which haven't changed) it
performs a lot better.
Next step is to make the window size a cmdline option.

--HG--
extra : convert_revision : 24c7cb47fb56cf5b82e3bc0859b45ea83038eab0
 2007-07-24 15:40:23 +00:00
Matt Johnston
c3941698cd Don't erase every buffer, it's too time consuming. 
On systems where it matters encrypted swap should be enabled anyway.

--HG--
extra : convert_revision : 6cb7793493d92968e09b5dea21d71ded5811d21f
 2007-02-12 10:44:47 +00:00
Matt Johnston
53681cbdb6 * use own assertions which should get logged properly 
--HG--
extra : convert_revision : 3dc365619f0840ab5781660b1257a9f22c05d3fe
 2005-09-05 15:16:10 +00:00
Matt Johnston
c804883350 trans, not recv for macsize 
--HG--
extra : convert_revision : 39c4f7320b3a10ef7ef5a41406fe014cc9040ee9
 2005-08-30 17:56:53 +00:00