merge of 00b67a11e33c3ed390556805ed6d1078528bee70

and a3e68842a71eaba22c23468ff95fded952acb973

--HG--
extra : convert_revision : 51e1bd8be97b4591773adef1b4955f60100f09dd

CHANGES

@@ -1,3 +1,41 @@
+0.44test3 - Fri Aug 27 22:20:54 +0800
+
+- Fixed a bunch of warnings.
+
+- scp works correctly when passed a username (fix for the dbclient program
+  itself as well, "-lmatt" works as well as "-l matt").
+
+- Remove unrequired debian files
+
+- Exit with the remote process's return code for dbclient
+
+- Display stderr messages from the server in the client
+
+- Add circular buffering to the channel code. This should dramatically reduce
+  the amount of backtraffic sent in response to traffic incoming to the
+  Dropbear end - improves high-latency performance (ie dialup).
+
+- Various other related channel-handling fixups.
+
+- Allow leading lines in the banner when connecting to servers
+
+- Fixed printing out errors onto the network socket with stderr (for inetd
+  mode when using xinetd)
+
+- Remove obselete documentation
+
+- Fix a null-pointer exception when trying to free non-existant listeners
+  at cleanup.
+
+- DEBUG_TRACE now only works if you add "-v" to the program commandline
+
+- Don't leave stdin non-blocking on exit - this caused the parent shell
+  of dbclient to close when dbclient exited, for some shells in BusyBox
+
+- Server connections no longer timeout after 5 minutes
+
+- Fixed stupid DSS hostkey typo (server couldn't load host keys)
+
 0.44test2 - Tues Aug 17 2004 17:43:54 +0800
 
 - Fix up dropbearmulti targets in the Makefile - symlinks are now created

Makefile.in

@@ -28,12 +28,12 @@ SVROBJS=svr-kex.o svr-algo.o svr-auth.o sshpty.o \
 
 CLIOBJS=cli-algo.o cli-main.o cli-auth.o cli-authpasswd.o cli-kex.o \
 		cli-session.o cli-service.o cli-runopts.o cli-chansession.o \
-		cli-authpubkey.o cli-tcpfwd.o
+		cli-authpubkey.o cli-tcpfwd.o cli-channel.o
 
 CLISVROBJS=common-session.o packet.o common-algo.o common-kex.o \
 			common-channel.o common-chansession.o termcodes.o loginrec.o \
 			tcp-accept.o listener.o process-packet.o \
-			common-runopts.o 
+			common-runopts.o circbuffer.o
 
 KEYOBJS=dropbearkey.o gendss.o genrsa.o
 

TODO

@@ -10,8 +10,6 @@ Things which might need doing:
 
 - handle /etc/environment in AIX
 
-- improve channel window adjustment algorithm (circular buffering)
-
 - check that there aren't timing issues with valid/invalid user authentication
   feedback.
 

buffer.c

@@ -1,5 +1,5 @@
 /*
- * Dropbear - a SSH2 server
+ * Dropbear SSH
  * 
  * Copyright (c) 2002,2003 Matt Johnston
  * All rights reserved.

channel.h

@@ -27,6 +27,7 @@
 
 #include "includes.h"
 #include "buffer.h"
+#include "circbuffer.h"
 
 /* channel->type values */
 #define CHANNEL_ID_NONE 0
@@ -44,14 +45,15 @@
 /* Not a real type */
 #define SSH_OPEN_IN_PROGRESS					99
 
-#define MAX_CHANNELS 60 /* simple mem restriction, includes each tcp/x11
+#define MAX_CHANNELS 100 /* simple mem restriction, includes each tcp/x11
 							connection, so can't be _too_ small */
 
 #define CHAN_EXTEND_SIZE 3 /* how many extra slots to add when we need more */
 
-#define RECV_MAXWINDOW 6000 /* tweak */
-#define RECV_MAXPACKET 1400 /* tweak */
-#define RECV_MINWINDOW 19000 /* when we get below this, we send a windowadjust */
+#define RECV_MAXWINDOW 4000 /* tweak */
+#define RECV_WINDOWEXTEND 500 /* We send a "window extend" every
+								RECV_WINDOWEXTEND bytes */
+#define RECV_MAXPACKET RECV_MAXWINDOW /* tweak */
 
 struct ChanType;
 
@@ -60,15 +62,16 @@ struct Channel {
 	unsigned int index; /* the local channel index */
 	unsigned int remotechan;
 	unsigned int recvwindow, transwindow;
+	unsigned int recvdonelen;
 	unsigned int recvmaxpacket, transmaxpacket;
 	void* typedata; /* a pointer to type specific data */
-	int infd; /* stdin for the program, we write to this */
-	int outfd; /* stdout for the program, we read from this */
-	int errfd; /* stdout for a program. This doesn't really fit here,
-				  but makes the code a lot tidyer without being too bad. This
-				  is -1 for channels which don't requre it. Currently only
-				  a 'session' without a pty will use it */
-	buffer *writebuf; /* data for the program */
+	int infd; /* data to send over the wire */
+	int outfd; /* data for consumption, what was in writebuf */
+	int errfd; /* used like infd or errfd, depending if it's client or server.
+				  Doesn't exactly belong here, but is cleaner here */
+	circbuffer *writebuf; /* data from the wire, for local consumption */
+	circbuffer *extrabuf; /* extended-data for the program - used like writebuf
+					     but for stderr */
 
 	int sentclosed, recvclosed;
 
@@ -97,6 +100,7 @@ void chaninitialise();
 void chancleanup();
 void setchannelfds(fd_set *readfd, fd_set *writefd);
 void channelio(fd_set *readfd, fd_set *writefd);
+struct Channel* getchannel(unsigned int chan);
 struct Channel* newchannel(unsigned int remotechan, 
 		const struct ChanType *type, 
 		unsigned int transwindow, unsigned int transmaxpacket);
@@ -106,10 +110,16 @@ void recv_msg_channel_request();
 void send_msg_channel_failure(struct Channel *channel);
 void send_msg_channel_success(struct Channel *channel);
 void recv_msg_channel_data();
+void recv_msg_channel_extended_data();
 void recv_msg_channel_window_adjust();
 void recv_msg_channel_close();
 void recv_msg_channel_eof();
 
+void common_recv_msg_channel_data(struct Channel *channel, int fd, 
+		circbuffer * buf);
+
+const struct ChanType clichansess;
+
 #ifdef USING_LISTENERS
 int send_msg_channel_open_init(int fd, const struct ChanType *type);
 void recv_msg_channel_open_confirmation();

chansession.h

@@ -68,11 +68,6 @@ struct ChildPid {
 };
 
 
-void chansessionrequest(struct Channel * channel);
-void send_msg_chansess_exitstatus(struct Channel * channel,
-		struct ChanSess * chansess);
-void send_msg_chansess_exitsignal(struct Channel * channel,
-		struct ChanSess * chansess);
 void addnewvar(const char* param, const char* var);
 
 void cli_send_chansess_request();

circbuffer.c

@@ -0,0 +1,138 @@
+/*
+ * Dropbear SSH
+ * 
+ * Copyright (c) 2002-2004 Matt Johnston
+ * All rights reserved.
+ * 
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE. */
+
+#include "includes.h"
+#include "dbutil.h"
+#include "circbuffer.h"
+
+#define MAX_CBUF_SIZE 100000000
+
+circbuffer * cbuf_new(unsigned int size) {
+
+	circbuffer *cbuf = NULL;
+
+	if (size > MAX_CBUF_SIZE) {
+		dropbear_exit("bad cbuf size");
+	}
+
+	cbuf = (circbuffer*)m_malloc(sizeof(circbuffer));
+	cbuf->data = (unsigned char*)m_malloc(size);
+	cbuf->used = 0;
+	cbuf->readpos = 0;
+	cbuf->writepos = 0;
+	cbuf->size = size;
+
+	return cbuf;
+}
+
+void cbuf_free(circbuffer * cbuf) {
+
+	m_free(cbuf->data);
+	m_free(cbuf);
+}
+
+unsigned int cbuf_getused(circbuffer * cbuf) {
+
+	return cbuf->used;
+
+}
+
+unsigned int cbuf_getavail(circbuffer * cbuf) {
+
+	return cbuf->size - cbuf->used;
+
+}
+
+unsigned int cbuf_readlen(circbuffer *cbuf) {
+
+	assert(((2*cbuf->size)+cbuf->writepos-cbuf->readpos)%cbuf->size == cbuf->used%cbuf->size);
+	assert(((2*cbuf->size)+cbuf->readpos-cbuf->writepos)%cbuf->size == (cbuf->size-cbuf->used)%cbuf->size);
+
+	if (cbuf->used == 0) {
+		TRACE(("cbuf_readlen: unused buffer"));
+		return 0;
+	}
+
+	if (cbuf->readpos < cbuf->writepos) {
+		return cbuf->writepos - cbuf->readpos;
+	}
+
+	return cbuf->size - cbuf->readpos;
+}
+
+unsigned int cbuf_writelen(circbuffer *cbuf) {
+
+	assert(cbuf->used <= cbuf->size);
+	assert(((2*cbuf->size)+cbuf->writepos-cbuf->readpos)%cbuf->size == cbuf->used%cbuf->size);
+	assert(((2*cbuf->size)+cbuf->readpos-cbuf->writepos)%cbuf->size == (cbuf->size-cbuf->used)%cbuf->size);
+
+	if (cbuf->used == cbuf->size) {
+		TRACE(("cbuf_writelen: full buffer"));
+		return 0; /* full */
+	}
+	
+	if (cbuf->writepos < cbuf->readpos) {
+		return cbuf->readpos - cbuf->writepos;
+	}
+
+	return cbuf->size - cbuf->writepos;
+}
+
+unsigned char* cbuf_readptr(circbuffer *cbuf, unsigned int len) {
+	if (len > cbuf_readlen(cbuf)) {
+		dropbear_exit("bad cbuf read");
+	}
+
+	return &cbuf->data[cbuf->readpos];
+}
+
+unsigned char* cbuf_writeptr(circbuffer *cbuf, unsigned int len) {
+
+	if (len > cbuf_writelen(cbuf)) {
+		dropbear_exit("bad cbuf write");
+	}
+
+	return &cbuf->data[cbuf->writepos];
+}
+
+void cbuf_incrwrite(circbuffer *cbuf, unsigned int len) {
+	if (len > cbuf_writelen(cbuf)) {
+		dropbear_exit("bad cbuf write");
+	}
+
+	cbuf->used += len;
+	assert(cbuf->used <= cbuf->size);
+	cbuf->writepos = (cbuf->writepos + len) % cbuf->size;
+}
+
+
+void cbuf_incrread(circbuffer *cbuf, unsigned int len) {
+	if (len > cbuf_readlen(cbuf)) {
+		dropbear_exit("bad cbuf read");
+	}
+
+	assert(cbuf->used >= len);
+	cbuf->used -= len;
+	cbuf->readpos = (cbuf->readpos + len) % cbuf->size;
+}

circbuffer.h

@@ -0,0 +1,50 @@
+/*
+ * Dropbear SSH
+ * 
+ * Copyright (c) 2002-2004 Matt Johnston
+ * All rights reserved.
+ * 
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE. */
+
+#ifndef _CIRCBUFFER_H_
+#define _CIRCBUFFER_H_
+struct circbuf {
+
+	unsigned int size;
+	unsigned int readpos;
+	unsigned int writepos;
+	unsigned int used;
+	unsigned char* data;
+};
+
+typedef struct circbuf circbuffer;
+
+circbuffer * cbuf_new(unsigned int size);
+void cbuf_free(circbuffer * cbuf);
+
+unsigned int cbuf_getused(circbuffer * cbuf); /* how much data stored */
+unsigned int cbuf_getavail(circbuffer * cbuf); /* how much we can write */
+unsigned int cbuf_readlen(circbuffer *cbuf); /* max linear read len */
+unsigned int cbuf_writelen(circbuffer *cbuf); /* max linear write len */
+
+unsigned char* cbuf_readptr(circbuffer *cbuf, unsigned int len);
+unsigned char* cbuf_writeptr(circbuffer *cbuf, unsigned int len);
+void cbuf_incrwrite(circbuffer *cbuf, unsigned int len);
+void cbuf_incrread(circbuffer *cbuf, unsigned int len);
+#endif

cli-channel.c

@@ -0,0 +1,65 @@
+/*
+ * Dropbear SSH
+ * 
+ * Copyright (c) 2002-2004 Matt Johnston
+ * All rights reserved.
+ * 
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE. */
+
+#include "includes.h"
+#include "channel.h"
+#include "buffer.h"
+#include "circbuffer.h"
+#include "dbutil.h"
+#include "session.h"
+#include "ssh.h"
+
+/* We receive channel data - only used by the client chansession code*/
+void recv_msg_channel_extended_data() {
+
+	unsigned int chan;
+	struct Channel *channel;
+	unsigned int datatype;
+
+	TRACE(("enter recv_msg_channel_extended_data"));
+
+	chan = buf_getint(ses.payload);
+	channel = getchannel(chan);
+
+	if (channel == NULL) {
+		dropbear_exit("Unknown channel");
+	}
+
+	if (channel->type != &clichansess) {
+		TRACE(("leave recv_msg_channel_extended_data: chantype is wrong"));
+		return; /* we just ignore it */
+	}
+
+	datatype = buf_getint(ses.payload);
+	
+	if (datatype != SSH_EXTENDED_DATA_STDERR) {
+		TRACE(("leave recv_msg_channel_extended_data: wrong datatype: %d",
+					datatype));
+		return;	
+	}
+
+	common_recv_msg_channel_data(channel, channel->errfd, channel->extrabuf);
+
+	TRACE(("leave recv_msg_channel_extended_data"));
+}

cli-chansession.c

@@ -32,9 +32,11 @@
 #include "ssh.h"
 #include "runopts.h"
 #include "termcodes.h"
+#include "chansession.h"
 
 static void cli_closechansess(struct Channel *channel);
 static int cli_initchansess(struct Channel *channel);
+static void cli_chansessreq(struct Channel *channel);
 
 static void start_channel_request(struct Channel *channel, unsigned char *type);
 
@@ -42,19 +44,43 @@ static void send_chansess_pty_req(struct Channel *channel);
 static void send_chansess_shell_req(struct Channel *channel);
 
 static void cli_tty_setup();
-void cli_tty_cleanup();
 
-static const struct ChanType clichansess = {
+const struct ChanType clichansess = {
 	0, /* sepfds */
 	"session", /* name */
 	cli_initchansess, /* inithandler */
 	NULL, /* checkclosehandler */
-	NULL, /* reqhandler */
+	cli_chansessreq, /* reqhandler */
 	cli_closechansess, /* closehandler */
 };
 
+static void cli_chansessreq(struct Channel *channel) {
+
+	unsigned char* type = NULL;
+	int wantreply;
+
+	TRACE(("enter cli_chansessreq"));
+
+	type = buf_getstring(ses.payload, NULL);
+	wantreply = buf_getbyte(ses.payload);
+
+	if (strcmp(type, "exit-status") != 0) {
+		TRACE(("unknown request '%s'", type));
+		send_msg_channel_failure(channel);
+		goto out;
+	}
+		
+	/* We'll just trust what they tell us */
+	cli_ses.retval = buf_getint(ses.payload);
+	TRACE(("got exit-status of '%d'", cli_ses.retval));
+
+out:
+	m_free(type);
+}
+	
+
 /* If the main session goes, we close it up */
-static void cli_closechansess(struct Channel *channel) {
+static void cli_closechansess(struct Channel *UNUSED(channel)) {
 
 	/* This channel hasn't gone yet, so we have > 1 */
 	if (ses.chancount > 1) {
@@ -228,7 +254,7 @@ static void put_winsize() {
 
 }
 
-static void sigwinch_handler(int dummy) {
+static void sigwinch_handler(int UNUSED(unused)) {
 
 	cli_ses.winchange = 1;
 
@@ -313,9 +339,17 @@ static void send_chansess_shell_req(struct Channel *channel) {
 
 static int cli_initchansess(struct Channel *channel) {
 
+
 	channel->infd = STDOUT_FILENO;
-	//channel->outfd = STDIN_FILENO;
-	//channel->errfd = STDERR_FILENO;
+	setnonblocking(STDOUT_FILENO);
+
+	channel->outfd = STDIN_FILENO;
+	setnonblocking(STDIN_FILENO);
+
+	channel->errfd = STDERR_FILENO;
+	setnonblocking(STDERR_FILENO);
+
+	channel->extrabuf = cbuf_new(RECV_MAXWINDOW);
 
 	if (cli_opts.wantpty) {
 		send_chansess_pty_req(channel);

cli-kex.c

@@ -164,13 +164,16 @@ static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) {
 
 	snprintf(filename, len+18, "%s/.ssh/known_hosts", pw->pw_dir);
 	hostsfile = fopen(filename, "a+");
-	fseek(hostsfile, 0, SEEK_SET);
 	
-	/* We mightn't have been able to open it if it was read-only */
-	if (hostsfile == NULL && (errno == EACCES || errno == EROFS)) {
-			TRACE(("trying readonly: %s", strerror(errno)));
-			readonly = 1;
-			hostsfile = fopen(filename, "r");
+	if (hostsfile != NULL) {
+		fseek(hostsfile, 0, SEEK_SET);
+	} else {
+		/* We mightn't have been able to open it if it was read-only */
+		if (errno == EACCES || errno == EROFS) {
+				TRACE(("trying readonly: %s", strerror(errno)));
+				readonly = 1;
+				hostsfile = fopen(filename, "r");
+		}
 	}
 
 	if (hostsfile == NULL) {

cli-main.c

@@ -52,6 +52,10 @@ int main(int argc, char ** argv) {
 	TRACE(("user='%s' host='%s' port='%s'", cli_opts.username,
 				cli_opts.remotehost, cli_opts.remoteport));
 
+	if (signal(SIGPIPE, SIG_IGN) == SIG_ERR) {
+		dropbear_exit("signal() error");
+	}
+
 	sock = connect_remote(cli_opts.remotehost, cli_opts.remoteport, 
 			0, &error);
 
@@ -96,7 +100,8 @@ static void cli_dropbear_exit(int exitcode, const char* format, va_list param) {
 	exit(exitcode);
 }
 
-static void cli_dropbear_log(int priority, const char* format, va_list param) {
+static void cli_dropbear_log(int UNUSED(priority), 
+		const char* format, va_list param) {
 
 	char printbuf[1024];
 

cli-runopts.c

@@ -59,6 +59,9 @@ static void printhelp() {
 					"-R <listenport:remotehost:remoteport> Remote port forwarding\n"
 #endif
 					"-l <username>\n"
+#ifdef DEBUG_TRACE
+					"-v    verbose\n"
+#endif
 					,DROPBEAR_VERSION, cli_opts.progname);
 }
 
@@ -140,12 +143,6 @@ void cli_getopts(int argc, char ** argv) {
 		if (argv[i][0] == '-') {
 			/* A flag *waves* */
 
-			if (strlen(argv[i]) > 2) {
-					fprintf(stderr, 
-						"WARNING: Ignoring unknown argument '%s'\n", argv[i]);
-					continue;
-			}
-
 			switch (argv[i][1]) {
 				case 'p': /* remoteport */
 					next = &cli_opts.remoteport;
@@ -178,6 +175,11 @@ void cli_getopts(int argc, char ** argv) {
 					printhelp();
 					exit(EXIT_SUCCESS);
 					break;
+#ifdef DEBUG_TRACE
+				case 'v':
+					debug_trace = 1;
+					break;
+#endif
 				case 'F':
 				case 'e':
 				case 'c':
@@ -197,6 +199,12 @@ void cli_getopts(int argc, char ** argv) {
 						"WARNING: Ignoring unknown argument '%s'\n", argv[i]);
 					break;
 			} /* Switch */
+			
+			/* Now we handle args where they might be "-luser" (no spaces)*/
+			if (next && strlen(argv[i]) > 2) {
+				*next = &argv[i][2];
+				next = NULL;
+			}
 
 			continue; /* next argument */
 

cli-session.c

@@ -48,6 +48,7 @@ struct clientsession cli_ses; /* GLOBAL */
 static const packettype cli_packettypes[] = {
 	/* TYPE, FUNCTION */
 	{SSH_MSG_CHANNEL_DATA, recv_msg_channel_data},
+	{SSH_MSG_CHANNEL_EXTENDED_DATA, recv_msg_channel_extended_data},
 	{SSH_MSG_CHANNEL_WINDOW_ADJUST, recv_msg_channel_window_adjust},
 	{SSH_MSG_USERAUTH_FAILURE, recv_msg_userauth_failure}, /* client */
 	{SSH_MSG_USERAUTH_SUCCESS, recv_msg_userauth_success}, /* client */
@@ -112,6 +113,14 @@ static void cli_session_init() {
 	cli_ses.tty_raw_mode = 0;
 	cli_ses.winchange = 0;
 
+	/* We store stdin's flags, so we can set them back on exit (otherwise
+	 * busybox's ash isn't happy */
+	cli_ses.stdincopy = dup(STDIN_FILENO);
+	cli_ses.stdinflags = fcntl(STDIN_FILENO, F_GETFL, 0);
+
+	cli_ses.retval = EXIT_SUCCESS; /* Assume it's clean if we don't get a
+									  specific exit status */
+
 	/* Auth */
 	cli_ses.lastpubkey = NULL;
 	cli_ses.lastauthtype = NULL;
@@ -240,6 +249,11 @@ void cli_session_cleanup() {
 	if (!sessinitdone) {
 		return;
 	}
+
+	/* Set stdin back to non-blocking - busybox ash dies nastily
+	 * if we don't revert the flags */
+	fcntl(cli_ses.stdincopy, F_SETFL, cli_ses.stdinflags);
+
 	cli_tty_cleanup();
 
 }
@@ -250,7 +264,7 @@ static void cli_finished() {
 	common_session_cleanup();
 	fprintf(stderr, "Connection to %s@%s:%s closed.\n", cli_opts.username,
 			cli_opts.remotehost, cli_opts.remoteport);
-	exit(EXIT_SUCCESS);
+	exit(cli_ses.retval);
 }
 
 

cli-tcpfwd.c

@@ -89,7 +89,7 @@ static int cli_localtcp(unsigned int listenport, const char* remoteaddr,
 				remoteport));
 
 	tcpinfo = (struct TCPListener*)m_malloc(sizeof(struct TCPListener*));
-	tcpinfo->sendaddr = remoteaddr;
+	tcpinfo->sendaddr = m_strdup(remoteaddr);
 	tcpinfo->sendport = remoteport;
 	tcpinfo->listenport = listenport;
 	tcpinfo->chantype = &cli_chan_tcplocal;

common-channel.c

@@ -1,7 +1,7 @@
 /*
- * Dropbear - a SSH2 server
+ * Dropbear SSH
  * 
- * Copyright (c) 2002,2003 Matt Johnston
+ * Copyright (c) 2002-2004 Matt Johnston
  * All rights reserved.
  * 
  * Permission is hereby granted, free of charge, to any person obtaining a copy
@@ -29,6 +29,7 @@
 #include "packet.h"
 #include "ssh.h"
 #include "buffer.h"
+#include "circbuffer.h"
 #include "dbutil.h"
 #include "channel.h"
 #include "ssh.h"
@@ -39,7 +40,7 @@ static void send_msg_channel_open_failure(unsigned int remotechan, int reason,
 static void send_msg_channel_open_confirmation(struct Channel* channel,
 		unsigned int recvwindow, 
 		unsigned int recvmaxpacket);
-static void writechannel(struct Channel *channel);
+static void writechannel(struct Channel* channel, int fd, circbuffer *cbuf);
 static void send_msg_channel_window_adjust(struct Channel *channel, 
 		unsigned int incr);
 static void send_msg_channel_data(struct Channel *channel, int isextended,
@@ -147,8 +148,10 @@ struct Channel* newchannel(unsigned int remotechan,
 	newchan->errfd = FD_CLOSED; /* this isn't always set to start with */
 	newchan->initconn = 0;
 
-	newchan->writebuf = buf_new(RECV_MAXWINDOW);
+	newchan->writebuf = cbuf_new(RECV_MAXWINDOW);
+	newchan->extrabuf = NULL; /* The user code can set it up */
 	newchan->recvwindow = RECV_MAXWINDOW;
+	newchan->recvdonelen = 0;
 	newchan->recvmaxpacket = RECV_MAXPACKET;
 
 	ses.channels[i] = newchan;
@@ -160,7 +163,7 @@ struct Channel* newchannel(unsigned int remotechan,
 }
 
 /* Get the channel structure corresponding to a channel number */
-static struct Channel* getchannel(unsigned int chan) {
+struct Channel* getchannel(unsigned int chan) {
 	if (chan >= ses.chansize || ses.channels[chan] == NULL) {
 		return NULL;
 	}
@@ -189,7 +192,8 @@ void channelio(fd_set *readfd, fd_set *writefd) {
 		}
 
 		/* read from program/pipe stderr */
-		if (channel->errfd >= 0 && FD_ISSET(channel->errfd, readfd)) {
+		if (channel->extrabuf == NULL &&
+				channel->errfd >= 0 && FD_ISSET(channel->errfd, readfd)) {
 				send_msg_channel_data(channel, 1, SSH_EXTENDED_DATA_STDERR);
 		}
 
@@ -218,7 +222,13 @@ void channelio(fd_set *readfd, fd_set *writefd) {
 				continue; /* Important not to use the channel after
 							 checkinitdone(), as it may be NULL */
 			}
-			writechannel(channel);
+			writechannel(channel, channel->infd, channel->writebuf);
+		}
+		
+		/* stderr for client mode */
+		if (channel->extrabuf != NULL 
+				&& channel->errfd >= 0 && FD_ISSET(channel->errfd, writefd)) {
+			writechannel(channel, channel->errfd, channel->extrabuf);
 		}
 	
 		/* now handle any of the channel-closing type stuff */
@@ -236,6 +246,14 @@ void channelio(fd_set *readfd, fd_set *writefd) {
 /* do all the EOF/close type stuff checking for a channel */
 static void checkclose(struct Channel *channel) {
 
+	TRACE(("checkclose: infd %d, outfd %d, errfd %d, sentclosed %d, recvclosed %d", 
+				channel->infd, channel->outfd,
+				channel->errfd, channel->sentclosed, channel->recvclosed));
+	TRACE(("writebuf %d extrabuf %s extrabuf %d",
+				cbuf_getused(channel->writebuf),
+				channel->writebuf,
+				channel->writebuf ? 0 : cbuf_getused(channel->extrabuf)));
+
 	if (!channel->sentclosed) {
 
 		/* check for exited - currently only used for server sessions,
@@ -248,13 +266,13 @@ static void checkclose(struct Channel *channel) {
 
 		if (!channel->senteof
 			&& channel->outfd == FD_CLOSED 
-			&& channel->errfd == FD_CLOSED) {
+			&& (channel->extrabuf != NULL || channel->errfd == FD_CLOSED)) {
 			send_msg_channel_eof(channel);
 		}
 
 		if (channel->infd == FD_CLOSED
-				&& channel->outfd == FD_CLOSED
-				&& channel->errfd == FD_CLOSED) {
+			&& channel->outfd == FD_CLOSED
+			&& (channel->extrabuf != NULL || channel->errfd == FD_CLOSED)) {
 			send_msg_channel_close(channel);
 		}
 	}
@@ -345,49 +363,53 @@ static void send_msg_channel_eof(struct Channel *channel) {
 	TRACE(("leave send_msg_channel_eof"));
 }
 
-/* Called to write data out to the server side of a channel (eg a shell or a
- * program.
+/* Called to write data out to the local side of the channel. 
  * Only called when we know we can write to a channel, writes as much as
  * possible */
-static void writechannel(struct Channel* channel) {
+static void writechannel(struct Channel* channel, int fd, circbuffer *cbuf) {
 
 	int len, maxlen;
-	buffer *buf;
 
 	TRACE(("enter writechannel"));
 
-	buf = channel->writebuf;
-	maxlen = buf->len - buf->pos;
+	maxlen = cbuf_readlen(cbuf);
 
-	len = write(channel->infd, buf_getptr(buf, maxlen), maxlen);
+	/* Write the data out */
+	len = write(fd, cbuf_readptr(cbuf, maxlen), maxlen);
 	if (len <= 0) {
 		if (len < 0 && errno != EINTR) {
-			/* no more to write */
+			/* no more to write - we close it even if the fd was stderr, since
+			 * that's a nasty failure too */
 			closeinfd(channel);
 		}
 		TRACE(("leave writechannel: len <= 0"));
 		return;
 	}
-	
-	if (len == maxlen) {
-		buf_setpos(buf, 0);
-		buf_setlen(buf, 0);
 
-		if (channel->recveof) {
-			/* we're closing up */
-			closeinfd(channel);
-			return;
-			TRACE(("leave writechannel: recveof set"));
-		}
+	cbuf_incrread(cbuf, len);
+	channel->recvdonelen += len;
 
-		/* extend the window if we're at the end*/
-		/* TODO - this is inefficient */
-		send_msg_channel_window_adjust(channel, buf->size
-				- channel->recvwindow);
-		channel->recvwindow = buf->size;
-	} else {
-		buf_incrpos(buf, len);
+	if (fd == channel->infd && len == maxlen && channel->recveof) { 
+		/* Check if we're closing up */
+		closeinfd(channel);
+		TRACE(("leave writechannel: recveof set"));
+		return;
 	}
+
+	/* Window adjust handling */
+	if (channel->recvdonelen >= RECV_WINDOWEXTEND) {
+		/* Set it back to max window */
+		send_msg_channel_window_adjust(channel, channel->recvdonelen);
+		channel->recvwindow += channel->recvdonelen;
+		channel->recvdonelen = 0;
+	}
+
+	assert(channel->recvwindow <= RECV_MAXWINDOW);
+	assert(channel->recvwindow <= cbuf_getavail(channel->writebuf));
+	assert(channel->extrabuf == NULL ||
+			channel->recvwindow <= cbuf_getavail(channel->extrabuf));
+	
+	
 	TRACE(("leave writechannel"));
 }
 
@@ -405,30 +427,38 @@ void setchannelfds(fd_set *readfd, fd_set *writefd) {
 			continue;
 		}
 
-		/* stdout and stderr */
+		/* Stuff to put over the wire */
 		if (channel->transwindow > 0) {
 
-			/* stdout */
 			if (channel->outfd >= 0) {
-				/* there's space to read more from the program */
 				FD_SET(channel->outfd, readfd);
 			}
-			/* stderr */
-			if (channel->errfd >= 0) {
+			
+			if (channel->extrabuf == NULL && channel->errfd >= 0) {
 					FD_SET(channel->errfd, readfd);
 			}
 		}
 
+		/* For checking FD status (ie closure etc) - we don't actually
+		 * read data from infd */
+		TRACE(("infd = %d, outfd %d, errfd %d, bufused %d", 
+					channel->infd, channel->outfd,
+					channel->errfd,
+					cbuf_getused(channel->writebuf) ));
 		if (channel->infd >= 0 && channel->infd != channel->outfd) {
 			FD_SET(channel->infd, readfd);
 		}
 
-		/* stdin */
-		if (channel->infd >= 0 &&
-				(channel->writebuf->pos < channel->writebuf->len ||
-				 channel->initconn)) {
-			/* there's space to write more to the program */
-			FD_SET(channel->infd, writefd);
+		/* Stuff from the wire, to local program/shell/user etc */
+		if ((channel->infd >= 0 && cbuf_getused(channel->writebuf) > 0 )
+				|| channel->initconn) {
+
+				FD_SET(channel->infd, writefd);
+		}
+
+		if (channel->extrabuf != NULL && channel->errfd >= 0 
+				&& cbuf_getused(channel->extrabuf) > 0 ) {
+				FD_SET(channel->errfd, writefd);
 		}
 
 	} /* foreach channel */
@@ -457,7 +487,9 @@ void recv_msg_channel_eof() {
 	}
 
 	channel->recveof = 1;
-	if (channel->writebuf->len == 0) {
+	if (cbuf_getused(channel->writebuf) == 0
+			&& (channel->extrabuf == NULL 
+					|| cbuf_getused(channel->extrabuf) == 0)) {
 		closeinfd(channel);
 	}
 
@@ -499,16 +531,21 @@ static void removechannel(struct Channel * channel) {
 	TRACE(("enter removechannel"));
 	TRACE(("channel index is %d", channel->index));
 
-	buf_free(channel->writebuf);
+	cbuf_free(channel->writebuf);
 	channel->writebuf = NULL;
 
+	if (channel->extrabuf) {
+		cbuf_free(channel->extrabuf);
+		channel->extrabuf = NULL;
+	}
+
+
 	/* close the FDs in case they haven't been done
 	 * yet (ie they were shutdown etc */
 	close(channel->infd);
 	close(channel->outfd);
-	if (channel->errfd >= 0) {
-		close(channel->errfd);
-	}
+	close(channel->errfd);
+
 	channel->typedata = NULL;
 
 	deletechannel(channel);
@@ -591,16 +628,19 @@ static void send_msg_channel_data(struct Channel *channel, int isextended,
 	}
 
 	/* read the data */
+	TRACE(("maxlen %d", maxlen));
 	buf = buf_new(maxlen);
+	TRACE(("buf pos %d data %x", buf->pos, buf->data));
 	len = read(fd, buf_getwriteptr(buf, maxlen), maxlen);
 	if (len <= 0) {
 		/* on error/eof, send eof */
 		if (len == 0 || errno != EINTR) {
 			closeoutfd(channel, fd);
-			TRACE(("leave send_msg_channel_data: read err %d", channel->index));
 		}
 		buf_free(buf);
 		buf = NULL;
+		TRACE(("leave send_msg_channel_data: read err or EOF for fd %d", 
+					channel->index));
 		return;
 	}
 	buf_incrlen(buf, len);
@@ -623,59 +663,72 @@ static void send_msg_channel_data(struct Channel *channel, int isextended,
 	TRACE(("leave send_msg_channel_data"));
 }
 
-
-/* when we receive channel data, put it in a buffer for writing to the program/
- * shell etc */
+/* We receive channel data */
 void recv_msg_channel_data() {
 
 	unsigned int chan;
-	struct Channel * channel;
-	unsigned int datalen;
-	unsigned int pos;
-	unsigned int maxdata;
+	struct Channel *channel;
 
-	TRACE(("enter recv_msg_channel_data"));
-	
 	chan = buf_getint(ses.payload);
 	channel = getchannel(chan);
+
 	if (channel == NULL) {
 		dropbear_exit("Unknown channel");
 	}
 
+	common_recv_msg_channel_data(channel, channel->infd, channel->writebuf);
+}
+
+/* Shared for data and stderr data - when we receive data, put it in a buffer
+ * for writing to the local file descriptor */
+void common_recv_msg_channel_data(struct Channel *channel, int fd, 
+		circbuffer * cbuf) {
+
+	unsigned int datalen;
+	unsigned int maxdata;
+	unsigned int buflen;
+	unsigned int len;
+
+	TRACE(("enter recv_msg_channel_data"));
+
 	if (channel->recveof) {
 		dropbear_exit("received data after eof");
 	}
 
- 	if (channel->infd < 0) {
+ 	if (fd < 0) {
 		dropbear_exit("received data with bad infd");
 	}
 
 	datalen = buf_getint(ses.payload);
 
-	/* if the client is going to send us more data than we've allocated, then 
-	 * it has ignored the windowsize, so we "MAY ignore all extra data" */
-	maxdata = channel->writebuf->size - channel->writebuf->pos;
+
+	maxdata = cbuf_getavail(cbuf);
+
+	/* Whilst the spec says we "MAY ignore data past the end" this could
+	 * lead to corrupted file transfers etc (chunks missed etc). It's better to
+	 * just die horribly */
 	if (datalen > maxdata) {
-		TRACE(("Warning: recv_msg_channel_data: extra data past window"));
-		datalen = maxdata;
+		dropbear_exit("Oversized packet");
 	}
 
-	/* write to the buffer - we always append to the end of the buffer */
-	pos = channel->writebuf->pos;
-	buf_setpos(channel->writebuf, channel->writebuf->len);
-	memcpy(buf_getwriteptr(channel->writebuf, datalen), 
-			buf_getptr(ses.payload, datalen), datalen);
-	buf_incrwritepos(channel->writebuf, datalen);
-	buf_setpos(channel->writebuf, pos); /* revert pos */
+	/* We may have to run throught twice, if the buffer wraps around. Can't
+	 * just "leave it for next time" like with writechannel, since this
+	 * is payload data */
+	len = datalen;
+	while (len > 0) {
+		buflen = cbuf_writelen(cbuf);
+		buflen = MIN(buflen, len);
 
+		memcpy(cbuf_writeptr(cbuf, buflen), 
+				buf_getptr(ses.payload, buflen), buflen);
+		cbuf_incrwrite(cbuf, buflen);
+		buf_incrpos(ses.payload, buflen);
+		len -= buflen;
+	}
+
+	assert(channel->recvwindow >= datalen);
 	channel->recvwindow -= datalen;
-
-	/* matt - this might be for later */
-/*	if (channel->recvwindow < RECV_MINWINDOW) {
-		send_msg_channel_window_adjust(channel, 
-				RECV_MAXWINDOW - channel->recvwindow);
-		channel->recvwindow = RECV_MAXWINDOW;
-	}*/
+	assert(channel->recvwindow <= RECV_MAXWINDOW);
 
 	TRACE(("leave recv_msg_channel_data"));
 }
@@ -886,10 +939,7 @@ int send_msg_channel_open_init(int fd, const struct ChanType *type) {
 	}
 
 	/* set fd non-blocking */
-	if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) {
-		TRACE(("leave send_msg_channel_open_init() - FAILED in fcntl()"));
-		return DROPBEAR_FAILURE;
-	}
+	setnonblocking(fd);
 
 	chan->infd = chan->outfd = fd;
 	ses.maxfd = MAX(ses.maxfd, fd);
@@ -993,15 +1043,19 @@ static void closechanfd(struct Channel *channel, int fd, int how) {
 		closein = closeout = 1;
 	}
 
-	if (closeout && fd == channel->errfd) {
-		channel->errfd = FD_CLOSED;
-	}
 	if (closeout && fd == channel->outfd) {
 		channel->outfd = FD_CLOSED;
 	}
+	if (closeout && (channel->extrabuf == NULL) && (fd == channel->errfd)) {
+		channel->errfd = FD_CLOSED;
+	}
+
 	if (closein && fd == channel->infd) {
 		channel->infd = FD_CLOSED;
 	}
+	if (closein && (channel->extrabuf != NULL) && (fd == channel->errfd)) {
+		channel->errfd = FD_CLOSED;
+	}
 }
 
 #endif /* USING_LISTENERS */

common-session.c

@@ -35,6 +35,8 @@
 #include "channel.h"
 #include "atomicio.h"
 
+static void checktimeouts();
+static int ident_readln(int fd, char* buf, int count);
 
 struct sshsession ses; /* GLOBAL */
 
@@ -46,8 +48,6 @@ int sessinitdone = 0; /* GLOBAL */
 int exitflag = 0; /* GLOBAL */
 
 
-static void checktimeouts();
-static int ident_readln(int fd, char* buf, int count);
 
 /* called only at the start of a session, set up initial state */
 void common_session_init(int sock, char* remotehost) {
@@ -223,6 +223,7 @@ void session_identification() {
 	char linebuf[256];
 	int len = 0;
 	char done = 0;
+	int i;
 
 	/* write our version string, this blocks */
 	if (atomicio(write, ses.sock, LOCAL_IDENT "\r\n",
@@ -230,14 +231,27 @@ void session_identification() {
 		dropbear_exit("Error writing ident string");
 	}
 
-	len = ident_readln(ses.sock, linebuf, 256);
-	if (len >= 4 && memcmp(linebuf, "SSH-", 4) == 0) {
-		/* start of line matches */
-		done = 1;
+	/* We allow up to 9 lines before the actual version string, to
+	 * account for wrappers/cruft etc. According to the spec only the client
+	 * needs to handle this, but no harm in letting the server handle it too */
+	for (i = 0; i < 10; i++) {
+		len = ident_readln(ses.sock, linebuf, sizeof(linebuf));
+
+		if (len < 0 && errno != EINTR) {
+			/* It failed */
+			break;
+		}
+
+		if (len >= 4 && memcmp(linebuf, "SSH-", 4) == 0) {
+			/* start of line matches */
+			done = 1;
+			break;
+		}
 	}
 
 	if (!done) {
-		dropbear_exit("Failed to get client version");
+		TRACE(("err: %s for '%s'\n", strerror(errno), linebuf));
+		dropbear_exit("Failed to get remote version");
 	} else {
 		/* linebuf is already null terminated */
 		ses.remoteident = m_malloc(len);

dbmulti.c

@@ -72,7 +72,7 @@ int main(int argc, char ** argv) {
 			"'dropbear' - the Dropbear server\n"
 #endif
 #ifdef DBMULTI_dbclient
-			"'dbclient' - the Dropbear client\n"
+			"'dbclient' or 'ssh' - the Dropbear client\n"
 #endif
 #ifdef DBMULTI_dropbearkey
 			"'dropbearkey' - the key generator\n"

dbutil.c

@@ -66,6 +66,10 @@ void (*_dropbear_exit)(int exitcode, const char* format, va_list param)
 void (*_dropbear_log)(int priority, const char* format, va_list param)
 						= generic_dropbear_log;
 
+#ifdef DEBUG_TRACE
+int debug_trace = 0;
+#endif
+
 int usingsyslog = 0; /* set by runopts, but required externally to sessions */
 #ifndef DISABLE_SYSLOG
 void startsyslog() {
@@ -107,7 +111,7 @@ static void generic_dropbear_exit(int exitcode, const char* format,
 	exit(exitcode);
 }
 
-static void generic_dropbear_log(int priority, const char* format, 
+static void generic_dropbear_log(int UNUSED(priority), const char* format, 
 		va_list param) {
 
 	char printbuf[1024];
@@ -134,6 +138,10 @@ void dropbear_trace(const char* format, ...) {
 
 	va_list param;
 
+	if (!debug_trace) {
+		return;
+	}
+
 	va_start(param, format);
 	fprintf(stderr, "TRACE: ");
 	vfprintf(stderr, format, param);
@@ -587,3 +595,13 @@ void m_burn(void *data, unsigned int len) {
 	}
 }
 
+
+void setnonblocking(int fd) {
+
+	TRACE(("setnonblocking: %d", fd));
+
+	if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) {
+		dropbear_exit("Couldn't set nonblocking");
+	}
+	TRACE(("leave setnonblocking"));
+}

dbutil.h

@@ -42,6 +42,7 @@ void dropbear_log(int priority, const char* format, ...);
 #ifdef DEBUG_TRACE
 void dropbear_trace(const char* format, ...);
 void printhex(unsigned char* buf, int len);
+extern int debug_trace;
 #endif
 char * stripcontrol(const char * text);
 unsigned char * getaddrstring(struct sockaddr_storage* addr, int withport);
@@ -60,6 +61,7 @@ void * m_realloc(void* ptr, size_t size);
 #define m_free(X) __m_free(X); (X) = NULL;
 void __m_free(void* ptr);
 void m_burn(void* data, unsigned int len);
+void setnonblocking(int fd);
 
 /* Used to force mp_ints to be initialised */
 #define DEF_MP_INT(X) mp_int X = {0, 0, 0, NULL}

debian/changelog

@@ -1,3 +1,9 @@
+dropbear (0.44test3-1) unstable; urgency=medium
+
+  * New upstream beta, various useful fixes.
+
+ -- Matt Johnston <matt@ucc.asn.au>  Fri, 27 August 2004 22:20:00 +0800
+
 dropbear (0.44test2-1) unstable; urgency=low
 
   * New upstream beta, various minor fixes.

debian/compat

@@ -1 +0,0 @@
-4

debian/dirs

@@ -1,2 +0,0 @@
-usr/bin
-usr/sbin

debian/docs

@@ -1,2 +0,0 @@
-README
-TODO

debian/postinst

@@ -1,90 +0,0 @@
-#! /bin/sh
-# postinst script for #PACKAGE#
-#
-# see: dh_installdeb(1)
-
-set -e
-
-# summary of how this script can be called:
-#        * <postinst> `configure' <most-recently-configured-version>
-#        * <old-postinst> `abort-upgrade' <new version>
-#        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
-#          <new-version>
-#        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
-#          <failed-install-package> <version> `removing'
-#          <conflicting-package> <version>
-# for details, see http://www.debian.org/doc/debian-policy/ or
-# the debian-policy package
-#
-# quoting from the policy:
-#     Any necessary prompting should almost always be confined to the
-#     post-installation script, and should be protected with a conditional
-#     so that unnecessary prompting doesn't happen if a package's
-#     installation fails and the `postinst' is called with `abort-upgrade',
-#     `abort-remove' or `abort-deconfigure'.
-
-case "$1" in
-    configure)
-        if [ ! -e /etc/dropbear/dropbear_rsa_host_key ]; then
-            if [ -f /etc/ssh/ssh_host_rsa_key ]; then
-                echo "Converting existing OpenSSH RSA host key to Dropbear format."
-                /usr/bin/dropbearconvert openssh dropbear /etc/ssh/ssh_host_rsa_key /etc/dropbear/dropbear_rsa_host_key
-            else
-                echo "Generating Dropbear RSA key. Please wait."
-                /usr/bin/dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key
-            fi
-        fi
-        if [ ! -e /etc/dropbear/dropbear_dss_host_key ]; then
-            if [ -f /etc/ssh/ssh_host_dsa_key ]; then
-                echo "Converting existing OpenSSH RSA host key to Dropbear format."
-                /usr/bin/dropbearconvert openssh dropbear /etc/ssh/ssh_host_dsa_key /etc/dropbear/dropbear_dss_host_key
-            else
-                echo "Generating Dropbear DSS key. Please wait."
-                /usr/bin/dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key
-            fi
-        fi
-        if [ ! -s /etc/default/dropbear ]; then 
-            # check whether OpenSSH seems to be installed.
-            if dpkg -l ssh >/dev/null 2>&1; then 
-                echo "OpenSSH appears to be installed. Setting /etc/default/dropbear"
-                echo "so that Dropbear will not start by default. Edit this file to change"
-                echo "this behaviour."
-                echo "# disabled because OpenSSH is installed, change to NO_START=0 to enable Dropbear" > /etc/default/dropbear
-                echo "NO_START=1" >> /etc/default/dropbear
-            fi
-            echo "# the TCP port that Dropbear listens on" >> /etc/default/dropbear
-            echo "DROPBEAR_PORT=22" >> /etc/default/dropbear
-            echo "# any additional arguments for Dropbear" >> /etc/default/dropbear
-            echo "DROPBEAR_EXTRA_ARGS=" >> /etc/default/dropbear
-			echo "# specify an optional banner file containing a message to be" >> /etc/default/dropbear
-			echo "# sent to clients before they connect, such as \"/etc/issue.net\"" >> /etc/default/dropbear
-			echo "DROPBEAR_BANNER=\"\"" >> /etc/default/dropbear
-			echo "# RSA hostkey file (default: /etc/dropbear/dropbear_rsa_host_key" >> /etc/default/dropbear
-			echo "#DROPBEAR_RSAKEY=\"/etc/dropbear/dropbear_rsa_host_key\"" >> /etc/default/dropbear
-			echo "# DSS hostkey file (default: /etc/dropbear/dropbear_dss_host_key" >> /etc/default/dropbear
-			echo "#DROPBEAR_DSSKEY=\"/etc/dropbear/dropbear_dss_host_key\"" >> /etc/default/dropbear
-        fi
-        if [ -e /etc/init.d/dropbear ]; then
-            update-rc.d dropbear defaults >/dev/null
-            /etc/init.d/dropbear restart
-        fi
-    ;;
-
-    abort-upgrade|abort-remove|abort-deconfigure)
-
-    ;;
-
-    *)
-        echo "postinst called with unknown argument \`$1'" >&2
-        exit 1
-    ;;
-esac
-
-# dh_installdeb will replace this with shell code automatically
-# generated by other debhelper scripts.
-
-
-
-exit 0
-
-

debian/postrm

@@ -1,45 +0,0 @@
-#! /bin/sh
-# postrm script for #PACKAGE#
-#
-# see: dh_installdeb(1)
-
-set -e
-
-# summary of how this script can be called:
-#        * <postrm> `remove'
-#        * <postrm> `purge'
-#        * <old-postrm> `upgrade' <new-version>
-#        * <new-postrm> `failed-upgrade' <old-version>
-#        * <new-postrm> `abort-install'
-#        * <new-postrm> `abort-install' <old-version>
-#        * <new-postrm> `abort-upgrade' <old-version>
-#        * <disappearer's-postrm> `disappear' <r>overwrit>r> <new-version>
-# for details, see http://www.debian.org/doc/debian-policy/ or
-# the debian-policy package
-
-
-case "$1" in
-       purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
-        if [ "$1" = "purge" ]
-        then
-            if [ -e /etc/dropbear ]; then
-                rm -f /etc/dropbear/dropbear_rsa_host_key
-                rm -f /etc/dropbear/dropbear_dss_host_key
-                rmdir --ignore-fail-on-non-empty /etc/dropbear
-			fi
-            update-rc.d dropbear remove >/dev/null
-        fi
-        ;;
-
-    *)
-        echo "postrm called with unknown argument \`$1'" >&2
-        exit 1
-
-esac
-
-# dh_installdeb will replace this with shell code automatically
-# generated by other debhelper scripts.
-
-#DEBHELPER#
-
-exit 0

debug.h

@@ -33,9 +33,12 @@
  * etc. Don't use this normally, it might cause problems */
 /* #define DEBUG_VALGRIND */
 
-/* Define this to print trace statements - very verbose */
-/* Caution: Don't use this in an unfriendly environment (ie unfirewalled),
- * since the printing does not sanitise strings etc */
+/* Define this to compile in trace debugging printf()s. 
+ * You'll need to run programs with "-v" to turn this on.
+ *
+ * Caution: Don't use this in an unfriendly environment (ie unfirewalled),
+ * since the printing may not sanitise strings etc. This will add a reasonable
+ * amount to your executable size. */
 /* #define DEBUG_TRACE */
 
 /* All functions writing to the cleartext payload buffer call
@@ -47,6 +50,7 @@
 /* Define this, compile with -pg and set GMON_OUT_PREFIX=gmon to get gmon
  * output when Dropbear forks. This will allow it gprof to be used.
  * It's useful to run dropbear -F, so you don't fork as much */
+/* (This is Linux specific) */
 /*#define DEBUG_FORKGPROF*/
 
 /* A couple of flags, not usually useful, and mightn't do anything */

dropbearconvert.c

@@ -62,6 +62,11 @@ int main(int argc, char ** argv) {
 	const char* infile;
 	const char* outfile;
 
+#ifdef DEBUG_TRACE
+	/* It's hard for it to get in the way _too_ much */
+	debug_trace = 1;
+#endif
+
 	/* get the commandline options */
 	if (argc != 5) {
 		fprintf(stderr, "All arguments must be specified\n");

dropbearkey.c

@@ -75,8 +75,11 @@ static void printhelp(char * progname) {
 #endif
 					"-f filename	Use filename for the secret key\n"
 					"-s bits	Key size in bits, should be a multiple of 8 (optional)\n"
-					"-y		Just print the publickey and fingerprint for the\n		private key in <filename>.\n",
-					progname);
+					"-y		Just print the publickey and fingerprint for the\n		private key in <filename>.\n"
+#ifdef DEBUG_TRACE
+					"-v		verbose\n"
+#endif
+					,progname);
 }
 
 #if defined(DBMULTI_dropbearkey) || !defined(DROPBEAR_MULTI)
@@ -127,6 +130,11 @@ int main(int argc, char ** argv) {
 					printhelp(argv[0]);
 					exit(EXIT_SUCCESS);
 					break;
+#ifdef DEBUG_TRACE
+				case 'v':
+					debug_trace = 1;
+					break;
+#endif
 				default:
 					fprintf(stderr, "Unknown argument %s\n", argv[i]);
 					printhelp(argv[0]);

gendss.c

@@ -33,6 +33,8 @@
 
 #define QSIZE 20 /* 160 bit */
 
+/* This is just a test */
+
 #ifdef DROPBEAR_DSS
 
 static void getq(dss_key *key);
@@ -150,7 +152,6 @@ static void getp(dss_key *key, unsigned int size) {
 
 static void getg(dss_key * key) {
 
-	char printbuf[1000];
 	DEF_MP_INT(div);
 	DEF_MP_INT(h);
 	DEF_MP_INT(val);
@@ -183,8 +184,6 @@ static void getg(dss_key * key) {
 	
 	} while (mp_cmp_d(key->g, 1) != MP_GT);
 
-	mp_toradix(key->g, printbuf, 10);
-
 	mp_clear_multi(&div, &h, &val, NULL);
 }
 

includes.h

@@ -128,4 +128,14 @@ typedef u_int16_t uint16_t;
 #define LOG_AUTHPRIV LOG_AUTH
 #endif
 
+/* so we can avoid warnings about unused params (ie in signal handlers etc) */
+#ifdef UNUSED 
+#elif defined(__GNUC__) 
+# define UNUSED(x) UNUSED_ ## x __attribute__((unused)) 
+#elif defined(__LCLINT__) 
+# define UNUSED(x) /*@unused@*/ x 
+#else 
+# define UNUSED(x) x 
+#endif
+
 #endif /* _INCLUDES_H_ */

options.h

@@ -11,7 +11,7 @@
  ******************************************************************/
 
 #ifndef DROPBEAR_PORT
-#define DROPBEAR_PORT 22
+#define DROPBEAR_DEFPORT "22"
 #endif
 
 /* Default hostkey paths - these can be specified on the command line */
@@ -173,7 +173,7 @@ etc) slower (perhaps by 50%). Recommended for most small systems. */
  *******************************************************************/
 
 #ifndef DROPBEAR_VERSION
-#define DROPBEAR_VERSION "0.44test2"
+#define DROPBEAR_VERSION "0.44test3"
 #endif
 
 #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION

runopts.h

@@ -52,7 +52,7 @@ typedef struct svr_runopts {
 	int usingsyslog;
 
 	/* ports is an array of the portcount listening ports */
-	uint16_t *ports;
+	char *ports[DROPBEAR_MAX_PORTS];
 	unsigned int portcount;
 
 	int inetdmode;
@@ -81,6 +81,7 @@ typedef struct svr_runopts {
 extern svr_runopts svr_opts;
 
 void svr_getopts(int argc, char ** argv);
+void loadhostkeys();
 
 /* Uncompleted XXX matt */
 typedef struct cli_runopts {

scp.c

@@ -178,8 +178,10 @@ do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout, int argc)
 		close(pout[1]);
 
 		args.list[0] = ssh_program;
-		if (remuser != NULL)
-			addargs(&args, "-l%s", remuser);
+		if (remuser != NULL) {
+			addargs(&args, "-l");
+			addargs(&args, "%s", remuser);
+		}
 		addargs(&args, "%s", host);
 		addargs(&args, "%s", cmd);
 

session.h

@@ -43,7 +43,6 @@ extern int exitflag;
 void common_session_init(int sock, char* remotehost);
 void session_loop(void(*loophandler)());
 void common_session_cleanup();
-void checktimeouts();
 void session_identification();
 
 
@@ -54,8 +53,6 @@ void svr_dropbear_log(int priority, const char* format, va_list param);
 
 /* Client */
 void cli_session(int sock, char *remotehost);
-void cli_dropbear_exit(int exitcode, const char* format, va_list param);
-void cli_dropbear_log(int priority, const char* format, va_list param);
 void cli_session_cleanup();
 void cleantext(unsigned char* dirtytext);
 
@@ -212,12 +209,16 @@ struct clientsession {
 
 	int tty_raw_mode; /* Whether we're in raw mode (and have to clean up) */
 	struct termios saved_tio;
+	int stdincopy;
+	int stdinflags;
 
 	int winchange; /* Set to 1 when a windowchange signal happens */
 
 	int lastauthtype; /* either AUTH_TYPE_PUBKEY or AUTH_TYPE_PASSWORD,
 						 for the last type of auth we tried */
 	struct PubkeyList *lastpubkey;
+
+	int retval; /* What the command exit status was - we emulate it */
 #if 0
 	TODO
 	struct AgentkeyList *agentkeys; /* Keys to use for public-key auth */

signkey.c

@@ -153,6 +153,7 @@ int buf_get_priv_key(buffer *buf, sign_key *key, int *type) {
 	m_free(ident);
 
 	if (*type != DROPBEAR_SIGNKEY_ANY && *type != keytype) {
+		TRACE(("wrong key type: %d %d", *type, keytype));
 		return DROPBEAR_FAILURE;
 	}
 

svr-agentfwd.c

@@ -73,9 +73,7 @@ int agentreq(struct ChanSess * chansess) {
 	}
 
 	/* set non-blocking */
-	if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) {
-		goto fail;
-	}
+	setnonblocking(fd);
 
 	/* pass if off to listener */
 	chansess->agentlistener = new_listener( &fd, 1, 0, chansess, 
@@ -97,7 +95,7 @@ fail:
 /* accepts a connection on the forwarded socket and opens a new channel for it
  * back to the client */
 /* returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */
-static void agentaccept(struct Listener * listener, int sock) {
+static void agentaccept(struct Listener *UNUSED(listener), int sock) {
 
 	int fd;
 

svr-auth.c

@@ -340,6 +340,8 @@ void send_msg_userauth_success() {
 	encrypt_packet();
 
 	ses.authstate.authdone = 1;
+	ses.connecttimeout = 0;
+
 
 	if (ses.authstate.pw->pw_uid == 0) {
 		ses.allowprivport = 1;

svr-chansession.c

@@ -55,6 +55,10 @@ static int newchansess(struct Channel *channel);
 static void chansessionrequest(struct Channel *channel);
 
 static void send_exitsignalstatus(struct Channel *channel);
+static void send_msg_chansess_exitstatus(struct Channel * channel,
+		struct ChanSess * chansess);
+static void send_msg_chansess_exitsignal(struct Channel * channel,
+		struct ChanSess * chansess);
 static int sesscheckclose(struct Channel *channel);
 static void get_termmodes(struct ChanSess *chansess);
 
@@ -68,7 +72,7 @@ static int sesscheckclose(struct Channel *channel) {
 }
 
 /* handler for childs exiting, store the state for return to the client */
-static void sesssigchild_handler(int dummy) {
+static void sesssigchild_handler(int UNUSED(dummy)) {
 
 	int status;
 	pid_t pid;
@@ -78,7 +82,6 @@ static void sesssigchild_handler(int dummy) {
 
 	TRACE(("enter sigchld handler"));
 	while ((pid = waitpid(-1, &status, WNOHANG)) > 0) {
-
 		/* find the corresponding chansess */
 		for (i = 0; i < svr_ses.childpidsize; i++) {
 			if (svr_ses.childpids[i].pid == pid) {
@@ -499,7 +502,9 @@ static int sessionpty(struct ChanSess * chansess) {
 	}
 
 	/* allocate the pty */
-	assert(chansess->master == -1); /* haven't already got one */
+	if (chansess->master != -1) {
+		dropbear_exit("multiple pty requests");
+	}
 	if (pty_allocate(&chansess->master, &chansess->slave, namebuf, 64) == 0) {
 		TRACE(("leave sessionpty: failed to allocate pty"));
 		return DROPBEAR_FAILURE;
@@ -630,7 +635,10 @@ static int noptycommand(struct Channel *channel, struct ChanSess *chansess) {
 		TRACE(("continue noptycommand: parent"));
 		chansess->pid = pid;
 
-		/* add a child pid */
+		/* add a child pid - Beware: there's a race between this, and the
+		 * exec() called from the child. If the child finishes before we've
+		 * done this (ie if it was a shell builtin and fast), we won't return a
+		 * proper return code. For now, we ignore this case. */
 		addchildpid(chansess, pid);
 
 		close(infds[FDIN]);
@@ -643,11 +651,10 @@ static int noptycommand(struct Channel *channel, struct ChanSess *chansess) {
 		ses.maxfd = MAX(ses.maxfd, channel->outfd);
 		ses.maxfd = MAX(ses.maxfd, channel->errfd);
 
-		if ((fcntl(channel->outfd, F_SETFL, O_NONBLOCK) < 0) ||
-			(fcntl(channel->infd, F_SETFL, O_NONBLOCK) < 0) ||
-			(fcntl(channel->errfd, F_SETFL, O_NONBLOCK) < 0)) {
-			dropbear_exit("Couldn't set nonblocking");
-		}
+		setnonblocking(channel->outfd);
+		setnonblocking(channel->infd);
+		setnonblocking(channel->errfd);
+
 	}
 #undef FDIN
 #undef FDOUT
@@ -753,9 +760,7 @@ static int ptycommand(struct Channel *channel, struct ChanSess *chansess) {
 		/* don't need to set stderr here */
 		ses.maxfd = MAX(ses.maxfd, chansess->master);
 
-		if (fcntl(chansess->master, F_SETFL, O_NONBLOCK) < 0) {
-			dropbear_exit("Couldn't set nonblocking");
-		}
+		setnonblocking(chansess->master);
 
 	}
 

svr-main.c

@@ -123,7 +123,6 @@ void main_noinetd() {
 	pid_t childpid;
 	int childpipe[2];
 
-	struct sigaction sa_chld;
 	/* fork */
 	if (svr_opts.forkbg) {
 		int closefds = 0;
@@ -139,6 +138,10 @@ void main_noinetd() {
 
 	commonsetup();
 
+	/* Now we can setup the hostkeys - needs to be after logging is on,
+	 * otherwise we might end up blatting error messages to the socket */
+	loadhostkeys();
+
 	/* should be done after syslog is working */
 	if (svr_opts.forkbg) {
 		dropbear_log(LOG_INFO, "Running in background");
@@ -299,7 +302,7 @@ void main_noinetd() {
 
 
 /* catch + reap zombie children */
-static void sigchld_handler(int fish) {
+static void sigchld_handler(int UNUSED(unused)) {
 	struct sigaction sa_chld;
 
 	while(waitpid(-1, NULL, WNOHANG) > 0); 
@@ -312,14 +315,14 @@ static void sigchld_handler(int fish) {
 }
 
 /* catch any segvs */
-static void sigsegv_handler(int fish) {
+static void sigsegv_handler(int UNUSED(unused)) {
 	fprintf(stderr, "Aiee, segfault! You should probably report "
 			"this as a bug to the developer\n");
 	exit(EXIT_FAILURE);
 }
 
 /* catch ctrl-c or sigterm */
-static void sigintterm_handler(int fish) {
+static void sigintterm_handler(int UNUSED(unused)) {
 
 	exitflag = 1;
 }
@@ -358,21 +361,23 @@ static void commonsetup() {
 static int listensockets(int *sock, int sockcount, int *maxfd) {
 	
 	unsigned int i;
-	char portstring[NI_MAXSERV];
 	char* errstring = NULL;
 	unsigned int sockpos = 0;
 	int nsock;
 
+	TRACE(("listensockets: %d to try\n", svr_opts.portcount));
+
 	for (i = 0; i < svr_opts.portcount; i++) {
 
-		snprintf(portstring, sizeof(portstring), "%d", svr_opts.ports[i]);
-		nsock = dropbear_listen(NULL, portstring, &sock[sockpos], 
+		TRACE(("listening on '%s'", svr_opts.ports[i]));
+
+		nsock = dropbear_listen(NULL, svr_opts.ports[i], &sock[sockpos], 
 				sockcount - sockpos,
 				&errstring, maxfd);
 
 		if (nsock < 0) {
-			dropbear_log(LOG_WARNING, "Failed listening on port %s: %s", 
-							portstring, errstring);
+			dropbear_log(LOG_WARNING, "Failed listening on '%s': %s", 
+							svr_opts.ports[i], errstring);
 			m_free(errstring);
 			continue;
 		}

svr-runopts.c

@@ -31,8 +31,6 @@
 
 svr_runopts svr_opts; /* GLOBAL */
 
-static sign_key * loadhostkeys(const char * dsskeyfile,
-		const char * rsakeyfile);
 static void printhelp(const char * progname);
 
 static void printhelp(const char * progname) {
@@ -72,9 +70,12 @@ static void printhelp(const char * progname) {
 					"-k		Disable remote port forwarding\n"
 #endif
 					"-p port	Listen on specified tcp port, up to %d can be specified\n"
-					"		(default %d if none specified)\n"
+					"		(default %s if none specified)\n"
 #ifdef INETD_MODE
 					"-i		Start for inetd\n"
+#endif
+#ifdef DEBUG_TRACE
+					"-v		verbose\n"
 #endif
 					,DROPBEAR_VERSION, progname,
 #ifdef DROPBEAR_DSS
@@ -83,16 +84,13 @@ static void printhelp(const char * progname) {
 #ifdef DROPBEAR_RSA
 					RSA_PRIV_FILENAME,
 #endif
-					DROPBEAR_MAX_PORTS, DROPBEAR_PORT);
+					DROPBEAR_MAX_PORTS, DROPBEAR_DEFPORT);
 }
 
 void svr_getopts(int argc, char ** argv) {
 
 	unsigned int i;
 	char ** next = 0;
-	unsigned int portnum = 0;
-	char *portstring[DROPBEAR_MAX_PORTS];
-	unsigned int longport;
 
 	/* see printhelp() for options */
 	svr_opts.rsakeyfile = NULL;
@@ -104,6 +102,8 @@ void svr_getopts(int argc, char ** argv) {
 	svr_opts.noauthpass = 0;
 	svr_opts.norootpass = 0;
 	svr_opts.inetdmode = 0;
+	svr_opts.portcount = 0;
+	svr_opts.hostkey = NULL;
 	opts.nolocaltcp = 0;
 	opts.noremotetcp = 0;
 	/* not yet
@@ -166,10 +166,12 @@ void svr_getopts(int argc, char ** argv) {
 					break;
 #endif
 				case 'p':
-					if (portnum < DROPBEAR_MAX_PORTS) {
-						portstring[portnum] = NULL;
-						next = &portstring[portnum];
-						portnum++;
+					if (svr_opts.portcount < DROPBEAR_MAX_PORTS) {
+						svr_opts.ports[svr_opts.portcount] = NULL;
+						next = &svr_opts.ports[svr_opts.portcount];
+						/* Note: if it doesn't actually get set, we'll
+						 * decrement it after the loop */
+						svr_opts.portcount++;
 					}
 					break;
 #ifdef DO_MOTD
@@ -193,14 +195,11 @@ void svr_getopts(int argc, char ** argv) {
 					printhelp(argv[0]);
 					exit(EXIT_FAILURE);
 					break;
-					/*
-				case '4':
-					svr_opts.ipv4 = 0;
+#ifdef DEBUG_TRACE
+				case 'v':
+					debug_trace = 1;
 					break;
-				case '6':
-					svr_opts.ipv6 = 0;
-					break;
-					*/
+#endif
 				default:
 					fprintf(stderr, "Unknown argument %s\n", argv[i]);
 					printhelp(argv[0]);
@@ -210,13 +209,24 @@ void svr_getopts(int argc, char ** argv) {
 		}
 	}
 
+	/* Set up listening ports */
+	if (svr_opts.portcount == 0) {
+		svr_opts.ports[0] = m_strdup(DROPBEAR_DEFPORT);
+		svr_opts.portcount = 1;
+	} else {
+		/* we may have been given a -p option but no argument to go with
+		 * it */
+		if (svr_opts.ports[svr_opts.portcount-1] == NULL) {
+			svr_opts.portcount--;
+		}
+	}
+
 	if (svr_opts.dsskeyfile == NULL) {
 		svr_opts.dsskeyfile = DSS_PRIV_FILENAME;
 	}
 	if (svr_opts.rsakeyfile == NULL) {
 		svr_opts.rsakeyfile = RSA_PRIV_FILENAME;
 	}
-	svr_opts.hostkey = loadhostkeys(svr_opts.dsskeyfile, svr_opts.rsakeyfile);
 
 	if (svr_opts.bannerfile) {
 		struct stat buf;
@@ -238,35 +248,6 @@ void svr_getopts(int argc, char ** argv) {
 		buf_setpos(svr_opts.banner, 0);
 	}
 
-	/* not yet
-	if (!(svr_opts.ipv4 || svr_opts.ipv6)) {
-		fprintf(stderr, "You can't disable ipv4 and ipv6.\n");
-		exit(1);
-	}
-	*/
-
-	/* create the array of listening ports */
-	if (portnum == 0) {
-		/* non specified */
-		svr_opts.portcount = 1;
-		svr_opts.ports = m_malloc(sizeof(uint16_t));
-		svr_opts.ports[0] = DROPBEAR_PORT;
-	} else {
-		svr_opts.portcount = portnum;
-		svr_opts.ports = (uint16_t*)m_malloc(sizeof(uint16_t)*portnum);
-		for (i = 0; i < portnum; i++) {
-			if (portstring[i]) {
-				longport = atoi(portstring[i]);
-					if (longport <= 65535 && longport > 0) {
-						svr_opts.ports[i] = (uint16_t)longport;
-						continue;
-					}
-			}
-			fprintf(stderr, "Bad port '%s'\n",
-					portstring[i] ? portstring[i] : "null");
-		}
-	}
-
 }
 
 static void disablekey(int type, const char* filename) {
@@ -279,47 +260,45 @@ static void disablekey(int type, const char* filename) {
 			break;
 		}
 	}
-	fprintf(stderr, "Failed reading '%s', disabling %s\n", filename,
+	dropbear_log(LOG_WARNING, "Failed reading '%s', disabling %s", filename,
 			type == DROPBEAR_SIGNKEY_DSS ? "DSS" : "RSA");
 }
 
-static sign_key * loadhostkeys(const char * dsskeyfile, 
-		const char * rsakeyfile) {
+/* Must be called after syslog/etc is working */
+void loadhostkeys() {
 
-	sign_key * hostkey;
 	int ret;
 	int type;
 
 	TRACE(("enter loadhostkeys"));
 
-	hostkey = new_sign_key();
+	svr_opts.hostkey = new_sign_key();
 
 #ifdef DROPBEAR_RSA
 	type = DROPBEAR_SIGNKEY_RSA;
-	ret = readhostkey(rsakeyfile, hostkey, &type);
+	ret = readhostkey(svr_opts.rsakeyfile, svr_opts.hostkey, &type);
 	if (ret == DROPBEAR_FAILURE) {
-		disablekey(DROPBEAR_SIGNKEY_RSA, rsakeyfile);
+		disablekey(DROPBEAR_SIGNKEY_RSA, svr_opts.rsakeyfile);
 	}
 #endif
 #ifdef DROPBEAR_DSS
-	type = DROPBEAR_SIGNKEY_RSA;
-	ret = readhostkey(dsskeyfile, hostkey, &type);
+	type = DROPBEAR_SIGNKEY_DSS;
+	ret = readhostkey(svr_opts.dsskeyfile, svr_opts.hostkey, &type);
 	if (ret == DROPBEAR_FAILURE) {
-		disablekey(DROPBEAR_SIGNKEY_DSS, dsskeyfile);
+		disablekey(DROPBEAR_SIGNKEY_DSS, svr_opts.dsskeyfile);
 	}
 #endif
 
 	if ( 1
 #ifdef DROPBEAR_DSS
-		&& hostkey->dsskey == NULL
+		&& svr_opts.hostkey->dsskey == NULL
 #endif
 #ifdef DROPBEAR_RSA
-		&& hostkey->rsakey == NULL
+		&& svr_opts.hostkey->rsakey == NULL
 #endif
 		) {
 		dropbear_exit("No hostkeys available");
 	}
 
 	TRACE(("leave loadhostkeys"));
-	return hostkey;
 }

svr-session.c

@@ -168,7 +168,7 @@ void svr_dropbear_log(int priority, const char* format, va_list param) {
 	/* if we are using DEBUG_TRACE, we want to print to stderr even if
 	 * syslog is used, so it is included in error reports */
 #ifdef DEBUG_TRACE
-	havetrace = 1;
+	havetrace = debug_trace;
 #endif
 
 	if (!svr_opts.usingsyslog || havetrace)

svr-x11fwd.c

@@ -75,9 +75,7 @@ int x11req(struct ChanSess * chansess) {
 	}
 
 	/* set non-blocking */
-	if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) {
-		goto fail;
-	}
+	setnonblocking(fd);
 
 	/* listener code will handle the socket now.
 	 * No cleanup handler needed, since listener_remove only happens
@@ -171,8 +169,12 @@ void x11cleanup(struct ChanSess *chansess) {
 
 	m_free(chansess->x11authprot);
 	m_free(chansess->x11authcookie);
-	remove_listener(chansess->x11listener);
-	chansess->x11listener = NULL;
+
+	TRACE(("chansess %s", chansess));
+	if (chansess->x11listener != NULL) {
+		remove_listener(chansess->x11listener);
+		chansess->x11listener = NULL;
+	}
 }
 
 static const struct ChanType chan_x11 = {

tcpfwd.h

@@ -47,7 +47,7 @@ struct TCPListener {
 /* A link in a list of forwards */
 struct TCPFwdList {
 
-	char* connectaddr;
+	const unsigned char* connectaddr;
 	unsigned int connectport;
 	unsigned int listenport;
 	struct TCPFwdList * next;
@@ -60,6 +60,7 @@ extern const struct ChanType svr_chan_tcpdirect;
 
 /* Client */
 void setup_localtcp();
+void setup_remotetcp();
 extern const struct ChanType cli_chan_tcpremote;
 
 /* Common */