update for 2016.73

use m_burn for libtomcrypt zeromem() too

.hgsigs

@@ -18,3 +18,5 @@ a687f835236c7025b5cb2968fe9c4ebc4a49f0ea 0 iQIcBAABCgAGBQJVxg62AAoJEPSYMBLCC7qsC
 ef4b26364b0cdda1084751d7de3d76c589e2d9cb 0 iQIcBAABCgAGBQJVxg7BAAoJEESTFJTynGdz9Q4P/A0Kq4H52rQqxq42PoEMFbVQIUfkFzyWjAz8eEGLmP5x5/sdpyxZDEyBSUG55uyNvOPTHE+Sd3t2h2Iieq749qwYgqggXC0P+C0zGzW3hB5Rv6dTUrKN1yCyaWE2tY488RsyVlcAs4vrp1Cum5Gv8/BUVKjzZmkZ1iq/3RyrvbLEiLoMrcLnQ+sUdaYHvfEwxDbzpOEvepg8iDJBitTrfG9xHp9otX6ucahwn1EumFvC5mvUxbiQ9jv76t4FJztjMoB24hPCH9T1FjB8uNsoM+j2Z67r81eJrGgNpJzjX0S3lY/AADZGhfGnfybTM9gFuQayIJuCJqduQibVwYkAAnPi17NmbdwPu0Rdz55oU+ft09XLVm/qkQcD1EP5bxYWnLIEMkkZQnFx7WdMpjKK9oGxZHeFYAKEgPgePCkk4TQ4PxNa+3854H19AUssQlaueGcbDLyPIRiSyqhleXawGfaJi+1jBt0DM7CNbAHAUWUE07VhQzNGWjabdEk4eXKTmDL+mZJFdHGBhyCve8sPmZBYJvM2PRgcXe8fwFh+R7gVj6kFbZJvgM9kG7EeF+4ZMEXG4yKpV/SKfMMeEPBCZjFxZhlJJ0fsZbB1Y/iLw8LXnJ0fa/5xFYv6k+iytfom/rqS4iUD7NWTjcEYHjd4EO4QlPD2Ef/AWOO8YBUBv8kA
 af074dbcb68ff8670b3818e0d66d5dc6f1bd5877 0 iQIcBAABCgAGBQJWVdQfAAoJEPSYMBLCC7qs+n4P/RgZU3GsLFJN7v7Cn6NOdKdfjJBmlbCtK9KwlZZaj8fW4noqnLDcDd6a2xT4mDV3rCE6+QYialGXjNkkNCBwD9Z+gFc8spOtThrpQ54dgWzbgDlYB1y7Hp7DoWoJQIlU6Od9nWBemcSrAviOFNAX8+S6poRdEhrHgMcv2xJoqHjvT7X8gob0RnJcYxW5nLWzDaJV58QnX6QlXg4ClSB6IoCeEawdW6WzXlZ9MGsRycTtx1ool7Uo6Vo2xg48n9TaJqM/lbSsMAjHxO/fdTJMWzTId1fuZxJGFVeJbkhjSwlf7fkVXxrgDxjvIAmFDR8TSTfJo50CD82j5rPcd7KSEpQ12ImBUsntPDgOtt/mJZ3HcFds86OZ7NkPpqoJGVFFQ8yUpe//DNSB2Ovg1FrwhSKOq/9N61BBwk1INVFDp1hMq45PIa9gI9zW/99inGDeSSQlxa4iafEUEjXZTRYuX7mFjnWm5q7r134J7kyWQtN/jNUZ71F0mvhnemufgpNY/I/D7K6qkONpbDZ2nuzkhfoqugzhHYp467UePM0qmLTLdXGPPMukoGorpWeiSb2T25AEKm7N4A9NwPmdAnoFjAibjF9FAuU03sl+pu9MqFb+1ldsqjNfxhcJmoAUR5vy3pED9ailCb/OCBVTHkDPfTEhGU3waO9tPM+5x2rGB5fe
 5bb5976e6902a0c9fba974a880c68c9487ee1e77 0 iQIcBAABCgAGBQJWVyIKAAoJEESTFJTynGdzQosP/0k5bVTerpUKZLjyNuMU8o0eyc7njkX8EyMOyGbtcArKpzO2opSBTRsuCT9Zsk1iiQ1GMTY1quKD7aNr86Hipqo4th/+ZXmLe9mmaCDukKjD0ZYC4dBVUy6RSUAMvdkDP9sZs7CMTO/22a9SqOsKTv3s2NN6XnsBGnmNbvVx5hkAk5hMVNFrjKIaexzI/7bWQIDRo2HQCaWaL06JvWEDSEQd2mynGSXxT/+m4hBnuGg6qxn2pd4XfG0g10tDAFx64HQkWgZqSB+F8z71Cvfjondy1zjJYgtABqNlwCKQJZhRUW2+PblqQnz08TUy83XN2vtisOju4avGcHSaBgBbMvg8Wx4ZtM7sPP9pLrhhOTd5ceERHeTceTJy+iI1SQFvccjrRfs5aJ0zAQX5q6f4bV0zp5SmxkvnZUEkZIoetkM8VrPOYugqx31LtHAWfVT9NM+VkV/rrxLhk6J0giIQvC9MPWxRDileFVDszPiOgTLcxWjOziOLT+xijcj7dtx1b/f2bNCduN5G7i+icjjTlCNtyRPRqhBqn705W7F+xESP2gsscM/1BjQ7TGidU5m1njdkUjbrqm3+Qic6iqkG7SfETHmQB9mHqpJ0hACRPvZlhwB7oimNHllkrlw8UJw9f0SiuLjfERIgVS2EOp+mAia0RU7MlTt19o017M1ffEYL
+926e7275cef4f4f2a4251597ee4814748394824c 0 iQIcBAABCgAGBQJWYES4AAoJEESTFJTynGdzdT0P/0O/1frevtr698DwMe6kmJx35P6Bqq8szntMxYucv0HROTfr85JRcCCSvl/2SflDS215QmOxdvYLGLUWPJNz/gURCLpzsT88KLF68Y1tC72nl4Fj+LGIOlsWsvwEqQqw0v4iQkHIfcxI6q7g1r9Hfldf/ju4bzQ4HnKLxm6KNcLLoAsuehVpQ+njHpLmlLAGHU5a84B7xeXHFR+U/EBPxSdm637rNhmpLpkuK2Mym/Mzv7BThKDstpB8lhFHIwAVNqi3Cy4nGYxFZOJpooUN9pDornqAwuzHmOAMs9+49L8GZ1de5PBRGyFKibzjBIUWPEU9EIkfJVaVwTlqYK8Q/IRi9HjITPx6GpE8cZhdSvAibrQdb6BbIDrZ8eCvD9vnod6Uk0Jb9/ui6nCF9x+CN/3Qez4epV5+JCMYsqCiXFkVPm9Lab6L2eGZis7Q2TXImA/sSV+E4BGfH2urpkKlnuXTTtDp4XRG+lOISkIBXgjVY+uy8soVKNdx1gv+LeY8hu/oQ2NyOlaOeL47aSQ3who4Pk6pVRUOl6zfcKo9Vs6xDWm35A3Z6x/mrAENaXasB0JrfY5nIbefJUpbeSmi76fYldU98HdQNHPHCSeiKVYl7v/B6gi2JXp5xngLZz/5VVAurago7sRmpIp7G/AqU6LNE85IUzG8aQz8AfR0d1dW
+fd1981f41c626a969f07b4823848deaefef3c8aa 0 iQIcBAABCgAGBQJW4W2TAAoJEESTFJTynGdzuOcP/j6tvB2WRwSj39KoJuRcRebFWWv4ZHiQXYMXWa3X0Ppzz52r9W0cXDjjlp5FyGdovCQsK+IXmjPo5cCvWBrZJYA6usFr9ssnUtTC+45lvPxPYwj47ZGPngCXDt7LD+v08XhqCu4LsctXIP/zejd30KVS1eR2RHI+tnEyaIKC0Xaa0igcv74MZX7Q8/U+B730QMX5adfYAHoeyRhoctRWaxVV3To7Vadd9jNXP45MRY5auhRcK7XyQcS85vJeCRoysfDUas4ERRQWYkX+68GyzO9GrkYFle931Akw2K6ZZfUuiC2TrF5xv1eRP1Zm2GX481U4ZGFTI8IzZL8sVQ6tvzq2Mxsecu589JNui9aB2d8Gp2Su/E2zn0h0ShIRmviGzf2HiBt+Bnji5X2h/fJKWbLaWge0MdOU5Jidfyh9k0YT7xo4piJLJYSaZ3nv+j4jTYnTfL7uYvuWbYkJ1T32aQVCan7Eup3BFAgQjzbWYi1XQVg6fvu8uHPpS3tNNA9EAMeeyTyg1l6zI2EIU5gPfd/dKmdyotY2lZBkFZNJqFkKRZuzjWekcw7hAxS+Bd68GKklt/DGrQiVycAgimqwXrfkzzQagawq2fXL2uXB8ghlsyxKLSQPnAtBF2Jcn5FH2z7HOQ+e18ZrFfNy0cYa/4OdH6K5aK1igTzhZZP2Urn0

.hgtags

@@ -50,3 +50,5 @@ cbd674d63cd4f3781464a8d4056a5506c8ae926f DROPBEAR_2015.67
 809feaa9408f036734129c77f2b3c7e779d4f099 DROPBEAR_2015.68
 1637dbd262124d113e52967df46afd6c715e4fad DROPBEAR_2015.69
 79a6ef02307d05cb9dda10465cb5b807baa8f62e DROPBEAR_2015.70
+9a944a243f08be6b22d32f166a0690eb4872462b DROPBEAR_2015.71
+78b12b6549be08b0bea3da329b2578060a76ca31 DROPBEAR_2016.72

.travis.yml

@@ -1,23 +1,51 @@
 language: c
+
+os:
+  - linux
+  - osx
+
+env:
+  matrix:
+    - BUNDLEDLIBTOM=--disable-bundled-libtom WEXTRAFLAGS=-Werror
+    - BUNDLEDLIBTOM=--enable-bundled-libtom
+    - MULTI=1
+    - NOWRITEV=1
+
+# TODO: remove this section when libtomcrypt compiles on OSX: https://github.com/libtom/libtomcrypt/issues/82
+matrix:
+  exclude:
+    - os: osx
+      env: BUNDLEDLIBTOM=--disable-bundled-libtom WEXTRAFLAGS=-Werror
+
 compiler:
   - gcc
+  - clang
 
-script: 
-  - autoconf && autoheader && ./configure $BUNDLEDLIBTOM CFLAGS="-O2 -Wall -Wno-pointer-sign $WEXTRAFLAGS" --prefix=$HOME/inst 
-  - test "$NOWRITEV" && sed -i s/HAVE_WRITEV/DONT_HAVE_WRITEV/ config.h || true
-  - make install
+# container-based builds
+sudo: false
+addons:
+  apt:
+    packages:
+    # packages list: https://github.com/travis-ci/apt-package-whitelist/blob/master/ubuntu-precise
+    - zlib1g-dev
+    - libtomcrypt-dev
+    - libtommath-dev
+
+
+before_install:
+  - if [ "$CC" = "clang" ]; then WEXTRAFLAGS="$WEXTRAFLAGS -Wno-error=incompatible-library-redeclaration" ; fi  # workaround
+
+install:
+  - if [ "$TRAVIS_OS_NAME" = "osx" -a "$BUNDLEDLIBTOM" = "--disable-bundled-libtom" ]; then brew update > /dev/null && brew install libtomcrypt libtommath ; fi
+
+script:
+  - autoconf && autoheader && ./configure "$BUNDLEDLIBTOM" CFLAGS="-O2 -Wall -Wno-pointer-sign $WEXTRAFLAGS" --prefix="$HOME/inst"
+  - if [ "$NOWRITEV" = "1" ]; then sed -i -e s/HAVE_WRITEV/DONT_HAVE_WRITEV/ config.h ; fi
+  - make -j3 install
+
+after_success:
   - ~/inst/bin/dropbearkey -t rsa -f testrsa
   - ~/inst/bin/dropbearkey -t dss -f testdss
   - ~/inst/bin/dropbearkey -t ecdsa -f testec256 -s 256
   - ~/inst/bin/dropbearkey -t ecdsa -f testec384 -s 384
   - ~/inst/bin/dropbearkey -t ecdsa -f testec521 -s 521
-
-before_install:
-  - sudo apt-get update -qq
-  - sudo apt-get install -qq libz-dev libtomcrypt-dev libtommath-dev
-
-env: 
-  - BUNDLEDLIBTOM=--disable-bundled-libtom WEXTRAFLAGS=-Werror
-  - BUNDLEDLIBTOM=--enable-bundled-libtom
-  - MULTI=1
-  - NOWRITEV=1

CHANGES

@@ -1,8 +1,44 @@
+2016.73 - 18 March 2016
+
+- Support syslog in dbclient, option -o usesyslog=yes. Patch from Konstantin Tokarev
+
+- Kill a proxycommand when dbclient exits, patch from Konstantin Tokarev
+
+- Option to exit when a TCP forward fails, patch from Konstantin Tokarev
+
+- New "-o" option parsing from Konstantin Tokarev. This allows handling some extra options
+  in the style of OpenSSH, though implementing all OpenSSH options is not planned.
+
+- Fix crash when fallback initshells() is used, reported by Michael Nowak and Mike Tzou
+
+- Allow specifying commands eg "dropbearmulti dbclient ..." instead of symlinks
+
+- Various cleanups for issues found by a lint tool, patch from Francois Perrad
+
+- Fix tab indent consistency, patch from Francois Perrad
+
+- Fix issues found by cppcheck, reported by Mike Tzou
+
+- Use system memset_s() or explicit_bzero() if available to clear memory. Also make
+  libtomcrypt/libtommath routines use that (or Dropbear's own m_burn()).
+
+- Prevent scp failing when the local user doesn't exist. Based on patch from Michael Witten.
+
+- Improved Travis CI test running, thanks to Mike Tzou
+
+- Improve some code that was flagged by Coverity and Fortify Static Code Analyzer
+
+2016.72 - 9 March 2016
+
+- Validate X11 forwarding input. Could allow bypass of authorized_keys command= restrictions,
+  found by github.com/tintinweb. Thanks for Damien Miller for a patch. CVE-2016-3116
+
 2015.71 - 3 December 2015
 
 - Fix "bad buf_incrpos" when data is transferred, broke in 2015.69
 
-- Fix crash on exit when -p address:port is used, broke in 2015.68
+- Fix crash on exit when -p address:port is used, broke in 2015.68, thanks to
+  Frank Stollenwerk for reporting and investigation
 
 - Fix building with only ENABLE_CLI_REMOTETCPFWD given, patch from Konstantin Tokarev
 

Makefile.in

@@ -24,7 +24,7 @@ CFLAGS+=-I$(srcdir)/libtomcrypt/src/headers/
 LIBTOM_LIBS=$(STATIC_LTC) $(STATIC_LTM) 
 endif
 
-COMMONOBJS=dbutil.o buffer.o \
+COMMONOBJS=dbutil.o buffer.o dbhelpers.o \
 		dss.o bignum.o \
 		signkey.o rsa.o dbrandom.o \
 		queue.o \
@@ -44,7 +44,7 @@ CLIOBJS=cli-main.o cli-auth.o cli-authpasswd.o cli-kex.o \
 
 CLISVROBJS=common-session.o packet.o common-algo.o common-kex.o \
 			common-channel.o common-chansession.o termcodes.o loginrec.o \
-			tcp-accept.o listener.o process-packet.o \
+			tcp-accept.o listener.o process-packet.o dh_groups.o \
 			common-runopts.o circbuffer.o curve25519-donna.o list.o netio.o
 
 KEYOBJS=dropbearkey.o

atomicio.c

@@ -53,6 +53,7 @@ atomicio(f, fd, _s, n)
 			if (errno == EINTR || errno == EAGAIN)
 #endif
 				continue;
+			/* FALLTHROUGH */
 		case 0:
 			return (res);
 		default:

auth.h

@@ -29,25 +29,25 @@
 #include "signkey.h"
 #include "chansession.h"
 
-void svr_authinitialise();
-void cli_authinitialise();
+void svr_authinitialise(void);
+void cli_authinitialise(void);
 
 /* Server functions */
-void recv_msg_userauth_request();
+void recv_msg_userauth_request(void);
 void send_msg_userauth_failure(int partial, int incrfail);
-void send_msg_userauth_success();
+void send_msg_userauth_success(void);
 void send_msg_userauth_banner(buffer *msg);
-void svr_auth_password();
-void svr_auth_pubkey();
-void svr_auth_pam();
+void svr_auth_password(void);
+void svr_auth_pubkey(void);
+void svr_auth_pam(void);
 
 #ifdef ENABLE_SVR_PUBKEY_OPTIONS
-int svr_pubkey_allows_agentfwd();
-int svr_pubkey_allows_tcpfwd();
-int svr_pubkey_allows_x11fwd();
-int svr_pubkey_allows_pty();
+int svr_pubkey_allows_agentfwd(void);
+int svr_pubkey_allows_tcpfwd(void);
+int svr_pubkey_allows_x11fwd(void);
+int svr_pubkey_allows_pty(void);
 void svr_pubkey_set_forced_command(struct ChanSess *chansess);
-void svr_pubkey_options_cleanup();
+void svr_pubkey_options_cleanup(void);
 int svr_add_pubkey_options(buffer *options_buf, int line_num, const char* filename);
 #else
 /* no option : success */
@@ -56,34 +56,34 @@ int svr_add_pubkey_options(buffer *options_buf, int line_num, const char* filena
 #define svr_pubkey_allows_x11fwd() 1
 #define svr_pubkey_allows_pty() 1
 static inline void svr_pubkey_set_forced_command(struct ChanSess *chansess) { }
-static inline void svr_pubkey_options_cleanup() { }
+static inline void svr_pubkey_options_cleanup(void) { }
 #define svr_add_pubkey_options(x,y,z) DROPBEAR_SUCCESS
 #endif
 
 /* Client functions */
-void recv_msg_userauth_failure();
-void recv_msg_userauth_success();
-void recv_msg_userauth_specific_60();
-void recv_msg_userauth_pk_ok();
-void recv_msg_userauth_info_request();
-void cli_get_user();
-void cli_auth_getmethods();
-int cli_auth_try();
-void recv_msg_userauth_banner();
-void cli_pubkeyfail();
-void cli_auth_password();
-int cli_auth_pubkey();
-void cli_auth_interactive();
+void recv_msg_userauth_failure(void);
+void recv_msg_userauth_success(void);
+void recv_msg_userauth_specific_60(void);
+void recv_msg_userauth_pk_ok(void);
+void recv_msg_userauth_info_request(void);
+void cli_get_user(void);
+void cli_auth_getmethods(void);
+int cli_auth_try(void);
+void recv_msg_userauth_banner(void);
+void cli_pubkeyfail(void);
+void cli_auth_password(void);
+int cli_auth_pubkey(void);
+void cli_auth_interactive(void);
 char* getpass_or_cancel(char* prompt);
-void cli_auth_pubkey_cleanup();
+void cli_auth_pubkey_cleanup(void);
 
 
 #define MAX_USERNAME_LEN 25 /* arbitrary for the moment */
 
 #define AUTH_TYPE_NONE      1
-#define AUTH_TYPE_PUBKEY    1 << 1
-#define AUTH_TYPE_PASSWORD  1 << 2
-#define AUTH_TYPE_INTERACT  1 << 3
+#define AUTH_TYPE_PUBKEY    (1 << 1)
+#define AUTH_TYPE_PASSWORD  (1 << 2)
+#define AUTH_TYPE_INTERACT  (1 << 3)
 
 #define AUTH_METHOD_NONE "none"
 #define AUTH_METHOD_NONE_LEN 4

bignum.c

@@ -39,33 +39,33 @@ void m_mp_init(mp_int *mp) {
  * on error */
 void m_mp_init_multi(mp_int *mp, ...) 
 {
-    mp_int* cur_arg = mp;
-    va_list args;
+	mp_int* cur_arg = mp;
+	va_list args;
 
-    va_start(args, mp);        /* init args to next argument from caller */
-    while (cur_arg != NULL) {
-        if (mp_init(cur_arg) != MP_OKAY) {
+	va_start(args, mp);        /* init args to next argument from caller */
+	while (cur_arg != NULL) {
+		if (mp_init(cur_arg) != MP_OKAY) {
 			dropbear_exit("Mem alloc error");
-        }
-        cur_arg = va_arg(args, mp_int*);
-    }
-    va_end(args);
+		}
+		cur_arg = va_arg(args, mp_int*);
+	}
+	va_end(args);
 }
 
 void m_mp_alloc_init_multi(mp_int **mp, ...) 
 {
-    mp_int** cur_arg = mp;
-    va_list args;
+	mp_int** cur_arg = mp;
+	va_list args;
 
-    va_start(args, mp);        /* init args to next argument from caller */
-    while (cur_arg != NULL) {
-    	*cur_arg = m_malloc(sizeof(mp_int));
-        if (mp_init(*cur_arg) != MP_OKAY) {
+	va_start(args, mp);        /* init args to next argument from caller */
+	while (cur_arg != NULL) {
+		*cur_arg = m_malloc(sizeof(mp_int));
+		if (mp_init(*cur_arg) != MP_OKAY) {
 			dropbear_exit("Mem alloc error");
-        }
-        cur_arg = va_arg(args, mp_int**);
-    }
-    va_end(args);
+		}
+		cur_arg = va_arg(args, mp_int**);
+	}
+	va_end(args);
 }
 
 void bytes_to_mp(mp_int *mp, const unsigned char* bytes, unsigned int len) {

bignum.h

@@ -25,8 +25,7 @@
 #ifndef DROPBEAR_BIGNUM_H_
 #define DROPBEAR_BIGNUM_H_
 
-#include "includes.h"
-#include "dbutil.h"
+#include "dbhelpers.h"
 
 void m_mp_init(mp_int *mp);
 void m_mp_init_multi(mp_int *mp, ...) ATTRIB_SENTINEL;

buffer.c

@@ -98,7 +98,7 @@ buffer* buf_newcopy(buffer* buf) {
 	ret = buf_new(buf->len);
 	ret->len = buf->len;
 	if (buf->len > 0) {
-	    memcpy(ret->data, buf->data, buf->len);
+		memcpy(ret->data, buf->data, buf->len);
 	}
 	return ret;
 }

channel.h

@@ -105,23 +105,23 @@ struct ChanType {
 void channel_connect_done(int result, int sock, void* user_data, const char* errstring);
 
 void chaninitialise(const struct ChanType *chantypes[]);
-void chancleanup();
+void chancleanup(void);
 void setchannelfds(fd_set *readfds, fd_set *writefds, int allow_reads);
 void channelio(fd_set *readfd, fd_set *writefd);
-struct Channel* getchannel();
+struct Channel* getchannel(void);
 /* Returns an arbitrary channel that is in a ready state - not
 being initialised and no EOF in either direction. NULL if none. */
-struct Channel* get_any_ready_channel();
+struct Channel* get_any_ready_channel(void);
 
-void recv_msg_channel_open();
-void recv_msg_channel_request();
+void recv_msg_channel_open(void);
+void recv_msg_channel_request(void);
 void send_msg_channel_failure(struct Channel *channel);
 void send_msg_channel_success(struct Channel *channel);
-void recv_msg_channel_data();
-void recv_msg_channel_extended_data();
-void recv_msg_channel_window_adjust();
-void recv_msg_channel_close();
-void recv_msg_channel_eof();
+void recv_msg_channel_data(void);
+void recv_msg_channel_extended_data(void);
+void recv_msg_channel_window_adjust(void);
+void recv_msg_channel_close(void);
+void recv_msg_channel_eof(void);
 
 void common_recv_msg_channel_data(struct Channel *channel, int fd, 
 		circbuffer * buf);
@@ -132,13 +132,13 @@ extern const struct ChanType clichansess;
 
 #if defined(USING_LISTENERS) || defined(DROPBEAR_CLIENT)
 int send_msg_channel_open_init(int fd, const struct ChanType *type);
-void recv_msg_channel_open_confirmation();
-void recv_msg_channel_open_failure();
+void recv_msg_channel_open_confirmation(void);
+void recv_msg_channel_open_failure(void);
 #endif
 void start_send_channel_request(struct Channel *channel, char *type);
 
-void send_msg_request_success();
-void send_msg_request_failure();
+void send_msg_request_success(void);
+void send_msg_request_failure(void);
 
 
 #endif /* DROPBEAR_CHANNEL_H_ */

chansession.h

@@ -86,14 +86,14 @@ struct ChildPid {
 
 void addnewvar(const char* param, const char* var);
 
-void cli_send_chansess_request();
-void cli_tty_cleanup();
-void cli_chansess_winchange();
+void cli_send_chansess_request(void);
+void cli_tty_cleanup(void);
+void cli_chansess_winchange(void);
 #ifdef ENABLE_CLI_NETCAT
-void cli_send_netcat_request();
+void cli_send_netcat_request(void);
 #endif
 
-void svr_chansessinitialise();
+void svr_chansessinitialise(void);
 extern const struct ChanType svrchansess;
 
 struct SigMap {

cli-auth.c

@@ -332,12 +332,12 @@ char* getpass_or_cancel(char* prompt)
 	char* password = NULL;
 	
 #ifdef DROPBEAR_PASSWORD_ENV
-    /* Password provided in an environment var */
-    password = getenv(DROPBEAR_PASSWORD_ENV);
-    if (password)
-    {
-        return password;
-    }
+	/* Password provided in an environment var */
+	password = getenv(DROPBEAR_PASSWORD_ENV);
+	if (password)
+	{
+		return password;
+	}
 #endif
 
 	password = getpass(prompt);

cli-chansession.c

@@ -43,7 +43,7 @@ static void send_chansess_shell_req(struct Channel *channel);
 static void cli_escape_handler(struct Channel *channel, unsigned char* buf, int *len);
 static int cli_init_netcat(struct Channel *channel);
 
-static void cli_tty_setup();
+static void cli_tty_setup(void);
 
 const struct ChanType clichansess = {
 	0, /* sepfds */
@@ -438,7 +438,6 @@ do_escape(unsigned char c) {
 		case '.':
 			dropbear_exit("Terminated");
 			return 1;
-			break;
 		case 0x1a:
 			/* ctrl-z */
 			cli_tty_cleanup();
@@ -447,9 +446,9 @@ do_escape(unsigned char c) {
 			cli_tty_setup();
 			cli_ses.winchange = 1;
 			return 1;
-			break;
+		default:
+			return 0;
 	}
-	return 0;
 }
 
 static

cli-kex.c

@@ -186,11 +186,11 @@ static void ask_to_confirm(unsigned char* keyblob, unsigned int keybloblen,
 
 	char* fp = NULL;
 	FILE *tty = NULL;
-	char response = 'z';
+	int response = 'z';
 
 	fp = sign_key_fingerprint(keyblob, keybloblen);
 	if (cli_opts.always_accept_key) {
-		fprintf(stderr, "\nHost '%s' key accepted unconditionally.\n(%s fingerprint %s)\n",
+		dropbear_log(LOG_INFO, "\nHost '%s' key accepted unconditionally.\n(%s fingerprint %s)\n",
 				cli_opts.remotehost,
 				algoname,
 				fp);
@@ -290,7 +290,7 @@ static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) {
 	int ret;
 
 	if (cli_opts.no_hostkey_check) {
-		fprintf(stderr, "Caution, skipping hostkey check for %s\n", cli_opts.remotehost);
+		dropbear_log(LOG_INFO, "Caution, skipping hostkey check for %s\n", cli_opts.remotehost);
 		return;
 	}
 

cli-main.c

@@ -36,7 +36,8 @@ static void cli_dropbear_exit(int exitcode, const char* format, va_list param) A
 static void cli_dropbear_log(int priority, const char* format, va_list param);
 
 #ifdef ENABLE_CLI_PROXYCMD
-static void cli_proxy_cmd(int *sock_in, int *sock_out);
+static void cli_proxy_cmd(int *sock_in, int *sock_out, pid_t *pid_out);
+static void kill_proxy_sighandler(int signo);
 #endif
 
 #if defined(DBMULTI_dbclient) || !defined(DROPBEAR_MULTI)
@@ -59,6 +60,12 @@ int main(int argc, char ** argv) {
 
 	cli_getopts(argc, argv);
 
+#ifndef DISABLE_SYSLOG
+	if (opts.usingsyslog) {
+		startsyslog("dbclient");
+	}
+#endif
+
 	TRACE(("user='%s' host='%s' port='%s'", cli_opts.username,
 				cli_opts.remotehost, cli_opts.remoteport))
 
@@ -66,10 +73,16 @@ int main(int argc, char ** argv) {
 		dropbear_exit("signal() error");
 	}
 
+	pid_t proxy_cmd_pid = 0;
 #ifdef ENABLE_CLI_PROXYCMD
 	if (cli_opts.proxycmd) {
-		cli_proxy_cmd(&sock_in, &sock_out);
+		cli_proxy_cmd(&sock_in, &sock_out, &proxy_cmd_pid);
 		m_free(cli_opts.proxycmd);
+		if (signal(SIGINT, kill_proxy_sighandler) == SIG_ERR ||
+			signal(SIGTERM, kill_proxy_sighandler) == SIG_ERR ||
+			signal(SIGHUP, kill_proxy_sighandler) == SIG_ERR) {
+			dropbear_exit("signal() error");
+		}
 	} else
 #endif
 	{
@@ -77,7 +90,7 @@ int main(int argc, char ** argv) {
 		sock_in = sock_out = -1;
 	}
 
-	cli_session(sock_in, sock_out, progress);
+	cli_session(sock_in, sock_out, progress, proxy_cmd_pid);
 
 	/* not reached */
 	return -1;
@@ -111,13 +124,19 @@ static void cli_dropbear_exit(int exitcode, const char* format, va_list param) {
 	exit(exitcode);
 }
 
-static void cli_dropbear_log(int UNUSED(priority), 
+static void cli_dropbear_log(int priority,
 		const char* format, va_list param) {
 
 	char printbuf[1024];
 
 	vsnprintf(printbuf, sizeof(printbuf), format, param);
 
+#ifndef DISABLE_SYSLOG
+	if (opts.usingsyslog) {
+		syslog(priority, "%s", printbuf);
+	}
+#endif
+
 	fprintf(stderr, "%s: %s\n", cli_opts.progname, printbuf);
 	fflush(stderr);
 }
@@ -132,16 +151,28 @@ static void exec_proxy_cmd(void *user_data_cmd) {
 }
 
 #ifdef ENABLE_CLI_PROXYCMD
-static void cli_proxy_cmd(int *sock_in, int *sock_out) {
+static void cli_proxy_cmd(int *sock_in, int *sock_out, pid_t *pid_out) {
+	char * ex_cmd = NULL;
+	size_t ex_cmdlen;
 	int ret;
 
 	fill_passwd(cli_opts.own_user);
 
-	ret = spawn_command(exec_proxy_cmd, cli_opts.proxycmd,
-			sock_out, sock_in, NULL, NULL);
+	ex_cmdlen = strlen(cli_opts.proxycmd) + 6; /* "exec " + command + '\0' */
+	ex_cmd = m_malloc(ex_cmdlen);
+	snprintf(ex_cmd, ex_cmdlen, "exec %s", cli_opts.proxycmd);
+
+	ret = spawn_command(exec_proxy_cmd, ex_cmd,
+			sock_out, sock_in, NULL, pid_out);
+	m_free(ex_cmd);
 	if (ret == DROPBEAR_FAILURE) {
 		dropbear_exit("Failed running proxy command");
 		*sock_in = *sock_out = -1;
 	}
 }
+
+static void kill_proxy_sighandler(int UNUSED(signo)) {
+	kill_proxy_command();
+	_exit(1);
+}
 #endif /* ENABLE_CLI_PROXYCMD */

cli-runopts.c

@@ -33,10 +33,10 @@
 
 cli_runopts cli_opts; /* GLOBAL */
 
-static void printhelp();
+static void printhelp(void);
 static void parse_hostname(const char* orighostarg);
 static void parse_multihop_hostname(const char* orighostarg, const char* argv0);
-static void fill_own_user();
+static void fill_own_user(void);
 #ifdef ENABLE_CLI_PUBKEY_AUTH
 static void loadidentityfile(const char* filename, int warnfail);
 #endif
@@ -46,6 +46,7 @@ static void addforward(const char* str, m_list *fwdlist);
 #ifdef ENABLE_CLI_NETCAT
 static void add_netcat(const char *str);
 #endif
+static void add_extendedopt(const char *str);
 
 static void printhelp() {
 
@@ -64,6 +65,7 @@ static void printhelp() {
 					"-y    Always accept remote host key if unknown\n"
 					"-y -y Don't perform any remote host key checking (caution)\n"
 					"-s    Request a subsystem (use by external sftp)\n"
+					"-o option     Set option in OpenSSH-like format ('-o help' to list options)\n"
 #ifdef ENABLE_CLI_PUBKEY_AUTH
 					"-i <identityfile>   (multiple allowed, default %s)\n"
 #endif
@@ -106,6 +108,7 @@ void cli_getopts(int argc, char ** argv) {
 	unsigned int i, j;
 	char ** next = 0;
 	enum {
+		OPT_EXTENDED_OPTIONS,
 #ifdef ENABLE_CLI_PUBKEY_AUTH
 		OPT_AUTHKEY,
 #endif
@@ -145,6 +148,9 @@ void cli_getopts(int argc, char ** argv) {
 #ifdef ENABLE_CLI_PUBKEY_AUTH
 	cli_opts.privkeys = list_new();
 #endif
+#ifdef ENABLE_CLI_ANYTCPFWD
+	cli_opts.exit_on_fwd_failure = 0;
+#endif
 #ifdef ENABLE_CLI_LOCALTCPFWD
 	cli_opts.localfwds = list_new();
 	opts.listen_fwd_all = 0;
@@ -166,6 +172,9 @@ void cli_getopts(int argc, char ** argv) {
 #ifdef ENABLE_USER_ALGO_LIST
 	opts.cipher_list = NULL;
 	opts.mac_list = NULL;
+#endif
+#ifndef DISABLE_SYSLOG
+	opts.usingsyslog = 0;
 #endif
 	/* not yet
 	opts.ipv4 = 1;
@@ -224,6 +233,9 @@ void cli_getopts(int argc, char ** argv) {
 				case 's':
 					cli_opts.is_subsystem = 1;
 					break;
+				case 'o':
+					opt = OPT_EXTENDED_OPTIONS;
+					break;
 #ifdef ENABLE_CLI_LOCALTCPFWD
 				case 'L':
 					opt = OPT_LOCALTCPFWD;
@@ -301,9 +313,9 @@ void cli_getopts(int argc, char ** argv) {
 					print_version();
 					exit(EXIT_SUCCESS);
 					break;
-				case 'o':
 				case 'b':
 					next = &dummy;
+					/* FALLTHROUGH */
 				default:
 					fprintf(stderr,
 						"WARNING: Ignoring unknown option -%c\n", c);
@@ -321,6 +333,11 @@ void cli_getopts(int argc, char ** argv) {
 				dropbear_exit("Missing argument");
 		}
 
+		if (opt == OPT_EXTENDED_OPTIONS) {
+			TRACE(("opt extended"))
+			add_extendedopt(&argv[i][j]);
+		}
+		else
 #ifdef ENABLE_CLI_PUBKEY_AUTH
 		if (opt == OPT_AUTHKEY) {
 			TRACE(("opt authkey"))
@@ -475,7 +492,7 @@ static void loadidentityfile(const char* filename, int warnfail) {
 	keytype = DROPBEAR_SIGNKEY_ANY;
 	if ( readhostkey(filename, key, &keytype) != DROPBEAR_SUCCESS ) {
 		if (warnfail) {
-			fprintf(stderr, "Failed loading keyfile '%s'\n", filename);
+			dropbear_log(LOG_WARNING, "Failed loading keyfile '%s'\n", filename);
 		}
 		sign_key_free(key);
 	} else {
@@ -522,7 +539,7 @@ multihop_passthrough_args() {
 
 	if (opts.recv_window != DEFAULT_RECV_WINDOW)
 	{
-		int written = snprintf(ret+total, len-total, "-W %d ", opts.recv_window);
+		int written = snprintf(ret+total, len-total, "-W %u ", opts.recv_window);
 		total += written;
 	}
 
@@ -806,3 +823,76 @@ badport:
 	dropbear_exit("Bad TCP port in '%s'", origstr);
 }
 #endif
+
+static int match_extendedopt(const char** strptr, const char *optname) {
+	int seen_eq = 0;
+	int optlen = strlen(optname);
+	const char *str = *strptr;
+
+	while (isspace(*str)) {
+		++str;
+	}
+
+	if (strncasecmp(str, optname, optlen) != 0) {
+		return DROPBEAR_FAILURE;
+	}
+
+	str += optlen;
+
+	while (isspace(*str) || (!seen_eq && *str == '=')) {
+		if (*str == '=') {
+			seen_eq = 1;
+		}
+		++str;
+	}
+
+	if (str-*strptr == optlen) {
+		/* matched just a prefix of optname */
+		return DROPBEAR_FAILURE;
+	}
+
+	*strptr = str;
+	return DROPBEAR_SUCCESS;
+}
+
+static int parse_flag_value(const char *value) {
+	if (strcmp(value, "yes") == 0 || strcmp(value, "true") == 0) {
+		return 1;
+	} else if (strcmp(value, "no") == 0 || strcmp(value, "false") == 0) {
+		return 0;
+	}
+
+	dropbear_exit("Bad yes/no argument '%s'", value);
+}
+
+static void add_extendedopt(const char* origstr) {
+	const char *optstr = origstr;
+
+	if (strcmp(origstr, "help") == 0) {
+		dropbear_log(LOG_INFO, "Available options:\n"
+#ifdef ENABLE_CLI_ANYTCPFWD
+			"\tExitOnForwardFailure\n"
+#endif
+#ifndef DISABLE_SYSLOG
+			"\tUseSyslog\n"
+#endif
+		);
+		exit(EXIT_SUCCESS);
+	}
+
+#ifdef ENABLE_CLI_ANYTCPFWD
+	if (match_extendedopt(&optstr, "ExitOnForwardFailure") == DROPBEAR_SUCCESS) {
+		cli_opts.exit_on_fwd_failure = parse_flag_value(optstr);
+		return;
+	}
+#endif
+
+#ifndef DISABLE_SYSLOG
+	if (match_extendedopt(&optstr, "UseSyslog") == DROPBEAR_SUCCESS) {
+		opts.usingsyslog = parse_flag_value(optstr);
+		return;
+	}
+#endif
+
+	dropbear_log(LOG_WARNING, "Ignoring unknown configuration option '%s'", origstr);
+}

cli-session.c

@@ -39,10 +39,10 @@
 #include "crypto_desc.h"
 #include "netio.h"
 
-static void cli_remoteclosed() ATTRIB_NORETURN;
-static void cli_sessionloop();
-static void cli_session_init();
-static void cli_finished() ATTRIB_NORETURN;
+static void cli_remoteclosed(void) ATTRIB_NORETURN;
+static void cli_sessionloop(void);
+static void cli_session_init(pid_t proxy_cmd_pid);
+static void cli_finished(void) ATTRIB_NORETURN;
 static void recv_msg_service_accept(void);
 static void cli_session_cleanup(void);
 static void recv_msg_global_request_cli(void);
@@ -104,7 +104,7 @@ void cli_connected(int result, int sock, void* userdata, const char *errstring)
 	update_channel_prio();
 }
 
-void cli_session(int sock_in, int sock_out, struct dropbear_progress_connection *progress) {
+void cli_session(int sock_in, int sock_out, struct dropbear_progress_connection *progress, pid_t proxy_cmd_pid) {
 
 	common_session_init(sock_in, sock_out);
 
@@ -115,8 +115,7 @@ void cli_session(int sock_in, int sock_out, struct dropbear_progress_connection
 	chaninitialise(cli_chantypes);
 
 	/* Set up cli_ses vars */
-	cli_session_init();
-
+	cli_session_init(proxy_cmd_pid);
 
 	/* Ready to go */
 	sessinitdone = 1;
@@ -140,7 +139,7 @@ static void cli_send_kex_first_guess() {
 }
 #endif
 
-static void cli_session_init() {
+static void cli_session_init(pid_t proxy_cmd_pid) {
 
 	cli_ses.state = STATE_NOTHING;
 	cli_ses.kex_state = KEX_NOTHING;
@@ -159,6 +158,8 @@ static void cli_session_init() {
 
 	cli_ses.retval = EXIT_SUCCESS; /* Assume it's clean if we don't get a
 									  specific exit status */
+	cli_ses.proxy_cmd_pid = proxy_cmd_pid;
+	TRACE(("proxy command PID='%d'", proxy_cmd_pid));
 
 	/* Auth */
 	cli_ses.lastprivkey = NULL;
@@ -268,6 +269,11 @@ static void cli_sessionloop() {
 			return;
 
 		case USERAUTH_SUCCESS_RCVD:
+#ifndef DISABLE_SYSLOG
+			if (opts.usingsyslog) {
+				dropbear_log(LOG_INFO, "Authentication succeeded.");
+			}
+#endif
 
 #ifdef DROPBEAR_NONE_CIPHER
 			if (cli_ses.cipher_none_after_auth)
@@ -334,17 +340,31 @@ static void cli_sessionloop() {
 
 }
 
+void kill_proxy_command(void) {
+	/*
+	 * Send SIGHUP to proxy command if used. We don't wait() in
+	 * case it hangs and instead rely on init to reap the child
+	 */
+	if (cli_ses.proxy_cmd_pid > 1) {
+		TRACE(("killing proxy command with PID='%d'", cli_ses.proxy_cmd_pid));
+		kill(cli_ses.proxy_cmd_pid, SIGHUP);
+	}
+}
+
 static void cli_session_cleanup(void) {
 
 	if (!sessinitdone) {
 		return;
 	}
 
+	kill_proxy_command();
+
 	/* Set std{in,out,err} back to non-blocking - busybox ash dies nastily if
 	 * we don't revert the flags */
-	fcntl(cli_ses.stdincopy, F_SETFL, cli_ses.stdinflags);
-	fcntl(cli_ses.stdoutcopy, F_SETFL, cli_ses.stdoutflags);
-	fcntl(cli_ses.stderrcopy, F_SETFL, cli_ses.stderrflags);
+	/* Ignore return value since there's nothing we can do */
+	(void)fcntl(cli_ses.stdincopy, F_SETFL, cli_ses.stdinflags);
+	(void)fcntl(cli_ses.stdoutcopy, F_SETFL, cli_ses.stdoutflags);
+	(void)fcntl(cli_ses.stderrcopy, F_SETFL, cli_ses.stderrflags);
 
 	cli_tty_cleanup();
 

cli-tcpfwd.c

@@ -60,6 +60,23 @@ static const struct ChanType cli_chan_tcplocal = {
 };
 #endif
 
+#ifdef ENABLE_CLI_ANYTCPFWD
+static void fwd_failed(const char* format, ...) ATTRIB_PRINTF(1,2);
+static void fwd_failed(const char* format, ...)
+{
+	va_list param;
+	va_start(param, format);
+
+	if (cli_opts.exit_on_fwd_failure) {
+		_dropbear_exit(EXIT_FAILURE, format, param);
+	} else {
+		_dropbear_log(LOG_WARNING, format, param);
+	}
+
+	va_end(param);
+}
+#endif
+
 #ifdef ENABLE_CLI_LOCALTCPFWD
 void setup_localtcp() {
 	m_list_elem *iter;
@@ -75,7 +92,7 @@ void setup_localtcp() {
 				fwd->connectaddr,
 				fwd->connectport);
 		if (ret == DROPBEAR_FAILURE) {
-			dropbear_log(LOG_WARNING, "Failed local port forward %s:%d:%s:%d",
+			fwd_failed("Failed local port forward %s:%d:%s:%d",
 					fwd->listenaddr,
 					fwd->listenport,
 					fwd->connectaddr,
@@ -181,7 +198,10 @@ void cli_recv_msg_request_failure() {
 		struct TCPFwdEntry *fwd = (struct TCPFwdEntry*)iter->item;
 		if (!fwd->have_reply) {
 			fwd->have_reply = 1;
-			dropbear_log(LOG_WARNING, "Remote TCP forward request failed (port %d -> %s:%d)", fwd->listenport, fwd->connectaddr, fwd->connectport);
+			fwd_failed("Remote TCP forward request failed (port %d -> %s:%d)",
+					fwd->listenport,
+					fwd->connectaddr,
+					fwd->connectport);
 			return;
 		}
 	}
@@ -211,7 +231,7 @@ void setup_remotetcp() {
 
 static int newtcpforwarded(struct Channel * channel) {
 
-    char *origaddr = NULL;
+	char *origaddr = NULL;
 	unsigned int origport;
 	m_list_elem * iter = NULL;
 	struct TCPFwdEntry *fwd;
@@ -247,13 +267,13 @@ static int newtcpforwarded(struct Channel * channel) {
 
 	if (iter == NULL) {
 		/* We didn't request forwarding on that port */
-        	cleantext(origaddr);
+		cleantext(origaddr);
 		dropbear_log(LOG_INFO, "Server sent unrequested forward from \"%s:%d\"", 
                 origaddr, origport);
 		goto out;
 	}
 	
-	snprintf(portstring, sizeof(portstring), "%d", fwd->connectport);
+	snprintf(portstring, sizeof(portstring), "%u", fwd->connectport);
 	channel->conn_pending = connect_remote(fwd->connectaddr, portstring, channel_connect_done, channel);
 
 	channel->prio = DROPBEAR_CHANNEL_PRIO_UNKNOWABLE;

common-algo.c

@@ -27,7 +27,7 @@
 #include "algo.h"
 #include "session.h"
 #include "dbutil.h"
-#include "kex.h"
+#include "dh_groups.h"
 #include "ltc_prng.h"
 #include "ecc.h"
 
@@ -248,20 +248,30 @@ algo_type sshhostkey[] = {
 	{NULL, 0, NULL, 0, NULL}
 };
 
+#if DROPBEAR_DH_GROUP1
 static const struct dropbear_kex kex_dh_group1 = {DROPBEAR_KEX_NORMAL_DH, dh_p_1, DH_P_1_LEN, NULL, &sha1_desc };
-static const struct dropbear_kex kex_dh_group14 = {DROPBEAR_KEX_NORMAL_DH, dh_p_14, DH_P_14_LEN, NULL, &sha1_desc };
+#endif
+#if DROPBEAR_DH_GROUP14
+static const struct dropbear_kex kex_dh_group14_sha1 = {DROPBEAR_KEX_NORMAL_DH, dh_p_14, DH_P_14_LEN, NULL, &sha1_desc };
+#if DROPBEAR_DH_GROUP14_256
+static const struct dropbear_kex kex_dh_group14_sha256 = {DROPBEAR_KEX_NORMAL_DH, dh_p_14, DH_P_14_LEN, NULL, &sha256_desc };
+#endif
+#endif
+#if DROPBEAR_DH_GROUP16
+static const struct dropbear_kex kex_dh_group16_sha512 = {DROPBEAR_KEX_NORMAL_DH, dh_p_16, DH_P_16_LEN, NULL, &sha512_desc };
+#endif
 
 /* These can't be const since dropbear_ecc_fill_dp() fills out
  ecc_curve at runtime */
 #ifdef DROPBEAR_ECDH
 #ifdef DROPBEAR_ECC_256
-static struct dropbear_kex kex_ecdh_nistp256 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp256, &sha256_desc };
+static const struct dropbear_kex kex_ecdh_nistp256 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp256, &sha256_desc };
 #endif
 #ifdef DROPBEAR_ECC_384
-static struct dropbear_kex kex_ecdh_nistp384 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp384, &sha384_desc };
+static const struct dropbear_kex kex_ecdh_nistp384 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp384, &sha384_desc };
 #endif
 #ifdef DROPBEAR_ECC_521
-static struct dropbear_kex kex_ecdh_nistp521 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp521, &sha512_desc };
+static const struct dropbear_kex kex_ecdh_nistp521 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp521, &sha512_desc };
 #endif
 #endif /* DROPBEAR_ECDH */
 
@@ -285,8 +295,18 @@ algo_type sshkex[] = {
 	{"ecdh-sha2-nistp256", 0, &kex_ecdh_nistp256, 1, NULL},
 #endif
 #endif
-	{"diffie-hellman-group14-sha1", 0, &kex_dh_group14, 1, NULL},
+#if DROPBEAR_DH_GROUP14
+#if DROPBEAR_DH_GROUP14_256
+	{"diffie-hellman-group14-sha256", 0, &kex_dh_group14_sha256, 1, NULL},
+#endif
+	{"diffie-hellman-group14-sha1", 0, &kex_dh_group14_sha1, 1, NULL},
+#endif
+#if DROPBEAR_DH_GROUP1
 	{"diffie-hellman-group1-sha1", 0, &kex_dh_group1, 1, NULL},
+#endif
+#if DROPBEAR_DH_GROUP16
+	{"diffie-hellman-group16-sha512", 0, &kex_dh_group16_sha512, 1, NULL},
+#endif
 #ifdef USE_KEXGUESS2
 	{KEXGUESS2_ALGO_NAME, KEXGUESS2_ALGO_ID, NULL, 1, NULL},
 #endif
@@ -318,7 +338,7 @@ void buf_put_algolist(buffer * buf, algo_type localalgos[]) {
 	unsigned int donefirst = 0;
 	buffer *algolist = NULL;
 
-	algolist = buf_new(200);
+	algolist = buf_new(300);
 	for (i = 0; localalgos[i].name != NULL; i++) {
 		if (localalgos[i].usable) {
 			if (donefirst)

common-kex.c

@@ -29,6 +29,7 @@
 #include "buffer.h"
 #include "session.h"
 #include "kex.h"
+#include "dh_groups.h"
 #include "ssh.h"
 #include "packet.h"
 #include "bignum.h"
@@ -37,55 +38,13 @@
 #include "ecc.h"
 #include "crypto_desc.h"
 
-/* diffie-hellman-group1-sha1 value for p */
-const unsigned char dh_p_1[DH_P_1_LEN] = {
-	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
-    0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
-	0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
-	0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
-	0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
-	0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
-	0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
-	0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
-	0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
-	0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81,
-	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
-
-/* diffie-hellman-group14-sha1 value for p */
-const unsigned char dh_p_14[DH_P_14_LEN] = {
-	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 
-    0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 
-	0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
-	0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
-	0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
-	0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
-	0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
-	0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
-	0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
-	0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
-	0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
-	0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
-	0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
-	0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
-	0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
-	0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
-	0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
-	0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
-	0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
-	0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
-	0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, 0xFF, 0xFF, 0xFF, 0xFF,
-	0xFF, 0xFF, 0xFF, 0xFF};
-
-/* Same for group1 and group14 */
-static const int DH_G_VAL = 2;
-
-static void kexinitialise();
-static void gen_new_keys();
+static void kexinitialise(void);
+static void gen_new_keys(void);
 #ifndef DISABLE_ZLIB
-static void gen_new_zstream_recv();
-static void gen_new_zstream_trans();
+static void gen_new_zstream_recv(void);
+static void gen_new_zstream_trans(void);
 #endif
-static void read_kex_algos();
+static void read_kex_algos(void);
 /* helper function for gen_new_keys */
 static void hashkeys(unsigned char *out, unsigned int outlen, 
 		const hash_state * hs, const unsigned char X);
@@ -349,17 +308,17 @@ static void gen_new_keys() {
 	ses.hash = NULL;
 
 	if (IS_DROPBEAR_CLIENT) {
-	    trans_IV	= C2S_IV;
-	    recv_IV		= S2C_IV;
-	    trans_key	= C2S_key;
-	    recv_key	= S2C_key;
+		trans_IV	= C2S_IV;
+		recv_IV		= S2C_IV;
+		trans_key	= C2S_key;
+		recv_key	= S2C_key;
 		mactransletter = 'E';
 		macrecvletter = 'F';
 	} else {
-	    trans_IV	= S2C_IV;
-	    recv_IV		= C2S_IV;
-	    trans_key	= S2C_key;
-	    recv_key	= C2S_key;
+		trans_IV	= S2C_IV;
+		recv_IV		= C2S_IV;
+		trans_key	= S2C_key;
+		recv_key	= C2S_key;
 		mactransletter = 'F';
 		macrecvletter = 'E';
 	}
@@ -525,18 +484,18 @@ void recv_msg_kexinit() {
 		read_kex_algos();
 
 		/* V_C, the client's version string (CR and NL excluded) */
-	    buf_putstring(ses.kexhashbuf, LOCAL_IDENT, local_ident_len);
+		buf_putstring(ses.kexhashbuf, LOCAL_IDENT, local_ident_len);
 		/* V_S, the server's version string (CR and NL excluded) */
-	    buf_putstring(ses.kexhashbuf, ses.remoteident, remote_ident_len);
+		buf_putstring(ses.kexhashbuf, ses.remoteident, remote_ident_len);
 
 		/* I_C, the payload of the client's SSH_MSG_KEXINIT */
-	    buf_putstring(ses.kexhashbuf,
+		buf_putstring(ses.kexhashbuf,
 			(const char*)ses.transkexinit->data, ses.transkexinit->len);
 		/* I_S, the payload of the server's SSH_MSG_KEXINIT */
-	    buf_setpos(ses.payload, ses.payload_beginning);
-	    buf_putstring(ses.kexhashbuf, 
-	    	(const char*)buf_getptr(ses.payload, ses.payload->len-ses.payload->pos),
-	    	ses.payload->len-ses.payload->pos);
+		buf_setpos(ses.payload, ses.payload_beginning);
+		buf_putstring(ses.kexhashbuf,
+			(const char*)buf_getptr(ses.payload, ses.payload->len-ses.payload->pos),
+			ses.payload->len-ses.payload->pos);
 		ses.requirenext = SSH_MSG_KEXDH_REPLY;
 	} else {
 		/* SERVER */
@@ -544,18 +503,18 @@ void recv_msg_kexinit() {
 		/* read the peer's choice of algos */
 		read_kex_algos();
 		/* V_C, the client's version string (CR and NL excluded) */
-	    buf_putstring(ses.kexhashbuf, ses.remoteident, remote_ident_len);
+		buf_putstring(ses.kexhashbuf, ses.remoteident, remote_ident_len);
 		/* V_S, the server's version string (CR and NL excluded) */
-	    buf_putstring(ses.kexhashbuf, LOCAL_IDENT, local_ident_len);
+		buf_putstring(ses.kexhashbuf, LOCAL_IDENT, local_ident_len);
 
 		/* I_C, the payload of the client's SSH_MSG_KEXINIT */
-	    buf_setpos(ses.payload, ses.payload_beginning);
-	    buf_putstring(ses.kexhashbuf, 
-	    	(const char*)buf_getptr(ses.payload, ses.payload->len-ses.payload->pos),
-	    	ses.payload->len-ses.payload->pos);
+		buf_setpos(ses.payload, ses.payload_beginning);
+		buf_putstring(ses.kexhashbuf, 
+			(const char*)buf_getptr(ses.payload, ses.payload->len-ses.payload->pos),
+			ses.payload->len-ses.payload->pos);
 
 		/* I_S, the payload of the server's SSH_MSG_KEXINIT */
-	    buf_putstring(ses.kexhashbuf,
+		buf_putstring(ses.kexhashbuf,
 			(const char*)ses.transkexinit->data, ses.transkexinit->len);
 
 		ses.requirenext = SSH_MSG_KEXDH_INIT;

common-session.c

@@ -36,10 +36,10 @@
 #include "runopts.h"
 #include "netio.h"
 
-static void checktimeouts();
-static long select_timeout();
+static void checktimeouts(void);
+static long select_timeout(void);
 static int ident_readln(int fd, char* buf, int count);
-static void read_session_identification();
+static void read_session_identification(void);
 
 struct sshsession ses; /* GLOBAL */
 

compat.c

@@ -235,7 +235,7 @@ void setusershell() {
 
 static char **initshells() {
 	/* don't touch this list. */
-	const char *okshells[] = { "/bin/sh", "/bin/csh", NULL };
+	static const char *okshells[] = { "/bin/sh", "/bin/csh", NULL };
 	register char **sp, *cp;
 	register FILE *fp;
 	struct stat statb;

compat.h

@@ -44,9 +44,9 @@ char *basename(const char* path);
 #endif
 
 #ifndef HAVE_GETUSERSHELL
-char *getusershell();
-void setusershell();
-void endusershell();
+char *getusershell(void);
+void setusershell(void);
+void endusershell(void);
 #endif
 
 #ifndef DROPBEAR_PATH_DEVNULL

configure.ac

@@ -375,6 +375,9 @@ AC_CHECK_FUNCS(logout updwtmp logwtmp)
 AC_CHECK_HEADERS([mach/mach_time.h])
 AC_CHECK_FUNCS(mach_absolute_time)
 
+AC_CHECK_FUNCS(explicit_bzero memset_s)
+
+
 AC_ARG_ENABLE(bundled-libtom,
 [  --enable-bundled-libtom       Force using bundled libtomcrypt/libtommath even if a system version exists.
   --disable-bundled-libtom      Force using system libtomcrypt/libtommath, fail if it does not exist.

crypto_desc.h

@@ -1,7 +1,7 @@
 #ifndef DROPBEAR_CRYPTO_DESC_H
 #define DROPBEAR_CRYPTO_DESC_H
 
-void crypto_init();
+void crypto_init(void);
 
 extern int dropbear_ltc_prng;
 

dbclient.1

@@ -114,7 +114,8 @@ Disconnect the session if no traffic is transmitted or received for \fIidle_time
 .B \-J \fIproxy_command
 Use the standard input/output of the program \fIproxy_command\fR rather than using
 a normal TCP connection. A hostname should be still be provided, as this is used for
-comparing saved hostkeys.
+comparing saved hostkeys. This command will be executed as "exec proxy_command ..." with the
+default shell.
 .TP
 .B \-B \fIendhost:endport
 "Netcat-alike" mode, where Dropbear will connect to the given host, then create a
@@ -127,6 +128,22 @@ Specify a comma separated list of ciphers to enable. Use \fI-c help\fR to list p
 .B \-m \fIMAClist
 Specify a comma separated list of authentication MACs to enable. Use \fI-m help\fR to list possibilities.
 .TP
+.B \-o \fIoption
+Can be used to give options in the format used by OpenSSH config file. This is
+useful for specifying options for which there is no separate command-line flag.
+For full details of the options listed below, and their possible values, see
+ssh_config(5).
+
+For now following options have been implemented:
+.RS
+.TP
+.B ExitOnForwardFailure
+Specifies whether dbclient should terminate the connection if it cannot set up all requested local and remote port forwardings. The argument must be “yes” or “no”.  The default is “no”.
+.TP
+.B UseSyslog
+Send dbclient log messages to syslog in addition to stderr.
+.RE
+.TP
 .B \-s 
 The specified command will be requested as a subsystem, used for sftp. Dropbear doesn't implement sftp itself but the OpenSSH sftp client can be used eg \fIsftp -S dbclient user@host\fR
 .TP

dbhelpers.c

@@ -0,0 +1,25 @@
+#include "dbhelpers.h"
+#include "includes.h"
+
+/* Erase data */
+void m_burn(void *data, unsigned int len) {
+
+#if defined(HAVE_MEMSET_S)
+	memset_s(data, len, 0x0, len);
+#elif defined(HAVE_EXPLICIT_BZERO)
+	explicit_bzero(data, len);
+#else
+/* Based on the method in David Wheeler's
+ * "Secure Programming for Linux and Unix HOWTO". May not be safe
+ * against link-time optimisation. */
+	volatile char *p = data;
+
+	if (data == NULL)
+		return;
+	while (len--) {
+		*p++ = 0x0;
+	}
+#endif
+}
+
+

dbhelpers.h

@@ -0,0 +1,21 @@
+#ifndef DROPBEAR_DBHELPERS_H_
+#define DROPBEAR_DBHELPERS_H_
+
+/* This header defines some things that are also used by libtomcrypt/math. 
+   We avoid including normal include.h since that can result in conflicting 
+   definitinos - only include config.h */
+#include "config.h"
+
+#ifdef __GNUC__
+#define ATTRIB_PRINTF(fmt,args) __attribute__((format(printf, fmt, args))) 
+#define ATTRIB_NORETURN __attribute__((noreturn))
+#define ATTRIB_SENTINEL __attribute__((sentinel))
+#else
+#define ATTRIB_PRINTF(fmt,args)
+#define ATTRIB_NORETURN
+#define ATTRIB_SENTINEL
+#endif
+
+void m_burn(void* data, unsigned int len);
+
+#endif /* DROPBEAR_DBHELPERS_H_ */

dbmulti.c

@@ -26,17 +26,13 @@
 
 /* definitions are cleanest if we just put them here */
 int dropbear_main(int argc, char ** argv);
+int cli_main(int argc, char ** argv);
 int dropbearkey_main(int argc, char ** argv);
 int dropbearconvert_main(int argc, char ** argv);
 int scp_main(int argc, char ** argv);
 
-int main(int argc, char ** argv) {
-
-	char * progname;
-
-	if (argc > 0) {
-		/* figure which form we're being called as */
-		progname = basename(argv[0]);
+static int runprog(const char *progname, int argc, char ** argv, int *match) {
+	*match = DROPBEAR_SUCCESS;
 
 #ifdef DBMULTI_dropbear
 		if (strcmp(progname, "dropbear") == 0) {
@@ -64,10 +60,28 @@ int main(int argc, char ** argv) {
 			return scp_main(argc, argv);
 		}
 #endif
+	*match = DROPBEAR_FAILURE;
+	return 1;
+}
+
+int main(int argc, char ** argv) {
+	int i;
+	for (i = 0; i < 2; i++) {
+		/* Try symlink first, then try as an argument eg "dropbearmulti dbclient host ..." */
+		if (argc > i) {
+			int match, res;
+			/* figure which form we're being called as */
+			const char* progname = basename(argv[i]);
+			res = runprog(progname, argc-i, &argv[i], &match);
+			if (match == DROPBEAR_SUCCESS) {
+				return res;
+			}
+		}
 	}
 
 	fprintf(stderr, "Dropbear SSH multi-purpose v%s\n"
-			"Make a symlink pointing at this binary with one of the following names:\n"
+			"Make a symlink pointing at this binary with one of the\n"
+			"following names or run 'dropbearmulti <command>'.\n"
 #ifdef DBMULTI_dropbear
 			"'dropbear' - the Dropbear server\n"
 #endif

dbrandom.c

@@ -32,7 +32,7 @@
 /* this is used to generate unique output from the same hashpool */
 static uint32_t counter = 0;
 /* the max value for the counter, so it won't integer overflow */
-#define MAX_COUNTER 1<<30 
+#define MAX_COUNTER (1<<30)
 
 static unsigned char hashpool[SHA1_HASH_SIZE] = {0};
 static int donerandinit = 0;

dbrandom.h

@@ -27,7 +27,7 @@
 
 #include "includes.h"
 
-void seedrandom();
+void seedrandom(void);
 void genrandom(unsigned char* buf, unsigned int len);
 void addrandom(unsigned char * buf, unsigned int len);
 void gen_random_mpint(mp_int *max, mp_int *rand);

dbutil.c

@@ -84,9 +84,9 @@ int debug_trace = 0;
 #endif
 
 #ifndef DISABLE_SYSLOG
-void startsyslog() {
+void startsyslog(const char *ident) {
 
-	openlog(PROGNAME, LOG_PID, LOG_AUTHPRIV);
+	openlog(ident, LOG_PID, LOG_AUTHPRIV);
 
 }
 #endif /* DISABLE_SYSLOG */
@@ -157,26 +157,26 @@ void debug_start_net()
 {
 	if (getenv("DROPBEAR_DEBUG_NET_TIMESTAMP"))
 	{
-    	/* Timestamps start from first network activity */
-	    struct timeval tv;
-	    gettimeofday(&tv, NULL);
-	    debug_start_time = tv.tv_sec + (tv.tv_usec / 1000000.0);
-	    TRACE(("Resetting Dropbear TRACE timestamps"))
+		/* Timestamps start from first network activity */
+		struct timeval tv;
+		gettimeofday(&tv, NULL);
+		debug_start_time = tv.tv_sec + (tv.tv_usec / 1000000.0);
+		TRACE(("Resetting Dropbear TRACE timestamps"))
 	}
 }
 
 static double time_since_start()
 {
-    double nowf;
-    struct timeval tv;
-    gettimeofday(&tv, NULL);
-    nowf = tv.tv_sec + (tv.tv_usec / 1000000.0);
-    if (debug_start_time < 0)
-    {
-        debug_start_time = nowf;
-        return 0;
-    }
-    return nowf - debug_start_time;
+	double nowf;
+	struct timeval tv;
+	gettimeofday(&tv, NULL);
+	nowf = tv.tv_sec + (tv.tv_usec / 1000000.0);
+	if (debug_start_time < 0)
+	{
+		debug_start_time = nowf;
+		return 0;
+	}
+	return nowf - debug_start_time;
 }
 
 void dropbear_trace(const char* format, ...) {
@@ -559,21 +559,6 @@ void * m_realloc(void* ptr, size_t size) {
 	return ret;
 }
 
-/* Clear the data, based on the method in David Wheeler's
- * "Secure Programming for Linux and Unix HOWTO" */
-/* Beware of calling this from within dbutil.c - things might get
- * optimised away */
-void m_burn(void *data, unsigned int len) {
-	volatile char *p = data;
-
-	if (data == NULL)
-		return;
-	while (len--) {
-		*p++ = 0x0;
-	}
-}
-
-
 void setnonblocking(int fd) {
 
 	TRACE(("setnonblocking: %d", fd))

dbutil.h

@@ -29,19 +29,10 @@
 #include "includes.h"
 #include "buffer.h"
 #include "queue.h"
+#include "dbhelpers.h"
 
 #ifndef DISABLE_SYSLOG
-void startsyslog();
-#endif
-
-#ifdef __GNUC__
-#define ATTRIB_PRINTF(fmt,args) __attribute__((format(printf, fmt, args))) 
-#define ATTRIB_NORETURN __attribute__((noreturn))
-#define ATTRIB_SENTINEL __attribute__((sentinel))
-#else
-#define ATTRIB_PRINTF(fmt,args)
-#define ATTRIB_NORETURN
-#define ATTRIB_SENTINEL
+void startsyslog(const char *ident);
 #endif
 
 extern void (*_dropbear_exit)(int exitcode, const char* format, va_list param) ATTRIB_NORETURN;
@@ -59,7 +50,7 @@ void dropbear_trace(const char* format, ...) ATTRIB_PRINTF(1,2);
 void dropbear_trace2(const char* format, ...) ATTRIB_PRINTF(1,2);
 void printhex(const char * label, const unsigned char * buf, int len);
 void printmpint(const char *label, mp_int *mp);
-void debug_start_net();
+void debug_start_net(void);
 extern int debug_trace;
 #endif
 
@@ -79,9 +70,8 @@ void * m_malloc(size_t size);
 void * m_strdup(const char * str);
 void * m_realloc(void* ptr, size_t size);
 #define m_free(X) do {free(X); (X) = NULL;} while (0)
-void m_burn(void* data, unsigned int len);
 void setnonblocking(int fd);
-void disallow_core();
+void disallow_core(void);
 int m_str_to_uint(const char* str, unsigned int *val);
 
 /* Used to force mp_ints to be initialised */
@@ -95,7 +85,7 @@ int constant_time_memcmp(const void* a, const void *b, size_t n);
 
 /* Returns a time in seconds that doesn't go backwards - does not correspond to
 a real-world clock */
-time_t monotonic_now();
+time_t monotonic_now(void);
 
 char * expand_homedir_path(const char *inpath);
 

debian/changelog

@@ -1,8 +1,14 @@
-dropbear (2015.71-0.1) unstable; urgency=low
+dropbear (2016.73-0.1) unstable; urgency=low
 
   * New upstream release.
 
- -- Matt Johnston <matt@ucc.asn.au>  Thu, 3 Dec 2015 22:52:58 +0800
+ -- Matt Johnston <matt@ucc.asn.au>  Fri, 18 Mar 2016 22:52:58 +0800
+
+dropbear (2016.72-0.1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Matt Johnston <matt@ucc.asn.au>  Wed, 10 Mar 2016 22:52:58 +0800
 
 dropbear (2015.70-0.1) unstable; urgency=low
 

debian/dropbear.init

@@ -5,6 +5,7 @@
 # Required-Stop:     $remote_fs $syslog
 # Default-Start:     2 3 4 5
 # Default-Stop:      0 1 6
+# Short-Description: Dropbear SSH server
 ### END INIT INFO
 #
 # Do not configure this file. Edit /etc/default/dropbear instead!

dh_groups.c

@@ -0,0 +1,94 @@
+#include "options.h"
+#include "dh_groups.h"
+
+#if DROPBEAR_DH_GROUP1
+/* diffie-hellman-group1-sha1 value for p */
+const unsigned char dh_p_1[DH_P_1_LEN] = {
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
+	0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+	0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
+	0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+	0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
+	0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+	0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
+	0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+	0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
+	0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
+#endif /* DROPBEAR_DH_GROUP1 */
+
+#if DROPBEAR_DH_GROUP14
+/* diffie-hellman-group14-sha1 value for p */
+const unsigned char dh_p_14[DH_P_14_LEN] = {
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 
+	0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 
+	0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
+	0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+	0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
+	0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+	0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
+	0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+	0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
+	0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
+	0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
+	0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+	0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
+	0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+	0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
+	0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+	0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
+	0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
+	0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
+	0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+	0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF};
+#endif /* DROPBEAR_DH_GROUP14 */
+
+#if DROPBEAR_DH_GROUP16
+/* diffie-hellman-group16-256 value for p */
+const unsigned char dh_p_16[DH_P_16_LEN] = {
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21,
+	0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 0x29, 0x02,
+	0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B,
+	0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF, 0x95, 0x19, 0xB3,
+	0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, 0x4F,
+	0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E,
+	0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C,
+	0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
+	0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC,
+	0xE4, 0x5B, 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA,
+	0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF,
+	0x5F, 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
+	0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 0x67,
+	0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18,
+	0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, 0xE3, 0x9E, 0x77,
+	0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+	0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE, 0x2B, 0xCB, 0xF6, 0x95,
+	0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2,
+	0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4,
+	0x2D, 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB,
+	0xDF, 0x1C, 0xBA, 0x64, 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A,
+	0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1,
+	0xE4, 0xC7, 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94,
+	0xE0, 0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
+	0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73, 0x3E,
+	0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, 0xBB, 0xE1,
+	0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46,
+	0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, 0x43, 0xDB, 0x5B, 0xFC,
+	0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01, 0x1A,
+	0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA,
+	0x5B, 0x26, 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C, 0x1A, 0x94, 0x68,
+	0x34, 0xB6, 0x15, 0x0B, 0xDA, 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8,
+	0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, 0x14, 0x1F,
+	0xBE, 0xCA, 0xA6, 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, 0xB2,
+	0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7,
+	0xED, 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76,
+	0x21, 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, 0x93,
+	0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6,
+	0xC0, 0x8F, 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
+#endif /* DROPBEAR_DH_GROUP16 */
+
+/* Same for all groups */
+const int DH_G_VAL = 2;
+

dh_groups.h

@@ -0,0 +1,24 @@
+#ifndef DROPBEAR_DH_GROUPS_H
+#define DROPBEAR_DH_GROUPS_H
+#include "options.h"
+
+#if DROPBEAR_DH_GROUP1
+#define DH_P_1_LEN 128
+extern const unsigned char dh_p_1[DH_P_1_LEN];
+#endif
+
+#if DROPBEAR_DH_GROUP14
+#define DH_P_14_LEN 256
+extern const unsigned char dh_p_14[DH_P_14_LEN];
+#endif
+
+#if DROPBEAR_DH_GROUP16
+#define DH_P_16_LEN 512
+extern const unsigned char dh_p_16[DH_P_16_LEN];
+#endif
+
+
+extern const int DH_G_VAL;
+
+
+#endif

dropbearkey.c

@@ -105,25 +105,25 @@ static void printhelp(char * progname) {
 /* fails fatally */
 static void check_signkey_bits(enum signkey_type type, int bits)
 {
-        switch (type) {
+	switch (type) {
 #ifdef DROPBEAR_RSA
-            case DROPBEAR_SIGNKEY_RSA:
-                if (bits < 512 || bits > 4096 || (bits % 8 != 0)) {
-                	dropbear_exit("Bits must satisfy 512 <= bits <= 4096, and be a"
-                            " multiple of 8\n");
-                }
-                break;
+		case DROPBEAR_SIGNKEY_RSA:
+			if (bits < 512 || bits > 4096 || (bits % 8 != 0)) {
+				dropbear_exit("Bits must satisfy 512 <= bits <= 4096, and be a"
+				              " multiple of 8\n");
+			}
+			break;
 #endif
 #ifdef DROPEAR_DSS
-            case DROPBEAR_SIGNKEY_DSS:
-                if (bits != 1024) {
-                    dropbear_exit("DSS keys have a fixed size of 1024 bits\n");
-                    exit(EXIT_FAILURE);
-                }
+		case DROPBEAR_SIGNKEY_DSS:
+			if (bits != 1024) {
+				dropbear_exit("DSS keys have a fixed size of 1024 bits\n");
+				exit(EXIT_FAILURE);
+			}
 #endif
-			default:
-				(void)0; /* quiet, compiler. ecdsa handles checks itself */
-        }
+		default:
+			(void)0; /* quiet, compiler. ecdsa handles checks itself */
+	}
 }
 
 #if defined(DBMULTI_dropbearkey) || !defined(DROPBEAR_MULTI)
@@ -238,13 +238,13 @@ int main(int argc, char ** argv) {
 		}
 		
 		check_signkey_bits(keytype, bits);;
-    }
+	}
 
 	fprintf(stderr, "Generating key, this may take a while...\n");
-    if (signkey_generate(keytype, bits, filename) == DROPBEAR_FAILURE)
-    {
-    	dropbear_exit("Failed to generate key.\n");
-    }
+	if (signkey_generate(keytype, bits, filename) == DROPBEAR_FAILURE)
+	{
+		dropbear_exit("Failed to generate key.\n");
+	}
 
 	printpubfile(filename);
 

ecc.h

@@ -20,7 +20,7 @@ extern struct dropbear_ecc_curve ecc_curve_nistp384;
 extern struct dropbear_ecc_curve ecc_curve_nistp521;
 extern struct dropbear_ecc_curve *dropbear_ecc_curves[];
 
-void dropbear_ecc_fill_dp();
+void dropbear_ecc_fill_dp(void);
 struct dropbear_ecc_curve* curve_for_dp(const ltc_ecc_set_type *dp);
 
 /* "pubkey" refers to a point, but LTC uses ecc_key structure for both public

ecdsa.c

@@ -385,12 +385,12 @@ int buf_ecdsa_verify(buffer *buf, ecc_key *key, buffer *data_buf) {
 			goto out; 
 		}
 
-    	/* reduce */
+		/* reduce */
 		if (ltc_mp.ecc_map(mG, m, mp) != CRYPT_OK) { 
 			goto out; 
 		}
 	} else {
-      /* use Shamir's trick to compute u1*mG + u2*mQ using half of the doubles */
+		/* use Shamir's trick to compute u1*mG + u2*mQ using half of the doubles */
 		if (ltc_mp.ecc_mul2add(mG, u1, mQ, u2, mG, m) != CRYPT_OK) { 
 			goto out; 
 		}

gensignkey.c

@@ -52,28 +52,28 @@ out:
 /* returns 0 on failure */
 static int get_default_bits(enum signkey_type keytype)
 {
-        switch (keytype) {
+	switch (keytype) {
 #ifdef DROPBEAR_RSA
-            case DROPBEAR_SIGNKEY_RSA:
-				return RSA_DEFAULT_SIZE;
+		case DROPBEAR_SIGNKEY_RSA:
+			return RSA_DEFAULT_SIZE;
 #endif
 #ifdef DROPBEAR_DSS
-            case DROPBEAR_SIGNKEY_DSS:
-                return DSS_DEFAULT_SIZE;
+		case DROPBEAR_SIGNKEY_DSS:
+			return DSS_DEFAULT_SIZE;
 #endif
 #ifdef DROPBEAR_ECDSA
-            case DROPBEAR_SIGNKEY_ECDSA_KEYGEN:
-                return ECDSA_DEFAULT_SIZE;
-            case DROPBEAR_SIGNKEY_ECDSA_NISTP521:
-            	return 521;
-            case DROPBEAR_SIGNKEY_ECDSA_NISTP384:
-            	return 384;
-            case DROPBEAR_SIGNKEY_ECDSA_NISTP256:
-            	return 256;
+		case DROPBEAR_SIGNKEY_ECDSA_KEYGEN:
+			return ECDSA_DEFAULT_SIZE;
+		case DROPBEAR_SIGNKEY_ECDSA_NISTP521:
+			return 521;
+		case DROPBEAR_SIGNKEY_ECDSA_NISTP384:
+			return 384;
+		case DROPBEAR_SIGNKEY_ECDSA_NISTP256:
+			return 256;
 #endif
-            default:
-                return 0;
-		}
+		default:
+			return 0;
+	}
 }
 
 int signkey_generate(enum signkey_type keytype, int bits, const char* filename)

kex.h

@@ -29,40 +29,40 @@
 #include "algo.h"
 #include "signkey.h"
 
-void send_msg_kexinit();
-void recv_msg_kexinit();
-void send_msg_newkeys();
-void recv_msg_newkeys();
-void kexfirstinitialise();
+void send_msg_kexinit(void);
+void recv_msg_kexinit(void);
+void send_msg_newkeys(void);
+void recv_msg_newkeys(void);
+void kexfirstinitialise(void);
 
-struct kex_dh_param *gen_kexdh_param();
+struct kex_dh_param *gen_kexdh_param(void);
 void free_kexdh_param(struct kex_dh_param *param);
 void kexdh_comb_key(struct kex_dh_param *param, mp_int *dh_pub_them,
 		sign_key *hostkey);
 
 #ifdef DROPBEAR_ECDH
-struct kex_ecdh_param *gen_kexecdh_param();
+struct kex_ecdh_param *gen_kexecdh_param(void);
 void free_kexecdh_param(struct kex_ecdh_param *param);
 void kexecdh_comb_key(struct kex_ecdh_param *param, buffer *pub_them,
 		sign_key *hostkey);
 #endif
 
 #ifdef DROPBEAR_CURVE25519
-struct kex_curve25519_param *gen_kexcurve25519_param();
+struct kex_curve25519_param *gen_kexcurve25519_param(void);
 void free_kexcurve25519_param(struct kex_curve25519_param *param);
 void kexcurve25519_comb_key(struct kex_curve25519_param *param, buffer *pub_them,
 		sign_key *hostkey);
 #endif
 
 #ifndef DISABLE_ZLIB
-int is_compress_trans();
-int is_compress_recv();
+int is_compress_trans(void);
+int is_compress_recv(void);
 #endif
 
-void recv_msg_kexdh_init(); /* server */
+void recv_msg_kexdh_init(void); /* server */
 
-void send_msg_kexdh_init(); /* client */
-void recv_msg_kexdh_reply(); /* client */
+void send_msg_kexdh_init(void); /* client */
+void recv_msg_kexdh_reply(void); /* client */
 
 struct KEXState {
 
@@ -83,11 +83,6 @@ struct KEXState {
 
 };
 
-#define DH_P_1_LEN 128
-extern const unsigned char dh_p_1[DH_P_1_LEN];
-#define DH_P_14_LEN 256
-extern const unsigned char dh_p_14[DH_P_14_LEN];
-
 struct kex_dh_param {
 	mp_int pub; /* e */
 	mp_int priv; /* x */

keyimport.c

@@ -194,13 +194,13 @@ static void base64_encode_fp(FILE * fp, unsigned char *data,
 		int datalen, int cpl)
 {
 	unsigned char out[100];
-    int n;
+	int n;
 	unsigned long outlen;
 	int rawcpl;
 	rawcpl = cpl * 3 / 4;
 	dropbear_assert((unsigned int)cpl < sizeof(out));
 
-    while (datalen > 0) {
+	while (datalen > 0) {
 		n = (datalen < rawcpl ? datalen : rawcpl);
 		outlen = sizeof(out);
 		base64_encode(data, n, out, &outlen);
@@ -208,7 +208,7 @@ static void base64_encode_fp(FILE * fp, unsigned char *data,
 		datalen -= n;
 		fwrite(out, 1, outlen, fp);
 		fputc('\n', fp);
-    }
+	}
 }
 /*
  * Read an ASN.1/BER identifier and length pair.
@@ -1056,7 +1056,7 @@ static int openssh_write(const char *filename, sign_key *key,
 		dropbear_assert(k_size <= curve_size);
 		buf_incrwritepos(seq_buf,
 			ber_write_id_len(buf_getwriteptr(seq_buf, 10), 4, k_size, 0));
-	    mp_to_unsigned_bin((*eck)->k, buf_getwriteptr(seq_buf, k_size));
+		mp_to_unsigned_bin((*eck)->k, buf_getwriteptr(seq_buf, k_size));
 		buf_incrwritepos(seq_buf, k_size);
 
 		/* SECGCurveNames */

libtomcrypt/src/headers/tomcrypt_custom.h

@@ -1,7 +1,7 @@
 #ifndef TOMCRYPT_CUSTOM_H_
 #define TOMCRYPT_CUSTOM_H_
 
-/* this will sort out which stuff based on the user-config in options.h */
+/* compile options depend on Dropbear options.h */
 #include "options.h"
 
 /* macros for various libc functions you can change for embedded targets */

libtomcrypt/src/misc/zeromem.c

@@ -9,6 +9,7 @@
  * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
+#include "dbhelpers.h"
 
 /**
    @file zeromem.c
@@ -22,11 +23,7 @@
 */
 void zeromem(void *out, size_t outlen)
 {
-   unsigned char *mem = out;
-   LTC_ARGCHKVD(out != NULL);
-   while (outlen-- > 0) {
-      *mem++ = 0;
-   }
+   m_burn(out, outlen);
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/zeromem.c,v $ */

libtommath/Makefile.in

@@ -8,10 +8,8 @@ VERSION=0.40
 VPATH=@srcdir@
 srcdir=@srcdir@
 
-# Dropbear takes flags from the toplevel makefile
-CFLAGS += -I$(srcdir)
-
-#CFLAGS  +=  -I./ -Wall -W -Wshadow -Wsign-compare
+# So that libtommath can include Dropbear headers for options and m_burn()
+CFLAGS += -I$(srcdir)/../libtomcrypt/src/headers/ -I$(srcdir)/../
 
 ifndef IGNORE_SPEED
 

libtommath/bn_mp_clear.c

@@ -1,4 +1,5 @@
 #include <tommath.h>
+#include "dbhelpers.h"
 #ifdef BN_MP_CLEAR_C
 /* LibTomMath, multiple-precision integer library -- Tom St Denis
  *
@@ -19,17 +20,10 @@
 void
 mp_clear (mp_int * a)
 {
-  volatile mp_digit *p;
-  int len;
-
   /* only do anything if a hasn't been freed previously */
   if (a->dp != NULL) {
     /* first zero the digits */
-	len = a->alloc;
-	p = a->dp;
-	while (len--) {
-		*p++ = 0;
-	}
+	m_burn(a->dp, a->alloc * sizeof(*a->dp));
 
     /* free ram */
     XFREE(a->dp);

list.h

@@ -4,22 +4,22 @@
 struct _m_list;
 
 struct _m_list_elem {
-    void *item;
+	void *item;
 	struct _m_list_elem *next;
 	struct _m_list_elem *prev;
-    struct _m_list *list;
+	struct _m_list *list;
 };
 	
 typedef struct _m_list_elem m_list_elem;
 
 struct _m_list {
-    m_list_elem *first;
-    m_list_elem *last;
+	m_list_elem *first;
+	m_list_elem *last;
 };
 
 typedef struct _m_list m_list;
 
-m_list * list_new();
+m_list * list_new(void);
 void list_append(m_list *list, void *item);
 /* returns the item for the element removed */
 void * list_remove(m_list_elem *elem);

listener.h

@@ -46,7 +46,7 @@ struct Listener {
 
 };
 
-void listeners_initialise();
+void listeners_initialise(void);
 void handle_listeners(fd_set * readfds);
 void set_listener_fds(fd_set * readfds);
 

loginrec.c

@@ -305,21 +305,6 @@ login_set_current_time(struct logininfo *li)
 	li->tv_usec = tv.tv_usec;
 }
 
-/* copy a sockaddr_* into our logininfo */
-void
-login_set_addr(struct logininfo *li, const struct sockaddr *sa,
-	       const unsigned int sa_size)
-{
-	unsigned int bufsize = sa_size;
-
-	/* make sure we don't overrun our union */
-	if (sizeof(li->hostaddr) < sa_size)
-		bufsize = sizeof(li->hostaddr);
-
-	memcpy((void *)&(li->hostaddr.sa), (const void *)sa, bufsize);
-}
-
-
 /**
  ** login_write: Call low-level recording functions based on autoconf
  ** results

loginrec.h

@@ -173,10 +173,6 @@ int login_utmp_only(struct logininfo *li);
 int login_write (struct logininfo *li);
 int login_log_entry(struct logininfo *li);
 
-/* set the network address based on network address type */
-void login_set_addr(struct logininfo *li, const struct sockaddr *sa,
-		    const unsigned int sa_size);
-
 /* produce various forms of the line filename */
 char *line_fullname(char *dst, const char *src, size_t dstsize);
 char *line_stripname(char *dst, const char *src, size_t dstsize);

ltc_prng.c

@@ -123,14 +123,14 @@ int dropbear_prng_test(void)
 const struct ltc_prng_descriptor dropbear_prng_desc =
 {
     "dropbear_prng", 0,
-    &dropbear_prng_start,
-    &dropbear_prng_add_entropy,
-    &dropbear_prng_ready,
-    &dropbear_prng_read,
-    &dropbear_prng_done,
-    &dropbear_prng_export,
-    &dropbear_prng_import,
-    &dropbear_prng_test
+    dropbear_prng_start,
+    dropbear_prng_add_entropy,
+    dropbear_prng_ready,
+    dropbear_prng_read,
+    dropbear_prng_done,
+    dropbear_prng_export,
+    dropbear_prng_import,
+    dropbear_prng_test
 };
 
 

netio.h

@@ -36,7 +36,7 @@ void set_connect_fds(fd_set *writefd);
 /* Handles ready sockets after select() */
 void handle_connect_fds(fd_set *writefd);
 /* Cleanup */
-void remove_connect_pending();
+void remove_connect_pending(void);
 
 /* Doesn't actually stop the connect, but adds a dummy callback instead */
 void cancel_connect(struct dropbear_progress_connection *c);

options.h

@@ -168,6 +168,11 @@ If you test it please contact the Dropbear author */
  * ECDSA above */
 #define DROPBEAR_ECDH
 
+/* Group14 (2048 bit) is recommended. Group1 is less secure (1024 bit) though
+   is the only option for interoperability with some older SSH programs */
+#define DROPBEAR_DH_GROUP1 1
+#define DROPBEAR_DH_GROUP14 1
+
 /* Control the memory/performance/compression tradeoff for zlib.
  * Set windowBits=8 for least memory usage, see your system's
  * zlib.h for full details.

packet.c

@@ -36,11 +36,11 @@
 #include "channel.h"
 #include "netio.h"
 
-static int read_packet_init();
+static int read_packet_init(void);
 static void make_mac(unsigned int seqno, const struct key_context_directional * key_state,
 		buffer * clear_buf, unsigned int clear_len, 
 		unsigned char *output_mac);
-static int checkmac();
+static int checkmac(void);
 
 /* For exact details see http://www.zlib.net/zlib_tech.html
  * 5 bytes per 16kB block, plus 6 bytes for the stream.
@@ -576,8 +576,8 @@ void encrypt_packet() {
 	}
 	buf_incrpos(writebuf, len);
 
-    /* stick the MAC on it */
-    buf_putbytes(writebuf, mac_bytes, mac_size);
+	/* stick the MAC on it */
+	buf_putbytes(writebuf, mac_bytes, mac_size);
 
 	/* Update counts */
 	ses.kexstate.datatrans += writebuf->len;
@@ -645,7 +645,7 @@ static void make_mac(unsigned int seqno, const struct key_context_directional *
 			dropbear_exit("HMAC error");
 		}
 	
-        bufsize = MAX_MAC_LEN;
+		bufsize = MAX_MAC_LEN;
 		if (hmac_done(&hmac, output_mac, &bufsize) != CRYPT_OK) {
 			dropbear_exit("HMAC error");
 		}

packet.h

@@ -30,19 +30,19 @@
 #include "queue.h"
 #include "buffer.h"
 
-void write_packet();
-void read_packet();
-void decrypt_packet();
-void encrypt_packet();
+void write_packet(void);
+void read_packet(void);
+void decrypt_packet(void);
+void encrypt_packet(void);
 
 void writebuf_enqueue(buffer * writebuf, unsigned char packet_type);
 
-void process_packet();
+void process_packet(void);
 
-void maybe_flush_reply_queue();
+void maybe_flush_reply_queue(void);
 typedef struct PacketType {
 	unsigned char type; /* SSH_MSG_FOO */
-	void (*handler)();
+	void (*handler)(void);
 } packettype;
 
 #define PACKET_PADDING_OFF 4

process-packet.c

@@ -37,7 +37,7 @@
 
 #define MAX_UNAUTH_PACKET_TYPE SSH_MSG_USERAUTH_PK_OK
 
-static void recv_unimplemented();
+static void recv_unimplemented(void);
 
 /* process a decrypted packet, call the appropriate handler */
 void process_packet() {

rsa.c

@@ -47,7 +47,7 @@ static void rsa_pad_em(dropbear_rsa_key * key,
  * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */
 int buf_get_rsa_pub_key(buffer* buf, dropbear_rsa_key *key) {
 
-    int ret = DROPBEAR_FAILURE;
+	int ret = DROPBEAR_FAILURE;
 	TRACE(("enter buf_get_rsa_pub_key"))
 	dropbear_assert(key != NULL);
 	m_mp_alloc_init_multi(&key->e, &key->n, NULL);
@@ -60,21 +60,21 @@ int buf_get_rsa_pub_key(buffer* buf, dropbear_rsa_key *key) {
 	if (buf_getmpint(buf, key->e) == DROPBEAR_FAILURE
 	 || buf_getmpint(buf, key->n) == DROPBEAR_FAILURE) {
 		TRACE(("leave buf_get_rsa_pub_key: failure"))
-	    goto out;
+		goto out;
 	}
 
 	if (mp_count_bits(key->n) < MIN_RSA_KEYLEN) {
 		dropbear_log(LOG_WARNING, "RSA key too short");
-	    goto out;
+		goto out;
 	}
 
 	TRACE(("leave buf_get_rsa_pub_key: success"))
-    ret = DROPBEAR_SUCCESS;
+	ret = DROPBEAR_SUCCESS;
 out:
-    if (ret == DROPBEAR_FAILURE) {
-        m_free(key->e);
-        m_free(key->n);
-    }
+	if (ret == DROPBEAR_FAILURE) {
+		m_free(key->e);
+		m_free(key->n);
+	}
 	return ret;
 }
 
@@ -82,7 +82,7 @@ out:
  * Loads a private rsa key from a buffer
  * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */
 int buf_get_rsa_priv_key(buffer* buf, dropbear_rsa_key *key) {
-    int ret = DROPBEAR_FAILURE;
+	int ret = DROPBEAR_FAILURE;
 
 	TRACE(("enter buf_get_rsa_priv_key"))
 	dropbear_assert(key != NULL);
@@ -99,34 +99,34 @@ int buf_get_rsa_priv_key(buffer* buf, dropbear_rsa_key *key) {
 	m_mp_alloc_init_multi(&key->d, NULL);
 	if (buf_getmpint(buf, key->d) == DROPBEAR_FAILURE) {
 		TRACE(("leave buf_get_rsa_priv_key: d: ret == DROPBEAR_FAILURE"))
-	    goto out;
+		goto out;
 	}
 
 	if (buf->pos == buf->len) {
-    	/* old Dropbear private keys didn't keep p and q, so we will ignore them*/
+		/* old Dropbear private keys didn't keep p and q, so we will ignore them*/
 	} else {
 		m_mp_alloc_init_multi(&key->p, &key->q, NULL);
 
 		if (buf_getmpint(buf, key->p) == DROPBEAR_FAILURE) {
 			TRACE(("leave buf_get_rsa_priv_key: p: ret == DROPBEAR_FAILURE"))
-		    goto out;
+			goto out;
 		}
 
 		if (buf_getmpint(buf, key->q) == DROPBEAR_FAILURE) {
 			TRACE(("leave buf_get_rsa_priv_key: q: ret == DROPBEAR_FAILURE"))
-		    goto out;
+			goto out;
 		}
 	}
 
-    ret = DROPBEAR_SUCCESS;
+	ret = DROPBEAR_SUCCESS;
 out:
-    if (ret == DROPBEAR_FAILURE) {
-        m_free(key->d);
-        m_free(key->p);
-        m_free(key->q);
-    }
+	if (ret == DROPBEAR_FAILURE) {
+		m_free(key->d);
+		m_free(key->p);
+		m_free(key->q);
+	}
 	TRACE(("leave buf_get_rsa_priv_key"))
-    return ret;
+	return ret;
 }
 	
 

rsa.h

@@ -30,7 +30,7 @@
 
 #ifdef DROPBEAR_RSA 
 
-#define RSA_SIGNATURE_SIZE 4+7+4+40
+#define RSA_SIGNATURE_SIZE (4+7+4+40)
 
 typedef struct {
 

runopts.h

@@ -40,6 +40,7 @@ typedef struct runopts {
 	unsigned int recv_window;
 	time_t keepalive_secs; /* Time between sending keepalives. 0 is off */
 	time_t idle_timeout_secs; /* Exit if no traffic is sent/received in this time */
+	int usingsyslog;
 
 #ifndef DISABLE_ZLIB
 	/* TODO: add a commandline flag. Currently this is on by default if compression
@@ -63,14 +64,13 @@ extern runopts opts;
 
 int readhostkey(const char * filename, sign_key * hostkey, 
 	enum signkey_type *type);
-void load_all_hostkeys();
+void load_all_hostkeys(void);
 
 typedef struct svr_runopts {
 
 	char * bannerfile;
 
 	int forkbg;
-	int usingsyslog;
 
 	/* ports and addresses are arrays of the portcount 
 	listening ports. strings are malloced. */
@@ -119,7 +119,7 @@ typedef struct svr_runopts {
 extern svr_runopts svr_opts;
 
 void svr_getopts(int argc, char ** argv);
-void loadhostkeys();
+void loadhostkeys(void);
 
 typedef struct cli_runopts {
 
@@ -140,6 +140,9 @@ typedef struct cli_runopts {
 #ifdef ENABLE_CLI_PUBKEY_AUTH
 	m_list *privkeys; /* Keys to use for public-key auth */
 #endif
+#ifdef ENABLE_CLI_ANYTCPFWD
+	int exit_on_fwd_failure;
+#endif
 #ifdef ENABLE_CLI_REMOTETCPFWD
 	m_list * remotefwds;
 #endif
@@ -167,7 +170,7 @@ extern cli_runopts cli_opts;
 void cli_getopts(int argc, char ** argv);
 
 #ifdef ENABLE_USER_ALGO_LIST
-void parse_ciphers_macs();
+void parse_ciphers_macs(void);
 #endif
 
 void print_version(void);

scp.c

@@ -1,3 +1,6 @@
+/* Dropbear Note: This file is based on OpenSSH 4.3p2. Avoid unnecessary 
+   changes to simplify future updates */
+
 /*
  * scp - secure remote copy.  This is basically patched BSD rcp which
  * uses ssh to do the data transfer (instead of using rcmd).
@@ -286,7 +289,6 @@ int okname(char *);
 void run_err(const char *,...);
 void verifydir(char *);
 
-struct passwd *pwd;
 uid_t userid;
 int errs, remin, remout;
 int pflag, iamremote, iamrecursive, targetshouldbedirectory;
@@ -393,9 +395,6 @@ main(int argc, char **argv)
 	argc -= optind;
 	argv += optind;
 
-	if ((pwd = getpwuid(userid = getuid())) == NULL)
-		fatal("unknown user %u", (u_int) userid);
-
 	if (!isatty(STDERR_FILENO))
 		showprogress = 0;
 
@@ -441,9 +440,9 @@ main(int argc, char **argv)
 	 */
 	if (do_cmd_pid != -1 && errs == 0) {
 		if (remin != -1)
-		    (void) close(remin);
+			(void) close(remin);
 		if (remout != -1)
-		    (void) close(remout);
+			(void) close(remout);
 		if (waitpid(do_cmd_pid, &status, 0) == -1)
 			errs = 1;
 		else {
@@ -511,7 +510,7 @@ toremote(char *targ, int argc, char **argv)
 				host = cleanhostname(host);
 				suser = argv[i];
 				if (*suser == '\0')
-					suser = pwd->pw_name;
+					continue; /* pretend there wasn't any @ at all */
 				else if (!okname(suser))
 					continue;
 				addargs(&alist, "-l");
@@ -579,7 +578,7 @@ tolocal(int argc, char **argv)
 			*host++ = 0;
 			suser = argv[i];
 			if (*suser == '\0')
-				suser = pwd->pw_name;
+				suser = NULL;
 		}
 		host = cleanhostname(host);
 		len = strlen(src) + CMDNEEDS + 20;
@@ -673,7 +672,7 @@ next:			if (fd != -1) {
 			}
 			continue;
 		}
-#if PROGRESS_METER
+#ifdef PROGRESS_METER
 		if (showprogress)
 			start_progress_meter(curfile, stb.st_size, &statbytes);
 #endif
@@ -773,7 +772,7 @@ void
 bwlimit(int amount)
 {
 	static struct timeval bwstart, bwend;
-	static int lamt, thresh = 16384;
+	static int lamt = 0, thresh = 16384;
 	uint64_t waitlen;
 	struct timespec ts, rm;
 
@@ -842,7 +841,7 @@ sink(int argc, char **argv)
 
 #define	atime	tv[0]
 #define	mtime	tv[1]
-#define	SCREWUP(str)	{ why = str; goto screwup; }
+#define	SCREWUP(str)	do { why = str; goto screwup; } while (0)
 
 	setimes = targisdir = 0;
 	mask = umask(0);
@@ -941,8 +940,8 @@ sink(int argc, char **argv)
 			exit(1);
 		}
 		if (targisdir) {
-			static char *namebuf;
-			static size_t cursize;
+			static char *namebuf = NULL;
+			static size_t cursize = 0;
 			size_t need;
 
 			need = strlen(targ) + strlen(cp) + 250;
@@ -1154,7 +1153,7 @@ usage(void)
 void
 run_err(const char *fmt,...)
 {
-	static FILE *fp;
+	static FILE *fp = NULL;
 	va_list ap;
 
 	++errs;

scpmisc.c

@@ -1,3 +1,6 @@
+/* Dropbear Note: This file is based on OpenSSH 4.3p2. Avoid unnecessary 
+   changes to simplify future updates */
+
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -223,6 +226,7 @@ void fatal(char* fmt,...)
 	va_start(args, fmt);
 	vfprintf(stderr, fmt, args);
 	va_end(args);
+	fputc('\n', stderr);
 	exit(255);
 }
 

service.h

@@ -25,6 +25,6 @@
 #ifndef DROPBEAR_SERVICE_H_
 #define DROPBEAR_SERVICE_H_
 
-void recv_msg_service_request(); /* Server */
+void recv_msg_service_request(void); /* Server */
 
 #endif /* DROPBEAR_SERVICE_H_ */

session.h

@@ -45,14 +45,14 @@ extern int exitflag;
 
 void common_session_init(int sock_in, int sock_out);
 void session_loop(void(*loophandler)()) ATTRIB_NORETURN;
-void session_cleanup();
-void send_session_identification();
-void send_msg_ignore();
-void ignore_recv_response();
+void session_cleanup(void);
+void send_session_identification(void);
+void send_msg_ignore(void);
+void ignore_recv_response(void);
 
-void update_channel_prio();
+void update_channel_prio(void);
 
-const char* get_user_shell();
+const char* get_user_shell(void);
 void fill_passwd(const char* username);
 
 /* Server */
@@ -61,9 +61,10 @@ void svr_dropbear_exit(int exitcode, const char* format, va_list param) ATTRIB_N
 void svr_dropbear_log(int priority, const char* format, va_list param);
 
 /* Client */
-void cli_session(int sock_in, int sock_out, struct dropbear_progress_connection *progress) ATTRIB_NORETURN;
+void cli_session(int sock_in, int sock_out, struct dropbear_progress_connection *progress, pid_t proxy_cmd_pid) ATTRIB_NORETURN;
 void cli_connected(int result, int sock, void* userdata, const char *errstring);
 void cleantext(char* dirtytext);
+void kill_proxy_command(void);
 
 /* crypto parameters that are stored individually for transmit and receive */
 struct key_context_directional {
@@ -188,11 +189,11 @@ struct sshsession {
 	   concluded (ie, while dataallowed was unset)*/
 	struct packetlist *reply_queue_head, *reply_queue_tail;
 
-	void(*remoteclosed)(); /* A callback to handle closure of the
+	void(*remoteclosed)(void); /* A callback to handle closure of the
 									  remote connection */
 
-	void(*extra_session_cleanup)(); /* client or server specific cleanup */
-	void(*send_kex_first_guess)();
+	void(*extra_session_cleanup)(void); /* client or server specific cleanup */
+	void(*send_kex_first_guess)(void);
 
 	struct AuthState authstate; /* Common amongst client and server, since most
 								   struct elements are common */
@@ -304,6 +305,7 @@ struct clientsession {
 	struct AgentkeyList *agentkeys; /* Keys to use for public-key auth */
 #endif
 
+	pid_t proxy_cmd_pid;
 };
 
 /* Global structs storing the state */

signkey.c

@@ -29,7 +29,7 @@
 #include "ssh.h"
 #include "ecdsa.h"
 
-static const char *signkey_names[DROPBEAR_SIGNKEY_NUM_NAMED] = {
+static const char * const signkey_names[DROPBEAR_SIGNKEY_NUM_NAMED] = {
 #ifdef DROPBEAR_RSA
 	"ssh-rsa",
 #endif
@@ -93,7 +93,7 @@ enum signkey_type signkey_type_from_name(const char* name, unsigned int namelen)
 			}
 #endif
 
-			return i;
+			return (enum signkey_type)i;
 		}
 	}
 
@@ -317,15 +317,15 @@ void buf_put_priv_key(buffer* buf, sign_key *key, enum signkey_type type) {
 #ifdef DROPBEAR_DSS
 	if (type == DROPBEAR_SIGNKEY_DSS) {
 		buf_put_dss_priv_key(buf, key->dsskey);
-	TRACE(("leave buf_put_priv_key: dss done"))
-	return;
+		TRACE(("leave buf_put_priv_key: dss done"))
+		return;
 	}
 #endif
 #ifdef DROPBEAR_RSA
 	if (type == DROPBEAR_SIGNKEY_RSA) {
 		buf_put_rsa_priv_key(buf, key->rsakey);
-	TRACE(("leave buf_put_priv_key: rsa done"))
-	return;
+		TRACE(("leave buf_put_priv_key: rsa done"))
+		return;
 	}
 #endif
 #ifdef DROPBEAR_ECDSA

signkey.h

@@ -82,7 +82,7 @@ struct SIGN_key {
 
 typedef struct SIGN_key sign_key;
 
-sign_key * new_sign_key();
+sign_key * new_sign_key(void);
 const char* signkey_name_from_type(enum signkey_type type, unsigned int *namelen);
 enum signkey_type signkey_type_from_name(const char* name, unsigned int namelen);
 int buf_get_pub_key(buffer *buf, sign_key *key, enum signkey_type *type);

svr-auth.c

@@ -35,7 +35,7 @@
 #include "runopts.h"
 #include "dbrandom.h"
 
-static void authclear();
+static void authclear(void);
 static int checkusername(char *username, unsigned int userlen);
 
 /* initialise the first time for a session, resetting all parameters */

svr-authpam.c

@@ -218,7 +218,7 @@ void svr_auth_pam() {
 	}
 
 	/* just to set it to something */
-	if ((rc = pam_set_item(pamHandlep, PAM_TTY, "ssh") != PAM_SUCCESS)) {
+	if ((rc = pam_set_item(pamHandlep, PAM_TTY, "ssh")) != PAM_SUCCESS) {
 		dropbear_log(LOG_WARNING, "pam_set_item() failed, rc=%d, %s",
 				rc, pam_strerror(pamHandlep, rc));
 		goto cleanup;

svr-authpubkey.c

@@ -72,7 +72,7 @@
 
 static int checkpubkey(char* algo, unsigned int algolen,
 		unsigned char* keyblob, unsigned int keybloblen);
-static int checkpubkeyperms();
+static int checkpubkeyperms(void);
 static void send_msg_userauth_pk_ok(char* algo, unsigned int algolen,
 		unsigned char* keyblob, unsigned int keybloblen);
 static int checkfileperm(char * filename);

svr-kex.c

@@ -138,7 +138,7 @@ static void svr_ensure_hostkey() {
 			break;
 #endif
 		default:
-			(void)0;
+			dropbear_assert(0);
 	}
 
 	if (readhostkey(fn, svr_opts.hostkey, &type) == DROPBEAR_SUCCESS) {

svr-main.c

@@ -36,12 +36,12 @@ static void sigchld_handler(int dummy);
 static void sigsegv_handler(int);
 static void sigintterm_handler(int fish);
 #ifdef INETD_MODE
-static void main_inetd();
+static void main_inetd(void);
 #endif
 #ifdef NON_INETD_MODE
-static void main_noinetd();
+static void main_noinetd(void);
 #endif
-static void commonsetup();
+static void commonsetup(void);
 
 #if defined(DBMULTI_dropbear) || !defined(DROPBEAR_MULTI)
 #if defined(DBMULTI_dropbear) && defined(DROPBEAR_MULTI)
@@ -104,7 +104,7 @@ static void main_inetd() {
 #endif /* INETD_MODE */
 
 #ifdef NON_INETD_MODE
-void main_noinetd() {
+static void main_noinetd() {
 	fd_set fds;
 	unsigned int i, j;
 	int val;
@@ -145,7 +145,7 @@ void main_noinetd() {
 	if (svr_opts.forkbg) {
 		int closefds = 0;
 #ifndef DEBUG_TRACE
-		if (!svr_opts.usingsyslog) {
+		if (!opts.usingsyslog) {
 			closefds = 1;
 		}
 #endif
@@ -306,8 +306,8 @@ void main_noinetd() {
 #endif
 
 				/* make sure we close sockets */
-				for (i = 0; i < listensockcount; i++) {
-					m_close(listensocks[i]);
+				for (j = 0; j < listensockcount; j++) {
+					m_close(listensocks[j]);
 				}
 
 				m_close(childpipe[0]);
@@ -338,7 +338,7 @@ static void sigchld_handler(int UNUSED(unused)) {
 
 	const int saved_errno = errno;
 
-	while(waitpid(-1, NULL, WNOHANG) > 0); 
+	while(waitpid(-1, NULL, WNOHANG) > 0) {}
 
 	sa_chld.sa_handler = sigchld_handler;
 	sa_chld.sa_flags = SA_NOCLDSTOP;
@@ -367,8 +367,8 @@ static void commonsetup() {
 
 	struct sigaction sa_chld;
 #ifndef DISABLE_SYSLOG
-	if (svr_opts.usingsyslog) {
-		startsyslog();
+	if (opts.usingsyslog) {
+		startsyslog(PROGNAME);
 	}
 #endif
 
@@ -398,7 +398,7 @@ static void commonsetup() {
 	 * otherwise we might end up blatting error messages to the socket */
 	load_all_hostkeys();
 
-    seedrandom();
+	seedrandom();
 }
 
 /* Set up listening sockets for all the requested ports */

svr-runopts.c

@@ -158,7 +158,7 @@ void svr_getopts(int argc, char ** argv) {
 	svr_opts.domotd = 1;
 #endif
 #ifndef DISABLE_SYSLOG
-	svr_opts.usingsyslog = 1;
+	opts.usingsyslog = 1;
 #endif
 	opts.recv_window = DEFAULT_RECV_WINDOW;
 	opts.keepalive_secs = DEFAULT_KEEPALIVE;
@@ -189,7 +189,7 @@ void svr_getopts(int argc, char ** argv) {
 					break;
 #ifndef DISABLE_SYSLOG
 				case 'E':
-					svr_opts.usingsyslog = 0;
+					opts.usingsyslog = 0;
 					break;
 #endif
 #ifdef ENABLE_SVR_LOCALTCPFWD

svr-session.c

@@ -41,7 +41,7 @@
 #include "runopts.h"
 #include "crypto_desc.h"
 
-static void svr_remoteclosed();
+static void svr_remoteclosed(void);
 
 struct serversession svr_ses; /* GLOBAL */
 
@@ -160,7 +160,7 @@ void svr_dropbear_exit(int exitcode, const char* format, va_list param) {
 	} else if (ses.authstate.pw_name) {
 		/* we have a potential user */
 		snprintf(fmtbuf, sizeof(fmtbuf), 
-				"Exit before auth (user '%s', %d fails): %s",
+				"Exit before auth (user '%s', %u fails): %s",
 				ses.authstate.pw_name, ses.authstate.failcount, format);
 	} else {
 		/* before userauth */
@@ -204,7 +204,7 @@ void svr_dropbear_log(int priority, const char* format, va_list param) {
 	vsnprintf(printbuf, sizeof(printbuf), format, param);
 
 #ifndef DISABLE_SYSLOG
-	if (svr_opts.usingsyslog) {
+	if (opts.usingsyslog) {
 		syslog(priority, "%s", printbuf);
 	}
 #endif
@@ -215,8 +215,7 @@ void svr_dropbear_log(int priority, const char* format, va_list param) {
 	havetrace = debug_trace;
 #endif
 
-	if (!svr_opts.usingsyslog || havetrace)
-	{
+	if (!opts.usingsyslog || havetrace) {
 		struct tm * local_tm = NULL;
 		timesec = time(NULL);
 		local_tm = localtime(&timesec);

svr-tcpfwd.c

@@ -46,8 +46,8 @@ void recv_msg_global_request_remotetcp() {
 /* */
 #endif /* !ENABLE_SVR_REMOTETCPFWD */
 
-static int svr_cancelremotetcp();
-static int svr_remotetcpreq();
+static int svr_cancelremotetcp(void);
+static int svr_remotetcpreq(void);
 static int newtcpdirect(struct Channel * channel);
 
 #ifdef ENABLE_SVR_REMOTETCPFWD
@@ -194,7 +194,7 @@ static int svr_remotetcpreq() {
 
 	tcpinfo->request_listenaddr = request_addr;
 	if (!opts.listen_fwd_all || (strcmp(request_addr, "localhost") == 0) ) {
-        /* NULL means "localhost only" */
+		/* NULL means "localhost only" */
 		tcpinfo->listenaddr = NULL;
 	}
 	else
@@ -269,7 +269,7 @@ static int newtcpdirect(struct Channel * channel) {
 		goto out;
 	}
 
-	snprintf(portstring, sizeof(portstring), "%d", destport);
+	snprintf(portstring, sizeof(portstring), "%u", destport);
 	channel->conn_pending = connect_remote(desthost, portstring, channel_connect_done, channel);
 
 	channel->prio = DROPBEAR_CHANNEL_PRIO_UNKNOWABLE;

svr-x11fwd.c

@@ -42,11 +42,29 @@ static void x11accept(struct Listener* listener, int sock);
 static int bindport(int fd);
 static int send_msg_channel_open_x11(int fd, struct sockaddr_in* addr);
 
+/* Check untrusted xauth strings for metacharacters */
+/* Returns DROPBEAR_SUCCESS/DROPBEAR_FAILURE */
+static int
+xauth_valid_string(const char *s)
+{
+	size_t i;
+
+	for (i = 0; s[i] != '\0'; i++) {
+		if (!isalnum(s[i]) &&
+		    s[i] != '.' && s[i] != ':' && s[i] != '/' &&
+		    s[i] != '-' && s[i] != '_') {
+			return DROPBEAR_FAILURE;
+		}
+	}
+	return DROPBEAR_SUCCESS;
+}
+
+
 /* called as a request for a session channel, sets up listening X11 */
 /* returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */
 int x11req(struct ChanSess * chansess) {
 
-	int fd;
+	int fd = -1;
 
 	if (!svr_pubkey_allows_x11fwd()) {
 		return DROPBEAR_FAILURE;
@@ -62,6 +80,11 @@ int x11req(struct ChanSess * chansess) {
 	chansess->x11authcookie = buf_getstring(ses.payload, NULL);
 	chansess->x11screennum = buf_getint(ses.payload);
 
+	if (xauth_valid_string(chansess->x11authprot) == DROPBEAR_FAILURE ||
+		xauth_valid_string(chansess->x11authcookie) == DROPBEAR_FAILURE) {
+		dropbear_log(LOG_WARNING, "Bad xauth request");
+		goto fail;
+	}
 	/* create listening socket */
 	fd = socket(PF_INET, SOCK_STREAM, 0);
 	if (fd < 0) {
@@ -96,7 +119,7 @@ fail:
 	/* cleanup */
 	m_free(chansess->x11authprot);
 	m_free(chansess->x11authcookie);
-	close(fd);
+	m_close(fd);
 
 	return DROPBEAR_FAILURE;
 }
@@ -142,7 +165,7 @@ void x11setauth(struct ChanSess *chansess) {
 	}
 
 	/* create the DISPLAY string */
-	val = snprintf(display, sizeof(display), "localhost:%d.%d",
+	val = snprintf(display, sizeof(display), "localhost:%d.%u",
 			chansess->x11port - X11BASEPORT, chansess->x11screennum);
 	if (val < 0 || val >= (int)sizeof(display)) {
 		/* string was truncated */
@@ -152,14 +175,14 @@ void x11setauth(struct ChanSess *chansess) {
 	addnewvar("DISPLAY", display);
 
 	/* create the xauth string */
-	val = snprintf(display, sizeof(display), "unix:%d.%d",
+	val = snprintf(display, sizeof(display), "unix:%d.%u",
 			chansess->x11port - X11BASEPORT, chansess->x11screennum);
 	if (val < 0 || val >= (int)sizeof(display)) {
 		/* string was truncated */
 		return;
 	}
 
-	/* popen is a nice function - code is strongly based on OpenSSH's */
+	/* code is strongly based on OpenSSH's */
 	authprog = popen(XAUTH_COMMAND, "w");
 	if (authprog) {
 		fprintf(authprog, "add %s %s %s\n",

sysoptions.h

@@ -4,7 +4,7 @@
  *******************************************************************/
 
 #ifndef DROPBEAR_VERSION
-#define DROPBEAR_VERSION "2015.71"
+#define DROPBEAR_VERSION "2016.73"
 #endif
 
 #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION
@@ -113,20 +113,25 @@
 #define RSA_BLINDING
 
 /* hashes which will be linked and registered */
-#if defined(DROPBEAR_SHA2_256_HMAC) || defined(DROPBEAR_ECC_256) || defined(DROPBEAR_CURVE25519)
+#if defined(DROPBEAR_SHA2_256_HMAC) || defined(DROPBEAR_ECC_256) || defined(DROPBEAR_CURVE25519) || DROPBEAR_DH_GROUP14
 #define DROPBEAR_SHA256
 #endif
 #if defined(DROPBEAR_ECC_384)
 #define DROPBEAR_SHA384
 #endif
 /* LTC SHA384 depends on SHA512 */
-#if defined(DROPBEAR_SHA2_512_HMAC) || defined(DROPBEAR_ECC_521) || defined(DROPBEAR_ECC_384)
+#if defined(DROPBEAR_SHA2_512_HMAC) || defined(DROPBEAR_ECC_521) || defined(DROPBEAR_ECC_384) || DROPBEAR_DH_GROUP16
 #define DROPBEAR_SHA512
 #endif
 #if defined(DROPBEAR_MD5_HMAC)
 #define DROPBEAR_MD5
 #endif
 
+/* These are disabled in Dropbear 2016.73 by default since the spec 
+   draft-ietf-curdle-ssh-kex-sha2-02 is under development. */
+#define DROPBEAR_DH_GROUP14_256 0
+#define DROPBEAR_DH_GROUP16 0
+
 /* roughly 2x 521 bits */
 #define MAX_ECC_SIZE 140
 

tcp-accept.c

@@ -121,7 +121,7 @@ int listen_tcpfwd(struct TCPListener* tcpinfo) {
 	TRACE(("enter listen_tcpfwd"))
 
 	/* first we try to bind, so don't need to do so much cleanup on failure */
-	snprintf(portstring, sizeof(portstring), "%d", tcpinfo->listenport);
+	snprintf(portstring, sizeof(portstring), "%u", tcpinfo->listenport);
 
 	nsocks = dropbear_listen(tcpinfo->listenaddr, portstring, socks, 
 			DROPBEAR_MAX_SOCKS, &errstring, &ses.maxfd);

tcpfwd.h

@@ -57,16 +57,16 @@ struct TCPFwdEntry {
 };
 
 /* Server */
-void recv_msg_global_request_remotetcp();
+void recv_msg_global_request_remotetcp(void);
 
 extern const struct ChanType svr_chan_tcpdirect;
 
 /* Client */
-void setup_localtcp();
-void setup_remotetcp();
+void setup_localtcp(void);
+void setup_remotetcp(void);
 extern const struct ChanType cli_chan_tcpremote;
-void cli_recv_msg_request_success();
-void cli_recv_msg_request_failure();
+void cli_recv_msg_request_success(void);
+void cli_recv_msg_request_failure(void);
 
 /* Common */
 int listen_tcpfwd(struct TCPListener* tcpinfo);