From 6c1a6af29bf96826663eec4b59804290d63ef66d Mon Sep 17 00:00:00 2001 From: Toastman Date: Sat, 10 Dec 2011 20:32:53 +0700 Subject: [PATCH] Revert "dropbear 0.54 update" --- release/src/router/dropbear/.hg_archival.txt | 5 ---- release/src/router/dropbear/.hgsigs | 1 - release/src/router/dropbear/.hgtags | 31 -------------------- release/src/router/dropbear/CHANGES | 34 ---------------------- release/src/router/dropbear/Makefile.in | 12 ++++---- release/src/router/dropbear/_MTN/format | 1 + release/src/router/dropbear/_MTN/inodeprints | 1 + release/src/router/dropbear/_MTN/log | 0 release/src/router/dropbear/_MTN/options | 3 ++ release/src/router/dropbear/_MTN/revision | 5 ++++ release/src/router/dropbear/cli-agentfwd.c | 24 +++++++-------- release/src/router/dropbear/cli-algo.c | 2 +- release/src/router/dropbear/cli-authinteract.c | 1 - release/src/router/dropbear/cli-kex.c | 2 +- release/src/router/dropbear/cli-main.c | 2 +- release/src/router/dropbear/cli-tcpfwd.c | 15 ++-------- release/src/router/dropbear/dbutil.c | 15 ++-------- release/src/router/dropbear/dbutil.h | 28 ++++-------------- release/src/router/dropbear/debian/changelog | 6 ---- release/src/router/dropbear/kex.h | 6 ++-- .../libtomcrypt/src/headers/tomcrypt_custom.h | 2 +- .../dropbear/libtommath/bn_mp_exptmod_fast.c | 6 ++-- .../router/dropbear/libtommath/bn_mp_init_copy.c | 2 +- release/src/router/dropbear/libtommath/bn_mp_mod.c | 2 +- .../src/router/dropbear/libtommath/bn_mp_mulmod.c | 2 +- release/src/router/dropbear/list.c | 2 +- release/src/router/dropbear/list.h | 2 +- release/src/router/dropbear/options.h | 13 ++------- release/src/router/dropbear/packet.c | 8 +---- release/src/router/dropbear/scp.c | 2 +- release/src/router/dropbear/session.h | 3 +- release/src/router/dropbear/signkey.c | 3 +- release/src/router/dropbear/svr-agentfwd.c | 8 +++-- release/src/router/dropbear/svr-algo.c | 2 +- release/src/router/dropbear/svr-auth.c | 13 +++++++++ release/src/router/dropbear/svr-authpasswd.c | 28 ++++++++---------- release/src/router/dropbear/svr-chansession.c | 3 -- release/src/router/dropbear/svr-main.c | 1 + release/src/router/dropbear/svr-runopts.c | 4 +-- release/src/router/dropbear/svr-session.c | 2 +- release/src/router/dropbear/svr-tcpfwd.c | 9 +++--- release/src/router/dropbear/sysoptions.h | 2 +- release/src/router/dropbear/tcp-accept.c | 4 --- 43 files changed, 101 insertions(+), 216 deletions(-) delete mode 100644 release/src/router/dropbear/.hg_archival.txt delete mode 100644 release/src/router/dropbear/.hgsigs delete mode 100644 release/src/router/dropbear/.hgtags create mode 100644 release/src/router/dropbear/_MTN/format create mode 100644 release/src/router/dropbear/_MTN/inodeprints create mode 100644 release/src/router/dropbear/_MTN/log create mode 100644 release/src/router/dropbear/_MTN/options create mode 100644 release/src/router/dropbear/_MTN/revision diff --git a/release/src/router/dropbear/.hg_archival.txt b/release/src/router/dropbear/.hg_archival.txt deleted file mode 100644 index e92b1e91f9..0000000000 --- a/release/src/router/dropbear/.hg_archival.txt +++ /dev/null @@ -1,5 +0,0 @@ -repo: d7da3b1e15401eb234ec866d5eac992fc4cd5878 -node: 3f12086c2ef2b9ffe36a822fdb3ff647fcec1831 -branch: default -latesttag: DROPBEAR_0.53.1 -latesttagdistance: 29 diff --git a/release/src/router/dropbear/.hgsigs b/release/src/router/dropbear/.hgsigs deleted file mode 100644 index cd7b0b7574..0000000000 --- a/release/src/router/dropbear/.hgsigs +++ /dev/null @@ -1 +0,0 @@ -aa2f51a6b81d33de5e9898a7f27c792a173d9b26 0 iD8DBQBOuADmjPn4sExkf7wRAv/fAJ9FJFvjDoF+wd1ipDx1wkzdeBQNqgCgykUrSbXv76FBbxKntVbk9oS3GjI= diff --git a/release/src/router/dropbear/.hgtags b/release/src/router/dropbear/.hgtags deleted file mode 100644 index 17aabf5ce3..0000000000 --- a/release/src/router/dropbear/.hgtags +++ /dev/null @@ -1,31 +0,0 @@ -03f65e461915a940939e4cc689fc89721ffc40de DROPBEAR_0.48.1 -0f967bfef5cd0056b7ec60e2305d917e51cbf30d DROPBEAR_0.44 -170329dc8ce5dfcf6298e1ad6699f109bf78e73d DROPBEAR_0.51 -1dbd2473482f320ea59f76ce961385cb3a0150a9 DROPBEAR_0.46 -2098857ab826dd42ae05a9a22c3ce2cc835b9844 DROPBEAR_0.45 -36160290a1b27451178be36752ed038840f59cdd LTC_DB_0.46 -39d5d58461d6e93337636e69d4cdf184a09c8d24 LTC_1.05 -55a99934db873be2e63b5968fb6532e5d9bd02e4 DROPBEAR_0.48 -59400faa4b44708c5d0b595e81193bc621e752d3 libtomcrypt-1.05 -66087d87c3555c78b47cf01f32bb5a32054c3ceb DROPBEAR_0.44test4 -677843bfa734238a67636b461a02c110c462ffaf DROPBEAR_0.44test1 -7faae8f46238e23975430876547b8950b4e75481 t:ltc-0.95-orig -8220862baae829ebc762587b99c662480d57bb23 DROPBEAR_0.53 -86e0b50a9b588239c3fc9cc9cfe255ef586df17b ltm-0.30-orig -88e0a1ad951add46b795511dc2698e36b4aee922 DROPBEAR_0.44test3 -8e94663164c6e106ccc5c9e997dedf6e04d77dd2 LTM_DB_0.44 -91fbc376f01084037cd5f6a5bf2e2db4903e8e99 libtommath-0.35 -97db060d0ef5f8cf8e67eb602ef037055a185ca9 libtommath-0.40 -aa2f51a6b81d33de5e9898a7f27c792a173d9b26 DROPBEAR_0.53.1 -ab370c629d363f8c9a3eca512bfa86e362034654 DROPBEAR_0.49 -c2ac796b130eeb6fa840873d8c230544c8ec7e4b DROPBEAR_0.44test2 -cd1143579f00b0248c79f63ca70efee4a35a57e8 LTC_DB_0.44 -ce104c8b0be1ff3f2c2590b7cdc3fd6870c865cd DROPBEAR_0.52 -d5faf4814ddbc5abd9e209409bb9e7a4686c8cd7 libtomcrypt-1.16 -d7da3b1e15401eb234ec866d5eac992fc4cd5878 t:ltc-0.95-db-merge1 -d8254fc979e99560c93ca2cece77a6df31927ea5 LTM_0.35 -e109027b9edfb02f0bdf96ec45bb1cd9ad41e7da LTM_DB_0.46 -e109027b9edfb02f0bdf96ec45bb1cd9ad41e7da LTM_DB_0.47 -e37b160c414cab6466622f63b0c4dcbf6ebc47a9 DROPBEAR_0.47 -e430a26064ee86ab79aef372118d6d03b2441996 DROPBEAR_0.50 -e5d119ea4c63656bc54ecfd865d04591ac2ed225 LTC_DB_0.47 diff --git a/release/src/router/dropbear/CHANGES b/release/src/router/dropbear/CHANGES index e111dc4406..79bc88d858 100644 --- a/release/src/router/dropbear/CHANGES +++ b/release/src/router/dropbear/CHANGES @@ -1,37 +1,3 @@ -2011.54 - Tuesday 8 November 2011 - -- Building statically works again, broke in 0.53 and 0.53.1 - -- Fix crash when forwarding with -R - -- Fixed various leaks found by Klocwork analysis software, thanks to them for - running it - -- Set IPTOS_LOWDELAY for IPv6, thanks to Dave Taht - -- Bind to sockets with IPV6_V6ONLY so that it works properly on systems - regardless of the system-wide setting - -- Added ALLOW_BLANK_PASSWORD option. Dropbear also now allows public key logins - to accounts with a blank password. Thanks to Rob Landley - -- Fixed case where "-K 1" keepalive for dbclient would cause a SSH_MSG_IGNORE - packet to be sent - -- Avoid some memory allocations in big number maths routines, improves - performance slightly - -- Fix symlink target for installdropbearmulti with DESTDIR set, thanks to - Scottie Shore - -- When requesting server allocated remote ports (-R 0:host:port) print a - message informing what the port is, thanks to Ali Onur Uyar. - -- New version numbering scheme. - -Source repository has now migrated to Mercurial at -https://secure.ucc.asn.au/hg/dropbear/graph/default - 0.53.1 - Wednesday 2 March 2011 - -lcrypt needs to be before object files for static linking diff --git a/release/src/router/dropbear/Makefile.in b/release/src/router/dropbear/Makefile.in index cec35f179c..8d81647cfd 100644 --- a/release/src/router/dropbear/Makefile.in +++ b/release/src/router/dropbear/Makefile.in @@ -28,7 +28,7 @@ COMMONOBJS=dbutil.o buffer.o \ queue.o \ atomicio.o compat.o fake-rfc2553.o -SVROBJS=svr-kex.o svr-algo.o svr-auth.o sshpty.o \ +SVROBJS=@CRYPTLIB@ svr-kex.o svr-algo.o svr-auth.o sshpty.o \ svr-authpasswd.o svr-authpubkey.o svr-authpubkeyoptions.o svr-session.o svr-service.o \ svr-chansession.o svr-runopts.o svr-agentfwd.o svr-main.o svr-x11fwd.o\ svr-tcpfwd.o svr-authpam.o @@ -56,7 +56,7 @@ HEADERS=options.h dbutil.h session.h packet.h algo.h ssh.h buffer.h kex.h \ loginrec.h atomicio.h x11fwd.h agentfwd.h tcpfwd.h compat.h \ listener.h fake-rfc2553.h -dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS) @CRYPTLIB@ +dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS) dbclientobjs=$(COMMONOBJS) $(CLISVROBJS) $(CLIOBJS) dropbearkeyobjs=$(COMMONOBJS) $(KEYOBJS) dropbearconvertobjs=$(COMMONOBJS) $(CONVERTOBJS) @@ -129,14 +129,12 @@ insdbmulti: dropbearmulti -chgrp 0 $(DESTDIR)$(bindir)/dropbearmulti$(EXEEXT) insmultidropbear: dropbearmulti - $(INSTALL) -d -m 755 $(DESTDIR)$(sbindir) -rm -f $(DESTDIR)$(sbindir)/dropbear$(EXEEXT) - -ln -s $(bindir)/dropbearmulti$(EXEEXT) $(DESTDIR)$(sbindir)/dropbear$(EXEEXT) + -ln -s $(DESTDIR)$(bindir)/dropbearmulti$(EXEEXT) $(DESTDIR)$(sbindir)/dropbear$(EXEEXT) insmulti%: dropbearmulti - $(INSTALL) -d -m 755 $(DESTDIR)$(bindir) -rm -f $(DESTDIR)$(bindir)/$*$(EXEEXT) - -ln -s $(bindir)/dropbearmulti$(EXEEXT) $(DESTDIR)$(bindir)/$*$(EXEEXT) + -ln -s $(DESTDIR)$(bindir)/dropbearmulti$(EXEEXT) $(DESTDIR)$(bindir)/$*$(EXEEXT) # dropbear should go in sbin, so it needs a seperate rule inst_dropbear: dropbear @@ -169,7 +167,7 @@ scp: $(SCPOBJS) $(HEADERS) Makefile # multi-binary compilation. MULTIOBJS= ifeq ($(MULTI),1) - MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), $($(prog)objs))) @CRYPTLIB@ + MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), $($(prog)objs))) CFLAGS+=$(addprefix -DDBMULTI_, $(PROGRAMS)) -DDROPBEAR_MULTI endif diff --git a/release/src/router/dropbear/_MTN/format b/release/src/router/dropbear/_MTN/format new file mode 100644 index 0000000000..0cfbf08886 --- /dev/null +++ b/release/src/router/dropbear/_MTN/format @@ -0,0 +1 @@ +2 diff --git a/release/src/router/dropbear/_MTN/inodeprints b/release/src/router/dropbear/_MTN/inodeprints new file mode 100644 index 0000000000..4f02feee97 --- /dev/null +++ b/release/src/router/dropbear/_MTN/inodeprints @@ -0,0 +1 @@ +format_version "1" diff --git a/release/src/router/dropbear/_MTN/log b/release/src/router/dropbear/_MTN/log new file mode 100644 index 0000000000..e69de29bb2 diff --git a/release/src/router/dropbear/_MTN/options b/release/src/router/dropbear/_MTN/options new file mode 100644 index 0000000000..f31aee0a5d --- /dev/null +++ b/release/src/router/dropbear/_MTN/options @@ -0,0 +1,3 @@ +database "/Users/matt/.monotone/dropbear.db" + branch "au.asn.ucc.matt.dropbear" + keydir "/Users/matt/.monotone/keys" diff --git a/release/src/router/dropbear/_MTN/revision b/release/src/router/dropbear/_MTN/revision new file mode 100644 index 0000000000..7b6fb96a99 --- /dev/null +++ b/release/src/router/dropbear/_MTN/revision @@ -0,0 +1,5 @@ +format_version "1" + +new_manifest [0000000000000000000000000000000000000001] + +old_revision [c7f6c45c46a2f8e2394756c68ae825d6e4dc7489] diff --git a/release/src/router/dropbear/cli-agentfwd.c b/release/src/router/dropbear/cli-agentfwd.c index c9ce8334c6..a212c3f90e 100644 --- a/release/src/router/dropbear/cli-agentfwd.c +++ b/release/src/router/dropbear/cli-agentfwd.c @@ -83,7 +83,7 @@ static int new_agent_chan(struct Channel * channel) { return SSH_OPEN_ADMINISTRATIVELY_PROHIBITED; fd = connect_agent(); - if (fd < 0) { + if (cli_opts.agent_fd < 0) { return SSH_OPEN_CONNECT_FAILED; } @@ -258,8 +258,8 @@ void cli_load_agent_keys(m_list *ret_list) { void agent_buf_sign(buffer *sigblob, sign_key *key, const unsigned char *data, unsigned int len) { - buffer *request_data = NULL; - buffer *response = NULL; + buffer *request_data = buf_new(MAX_PUBKEY_SIZE + len + 12); + buffer *response; unsigned int keylen, siglen; int packet_type; @@ -269,14 +269,19 @@ void agent_buf_sign(buffer *sigblob, sign_key *key, string data uint32 flags */ - request_data = buf_new(MAX_PUBKEY_SIZE + len + 12); + /* We write the key, then figure how long it was and write that */ + //buf_putint(request_data, 0); buf_put_pub_key(request_data, key, key->type); keylen = request_data->len - 4; + //buf_setpos(request_data, 0); + //buf_putint(request_data, keylen); + //buf_setpos(request_data, request_data->len); buf_putstring(request_data, data, len); buf_putint(request_data, 0); response = agent_request(SSH2_AGENTC_SIGN_REQUEST, request_data); + buf_free(request_data); if (!response) { goto fail; @@ -293,21 +298,14 @@ void agent_buf_sign(buffer *sigblob, sign_key *key, */ siglen = buf_getint(response); buf_putbytes(sigblob, buf_getptr(response, siglen), siglen); - goto cleanup; + buf_free(response); + return; fail: /* XXX don't fail badly here. instead propagate a failure code back up to the cli auth pubkey code, and just remove this key from the list of ones to try. */ dropbear_exit("Agent failed signing key"); - -cleanup: - if (request_data) { - buf_free(request_data); - } - if (response) { - buf_free(response); - } } #endif diff --git a/release/src/router/dropbear/cli-algo.c b/release/src/router/dropbear/cli-algo.c index 09da41a3d2..ec3a1ff0b8 100644 --- a/release/src/router/dropbear/cli-algo.c +++ b/release/src/router/dropbear/cli-algo.c @@ -67,7 +67,7 @@ algo_type * cli_buf_match_algo(buffer* buf, algo_type localalgos[], remotealgos[count] = &algolist[i+1]; count++; } - if (count >= MAX_PROPOSED_ALGO) { + if (count == MAX_PROPOSED_ALGO) { break; } } diff --git a/release/src/router/dropbear/cli-authinteract.c b/release/src/router/dropbear/cli-authinteract.c index a06c9ca8e1..7851578d50 100644 --- a/release/src/router/dropbear/cli-authinteract.c +++ b/release/src/router/dropbear/cli-authinteract.c @@ -131,7 +131,6 @@ void recv_msg_userauth_info_request() { response_len = strlen(response); buf_putstring(ses.writepayload, response, response_len); m_burn(response, response_len); - m_free(prompt); m_free(response); } diff --git a/release/src/router/dropbear/cli-kex.c b/release/src/router/dropbear/cli-kex.c index 0d5a9d2c3d..314159eb44 100644 --- a/release/src/router/dropbear/cli-kex.c +++ b/release/src/router/dropbear/cli-kex.c @@ -116,7 +116,7 @@ static void ask_to_confirm(unsigned char* keyblob, unsigned int keybloblen) { char* fp = NULL; FILE *tty = NULL; - char response = 'z'; + int response = 'z'; fp = sign_key_fingerprint(keyblob, keybloblen); if (cli_opts.always_accept_key) { diff --git a/release/src/router/dropbear/cli-main.c b/release/src/router/dropbear/cli-main.c index 5f7296935d..273f59c03b 100644 --- a/release/src/router/dropbear/cli-main.c +++ b/release/src/router/dropbear/cli-main.c @@ -29,7 +29,7 @@ #include "runopts.h" #include "session.h" -static void cli_dropbear_exit(int exitcode, const char* format, va_list param) ATTRIB_NORETURN; +static void cli_dropbear_exit(int exitcode, const char* format, va_list param); static void cli_dropbear_log(int priority, const char* format, va_list param); #ifdef ENABLE_CLI_PROXYCMD diff --git a/release/src/router/dropbear/cli-tcpfwd.c b/release/src/router/dropbear/cli-tcpfwd.c index 0f47dcc2e8..6e451c4455 100644 --- a/release/src/router/dropbear/cli-tcpfwd.c +++ b/release/src/router/dropbear/cli-tcpfwd.c @@ -148,26 +148,15 @@ static void send_msg_global_request_remotetcp(const char *addr, int port) { /* The only global success/failure messages are for remotetcp. * Since there isn't any identifier in these messages, we have to rely on them * being in the same order as we sent the requests. This is the ordering - * of the cli_opts.remotefwds list. - * If the requested remote port is 0 the listen port will be - * dynamically allocated by the server and the port number will be returned - * to client and the port number reported to the user. */ + * of the cli_opts.remotefwds list */ void cli_recv_msg_request_success() { - /* We just mark off that we have received the reply, + /* Nothing in the packet. We just mark off that we have received the reply, * so that we can report failure for later ones. */ m_list_elem * iter = NULL; for (iter = cli_opts.remotefwds->first; iter; iter = iter->next) { struct TCPFwdEntry *fwd = (struct TCPFwdEntry*)iter->item; if (!fwd->have_reply) { fwd->have_reply = 1; - if (fwd->listenport == 0) { - /* The server should let us know which port was allocated if we requestd port 0 */ - int allocport = buf_getint(ses.payload); - if (allocport > 0) { - dropbear_log(LOG_INFO, "Allocated port %d for remote forward to %s:%d", - allocport, fwd->connectaddr, fwd->connectport); - } - } return; } } diff --git a/release/src/router/dropbear/dbutil.c b/release/src/router/dropbear/dbutil.c index 22929ef464..e230567eab 100644 --- a/release/src/router/dropbear/dbutil.c +++ b/release/src/router/dropbear/dbutil.c @@ -57,11 +57,11 @@ #define MAX_FMT 100 static void generic_dropbear_exit(int exitcode, const char* format, - va_list param) ATTRIB_NORETURN; + va_list param); static void generic_dropbear_log(int priority, const char* format, va_list param); -void (*_dropbear_exit)(int exitcode, const char* format, va_list param) ATTRIB_NORETURN +void (*_dropbear_exit)(int exitcode, const char* format, va_list param) = generic_dropbear_exit; void (*_dropbear_log)(int priority, const char* format, va_list param) = generic_dropbear_log; @@ -256,16 +256,6 @@ int dropbear_listen(const char* address, const char* port, linger.l_linger = 5; setsockopt(sock, SOL_SOCKET, SO_LINGER, (void*)&linger, sizeof(linger)); -#ifdef IPV6_V6ONLY - if (res->ai_family == AF_INET6) { - int on = 1; - if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, - &on, sizeof(on)) == -1) { - dropbear_log(LOG_WARNING, "Couldn't set IPV6_V6ONLY"); - } - } -#endif - set_sock_priority(sock); if (bind(sock, res->ai_addr, res->ai_addrlen) < 0) { @@ -323,7 +313,6 @@ int connect_unix(const char* path) { } if (connect(fd, (struct sockaddr*)&addr, sizeof(addr)) < 0) { TRACE(("Failed to connect to '%s' socket", path)) - m_close(fd); return -1; } return fd; diff --git a/release/src/router/dropbear/dbutil.h b/release/src/router/dropbear/dbutil.h index 14c4c28033..474db62e60 100644 --- a/release/src/router/dropbear/dbutil.h +++ b/release/src/router/dropbear/dbutil.h @@ -33,34 +33,18 @@ void startsyslog(); #endif -#ifdef __GNUC__ -#define ATTRIB_PRINTF(fmt,args) __attribute__((format(printf, fmt, args))) -#else -#define ATTRIB_PRINTF(fmt,args) -#endif - -#ifdef __GNUC__ -#define ATTRIB_NORETURN __attribute__((noreturn)) -#else -#define ATTRIB_NORETURN -#endif - -extern void (*_dropbear_exit)(int exitcode, const char* format, va_list param) ATTRIB_NORETURN; +extern void (*_dropbear_exit)(int exitcode, const char* format, va_list param); extern void (*_dropbear_log)(int priority, const char* format, va_list param); -void dropbear_exit(const char* format, ...) ATTRIB_PRINTF(1,2) ATTRIB_NORETURN; - -void dropbear_close(const char* format, ...) ATTRIB_PRINTF(1,2) ; -void dropbear_log(int priority, const char* format, ...) ATTRIB_PRINTF(2,3) ; - -void fail_assert(const char* expr, const char* file, int line) ATTRIB_NORETURN; - +void dropbear_exit(const char* format, ...); +void dropbear_close(const char* format, ...); +void dropbear_log(int priority, const char* format, ...); +void fail_assert(const char* expr, const char* file, int line); #ifdef DEBUG_TRACE -void dropbear_trace(const char* format, ...) ATTRIB_PRINTF(1,2); +void dropbear_trace(const char* format, ...); void printhex(const char * label, const unsigned char * buf, int len); extern int debug_trace; #endif - char * stripcontrol(const char * text); void get_socket_address(int fd, char **local_host, char **local_port, char **remote_host, char **remote_port, int host_lookup); diff --git a/release/src/router/dropbear/debian/changelog b/release/src/router/dropbear/debian/changelog index f41594303f..4c14a97d67 100644 --- a/release/src/router/dropbear/debian/changelog +++ b/release/src/router/dropbear/debian/changelog @@ -1,9 +1,3 @@ -dropbear (2011.54-0.1) unstable; urgency=low - - * New upstream release. - - -- Matt Johnston Tues, 8 Nov 2011 22:54:00 +0800 - dropbear (0.53.1-0.1) unstable; urgency=low * New upstream release. diff --git a/release/src/router/dropbear/kex.h b/release/src/router/dropbear/kex.h index c89b0a3c9d..c21d121b57 100644 --- a/release/src/router/dropbear/kex.h +++ b/release/src/router/dropbear/kex.h @@ -52,8 +52,8 @@ struct KEXState { unsigned sentkexinit : 1; /*set when we've sent/recv kexinit packet */ unsigned recvkexinit : 1; unsigned firstfollows : 1; /* true when first_kex_packet_follows is set */ - unsigned sentnewkeys : 1; /* set once we've send MSG_NEWKEYS (will be cleared once we have also received */ - unsigned recvnewkeys : 1; /* set once we've received MSG_NEWKEYS (cleared once we have also sent */ + unsigned sentnewkeys : 1; /* set once we've send/recv'ed MSG_NEWKEYS*/ + unsigned recvnewkeys : 1; unsigned donefirstkex : 1; /* Set to 1 after the first kex has completed, ie the transport layer has been set up */ @@ -64,6 +64,6 @@ struct KEXState { }; -#define MAX_KEXHASHBUF 2000 +#define MAX_KEXHASHBUF 3000 #endif /* _KEX_H_ */ diff --git a/release/src/router/dropbear/libtomcrypt/src/headers/tomcrypt_custom.h b/release/src/router/dropbear/libtomcrypt/src/headers/tomcrypt_custom.h index 12bdb7fc8d..928f54e394 100644 --- a/release/src/router/dropbear/libtomcrypt/src/headers/tomcrypt_custom.h +++ b/release/src/router/dropbear/libtomcrypt/src/headers/tomcrypt_custom.h @@ -78,7 +78,7 @@ /* #define LTC_CLEAN_STACK */ /* disable all file related functions */ -#define LTC_NO_FILE +/* #define LTC_NO_FILE */ /* disable all forms of ASM */ /* #define LTC_NO_ASM */ diff --git a/release/src/router/dropbear/libtommath/bn_mp_exptmod_fast.c b/release/src/router/dropbear/libtommath/bn_mp_exptmod_fast.c index 47669f9992..32f8f1617c 100644 --- a/release/src/router/dropbear/libtommath/bn_mp_exptmod_fast.c +++ b/release/src/router/dropbear/libtommath/bn_mp_exptmod_fast.c @@ -67,13 +67,13 @@ int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode /* init M array */ /* init first cell */ - if ((err = mp_init_size(&M[1], P->alloc)) != MP_OKAY) { + if ((err = mp_init(&M[1])) != MP_OKAY) { return err; } /* now init the second half of the array */ for (x = 1<<(winsize-1); x < (1 << winsize); x++) { - if ((err = mp_init_size(&M[x], P->alloc)) != MP_OKAY) { + if ((err = mp_init(&M[x])) != MP_OKAY) { for (y = 1<<(winsize-1); y < x; y++) { mp_clear (&M[y]); } @@ -133,7 +133,7 @@ int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode } /* setup result */ - if ((err = mp_init_size (&res, P->alloc)) != MP_OKAY) { + if ((err = mp_init (&res)) != MP_OKAY) { goto LBL_M; } diff --git a/release/src/router/dropbear/libtommath/bn_mp_init_copy.c b/release/src/router/dropbear/libtommath/bn_mp_init_copy.c index 1fca6a1f97..8e7329c1de 100644 --- a/release/src/router/dropbear/libtommath/bn_mp_init_copy.c +++ b/release/src/router/dropbear/libtommath/bn_mp_init_copy.c @@ -20,7 +20,7 @@ int mp_init_copy (mp_int * a, mp_int * b) { int res; - if ((res = mp_init_size (a, b->used)) != MP_OKAY) { + if ((res = mp_init (a)) != MP_OKAY) { return res; } return mp_copy (b, a); diff --git a/release/src/router/dropbear/libtommath/bn_mp_mod.c b/release/src/router/dropbear/libtommath/bn_mp_mod.c index 87c8b0a70a..be1f36d938 100644 --- a/release/src/router/dropbear/libtommath/bn_mp_mod.c +++ b/release/src/router/dropbear/libtommath/bn_mp_mod.c @@ -22,7 +22,7 @@ mp_mod (mp_int * a, mp_int * b, mp_int * c) mp_int t; int res; - if ((res = mp_init_size (&t, b->used)) != MP_OKAY) { + if ((res = mp_init (&t)) != MP_OKAY) { return res; } diff --git a/release/src/router/dropbear/libtommath/bn_mp_mulmod.c b/release/src/router/dropbear/libtommath/bn_mp_mulmod.c index 24c97495cc..46818b63d3 100644 --- a/release/src/router/dropbear/libtommath/bn_mp_mulmod.c +++ b/release/src/router/dropbear/libtommath/bn_mp_mulmod.c @@ -21,7 +21,7 @@ int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d) int res; mp_int t; - if ((res = mp_init_size (&t, c->used)) != MP_OKAY) { + if ((res = mp_init (&t)) != MP_OKAY) { return res; } diff --git a/release/src/router/dropbear/list.c b/release/src/router/dropbear/list.c index 1730711192..8be1a3a2a9 100644 --- a/release/src/router/dropbear/list.c +++ b/release/src/router/dropbear/list.c @@ -46,4 +46,4 @@ void * list_remove(m_list_elem *elem) { } m_free(elem); return item; -} +} \ No newline at end of file diff --git a/release/src/router/dropbear/list.h b/release/src/router/dropbear/list.h index 23ef9bb83b..678fff1b07 100644 --- a/release/src/router/dropbear/list.h +++ b/release/src/router/dropbear/list.h @@ -25,4 +25,4 @@ void list_append(m_list *list, void *item); void * list_remove(m_list_elem *elem); -#endif /* _DROPBEAR_LIST_H */ +#endif /* _DROPBEAR_LIST_H */ \ No newline at end of file diff --git a/release/src/router/dropbear/options.h b/release/src/router/dropbear/options.h index 765869d9eb..0737e757dd 100644 --- a/release/src/router/dropbear/options.h +++ b/release/src/router/dropbear/options.h @@ -158,11 +158,10 @@ much traffic. */ /* Authentication Types - at least one required. RFC Draft requires pubkey auth, and recommends password */ -/* Note: PAM auth is quite simple and only works for PAM modules which just do +/* Note: PAM auth is quite simple, and only works for PAM modules which just do * a simple "Login: " "Password: " (you can edit the strings in svr-authpam.c). - * It's useful for systems like OS X where standard password crypts don't work - * but there's an interface via a PAM module. It won't work for more complex - * PAM challenge/response. + * It's useful for systems like OS X where standard password crypts don't work, + * but there's an interface via a PAM module - don't bother using it otherwise. * You can't enable both PASSWORD and PAM. */ #define ENABLE_SVR_PASSWORD_AUTH @@ -176,12 +175,6 @@ much traffic. */ #define ENABLE_SVR_PUBKEY_OPTIONS #endif -/* Define this to allow logging in to accounts that have no password specified. - * Public key logins are allowed for blank-password accounts regardless of this - * setting. PAM is not affected by this setting, it uses the normal pam.d - * settings ('nullok' option) */ -/* #define ALLOW_BLANK_PASSWORD */ - #define ENABLE_CLI_PASSWORD_AUTH #define ENABLE_CLI_PUBKEY_AUTH #define ENABLE_CLI_INTERACT_AUTH diff --git a/release/src/router/dropbear/packet.c b/release/src/router/dropbear/packet.c index 349ed40073..80eb1775b6 100644 --- a/release/src/router/dropbear/packet.c +++ b/release/src/router/dropbear/packet.c @@ -441,16 +441,10 @@ void encrypt_packet() { TRACE(("encrypt_packet type is %d", packet_type)) - if ((!ses.dataallowed && !packet_is_okay_kex(packet_type)) - || ses.kexstate.sentnewkeys) { + if (!ses.dataallowed && !packet_is_okay_kex(packet_type)) { /* During key exchange only particular packets are allowed. Since this packet_type isn't OK we just enqueue it to send after the KEX, see maybe_flush_reply_queue */ - - /* We also enqueue packets here when we have sent a MSG_NEWKEYS - * packet but are yet to received one. For simplicity we just switch - * over all the keys at once. This is the 'ses.kexstate.sentnewkeys' - * case. */ enqueue_reply_packet(); return; } diff --git a/release/src/router/dropbear/scp.c b/release/src/router/dropbear/scp.c index 961165afab..48b4017e48 100644 --- a/release/src/router/dropbear/scp.c +++ b/release/src/router/dropbear/scp.c @@ -773,7 +773,7 @@ bwlimit(int amount) { static struct timeval bwstart, bwend; static int lamt, thresh = 16384; - uint64_t waitlen; + u_int64_t waitlen; struct timespec ts, rm; if (!timerisset(&bwstart)) { diff --git a/release/src/router/dropbear/session.h b/release/src/router/dropbear/session.h index 09b3de5bd7..355cf03bdc 100644 --- a/release/src/router/dropbear/session.h +++ b/release/src/router/dropbear/session.h @@ -37,7 +37,6 @@ #include "packet.h" #include "tcpfwd.h" #include "chansession.h" -#include "dbutil.h" extern int sessinitdone; /* Is set to 0 somewhere */ extern int exitflag; @@ -53,7 +52,7 @@ void fill_passwd(const char* username); /* Server */ void svr_session(int sock, int childpipe); -void svr_dropbear_exit(int exitcode, const char* format, va_list param) ATTRIB_NORETURN; +void svr_dropbear_exit(int exitcode, const char* format, va_list param); void svr_dropbear_log(int priority, const char* format, va_list param); /* Client */ diff --git a/release/src/router/dropbear/signkey.c b/release/src/router/dropbear/signkey.c index c53805a1c2..4c085ee340 100644 --- a/release/src/router/dropbear/signkey.c +++ b/release/src/router/dropbear/signkey.c @@ -296,7 +296,8 @@ static char * sign_key_md5_fingerprint(unsigned char* keyblob, /* skip the size int of the string - this is a bit messy */ md5_process(&hs, keyblob, keybloblen); - md5_done(&hs, hash); + if (md5_done(&hs, hash) != CRYPT_OK) + return NULL; /* "md5 hexfingerprinthere\0", each hex digit is "AB:" etc */ buflen = 4 + 3*MD5_HASH_SIZE; diff --git a/release/src/router/dropbear/svr-agentfwd.c b/release/src/router/dropbear/svr-agentfwd.c index 30105038f9..054a3b5fed 100644 --- a/release/src/router/dropbear/svr-agentfwd.c +++ b/release/src/router/dropbear/svr-agentfwd.c @@ -50,7 +50,10 @@ static void agentaccept(struct Listener * listener, int sock); /* Handles client requests to start agent forwarding, sets up listening socket. * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ int svr_agentreq(struct ChanSess * chansess) { - int fd = -1; + + int fd; + + TRACE(("enter svr_agentreq")) if (!svr_pubkey_allows_agentfwd()) { return DROPBEAR_FAILURE; @@ -88,9 +91,10 @@ int svr_agentreq(struct ChanSess * chansess) { } return DROPBEAR_SUCCESS; + TRACE(("success")) fail: - m_close(fd); + TRACE(("fail")) /* cleanup */ svr_agentcleanup(chansess); diff --git a/release/src/router/dropbear/svr-algo.c b/release/src/router/dropbear/svr-algo.c index f8f9055979..c0b7823621 100644 --- a/release/src/router/dropbear/svr-algo.c +++ b/release/src/router/dropbear/svr-algo.c @@ -68,7 +68,7 @@ algo_type * svr_buf_match_algo(buffer* buf, algo_type localalgos[], remotealgos[count] = &algolist[i+1]; count++; } - if (count >= MAX_PROPOSED_ALGO) { + if (count == MAX_PROPOSED_ALGO) { break; } } diff --git a/release/src/router/dropbear/svr-auth.c b/release/src/router/dropbear/svr-auth.c index de254ea004..f60fa866e8 100644 --- a/release/src/router/dropbear/svr-auth.c +++ b/release/src/router/dropbear/svr-auth.c @@ -211,7 +211,9 @@ out: static int checkusername(unsigned char *username, unsigned int userlen) { char* listshell = NULL; +#if 0 // shell check char* usershell = NULL; +#endif TRACE(("enter checkusername")) if (userlen > MAX_USERNAME_LEN) { return DROPBEAR_FAILURE; @@ -249,8 +251,18 @@ static int checkusername(unsigned char *username, unsigned int userlen) { return DROPBEAR_FAILURE; } + /* check for an empty password */ + if (ses.authstate.pw_passwd[0] == '\0') { + TRACE(("leave checkusername: empty pword")) + dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected", + ses.authstate.pw_name); + send_msg_userauth_failure(0, 1); + return DROPBEAR_FAILURE; + } + TRACE(("shell is %s", ses.authstate.pw_shell)) +#if 0 // shell check /* check that the shell is set */ usershell = ses.authstate.pw_shell; if (usershell[0] == '\0') { @@ -276,6 +288,7 @@ static int checkusername(unsigned char *username, unsigned int userlen) { ses.authstate.pw_name); send_msg_userauth_failure(0, 1); return DROPBEAR_FAILURE; +#endif // shell check goodshell: endusershell(); diff --git a/release/src/router/dropbear/svr-authpasswd.c b/release/src/router/dropbear/svr-authpasswd.c index 54b4889139..a29fd63a73 100644 --- a/release/src/router/dropbear/svr-authpasswd.c +++ b/release/src/router/dropbear/svr-authpasswd.c @@ -42,7 +42,6 @@ void svr_auth_password() { char * passwdcrypt = NULL; /* the crypt from /etc/passwd or /etc/shadow */ char * testcrypt = NULL; /* crypt generated from the user's password sent */ unsigned char * password; - int success_blank = 0; unsigned int passwordlen; unsigned int changepw; @@ -61,6 +60,16 @@ void svr_auth_password() { passwdcrypt = DEBUG_HACKCRYPT; #endif + /* check for empty password - need to do this again here + * since the shadow password may differ to that tested + * in auth.c */ + if (passwdcrypt[0] == '\0') { + dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected", + ses.authstate.pw_name); + send_msg_userauth_failure(0, 1); + return; + } + /* check if client wants to change password */ changepw = buf_getbool(ses.payload); if (changepw) { @@ -76,21 +85,7 @@ void svr_auth_password() { m_burn(password, passwordlen); m_free(password); - /* check for empty password */ - if (passwdcrypt[0] == '\0') { -#ifdef ALLOW_BLANK_PASSWORD - if (passwordlen == 0) { - success_blank = 1; - } -#else - dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected", - ses.authstate.pw_name); - send_msg_userauth_failure(0, 1); - return; -#endif - } - - if (success_blank || strcmp(testcrypt, passwdcrypt) == 0) { + if (strcmp(testcrypt, passwdcrypt) == 0) { /* successful authentication */ dropbear_log(LOG_NOTICE, "Password auth succeeded for '%s' from %s", @@ -104,6 +99,7 @@ void svr_auth_password() { svr_ses.addrstring); send_msg_userauth_failure(0, 1); } + } #endif diff --git a/release/src/router/dropbear/svr-chansession.c b/release/src/router/dropbear/svr-chansession.c index 0b3e833329..a914f25133 100644 --- a/release/src/router/dropbear/svr-chansession.c +++ b/release/src/router/dropbear/svr-chansession.c @@ -692,8 +692,6 @@ static int noptycommand(struct Channel *channel, struct ChanSess *chansess) { ses.maxfd = MAX(ses.maxfd, channel->readfd); ses.maxfd = MAX(ses.maxfd, channel->errfd); - sleep(1); - addchildpid(chansess, chansess->pid); if (svr_ses.lastexit.exitpid != -1) { @@ -707,7 +705,6 @@ static int noptycommand(struct Channel *channel, struct ChanSess *chansess) { TRACE(("found match for lastexitpid")) svr_ses.childpids[i].chansess->exit = svr_ses.lastexit; svr_ses.lastexit.exitpid = -1; - break; } } } diff --git a/release/src/router/dropbear/svr-main.c b/release/src/router/dropbear/svr-main.c index d3fa9afc50..70668cb733 100644 --- a/release/src/router/dropbear/svr-main.c +++ b/release/src/router/dropbear/svr-main.c @@ -118,6 +118,7 @@ void main_noinetd() { int childsock; int childpipe[2]; + memset(listensocks, 0, sizeof(listensocks)); /* Note: commonsetup() must happen before we daemon()ise. Otherwise daemon() will chdir("/"), and we won't be able to find local-dir hostkeys. */ diff --git a/release/src/router/dropbear/svr-runopts.c b/release/src/router/dropbear/svr-runopts.c index c6e3508202..2e836d2716 100644 --- a/release/src/router/dropbear/svr-runopts.c +++ b/release/src/router/dropbear/svr-runopts.c @@ -81,8 +81,8 @@ static void printhelp(const char * progname) { "-i Start for inetd\n" #endif "-W (default %d, larger may be faster, max 1MB)\n" - "-K (0 is never, default %d, in seconds)\n" - "-I (0 is never, default %d, in seconds)\n" + "-K (0 is never, default %d)\n" + "-I (0 is never, default %d)\n" #ifdef DEBUG_TRACE "-v verbose (compiled with DEBUG_TRACE)\n" #endif diff --git a/release/src/router/dropbear/svr-session.c b/release/src/router/dropbear/svr-session.c index 77d167b76d..2a6bc66f23 100644 --- a/release/src/router/dropbear/svr-session.c +++ b/release/src/router/dropbear/svr-session.c @@ -205,7 +205,7 @@ void svr_dropbear_log(int priority, const char* format, va_list param) { local_tm = localtime(×ec); if (local_tm == NULL || strftime(datestr, sizeof(datestr), "%b %d %H:%M:%S", - local_tm) == 0) + localtime(×ec)) == 0) { /* upon failure, just print the epoch-seconds time. */ snprintf(datestr, sizeof(datestr), "%d", (int)timesec); diff --git a/release/src/router/dropbear/svr-tcpfwd.c b/release/src/router/dropbear/svr-tcpfwd.c index 591a2fcd98..6626a6d3a1 100644 --- a/release/src/router/dropbear/svr-tcpfwd.c +++ b/release/src/router/dropbear/svr-tcpfwd.c @@ -211,11 +211,12 @@ static int svr_remotetcpreq() { tcpinfo->tcp_type = forwarded; if (!opts.listen_fwd_all || (strcmp(bindaddr, "localhost") == 0) ) { - // NULL means "localhost only" - m_free(bindaddr); - bindaddr = NULL; + // NULL means "localhost only" + tcpinfo->listenaddr = NULL; + } + else { + tcpinfo->listenaddr = bindaddr; } - tcpinfo->listenaddr = bindaddr; ret = listen_tcpfwd(tcpinfo); diff --git a/release/src/router/dropbear/sysoptions.h b/release/src/router/dropbear/sysoptions.h index 1b417e5976..264f0fd356 100644 --- a/release/src/router/dropbear/sysoptions.h +++ b/release/src/router/dropbear/sysoptions.h @@ -4,7 +4,7 @@ *******************************************************************/ #ifndef DROPBEAR_VERSION -#define DROPBEAR_VERSION "2011.54" +#define DROPBEAR_VERSION "0.53.1" #endif #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION diff --git a/release/src/router/dropbear/tcp-accept.c b/release/src/router/dropbear/tcp-accept.c index c133535e96..cf0aa7a6c0 100644 --- a/release/src/router/dropbear/tcp-accept.c +++ b/release/src/router/dropbear/tcp-accept.c @@ -61,7 +61,6 @@ static void tcp_acceptor(struct Listener *listener, int sock) { if (getnameinfo((struct sockaddr*)&addr, len, ipstring, sizeof(ipstring), portstring, sizeof(portstring), NI_NUMERICHOST | NI_NUMERICSERV) != 0) { - m_close(fd); return; } @@ -82,9 +81,6 @@ static void tcp_acceptor(struct Listener *listener, int sock) { port = tcpinfo->listenport; } - if (addr == NULL) { - addr = "localhost"; - } buf_putstring(ses.writepayload, addr, strlen(addr)); buf_putint(ses.writepayload, port); -- 2.11.4.GIT