diff options
| -rw-r--r-- | algo.h | 1 | ||||
| -rw-r--r-- | bignum.c | 2 | ||||
| -rw-r--r-- | cli-runopts.c | 2 | ||||
| -rw-r--r-- | common-algo.c | 4 | ||||
| -rw-r--r-- | common-kex.c | 9 | ||||
| -rw-r--r-- | ecc.c | 4 | ||||
| -rw-r--r-- | ecdsa.c | 6 | ||||
| -rw-r--r-- | ecdsa.h | 1 | ||||
| -rw-r--r-- | gensignkey.c | 4 | ||||
| -rw-r--r-- | signkey.c | 3 | ||||
| -rw-r--r-- | svr-auth.c | 2 | ||||
| -rw-r--r-- | svr-authpubkey.c | 2 | ||||
| -rw-r--r-- | svr-kex.c | 20 | ||||
| -rw-r--r-- | svr-runopts.c | 10 |
14 files changed, 34 insertions, 36 deletions
@@ -56,7 +56,6 @@ extern algo_type ssh_nocompress[]; extern const struct dropbear_cipher dropbear_nocipher; extern const struct dropbear_cipher_mode dropbear_mode_none; extern const struct dropbear_hash dropbear_nohash; -extern const struct dropbear_kex kex_curve25519; struct dropbear_cipher { const struct ltc_cipher_descriptor *cipherdesc; @@ -78,8 +78,6 @@ void bytes_to_mp(mp_int *mp, const unsigned char* bytes, unsigned int len) { /* hash the ssh representation of the mp_int mp */ void hash_process_mp(const struct ltc_hash_descriptor *hash_desc, hash_state *hs, mp_int *mp) { - - int i; buffer * buf; buf = buf_new(512 + 20); /* max buffer is a 4096 bit key, diff --git a/cli-runopts.c b/cli-runopts.c index b8d304f..d20928b 100644 --- a/cli-runopts.c +++ b/cli-runopts.c @@ -450,7 +450,7 @@ void cli_getopts(int argc, char ** argv) { #ifdef ENABLE_CLI_PUBKEY_AUTH static void loadidentityfile(const char* filename) { sign_key *key; - int keytype; + enum signkey_type keytype; key = new_sign_key(); keytype = DROPBEAR_SIGNKEY_ANY; diff --git a/common-algo.c b/common-algo.c index 2cac9d7..621a8cb 100644 --- a/common-algo.c +++ b/common-algo.c @@ -231,6 +231,8 @@ algo_type sshhostkey[] = { static const struct dropbear_kex kex_dh_group1 = {DROPBEAR_KEX_NORMAL_DH, dh_p_1, DH_P_1_LEN, NULL, &sha1_desc }; static const struct dropbear_kex kex_dh_group14 = {DROPBEAR_KEX_NORMAL_DH, dh_p_14, DH_P_14_LEN, NULL, &sha1_desc }; +/* These can't be const since dropbear_ecc_fill_dp() fills out + ecc_curve at runtime */ #ifdef DROPBEAR_ECDH #ifdef DROPBEAR_ECC_256 static struct dropbear_kex kex_ecdh_nistp256 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp256, &sha256_desc }; @@ -245,7 +247,7 @@ static struct dropbear_kex kex_ecdh_nistp521 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc #ifdef DROPBEAR_CURVE25519 /* Referred to directly */ -const struct dropbear_kex kex_curve25519 = {DROPBEAR_KEX_CURVE25519, NULL, 0, NULL, &sha256_desc }; +static const struct dropbear_kex kex_curve25519 = {DROPBEAR_KEX_CURVE25519, NULL, 0, NULL, &sha256_desc }; #endif algo_type sshkex[] = { diff --git a/common-kex.c b/common-kex.c index 8e3d1fc..a304d02 100644 --- a/common-kex.c +++ b/common-kex.c @@ -577,7 +577,7 @@ struct kex_dh_param *gen_kexdh_param() { TRACE(("enter gen_kexdh_vals")) struct kex_dh_param *param = m_malloc(sizeof(*param)); - m_mp_init_multi(¶m->pub, ¶m->priv, NULL); + m_mp_init_multi(¶m->pub, ¶m->priv, &dh_g, &dh_p, &dh_q, NULL); /* read the prime and generator*/ load_dh_p(&dh_p); @@ -738,7 +738,7 @@ void free_kexcurve25519_param(struct kex_curve25519_param *param) void kexcurve25519_comb_key(struct kex_curve25519_param *param, buffer *buf_pub_them, sign_key *hostkey) { - unsigned char* out = m_malloc(CURVE25519_LEN); + unsigned char out[CURVE25519_LEN]; const unsigned char* Q_C = NULL; const unsigned char* Q_S = NULL; @@ -748,10 +748,9 @@ void kexcurve25519_comb_key(struct kex_curve25519_param *param, buffer *buf_pub_ } curve25519_donna(out, param->priv, buf_pub_them->data); - ses.dh_K = m_malloc(sizeof(*ses.dh_K)); - m_mp_init(ses.dh_K); + m_mp_alloc_init_multi(&ses.dh_K, NULL); bytes_to_mp(ses.dh_K, out, CURVE25519_LEN); - m_free(out); + m_burn(out, sizeof(out)); /* Create the remainder of the hash buffer, to generate the exchange hash. See RFC5656 section 4 page 7 */ @@ -6,7 +6,7 @@ #ifdef DROPBEAR_ECC -// .dp members are filled out by dropbear_ecc_fill_dp() at startup +/* .dp members are filled out by dropbear_ecc_fill_dp() at startup */ #ifdef DROPBEAR_ECC_256 struct dropbear_ecc_curve ecc_curve_nistp256 = { .ltc_size = 32, @@ -44,7 +44,7 @@ struct dropbear_ecc_curve *dropbear_ecc_curves[] = { void dropbear_ecc_fill_dp() { struct dropbear_ecc_curve **curve; - // libtomcrypt guarantees they're ordered by size + /* libtomcrypt guarantees they're ordered by size */ const ltc_ecc_set_type *dp = ltc_ecc_sets; for (curve = dropbear_ecc_curves; *curve; curve++) { for (;dp->size > 0; dp++) { @@ -246,8 +246,8 @@ out: // returns values in s and r // returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE -static int buf_get_ecdsa_verify_params(buffer *buf, struct dropbear_ecc_curve *curve, - void *r, void* s) { +static int buf_get_ecdsa_verify_params(buffer *buf, + void *r, void* s) { int ret = DROPBEAR_FAILURE; unsigned int sig_len; unsigned int sig_pos; @@ -302,7 +302,7 @@ int buf_ecdsa_verify(buffer *buf, ecc_key *key, buffer *data_buf) { dropbear_exit("ECC error"); } - if (buf_get_ecdsa_verify_params(buf, curve, r, s) != DROPBEAR_SUCCESS) { + if (buf_get_ecdsa_verify_params(buf, r, s) != DROPBEAR_SUCCESS) { goto out; } @@ -7,6 +7,7 @@ #ifdef DROPBEAR_ECDSA +/* Prefer the larger size - it's fast anyway */ #if defined(DROPBEAR_ECC_521) #define ECDSA_DEFAULT_SIZE 521 #elif defined(DROPBEAR_ECC_384) diff --git a/gensignkey.c b/gensignkey.c index 5726249..88a3949 100644 --- a/gensignkey.c +++ b/gensignkey.c @@ -85,6 +85,8 @@ int signkey_generate(enum signkey_type keytype, int bits, const char* filename) /* now we can generate the key */ key = new_sign_key(); + seedrandom(); + switch(keytype) { #ifdef DROPBEAR_RSA case DROPBEAR_SIGNKEY_RSA: @@ -112,6 +114,8 @@ int signkey_generate(enum signkey_type keytype, int bits, const char* filename) dropbear_exit("Internal error"); } + seedrandom(); + buf = buf_new(MAX_PRIVKEY_SIZE); buf_put_priv_key(buf, key, keytype); @@ -39,8 +39,7 @@ static const char *signkey_names[DROPBEAR_SIGNKEY_NUM_NAMED] = { #ifdef DROPBEAR_ECDSA "ecdsa-sha2-nistp256", "ecdsa-sha2-nistp384", - "ecdsa-sha2-nistp521", - "ecdsa" // for keygen + "ecdsa-sha2-nistp521" #endif // DROPBEAR_ECDSA }; @@ -231,7 +231,7 @@ static int checkusername(unsigned char *username, unsigned int userlen) { char* listshell = NULL; char* usershell = NULL; - int uid; + uid_t uid; TRACE(("enter checkusername")) if (userlen > MAX_USERNAME_LEN) { return DROPBEAR_FAILURE; diff --git a/svr-authpubkey.c b/svr-authpubkey.c index e0727de..4eca211 100644 --- a/svr-authpubkey.c +++ b/svr-authpubkey.c @@ -89,7 +89,7 @@ void svr_auth_pubkey() { buffer * signbuf = NULL; sign_key * key = NULL; char* fp = NULL; - int type = -1; + enum signkey_type type = -1; TRACE(("enter pubkeyauth")) @@ -64,18 +64,19 @@ void recv_msg_kexdh_init() { case DROPBEAR_KEX_CURVE25519: #if defined(DROPBEAR_ECDH) || defined(DROPBEAR_CURVE25519) ecdh_qs = buf_getstringbuf(ses.payload); - if (ses.payload->pos != ses.payload->len) { - dropbear_exit("Bad kex value"); - } #endif break; } + if (ses.payload->pos != ses.payload->len) { + dropbear_exit("Bad kex value"); + } send_msg_kexdh_reply(&dh_e, ecdh_qs); mp_clear(&dh_e); if (ecdh_qs) { buf_free(ecdh_qs); + ecdh_qs = NULL; } send_msg_newkeys(); @@ -132,8 +133,11 @@ static void svr_ensure_hostkey() { } if (link(fn_temp, fn) < 0) { + /* It's OK to get EEXIST - we probably just lost a race + with another connection to generate the key */ if (errno != EEXIST) { - dropbear_log(LOG_ERR, "Failed moving key file to %s", fn); + dropbear_log(LOG_ERR, "Failed moving key file to %s: %s", fn, + strerror(errno)); /* XXX fallback to non-atomic copy for some filesystems? */ goto out; } @@ -151,14 +155,6 @@ out: { dropbear_exit("Couldn't read or generate hostkey %s", fn); } - - // directory for keys. - - // Create lockfile first, or wait if it exists. PID! - // Generate key - // write it, load to memory - // atomic rename, done. - } #endif diff --git a/svr-runopts.c b/svr-runopts.c index fd05bbe..cbfd190 100644 --- a/svr-runopts.c +++ b/svr-runopts.c @@ -410,30 +410,30 @@ static void loadhostkey(const char *keyfile, int fatal_duplicate) { #ifdef DROPBEAR_RSA if (type == DROPBEAR_SIGNKEY_RSA) { - loadhostkey_helper("RSA", &read_key->rsakey, &svr_opts.hostkey->rsakey, fatal_duplicate); + loadhostkey_helper("RSA", (void**)&read_key->rsakey, (void**)&svr_opts.hostkey->rsakey, fatal_duplicate); } #endif #ifdef DROPBEAR_DSS if (type == DROPBEAR_SIGNKEY_DSS) { - loadhostkey_helper("DSS", &read_key->dsskey, &svr_opts.hostkey->dsskey, fatal_duplicate); + loadhostkey_helper("DSS", (void**)&read_key->dsskey, (void**)&svr_opts.hostkey->dsskey, fatal_duplicate); } #endif #ifdef DROPBEAR_ECDSA #ifdef DROPBEAR_ECC_256 if (type == DROPBEAR_SIGNKEY_ECDSA_NISTP256) { - loadhostkey_helper("ECDSA256", &read_key->ecckey256, &svr_opts.hostkey->ecckey256, fatal_duplicate); + loadhostkey_helper("ECDSA256", (void**)&read_key->ecckey256, (void**)&svr_opts.hostkey->ecckey256, fatal_duplicate); } #endif #ifdef DROPBEAR_ECC_384 if (type == DROPBEAR_SIGNKEY_ECDSA_NISTP384) { - loadhostkey_helper("ECDSA384", &read_key->ecckey384, &svr_opts.hostkey->ecckey384, fatal_duplicate); + loadhostkey_helper("ECDSA384", (void**)&read_key->ecckey384, (void**)&svr_opts.hostkey->ecckey384, fatal_duplicate); } #endif #ifdef DROPBEAR_ECC_521 if (type == DROPBEAR_SIGNKEY_ECDSA_NISTP521) { - loadhostkey_helper("ECDSA521", &read_key->ecckey521, &svr_opts.hostkey->ecckey521, fatal_duplicate); + loadhostkey_helper("ECDSA521", (void**)&read_key->ecckey521, (void**)&svr_opts.hostkey->ecckey521, fatal_duplicate); } #endif #endif // DROPBEAR_ECDSA |