summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2020-06-10Set IOV_MAX for IRIXKazuo Kuroi
2020-05-30void return types for curve25519Matt Johnston
2020-05-29Remove unused DEBUG_FORKGPROFMatt Johnston
2020-05-29Fix ChaCha20 on 32-bit platforms (#99)Vladislav Grishenko
* Fix ChaCha20 on 32-bit platforms On 32-bit platforms with old compiler STORE64H() parameter is not auto-expanded to 64-bit value, causing wrong IV data. Spotted on BCM4706 MIPS32r2 with GCC 4.2.4: Exit before auth: Integrity error (bad packet size 2065808956) * Fix Chacha20-Poly1305 and AES-GCM debug messages Functions were renamed earlier and trace messages - not.
2020-05-28Don't warn when SO_PRIORITY failsMatt Johnston
2020-05-28Fix typo DROPBEAR_NORMAL_DHMatt Johnston
2020-05-28Allow DH to be completely disabled (#97)Vladislav Grishenko
Reduces binary size by ~2kB by default and by 21kB with no other libtommath functions users, ex. with curve25519 kex and ed25519 key only.
2020-05-28Fix warning for unused prngd branchMatt Johnston
2020-05-28Fix indentation and add bracesMatt Johnston
2020-05-28mergeMatt Johnston
2020-05-28Use Linux getrandom() to ensure random device is initialisedMatt Johnston
Remove old code warning about random device being not ready, /dev/random isn't used by default anyway.
2020-05-28set up early logging nameMatt Johnston
2020-05-28initialise variable to stop warningMatt Johnston
2020-05-27Avoid oss-fuzz $SANITIZER causing wrong buildMatt Johnston
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22608
2020-05-27Mention libtom version requirements, check for poly1305 in libtomcryptMatt Johnston
2020-05-26Bring back -Werror and improve travis testsMatt Johnston
2020-05-26Update LibTomMath to 1.2.0 (#84)Steffen Jaeckel
* update C files * update other files * update headers * update makefiles * remove mp_set/get_double() * use ltm 1.2.0 API * update ltm_desc * use bundled tommath if system-tommath is too old * XMALLOC etc. were changed to MP_MALLOC etc.
2020-05-26try rearrange travis build matrixMatt Johnston
2020-05-26.travis.yml needs spaces not tabsMatt Johnston
2020-05-26update travis to Ubuntu focal to provide chacha20Matt Johnston
2020-05-26Fix untested rsa-sha256 change to fuzzer-verifyMatt Johnston
2020-05-26Make "dbclient -m help -c help" workMatt Johnston
2020-05-26fix typoMatt Johnston
2020-05-26Get rid of unused "none" cipher optionMatt Johnston
2020-05-26cast to fix warningMatt Johnston
2020-05-26merge rsa-sha256Matt Johnston
2020-05-25CBC mode cleanup (#95)Vladislav Grishenko
* Fix CBC mode can't be fully disabled * Fix CBC mode can't be the only mode
2020-05-25Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)Vladislav Grishenko
* Add Chacha20-Poly1305 authenticated encryption * Add general AEAD approach. * Add chacha20-poly1305@openssh.com algo using LibTomCrypt chacha and poly1305 routines. Chacha20-Poly1305 is generally faster than AES256 on CPU w/o dedicated AES instructions, having the same key size. Compiling in will add ~5,5kB to binary size on x86-64. function old new delta chacha_crypt - 1397 +1397 _poly1305_block - 608 +608 poly1305_done - 595 +595 dropbear_chachapoly_crypt - 457 +457 .rodata 26976 27392 +416 poly1305_process - 290 +290 poly1305_init - 221 +221 chacha_setup - 218 +218 encrypt_packet 1068 1270 +202 dropbear_chachapoly_getlength - 147 +147 decrypt_packet 756 897 +141 chacha_ivctr64 - 137 +137 read_packet 543 637 +94 dropbear_chachapoly_start - 94 +94 read_kex_algos 792 880 +88 chacha_keystream - 69 +69 dropbear_mode_chachapoly - 48 +48 sshciphers 280 320 +40 dropbear_mode_none 24 48 +24 dropbear_mode_ctr 24 48 +24 dropbear_mode_cbc 24 48 +24 dropbear_chachapoly_mac - 24 +24 dropbear_chachapoly - 24 +24 gen_new_keys 848 854 +6 ------------------------------------------------------------------------------ (add/remove: 14/0 grow/shrink: 10/0 up/down: 5388/0) Total: 5388 bytes * Add AES128-GCM and AES256-GCM authenticated encryption * Add general AES-GCM mode. * Add aes128-gcm@openssh.com and aes256-gcm@openssh.com algo using LibTomCrypt gcm routines. AES-GCM is combination of AES CTR mode and GHASH, slower than AES-CTR on CPU w/o dedicated AES/GHASH instructions therefore disabled by default. Compiling in will add ~6kB to binary size on x86-64. function old new delta gcm_process - 1060 +1060 .rodata 26976 27808 +832 gcm_gf_mult - 820 +820 gcm_add_aad - 660 +660 gcm_shift_table - 512 +512 gcm_done - 471 +471 gcm_add_iv - 384 +384 gcm_init - 347 +347 dropbear_gcm_crypt - 309 +309 encrypt_packet 1068 1270 +202 decrypt_packet 756 897 +141 gcm_reset - 118 +118 read_packet 543 637 +94 read_kex_algos 792 880 +88 sshciphers 280 360 +80 gcm_mult_h - 80 +80 dropbear_gcm_start - 62 +62 dropbear_mode_gcm - 48 +48 dropbear_mode_none 24 48 +24 dropbear_mode_ctr 24 48 +24 dropbear_mode_cbc 24 48 +24 dropbear_ghash - 24 +24 dropbear_gcm_getlength - 24 +24 gen_new_keys 848 854 +6 ------------------------------------------------------------------------------ (add/remove: 14/0 grow/shrink: 10/0 up/down: 6434/0) Total: 6434 bytes
2020-05-25Mention Ed25519 in dropbearkey man (#94)Vladislav Grishenko
2020-05-25Add files via upload (#90)jcmathews
When SSHKeepAlive is enabled, dropbear idletimeout is not working as expected.
2020-05-25scp.c: Port OpenSSH CVE-2018-20685 fix (#80)Haelwenn Monnier
2020-05-25rsa-sha256 for ssh-agentMatt Johnston
2020-05-24send and handle SSH_MSG_EXT_INFO only at the correct pointMatt Johnston
- other fixes for rsa pubkey auth - only include ext-info handling when rsa pubkey auth is compiled
2020-05-24run linterMatt Johnston
2020-05-24Add linter for #ifdefMatt Johnston
2020-05-21Make server send SSH_MSG_EXT_INFOMatt Johnston
Ensure that only valid hostkey algorithms are sent in the first kex guess
2020-05-21Make DEBUG_NOFORK a #if not #ifdefMatt Johnston
2020-05-19ext-info handling for server-sig-algsMatt Johnston
only client side is handled
2020-05-17split signkey_type and signature_type for RSA sha1 vs sha256Matt Johnston
2020-04-06use sigtype where appropriateMatt Johnston
2020-03-27When explicitly passing --disable-fuzz to ./configure fuzz was actuallyAlexander Dahl
enabled. Signed-off-by: Alexander Dahl <ada@thorsis.com>
2020-03-10Update remaining advise to edit options.hAlexander Dahl
You should edit localoptions.h instead.
2020-03-18Handle early exit when addrstring isn't setMatt Johnston
2020-03-18Improve address logging on early exit messages (#83)Kevin Darbyshire-Bryant
Change 'Early exit' and 'Exit before auth' messages to include the IP address & port as part of the message. This allows log scanning utilities such as 'fail2ban' to obtain the offending IP address as part of the failure event instead of extracting the PID from the message and then scanning the log again for match 'child connection from' messages Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-03-14mergeMatt Johnston
2020-03-14Set SSH_ORIGINAL_COMMAND for "dropbear -c" too, fix build withoutMatt Johnston
DROPBEAR_SVR_PUBKEY_OPTIONS
2020-03-14Don't log authorized_keys command= every timeMatt Johnston
2020-03-14Fallback for key gen without hard link support (#89)Matt Robinson
Add a non-atomic fallback for key generation on platforms where link() is not permitted (such as most stock Android installs) or on filesystems without hard link support (such as FAT).
2020-03-14MOTD enabled by default as the manpage says (#87)zciendor
The man page (https://github.com/mkj/dropbear/blob/master/dropbear.8) says MOTD will be printed by default for any login shell, but it was disabled at compile time. Probably happened by accident when this code was moved from `options.h` to `default_options.h`.
2020-03-12Add Ed25519 support (#91)Vladislav Grishenko
* Add support for Ed25519 as a public key type Ed25519 is a elliptic curve signature scheme that offers better security than ECDSA and DSA and good performance. It may be used for both user and host keys. OpenSSH key import and fuzzer are not supported yet. Initially inspired by Peter Szabo. * Add curve25519 and ed25519 fuzzers * Add import and export of Ed25519 keys
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-09 10:34:48 +0000