summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2023-07-25WIP bindtodevicebindtodeviceMikael Magnusson
2021-08-19keep LANG env variable for child process (#111)HEADmasterfidomax
2021-08-19Remove unused argument of do_cmd() in scp.c (#125)Anton Bershanskiy
2021-08-19signkey: remove !! from SHA1 digest (#130)Sven Roederer
Remove the "!!" chars from message when printing the key-fingerprint, as it's confusing users. They have been added when switching from MD5, but SHA1 can be considered as standard today. Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
2021-08-19added option to disable trivial auth methods (#128)Manfred Kaiser
* added option to disable trivial auth methods * rename argument to match with other ssh clients * fixed trivial auth detection for pubkeys
2021-08-19Clarify help text for dropbear -e environment optionMatt Johnston
2021-08-19pass on sever process environment to child processes (option -e) (#118)Roland Vollgraf
2021-05-01Add "restrict" authorized_keys optionMatt Johnston
2021-03-31Don't include .hg_archival.txt in tarballs. They're now reproducible.Matt Johnston
2021-03-31mergeMatt Johnston
2021-03-31Add configure script to version control. Set timezone for release tarballMatt Johnston
2021-03-31Update config.sub and config.guess to latestMatt Johnston
2021-03-30Make releases tarballs more deterministicMatt Johnston
Not fully tested on different systems yet
2021-03-30Remove some obselete autoconf bits.Matt Johnston
Keeps autoconf 2.71 happy, though we leave the prereq version at 2.59
2021-03-18Use MAX_HOST_LEN for TCP forwarding requests (#121)ValdikSS
tcpip-forward request can include hostname, which is later resolved by getaddrinfo() call. Dropbear incorrectly assumes tcpip-forward includes only IP(v4) address. Fix this.
2021-03-08fuzz: don't push wrapfd descriptors larger than neededMatt Johnston
2021-03-07fuzz: add -q quiet argument for standalone fuzzers.Matt Johnston
travis has a log length limit
2021-03-07fuzz: split long argument list with xargsMatt Johnston
2021-03-06fuzz: cifuzz fix syntaxMatt Johnston
2021-03-06fuzz: try run cifuzz on push as wellMatt Johnston
2021-03-06fuzz: add cifuzz for github pull requestsMatt Johnston
2021-03-06Prevent multiple shells being spawnedMatt Johnston
Existing shells would be leaked. The old check only caught multiple commands, not shells.
2021-03-06small tidy of "signal" while loopMatt Johnston
2021-03-06fuzz: handle errors from wrapfd_new_dummy()Matt Johnston
2021-03-05fuzz: fix crash in newtcpdirect(), don't close the channel too earlyMatt Johnston
2021-03-05Return errstring on connect failureMatt Johnston
2021-03-04fuzz: avoid extraneous printingMatt Johnston
2021-03-04Define _GNU_SOURCE properly, other header fixesMatt Johnston
This lets -std=c89 build for gcc 8.4.0
2021-03-04Small cleanups of netio allocated portMatt Johnston
2021-03-04Update netio.c (#115)Guillaume Picquet
Moved allocated_lport_p and allocated_lport at begin of block to buld in C89
2021-03-04Update cli-main.c (#114)Guillaume Picquet
Moved pid_t proxy_cmd_pid declaration at begin of block to allow build in c89 (gcc-2.95)
2021-03-02Disable UNAUTH_CLOSE_DELAY by defaultMatt Johnston
2021-01-29mergeMatt Johnston
2021-01-29fuzz: wrap kill()Matt Johnston
2020-12-17Update INSTALL (#113)Xenhat
Make Git/Mercurial instructions easier to understand
2020-12-10Use buf_eatstring insteadMatt Johnston
2020-12-10Fix handling of replies to global requests (#112)Dirkjan Bussink
The current code assumes that all global requests want / need a reply. This isn't always true and the request itself indicates if it wants a reply or not. It causes a specific problem with hostkeys-00@openssh.com messages. These are sent by OpenSSH after authentication to inform the client of potential other host keys for the host. This can be used to add a new type of host key or to rotate host keys. The initial information message from the server is sent as a global request, but with want_reply set to false. This means that the server doesn't expect an answer to this message. Instead the client needs to send a prove request as a reply if it wants to receive proof of ownership for the host keys. The bug doesn't cause any current problems with due to how OpenSSH treats receiving the failure message. It instead treats it as a keepalive message and further ignores it. Arguably this is a protocol violation though of Dropbear and it is only accidental that it doesn't cause a problem with OpenSSH. The bug was found when adding host keys support to libssh, which is more strict protocol wise and treats the unexpected failure message an error, also see https://gitlab.com/libssh/libssh-mirror/-/merge_requests/145 for more information. The fix here is to honor the want_reply flag in the global request and to only send a reply if the other side expects a reply.
2020-12-07Fix null pointer dereference removing listenersMatt Johnston
2020-12-06fuzz: add an always-failing dropbear_listen() replacementMatt Johnston
2020-12-06fuzz: work around fuzz_connect_remote() limitationsMatt Johnston
2020-12-05Some minor manpage improvementsMatt Johnston
2020-12-05fuzz: skip custom mutators with -fsanitize=memoryMatt Johnston
2020-12-03fuzz: make postauth set authdone properlyMatt Johnston
2020-12-03Remove unused cli_authinitialiseMatt Johnston
2020-11-17fuzzing - Set postauth user to root since that's what it runs asMatt Johnston
2020-11-16fuzzing: add workaround getpwuid/getpwnamMatt Johnston
2020-11-15Fix fuzzing buildMatt Johnston
2020-11-13Add server postauth fuzzer, wrap connect_remote()Matt Johnston
2020-11-13Remove accidentally committed abort()Matt Johnston
2020-11-02fuzzing - fix some wrong types and -lcrypt on macosMatt Johnston
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-23 03:32:33 +0000