summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2020-06-15Added signature for changeset 4877afd51e04Matt Johnston
2020-06-15Added tag DROPBEAR_2020.79 for changeset e2e4929d057bMatt Johnston
2020-06-15can't call "make lint" without configureMatt Johnston
2020-06-15changelog for 2020.79Matt Johnston
2020-06-15Fix "make install" for manpages in out-of-tree buildsGabor Z. Papp
2020-06-15Add DEVELOPING.mdMatt Johnston
2020-06-15Delay seedrandom until connectionsMatt Johnston
2020-06-15Disallow leading lines before the ident for server (#102)Vladislav Grishenko
Per RFC4253 4.2 clients must be able to process other lines of data before the version string, server behavior is not defined neither with MUST/SHOULD nor with MAY. If server process up to 50 lines too - it may cause too long hanging session with invalid/evil client that consume host resources and potentially may lead to DDoS on poor embedded boxes. Let's require first line from client to be version string and fail early if it's not - matches both RFC and real OpenSSH behavior.
2020-06-11Disable by default 3des, cbc, hmac-sha1-96, x11 forwardingMatt Johnston
2020-06-10Remove blowfishMatt Johnston
2020-06-10avoid zero length array in base64_decodeMatt Johnston
2020-06-10Merge libtomcrypt v1.18.2Matt Johnston
2020-06-10Fix whitespace changes vs upstream libtomcryptMatt Johnston
2020-06-10Sync curve25519 licenseVladislav Grishenko
2020-06-10Set IOV_MAX for IRIXKazuo Kuroi
2020-05-30void return types for curve25519Matt Johnston
2020-05-29Remove unused DEBUG_FORKGPROFMatt Johnston
2020-05-29Fix ChaCha20 on 32-bit platforms (#99)Vladislav Grishenko
* Fix ChaCha20 on 32-bit platforms On 32-bit platforms with old compiler STORE64H() parameter is not auto-expanded to 64-bit value, causing wrong IV data. Spotted on BCM4706 MIPS32r2 with GCC 4.2.4: Exit before auth: Integrity error (bad packet size 2065808956) * Fix Chacha20-Poly1305 and AES-GCM debug messages Functions were renamed earlier and trace messages - not.
2020-05-28Don't warn when SO_PRIORITY failsMatt Johnston
2020-05-28Fix typo DROPBEAR_NORMAL_DHMatt Johnston
2020-05-28Allow DH to be completely disabled (#97)Vladislav Grishenko
Reduces binary size by ~2kB by default and by 21kB with no other libtommath functions users, ex. with curve25519 kex and ed25519 key only.
2020-05-28Fix warning for unused prngd branchMatt Johnston
2020-05-28Fix indentation and add bracesMatt Johnston
2020-05-28mergeMatt Johnston
2020-05-28Use Linux getrandom() to ensure random device is initialisedMatt Johnston
Remove old code warning about random device being not ready, /dev/random isn't used by default anyway.
2020-05-28set up early logging nameMatt Johnston
2020-05-28initialise variable to stop warningMatt Johnston
2020-05-27Avoid oss-fuzz $SANITIZER causing wrong buildMatt Johnston
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22608
2020-05-27Mention libtom version requirements, check for poly1305 in libtomcryptMatt Johnston
2020-05-26Bring back -Werror and improve travis testsMatt Johnston
2020-05-26Update LibTomMath to 1.2.0 (#84)Steffen Jaeckel
* update C files * update other files * update headers * update makefiles * remove mp_set/get_double() * use ltm 1.2.0 API * update ltm_desc * use bundled tommath if system-tommath is too old * XMALLOC etc. were changed to MP_MALLOC etc.
2020-05-26try rearrange travis build matrixMatt Johnston
2020-05-26.travis.yml needs spaces not tabsMatt Johnston
2020-05-26update travis to Ubuntu focal to provide chacha20Matt Johnston
2020-05-26Fix untested rsa-sha256 change to fuzzer-verifyMatt Johnston
2020-05-26Make "dbclient -m help -c help" workMatt Johnston
2020-05-26fix typoMatt Johnston
2020-05-26Get rid of unused "none" cipher optionMatt Johnston
2020-05-26cast to fix warningMatt Johnston
2020-05-26merge rsa-sha256Matt Johnston
2020-05-25CBC mode cleanup (#95)Vladislav Grishenko
* Fix CBC mode can't be fully disabled * Fix CBC mode can't be the only mode
2020-05-25Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)Vladislav Grishenko
* Add Chacha20-Poly1305 authenticated encryption * Add general AEAD approach. * Add chacha20-poly1305@openssh.com algo using LibTomCrypt chacha and poly1305 routines. Chacha20-Poly1305 is generally faster than AES256 on CPU w/o dedicated AES instructions, having the same key size. Compiling in will add ~5,5kB to binary size on x86-64. function old new delta chacha_crypt - 1397 +1397 _poly1305_block - 608 +608 poly1305_done - 595 +595 dropbear_chachapoly_crypt - 457 +457 .rodata 26976 27392 +416 poly1305_process - 290 +290 poly1305_init - 221 +221 chacha_setup - 218 +218 encrypt_packet 1068 1270 +202 dropbear_chachapoly_getlength - 147 +147 decrypt_packet 756 897 +141 chacha_ivctr64 - 137 +137 read_packet 543 637 +94 dropbear_chachapoly_start - 94 +94 read_kex_algos 792 880 +88 chacha_keystream - 69 +69 dropbear_mode_chachapoly - 48 +48 sshciphers 280 320 +40 dropbear_mode_none 24 48 +24 dropbear_mode_ctr 24 48 +24 dropbear_mode_cbc 24 48 +24 dropbear_chachapoly_mac - 24 +24 dropbear_chachapoly - 24 +24 gen_new_keys 848 854 +6 ------------------------------------------------------------------------------ (add/remove: 14/0 grow/shrink: 10/0 up/down: 5388/0) Total: 5388 bytes * Add AES128-GCM and AES256-GCM authenticated encryption * Add general AES-GCM mode. * Add aes128-gcm@openssh.com and aes256-gcm@openssh.com algo using LibTomCrypt gcm routines. AES-GCM is combination of AES CTR mode and GHASH, slower than AES-CTR on CPU w/o dedicated AES/GHASH instructions therefore disabled by default. Compiling in will add ~6kB to binary size on x86-64. function old new delta gcm_process - 1060 +1060 .rodata 26976 27808 +832 gcm_gf_mult - 820 +820 gcm_add_aad - 660 +660 gcm_shift_table - 512 +512 gcm_done - 471 +471 gcm_add_iv - 384 +384 gcm_init - 347 +347 dropbear_gcm_crypt - 309 +309 encrypt_packet 1068 1270 +202 decrypt_packet 756 897 +141 gcm_reset - 118 +118 read_packet 543 637 +94 read_kex_algos 792 880 +88 sshciphers 280 360 +80 gcm_mult_h - 80 +80 dropbear_gcm_start - 62 +62 dropbear_mode_gcm - 48 +48 dropbear_mode_none 24 48 +24 dropbear_mode_ctr 24 48 +24 dropbear_mode_cbc 24 48 +24 dropbear_ghash - 24 +24 dropbear_gcm_getlength - 24 +24 gen_new_keys 848 854 +6 ------------------------------------------------------------------------------ (add/remove: 14/0 grow/shrink: 10/0 up/down: 6434/0) Total: 6434 bytes
2020-05-25Mention Ed25519 in dropbearkey man (#94)Vladislav Grishenko
2020-05-25Add files via upload (#90)jcmathews
When SSHKeepAlive is enabled, dropbear idletimeout is not working as expected.
2020-05-25scp.c: Port OpenSSH CVE-2018-20685 fix (#80)Haelwenn Monnier
2020-05-25rsa-sha256 for ssh-agentMatt Johnston
2020-05-24send and handle SSH_MSG_EXT_INFO only at the correct pointMatt Johnston
- other fixes for rsa pubkey auth - only include ext-info handling when rsa pubkey auth is compiled
2020-05-24run linterMatt Johnston
2020-05-24Add linter for #ifdefMatt Johnston
2020-05-21Make server send SSH_MSG_EXT_INFOMatt Johnston
Ensure that only valid hostkey algorithms are sent in the first kex guess
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-28 17:11:27 +0000