summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2020-10-23Move fuzzing code to fuzz/ subdirectory, improve Makefile.inMatt Johnston
2020-10-23Increase MAX_PROPOSED_ALGO to 50, warn if exceededMatt Johnston
2020-10-21Fix #ifdef DROPBEAR_FUZZ (caught by linter)Matt Johnston
2020-10-20Load password and key for client fuzzer.Matt Johnston
Add fuzz_dump()
2020-10-20Don't sort objects, it breaks -lcrypt orderingMatt Johnston
2020-10-19Add ubsan fuzz run to Travis CI tooMatt Johnston
2020-10-19Use Dropbear's random source rather than libtommath's platformMatt Johnston
2020-10-19Avoid passing NULL to memcpyMatt Johnston
2020-10-18Fix fuzzer buildMatt Johnston
2020-10-18Merge fuzz branchMatt Johnston
2020-10-18Allocate real file descriptors for fuzz input with dup()Matt Johnston
--HG-- branch : fuzz
2020-10-18Disallow extra kexinit messagesMatt Johnston
--HG-- branch : fuzz
2020-10-18Add fuzzer-client_nomaths, fix client fuzzerMatt Johnston
--HG-- branch : fuzz
2020-10-18Get client fuzzer building and starting (fails straight away)Matt Johnston
--HG-- branch : fuzz
2020-10-15Make wrapfd share a common buffer for all FDsMatt Johnston
--HG-- branch : fuzz
2020-10-15merge from mainMatt Johnston
--HG-- branch : fuzz
2020-10-08Avoid gnu extension conditional operatorMatt Johnston
2020-07-28Change secure.ucc.asn.au/hg to hg.ucc.asn.auMatt Johnston
2020-06-26Added signature for changeset 88f63b8b0f13Matt Johnston
2020-06-26Added tag DROPBEAR_2020.80 for changeset 73646de50f13Matt Johnston
2020-06-26version 2020.80Matt Johnston
2020-06-26Don't choke on disabled authorized_keys(5) optionsGuilhem Moulin
As of 2020.79 X11 forwarding is disabled at build time, which could lock out users with authorized_keys(5) files containing ‘no-X11-forwarding’ options.
2020-06-26update CHANGES for 2020.80Matt Johnston
2020-06-26Some notes on styleMatt Johnston
2020-06-25Refer to libtom license filesMatt Johnston
2020-06-23mergeMatt Johnston
2020-06-23move GNU_SOURCE earlierMatt Johnston
2020-06-23fix trace messages (#105)Ilya
2020-06-23check for poly1305_init in other libtomcrypt configure testMatt Johnston
2020-06-23_GNU_SOURCE for randomMatt Johnston
2020-06-18Disable toom and karatsuba for new libtommathMatt Johnston
2020-06-15Added signature for changeset 4877afd51e04Matt Johnston
2020-06-15Added tag DROPBEAR_2020.79 for changeset e2e4929d057bMatt Johnston
2020-06-15can't call "make lint" without configureMatt Johnston
2020-06-15changelog for 2020.79Matt Johnston
2020-06-15Fix "make install" for manpages in out-of-tree buildsGabor Z. Papp
2020-06-15Add DEVELOPING.mdMatt Johnston
2020-06-15Delay seedrandom until connectionsMatt Johnston
2020-06-15Disallow leading lines before the ident for server (#102)Vladislav Grishenko
Per RFC4253 4.2 clients must be able to process other lines of data before the version string, server behavior is not defined neither with MUST/SHOULD nor with MAY. If server process up to 50 lines too - it may cause too long hanging session with invalid/evil client that consume host resources and potentially may lead to DDoS on poor embedded boxes. Let's require first line from client to be version string and fail early if it's not - matches both RFC and real OpenSSH behavior.
2020-06-11Disable by default 3des, cbc, hmac-sha1-96, x11 forwardingMatt Johnston
2020-06-10Remove blowfishMatt Johnston
2020-06-10avoid zero length array in base64_decodeMatt Johnston
2020-06-10Merge libtomcrypt v1.18.2Matt Johnston
2020-06-10Fix whitespace changes vs upstream libtomcryptMatt Johnston
2020-06-10Sync curve25519 licenseVladislav Grishenko
2020-06-10Set IOV_MAX for IRIXKazuo Kuroi
2020-05-30void return types for curve25519Matt Johnston
2020-05-29Remove unused DEBUG_FORKGPROFMatt Johnston
2020-05-29Fix ChaCha20 on 32-bit platforms (#99)Vladislav Grishenko
* Fix ChaCha20 on 32-bit platforms On 32-bit platforms with old compiler STORE64H() parameter is not auto-expanded to 64-bit value, causing wrong IV data. Spotted on BCM4706 MIPS32r2 with GCC 4.2.4: Exit before auth: Integrity error (bad packet size 2065808956) * Fix Chacha20-Poly1305 and AES-GCM debug messages Functions were renamed earlier and trace messages - not.
2020-05-28Don't warn when SO_PRIORITY failsMatt Johnston
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-02 17:16:54 +0000