summaryrefslogtreecommitdiffhomepage
path: root/common-session.c
AgeCommit message (Collapse)Author
2020-10-21Fix #ifdef DROPBEAR_FUZZ (caught by linter)Matt Johnston
2020-10-20Load password and key for client fuzzer.Matt Johnston
Add fuzz_dump()
2020-06-15Disallow leading lines before the ident for server (#102)Vladislav Grishenko
Per RFC4253 4.2 clients must be able to process other lines of data before the version string, server behavior is not defined neither with MUST/SHOULD nor with MAY. If server process up to 50 lines too - it may cause too long hanging session with invalid/evil client that consume host resources and potentially may lead to DDoS on poor embedded boxes. Let's require first line from client to be version string and fail early if it's not - matches both RFC and real OpenSSH behavior.
2019-05-15Rename EPKA -> PluginMatt Johnston
2019-05-15External Public-Key Authentication API (#72)fabriziobertocci
* Implemented dynamic loading of an external plug-in shared library to delegate public key authentication * Moved conditional compilation of the plugin infrastructure into the configure.ac script to be able to add -ldl to dropbear build only when the flag is enabled * Added tags file to the ignore list * Updated API to have the constructor to return function pointers in the pliugin instance. Added support for passing user name to the checkpubkey function. Added options to the session returned by the plugin and have dropbear to parse and process them * Added -rdynamic to the linker flags when EPKA is enabled * Changed the API to pass a previously created session to the checkPubKey function (created during preauth) * Added documentation to the API * Added parameter addrstring to plugin creation function * Modified the API to retrieve the auth options. Instead of having them as field of the EPKASession struct, they are stored internally (plugin-dependent) in the plugin/session and retrieved through a pointer to a function (in the session) * Changed option string to be a simple char * instead of unsigned char *
2019-03-20Add a sanity check for DROPBEAR_SVR_MULTIUSER==0 modeMatt Johnston
2018-03-06workaround memory sanitizer FD_ZERO false positivesMatt Johnston
2018-03-04get rid of unused packet_type in encrypted write queueMatt Johnston
2018-02-28- #if not #ifdef for DROPBEAR_FUZZMatt Johnston
- fix some unused variables --HG-- branch : fuzz
2018-02-26merge from mainMatt Johnston
--HG-- branch : fuzz
2018-02-20use a full prototype (#56)François Perrad
2018-02-17merge from mainMatt Johnston
--HG-- branch : fuzz
2018-02-14make signal flags volatile, simplify handlingMatt Johnston
2017-05-20glaring wrapfd problems fixedMatt Johnston
--HG-- branch : fuzz
2017-05-20closer to workingMatt Johnston
--HG-- branch : fuzz
2016-07-21merge 2016.74Matt Johnston
2016-05-04Convert #ifdef to #if, other build changesMatt Johnston
2016-04-29Avoid busy loop while waiting for rekey responseMatt Johnston
2016-07-11better TRACE of failed remote identMatt Johnston
2016-04-29Avoid busy loop while waiting for rekey responseMatt Johnston
2016-03-16fix empty C prototypesFrancois Perrad
2015-11-27Fix ses.channel_signal_pending raceMatt Johnston
2015-09-29make sure that the test for queued packets to write occurs afterMatt Johnston
those packets might have been enqueued by set_connect_fds()
2015-08-07only update keepalive timeout post-auth (when keepalives are sent)Matt Johnston
2015-08-03set timeouts to time remaining rather than timeout durationMatt Johnston
2015-08-03Fix problem where auth timeout wasn't checked when waiting for identMatt Johnston
2015-06-04buf_getstring and buf_putstring now use non-unsigned char*Matt Johnston
2015-06-04Merge pull request #13 from gazoo74/fix-warningsMatt Johnston
Fix warnings
2015-05-05Fix pointer differ in signess warnings [-Werror=pointer-sign]Gaël PORTAY
2015-05-03Make sure kexfirstinitialise is called early enoughMatt Johnston
2015-05-02Fix no-writev fallbackMatt Johnston
2015-03-20Make main socket nonblocking. Limit writequeue size.Matt Johnston
2015-03-01reword comment for clarityMatt Johnston
--HG-- branch : nocircbuffer
2015-02-28Add cleanupMatt Johnston
--HG-- branch : fastopen
2015-02-28merge from defaultMatt Johnston
--HG-- branch : fastopen
2015-02-24Some additional cleanup functionsMatt Johnston
2015-02-24Free memory before exiting. Based on patch from Thorsten Horstmann.Matt Johnston
Client side is not complete.
2015-02-24Fix for old compilers, variable declarations at beginning of functionsThorsten Horstmann
and /**/ comments
2015-02-20Move generic network routines to netio.cMatt Johnston
--HG-- branch : fastopen
2015-02-20Update priority once the socket is openMatt Johnston
--HG-- branch : fastopen
2015-02-18async connections workingMatt Johnston
--HG-- branch : fastopen
2015-02-13Add envirnonment variable for debug timestamps to roughly matchMatt Johnston
network timestamps (in tshark)
2015-02-13Fix print that no longer works since we're not using fourCCsMatt Johnston
2014-08-19Make keepalive handling more robust, this should now match what OpenSSH doesMatt Johnston
2014-08-13Don't send SSH_MSG_UNIMPLEMENTED for keepalive responsesMatt Johnston
2014-07-16Set tcp priority as follows:Matt Johnston
if (connecting || ptys || x11) tos = LOWDELAY; else if (tcp_forwards) tos = 0; else tos = BULK; TCP forwards could be either lowdelay or bulk, hence the default priority.
2014-07-09Fix auth timeout regressionMatt Johnston
2014-07-09Make -K keepalive behave like OpenSSH's ServerAliveIntervalMatt Johnston
2014-03-15Experiment of always writing data if available. Might waste a writev() withMatt Johnston
EAGAIN but always saves a select() - needs testing with bandwidth-limited and CPU-limited situations.
2014-03-13Add new monotonic_now() wrapper so that timeouts are unaffected byMatt Johnston
system clock changes
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-27 04:29:26 +0000