Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • Geofferey/dropbear
1 result
Show changes
Commits on Source (36)
Hide whitespace changes
Inline Side-by-side
Showing
with 88 additions and 116 deletions
INSTALL
View file @ 278a3e43
@@ -22,7 +22,11 @@ recompiling - bad things will happen otherwise)
@@ -22,7 +22,11 @@ recompiling - bad things will happen otherwise)
   
See MULTI for instructions on making all-in-one binaries. See MULTI for instructions on making all-in-one binaries.
   
If you want to compile statically, add "STATIC=1" to the make command-line. If you want to compile statically use ./configure --enable-static
By default Dropbear adds various build flags that improve robustness
against programming bugs (good for security) - if these cause problems
they can be disabled with ./configure --disable-harden
   
Binaries can be stripped with "make strip" Binaries can be stripped with "make strip"
   
Makefile.in
View file @ 278a3e43
@@ -2,12 +2,11 @@
@@ -2,12 +2,11 @@
# @configure_input@ # @configure_input@
   
# invocation: # invocation:
# make PROGRAMS="dropbear dbclient scp" MULTI=1 STATIC=1 SCPPROGRESS=1 # make PROGRAMS="dropbear dbclient scp" MULTI=1 SCPPROGRESS=1
# #
# to make a multiple-program statically linked binary "staticdropbearmulti". # to make a multiple-program binary "dropbearmulti".
# This example will include dropbear, scp, dropbearkey, dropbearconvert, and # This example will include dropbear, scp, dropbearkey, dropbearconvert, and
# dbclient functionality, and includes the progress-bar functionality in scp. # dbclient functionality, and includes the progress-bar functionality in scp.
# Hopefully that seems intuitive.
   
ifndef PROGRAMS ifndef PROGRAMS
PROGRAMS=dropbear dbclient dropbearkey dropbearconvert PROGRAMS=dropbear dbclient dropbearkey dropbearconvert
@@ -94,6 +93,8 @@ LDFLAGS=@LDFLAGS@
@@ -94,6 +93,8 @@ LDFLAGS=@LDFLAGS@
   
EXEEXT=@EXEEXT@ EXEEXT=@EXEEXT@
   
STATIC=@STATIC@
# whether we're building client, server, or both for the common objects. # whether we're building client, server, or both for the common objects.
# evilness so we detect 'dropbear' by itself as a word # evilness so we detect 'dropbear' by itself as a word
space:= $(empty) $(empty) space:= $(empty) $(empty)
@@ -115,7 +116,7 @@ ifeq ($(STATIC), 1)
@@ -115,7 +116,7 @@ ifeq ($(STATIC), 1)
endif endif
   
ifeq ($(MULTI), 1) ifeq ($(MULTI), 1)
TARGETS=dropbearmulti TARGETS=dropbearmulti$(EXEEXT)
else else
TARGETS=$(PROGRAMS) TARGETS=$(PROGRAMS)
endif endif
@@ -132,14 +133,14 @@ strip: $(TARGETS)
@@ -132,14 +133,14 @@ strip: $(TARGETS)
   
install: $(addprefix inst_, $(TARGETS)) install: $(addprefix inst_, $(TARGETS))
   
insmultidropbear: dropbearmulti insmultidropbear: dropbearmulti$(EXEEXT)
$(INSTALL) -d $(DESTDIR)$(sbindir) $(INSTALL) -d $(DESTDIR)$(sbindir)
-rm -f $(DESTDIR)$(sbindir)/dropbear$(EXEEXT) -rm -f $(DESTDIR)$(sbindir)/dropbear$(EXEEXT)
-ln -s $(bindir)/dropbearmulti$(EXEEXT) $(DESTDIR)$(sbindir)/dropbear$(EXEEXT) -ln -s $(bindir)/dropbearmulti$(EXEEXT) $(DESTDIR)$(sbindir)/dropbear$(EXEEXT)
$(INSTALL) -d $(DESTDIR)$(mandir)/man8 $(INSTALL) -d $(DESTDIR)$(mandir)/man8
$(INSTALL) -m 644 $(srcdir)/dropbear.8 $(DESTDIR)$(mandir)/man8/dropbear.8 $(INSTALL) -m 644 $(srcdir)/dropbear.8 $(DESTDIR)$(mandir)/man8/dropbear.8
   
insmulti%: dropbearmulti insmulti%: dropbearmulti$(EXEEXT)
$(INSTALL) -d $(DESTDIR)$(bindir) $(INSTALL) -d $(DESTDIR)$(bindir)
-rm -f $(DESTDIR)$(bindir)/$*$(EXEEXT) -rm -f $(DESTDIR)$(bindir)/$*$(EXEEXT)
-ln -s $(bindir)/dropbearmulti$(EXEEXT) $(DESTDIR)$(bindir)/$*$(EXEEXT) -ln -s $(bindir)/dropbearmulti$(EXEEXT) $(DESTDIR)$(bindir)/$*$(EXEEXT)
@@ -219,8 +220,9 @@ sizes: dropbear
@@ -219,8 +220,9 @@ sizes: dropbear
clean: ltc-clean ltm-clean thisclean clean: ltc-clean ltm-clean thisclean
   
thisclean: thisclean:
-rm -f dropbear dbclient dropbearkey dropbearconvert scp scp-progress \ -rm -f dropbear$(EXEEXT) dbclient$(EXEEXT) dropbearkey$(EXEEXT) \
dropbearmulti *.o *.da *.bb *.bbg *.prof dropbearconvert$(EXEEXT) scp$(EXEEXT) scp-progress$(EXEEXT) \
dropbearmulti$(EXEEXT) *.o *.da *.bb *.bbg *.prof
   
distclean: clean tidy distclean: clean tidy
-rm -f config.h -rm -f config.h
agentfwd.h
View file @ 278a3e43
@@ -40,8 +40,8 @@
@@ -40,8 +40,8 @@
/* client functions */ /* client functions */
void cli_load_agent_keys(m_list * ret_list); void cli_load_agent_keys(m_list * ret_list);
void agent_buf_sign(buffer *sigblob, sign_key *key, void agent_buf_sign(buffer *sigblob, sign_key *key,
buffer *data_buf); const buffer *data_buf);
void cli_setup_agent(struct Channel *channel); void cli_setup_agent(const struct Channel *channel);
   
#ifdef __hpux #ifdef __hpux
#define seteuid(a) setresuid(-1, (a), -1) #define seteuid(a) setresuid(-1, (a), -1)
@@ -56,7 +56,7 @@ extern const struct ChanType cli_chan_agent;
@@ -56,7 +56,7 @@ extern const struct ChanType cli_chan_agent;
   
int svr_agentreq(struct ChanSess * chansess); int svr_agentreq(struct ChanSess * chansess);
void svr_agentcleanup(struct ChanSess * chansess); void svr_agentcleanup(struct ChanSess * chansess);
void svr_agentset(struct ChanSess *chansess); void svr_agentset(const struct ChanSess *chansess);
   
#endif /* DROPBEAR_SVR_AGENTFWD */ #endif /* DROPBEAR_SVR_AGENTFWD */
   
algo.h
View file @ 278a3e43
@@ -112,8 +112,8 @@ struct dropbear_kex {
@@ -112,8 +112,8 @@ struct dropbear_kex {
const struct ltc_hash_descriptor *hash_desc; const struct ltc_hash_descriptor *hash_desc;
}; };
   
int have_algo(char* algo, size_t algolen, algo_type algos[]); int have_algo(const char* algo, size_t algolen, const algo_type algos[]);
void buf_put_algolist(buffer * buf, algo_type localalgos[]); void buf_put_algolist(buffer * buf, const algo_type localalgos[]);
   
enum kexguess2_used { enum kexguess2_used {
KEXGUESS2_LOOK, KEXGUESS2_LOOK,
@@ -131,7 +131,7 @@ algo_type * buf_match_algo(buffer* buf, algo_type localalgos[],
@@ -131,7 +131,7 @@ algo_type * buf_match_algo(buffer* buf, algo_type localalgos[],
#if DROPBEAR_USER_ALGO_LIST #if DROPBEAR_USER_ALGO_LIST
int check_user_algos(const char* user_algo_list, algo_type * algos, int check_user_algos(const char* user_algo_list, algo_type * algos,
const char *algo_desc); const char *algo_desc);
char * algolist_string(algo_type algos[]); char * algolist_string(const algo_type algos[]);
#endif #endif
   
enum { enum {
auth.h
View file @ 278a3e43
@@ -36,7 +36,7 @@ void cli_authinitialise(void);
@@ -36,7 +36,7 @@ void cli_authinitialise(void);
void recv_msg_userauth_request(void); void recv_msg_userauth_request(void);
void send_msg_userauth_failure(int partial, int incrfail); void send_msg_userauth_failure(int partial, int incrfail);
void send_msg_userauth_success(void); void send_msg_userauth_success(void);
void send_msg_userauth_banner(buffer *msg); void send_msg_userauth_banner(const buffer *msg);
void svr_auth_password(void); void svr_auth_password(void);
void svr_auth_pubkey(void); void svr_auth_pubkey(void);
void svr_auth_pam(void); void svr_auth_pam(void);
@@ -74,7 +74,7 @@ void cli_pubkeyfail(void);
@@ -74,7 +74,7 @@ void cli_pubkeyfail(void);
void cli_auth_password(void); void cli_auth_password(void);
int cli_auth_pubkey(void); int cli_auth_pubkey(void);
void cli_auth_interactive(void); void cli_auth_interactive(void);
char* getpass_or_cancel(char* prompt); char* getpass_or_cancel(const char* prompt);
void cli_auth_pubkey_cleanup(void); void cli_auth_pubkey_cleanup(void);
   
   
buffer.c
View file @ 278a3e43
@@ -67,7 +67,7 @@ void buf_free(buffer* buf) {
@@ -67,7 +67,7 @@ void buf_free(buffer* buf) {
} }
   
/* overwrite the contents of the buffer to clear it */ /* overwrite the contents of the buffer to clear it */
void buf_burn(buffer* buf) { void buf_burn(const buffer* buf) {
m_burn(buf->data, buf->size); m_burn(buf->data, buf->size);
   
@@ -91,7 +91,7 @@ buffer* buf_resize(buffer *buf, unsigned int newsize) {
@@ -91,7 +91,7 @@ buffer* buf_resize(buffer *buf, unsigned int newsize) {
   
/* Create a copy of buf, allocating required memory etc. */ /* Create a copy of buf, allocating required memory etc. */
/* The new buffer is sized the same as the length of the source buffer. */ /* The new buffer is sized the same as the length of the source buffer. */
buffer* buf_newcopy(buffer* buf) { buffer* buf_newcopy(const buffer* buf) {
buffer* ret; buffer* ret;
   
@@ -184,7 +184,7 @@ void buf_putbyte(buffer* buf, unsigned char val) {
@@ -184,7 +184,7 @@ void buf_putbyte(buffer* buf, unsigned char val) {
   
/* returns an in-place pointer to the buffer, checking that /* returns an in-place pointer to the buffer, checking that
* the next len bytes from that position can be used */ * the next len bytes from that position can be used */
unsigned char* buf_getptr(buffer* buf, unsigned int len) { unsigned char* buf_getptr(const buffer* buf, unsigned int len) {
   
if (len > BUF_MAX_INCR || buf->pos + len > buf->len) { if (len > BUF_MAX_INCR || buf->pos + len > buf->len) {
dropbear_exit("Bad buf_getptr"); dropbear_exit("Bad buf_getptr");
@@ -194,7 +194,7 @@ unsigned char* buf_getptr(buffer* buf, unsigned int len) {
@@ -194,7 +194,7 @@ unsigned char* buf_getptr(buffer* buf, unsigned int len) {
   
/* like buf_getptr, but checks against total size, not used length. /* like buf_getptr, but checks against total size, not used length.
* This allows writing past the used length, but not past the size */ * This allows writing past the used length, but not past the size */
unsigned char* buf_getwriteptr(buffer* buf, unsigned int len) { unsigned char* buf_getwriteptr(const buffer* buf, unsigned int len) {
   
if (len > BUF_MAX_INCR || buf->pos + len > buf->size) { if (len > BUF_MAX_INCR || buf->pos + len > buf->size) {
dropbear_exit("Bad buf_getwriteptr"); dropbear_exit("Bad buf_getwriteptr");
buffer.h
View file @ 278a3e43
@@ -44,8 +44,8 @@ buffer * buf_new(unsigned int size);
@@ -44,8 +44,8 @@ buffer * buf_new(unsigned int size);
/* Possibly returns a new buffer*, like realloc() */ /* Possibly returns a new buffer*, like realloc() */
buffer * buf_resize(buffer *buf, unsigned int newsize); buffer * buf_resize(buffer *buf, unsigned int newsize);
void buf_free(buffer* buf); void buf_free(buffer* buf);
void buf_burn(buffer* buf); void buf_burn(const buffer* buf);
buffer* buf_newcopy(buffer* buf); buffer* buf_newcopy(const buffer* buf);
void buf_setlen(buffer* buf, unsigned int len); void buf_setlen(buffer* buf, unsigned int len);
void buf_incrlen(buffer* buf, unsigned int incr); void buf_incrlen(buffer* buf, unsigned int incr);
void buf_setpos(buffer* buf, unsigned int pos); void buf_setpos(buffer* buf, unsigned int pos);
@@ -54,8 +54,8 @@ void buf_incrwritepos(buffer* buf, unsigned int incr);
@@ -54,8 +54,8 @@ void buf_incrwritepos(buffer* buf, unsigned int incr);
unsigned char buf_getbyte(buffer* buf); unsigned char buf_getbyte(buffer* buf);
unsigned char buf_getbool(buffer* buf); unsigned char buf_getbool(buffer* buf);
void buf_putbyte(buffer* buf, unsigned char val); void buf_putbyte(buffer* buf, unsigned char val);
unsigned char* buf_getptr(buffer* buf, unsigned int len); unsigned char* buf_getptr(const buffer* buf, unsigned int len);
unsigned char* buf_getwriteptr(buffer* buf, unsigned int len); unsigned char* buf_getwriteptr(const buffer* buf, unsigned int len);
char* buf_getstring(buffer* buf, unsigned int *retlen); char* buf_getstring(buffer* buf, unsigned int *retlen);
buffer * buf_getstringbuf(buffer *buf); buffer * buf_getstringbuf(buffer *buf);
void buf_eatstring(buffer *buf); void buf_eatstring(buffer *buf);
channel.h
View file @ 278a3e43
@@ -84,7 +84,7 @@ struct Channel {
@@ -84,7 +84,7 @@ struct Channel {
int flushing; int flushing;
   
/* Used by client chansession to handle ~ escaping, NULL ignored otherwise */ /* Used by client chansession to handle ~ escaping, NULL ignored otherwise */
void (*read_mangler)(struct Channel*, unsigned char* bytes, int *len); void (*read_mangler)(const struct Channel*, const unsigned char* bytes, int *len);
   
const struct ChanType* type; const struct ChanType* type;
   
@@ -98,7 +98,7 @@ struct ChanType {
@@ -98,7 +98,7 @@ struct ChanType {
int (*inithandler)(struct Channel*); int (*inithandler)(struct Channel*);
int (*check_close)(struct Channel*); int (*check_close)(struct Channel*);
void (*reqhandler)(struct Channel*); void (*reqhandler)(struct Channel*);
void (*closehandler)(struct Channel*); void (*closehandler)(const struct Channel*);
}; };
   
/* Callback for connect_remote */ /* Callback for connect_remote */
@@ -107,7 +107,7 @@ void channel_connect_done(int result, int sock, void* user_data, const char* err
@@ -107,7 +107,7 @@ void channel_connect_done(int result, int sock, void* user_data, const char* err
void chaninitialise(const struct ChanType *chantypes[]); void chaninitialise(const struct ChanType *chantypes[]);
void chancleanup(void); void chancleanup(void);
void setchannelfds(fd_set *readfds, fd_set *writefds, int allow_reads); void setchannelfds(fd_set *readfds, fd_set *writefds, int allow_reads);
void channelio(fd_set *readfd, fd_set *writefd); void channelio(const fd_set *readfd, const fd_set *writefd);
struct Channel* getchannel(void); struct Channel* getchannel(void);
/* Returns an arbitrary channel that is in a ready state - not /* Returns an arbitrary channel that is in a ready state - not
being initialised and no EOF in either direction. NULL if none. */ being initialised and no EOF in either direction. NULL if none. */
@@ -115,8 +115,8 @@ struct Channel* get_any_ready_channel(void);
@@ -115,8 +115,8 @@ struct Channel* get_any_ready_channel(void);
   
void recv_msg_channel_open(void); void recv_msg_channel_open(void);
void recv_msg_channel_request(void); void recv_msg_channel_request(void);
void send_msg_channel_failure(struct Channel *channel); void send_msg_channel_failure(const struct Channel *channel);
void send_msg_channel_success(struct Channel *channel); void send_msg_channel_success(const struct Channel *channel);
void recv_msg_channel_data(void); void recv_msg_channel_data(void);
void recv_msg_channel_extended_data(void); void recv_msg_channel_extended_data(void);
void recv_msg_channel_window_adjust(void); void recv_msg_channel_window_adjust(void);
@@ -135,7 +135,7 @@ int send_msg_channel_open_init(int fd, const struct ChanType *type);
@@ -135,7 +135,7 @@ int send_msg_channel_open_init(int fd, const struct ChanType *type);
void recv_msg_channel_open_confirmation(void); void recv_msg_channel_open_confirmation(void);
void recv_msg_channel_open_failure(void); void recv_msg_channel_open_failure(void);
#endif #endif
void start_send_channel_request(struct Channel *channel, char *type); void start_send_channel_request(const struct Channel *channel, const char *type);
   
void send_msg_request_success(void); void send_msg_request_success(void);
void send_msg_request_failure(void); void send_msg_request_failure(void);
circbuffer.c
View file @ 278a3e43
@@ -56,19 +56,19 @@ void cbuf_free(circbuffer * cbuf) {
@@ -56,19 +56,19 @@ void cbuf_free(circbuffer * cbuf) {
m_free(cbuf); m_free(cbuf);
} }
   
unsigned int cbuf_getused(circbuffer * cbuf) { unsigned int cbuf_getused(const circbuffer * cbuf) {
   
return cbuf->used; return cbuf->used;
   
} }
   
unsigned int cbuf_getavail(circbuffer * cbuf) { unsigned int cbuf_getavail(const circbuffer * cbuf) {
   
return cbuf->size - cbuf->used; return cbuf->size - cbuf->used;
   
} }
   
unsigned int cbuf_writelen(circbuffer *cbuf) { unsigned int cbuf_writelen(const circbuffer *cbuf) {
   
dropbear_assert(cbuf->used <= cbuf->size); dropbear_assert(cbuf->used <= cbuf->size);
dropbear_assert(((2*cbuf->size)+cbuf->writepos-cbuf->readpos)%cbuf->size == cbuf->used%cbuf->size); dropbear_assert(((2*cbuf->size)+cbuf->writepos-cbuf->readpos)%cbuf->size == cbuf->used%cbuf->size);
@@ -86,7 +86,7 @@ unsigned int cbuf_writelen(circbuffer *cbuf) {
@@ -86,7 +86,7 @@ unsigned int cbuf_writelen(circbuffer *cbuf) {
return cbuf->size - cbuf->writepos; return cbuf->size - cbuf->writepos;
} }
   
void cbuf_readptrs(circbuffer *cbuf, void cbuf_readptrs(const circbuffer *cbuf,
unsigned char **p1, unsigned int *len1, unsigned char **p1, unsigned int *len1,
unsigned char **p2, unsigned int *len2) { unsigned char **p2, unsigned int *len2) {
*p1 = &cbuf->data[cbuf->readpos]; *p1 = &cbuf->data[cbuf->readpos];
circbuffer.h
View file @ 278a3e43
@@ -38,12 +38,12 @@ typedef struct circbuf circbuffer;
@@ -38,12 +38,12 @@ typedef struct circbuf circbuffer;
circbuffer * cbuf_new(unsigned int size); circbuffer * cbuf_new(unsigned int size);
void cbuf_free(circbuffer * cbuf); void cbuf_free(circbuffer * cbuf);
   
unsigned int cbuf_getused(circbuffer * cbuf); /* how much data stored */ unsigned int cbuf_getused(const circbuffer * cbuf); /* how much data stored */
unsigned int cbuf_getavail(circbuffer * cbuf); /* how much we can write */ unsigned int cbuf_getavail(const circbuffer * cbuf); /* how much we can write */
unsigned int cbuf_writelen(circbuffer *cbuf); /* max linear write len */ unsigned int cbuf_writelen(const circbuffer *cbuf); /* max linear write len */
   
/* returns pointers to the two portions of the circular buffer that can be read */ /* returns pointers to the two portions of the circular buffer that can be read */
void cbuf_readptrs(circbuffer *cbuf, void cbuf_readptrs(const circbuffer *cbuf,
unsigned char **p1, unsigned int *len1, unsigned char **p1, unsigned int *len1,
unsigned char **p2, unsigned int *len2); unsigned char **p2, unsigned int *len2);
unsigned char* cbuf_writeptr(circbuffer *cbuf, unsigned int len); unsigned char* cbuf_writeptr(circbuffer *cbuf, unsigned int len);
cli-agentfwd.c
View file @ 278a3e43
@@ -108,7 +108,7 @@ static int new_agent_chan(struct Channel * channel) {
@@ -108,7 +108,7 @@ static int new_agent_chan(struct Channel * channel) {
data Any data, depending on packet type. Encoding as in the ssh packet data Any data, depending on packet type. Encoding as in the ssh packet
protocol. protocol.
*/ */
static buffer * agent_request(unsigned char type, buffer *data) { static buffer * agent_request(unsigned char type, const buffer *data) {
   
buffer * payload = NULL; buffer * payload = NULL;
buffer * inbuf = NULL; buffer * inbuf = NULL;
@@ -230,7 +230,7 @@ out:
@@ -230,7 +230,7 @@ out:
} }
} }
   
void cli_setup_agent(struct Channel *channel) { void cli_setup_agent(const struct Channel *channel) {
if (!getenv("SSH_AUTH_SOCK")) { if (!getenv("SSH_AUTH_SOCK")) {
return; return;
} }
@@ -254,7 +254,7 @@ void cli_load_agent_keys(m_list *ret_list) {
@@ -254,7 +254,7 @@ void cli_load_agent_keys(m_list *ret_list) {
} }
   
void agent_buf_sign(buffer *sigblob, sign_key *key, void agent_buf_sign(buffer *sigblob, sign_key *key,
buffer *data_buf) { const buffer *data_buf) {
buffer *request_data = NULL; buffer *request_data = NULL;
buffer *response = NULL; buffer *response = NULL;
unsigned int siglen; unsigned int siglen;
cli-auth.c
View file @ 278a3e43
@@ -331,7 +331,7 @@ int cli_auth_try() {
@@ -331,7 +331,7 @@ int cli_auth_try() {
#if DROPBEAR_CLI_PASSWORD_AUTH || DROPBEAR_CLI_INTERACT_AUTH #if DROPBEAR_CLI_PASSWORD_AUTH || DROPBEAR_CLI_INTERACT_AUTH
/* A helper for getpass() that exits if the user cancels. The returned /* A helper for getpass() that exits if the user cancels. The returned
* password is statically allocated by getpass() */ * password is statically allocated by getpass() */
char* getpass_or_cancel(char* prompt) char* getpass_or_cancel(const char* prompt)
{ {
char* password = NULL; char* password = NULL;
cli-authpubkey.c
View file @ 278a3e43
@@ -121,7 +121,7 @@ void recv_msg_userauth_pk_ok() {
@@ -121,7 +121,7 @@ void recv_msg_userauth_pk_ok() {
} }
   
void cli_buf_put_sign(buffer* buf, sign_key *key, int type, void cli_buf_put_sign(buffer* buf, sign_key *key, int type,
buffer *data_buf) { const buffer *data_buf) {
#if DROPBEAR_CLI_AGENTFWD #if DROPBEAR_CLI_AGENTFWD
if (key->source == SIGNKEY_SOURCE_AGENT) { if (key->source == SIGNKEY_SOURCE_AGENT) {
/* Format the agent signature ourselves, as buf_put_sign would. */ /* Format the agent signature ourselves, as buf_put_sign would. */
cli-chansession.c
View file @ 278a3e43
@@ -35,12 +35,12 @@
@@ -35,12 +35,12 @@
#include "chansession.h" #include "chansession.h"
#include "agentfwd.h" #include "agentfwd.h"
   
static void cli_closechansess(struct Channel *channel); static void cli_closechansess(const struct Channel *channel);
static int cli_initchansess(struct Channel *channel); static int cli_initchansess(struct Channel *channel);
static void cli_chansessreq(struct Channel *channel); static void cli_chansessreq(struct Channel *channel);
static void send_chansess_pty_req(struct Channel *channel); static void send_chansess_pty_req(const struct Channel *channel);
static void send_chansess_shell_req(struct Channel *channel); static void send_chansess_shell_req(const struct Channel *channel);
static void cli_escape_handler(struct Channel *channel, unsigned char* buf, int *len); static void cli_escape_handler(const struct Channel *channel, const unsigned char* buf, int *len);
static int cli_init_netcat(struct Channel *channel); static int cli_init_netcat(struct Channel *channel);
   
static void cli_tty_setup(void); static void cli_tty_setup(void);
@@ -83,7 +83,7 @@ out:
@@ -83,7 +83,7 @@ out:
   
/* If the main session goes, we close it up */ /* If the main session goes, we close it up */
static void cli_closechansess(struct Channel *UNUSED(channel)) { static void cli_closechansess(const struct Channel *UNUSED(channel)) {
cli_tty_cleanup(); /* Restore tty modes etc */ cli_tty_cleanup(); /* Restore tty modes etc */
   
/* This channel hasn't gone yet, so we have > 1 */ /* This channel hasn't gone yet, so we have > 1 */
@@ -270,7 +270,7 @@ void cli_chansess_winchange() {
@@ -270,7 +270,7 @@ void cli_chansess_winchange() {
cli_ses.winchange = 0; cli_ses.winchange = 0;
} }
   
static void send_chansess_pty_req(struct Channel *channel) { static void send_chansess_pty_req(const struct Channel *channel) {
   
char* term = NULL; char* term = NULL;
   
@@ -303,7 +303,7 @@ static void send_chansess_pty_req(struct Channel *channel) {
@@ -303,7 +303,7 @@ static void send_chansess_pty_req(struct Channel *channel) {
TRACE(("leave send_chansess_pty_req")) TRACE(("leave send_chansess_pty_req"))
} }
   
static void send_chansess_shell_req(struct Channel *channel) { static void send_chansess_shell_req(const struct Channel *channel) {
   
char* reqtype = NULL; char* reqtype = NULL;
   
@@ -452,7 +452,7 @@ do_escape(unsigned char c) {
@@ -452,7 +452,7 @@ do_escape(unsigned char c) {
} }
   
static static
void cli_escape_handler(struct Channel* UNUSED(channel), unsigned char* buf, int *len) { void cli_escape_handler(const struct Channel* UNUSED(channel), const unsigned char* buf, int *len) {
char c; char c;
int skip_char = 0; int skip_char = 0;
   
cli-kex.c
View file @ 278a3e43
@@ -39,7 +39,7 @@
@@ -39,7 +39,7 @@
#include "ecc.h" #include "ecc.h"
   
   
static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen); static void checkhostkey(const unsigned char* keyblob, unsigned int keybloblen);
#define MAX_KNOWNHOSTS_LINE 4500 #define MAX_KNOWNHOSTS_LINE 4500
   
void send_msg_kexdh_init() { void send_msg_kexdh_init() {
@@ -185,7 +185,7 @@ void recv_msg_kexdh_reply() {
@@ -185,7 +185,7 @@ void recv_msg_kexdh_reply() {
TRACE(("leave recv_msg_kexdh_init")) TRACE(("leave recv_msg_kexdh_init"))
} }
   
static void ask_to_confirm(unsigned char* keyblob, unsigned int keybloblen, static void ask_to_confirm(const unsigned char* keyblob, unsigned int keybloblen,
const char* algoname) { const char* algoname) {
   
char* fp = NULL; char* fp = NULL;
@@ -282,7 +282,7 @@ out:
@@ -282,7 +282,7 @@ out:
return hostsfile; return hostsfile;
} }
   
static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) { static void checkhostkey(const unsigned char* keyblob, unsigned int keybloblen) {
   
FILE *hostsfile = NULL; FILE *hostsfile = NULL;
int readonly = 0; int readonly = 0;
cli-main.c
View file @ 278a3e43
@@ -66,8 +66,8 @@ int main(int argc, char ** argv) {
@@ -66,8 +66,8 @@ int main(int argc, char ** argv) {
} }
#endif #endif
   
TRACE(("user='%s' host='%s' port='%s'", cli_opts.username, TRACE(("user='%s' host='%s' port='%s' bind_address='%s' bind_port='%s'", cli_opts.username,
cli_opts.remotehost, cli_opts.remoteport)) cli_opts.remotehost, cli_opts.remoteport, cli_opts.bind_address, cli_opts.bind_port))
   
if (signal(SIGPIPE, SIG_IGN) == SIG_ERR) { if (signal(SIGPIPE, SIG_IGN) == SIG_ERR) {
dropbear_exit("signal() error"); dropbear_exit("signal() error");
@@ -86,7 +86,8 @@ int main(int argc, char ** argv) {
@@ -86,7 +86,8 @@ int main(int argc, char ** argv) {
} else } else
#endif #endif
{ {
progress = connect_remote(cli_opts.remotehost, cli_opts.remoteport, cli_connected, &ses); progress = connect_remote(cli_opts.remotehost, cli_opts.remoteport,
cli_connected, &ses, cli_opts.bind_address, cli_opts.bind_port);
sock_in = sock_out = -1; sock_in = sock_out = -1;
} }
   
@@ -142,7 +143,7 @@ static void cli_dropbear_log(int priority,
@@ -142,7 +143,7 @@ static void cli_dropbear_log(int priority,
fflush(stderr); fflush(stderr);
} }
   
static void exec_proxy_cmd(void *user_data_cmd) { static void exec_proxy_cmd(const void *user_data_cmd) {
const char *cmd = user_data_cmd; const char *cmd = user_data_cmd;
char *usershell; char *usershell;
   
cli-runopts.c
View file @ 278a3e43
@@ -92,6 +92,7 @@ static void printhelp() {
@@ -92,6 +92,7 @@ static void printhelp() {
"-c <cipher list> Specify preferred ciphers ('-c help' to list options)\n" "-c <cipher list> Specify preferred ciphers ('-c help' to list options)\n"
"-m <MAC list> Specify preferred MACs for packet verification (or '-m help')\n" "-m <MAC list> Specify preferred MACs for packet verification (or '-m help')\n"
#endif #endif
"-b [bind_address][:bind_port]\n"
"-V Version\n" "-V Version\n"
#if DEBUG_TRACE #if DEBUG_TRACE
"-v verbose (compiled with DEBUG_TRACE)\n" "-v verbose (compiled with DEBUG_TRACE)\n"
@@ -125,12 +126,12 @@ void cli_getopts(int argc, char ** argv) {
@@ -125,12 +126,12 @@ void cli_getopts(int argc, char ** argv) {
OPT_OTHER OPT_OTHER
} opt; } opt;
unsigned int cmdlen; unsigned int cmdlen;
char* dummy = NULL; /* Not used for anything real */
   
char* recv_window_arg = NULL; char* recv_window_arg = NULL;
char* keepalive_arg = NULL; char* keepalive_arg = NULL;
char* idle_timeout_arg = NULL; char* idle_timeout_arg = NULL;
char *host_arg = NULL; char *host_arg = NULL;
char *bind_arg = NULL;
char c; char c;
   
/* see printhelp() for options */ /* see printhelp() for options */
@@ -166,6 +167,8 @@ void cli_getopts(int argc, char ** argv) {
@@ -166,6 +167,8 @@ void cli_getopts(int argc, char ** argv) {
#if DROPBEAR_CLI_PROXYCMD #if DROPBEAR_CLI_PROXYCMD
cli_opts.proxycmd = NULL; cli_opts.proxycmd = NULL;
#endif #endif
cli_opts.bind_address = NULL;
cli_opts.bind_port = NULL;
#ifndef DISABLE_ZLIB #ifndef DISABLE_ZLIB
opts.compress_mode = DROPBEAR_COMPRESS_ON; opts.compress_mode = DROPBEAR_COMPRESS_ON;
#endif #endif
@@ -314,8 +317,8 @@ void cli_getopts(int argc, char ** argv) {
@@ -314,8 +317,8 @@ void cli_getopts(int argc, char ** argv) {
exit(EXIT_SUCCESS); exit(EXIT_SUCCESS);
break; break;
case 'b': case 'b':
next = &dummy; next = &bind_arg;
/* FALLTHROUGH */ break;
default: default:
fprintf(stderr, fprintf(stderr,
"WARNING: Ignoring unknown option -%c\n", c); "WARNING: Ignoring unknown option -%c\n", c);
@@ -420,6 +423,18 @@ void cli_getopts(int argc, char ** argv) {
@@ -420,6 +423,18 @@ void cli_getopts(int argc, char ** argv) {
cli_opts.remoteport = "22"; cli_opts.remoteport = "22";
} }
   
if (bind_arg) {
/* split [host][:port] */
char *port = strrchr(bind_arg, ':');
if (port) {
cli_opts.bind_port = m_strdup(port+1);
*port = '\0';
}
if (strlen(bind_arg) > 0) {
cli_opts.bind_address = m_strdup(bind_arg);
}
}
/* If not explicitly specified with -t or -T, we don't want a pty if /* If not explicitly specified with -t or -T, we don't want a pty if
* there's a command, but we do otherwise */ * there's a command, but we do otherwise */
if (cli_opts.wantpty == 9) { if (cli_opts.wantpty == 9) {
cli-session.c
View file @ 278a3e43
@@ -165,13 +165,6 @@ static void cli_session_init(pid_t proxy_cmd_pid) {
@@ -165,13 +165,6 @@ static void cli_session_init(pid_t proxy_cmd_pid) {
cli_ses.lastprivkey = NULL; cli_ses.lastprivkey = NULL;
cli_ses.lastauthtype = 0; cli_ses.lastauthtype = 0;
   
#if DROPBEAR_NONE_CIPHER
cli_ses.cipher_none_after_auth = get_algo_usable(sshciphers, "none");
set_algo_usable(sshciphers, "none", 0);
#else
cli_ses.cipher_none_after_auth = 0;
#endif
/* For printing "remote host closed" for the user */ /* For printing "remote host closed" for the user */
ses.remoteclosed = cli_remoteclosed; ses.remoteclosed = cli_remoteclosed;
   
@@ -275,14 +268,6 @@ static void cli_sessionloop() {
@@ -275,14 +268,6 @@ static void cli_sessionloop() {
} }
#endif #endif
   
#if DROPBEAR_NONE_CIPHER
if (cli_ses.cipher_none_after_auth)
{
set_algo_usable(sshciphers, "none", 1);
send_msg_kexinit();
}
#endif
if (cli_opts.backgrounded) { if (cli_opts.backgrounded) {
int devnull; int devnull;
/* keeping stdin open steals input from the terminal and /* keeping stdin open steals input from the terminal and
cli-tcpfwd.c
View file @ 278a3e43
@@ -274,7 +274,7 @@ static int newtcpforwarded(struct Channel * channel) {
@@ -274,7 +274,7 @@ static int newtcpforwarded(struct Channel * channel) {
} }
snprintf(portstring, sizeof(portstring), "%u", fwd->connectport); snprintf(portstring, sizeof(portstring), "%u", fwd->connectport);
channel->conn_pending = connect_remote(fwd->connectaddr, portstring, channel_connect_done, channel); channel->conn_pending = connect_remote(fwd->connectaddr, portstring, channel_connect_done, channel, NULL, NULL);
   
channel->prio = DROPBEAR_CHANNEL_PRIO_UNKNOWABLE; channel->prio = DROPBEAR_CHANNEL_PRIO_UNKNOWABLE;
common-algo.c
View file @ 278a3e43
@@ -179,9 +179,6 @@ algo_type sshciphers[] = {
@@ -179,9 +179,6 @@ algo_type sshciphers[] = {
{"blowfish-cbc", 0, &dropbear_blowfish, 1, &dropbear_mode_cbc}, {"blowfish-cbc", 0, &dropbear_blowfish, 1, &dropbear_mode_cbc},
#endif #endif
#endif /* DROPBEAR_ENABLE_CBC_MODE */ #endif /* DROPBEAR_ENABLE_CBC_MODE */
#if DROPBEAR_NONE_CIPHER
{"none", 0, (void*)&dropbear_nocipher, 1, &dropbear_mode_none},
#endif
{NULL, 0, NULL, 0, NULL} {NULL, 0, NULL, 0, NULL}
}; };
   
@@ -314,7 +311,7 @@ algo_type sshkex[] = {
@@ -314,7 +311,7 @@ algo_type sshkex[] = {
* against. * against.
* Returns DROPBEAR_SUCCESS if we have a match for algo, DROPBEAR_FAILURE * Returns DROPBEAR_SUCCESS if we have a match for algo, DROPBEAR_FAILURE
* otherwise */ * otherwise */
int have_algo(char* algo, size_t algolen, algo_type algos[]) { int have_algo(const char* algo, size_t algolen, const algo_type algos[]) {
   
int i; int i;
   
@@ -329,7 +326,7 @@ int have_algo(char* algo, size_t algolen, algo_type algos[]) {
@@ -329,7 +326,7 @@ int have_algo(char* algo, size_t algolen, algo_type algos[]) {
} }
   
/* Output a comma separated list of algorithms to a buffer */ /* Output a comma separated list of algorithms to a buffer */
void buf_put_algolist(buffer * buf, algo_type localalgos[]) { void buf_put_algolist(buffer * buf, const algo_type localalgos[]) {
   
unsigned int i, len; unsigned int i, len;
unsigned int donefirst = 0; unsigned int donefirst = 0;
@@ -466,42 +463,10 @@ out:
@@ -466,42 +463,10 @@ out:
return ret; return ret;
} }
   
#if DROPBEAR_NONE_CIPHER
void
set_algo_usable(algo_type algos[], const char * algo_name, int usable)
{
algo_type *a;
for (a = algos; a->name != NULL; a++)
{
if (strcmp(a->name, algo_name) == 0)
{
a->usable = usable;
return;
}
}
}
int
get_algo_usable(algo_type algos[], const char * algo_name)
{
algo_type *a;
for (a = algos; a->name != NULL; a++)
{
if (strcmp(a->name, algo_name) == 0)
{
return a->usable;
}
}
return 0;
}
#endif /* DROPBEAR_NONE_CIPHER */
#if DROPBEAR_USER_ALGO_LIST #if DROPBEAR_USER_ALGO_LIST
   
char * char *
algolist_string(algo_type algos[]) algolist_string(const algo_type algos[])
{ {
char *ret_list; char *ret_list;
buffer *b = buf_new(200); buffer *b = buf_new(200);