Mercurial > dropbear

comparison options.h @ 389:5ff8218bcee9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 2af95f00ebd5bb7a28b3817db1218442c935388e) to branch 'au.asn.ucc.matt.dropbear' (head ecd779509ef23a8cdf64888904fc9b31d78aa933)
author Matt Johnston <matt@ucc.asn.au>
date Thu, 11 Jan 2007 03:14:55 +0000
parents 59531221b846
children 67689b7ceaf0
comparison
equal deleted inserted replaced
388:fb54020f78e1 389:5ff8218bcee9
1 /* Dropbear SSH
2 * Copyright (c) 2002,2003 Matt Johnston
3 * All rights reserved. See LICENSE for the license. */
4
5 #ifndef _OPTIONS_H_
6 #define _OPTIONS_H_
7
8 /******************************************************************
9 * Define compile-time options below - the "#ifndef DROPBEAR_XXX .... #endif"
10 * parts are to allow for commandline -DDROPBEAR_XXX options etc.
11 ******************************************************************/
12
13 #ifndef DROPBEAR_DEFPORT
14 #define DROPBEAR_DEFPORT "22"
15 #endif
16
17 /* Default hostkey paths - these can be specified on the command line */
18 #ifndef DSS_PRIV_FILENAME
19 #define DSS_PRIV_FILENAME "/etc/dropbear/dropbear_dss_host_key"
20 #endif
21 #ifndef RSA_PRIV_FILENAME
22 #define RSA_PRIV_FILENAME "/etc/dropbear/dropbear_rsa_host_key"
23 #endif
24
25 /* Set NON_INETD_MODE if you require daemon functionality (ie Dropbear listens
26 * on chosen ports and keeps accepting connections. This is the default.
27 *
28 * Set INETD_MODE if you want to be able to run Dropbear with inetd (or
29 * similar), where it will use stdin/stdout for connections, and each process
30 * lasts for a single connection. Dropbear should be invoked with the -i flag
31 * for inetd, and can only accept IPv4 connections.
32 *
33 * Both of these flags can be defined at once, don't compile without at least
34 * one of them. */
35 #define NON_INETD_MODE
36 #define INETD_MODE
37
38 /* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is
39 * perhaps 20% slower for pubkey operations (it is probably worth experimenting
40 * if you want to use this) */
41 /*#define NO_FAST_EXPTMOD*/
42
43 /* Set this if you want to use the DROPBEAR_SMALL_CODE option. This can save
44 several kB in binary size, however will make the symmetrical ciphers (AES, DES
45 etc) slower (perhaps by 50%). Recommended for most small systems. */
46 #define DROPBEAR_SMALL_CODE
47
48 /* Enable X11 Forwarding - server only */
49 #define ENABLE_X11FWD
50
51 /* Enable TCP Fowarding */
52 /* 'Local' is "-L" style (client listening port forwarded via server)
53 * 'Remote' is "-R" style (server listening port forwarded via client) */
54
55 #define ENABLE_CLI_LOCALTCPFWD
56 #define ENABLE_CLI_REMOTETCPFWD
57
58 #define ENABLE_SVR_LOCALTCPFWD
59 #define ENABLE_SVR_REMOTETCPFWD
60
61 /* Enable Authentication Agent Forwarding - server only for now */
62 #define ENABLE_AGENTFWD
63
64 /* Encryption - at least one required.
65 * RFC Draft requires 3DES and recommends AES128 for interoperability.
66 * Including multiple keysize variants the same cipher
67 * (eg AES256 as well as AES128) will result in a minimal size increase.*/
68 #define DROPBEAR_AES128_CBC
69 #define DROPBEAR_3DES_CBC
70 #define DROPBEAR_AES256_CBC
71 #define DROPBEAR_BLOWFISH_CBC
72 #define DROPBEAR_TWOFISH256_CBC
73 #define DROPBEAR_TWOFISH128_CBC
74
75 /* Message Integrity - at least one required.
76 * RFC Draft requires sha1 and recommends sha1-96.
77 * sha1-96 may be of use for slow links, as it has a smaller overhead.
78 *
79 * Note: there's no point disabling sha1 to save space, since it's used
80 * for the random number generator and public-key cryptography anyway.
81 * Disabling it here will just stop it from being used as the integrity portion
82 * of the ssh protocol.
83 *
84 * These hashes are also used for public key fingerprints in logs.
85 * If you disable MD5, Dropbear will fall back to SHA1 fingerprints,
86 * which are not the standard form. */
87 #define DROPBEAR_SHA1_HMAC
88 #define DROPBEAR_SHA1_96_HMAC
89 #define DROPBEAR_MD5_HMAC
90
91 /* Hostkey/public key algorithms - at least one required, these are used
92 * for hostkey as well as for verifying signatures with pubkey auth.
93 * Removing either of these won't save very much space.
94 * SSH2 RFC Draft requires dss, recommends rsa */
95 #define DROPBEAR_RSA
96 #define DROPBEAR_DSS
97
98 /* RSA can be vulnerable to timing attacks which use the time required for
99 * signing to guess the private key. Blinding avoids this attack, though makes
100 * signing operations slightly slower. */
101 #define RSA_BLINDING
102
103 /* Define DSS_PROTOK to use PuTTY's method of generating the value k for dss,
104 * rather than just from the random byte source. Undefining this will save you
105 * ~4k in binary size with static uclibc, but your DSS hostkey could be exposed
106 * if the random number source isn't good. In general this isn't required */
107 /* #define DSS_PROTOK */
108
109 /* Whether to do reverse DNS lookups. */
110 #define DO_HOST_LOOKUP
111
112 /* Whether to print the message of the day (MOTD). This doesn't add much code
113 * size */
114 #define DO_MOTD
115
116 /* The MOTD file path */
117 #ifndef MOTD_FILENAME
118 #define MOTD_FILENAME "/etc/motd"
119 #endif
120
121 /* Authentication Types - at least one required.
122 RFC Draft requires pubkey auth, and recommends password */
123
124 /* Note: PAM auth is quite simple, and only works for PAM modules which just do
125 * a simple "Login: " "Password: " (you can edit the strings in svr-authpam.c).
126 * It's useful for systems like OS X where standard password crypts don't work,
127 * but there's an interface via a PAM module - don't bother using it otherwise.
128 * You can't enable both PASSWORD and PAM. */
129
130 #define ENABLE_SVR_PASSWORD_AUTH
131 /*#define ENABLE_SVR_PAM_AUTH */
132 #define ENABLE_SVR_PUBKEY_AUTH
133
134 #define ENABLE_CLI_PASSWORD_AUTH
135 #define ENABLE_CLI_PUBKEY_AUTH
136 #define ENABLE_CLI_INTERACT_AUTH
137
138 /* Define this (as well as ENABLE_CLI_PASSWORD_AUTH) to allow the use of
139 * a helper program for the ssh client. The helper program should be
140 * specified in the SSH_ASKPASS environment variable, and dbclient
141 * should be run with DISPLAY set and no tty. The program should
142 * return the password on standard output */
143 /*#define ENABLE_CLI_ASKPASS_HELPER*/
144
145 /* Random device to use - define either DROPBEAR_RANDOM_DEV or
146 * DROPBEAR_PRNGD_SOCKET.
147 * DROPBEAR_RANDOM_DEV is recommended on hosts with a good /dev/(u)random,
148 * otherwise use run prngd (or egd if you want), specifying the socket.
149 * The device will be queried for a few dozen bytes of seed a couple of times
150 * per session (or more for very long-lived sessions). */
151
152 /* If you are lacking entropy on the system then using /dev/urandom
153 * will prevent Dropbear from blocking on the device. This could
154 * however significantly reduce the security of your ssh connections
155 * if the PRNG state becomes guessable - make sure you know what you are
156 * doing if you change this. */
157 #define DROPBEAR_RANDOM_DEV "/dev/random"
158
159 /* prngd must be manually set up to produce output */
160 /*#define DROPBEAR_PRNGD_SOCKET "/var/run/dropbear-rng"*/
161
162 /* Specify the number of clients we will allow to be connected but
163 * not yet authenticated. After this limit, connections are rejected */
164 /* The first setting is per-IP, to avoid denial of service */
165 #ifndef MAX_UNAUTH_PER_IP
166 #define MAX_UNAUTH_PER_IP 5
167 #endif
168
169 /* And then a global limit to avoid chewing memory if connections
170 * come from many IPs */
171 #ifndef MAX_UNAUTH_CLIENTS
172 #define MAX_UNAUTH_CLIENTS 30
173 #endif
174
175 /* Maximum number of failed authentication tries (server option) */
176 #ifndef MAX_AUTH_TRIES
177 #define MAX_AUTH_TRIES 10
178 #endif
179
180 /* The file to store the daemon's process ID, for shutdown scripts etc */
181 #ifndef DROPBEAR_PIDFILE
182 #define DROPBEAR_PIDFILE "/var/run/dropbear.pid"
183 #endif
184
185 /* The command to invoke for xauth when using X11 forwarding.
186 * "-q" for quiet */
187 #ifndef XAUTH_COMMAND
188 #define XAUTH_COMMAND "/usr/X11R6/bin/xauth -q"
189 #endif
190
191 /* if you want to enable running an sftp server (such as the one included with
192 * OpenSSH), set the path below. If the path isn't defined, sftp will not
193 * be enabled */
194 #ifndef SFTPSERVER_PATH
195 #define SFTPSERVER_PATH "/usr/libexec/sftp-server"
196 #endif
197
198 /* This is used by the scp binary when used as a client binary. If you're
199 * not using the Dropbear client, you'll need to change it */
200 #define _PATH_SSH_PROGRAM "/usr/bin/dbclient"
201
202 /* Whether to log commands executed by a client. This only logs the
203 * (single) command sent to the server, not what a user did in a
204 * shell/sftp session etc. */
205 /* #define LOG_COMMANDS */
206
207 /*******************************************************************
208 * You shouldn't edit below here unless you know you need to.
209 *******************************************************************/
210
211 #ifndef DROPBEAR_VERSION
212 #define DROPBEAR_VERSION "0.49"
213 #endif
214
215 #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION
216 #define PROGNAME "dropbear"
217
218 /* Spec recommends after one hour or 1 gigabyte of data. One hour
219 * is a bit too verbose, so we try 8 hours */
220 #ifndef KEX_REKEY_TIMEOUT
221 #define KEX_REKEY_TIMEOUT (3600 * 8)
222 #endif
223 #ifndef KEX_REKEY_DATA
224 #define KEX_REKEY_DATA (1<<30) /* 2^30 == 1GB, this value must be < INT_MAX */
225 #endif
226 /* Close connections to clients which haven't authorised after AUTH_TIMEOUT */
227 #ifndef AUTH_TIMEOUT
228 #define AUTH_TIMEOUT 300 /* we choose 5 minutes */
229 #endif
230
231 /* Minimum key sizes for DSS and RSA */
232 #ifndef MIN_DSS_KEYLEN
233 #define MIN_DSS_KEYLEN 512
234 #endif
235 #ifndef MIN_RSA_KEYLEN
236 #define MIN_RSA_KEYLEN 512
237 #endif
238
239 #define MAX_BANNER_SIZE 2000 /* this is 25*80 chars, any more is foolish */
240 #define MAX_BANNER_LINES 20 /* How many lines the client will display */
241
242 /* the number of NAME=VALUE pairs to malloc for environ, if we don't have
243 * the clearenv() function */
244 #define ENV_SIZE 100
245
246 #define MAX_CMD_LEN 1024 /* max length of a command */
247 #define MAX_TERM_LEN 200 /* max length of TERM name */
248
249 #define MAX_HOST_LEN 254 /* max hostname len for tcp fwding */
250 #define MAX_IP_LEN 15 /* strlen("255.255.255.255") == 15 */
251
252 #define DROPBEAR_MAX_PORTS 10 /* max number of ports which can be specified,
253 ipv4 and ipv6 don't count twice */
254
255 /* Each port might have at least a v4 and a v6 address */
256 #define MAX_LISTEN_ADDR (DROPBEAR_MAX_PORTS*3)
257
258 #define _PATH_TTY "/dev/tty"
259
260 #define _PATH_CP "/bin/cp"
261
262 /* Timeouts in seconds */
263 #define SELECT_TIMEOUT 20
264
265 /* success/failure defines */
266 #define DROPBEAR_SUCCESS 0
267 #define DROPBEAR_FAILURE -1
268
269 /* various algorithm identifiers */
270 #define DROPBEAR_KEX_DH_GROUP1 0
271
272 #define DROPBEAR_SIGNKEY_ANY 0
273 #define DROPBEAR_SIGNKEY_RSA 1
274 #define DROPBEAR_SIGNKEY_DSS 2
275 #define DROPBEAR_SIGNKEY_NONE 3
276
277 #define DROPBEAR_COMP_NONE 0
278 #define DROPBEAR_COMP_ZLIB 1
279
280 /* Required for pubkey auth */
281 #if defined(ENABLE_SVR_PUBKEY_AUTH) || defined(DROPBEAR_CLIENT)
282 #define DROPBEAR_SIGNKEY_VERIFY
283 #endif
284
285 /* SHA1 is 20 bytes == 160 bits */
286 #define SHA1_HASH_SIZE 20
287 /* SHA512 is 64 bytes == 512 bits */
288 #define SHA512_HASH_SIZE 64
289 /* MD5 is 16 bytes = 128 bits */
290 #define MD5_HASH_SIZE 16
291
292 /* largest of MD5 and SHA1 */
293 #define MAX_MAC_LEN SHA1_HASH_SIZE
294
295
296 #define MAX_KEY_LEN 32 /* 256 bits for aes256 etc */
297 #define MAX_IV_LEN 20 /* must be same as max blocksize,
298 and >= SHA1_HASH_SIZE */
299 #define MAX_MAC_KEY 20
300
301 #define MAX_NAME_LEN 64 /* maximum length of a protocol name, isn't
302 explicitly specified for all protocols (just
303 for algos) but seems valid */
304
305 #define MAX_PROPOSED_ALGO 20
306
307 /* size/count limits */
308
309 #define MAX_PACKET_LEN 35000
310 #define MIN_PACKET_LEN 16
311 #define MAX_PAYLOAD_LEN 32768
312
313 #define MAX_TRANS_PAYLOAD_LEN 32768
314 #define MAX_TRANS_PACKET_LEN (MAX_TRANS_PAYLOAD_LEN+50)
315
316 #define MAX_TRANS_WINDOW 500000000 /* 500MB is sufficient, stopping overflow */
317 #define MAX_TRANS_WIN_INCR 500000000 /* overflow prevention */
318
319 #define MAX_STRING_LEN 1400 /* ~= MAX_PROPOSED_ALGO * MAX_NAME_LEN, also
320 is the max length for a password etc */
321
322 /* For a 4096 bit DSS key, empirically determined */
323 #define MAX_PUBKEY_SIZE 1700
324 /* For a 4096 bit DSS key, empirically determined */
325 #define MAX_PRIVKEY_SIZE 1700
326
327 /* The maximum size of the bignum portion of the kexhash buffer */
328 /* Sect. 8 of the transport draft, K_S + e + f + K */
329 #define KEXHASHBUF_MAX_INTS (1700 + 130 + 130 + 130)
330
331 #define DROPBEAR_MAX_SOCKS 2 /* IPv4, IPv6 are all we'll get for now. Revisit
332 in a few years time.... */
333
334 #define DROPBEAR_MAX_CLI_PASS 1024
335
336 #define DROPBEAR_MAX_CLI_INTERACT_PROMPTS 80 /* The number of prompts we'll
337 accept for keyb-interactive
338 auth */
339
340 #if defined(DROPBEAR_AES256_CBC) || defined(DROPBEAR_AES128_CBC)
341 #define DROPBEAR_AES_CBC
342 #endif
343
344 #if defined(DROPBEAR_TWOFISH256_CBC) || defined(DROPBEAR_TWOFISH128_CBC)
345 #define DROPBEAR_TWOFISH_CBC
346 #endif
347
348 #ifndef ENABLE_X11FWD
349 #define DISABLE_X11FWD
350 #endif
351
352 #ifndef ENABLE_AGENTFWD
353 #define DISABLE_AGENTFWD
354 #endif
355
356 #if defined(ENABLE_CLI_REMOTETCPFWD) || defined(ENABLE_CLI_LOCALTCPFWD)
357 #define ENABLE_CLI_ANYTCPFWD
358 #endif
359
360 #if defined(ENABLE_CLI_LOCALTCPFWD) || defined(ENABLE_SVR_REMOTETCPFWD)
361 #define DROPBEAR_TCP_ACCEPT
362 #endif
363
364 #if defined(ENABLE_CLI_REMOTETCPFWD) || defined(ENABLE_CLI_LOCALTCPFWD) || \
365 defined(ENABLE_SVR_REMOTETCPFWD) || defined(ENABLE_SVR_LOCALTCPFWD) || \
366 defined(ENABLE_AGENTFWD) || defined(ENABLE_X11FWD)
367 #define USING_LISTENERS
368 #endif
369
370 #if defined(DROPBEAR_CLIENT) || defined(ENABLE_SVR_PUBKEY_AUTH)
371 #define DROPBEAR_KEY_LINES /* ie we're using authorized_keys or known_hosts */
372 #endif
373
374 #if defined(ENABLE_SVR_PASSWORD_AUTH) && defined(ENABLE_SVR_PAM_AUTH)
375 #error "You can't turn on PASSWORD and PAM auth both at once. Fix it in options.h"
376 #endif
377
378 #if defined(DROPBEAR_RANDOM_DEV) && defined(DROPBEAR_PRNGD_SOCKET)
379 #error "You can't turn on DROPBEAR_PRNGD_SOCKET and DROPBEAR_RANDOM_DEV at once"
380 #endif
381
382 #if !defined(DROPBEAR_RANDOM_DEV) && !defined(DROPBEAR_PRNGD_SOCKET)
383 #error "You must choose one of DROPBEAR_PRNGD_SOCKET or DROPBEAR_RANDOM_DEV in options.h"
384 #endif
385
386 /* We use dropbear_client and dropbear_server as shortcuts to avoid redundant
387 * code, if we're just compiling as client or server */
388 #if defined(DROPBEAR_SERVER) && defined(DROPBEAR_CLIENT)
389
390 #define IS_DROPBEAR_SERVER (ses.isserver == 1)
391 #define IS_DROPBEAR_CLIENT (ses.isserver == 0)
392
393 #elif defined(DROPBEAR_SERVER)
394
395 #define IS_DROPBEAR_SERVER 1
396 #define IS_DROPBEAR_CLIENT 0
397
398 #elif defined(DROPBEAR_CLIENT)
399
400 #define IS_DROPBEAR_SERVER 0
401 #define IS_DROPBEAR_CLIENT 1
402
403 #else
404 #error You must compiled with either DROPBEAR_CLIENT or DROPBEAR_SERVER selected
405 #endif
406
407 #endif /* _OPTIONS_H_ */