view SMALL @ 1788:1fc0012b9c38

Fix handling of replies to global requests (#112) The current code assumes that all global requests want / need a reply. This isn't always true and the request itself indicates if it wants a reply or not. It causes a specific problem with [email protected] messages. These are sent by OpenSSH after authentication to inform the client of potential other host keys for the host. This can be used to add a new type of host key or to rotate host keys. The initial information message from the server is sent as a global request, but with want_reply set to false. This means that the server doesn't expect an answer to this message. Instead the client needs to send a prove request as a reply if it wants to receive proof of ownership for the host keys. The bug doesn't cause any current problems with due to how OpenSSH treats receiving the failure message. It instead treats it as a keepalive message and further ignores it. Arguably this is a protocol violation though of Dropbear and it is only accidental that it doesn't cause a problem with OpenSSH. The bug was found when adding host keys support to libssh, which is more strict protocol wise and treats the unexpected failure message an error, also see https://gitlab.com/libssh/libssh-mirror/-/merge_requests/145 for more information. The fix here is to honor the want_reply flag in the global request and to only send a reply if the other side expects a reply.
author Dirkjan Bussink <d.bussink@gmail.com>
date Thu, 10 Dec 2020 16:13:13 +0100
parents b9d3f725e00b
children 13cb8cc1b0e4
line wrap: on
line source

Tips for a small system:

If you only want server functionality (for example), compile with
	make PROGRAMS=dropbear
rather than just
	make dropbear
so that client functionality in shared portions of Dropbear won't be included.
The same applies if you are compiling just a client.

---

The following are set in options.h:

	- You can safely disable blowfish and twofish ciphers, and MD5 hmac, without
	  affecting interoperability

	- If you're compiling statically, you can turn off host lookups

	- You can disable either password or public-key authentication, though note
	  that the IETF draft states that pubkey authentication is required.

	- Similarly with DSS and RSA, you can disable one of these if you know that
	  all clients will be able to support a particular one. The IETF draft
	  states that DSS is required, however you may prefer to use RSA. 
	  DON'T disable either of these on systems where you aren't 100% sure about
	  who will be connecting and what clients they will be using.

	- Disabling the MOTD code and SFTP-SERVER may save a small amount of codesize

	- You can disable x11, tcp and agent forwarding as desired. None of these are
	  essential, although agent-forwarding is often useful even on firewall boxes.

---

If you are compiling statically, you may want to disable zlib, as it will use
a few tens of kB of binary-size (./configure --disable-zlib).

You can create a combined binary, see the file MULTI, which will put all
the functions into one binary, avoiding repeated code.

If you're compiling with gcc, you might want to look at gcc's options for
stripping unused code. The relevant vars to set before configure are:

LDFLAGS=-Wl,--gc-sections
CFLAGS="-ffunction-sections -fdata-sections"

You can also experiment with optimisation flags such as -Os, note that in some
cases these flags actually seem to increase size, so experiment before
deciding.

Of course using small C libraries such as uClibc and dietlibc can also help.

If you have any queries, mail me and I'll see if I can help.