view crypto_desc.c @ 1851:7f549ee3df48

Use HOME before /etc/passwd to find id_dropbear (#137) Currently dbclient uses the value of HOME by default when looking for ~/.ssh/known_hosts, falling back to /etc/passwd if HOME is not set (so that people can work around broken values in /etc/passwd). However, when locating the default authentication key (defaults to ~/.ssh/id_dropbear), paths not starting with / are always prefixed with the value from /etc/passwd. Make the behaviour consistent by adjusting expand_homedir_path to use the value of HOME, falling back to /etc/passwd if HOME is not set.
author Matt Robinson <git@nerdoftheherd.com>
date Tue, 19 Oct 2021 06:02:47 +0100
parents 34d9d3c022ce
children 13cb8cc1b0e4
line wrap: on
line source

#include "includes.h"
#include "dbutil.h"
#include "crypto_desc.h"
#include "ltc_prng.h"
#include "ecc.h"
#include "dbrandom.h"

#if DROPBEAR_LTC_PRNG
	int dropbear_ltc_prng = -1;
#endif

/* Wrapper for libtommath */
static mp_err dropbear_rand_source(void* out, size_t size) {
	genrandom((unsigned char*)out, (unsigned int)size);
	return MP_OKAY;
}


/* Register the compiled in ciphers.
 * This should be run before using any of the ciphers/hashes */
void crypto_init() {

	const struct ltc_cipher_descriptor *regciphers[] = {
#if DROPBEAR_AES
		&aes_desc,
#endif
#if DROPBEAR_BLOWFISH
		&blowfish_desc,
#endif
#if DROPBEAR_TWOFISH
		&twofish_desc,
#endif
#if DROPBEAR_3DES
		&des3_desc,
#endif
		NULL
	};

	const struct ltc_hash_descriptor *reghashes[] = {
		/* we need sha1 for hostkey stuff regardless */
		&sha1_desc,
#if DROPBEAR_MD5_HMAC
		&md5_desc,
#endif
#if DROPBEAR_SHA256
		&sha256_desc,
#endif
#if DROPBEAR_SHA384
		&sha384_desc,
#endif
#if DROPBEAR_SHA512
		&sha512_desc,
#endif
		NULL
	};	
	int i;
	
	for (i = 0; regciphers[i] != NULL; i++) {
		if (register_cipher(regciphers[i]) == -1) {
			dropbear_exit("Error registering crypto");
		}
	}

	for (i = 0; reghashes[i] != NULL; i++) {
		if (register_hash(reghashes[i]) == -1) {
			dropbear_exit("Error registering crypto");
		}
	}

#if DROPBEAR_LTC_PRNG
	dropbear_ltc_prng = register_prng(&dropbear_prng_desc);
	if (dropbear_ltc_prng == -1) {
		dropbear_exit("Error registering crypto");
	}
#endif

	mp_rand_source(dropbear_rand_source);

#if DROPBEAR_ECC
	ltc_mp = ltm_desc;
	dropbear_ecc_fill_dp();
#endif
}