# HG changeset patch # User Matt Johnston # Date 1406559367 -28800 # Node ID e257f94ef8a7f3f8ead46d53c3a40ccdfae44c3d # Parent 9969cee83d0a33ada3dd44e89ffb0088884e6016# Parent 356a25a108a3338b58f22a6c5b03336a10cd2bbd merge diff -r 9969cee83d0a -r e257f94ef8a7 .hgsigs --- a/.hgsigs Sat Jul 26 10:23:53 2014 +0800 +++ b/.hgsigs Mon Jul 28 22:56:07 2014 +0800 @@ -10,3 +10,4 @@ 9ec083a21adfcb099f21eb03704b66d14a4ba800 0 iEYEABECAAYFAlKE4JoACgkQjPn4sExkf7wLDgCghkVGwMjI138bEv+ORVzN7zIH7cEAoLckaxZc1k1aXlmlSCRlP8cuKH3o 3d1d7d151c0ce3a79da62e86463f5632fa2b144a 0 iEYEABECAAYFAlKd5AEACgkQjPn4sExkf7wzWgCfdvPEEIdlMPqcbOQMJ7b+eAyy164An2ip1lPh1eS5g26/gSfruvWBVym4 277429102f1337bd10c89107d3e01de509cc1a7e 0 iEYEABECAAYFAlMEvF4ACgkQjPn4sExkf7xeVQCgtbxJ4G3hsFwUOM0K1WGr1J2vsbEAoMM8dEyr1mdrbgO1tzNLfD1nxbyn +96584b934d04ebab443f603e78d38fe692d36313 0 iEYEABECAAYFAlPVFrQACgkQjPn4sExkf7xr6ACglRiLE21vRrS1rJ809o2yMADIKtwAn1f5SyZUngSde8eE55JxCMwtMC5m diff -r 9969cee83d0a -r e257f94ef8a7 .hgtags --- a/.hgtags Sat Jul 26 10:23:53 2014 +0800 +++ b/.hgtags Mon Jul 28 22:56:07 2014 +0800 @@ -43,3 +43,4 @@ e894dbc015ba7ff4c3bf897ee20e28ca90c55a16 DROPBEAR_2013.61test 3d1d7d151c0ce3a79da62e86463f5632fa2b144a DROPBEAR_2013.62 2351b2da8e0d08dcc6e64fcc328b53b9630bda68 DROPBEAR_2014.63 +0d2d39957c029adb7f4327d37fe6b4900f0736d9 DROPBEAR_2014.64 diff -r 9969cee83d0a -r e257f94ef8a7 CHANGES --- a/CHANGES Sat Jul 26 10:23:53 2014 +0800 +++ b/CHANGES Mon Jul 28 22:56:07 2014 +0800 @@ -1,4 +1,4 @@ -2014.64 pending +2014.64 - Sunday 27 July 2014 - Fix compiling with ECDSA and DSS disabled @@ -24,6 +24,8 @@ - Use monotonic clock where available, timeouts won't be affected by system time changes +- Add -V for version + 2014.63 - Wednesday 19 February 2014 - Fix ~. to terminate a client interactive session after waking a laptop diff -r 9969cee83d0a -r e257f94ef8a7 cli-runopts.c --- a/cli-runopts.c Sat Jul 26 10:23:53 2014 +0800 +++ b/cli-runopts.c Mon Jul 28 22:56:07 2014 +0800 @@ -90,6 +90,7 @@ "-c Specify preferred ciphers ('-c help' to list options)\n" "-m Specify preferred MACs for packet verification (or '-m help')\n" #endif + "-V Version\n" #ifdef DEBUG_TRACE "-v verbose (compiled with DEBUG_TRACE)\n" #endif @@ -324,6 +325,10 @@ #ifndef ENABLE_CLI_LOCALTCPFWD case 'L': #endif + case 'V': + print_version(); + exit(EXIT_SUCCESS); + break; case 'o': case 'b': next = &dummy; diff -r 9969cee83d0a -r e257f94ef8a7 common-runopts.c --- a/common-runopts.c Sat Jul 26 10:23:53 2014 +0800 +++ b/common-runopts.c Mon Jul 28 22:56:07 2014 +0800 @@ -106,3 +106,8 @@ } #endif +void print_version() { + fprintf(stderr, "Dropbear v%s\n", DROPBEAR_VERSION); +} + + diff -r 9969cee83d0a -r e257f94ef8a7 dbclient.1 --- a/dbclient.1 Sat Jul 26 10:23:53 2014 +0800 +++ b/dbclient.1 Mon Jul 28 22:56:07 2014 +0800 @@ -19,8 +19,7 @@ .SH DESCRIPTION .B dbclient -is a SSH client designed to be small enough to be used in small memory -environments, while still being functional and secure enough for general use. +is a small SSH client .SH OPTIONS .TP .B \-p \fIport @@ -98,7 +97,7 @@ useful for working around firewalls or routers that drop connections after a certain period of inactivity. The trade-off is that a session may be closed if there is a temporary lapse of network connectivity. A setting -if 0 disables keepalives. +if 0 disables keepalives. If no response is received for 3 consecutive keepalives the connection will be closed. .TP .B \-I \fIidle_timeout Disconnect the session if no traffic is transmitted or received for \fIidle_timeout\fR seconds. @@ -121,6 +120,9 @@ .TP .B \-s The specified command will be requested as a subsystem, used for sftp. Dropbear doesn't implement sftp itself but the OpenSSH sftp client can be used eg \fIsftp -S dbclient user@host\fR +.TP +.B \-V +Print the version .SH MULTI-HOP Dropbear will also allow multiple "hops" to be specified, separated by commas. In diff -r 9969cee83d0a -r e257f94ef8a7 dbutil.c --- a/dbutil.c Sat Jul 26 10:23:53 2014 +0800 +++ b/dbutil.c Mon Jul 28 22:56:07 2014 +0800 @@ -161,7 +161,7 @@ gettimeofday(&tv, NULL); va_start(param, format); - fprintf(stderr, "TRACE (%d) %d.%d: ", getpid(), tv.tv_sec, tv.tv_usec); + fprintf(stderr, "TRACE (%d) %d.%d: ", getpid(), (int)tv.tv_sec, (int)tv.tv_usec); vfprintf(stderr, format, param); fprintf(stderr, "\n"); va_end(param); @@ -183,7 +183,7 @@ gettimeofday(&tv, NULL); va_start(param, format); - fprintf(stderr, "TRACE2 (%d) %d.%d: ", getpid(), tv.tv_sec, tv.tv_usec); + fprintf(stderr, "TRACE2 (%d) %d.%d: ", getpid(), (int)tv.tv_sec, (int)tv.tv_usec); vfprintf(stderr, format, param); fprintf(stderr, "\n"); va_end(param); @@ -945,22 +945,46 @@ return c; } -time_t monotonic_now() { - #if defined(__linux__) && defined(SYS_clock_gettime) - /* CLOCK_MONOTONIC_COARSE was added in Linux 2.6.32. Probably cheaper. */ +/* CLOCK_MONOTONIC_COARSE was added in Linux 2.6.32 but took a while to +reach userspace include headers */ #ifndef CLOCK_MONOTONIC_COARSE #define CLOCK_MONOTONIC_COARSE 6 #endif - static clockid_t clock_source = CLOCK_MONOTONIC_COARSE; +static clockid_t get_linux_clock_source() { struct timespec ts; + if (syscall(SYS_clock_gettime, CLOCK_MONOTONIC_COARSE, &ts) == 0) { + return CLOCK_MONOTONIC_COARSE; + } + + if (syscall(SYS_clock_gettime, CLOCK_MONOTONIC, &ts) == 0) { + return CLOCK_MONOTONIC; + } + return -1; +} +#endif + +time_t monotonic_now() { +#if defined(__linux__) && defined(SYS_clock_gettime) + static clockid_t clock_source = -2; - if (syscall(SYS_clock_gettime, clock_source, &ts) == EINVAL) { - clock_source = CLOCK_MONOTONIC; - syscall(SYS_clock_gettime, CLOCK_MONOTONIC, &ts); + if (clock_source == -2) { + /* First run, find out which one works. + -1 will fall back to time() */ + clock_source = get_linux_clock_source(); } - return ts.tv_sec; -#elif defined(HAVE_MACH_ABSOLUTE_TIME) + + if (clock_source >= 0) { + struct timespec ts; + if (syscall(SYS_clock_gettime, clock_source, &ts) != 0) { + /* Intermittent clock failures should not happen */ + dropbear_exit("Clock broke"); + } + return ts.tv_sec; + } +#endif /* linux clock_gettime */ + +#if defined(HAVE_MACH_ABSOLUTE_TIME) /* OS X, see https://developer.apple.com/library/mac/qa/qa1398/_index.html */ static mach_timebase_info_data_t timebase_info; if (timebase_info.denom == 0) { @@ -968,10 +992,9 @@ } return mach_absolute_time() * timebase_info.numer / timebase_info.denom / 1e9; -#else +#endif /* osx mach_absolute_time */ + /* Fallback for everything else - this will sometimes go backwards */ return time(NULL); -#endif - } diff -r 9969cee83d0a -r e257f94ef8a7 dbutil.h --- a/dbutil.h Sat Jul 26 10:23:53 2014 +0800 +++ b/dbutil.h Mon Jul 28 22:56:07 2014 +0800 @@ -62,9 +62,9 @@ #endif enum dropbear_prio { - DROPBEAR_PRIO_DEFAULT = 'dffd', - DROPBEAR_PRIO_LOWDELAY = 'lddl', - DROPBEAR_PRIO_BULK = 'bllb', + DROPBEAR_PRIO_DEFAULT = 10, + DROPBEAR_PRIO_LOWDELAY = 11, + DROPBEAR_PRIO_BULK = 12, }; char * stripcontrol(const char * text); diff -r 9969cee83d0a -r e257f94ef8a7 debian/changelog --- a/debian/changelog Sat Jul 26 10:23:53 2014 +0800 +++ b/debian/changelog Mon Jul 28 22:56:07 2014 +0800 @@ -1,3 +1,9 @@ +dropbear (2014.64-0.1) unstable; urgency=low + + * New upstream release. + + -- Matt Johnston Sun, 27 Jul 2014 22:54:00 +0800 + dropbear (2014.63-0.1) unstable; urgency=low * New upstream release. diff -r 9969cee83d0a -r e257f94ef8a7 dropbear.8 --- a/dropbear.8 Sat Jul 26 10:23:53 2014 +0800 +++ b/dropbear.8 Mon Jul 28 22:56:07 2014 +0800 @@ -10,8 +10,7 @@ .IR [address:]port ] .SH DESCRIPTION .B dropbear -is a SSH server designed to be small enough to be used in small memory -environments, while still being functional and secure enough for general use. +is a small SSH server .SH OPTIONS .TP .B \-b \fIbanner @@ -88,10 +87,14 @@ useful for working around firewalls or routers that drop connections after a certain period of inactivity. The trade-off is that a session may be closed if there is a temporary lapse of network connectivity. A setting -if 0 disables keepalives. +if 0 disables keepalives. If no response is received for 3 consecutive keepalives the connection will be closed. .TP .B \-I \fIidle_timeout Disconnect the session if no traffic is transmitted or received for \fIidle_timeout\fR seconds. +.TP +.B \-V +Print the version + .SH FILES .TP diff -r 9969cee83d0a -r e257f94ef8a7 release.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/release.sh Mon Jul 28 22:56:07 2014 +0800 @@ -0,0 +1,40 @@ +#!/bin/sh +VERSION=$(echo '#include "sysoptions.h"\necho DROPBEAR_VERSION' | cpp - | sh) +echo Releasing version "$VERSION" ... +if ! head -n1 CHANGES | grep -q $VERSION ; then + echo "CHANGES needs updating" + exit 1 +fi + +if ! head -n1 debian/changelog | grep -q $VERSION ; then + echo "CHANGES needs updating" + exit 1 +fi + +head -n1 CHANGES + +#sleep 3 + +RELDIR=$PWD/../dropbear-$VERSION +ARCHIVE=${RELDIR}.tar.bz2 +if test -e $RELDIR; then + echo "$RELDIR exists" + exit 1 +fi + +if test -e $ARCHIVE; then + echo "$ARCHIVE exists" + exit 1 +fi + +hg archive "$RELDIR" || exit 2 + +(cd "$RELDIR" && autoconf && autoheader) || exit 2 + +rm -r "$RELDIR/autom4te.cache" || exit 2 + +(cd $RELDIR/.. && tar cjf $ARCHIVE `basename "$RELDIR"`) || exit 2 + +ls -l $ARCHIVE +openssl sha1 $ARCHIVE +echo "Done to $ARCHIVE" diff -r 9969cee83d0a -r e257f94ef8a7 runopts.h --- a/runopts.h Sat Jul 26 10:23:53 2014 +0800 +++ b/runopts.h Mon Jul 28 22:56:07 2014 +0800 @@ -164,4 +164,6 @@ void parse_ciphers_macs(); #endif +void print_version(void); + #endif /* _RUNOPTS_H_ */ diff -r 9969cee83d0a -r e257f94ef8a7 svr-runopts.c --- a/svr-runopts.c Sat Jul 26 10:23:53 2014 +0800 +++ b/svr-runopts.c Mon Jul 28 22:56:07 2014 +0800 @@ -92,6 +92,7 @@ "-W (default %d, larger may be faster, max 1MB)\n" "-K (0 is never, default %d, in seconds)\n" "-I (0 is never, default %d, in seconds)\n" + "-V Version\n" #ifdef DEBUG_TRACE "-v verbose (compiled with DEBUG_TRACE)\n" #endif @@ -256,7 +257,7 @@ #endif case 'h': printhelp(argv[0]); - exit(EXIT_FAILURE); + exit(EXIT_SUCCESS); break; case 'u': /* backwards compatibility with old urandom option */ @@ -266,6 +267,10 @@ debug_trace = 1; break; #endif + case 'V': + print_version(); + exit(EXIT_SUCCESS); + break; default: fprintf(stderr, "Unknown argument %s\n", argv[i]); printhelp(argv[0]); diff -r 9969cee83d0a -r e257f94ef8a7 sysoptions.h --- a/sysoptions.h Sat Jul 26 10:23:53 2014 +0800 +++ b/sysoptions.h Mon Jul 28 22:56:07 2014 +0800 @@ -4,7 +4,7 @@ *******************************************************************/ #ifndef DROPBEAR_VERSION -#define DROPBEAR_VERSION "2014.63" +#define DROPBEAR_VERSION "2014.64" #endif #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION diff -r 9969cee83d0a -r e257f94ef8a7 tcpfwd.h --- a/tcpfwd.h Sat Jul 26 10:23:53 2014 +0800 +++ b/tcpfwd.h Mon Jul 28 22:56:07 2014 +0800 @@ -72,6 +72,7 @@ int listen_tcpfwd(struct TCPListener* tcpinfo); int tcp_prio_inithandler(struct Channel* chan); -#define CHANNEL_ID_TCPFORWARDED 'tcpf' +/* A random identifier */ +#define CHANNEL_ID_TCPFORWARDED 0x43612c67 #endif