changeset 1069:2fa71c3b2827 pam

merge pam branch up to date
author Matt Johnston <matt@ucc.asn.au>
date Mon, 16 Mar 2015 21:34:05 +0800
parents 9a6395ddb1b6 (current diff) ce21d0bfaf98 (diff)
children 16379795f80b
files auth.h buffer.c buffer.h cli-session.c common-session.c options.h session.h svr-session.c sysoptions.h
diffstat 85 files changed, 1409 insertions(+), 824 deletions(-) [+]
line wrap: on
line diff
--- a/.hgsigs	Fri Jan 23 22:32:49 2015 +0800
+++ b/.hgsigs	Mon Mar 16 21:34:05 2015 +0800
@@ -13,3 +13,4 @@
 96584b934d04ebab443f603e78d38fe692d36313 0 iEYEABECAAYFAlPVFrQACgkQjPn4sExkf7xr6ACglRiLE21vRrS1rJ809o2yMADIKtwAn1f5SyZUngSde8eE55JxCMwtMC5m
 caac692b366c153cea0e9cd59aa2d79a7d843d4e 0 iEYEABECAAYFAlPk1mcACgkQjPn4sExkf7wLpgCeOqMYqpkf4lYUuyrn9VYThNpc7PkAn3JOSNgIqkKUcmSy6FstrI8jwJzq
 2d421bc0545d1be6d59a4ebfe61606d94b124b0c 0 iEYEABECAAYFAlRJDCQACgkQjPn4sExkf7xUYACcCwVJkYWXJn5x/D5A+qMupy778lEAn0rg1oNiq96YU/4jOPsS5IMItihu
+1d2d81b1b7c1b100e9c369e40b9fa5b2d491eea9 0 iEYEABECAAYFAlTKOKUACgkQjPn4sExkf7xWMACfYFozyHiRk5GaocTa5z6Ws1uyB4kAoLubxoxcnM3E7AA9mHAzc3OB5M0Y
--- a/.hgtags	Fri Jan 23 22:32:49 2015 +0800
+++ b/.hgtags	Mon Mar 16 21:34:05 2015 +0800
@@ -46,3 +46,4 @@
 0d2d39957c029adb7f4327d37fe6b4900f0736d9 DROPBEAR_2014.64
 e9579816f20ea85affc6135e87f8477992808948 DROPBEAR_2014.65
 735511a4c761141416ad0e6728989d2dafa55bc2 DROPBEAR_2014.66
+cbd674d63cd4f3781464a8d4056a5506c8ae926f DROPBEAR_2015.67
--- a/CHANGES	Fri Jan 23 22:32:49 2015 +0800
+++ b/CHANGES	Mon Mar 16 21:34:05 2015 +0800
@@ -1,3 +1,48 @@
+- Improve efficiency of writing data to local program/pipes, measured 30% for
+  connections to localhost
+
+- Use TCP Fast Open on Linux if available. saves a round trip at connection
+  to hosts that have previously been connected. 
+  Needs a recent Linux kernel and possibly "sysctl -w net.ipv4.tcp_fastopen=3"
+
+- Forwarded TCP ports connect asynchronously and retry with other available
+  addresses (IPv4 or IPv6)
+
+- Free memory before exiting, patch from Thorsten Horstmann. Useful for
+  Dropbear ports to embedded systems and for checking memory leaks
+  with valgrind. Only partially implemented for client side.
+
+- Fix small ECC memory leaks
+
+2015.67 - Wednesday 28 January 2015
+
+- Call fsync() after generating private keys to ensure they aren't lost if a
+  reboot occurs. Thanks to Peter Korsgaard
+
+- Disable non-delayed zlib compression by default on the server. Can be
+  enabled if required for old clients with DROPBEAR_SERVER_DELAY_ZLIB
+
+- Default client key path ~/.ssh/id_dropbear
+
+- Prefer stronger algorithms by default, from Fedor Brunner. 
+  AES256 over 3DES
+  Diffie-hellman group14 over group1
+
+- Add option to disable CBC ciphers.
+
+- Disable twofish in default options.h
+
+- Enable sha2 HMAC algorithms by default, the code was already required
+  for ECC key exchange. sha1 is the first preference still for performance. 
+
+- Fix installing dropbear.8 in a separate build directory, from Like Ma
+
+- Allow configure to succeed if libtomcrypt/libtommath are missing, from Elan Ruusamäe
+
+- Don't crash if ssh-agent provides an unknown type of key. From Catalin Patulea
+
+- Minor bug fixes, a few issues found by Coverity scan
+
 2014.66 - Thursday 23 October 2014
 
 - Use the same keepalive handling behaviour as OpenSSH. This will work better 
--- a/Makefile.in	Fri Jan 23 22:32:49 2015 +0800
+++ b/Makefile.in	Mon Mar 16 21:34:05 2015 +0800
@@ -40,12 +40,12 @@
 CLIOBJS=cli-main.o cli-auth.o cli-authpasswd.o cli-kex.o \
 		cli-session.o cli-runopts.o cli-chansession.o \
 		cli-authpubkey.o cli-tcpfwd.o cli-channel.o cli-authinteract.o \
-		cli-agentfwd.o list.o
+		cli-agentfwd.o 
 
 CLISVROBJS=common-session.o packet.o common-algo.o common-kex.o \
 			common-channel.o common-chansession.o termcodes.o loginrec.o \
 			tcp-accept.o listener.o process-packet.o \
-			common-runopts.o circbuffer.o curve25519-donna.o
+			common-runopts.o circbuffer.o curve25519-donna.o list.o netio.o
 
 KEYOBJS=dropbearkey.o
 
@@ -131,7 +131,7 @@
 	-rm -f $(DESTDIR)$(sbindir)/dropbear$(EXEEXT)
 	-ln -s $(bindir)/dropbearmulti$(EXEEXT) $(DESTDIR)$(sbindir)/dropbear$(EXEEXT) 
 	$(INSTALL) -d $(DESTDIR)$(mandir)/man8
-	$(INSTALL) -m 644 dropbear.8  $(DESTDIR)$(mandir)/man8/dropbear.8
+	$(INSTALL) -m 644 $(srcdir)/dropbear.8  $(DESTDIR)$(mandir)/man8/dropbear.8
 
 insmulti%: dropbearmulti
 	$(INSTALL) -d $(DESTDIR)$(bindir)
@@ -140,12 +140,12 @@
 	$(INSTALL) -d $(DESTDIR)$(mandir)/man1
 	if test -e $*.1; then $(INSTALL) -m 644 $*.1 $(DESTDIR)$(mandir)/man1/$*.1; fi
 
-# dropbear should go in sbin, so it needs a seperate rule
+# dropbear should go in sbin, so it needs a separate rule
 inst_dropbear: dropbear
 	$(INSTALL) -d $(DESTDIR)$(sbindir)
 	$(INSTALL) dropbear$(EXEEXT) $(DESTDIR)$(sbindir)
 	$(INSTALL) -d $(DESTDIR)$(mandir)/man8
-	$(INSTALL) -m 644 dropbear.8 $(DESTDIR)$(mandir)/man8/dropbear.8
+	$(INSTALL) -m 644 $(srcdir)/dropbear.8 $(DESTDIR)$(mandir)/man8/dropbear.8
 
 inst_%: %
 	$(INSTALL) -d $(DESTDIR)$(bindir)
--- a/agentfwd.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/agentfwd.h	Mon Mar 16 21:34:05 2015 +0800
@@ -21,8 +21,8 @@
  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
-#ifndef _AGENTFWD_H_
-#define _AGENTFWD_H_
+#ifndef DROPBEAR_AGENTFWD_H_
+#define DROPBEAR_AGENTFWD_H_
 
 #include "includes.h"
 #include "chansession.h"
@@ -60,4 +60,4 @@
 
 #endif /* ENABLE_SVR_AGENTFWD */
 
-#endif /* _AGENTFWD_H_ */
+#endif /* DROPBEAR_AGENTFWD_H_ */
--- a/algo.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/algo.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,9 +22,9 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _ALGO_H_
+#ifndef DROPBEAR_ALGO_H_
 
-#define _ALGO_H_
+#define DROPBEAR_ALGO_H_
 
 #include "includes.h"
 #include "buffer.h"
@@ -51,6 +51,7 @@
 extern algo_type sshciphers[];
 extern algo_type sshhashes[];
 extern algo_type ssh_compress[];
+extern algo_type ssh_delaycompress[];
 extern algo_type ssh_nocompress[];
 
 extern const struct dropbear_cipher dropbear_nocipher;
@@ -133,4 +134,4 @@
 	DROPBEAR_COMP_ZLIB_DELAY,
 };
 
-#endif /* _ALGO_H_ */
+#endif /* DROPBEAR_ALGO_H_ */
--- a/auth.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/auth.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _AUTH_H_
-#define _AUTH_H_
+#ifndef DROPBEAR_AUTH_H_
+#define DROPBEAR_AUTH_H_
 
 #include "includes.h"
 #include "signkey.h"
@@ -143,4 +143,4 @@
 	unsigned char * forced_command;
 };
 
-#endif /* _AUTH_H_ */
+#endif /* DROPBEAR_AUTH_H_ */
--- a/bignum.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/bignum.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _BIGNUM_H_
-#define _BIGNUM_H_
+#ifndef DROPBEAR_BIGNUM_H_
+#define DROPBEAR_BIGNUM_H_
 
 #include "includes.h"
 #include "dbutil.h"
@@ -35,4 +35,4 @@
 void hash_process_mp(const struct ltc_hash_descriptor *hash_desc, 
 				hash_state *hs, mp_int *mp);
 
-#endif /* _BIGNUM_H_ */
+#endif /* DROPBEAR_BIGNUM_H_ */
--- a/buffer.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/buffer.c	Mon Mar 16 21:34:05 2015 +0800
@@ -46,17 +46,15 @@
 		dropbear_exit("buf->size too big");
 	}
 
-	buf = (buffer*)m_malloc(sizeof(buffer));
+	buf = (buffer*)m_malloc(sizeof(buffer)+size);
 
 	if (size > 0) {
-		buf->data = (unsigned char*)m_malloc(size);
+		buf->data = (unsigned char*)buf + sizeof(buffer);
 	} else {
 		buf->data = NULL;
 	}
 
 	buf->size = size;
-	buf->pos = 0;
-	buf->len = 0;
 
 	return buf;
 
@@ -65,7 +63,6 @@
 /* free the buffer's data and the buffer itself */
 void buf_free(buffer* buf) {
 
-	m_free(buf->data)
 	m_free(buf);
 }
 
@@ -78,17 +75,18 @@
 
 /* resize a buffer, pos and len will be repositioned if required when
  * downsizing */
-void buf_resize(buffer *buf, unsigned int newsize) {
+buffer* buf_resize(buffer *buf, unsigned int newsize) {
 
 	if (newsize > BUF_MAX_SIZE) {
 		dropbear_exit("buf->size too big");
 	}
 
-	buf->data = m_realloc(buf->data, newsize);
+	buf = m_realloc(buf, sizeof(buffer)+newsize);
+	buf->data = (unsigned char*)buf + sizeof(buffer);
 	buf->size = newsize;
 	buf->len = MIN(newsize, buf->len);
 	buf->pos = MIN(newsize, buf->pos);
-
+	return buf;
 }
 
 /* Create a copy of buf, allocating required memory etc. */
@@ -99,7 +97,9 @@
 
 	ret = buf_new(buf->len);
 	ret->len = buf->len;
-	memcpy(ret->data, buf->data, buf->len);
+	if (buf->len > 0) {
+	    memcpy(ret->data, buf->data, buf->len);
+	}
 	return ret;
 }
 
@@ -127,7 +127,7 @@
 	buf->pos = pos;
 }
 
-/* increment the postion by incr, increasing the buffer length if required */
+/* increment the position by incr, increasing the buffer length if required */
 void buf_incrwritepos(buffer* buf, unsigned int incr) {
 	if (incr > BUF_MAX_INCR || buf->pos + incr > buf->size) {
 		dropbear_exit("Bad buf_incrwritepos");
@@ -230,15 +230,15 @@
 
 /* Return a string as a newly allocated buffer */
 buffer * buf_getstringbuf(buffer *buf) {
-	buffer *ret;
-	unsigned char* str;
-	unsigned int len;
-	str = buf_getstring(buf, &len);
-	ret = m_malloc(sizeof(*ret));
-	ret->data = str;
-	ret->len = len;
-	ret->size = len;
-	ret->pos = 0;
+	buffer *ret = NULL;
+	unsigned int len = buf_getint(buf);
+	if (len > MAX_STRING_LEN) {
+		dropbear_exit("String too long");
+	}
+	ret = buf_new(len);
+	memcpy(buf_getwriteptr(ret, len), buf_getptr(buf, len), len);
+	buf_incrpos(buf, len);
+	buf_incrlen(ret, len);
 	return ret;
 }
 
--- a/buffer.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/buffer.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,14 +22,15 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _BUFFER_H_
+#ifndef DROPBEAR_BUFFER_H_
 
-#define _BUFFER_H_
+#define DROPBEAR_BUFFER_H_
 
 #include "includes.h"
 
 struct buf {
-
+	/* don't manipulate data member outside of buffer.c - it
+	is a pointer into the malloc holding buffer itself */
 	unsigned char * data;
 	unsigned int len; /* the used size */
 	unsigned int pos;
@@ -40,7 +41,8 @@
 typedef struct buf buffer;
 
 buffer * buf_new(unsigned int size);
-void buf_resize(buffer *buf, unsigned int newsize);
+/* Possibly returns a new buffer*, like realloc() */
+buffer * buf_resize(buffer *buf, unsigned int newsize);
 void buf_free(buffer* buf);
 void buf_burn(buffer* buf);
 buffer* buf_newcopy(buffer* buf);
@@ -66,4 +68,4 @@
 int buf_getmpint(buffer* buf, mp_int* mp);
 unsigned int buf_getint(buffer* buf);
 
-#endif /* _BUFFER_H_ */
+#endif /* DROPBEAR_BUFFER_H_ */
--- a/channel.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/channel.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _CHANNEL_H_
-#define _CHANNEL_H_
+#ifndef DROPBEAR_CHANNEL_H_
+#define DROPBEAR_CHANNEL_H_
 
 #include "includes.h"
 #include "buffer.h"
@@ -73,6 +73,7 @@
 	 * to ensure we don't run it twice (nor type->checkclose()). */
 	int close_handler_done;
 
+	struct dropbear_progress_connection *conn_pending;
 	int initconn; /* used for TCP forwarding, whether the channel has been
 					 fully initialised */
 
@@ -92,7 +93,7 @@
 
 struct ChanType {
 
-	int sepfds; /* Whether this channel has seperate pipes for in/out or not */
+	int sepfds; /* Whether this channel has separate pipes for in/out or not */
 	char *name;
 	int (*inithandler)(struct Channel*);
 	int (*check_close)(struct Channel*);
@@ -100,6 +101,9 @@
 	void (*closehandler)(struct Channel*);
 };
 
+/* Callback for connect_remote */
+void channel_connect_done(int result, int sock, void* user_data, const char* errstring);
+
 void chaninitialise(const struct ChanType *chantypes[]);
 void chancleanup();
 void setchannelfds(fd_set *readfd, fd_set *writefd);
@@ -137,4 +141,4 @@
 void send_msg_request_failure();
 
 
-#endif /* _CHANNEL_H_ */
+#endif /* DROPBEAR_CHANNEL_H_ */
--- a/chansession.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/chansession.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _CHANSESSION_H_
-#define _CHANSESSION_H_
+#ifndef DROPBEAR_CHANSESSION_H_
+#define DROPBEAR_CHANSESSION_H_
 
 #include "loginrec.h"
 #include "channel.h"
@@ -103,4 +103,4 @@
 
 extern const struct SigMap signames[];
 
-#endif /* _CHANSESSION_H_ */
+#endif /* DROPBEAR_CHANSESSION_H_ */
--- a/circbuffer.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/circbuffer.c	Mon Mar 16 21:34:05 2015 +0800
@@ -110,6 +110,21 @@
 	return &cbuf->data[cbuf->readpos];
 }
 
+void cbuf_readptrs(circbuffer *cbuf, 
+	unsigned char **p1, unsigned int *len1, 
+	unsigned char **p2, unsigned int *len2) {
+	*p1 = &cbuf->data[cbuf->readpos];
+	*len1 = MIN(cbuf->used, cbuf->size - cbuf->readpos);
+
+	if (*len1 < cbuf->used) {
+		*p2 = cbuf->data;
+		*len2 = cbuf->used - *len1;
+	} else {
+		*p2 = NULL;
+		*len2 = 0;
+	}
+}
+
 unsigned char* cbuf_writeptr(circbuffer *cbuf, unsigned int len) {
 
 	if (len > cbuf_writelen(cbuf)) {
@@ -131,9 +146,11 @@
 
 
 void cbuf_incrread(circbuffer *cbuf, unsigned int len) {
+#if 0
 	if (len > cbuf_readlen(cbuf)) {
 		dropbear_exit("Bad cbuf read");
 	}
+#endif
 
 	dropbear_assert(cbuf->used >= len);
 	cbuf->used -= len;
--- a/circbuffer.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/circbuffer.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _CIRCBUFFER_H_
-#define _CIRCBUFFER_H_
+#ifndef DROPBEAR_CIRCBUFFER_H_
+#define DROPBEAR_CIRCBUFFER_H_
 struct circbuf {
 
 	unsigned int size;
@@ -44,6 +44,9 @@
 unsigned int cbuf_writelen(circbuffer *cbuf); /* max linear write len */
 
 unsigned char* cbuf_readptr(circbuffer *cbuf, unsigned int len);
+void cbuf_readptrs(circbuffer *cbuf, 
+	unsigned char **p1, unsigned int *len1, 
+	unsigned char **p2, unsigned int *len2);
 unsigned char* cbuf_writeptr(circbuffer *cbuf, unsigned int len);
 void cbuf_incrwrite(circbuffer *cbuf, unsigned int len);
 void cbuf_incrread(circbuffer *cbuf, unsigned int len);
--- a/cli-agentfwd.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/cli-agentfwd.c	Mon Mar 16 21:34:05 2015 +0800
@@ -155,7 +155,7 @@
 		goto out;
 	}
 	
-	buf_resize(inbuf, readlen);
+	inbuf = buf_resize(inbuf, readlen);
 	buf_setpos(inbuf, 0);
 	ret = atomicio(read, fd, buf_getwriteptr(inbuf, readlen), readlen);
 	if ((size_t)ret != readlen) {
--- a/cli-authpubkey.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/cli-authpubkey.c	Mon Mar 16 21:34:05 2015 +0800
@@ -58,7 +58,7 @@
 	buffer* keybuf = NULL;
 	char* algotype = NULL;
 	unsigned int algolen;
-	int keytype;
+	enum signkey_type keytype;
 	unsigned int remotelen;
 
 	TRACE(("enter recv_msg_userauth_pk_ok"))
--- a/cli-main.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/cli-main.c	Mon Mar 16 21:34:05 2015 +0800
@@ -30,6 +30,7 @@
 #include "session.h"
 #include "dbrandom.h"
 #include "crypto_desc.h"
+#include "netio.h"
 
 static void cli_dropbear_exit(int exitcode, const char* format, va_list param) ATTRIB_NORETURN;
 static void cli_dropbear_log(int priority, const char* format, va_list param);
@@ -46,7 +47,7 @@
 #endif
 
 	int sock_in, sock_out;
-	char* error = NULL;
+	struct dropbear_progress_connection *progress = NULL;
 
 	_dropbear_exit = cli_dropbear_exit;
 	_dropbear_log = cli_dropbear_log;
@@ -72,16 +73,11 @@
 	} else
 #endif
 	{
-		int sock = connect_remote(cli_opts.remotehost, cli_opts.remoteport, 
-				0, &error);
-		sock_in = sock_out = sock;
+		progress = connect_remote(cli_opts.remotehost, cli_opts.remoteport, cli_connected, &ses);
+		sock_in = sock_out = -1;
 	}
 
-	if (sock_in < 0) {
-		dropbear_exit("%s", error);
-	}
-
-	cli_session(sock_in, sock_out);
+	cli_session(sock_in, sock_out, progress);
 
 	/* not reached */
 	return -1;
@@ -91,6 +87,7 @@
 static void cli_dropbear_exit(int exitcode, const char* format, va_list param) {
 
 	char fmtbuf[300];
+	char exitmsg[500];
 
 	if (!sessinitdone) {
 		snprintf(fmtbuf, sizeof(fmtbuf), "Exited: %s",
@@ -102,12 +99,15 @@
 				cli_opts.remoteport, format);
 	}
 
+	/* Arguments to the exit printout may be unsafe to use after session_cleanup() */
+	vsnprintf(exitmsg, sizeof(exitmsg), fmtbuf, param);
+
 	/* Do the cleanup first, since then the terminal will be reset */
 	session_cleanup();
 	/* Avoid printing onwards from terminal cruft */
 	fprintf(stderr, "\n");
 
-	_dropbear_log(LOG_INFO, fmtbuf, param);
+	dropbear_log(LOG_INFO, "%s", exitmsg);;
 	exit(exitcode);
 }
 
--- a/cli-runopts.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/cli-runopts.c	Mon Mar 16 21:34:05 2015 +0800
@@ -38,7 +38,7 @@
 static void parse_multihop_hostname(const char* orighostarg, const char* argv0);
 static void fill_own_user();
 #ifdef ENABLE_CLI_PUBKEY_AUTH
-static void loadidentityfile(const char* filename);
+static void loadidentityfile(const char* filename, int warnfail);
 #endif
 #ifdef ENABLE_CLI_ANYTCPFWD
 static void addforward(const char* str, m_list *fwdlist);
@@ -65,7 +65,7 @@
 					"-y -y Don't perform any remote host key checking (caution)\n"
 					"-s    Request a subsystem (use by external sftp)\n"
 #ifdef ENABLE_CLI_PUBKEY_AUTH
-					"-i <identityfile>   (multiple allowed)\n"
+					"-i <identityfile>   (multiple allowed, default %s)\n"
 #endif
 #ifdef ENABLE_CLI_AGENTFWD
 					"-A    Enable agent auth forwarding\n"
@@ -95,6 +95,9 @@
 					"-v    verbose (compiled with DEBUG_TRACE)\n"
 #endif
 					,DROPBEAR_VERSION, cli_opts.progname,
+#ifdef ENABLE_CLI_PUBKEY_AUTH
+					DROPBEAR_DEFAULT_CLI_AUTHKEY,
+#endif
 					DEFAULT_RECV_WINDOW, DEFAULT_KEEPALIVE, DEFAULT_IDLE_TIMEOUT);
 					
 }
@@ -153,7 +156,7 @@
 	cli_opts.proxycmd = NULL;
 #endif
 #ifndef DISABLE_ZLIB
-	opts.enable_compress = 1;
+	opts.compress_mode = DROPBEAR_COMPRESS_ON;
 #endif
 #ifdef ENABLE_USER_ALGO_LIST
 	opts.cipher_list = NULL;
@@ -174,7 +177,7 @@
 #ifdef ENABLE_CLI_PUBKEY_AUTH
 		if (nextiskey) {
 			/* Load a hostkey since the previous argument was "-i" */
-			loadidentityfile(argv[i]);
+			loadidentityfile(argv[i], 1);
 			nextiskey = 0;
 			continue;
 		}
@@ -231,7 +234,7 @@
 				case 'i': /* an identityfile */
 					/* Keep scp happy when it changes "-i file" to "-ifile" */
 					if (strlen(argv[i]) > 2) {
-						loadidentityfile(&argv[i][2]);
+						loadidentityfile(&argv[i][2], 1);
 					} else  {
 						nextiskey = 1;
 					}
@@ -444,6 +447,14 @@
 	}
 #endif
 
+#ifdef DROPBEAR_DEFAULT_CLI_AUTHKEY
+	{
+		char *expand_path = expand_tilde(DROPBEAR_DEFAULT_CLI_AUTHKEY);
+		loadidentityfile(expand_path, 0);
+		m_free(expand_path);
+	}
+#endif
+
 	/* The hostname gets set up last, since
 	 * in multi-hop mode it will require knowledge
 	 * of other flags such as -i */
@@ -455,14 +466,18 @@
 }
 
 #ifdef ENABLE_CLI_PUBKEY_AUTH
-static void loadidentityfile(const char* filename) {
+static void loadidentityfile(const char* filename, int warnfail) {
 	sign_key *key;
 	enum signkey_type keytype;
 
+	TRACE(("loadidentityfile %s", filename))
+
 	key = new_sign_key();
 	keytype = DROPBEAR_SIGNKEY_ANY;
 	if ( readhostkey(filename, key, &keytype) != DROPBEAR_SUCCESS ) {
-		fprintf(stderr, "Failed loading keyfile '%s'\n", filename);
+		if (warnfail) {
+			fprintf(stderr, "Failed loading keyfile '%s'\n", filename);
+		}
 		sign_key_free(key);
 	} else {
 		key->type = keytype;
@@ -594,7 +609,7 @@
 				passthrough_args, remainder);
 #ifndef DISABLE_ZLIB
 		/* The stream will be incompressible since it's encrypted. */
-		opts.enable_compress = 0;
+		opts.compress_mode = DROPBEAR_COMPRESS_OFF;
 #endif
 		m_free(passthrough_args);
 	}
--- a/cli-session.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/cli-session.c	Mon Mar 16 21:34:05 2015 +0800
@@ -37,11 +37,12 @@
 #include "chansession.h"
 #include "agentfwd.h"
 #include "crypto_desc.h"
+#include "netio.h"
 
-static void cli_remoteclosed();
+static void cli_remoteclosed() ATTRIB_NORETURN;
 static void cli_sessionloop();
 static void cli_session_init();
-static void cli_finished();
+static void cli_finished() ATTRIB_NORETURN;
 static void recv_msg_service_accept(void);
 static void cli_session_cleanup(void);
 static void recv_msg_global_request_cli(void);
@@ -93,15 +94,30 @@
 	NULL /* Null termination */
 };
 
-void cli_session(int sock_in, int sock_out) {
+void cli_connected(int result, int sock, void* userdata, const char *errstring)
+{
+	struct sshsession *myses = userdata;
+	if (result == DROPBEAR_FAILURE) {
+		dropbear_exit("Connect failed: %s", errstring);
+	}
+	myses->sock_in = myses->sock_out = sock;
+	update_channel_prio();
+}
+
+void cli_session(int sock_in, int sock_out, struct dropbear_progress_connection *progress) {
 
 	common_session_init(sock_in, sock_out);
 
+	if (progress) {
+		connect_set_writequeue(progress, &ses.writequeue);
+	}
+
 	chaninitialise(cli_chantypes);
 
 	/* Set up cli_ses vars */
 	cli_session_init();
 
+
 	/* Ready to go */
 	sessinitdone = 1;
 
--- a/cli-tcpfwd.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/cli-tcpfwd.c	Mon Mar 16 21:34:05 2015 +0800
@@ -30,6 +30,7 @@
 #include "runopts.h"
 #include "session.h"
 #include "ssh.h"
+#include "netio.h"
 
 #ifdef ENABLE_CLI_REMOTETCPFWD
 static int newtcpforwarded(struct Channel * channel);
@@ -215,7 +216,6 @@
 	m_list_elem * iter = NULL;
 	struct TCPFwdEntry *fwd;
 	char portstring[NI_MAXSERV];
-	int sock;
 	int err = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED;
 
 	origaddr = buf_getstring(ses.payload, NULL);
@@ -254,19 +254,7 @@
 	}
 	
 	snprintf(portstring, sizeof(portstring), "%d", fwd->connectport);
-	sock = connect_remote(fwd->connectaddr, portstring, 1, NULL);
-	if (sock < 0) {
-		TRACE(("leave newtcpdirect: sock failed"))
-		err = SSH_OPEN_CONNECT_FAILED;
-		goto out;
-	}
-
-	ses.maxfd = MAX(ses.maxfd, sock);
-
-	/* We don't set readfd, that will get set after the connection's
-	 * progress succeeds */
-	channel->writefd = sock;
-	channel->initconn = 1;
+	channel->conn_pending = connect_remote(fwd->connectaddr, portstring, channel_connect_done, channel);
 
 	channel->prio = DROPBEAR_CHANNEL_PRIO_UNKNOWABLE;
 	
--- a/common-algo.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/common-algo.c	Mon Mar 16 21:34:05 2015 +0800
@@ -84,10 +84,14 @@
 
 /* A few void* s are required to silence warnings
  * about the symmetric_CBC vs symmetric_CTR cipher_state pointer */
+#ifdef DROPBEAR_ENABLE_CBC_MODE
 const struct dropbear_cipher_mode dropbear_mode_cbc =
 	{(void*)cbc_start, (void*)cbc_encrypt, (void*)cbc_decrypt};
+#endif /* DROPBEAR_ENABLE_CBC_MODE */
+
 const struct dropbear_cipher_mode dropbear_mode_none =
 	{void_start, void_cipher, void_cipher};
+
 #ifdef DROPBEAR_ENABLE_CTR_MODE
 /* a wrapper to make ctr_start and cbc_start look the same */
 static int dropbear_big_endian_ctr_start(int cipher, 
@@ -98,7 +102,7 @@
 }
 const struct dropbear_cipher_mode dropbear_mode_ctr =
 	{(void*)dropbear_big_endian_ctr_start, (void*)ctr_encrypt, (void*)ctr_decrypt};
-#endif
+#endif /* DROPBEAR_ENABLE_CTR_MODE */
 
 /* Mapping of ssh hashes to libtomcrypt hashes, including keysize etc.
    {&hash_desc, keysize, hashsize} */
@@ -137,21 +141,21 @@
 #ifdef DROPBEAR_AES128
 	{"aes128-ctr", 0, &dropbear_aes128, 1, &dropbear_mode_ctr},
 #endif
-#ifdef DROPBEAR_3DES
-	{"3des-ctr", 0, &dropbear_3des, 1, &dropbear_mode_ctr},
-#endif
 #ifdef DROPBEAR_AES256
 	{"aes256-ctr", 0, &dropbear_aes256, 1, &dropbear_mode_ctr},
 #endif
+#ifdef DROPBEAR_TWOFISH256
+	{"twofish256-ctr", 0, &dropbear_twofish256, 1, &dropbear_mode_ctr},
+#endif
+#ifdef DROPBEAR_TWOFISH128
+	{"twofish128-ctr", 0, &dropbear_twofish128, 1, &dropbear_mode_ctr},
+#endif
 #endif /* DROPBEAR_ENABLE_CTR_MODE */
 
-/* CBC modes are always enabled */
+#ifdef DROPBEAR_ENABLE_CBC_MODE
 #ifdef DROPBEAR_AES128
 	{"aes128-cbc", 0, &dropbear_aes128, 1, &dropbear_mode_cbc},
 #endif
-#ifdef DROPBEAR_3DES
-	{"3des-cbc", 0, &dropbear_3des, 1, &dropbear_mode_cbc},
-#endif
 #ifdef DROPBEAR_AES256
 	{"aes256-cbc", 0, &dropbear_aes256, 1, &dropbear_mode_cbc},
 #endif
@@ -162,9 +166,16 @@
 #ifdef DROPBEAR_TWOFISH128
 	{"twofish128-cbc", 0, &dropbear_twofish128, 1, &dropbear_mode_cbc},
 #endif
+#ifdef DROPBEAR_3DES
+	{"3des-ctr", 0, &dropbear_3des, 1, &dropbear_mode_ctr},
+#endif
+#ifdef DROPBEAR_3DES
+	{"3des-cbc", 0, &dropbear_3des, 1, &dropbear_mode_cbc},
+#endif
 #ifdef DROPBEAR_BLOWFISH
 	{"blowfish-cbc", 0, &dropbear_blowfish, 1, &dropbear_mode_cbc},
 #endif
+#endif /* DROPBEAR_ENABLE_CBC_MODE */
 #ifdef DROPBEAR_NONE_CIPHER
 	{"none", 0, (void*)&dropbear_nocipher, 1, &dropbear_mode_none},
 #endif
@@ -172,18 +183,18 @@
 };
 
 algo_type sshhashes[] = {
+#ifdef DROPBEAR_SHA1_96_HMAC
+	{"hmac-sha1-96", 0, &dropbear_sha1_96, 1, NULL},
+#endif
+#ifdef DROPBEAR_SHA1_HMAC
+	{"hmac-sha1", 0, &dropbear_sha1, 1, NULL},
+#endif
 #ifdef DROPBEAR_SHA2_256_HMAC
 	{"hmac-sha2-256", 0, &dropbear_sha2_256, 1, NULL},
 #endif
 #ifdef DROPBEAR_SHA2_512_HMAC
 	{"hmac-sha2-512", 0, &dropbear_sha2_512, 1, NULL},
 #endif
-#ifdef DROPBEAR_SHA1_96_HMAC
-	{"hmac-sha1-96", 0, &dropbear_sha1_96, 1, NULL},
-#endif
-#ifdef DROPBEAR_SHA1_HMAC
-	{"hmac-sha1", 0, &dropbear_sha1, 1, NULL},
-#endif
 #ifdef DROPBEAR_MD5_HMAC
 	{"hmac-md5", 0, (void*)&dropbear_md5, 1, NULL},
 #endif
@@ -195,7 +206,13 @@
 
 #ifndef DISABLE_ZLIB
 algo_type ssh_compress[] = {
+	{"[email protected]", DROPBEAR_COMP_ZLIB_DELAY, NULL, 1, NULL},
 	{"zlib", DROPBEAR_COMP_ZLIB, NULL, 1, NULL},
+	{"none", DROPBEAR_COMP_NONE, NULL, 1, NULL},
+	{NULL, 0, NULL, 0, NULL}
+};
+
+algo_type ssh_delaycompress[] = {
 	{"[email protected]ssh.com", DROPBEAR_COMP_ZLIB_DELAY, NULL, 1, NULL},
 	{"none", DROPBEAR_COMP_NONE, NULL, 1, NULL},
 	{NULL, 0, NULL, 0, NULL}
@@ -265,8 +282,8 @@
 	{"ecdh-sha2-nistp256", 0, &kex_ecdh_nistp256, 1, NULL},
 #endif
 #endif
+	{"diffie-hellman-group14-sha1", 0, &kex_dh_group14, 1, NULL},
 	{"diffie-hellman-group1-sha1", 0, &kex_dh_group1, 1, NULL},
-	{"diffie-hellman-group14-sha1", 0, &kex_dh_group14, 1, NULL},
 #ifdef USE_KEXGUESS2
 	{KEXGUESS2_ALGO_NAME, KEXGUESS2_ALGO_ID, NULL, 1, NULL},
 #endif
--- a/common-channel.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/common-channel.c	Mon Mar 16 21:34:05 2015 +0800
@@ -35,20 +35,21 @@
 #include "ssh.h"
 #include "listener.h"
 #include "runopts.h"
+#include "netio.h"
 
 static void send_msg_channel_open_failure(unsigned int remotechan, int reason,
 		const unsigned char *text, const unsigned char *lang);
 static void send_msg_channel_open_confirmation(struct Channel* channel,
 		unsigned int recvwindow, 
 		unsigned int recvmaxpacket);
-static void writechannel(struct Channel* channel, int fd, circbuffer *cbuf);
+static void writechannel(struct Channel* channel, int fd, circbuffer *cbuf,
+	const unsigned char *moredata, unsigned int *morelen);
 static void send_msg_channel_window_adjust(struct Channel *channel, 
 		unsigned int incr);
 static void send_msg_channel_data(struct Channel *channel, int isextended);
 static void send_msg_channel_eof(struct Channel *channel);
 static void send_msg_channel_close(struct Channel *channel);
 static void remove_channel(struct Channel *channel);
-static void check_in_progress(struct Channel *channel);
 static unsigned int write_pending(struct Channel * channel);
 static void check_close(struct Channel *channel);
 static void close_chan_fd(struct Channel *channel, int fd, int how);
@@ -163,7 +164,6 @@
 	newchan->writefd = FD_UNINIT;
 	newchan->readfd = FD_UNINIT;
 	newchan->errfd = FD_CLOSED; /* this isn't always set to start with */
-	newchan->initconn = 0;
 	newchan->await_open = 0;
 	newchan->flushing = 0;
 
@@ -242,20 +242,14 @@
 
 		/* write to program/pipe stdin */
 		if (channel->writefd >= 0 && FD_ISSET(channel->writefd, writefds)) {
-			if (channel->initconn) {
-				/* XXX should this go somewhere cleaner? */
-				check_in_progress(channel);
-				continue; /* Important not to use the channel after
-							 check_in_progress(), as it may be NULL */
-			}
-			writechannel(channel, channel->writefd, channel->writebuf);
+			writechannel(channel, channel->writefd, channel->writebuf, NULL, NULL);
 			do_check_close = 1;
 		}
 		
 		/* stderr for client mode */
 		if (ERRFD_IS_WRITE(channel)
 				&& channel->errfd >= 0 && FD_ISSET(channel->errfd, writefds)) {
-			writechannel(channel, channel->errfd, channel->extrabuf);
+			writechannel(channel, channel->errfd, channel->extrabuf, NULL, NULL);
 			do_check_close = 1;
 		}
 
@@ -374,27 +368,27 @@
  * if so, set up the channel properly. Otherwise, the channel is cleaned up, so
  * it is important that the channel reference isn't used after a call to this
  * function */
-static void check_in_progress(struct Channel *channel) {
+void channel_connect_done(int result, int sock, void* user_data, const char* UNUSED(errstring)) {
 
-	int val;
-	socklen_t vallen = sizeof(val);
-
-	TRACE(("enter check_in_progress"))
+	struct Channel *channel = user_data;
 
-	if (getsockopt(channel->writefd, SOL_SOCKET, SO_ERROR, &val, &vallen)
-			|| val != 0) {
-		send_msg_channel_open_failure(channel->remotechan,
-				SSH_OPEN_CONNECT_FAILED, "", "");
-		close(channel->writefd);
-		remove_channel(channel);
-		TRACE(("leave check_in_progress: fail"))
-	} else {
+	TRACE(("enter channel_connect_done"))
+
+	if (result == DROPBEAR_SUCCESS)
+	{
+		channel->readfd = channel->writefd = sock;
+		channel->conn_pending = NULL;
 		chan_initwritebuf(channel);
 		send_msg_channel_open_confirmation(channel, channel->recvwindow,
 				channel->recvmaxpacket);
-		channel->readfd = channel->writefd;
-		channel->initconn = 0;
-		TRACE(("leave check_in_progress: success"))
+		TRACE(("leave channel_connect_done: success"))
+	}
+	else
+	{
+		send_msg_channel_open_failure(channel->remotechan,
+				SSH_OPEN_CONNECT_FAILED, "", "");
+		remove_channel(channel);
+		TRACE(("leave check_in_progress: fail"))
 	}
 }
 
@@ -402,7 +396,7 @@
 /* Send the close message and set the channel as closed */
 static void send_msg_channel_close(struct Channel *channel) {
 
-	TRACE(("enter send_msg_channel_close %p", channel))
+	TRACE(("enter send_msg_channel_close %p", (void*)channel))
 	if (channel->type->closehandler 
 			&& !channel->close_handler_done) {
 		channel->type->closehandler(channel);
@@ -441,14 +435,67 @@
 }
 
 /* Called to write data out to the local side of the channel. 
- * Only called when we know we can write to a channel, writes as much as
- * possible */
-static void writechannel(struct Channel* channel, int fd, circbuffer *cbuf) {
+   Writes the circular buffer contents and also the "moredata" buffer
+   if not null. Will ignore EAGAIN */
+static void writechannel(struct Channel* channel, int fd, circbuffer *cbuf,
+	const unsigned char *moredata, unsigned int *morelen) {
 
-	int len, maxlen;
+	struct iovec iov[3];
+	unsigned char *circ_p1, *circ_p2;
+	unsigned int circ_len1, circ_len2;
+	int io_count = 0;
+
+	int written;
 
 	TRACE(("enter writechannel fd %d", fd))
 
+	cbuf_readptrs(cbuf, &circ_p1, &circ_len1, &circ_p2, &circ_len2);
+
+	if (circ_len1 > 0) {
+		TRACE(("circ1 %d", circ_len1))
+		iov[io_count].iov_base = circ_p1;
+		iov[io_count].iov_len = circ_len1;
+		io_count++;
+	}
+
+	if (circ_len2 > 0) {
+		TRACE(("circ2 %d", circ_len2))
+		iov[io_count].iov_base = circ_p2;
+		iov[io_count].iov_len = circ_len2;
+		io_count++;
+	}
+
+	if (morelen) {
+		assert(moredata);
+		TRACE(("more %d", *morelen))
+		iov[io_count].iov_base = (void*)moredata;
+		iov[io_count].iov_len  = *morelen;
+		io_count++;
+	}
+
+	if (morelen) {
+		/* Default return value, none consumed */
+		*morelen = 0;
+	}
+
+	written = writev(fd, iov, io_count);
+
+	if (written < 0) {
+		if (errno != EINTR && errno != EAGAIN) {
+			TRACE(("errno %d len %d", errno, len))
+			close_chan_fd(channel, fd, SHUT_WR);
+		}
+	} else {
+		int cbuf_written = MIN(circ_len1+circ_len2, (unsigned int)written);
+		cbuf_incrread(cbuf, cbuf_written);
+		if (morelen) {
+			*morelen = written - cbuf_written;
+		}
+		channel->recvdonelen += written;
+	}
+
+#if 0
+
 	maxlen = cbuf_readlen(cbuf);
 
 	/* Write the data out */
@@ -465,10 +512,10 @@
 
 	cbuf_incrread(cbuf, len);
 	channel->recvdonelen += len;
+#endif
 
 	/* Window adjust handling */
 	if (channel->recvdonelen >= RECV_WINDOWEXTEND) {
-		/* Set it back to max window */
 		send_msg_channel_window_adjust(channel, channel->recvdonelen);
 		channel->recvwindow += channel->recvdonelen;
 		channel->recvdonelen = 0;
@@ -514,8 +561,7 @@
 		}
 
 		/* Stuff from the wire */
-		if (channel->initconn
-			||(channel->writefd >= 0 && cbuf_getused(channel->writebuf) > 0)) {
+		if (channel->writefd >= 0 && cbuf_getused(channel->writebuf) > 0) {
 				FD_SET(channel->writefd, writefds);
 		}
 
@@ -586,11 +632,11 @@
 		/* close the FDs in case they haven't been done
 		 * yet (they might have been shutdown etc) */
 		TRACE(("CLOSE writefd %d", channel->writefd))
-		close(channel->writefd);
+		m_close(channel->writefd);
 		TRACE(("CLOSE readfd %d", channel->readfd))
-		close(channel->readfd);
+		m_close(channel->readfd);
 		TRACE(("CLOSE errfd %d", channel->errfd))
-		close(channel->errfd);
+		m_close(channel->errfd);
 	}
 
 	if (!channel->close_handler_done
@@ -599,6 +645,10 @@
 		channel->close_handler_done = 1;
 	}
 
+	if (channel->conn_pending) {
+		cancel_connect(channel->conn_pending);
+	}
+
 	ses.channels[channel->index] = NULL;
 	m_free(channel);
 	ses.chancount--;
@@ -616,7 +666,7 @@
 
 	channel = getchannel();
 
-	TRACE(("enter recv_msg_channel_request %p", channel))
+	TRACE(("enter recv_msg_channel_request %p", (void*)channel))
 
 	if (channel->sent_close) {
 		TRACE(("leave recv_msg_channel_request: already closed channel"))
@@ -749,6 +799,7 @@
 	unsigned int maxdata;
 	unsigned int buflen;
 	unsigned int len;
+	unsigned int consumed;
 
 	TRACE(("enter recv_msg_channel_data"))
 
@@ -775,6 +826,17 @@
 		dropbear_exit("Oversized packet");
 	}
 
+	dropbear_assert(channel->recvwindow >= datalen);
+	channel->recvwindow -= datalen;
+	dropbear_assert(channel->recvwindow <= opts.recv_window);
+
+	consumed = datalen;
+	writechannel(channel, fd, cbuf, buf_getptr(ses.payload, datalen), &consumed);
+
+	datalen -= consumed;
+	buf_incrpos(ses.payload, consumed);
+
+
 	/* We may have to run throught twice, if the buffer wraps around. Can't
 	 * just "leave it for next time" like with writechannel, since this
 	 * is payload data */
@@ -790,10 +852,6 @@
 		len -= buflen;
 	}
 
-	dropbear_assert(channel->recvwindow >= datalen);
-	channel->recvwindow -= datalen;
-	dropbear_assert(channel->recvwindow <= opts.recv_window);
-
 	TRACE(("leave recv_msg_channel_data"))
 }
 
@@ -1001,7 +1059,7 @@
 		}
 	} else {
 		TRACE(("CLOSE some fd %d", fd))
-		close(fd);
+		m_close(fd);
 		closein = closeout = 1;
 	}
 
@@ -1024,7 +1082,7 @@
 	if (channel->type->sepfds && channel->readfd == FD_CLOSED 
 		&& channel->writefd == FD_CLOSED && channel->errfd == FD_CLOSED) {
 		TRACE(("CLOSE (finally) of %d", fd))
-		close(fd);
+		m_close(fd);
 	}
 }
 
@@ -1141,15 +1199,15 @@
 }
 
 struct Channel* get_any_ready_channel() {
+	size_t i;
 	if (ses.chancount == 0) {
 		return NULL;
 	}
-	size_t i;
 	for (i = 0; i < ses.chansize; i++) {
 		struct Channel *chan = ses.channels[i];
 		if (chan
 				&& !(chan->sent_eof || chan->recv_eof)
-				&& !(chan->await_open || chan->initconn)) {
+				&& !(chan->await_open)) {
 			return chan;
 		}
 	}
--- a/common-kex.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/common-kex.c	Mon Mar 16 21:34:05 2015 +0800
@@ -238,14 +238,24 @@
 void kexfirstinitialise() {
 	ses.kexstate.donefirstkex = 0;
 
-#ifndef DISABLE_ZLIB
-	if (opts.enable_compress) {
-		ses.compress_algos = ssh_compress;
-	} else
+#ifdef DISABLE_ZLIB
+	ses.compress_algos = ssh_nocompress;
+#else
+	switch (opts.compress_mode)
+	{
+		case DROPBEAR_COMPRESS_DELAYED:
+			ses.compress_algos = ssh_delaycompress;
+			break;
+
+		case DROPBEAR_COMPRESS_ON:
+			ses.compress_algos = ssh_compress;
+			break;
+
+		case DROPBEAR_COMPRESS_OFF:
+			ses.compress_algos = ssh_nocompress;
+			break;
+	}
 #endif
-	{
-		ses.compress_algos = ssh_nocompress;
-	}
 	kexinitialise();
 }
 
@@ -524,8 +534,10 @@
 	    buf_putstring(ses.kexhashbuf,
 			ses.transkexinit->data, ses.transkexinit->len);
 		/* I_S, the payload of the server's SSH_MSG_KEXINIT */
-	    buf_setpos(ses.payload, 0);
-	    buf_putstring(ses.kexhashbuf, ses.payload->data, ses.payload->len);
+	    buf_setpos(ses.payload, ses.payload_beginning);
+	    buf_putstring(ses.kexhashbuf, 
+	    	buf_getptr(ses.payload, ses.payload->len-ses.payload->pos),
+	    	ses.payload->len-ses.payload->pos);
 		ses.requirenext = SSH_MSG_KEXDH_REPLY;
 	} else {
 		/* SERVER */
@@ -539,8 +551,10 @@
 				(unsigned char*)LOCAL_IDENT, local_ident_len);
 
 		/* I_C, the payload of the client's SSH_MSG_KEXINIT */
-	    buf_setpos(ses.payload, 0);
-	    buf_putstring(ses.kexhashbuf, ses.payload->data, ses.payload->len);
+	    buf_setpos(ses.payload, ses.payload_beginning);
+	    buf_putstring(ses.kexhashbuf, 
+	    	buf_getptr(ses.payload, ses.payload->len-ses.payload->pos),
+	    	ses.payload->len-ses.payload->pos);
 
 		/* I_S, the payload of the server's SSH_MSG_KEXINIT */
 	    buf_putstring(ses.kexhashbuf,
@@ -619,16 +633,20 @@
 void kexdh_comb_key(struct kex_dh_param *param, mp_int *dh_pub_them,
 		sign_key *hostkey) {
 
-	mp_int dh_p;
+	DEF_MP_INT(dh_p);
+	DEF_MP_INT(dh_p_min1);
 	mp_int *dh_e = NULL, *dh_f = NULL;
 
-	/* read the prime and generator*/
-	m_mp_init(&dh_p);
+	m_mp_init_multi(&dh_p, &dh_p_min1, NULL);
 	load_dh_p(&dh_p);
 
-	/* Check that dh_pub_them (dh_e or dh_f) is in the range [1, p-1] */
-	if (mp_cmp(dh_pub_them, &dh_p) != MP_LT 
-			|| mp_cmp_d(dh_pub_them, 0) != MP_GT) {
+	if (mp_sub_d(&dh_p, 1, &dh_p_min1) != MP_OKAY) { 
+		dropbear_exit("Diffie-Hellman error");
+	}
+
+	/* Check that dh_pub_them (dh_e or dh_f) is in the range [2, p-2] */
+	if (mp_cmp(dh_pub_them, &dh_p_min1) != MP_LT 
+			|| mp_cmp_d(dh_pub_them, 1) != MP_GT) {
 		dropbear_exit("Diffie-Hellman error");
 	}
 	
@@ -639,7 +657,7 @@
 	}
 
 	/* clear no longer needed vars */
-	mp_clear_multi(&dh_p, NULL);
+	mp_clear_multi(&dh_p, &dh_p_min1, NULL);
 
 	/* From here on, the code needs to work with the _same_ vars on each side,
 	 * not vice-versaing for client/server */
--- a/common-session.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/common-session.c	Mon Mar 16 21:34:05 2015 +0800
@@ -34,6 +34,7 @@
 #include "kex.h"
 #include "channel.h"
 #include "runopts.h"
+#include "netio.h"
 
 static void checktimeouts();
 static long select_timeout();
@@ -53,6 +54,10 @@
 void common_session_init(int sock_in, int sock_out) {
 	time_t now;
 
+#ifdef DEBUG_TRACE
+	debug_start_net();
+#endif
+
 	TRACE(("enter session_init"))
 
 	ses.sock_in = sock_in;
@@ -150,8 +155,10 @@
 		FD_ZERO(&readfd);
 		dropbear_assert(ses.payload == NULL);
 
-		/* during initial setup we flush out the KEXINIT packet before
-		 * attempting to read the remote version string, which might block */
+		/* We delay reading from the input socket during initial setup until
+		after we have written out our initial KEXINIT packet (empty writequeue). 
+		This means our initial packet can be in-flight while we're doing a blocking
+		read for the remote ident */
 		if (ses.sock_in != -1 && (ses.remoteident || isempty(&ses.writequeue))) {
 			FD_SET(ses.sock_in, &readfd);
 		}
@@ -166,6 +173,9 @@
 		/* set up for channels which can be read/written */
 		setchannelfds(&readfd, &writefd);
 
+		/* Pending connections to test */
+		set_connect_fds(&writefd);
+
 		val = select(ses.maxfd+1, &readfd, &writefd, NULL, &timeout);
 
 		if (exitflag) {
@@ -213,11 +223,13 @@
 				process_packet();
 			}
 		}
-		
+
 		/* if required, flush out any queued reply packets that
 		were being held up during a KEX */
 		maybe_flush_reply_queue();
 
+		handle_connect_fds(&writefd);
+
 		/* process pipes etc for the channels, ses.dataallowed == 0
 		 * during rekeying ) */
 		channelio(&readfd, &writefd);
@@ -239,6 +251,15 @@
 	ses.exit_recursion = 0;
 }
 
+static void cleanup_buf(buffer **buf) {
+	if (!*buf) {
+		return;
+	}
+	buf_burn(*buf);
+	buf_free(*buf);
+	*buf = NULL;
+}
+
 /* clean up a session on exit */
 void session_cleanup() {
 	
@@ -250,24 +271,47 @@
 		return;
 	}
 
+	/* Beware of changing order of functions here. */
+
+	/* Must be before extra_session_cleanup() */
+	chancleanup();
+
 	if (ses.extra_session_cleanup) {
 		ses.extra_session_cleanup();
 	}
 
-	chancleanup();
-	
-	/* Cleaning up keys must happen after other cleanup
-	functions which might queue packets */
-	if (ses.session_id) {
-		buf_burn(ses.session_id);
-		buf_free(ses.session_id);
-		ses.session_id = NULL;
+	/* After these are freed most functions will exit */
+#ifdef DROPBEAR_CLEANUP
+	/* listeners call cleanup functions, this should occur before
+	other session state is freed. */
+	remove_all_listeners();
+
+	remove_connect_pending();
+
+	while (!isempty(&ses.writequeue)) {
+		buf_free(dequeue(&ses.writequeue));
 	}
-	if (ses.hash) {
-		buf_burn(ses.hash);
-		buf_free(ses.hash);
-		ses.hash = NULL;
+
+	m_free(ses.remoteident);
+	m_free(ses.authstate.pw_dir);
+	m_free(ses.authstate.pw_name);
+	m_free(ses.authstate.pw_shell);
+	m_free(ses.authstate.pw_passwd);
+	m_free(ses.authstate.username);
+#endif
+
+	cleanup_buf(&ses.session_id);
+	cleanup_buf(&ses.hash);
+	cleanup_buf(&ses.payload);
+	cleanup_buf(&ses.readbuf);
+	cleanup_buf(&ses.writepayload);
+	cleanup_buf(&ses.kexhashbuf);
+	cleanup_buf(&ses.transkexinit);
+	if (ses.dh_K) {
+		mp_clear(ses.dh_K);
 	}
+	m_free(ses.dh_K);
+
 	m_burn(ses.keys, sizeof(struct key_context));
 	m_free(ses.keys);
 
@@ -398,15 +442,15 @@
 }
 
 void ignore_recv_response() {
-	// Do nothing
+	/* Do nothing */
 	TRACE(("Ignored msg_request_response"))
 }
 
 static void send_msg_keepalive() {
+	time_t old_time_idle = ses.last_packet_time_idle;
+	struct Channel *chan = get_any_ready_channel();
+
 	CHECKCLEARTOWRITE();
-	time_t old_time_idle = ses.last_packet_time_idle;
-
-	struct Channel *chan = get_any_ready_channel();
 
 	if (chan) {
 		/* Channel requests are preferable, more implementations
@@ -546,6 +590,11 @@
 
 	TRACE(("update_channel_prio"))
 
+	if (ses.sock_out < 0) {
+		TRACE(("leave update_channel_prio: no socket"))
+		return;
+	}
+
 	new_prio = DROPBEAR_PRIO_BULK;
 	for (i = 0; i < ses.chansize; i++) {
 		struct Channel *channel = ses.channels[i];
@@ -576,7 +625,7 @@
 	}
 
 	if (new_prio != ses.socket_prio) {
-		TRACE(("Dropbear priority transitioning %4.4s -> %4.4s", (char*)&ses.socket_prio, (char*)&new_prio))
+		TRACE(("Dropbear priority transitioning %d -> %d", ses.socket_prio, new_prio))
 		set_sock_priority(ses.sock_out, new_prio);
 		ses.socket_prio = new_prio;
 	}
--- a/compat.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/compat.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _COMPAT_H_
-#define _COMPAT_H_
+#ifndef DROPBEAR_COMPAT_H_
+#define DROPBEAR_COMPAT_H_
 
 #include "includes.h"
 
@@ -49,8 +49,8 @@
 void endusershell();
 #endif
 
-#ifndef _PATH_DEVNULL
-#define _PATH_DEVNULL "/dev/null"
+#ifndef DROPBEAR_PATH_DEVNULL
+#define DROPBEAR_PATH_DEVNULL "/dev/null"
 #endif
 
-#endif /* _COMPAT_H_ */
+#endif /* DROPBEAR_COMPAT_H_ */
--- a/configure.ac	Fri Jan 23 22:32:49 2015 +0800
+++ b/configure.ac	Mon Mar 16 21:34:05 2015 +0800
@@ -660,6 +660,7 @@
 AC_EXEEXT
 
 # XXX there must be a nicer way to do this
+if test $BUNDLED_LIBTOM = 1 ; then
 AS_MKDIR_P(libtomcrypt/src/ciphers/aes)
 AS_MKDIR_P(libtomcrypt/src/ciphers/safer)
 AS_MKDIR_P(libtomcrypt/src/ciphers/twofish)
@@ -710,8 +711,10 @@
 AS_MKDIR_P(libtomcrypt/src/pk/pkcs1)
 AS_MKDIR_P(libtomcrypt/src/pk/rsa)
 AS_MKDIR_P(libtomcrypt/src/prngs)
+LIBTOM_FILES="libtomcrypt/Makefile libtommath/Makefile"
+fi
 AC_CONFIG_HEADER(config.h)
-AC_CONFIG_FILES(Makefile libtomcrypt/Makefile libtommath/Makefile)
+AC_CONFIG_FILES(Makefile $LIBTOM_FILES)
 AC_OUTPUT
 
 AC_MSG_NOTICE()
--- a/crypto_desc.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/crypto_desc.h	Mon Mar 16 21:34:05 2015 +0800
@@ -1,9 +1,9 @@
-#ifndef _CRYPTO_DESC_H
-#define _CRYPTO_DESC_H
+#ifndef DROPBEAR_CRYPTO_DESC_H
+#define DROPBEAR_CRYPTO_DESC_H
 
 void crypto_init();
 
 extern int dropbear_ltc_prng;
 
-#endif /* _CRYPTO_DESC_H */
+#endif /* DROPBEAR_CRYPTO_DESC_H */
 
--- a/curve25519-donna.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/curve25519-donna.c	Mon Mar 16 21:34:05 2015 +0800
@@ -527,7 +527,7 @@
 
   memcpy(origx, x, 10 * sizeof(limb));
   fsum(x, z);
-  fdifference(z, origx);  // does x - z
+  fdifference(z, origx);  /* does x - z */
 
   memcpy(origxprime, xprime, sizeof(limb) * 10);
   fsum(xprime, zprime);
@@ -554,7 +554,7 @@
   fproduct(x2, xx, zz);
   freduce_degree(x2);
   freduce_coefficients(x2);
-  fdifference(zz, xx);  // does zz = xx - zz
+  fdifference(zz, xx);  /* does zz = xx - zz */
   memset(zzz + 10, 0, sizeof(limb) * 9);
   fscalar_product(zzz, zz, 121665);
   /* No need to call freduce_degree here:
@@ -641,9 +641,9 @@
   memcpy(resultz, nqz, sizeof(limb) * 10);
 }
 
-// -----------------------------------------------------------------------------
-// Shamelessly copied from djb's code
-// -----------------------------------------------------------------------------
+/* -----------------------------------------------------------------------------
+ * Shamelessly copied from djb's code
+ * ----------------------------------------------------------------------------- */
 static void
 crecip(limb *out, const limb *z) {
   limb z2[10];
--- a/dbclient.1	Fri Jan 23 22:32:49 2015 +0800
+++ b/dbclient.1	Mon Mar 16 21:34:05 2015 +0800
@@ -33,7 +33,7 @@
 Read the identity key from file
 .I idfile
 (multiple allowed). This file is created with dropbearkey(1) or converted
-from OpenSSH with dropbearconvert(1).
+from OpenSSH with dropbearconvert(1). The default path ~/.ssh/id_dropbear is used
 .TP
 .B \-L [\fIlistenaddress\fR]:\fIlistenport\fR:\fIhost\fR:\fIport\fR
 Local port forwarding.
--- a/dbrandom.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/dbrandom.c	Mon Mar 16 21:34:05 2015 +0800
@@ -306,7 +306,7 @@
 
 		/* keep regenerating until we get one satisfying
 		 * 0 < rand < max    */
-	} while (mp_cmp(rand, max) != MP_LT);
+	} while (!(mp_cmp(rand, max) == MP_LT && mp_cmp_d(rand, 0) == MP_GT));
 	m_burn(randbuf, len);
 	m_free(randbuf);
 }
--- a/dbrandom.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/dbrandom.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _RANDOM_H_
-#define _RANDOM_H_
+#ifndef DROPBEAR_RANDOM_H_
+#define DROPBEAR_RANDOM_H_
 
 #include "includes.h"
 
@@ -32,4 +32,4 @@
 void addrandom(char * buf, unsigned int len);
 void gen_random_mpint(mp_int *max, mp_int *rand);
 
-#endif /* _RANDOM_H_ */
+#endif /* DROPBEAR_RANDOM_H_ */
--- a/dbutil.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/dbutil.c	Mon Mar 16 21:34:05 2015 +0800
@@ -150,18 +150,44 @@
 
 
 #ifdef DEBUG_TRACE
+
+static double debug_start_time = -1;
+
+void debug_start_net()
+{
+	if (getenv("DROPBEAR_DEBUG_NET_TIMESTAMP"))
+	{
+    	/* Timestamps start from first network activity */
+	    struct timeval tv;
+	    gettimeofday(&tv, NULL);
+	    debug_start_time = tv.tv_sec + (tv.tv_usec / 1000000.0);
+	    TRACE(("Resetting Dropbear TRACE timestamps"))
+	}
+}
+
+static double time_since_start()
+{
+    double nowf;
+    struct timeval tv;
+    gettimeofday(&tv, NULL);
+    nowf = tv.tv_sec + (tv.tv_usec / 1000000.0);
+    if (debug_start_time < 0)
+    {
+        debug_start_time = nowf;
+        return 0;
+    }
+    return nowf - debug_start_time;
+}
+
 void dropbear_trace(const char* format, ...) {
 	va_list param;
-	struct timeval tv;
 
 	if (!debug_trace) {
 		return;
 	}
 
-	gettimeofday(&tv, NULL);
-
 	va_start(param, format);
-	fprintf(stderr, "TRACE  (%d) %d.%d: ", getpid(), (int)tv.tv_sec, (int)tv.tv_usec);
+	fprintf(stderr, "TRACE  (%d) %f: ", getpid(), time_since_start());
 	vfprintf(stderr, format, param);
 	fprintf(stderr, "\n");
 	va_end(param);
@@ -170,7 +196,6 @@
 void dropbear_trace2(const char* format, ...) {
 	static int trace_env = -1;
 	va_list param;
-	struct timeval tv;
 
 	if (trace_env == -1) {
 		trace_env = getenv("DROPBEAR_TRACE2") ? 1 : 0;
@@ -180,193 +205,14 @@
 		return;
 	}
 
-	gettimeofday(&tv, NULL);
-
 	va_start(param, format);
-	fprintf(stderr, "TRACE2 (%d) %d.%d: ", getpid(), (int)tv.tv_sec, (int)tv.tv_usec);
+	fprintf(stderr, "TRACE2 (%d) %f: ", getpid(), time_since_start());
 	vfprintf(stderr, format, param);
 	fprintf(stderr, "\n");
 	va_end(param);
 }
 #endif /* DEBUG_TRACE */
 
-void set_sock_nodelay(int sock) {
-	int val;
-
-	/* disable nagle */
-	val = 1;
-	setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, (void*)&val, sizeof(val));
-}
-
-void set_sock_priority(int sock, enum dropbear_prio prio) {
-
-	int iptos_val = 0, so_prio_val = 0, rc;
-
-	/* Don't log ENOTSOCK errors so that this can harmlessly be called
-	 * on a client '-J' proxy pipe */
-
-	/* set the TOS bit for either ipv4 or ipv6 */
-#ifdef IPTOS_LOWDELAY
-	if (prio == DROPBEAR_PRIO_LOWDELAY) {
-		iptos_val = IPTOS_LOWDELAY;
-	} else if (prio == DROPBEAR_PRIO_BULK) {
-		iptos_val = IPTOS_THROUGHPUT;
-	}
-#if defined(IPPROTO_IPV6) && defined(IPV6_TCLASS)
-	rc = setsockopt(sock, IPPROTO_IPV6, IPV6_TCLASS, (void*)&iptos_val, sizeof(iptos_val));
-	if (rc < 0 && errno != ENOTSOCK) {
-		TRACE(("Couldn't set IPV6_TCLASS (%s)", strerror(errno)));
-	}
-#endif
-	rc = setsockopt(sock, IPPROTO_IP, IP_TOS, (void*)&iptos_val, sizeof(iptos_val));
-	if (rc < 0 && errno != ENOTSOCK) {
-		TRACE(("Couldn't set IP_TOS (%s)", strerror(errno)));
-	}
-#endif
-
-#ifdef SO_PRIORITY
-	if (prio == DROPBEAR_PRIO_LOWDELAY) {
-		so_prio_val = TC_PRIO_INTERACTIVE;
-	} else if (prio == DROPBEAR_PRIO_BULK) {
-		so_prio_val = TC_PRIO_BULK;
-	}
-	/* linux specific, sets QoS class. see tc-prio(8) */
-	rc = setsockopt(sock, SOL_SOCKET, SO_PRIORITY, (void*) &so_prio_val, sizeof(so_prio_val));
-	if (rc < 0 && errno != ENOTSOCK)
-		dropbear_log(LOG_WARNING, "Couldn't set SO_PRIORITY (%s)",
-				strerror(errno));
-#endif
-
-}
-
-/* Listen on address:port. 
- * Special cases are address of "" listening on everything,
- * and address of NULL listening on localhost only.
- * Returns the number of sockets bound on success, or -1 on failure. On
- * failure, if errstring wasn't NULL, it'll be a newly malloced error
- * string.*/
-int dropbear_listen(const char* address, const char* port,
-		int *socks, unsigned int sockcount, char **errstring, int *maxfd) {
-
-	struct addrinfo hints, *res = NULL, *res0 = NULL;
-	int err;
-	unsigned int nsock;
-	struct linger linger;
-	int val;
-	int sock;
-
-	TRACE(("enter dropbear_listen"))
-	
-	memset(&hints, 0, sizeof(hints));
-	hints.ai_family = AF_UNSPEC; /* TODO: let them flag v4 only etc */
-	hints.ai_socktype = SOCK_STREAM;
-
-	/* for calling getaddrinfo:
-	 address == NULL and !AI_PASSIVE: local loopback
-	 address == NULL and AI_PASSIVE: all interfaces
-	 address != NULL: whatever the address says */
-	if (!address) {
-		TRACE(("dropbear_listen: local loopback"))
-	} else {
-		if (address[0] == '\0') {
-			TRACE(("dropbear_listen: all interfaces"))
-			address = NULL;
-		}
-		hints.ai_flags = AI_PASSIVE;
-	}
-	err = getaddrinfo(address, port, &hints, &res0);
-
-	if (err) {
-		if (errstring != NULL && *errstring == NULL) {
-			int len;
-			len = 20 + strlen(gai_strerror(err));
-			*errstring = (char*)m_malloc(len);
-			snprintf(*errstring, len, "Error resolving: %s", gai_strerror(err));
-		}
-		if (res0) {
-			freeaddrinfo(res0);
-			res0 = NULL;
-		}
-		TRACE(("leave dropbear_listen: failed resolving"))
-		return -1;
-	}
-
-
-	nsock = 0;
-	for (res = res0; res != NULL && nsock < sockcount;
-			res = res->ai_next) {
-
-		/* Get a socket */
-		socks[nsock] = socket(res->ai_family, res->ai_socktype,
-				res->ai_protocol);
-
-		sock = socks[nsock]; /* For clarity */
-
-		if (sock < 0) {
-			err = errno;
-			TRACE(("socket() failed"))
-			continue;
-		}
-
-		/* Various useful socket options */
-		val = 1;
-		/* set to reuse, quick timeout */
-		setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void*) &val, sizeof(val));
-		linger.l_onoff = 1;
-		linger.l_linger = 5;
-		setsockopt(sock, SOL_SOCKET, SO_LINGER, (void*)&linger, sizeof(linger));
-
-#if defined(IPPROTO_IPV6) && defined(IPV6_V6ONLY)
-		if (res->ai_family == AF_INET6) {
-			int on = 1;
-			if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, 
-						&on, sizeof(on)) == -1) {
-				dropbear_log(LOG_WARNING, "Couldn't set IPV6_V6ONLY");
-			}
-		}
-#endif
-
-		set_sock_nodelay(sock);
-
-		if (bind(sock, res->ai_addr, res->ai_addrlen) < 0) {
-			err = errno;
-			close(sock);
-			TRACE(("bind(%s) failed", port))
-			continue;
-		}
-
-		if (listen(sock, DROPBEAR_LISTEN_BACKLOG) < 0) {
-			err = errno;
-			close(sock);
-			TRACE(("listen() failed"))
-			continue;
-		}
-
-		*maxfd = MAX(*maxfd, sock);
-
-		nsock++;
-	}
-
-	if (res0) {
-		freeaddrinfo(res0);
-		res0 = NULL;
-	}
-
-	if (nsock == 0) {
-		if (errstring != NULL && *errstring == NULL) {
-			int len;
-			len = 20 + strlen(strerror(err));
-			*errstring = (char*)m_malloc(len);
-			snprintf(*errstring, len, "Error listening: %s", strerror(err));
-		}
-		TRACE(("leave dropbear_listen: failure, %s", strerror(err)))
-		return -1;
-	}
-
-	TRACE(("leave dropbear_listen: success, %d socks bound", nsock))
-	return nsock;
-}
-
 /* Connect to a given unix socket. The socket is blocking */
 #ifdef ENABLE_CONNECT_UNIX
 int connect_unix(const char* path) {
@@ -390,93 +236,6 @@
 }
 #endif
 
-/* Connect via TCP to a host. Connection will try ipv4 or ipv6, will
- * return immediately if nonblocking is set. On failure, if errstring
- * wasn't null, it will be a newly malloced error message */
-
-/* TODO: maxfd */
-int connect_remote(const char* remotehost, const char* remoteport,
-		int nonblocking, char ** errstring) {
-
-	struct addrinfo *res0 = NULL, *res = NULL, hints;
-	int sock;
-	int err;
-
-	TRACE(("enter connect_remote"))
-
-	if (errstring != NULL) {
-		*errstring = NULL;
-	}
-
-	memset(&hints, 0, sizeof(hints));
-	hints.ai_socktype = SOCK_STREAM;
-	hints.ai_family = PF_UNSPEC;
-
-	err = getaddrinfo(remotehost, remoteport, &hints, &res0);
-	if (err) {
-		if (errstring != NULL && *errstring == NULL) {
-			int len;
-			len = 100 + strlen(gai_strerror(err));
-			*errstring = (char*)m_malloc(len);
-			snprintf(*errstring, len, "Error resolving '%s' port '%s'. %s", 
-					remotehost, remoteport, gai_strerror(err));
-		}
-		TRACE(("Error resolving: %s", gai_strerror(err)))
-		return -1;
-	}
-
-	sock = -1;
-	err = EADDRNOTAVAIL;
-	for (res = res0; res; res = res->ai_next) {
-
-		sock = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
-		if (sock < 0) {
-			err = errno;
-			continue;
-		}
-
-		if (nonblocking) {
-			setnonblocking(sock);
-		}
-
-		if (connect(sock, res->ai_addr, res->ai_addrlen) < 0) {
-			if (errno == EINPROGRESS && nonblocking) {
-				TRACE(("Connect in progress"))
-				break;
-			} else {
-				err = errno;
-				close(sock);
-				sock = -1;
-				continue;
-			}
-		}
-
-		break; /* Success */
-	}
-
-	if (sock < 0 && !(errno == EINPROGRESS && nonblocking)) {
-		/* Failed */
-		if (errstring != NULL && *errstring == NULL) {
-			int len;
-			len = 20 + strlen(strerror(err));
-			*errstring = (char*)m_malloc(len);
-			snprintf(*errstring, len, "Error connecting: %s", strerror(err));
-		}
-		TRACE(("Error connecting: %s", strerror(err)))
-	} else {
-		/* Success */
-		set_sock_nodelay(sock);
-	}
-
-	freeaddrinfo(res0);
-	if (sock > 0 && errstring != NULL && *errstring != NULL) {
-		m_free(*errstring);
-	}
-
-	TRACE(("leave connect_remote: sock %d\n", sock))
-	return sock;
-}
-
 /* Sets up a pipe for a, returning three non-blocking file descriptors
  * and the pid. exec_fn is the function that will actually execute the child process,
  * it will be run after the child has fork()ed, and is passed exec_data.
@@ -612,88 +371,6 @@
 	execv(usershell, argv);
 }
 
-void get_socket_address(int fd, char **local_host, char **local_port,
-						char **remote_host, char **remote_port, int host_lookup)
-{
-	struct sockaddr_storage addr;
-	socklen_t addrlen;
-	
-	if (local_host || local_port) {
-		addrlen = sizeof(addr);
-		if (getsockname(fd, (struct sockaddr*)&addr, &addrlen) < 0) {
-			dropbear_exit("Failed socket address: %s", strerror(errno));
-		}
-		getaddrstring(&addr, local_host, local_port, host_lookup);		
-	}
-	if (remote_host || remote_port) {
-		addrlen = sizeof(addr);
-		if (getpeername(fd, (struct sockaddr*)&addr, &addrlen) < 0) {
-			dropbear_exit("Failed socket address: %s", strerror(errno));
-		}
-		getaddrstring(&addr, remote_host, remote_port, host_lookup);		
-	}
-}
-
-/* Return a string representation of the socket address passed. The return
- * value is allocated with malloc() */
-void getaddrstring(struct sockaddr_storage* addr, 
-			char **ret_host, char **ret_port,
-			int host_lookup) {
-
-	char host[NI_MAXHOST+1], serv[NI_MAXSERV+1];
-	unsigned int len;
-	int ret;
-	
-	int flags = NI_NUMERICSERV | NI_NUMERICHOST;
-
-#ifndef DO_HOST_LOOKUP
-	host_lookup = 0;
-#endif
-	
-	if (host_lookup) {
-		flags = NI_NUMERICSERV;
-	}
-
-	len = sizeof(struct sockaddr_storage);
-	/* Some platforms such as Solaris 8 require that len is the length
-	 * of the specific structure. Some older linux systems (glibc 2.1.3
-	 * such as debian potato) have sockaddr_storage.__ss_family instead
-	 * but we'll ignore them */
-#ifdef HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY
-	if (addr->ss_family == AF_INET) {
-		len = sizeof(struct sockaddr_in);
-	}
-#ifdef AF_INET6
-	if (addr->ss_family == AF_INET6) {
-		len = sizeof(struct sockaddr_in6);
-	}
-#endif
-#endif
-
-	ret = getnameinfo((struct sockaddr*)addr, len, host, sizeof(host)-1, 
-			serv, sizeof(serv)-1, flags);
-
-	if (ret != 0) {
-		if (host_lookup) {
-			/* On some systems (Darwin does it) we get EINTR from getnameinfo
-			 * somehow. Eew. So we'll just return the IP, since that doesn't seem
-			 * to exhibit that behaviour. */
-			getaddrstring(addr, ret_host, ret_port, 0);
-			return;
-		} else {
-			/* if we can't do a numeric lookup, something's gone terribly wrong */
-			dropbear_exit("Failed lookup: %s", gai_strerror(ret));
-		}
-	}
-
-	if (ret_host) {
-		*ret_host = m_strdup(host);
-	}
-	if (ret_port) {
-		*ret_port = m_strdup(serv);
-	}
-}
-
 #ifdef DEBUG_TRACE
 void printhex(const char * label, const unsigned char * buf, int len) {
 
@@ -827,12 +504,12 @@
 
 /* make sure that the socket closes */
 void m_close(int fd) {
+	int val;
 
 	if (fd == -1) {
 		return;
 	}
 
-	int val;
 	do {
 		val = close(fd);
 	} while (val < 0 && errno == EINTR);
@@ -936,6 +613,23 @@
 	}
 }
 
+/* Returns malloced path. Only expands ~ in first character */
+char * expand_tilde(const char *inpath) {
+	struct passwd *pw = NULL;
+	if (inpath[0] == '~') {
+		pw = getpwuid(getuid());
+		if (pw && pw->pw_dir) {
+			int len = strlen(inpath) + strlen(pw->pw_dir) + 1;
+			char *buf = m_malloc(len);
+			snprintf(buf, len, "%s/%s", pw->pw_dir, &inpath[1]);
+			return buf;
+		}
+	}
+
+	/* Fallback */
+	return m_strdup(inpath);
+}
+
 int constant_time_memcmp(const void* a, const void *b, size_t n)
 {
 	const char *xa = a, *xb = b;
@@ -1001,3 +695,4 @@
 	return time(NULL);
 }
 
+
--- a/dbutil.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/dbutil.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,12 +22,13 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _DBUTIL_H_
+#ifndef DROPBEAR_DBUTIL_H_
 
-#define _DBUTIL_H_
+#define DROPBEAR_DBUTIL_H_
 
 #include "includes.h"
 #include "buffer.h"
+#include "queue.h"
 
 #ifndef DISABLE_SYSLOG
 void startsyslog();
@@ -58,32 +59,18 @@
 void dropbear_trace2(const char* format, ...) ATTRIB_PRINTF(1,2);
 void printhex(const char * label, const unsigned char * buf, int len);
 void printmpint(const char *label, mp_int *mp);
+void debug_start_net();
 extern int debug_trace;
 #endif
 
-enum dropbear_prio {
-	DROPBEAR_PRIO_DEFAULT = 10,
-	DROPBEAR_PRIO_LOWDELAY = 11,
-	DROPBEAR_PRIO_BULK = 12,
-};
+char * stripcontrol(const char * text);
 
-char * stripcontrol(const char * text);
-void get_socket_address(int fd, char **local_host, char **local_port,
-		char **remote_host, char **remote_port, int host_lookup);
-void getaddrstring(struct sockaddr_storage* addr, 
-		char **ret_host, char **ret_port, int host_lookup);
-void set_sock_nodelay(int sock);
-void set_sock_priority(int sock, enum dropbear_prio prio);
-int dropbear_listen(const char* address, const char* port,
-		int *socks, unsigned int sockcount, char **errstring, int *maxfd);
 int spawn_command(void(*exec_fn)(void *user_data), void *exec_data,
 		int *writefd, int *readfd, int *errfd, pid_t *pid);
 void run_shell_command(const char* cmd, unsigned int maxfd, char* usershell);
 #ifdef ENABLE_CONNECT_UNIX
 int connect_unix(const char* addr);
 #endif
-int connect_remote(const char* remotehost, const char* remoteport,
-		int nonblocking, char ** errstring);
 int buf_readfile(buffer* buf, const char* filename);
 int buf_getline(buffer * line, FILE * authfile);
 
@@ -91,7 +78,7 @@
 void * m_malloc(size_t size);
 void * m_strdup(const char * str);
 void * m_realloc(void* ptr, size_t size);
-#define m_free(X) free(X); (X) = NULL;
+#define m_free(X) do {free(X); (X) = NULL;} while (0); 
 void m_burn(void* data, unsigned int len);
 void setnonblocking(int fd);
 void disallow_core();
@@ -110,5 +97,6 @@
 a real-world clock */
 time_t monotonic_now();
 
+char * expand_tilde(const char *inpath);
 
-#endif /* _DBUTIL_H_ */
+#endif /* DROPBEAR_DBUTIL_H_ */
--- a/debian/changelog	Fri Jan 23 22:32:49 2015 +0800
+++ b/debian/changelog	Mon Mar 16 21:34:05 2015 +0800
@@ -1,3 +1,9 @@
+dropbear (2015.67-0.1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Matt Johnston <[email protected]>  Wed, 28 Jan 2015 22:53:59 +0800
+
 dropbear (2014.66-0.1) unstable; urgency=low
 
   * New upstream release.
--- a/debug.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/debug.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _DEBUG_H_
-#define _DEBUG_H_
+#ifndef DROPBEAR_DEBUG_H_
+#define DROPBEAR_DEBUG_H_
 
 #include "includes.h"
 
@@ -39,7 +39,7 @@
  * Caution: Don't use this in an unfriendly environment (ie unfirewalled),
  * since the printing may not sanitise strings etc. This will add a reasonable
  * amount to your executable size. */
-/* #define DEBUG_TRACE */
+/*#define DEBUG_TRACE*/
 
 /* All functions writing to the cleartext payload buffer call
  * CHECKCLEARTOWRITE() before writing. This is only really useful if you're
--- a/dropbearconvert.1	Fri Jan 23 22:32:49 2015 +0800
+++ b/dropbearconvert.1	Mon Mar 16 21:34:05 2015 +0800
@@ -39,9 +39,9 @@
 An existing Dropbear or OpenSSH private key file
 .TP
 .B output file
-The path to write the converted private key file
+The path to write the converted private key file. For client authentication ~/.ssh/id_dropbear is loaded by default
 .SH EXAMPLE
- # dropbearconvert openssh dropbear ~/.ssh/id_rsa ~/.ssh/dropbear_priv
+ # dropbearconvert openssh dropbear ~/.ssh/id_rsa ~/.ssh/id_dropbear
 .SH AUTHOR
 Matt Johnston ([email protected]).
 .SH SEE ALSO
--- a/dropbearkey.1	Fri Jan 23 22:32:49 2015 +0800
+++ b/dropbearkey.1	Mon Mar 16 21:34:05 2015 +0800
@@ -33,7 +33,7 @@
 .TP
 .B \-f \fIfile
 Write the secret key to the file
-.IR file .
+.IR file . For client authentication ~/.ssh/id_dropbear is loaded by default
 .TP
 .B \-s \fIbits
 Set the key size to
--- a/dropbearkey.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/dropbearkey.c	Mon Mar 16 21:34:05 2015 +0800
@@ -76,7 +76,8 @@
 #ifdef DROPBEAR_ECDSA
 					"		ecdsa\n"
 #endif
-					"-f filename	Use filename for the secret key\n"
+					"-f filename    Use filename for the secret key.\n"
+					"               ~/.ssh/id_dropbear is recommended for client keys.\n"
 					"-s bits	Key size in bits, should be a multiple of 8 (optional)\n"
 #ifdef DROPBEAR_DSS
 					"           DSS has a fixed size of 1024 bits\n"
--- a/dss.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/dss.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _DSS_H_
-#define _DSS_H_
+#ifndef DROPBEAR_DSS_H_
+#define DROPBEAR_DSS_H_
 
 #include "includes.h"
 #include "buffer.h"
@@ -53,4 +53,4 @@
 
 #endif /* DROPBEAR_DSS */
 
-#endif /* _DSS_H_ */
+#endif /* DROPBEAR_DSS_H_ */
--- a/ecc.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/ecc.c	Mon Mar 16 21:34:05 2015 +0800
@@ -86,11 +86,6 @@
 {
 	mp_int *prime, *b, *t1, *t2;
 	int err;
-
-	prime = m_malloc(sizeof(mp_int));
-	b = m_malloc(sizeof(mp_int));
-	t1 = m_malloc(sizeof(mp_int));
-	t2 = m_malloc(sizeof(mp_int));
 	
 	m_mp_alloc_init_multi(&prime, &b, &t1, &t2, NULL);
 	
--- a/ecc.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/ecc.h	Mon Mar 16 21:34:05 2015 +0800
@@ -1,5 +1,5 @@
-#ifndef _DROPBEAR_ECC_H
-#define _DROPBEAR_ECC_H
+#ifndef DROPBEAR_DROPBEAR_ECC_H
+#define DROPBEAR_DROPBEAR_ECC_H
 
 #include "includes.h"
 #include "options.h"
@@ -33,4 +33,4 @@
 
 #endif
 
-#endif /* _DROPBEAR_ECC_H */
+#endif /* DROPBEAR_DROPBEAR_ECC_H */
--- a/ecdsa.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/ecdsa.c	Mon Mar 16 21:34:05 2015 +0800
@@ -131,6 +131,7 @@
 
 	if (buf_getmpint(buf, new_key->k) != DROPBEAR_SUCCESS) {
 		ecc_free(new_key);
+		m_free(new_key);
 		return NULL;
 	}
 
@@ -408,7 +409,7 @@
 out:
 	ltc_ecc_del_point(mG);
 	ltc_ecc_del_point(mQ);
-	mp_clear_multi(r, s, v, w, u1, u2, p, e, m, NULL);
+	ltc_deinit_multi(r, s, v, w, u1, u2, p, e, m, NULL);
 	if (mp != NULL) { 
 		ltc_mp.montgomery_deinit(mp);
 	}
--- a/ecdsa.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/ecdsa.h	Mon Mar 16 21:34:05 2015 +0800
@@ -1,5 +1,5 @@
-#ifndef _ECDSA_H_
-#define _ECDSA_H_
+#ifndef DROPBEAR_ECDSA_H_
+#define DROPBEAR_ECDSA_H_
 
 #include "includes.h"
 #include "buffer.h"
@@ -32,4 +32,4 @@
 
 #endif
 
-#endif /* _ECDSA_H_ */
+#endif /* DROPBEAR_ECDSA_H_ */
--- a/fake-rfc2553.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/fake-rfc2553.h	Mon Mar 16 21:34:05 2015 +0800
@@ -39,8 +39,8 @@
  * that ai_family is AF_INET. Don't use it for another purpose.
  */
 
-#ifndef _FAKE_RFC2553_H
-#define _FAKE_RFC2553_H
+#ifndef DROPBEAR_FAKE_RFC2553_H
+#define DROPBEAR_FAKE_RFC2553_H
 
 #include "includes.h"
 #include <sys/types.h>
--- a/gendss.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/gendss.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _GENDSS_H_
-#define _GENDSS_H_
+#ifndef DROPBEAR_GENDSS_H_
+#define DROPBEAR_GENDSS_H_
 
 #include "dss.h"
 
@@ -33,4 +33,4 @@
 
 #endif /* DROPBEAR_DSS */
 
-#endif /* _GENDSS_H_ */
+#endif /* DROPBEAR_GENDSS_H_ */
--- a/genrsa.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/genrsa.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _GENRSA_H_
-#define _GENRSA_H_
+#ifndef DROPBEAR_GENRSA_H_
+#define DROPBEAR_GENRSA_H_
 
 #include "rsa.h"
 
@@ -33,4 +33,4 @@
 
 #endif /* DROPBEAR_RSA */
 
-#endif /* _GENRSA_H_ */
+#endif /* DROPBEAR_GENRSA_H_ */
--- a/gensignkey.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/gensignkey.h	Mon Mar 16 21:34:05 2015 +0800
@@ -1,5 +1,5 @@
-#ifndef _GENSIGNKEY_H
-#define _GENSIGNKEY_H
+#ifndef DROPBEAR_GENSIGNKEY_H
+#define DROPBEAR_GENSIGNKEY_H
 
 #include "signkey.h"
 
--- a/includes.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/includes.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _INCLUDES_H_
-#define _INCLUDES_H_
+#ifndef DROPBEAR_INCLUDES_H_
+#define DROPBEAR_INCLUDES_H_
 
 
 #include "config.h"
@@ -177,4 +177,4 @@
 # define UNUSED(x) x 
 #endif
 
-#endif /* _INCLUDES_H_ */
+#endif /* DROPBEAR_INCLUDES_H_ */
--- a/kex.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/kex.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _KEX_H_
-#define _KEX_H_
+#ifndef DROPBEAR_KEX_H_
+#define DROPBEAR_KEX_H_
 
 #include "includes.h"
 #include "algo.h"
@@ -113,4 +113,4 @@
 
 #define MAX_KEXHASHBUF 2000
 
-#endif /* _KEX_H_ */
+#endif /* DROPBEAR_KEX_H_ */
--- a/keyimport.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/keyimport.c	Mon Mar 16 21:34:05 2015 +0800
@@ -464,17 +464,16 @@
 		goto error;
 	}
 
-	memset(buffer, 0, sizeof(buffer));
+	m_burn(buffer, sizeof(buffer));
 	return ret;
 
 	error:
-	memset(buffer, 0, sizeof(buffer));
+	m_burn(buffer, sizeof(buffer));
 	if (ret) {
 		if (ret->keyblob) {
-			memset(ret->keyblob, 0, ret->keyblob_size);
+			m_burn(ret->keyblob, ret->keyblob_size);
 			m_free(ret->keyblob);
 		}
-		memset(&ret, 0, sizeof(ret));
 		m_free(ret);
 	}
 	if (fp) {
@@ -494,9 +493,8 @@
 	if (!key)
 		return 0;
 	ret = key->encrypted;
-	memset(key->keyblob, 0, key->keyblob_size);
+	m_burn(key->keyblob, key->keyblob_size);
 	m_free(key->keyblob);
-	memset(&key, 0, sizeof(key));
 	m_free(key);
 	return ret;
 }
@@ -627,7 +625,7 @@
 
 		if (i == 0) {
 			/* First integer is a version indicator */
-			int expected;
+			int expected = -1;
 			switch (key->type) {
 				case OSSH_RSA:
 				case OSSH_DSA:
@@ -810,7 +808,7 @@
 	}
 	m_burn(key->keyblob, key->keyblob_size);
 	m_free(key->keyblob);
-	m_burn(key, sizeof(key));
+	m_burn(key, sizeof(*key));
 	m_free(key);
 	if (errmsg) {
 		fprintf(stderr, "Error: %s\n", errmsg);
@@ -826,7 +824,7 @@
 	unsigned char *outblob = NULL;
 	int outlen = -9999;
 	struct mpint_pos numbers[9];
-	int nnumbers = -1, pos, len, seqlen, i;
+	int nnumbers = -1, pos = 0, len = 0, seqlen, i;
 	char *header = NULL, *footer = NULL;
 	char zero[1];
 	int ret = 0;
@@ -1046,6 +1044,7 @@
 		const void* curve_oid = NULL;
 		unsigned long pubkey_size = 2*curve_size+1;
 		unsigned int k_size;
+		int err = 0;
 
 		/* version. less than 10 bytes */
 		buf_incrwritepos(seq_buf,
@@ -1091,7 +1090,7 @@
 		buf_incrwritepos(seq_buf,
 			ber_write_id_len(buf_getwriteptr(seq_buf, 10), 3, 1+pubkey_size, 0));
 		buf_putbyte(seq_buf, 0);
-		int err = ecc_ansi_x963_export(*eck, buf_getwriteptr(seq_buf, pubkey_size), &pubkey_size);
+		err = ecc_ansi_x963_export(*eck, buf_getwriteptr(seq_buf, pubkey_size), &pubkey_size);
 		if (err != CRYPT_OK) {
 			dropbear_exit("ECC error");
 		}
--- a/keyimport.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/keyimport.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _KEYIMPORT_H_
-#define _KEYIMPORT_H_
+#ifndef DROPBEAR_KEYIMPORT_H_
+#define DROPBEAR_KEYIMPORT_H_
 
 #include "includes.h"
 #include "signkey.h"
@@ -39,4 +39,4 @@
 sign_key *import_read(const char *filename, char *passphrase, int filetype);
 int import_encrypted(const char* filename, int filetype);
 
-#endif /* _KEYIMPORT_H_ */
+#endif /* DROPBEAR_KEYIMPORT_H_ */
--- a/libtomcrypt/src/headers/tomcrypt_argchk.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/libtomcrypt/src/headers/tomcrypt_argchk.h	Mon Mar 16 21:34:05 2015 +0800
@@ -4,8 +4,16 @@
 
 #include <signal.h>
 
+/* portability macros for compiler-specific code attributes */
+#ifdef __GNUC__
+#define ATTRIB_NORETURN __attribute__((noreturn))
+#else
+#define ATTRIB_NORETURN
+#endif
+
+
 /* this is the default LibTomCrypt macro  */
-void crypt_argchk(char *v, char *s, int d);
+void crypt_argchk(char *v, char *s, int d) ATTRIB_NORETURN;
 #define LTC_ARGCHK(x) if (!(x)) { crypt_argchk(#x, __FILE__, __LINE__); }
 #define LTC_ARGCHKVD(x) LTC_ARGCHK(x)
 
--- a/libtomcrypt/src/mac/hmac/hmac_done.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/libtomcrypt/src/mac/hmac/hmac_done.c	Mon Mar 16 21:34:05 2015 +0800
@@ -28,7 +28,7 @@
 */
 int hmac_done(hmac_state *hmac, unsigned char *out, unsigned long *outlen)
 {
-    unsigned char *buf, *isha;
+    unsigned char buf[MAXBLOCKSIZE], isha[MAXBLOCKSIZE];
     unsigned long hashsize, i;
     int hash, err;
 
@@ -44,19 +44,6 @@
     /* get the hash message digest size */
     hashsize = hash_descriptor[hash].hashsize;
 
-    /* allocate buffers */
-    buf  = XMALLOC(HMAC_BLOCKSIZE);
-    isha = XMALLOC(hashsize);
-    if (buf == NULL || isha == NULL) { 
-       if (buf != NULL) {
-          XFREE(buf);
-       } 
-       if (isha != NULL) {
-          XFREE(isha);
-       }  
-       return CRYPT_MEM;
-    }
-
     /* Get the hash of the first HMAC vector plus the data */
     if ((err = hash_descriptor[hash].done(&hmac->md, isha)) != CRYPT_OK) {
        goto LBL_ERR;
@@ -96,9 +83,6 @@
     zeromem(hmac, sizeof(*hmac));
 #endif
 
-    XFREE(isha);
-    XFREE(buf);
-
     return err;
 }
 
--- a/libtomcrypt/src/mac/hmac/hmac_init.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/libtomcrypt/src/mac/hmac/hmac_init.c	Mon Mar 16 21:34:05 2015 +0800
@@ -29,7 +29,7 @@
 */
 int hmac_init(hmac_state *hmac, int hash, const unsigned char *key, unsigned long keylen)
 {
-    unsigned char *buf;
+    unsigned char buf[MAXBLOCKSIZE];
     unsigned long hashsize;
     unsigned long i, z;
     int err;
@@ -49,16 +49,9 @@
         return CRYPT_INVALID_KEYSIZE;
     }
 
-    /* allocate ram for buf */
-    buf = XMALLOC(HMAC_BLOCKSIZE);
-    if (buf == NULL) {
-       return CRYPT_MEM;
-    }
-
     /* allocate memory for key */
     hmac->key = XMALLOC(HMAC_BLOCKSIZE);
     if (hmac->key == NULL) {
-       XFREE(buf);
        return CRYPT_MEM;
     }
 
@@ -101,7 +94,6 @@
    zeromem(buf, HMAC_BLOCKSIZE);
 #endif
  
-   XFREE(buf);
    return err;    
 }
 
--- a/list.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/list.h	Mon Mar 16 21:34:05 2015 +0800
@@ -1,5 +1,5 @@
-#ifndef _DROPBEAR_LIST_H
-#define _DROPBEAR_LIST_H
+#ifndef DROPBEAR_DROPBEAR_LIST_H
+#define DROPBEAR_DROPBEAR_LIST_H
 
 struct _m_list;
 
@@ -25,4 +25,4 @@
 void * list_remove(m_list_elem *elem);
 
 
-#endif /* _DROPBEAR_LIST_H */
+#endif /* DROPBEAR_DROPBEAR_LIST_H */
--- a/listener.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/listener.c	Mon Mar 16 21:34:05 2015 +0800
@@ -161,5 +161,14 @@
 	}
 	ses.listeners[listener->index] = NULL;
 	m_free(listener);
+}
 
+void remove_all_listeners(void) {
+	unsigned int i;
+	for (i = 0; i < ses.listensize; i++) {
+		if (ses.listeners[i]) {
+			remove_listener(ses.listeners[i]);
+		}
+	}
+	m_free(ses.listeners);
 }
--- a/listener.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/listener.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _LISTENER_H
-#define _LISTENER_H
+#ifndef DROPBEAR_LISTENER_H
+#define DROPBEAR_LISTENER_H
 
 #define MAX_LISTENERS 20
 #define LISTENER_EXTEND_SIZE 1
@@ -60,4 +60,6 @@
 
 void remove_listener(struct Listener* listener);
 
-#endif /* _LISTENER_H */
+void remove_all_listeners(void);
+
+#endif /* DROPBEAR_LISTENER_H */
--- a/loginrec.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/loginrec.h	Mon Mar 16 21:34:05 2015 +0800
@@ -1,5 +1,5 @@
-#ifndef _HAVE_LOGINREC_H_
-#define _HAVE_LOGINREC_H_
+#ifndef DROPBEAR_HAVE_LOGINREC_H_
+#define DROPBEAR_HAVE_LOGINREC_H_
 
 /*
  * Copyright (c) 2000 Andre Lucas.  All rights reserved.
@@ -182,4 +182,4 @@
 char *line_stripname(char *dst, const char *src, size_t dstsize);
 char *line_abbrevname(char *dst, const char *src, size_t dstsize);
 
-#endif /* _HAVE_LOGINREC_H_ */
+#endif /* DROPBEAR_HAVE_LOGINREC_H_ */
--- a/ltc_prng.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/ltc_prng.h	Mon Mar 16 21:34:05 2015 +0800
@@ -1,5 +1,5 @@
-#ifndef _LTC_PRNG_H_DROPBEAR
-#define _LTC_PRNG_H_DROPBEAR
+#ifndef DROPBEAR_LTC_PRNG_H_DROPBEAR
+#define DROPBEAR_LTC_PRNG_H_DROPBEAR
 
 #include "options.h"
 #include "includes.h"
@@ -10,4 +10,4 @@
 
 #endif /* DROPBEAR_LTC_PRNG */
 
-#endif /* _LTC_PRNG_H_DROPBEAR */
+#endif /* DROPBEAR_LTC_PRNG_H_DROPBEAR */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/netio.c	Mon Mar 16 21:34:05 2015 +0800
@@ -0,0 +1,582 @@
+#include "netio.h"
+#include "list.h"
+#include "dbutil.h"
+#include "session.h"
+#include "debug.h"
+
+struct dropbear_progress_connection {
+	struct addrinfo *res;
+	struct addrinfo *res_iter;
+
+	char *remotehost, *remoteport; /* For error reporting */
+
+	connect_callback cb;
+	void *cb_data;
+
+	struct Queue *writequeue; /* A queue of encrypted packets to send with TCP fastopen,
+								or NULL. */
+
+	int sock;
+
+	char* errstring;
+};
+
+#if defined(__linux__) && defined(TCP_DEFER_ACCEPT)
+static void set_piggyback_ack(int sock) {
+	/* Undocumented Linux feature - set TCP_DEFER_ACCEPT and data will be piggybacked
+	on the 3rd packet (ack) of the TCP handshake. Saves a IP packet.
+	http://thread.gmane.org/gmane.linux.network/224627/focus=224727
+	"Piggyback the final ACK of the three way TCP connection establishment with the data" */
+	int val = 1;
+	/* No error checking, this is opportunistic */
+	int err = setsockopt(sock, IPPROTO_TCP, TCP_DEFER_ACCEPT, (void*)&val, sizeof(val));
+	if (err)
+	{
+		TRACE(("Failed setsockopt TCP_DEFER_ACCEPT: %s", strerror(errno)))
+	}
+}
+#endif
+
+
+/* Deallocate a progress connection. Removes from the pending list if iter!=NULL.
+Does not close sockets */
+static void remove_connect(struct dropbear_progress_connection *c, m_list_elem *iter) {
+	if (c->res) {
+		freeaddrinfo(c->res);
+	}
+	m_free(c->remotehost);
+	m_free(c->remoteport);
+	m_free(c->errstring);
+	m_free(c);
+
+	if (iter) {
+		list_remove(iter);
+	}
+}
+
+static void cancel_callback(int result, int sock, void* UNUSED(data), const char* UNUSED(errstring)) {
+	if (result == DROPBEAR_SUCCESS)
+	{
+		m_close(sock);
+	}
+}
+
+void cancel_connect(struct dropbear_progress_connection *c) {
+	c->cb = cancel_callback;
+	c->cb_data = NULL;
+}
+
+static void connect_try_next(struct dropbear_progress_connection *c) {
+	struct addrinfo *r;
+	int res = 0;
+	int fastopen = 0;
+#ifdef DROPBEAR_TCP_FAST_OPEN
+	struct msghdr message;
+#endif
+
+	for (r = c->res_iter; r; r = r->ai_next)
+	{
+		dropbear_assert(c->sock == -1);
+
+		c->sock = socket(c->res_iter->ai_family, c->res_iter->ai_socktype, c->res_iter->ai_protocol);
+		if (c->sock < 0) {
+			continue;
+		}
+
+		ses.maxfd = MAX(ses.maxfd, c->sock);
+		set_sock_nodelay(c->sock);
+		setnonblocking(c->sock);
+
+#if defined(__linux__) && defined(TCP_DEFER_ACCEPT)
+		set_piggyback_ack(c->sock);
+#endif
+
+#ifdef DROPBEAR_TCP_FAST_OPEN
+		fastopen = (c->writequeue != NULL);
+
+		memset(&message, 0x0, sizeof(message));
+		message.msg_name = r->ai_addr;
+		message.msg_namelen = r->ai_addrlen;
+
+		if (c->writequeue) {
+			int iovlen; /* Linux msg_iovlen is a size_t */
+			message.msg_iov = packet_queue_to_iovec(c->writequeue, &iovlen);
+			message.msg_iovlen = iovlen;
+			res = sendmsg(c->sock, &message, MSG_FASTOPEN);
+			if (res < 0 && errno != EINPROGRESS) {
+				m_free(c->errstring);
+				c->errstring = m_strdup(strerror(errno));
+				/* Not entirely sure which kind of errors are normal - 2.6.32 seems to 
+				return EPIPE for any (nonblocking?) sendmsg(). just fall back */
+				TRACE(("sendmsg tcp_fastopen failed, falling back. %s", strerror(errno)));
+				/* No kernel MSG_FASTOPEN support. Fall back below */
+				fastopen = 0;
+				/* Set to NULL to avoid trying again */
+				c->writequeue = NULL;
+			}
+			m_free(message.msg_iov);
+			packet_queue_consume(c->writequeue, res);
+		}
+#endif
+
+		/* Normal connect(), used as fallback for TCP fastopen too */
+		if (!fastopen) {
+			res = connect(c->sock, r->ai_addr, r->ai_addrlen);
+		}
+
+		if (res < 0 && errno != EINPROGRESS) {
+			/* failure */
+			m_free(c->errstring);
+			c->errstring = m_strdup(strerror(errno));
+			close(c->sock);
+			c->sock = -1;
+			continue;
+		} else {
+			/* new connection was successful, wait for it to complete */
+			break;
+		}
+	}
+
+	if (r) {
+		c->res_iter = r->ai_next;
+	} else {
+		c->res_iter = NULL;
+	}
+}
+
+/* Connect via TCP to a host. */
+struct dropbear_progress_connection *connect_remote(const char* remotehost, const char* remoteport,
+	connect_callback cb, void* cb_data)
+{
+	struct dropbear_progress_connection *c = NULL;
+	int err;
+	struct addrinfo hints;
+
+	c = m_malloc(sizeof(*c));
+	c->remotehost = m_strdup(remotehost);
+	c->remoteport = m_strdup(remoteport);
+	c->sock = -1;
+	c->cb = cb;
+	c->cb_data = cb_data;
+
+	list_append(&ses.conn_pending, c);
+
+	memset(&hints, 0, sizeof(hints));
+	hints.ai_socktype = SOCK_STREAM;
+	hints.ai_family = PF_UNSPEC;
+
+	err = getaddrinfo(remotehost, remoteport, &hints, &c->res);
+	if (err) {
+		int len;
+		len = 100 + strlen(gai_strerror(err));
+		c->errstring = (char*)m_malloc(len);
+		snprintf(c->errstring, len, "Error resolving '%s' port '%s'. %s", 
+				remotehost, remoteport, gai_strerror(err));
+		TRACE(("Error resolving: %s", gai_strerror(err)))
+	} else {
+		c->res_iter = c->res;
+	}
+
+	return c;
+}
+
+void remove_connect_pending() {
+	while (ses.conn_pending.first) {
+		struct dropbear_progress_connection *c = ses.conn_pending.first->item;
+		remove_connect(c, ses.conn_pending.first);
+	}
+}
+
+
+void set_connect_fds(fd_set *writefd) {
+	m_list_elem *iter;
+	TRACE(("enter handle_connect_fds"))
+	for (iter = ses.conn_pending.first; iter; iter = iter->next) {
+		struct dropbear_progress_connection *c = iter->item;
+		/* Set one going */
+		while (c->res_iter && c->sock < 0)
+		{
+			connect_try_next(c);
+		}
+		if (c->sock >= 0) {
+			FD_SET(c->sock, writefd);
+		} else {
+			m_list_elem *remove_iter;
+			/* Final failure */
+			if (!c->errstring) {
+				c->errstring = m_strdup("unexpected failure");
+			}
+			c->cb(DROPBEAR_FAILURE, -1, c->cb_data, c->errstring);
+			/* Safely remove without invalidating iter */
+			remove_iter = iter;
+			iter = iter->prev;
+			remove_connect(c, remove_iter);
+		}
+	}
+}
+
+void handle_connect_fds(fd_set *writefd) {
+	m_list_elem *iter;
+	TRACE(("enter handle_connect_fds"))
+	for (iter = ses.conn_pending.first; iter; iter = iter->next) {
+		int val;
+		socklen_t vallen = sizeof(val);
+		struct dropbear_progress_connection *c = iter->item;
+
+		if (c->sock < 0 || !FD_ISSET(c->sock, writefd)) {
+			continue;
+		}
+
+		TRACE(("handling %s port %s socket %d", c->remotehost, c->remoteport, c->sock));
+
+		if (getsockopt(c->sock, SOL_SOCKET, SO_ERROR, &val, &vallen) != 0) {
+			TRACE(("handle_connect_fds getsockopt(%d) SO_ERROR failed: %s", c->sock, strerror(errno)))
+			/* This isn't expected to happen - Unix has surprises though, continue gracefully. */
+			m_close(c->sock);
+			c->sock = -1;
+		} else if (val != 0) {
+			/* Connect failed */
+			TRACE(("connect to %s port %s failed.", c->remotehost, c->remoteport))
+			m_close(c->sock);
+			c->sock = -1;
+
+			m_free(c->errstring);
+			c->errstring = m_strdup(strerror(val));
+		} else {
+			/* New connection has been established */
+			c->cb(DROPBEAR_SUCCESS, c->sock, c->cb_data, NULL);
+			remove_connect(c, iter);
+			TRACE(("leave handle_connect_fds - success"))
+			/* Must return here - remove_connect() invalidates iter */
+			return; 
+		}
+	}
+	TRACE(("leave handle_connect_fds - end iter"))
+}
+
+void connect_set_writequeue(struct dropbear_progress_connection *c, struct Queue *writequeue) {
+	c->writequeue = writequeue;
+}
+
+struct iovec * packet_queue_to_iovec(struct Queue *queue, int *ret_iov_count) {
+	struct iovec *iov = NULL;
+	struct Link *l;
+	unsigned int i;
+	int len;
+	buffer *writebuf;
+
+	#ifndef IOV_MAX
+	#define IOV_MAX UIO_MAXIOV
+	#endif
+
+	*ret_iov_count = MIN(queue->count, IOV_MAX);
+
+	iov = m_malloc(sizeof(*iov) * *ret_iov_count);
+	for (l = queue->head, i = 0; l; l = l->link, i++)
+	{
+		writebuf = (buffer*)l->item;
+		len = writebuf->len - 1 - writebuf->pos;
+		dropbear_assert(len > 0);
+		TRACE2(("write_packet writev #%d  type %d len %d/%d", i, writebuf->data[writebuf->len-1],
+				len, writebuf->len-1))
+		iov[i].iov_base = buf_getptr(writebuf, len);
+		iov[i].iov_len = len;
+	}
+
+	return iov;
+}
+
+void packet_queue_consume(struct Queue *queue, ssize_t written) {
+	buffer *writebuf;
+	int len;
+	while (written > 0) {
+		writebuf = (buffer*)examine(queue);
+		len = writebuf->len - 1 - writebuf->pos;
+		if (len > written) {
+			/* partial buffer write */
+			buf_incrpos(writebuf, written);
+			written = 0;
+		} else {
+			written -= len;
+			dequeue(queue);
+			buf_free(writebuf);
+		}
+	}
+}
+
+void set_sock_nodelay(int sock) {
+	int val;
+
+	/* disable nagle */
+	val = 1;
+	setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, (void*)&val, sizeof(val));
+}
+
+#ifdef DROPBEAR_TCP_FAST_OPEN
+void set_listen_fast_open(int sock) {
+	int qlen = MAX(MAX_UNAUTH_PER_IP, 5);
+	if (setsockopt(sock, SOL_TCP, TCP_FASTOPEN, &qlen, sizeof(qlen)) != 0) {
+		TRACE(("set_listen_fast_open failed for socket %d: %s", sock, strerror(errno)))
+	}
+}
+
+#endif
+
+void set_sock_priority(int sock, enum dropbear_prio prio) {
+
+	int rc;
+#ifdef IPTOS_LOWDELAY
+	int iptos_val = 0;
+#endif
+#ifdef SO_PRIORITY
+	int so_prio_val = 0;
+#endif
+
+
+	/* Don't log ENOTSOCK errors so that this can harmlessly be called
+	 * on a client '-J' proxy pipe */
+
+	/* set the TOS bit for either ipv4 or ipv6 */
+#ifdef IPTOS_LOWDELAY
+	if (prio == DROPBEAR_PRIO_LOWDELAY) {
+		iptos_val = IPTOS_LOWDELAY;
+	} else if (prio == DROPBEAR_PRIO_BULK) {
+		iptos_val = IPTOS_THROUGHPUT;
+	}
+#if defined(IPPROTO_IPV6) && defined(IPV6_TCLASS)
+	rc = setsockopt(sock, IPPROTO_IPV6, IPV6_TCLASS, (void*)&iptos_val, sizeof(iptos_val));
+	if (rc < 0 && errno != ENOTSOCK) {
+		TRACE(("Couldn't set IPV6_TCLASS (%s)", strerror(errno)));
+	}
+#endif
+	rc = setsockopt(sock, IPPROTO_IP, IP_TOS, (void*)&iptos_val, sizeof(iptos_val));
+	if (rc < 0 && errno != ENOTSOCK) {
+		TRACE(("Couldn't set IP_TOS (%s)", strerror(errno)));
+	}
+#endif
+
+#ifdef SO_PRIORITY
+	if (prio == DROPBEAR_PRIO_LOWDELAY) {
+		so_prio_val = TC_PRIO_INTERACTIVE;
+	} else if (prio == DROPBEAR_PRIO_BULK) {
+		so_prio_val = TC_PRIO_BULK;
+	}
+	/* linux specific, sets QoS class. see tc-prio(8) */
+	rc = setsockopt(sock, SOL_SOCKET, SO_PRIORITY, (void*) &so_prio_val, sizeof(so_prio_val));
+	if (rc < 0 && errno != ENOTSOCK)
+		dropbear_log(LOG_WARNING, "Couldn't set SO_PRIORITY (%s)",
+				strerror(errno));
+#endif
+
+}
+
+/* Listen on address:port. 
+ * Special cases are address of "" listening on everything,
+ * and address of NULL listening on localhost only.
+ * Returns the number of sockets bound on success, or -1 on failure. On
+ * failure, if errstring wasn't NULL, it'll be a newly malloced error
+ * string.*/
+int dropbear_listen(const char* address, const char* port,
+		int *socks, unsigned int sockcount, char **errstring, int *maxfd) {
+
+	struct addrinfo hints, *res = NULL, *res0 = NULL;
+	int err;
+	unsigned int nsock;
+	struct linger linger;
+	int val;
+	int sock;
+
+	TRACE(("enter dropbear_listen"))
+	
+	memset(&hints, 0, sizeof(hints));
+	hints.ai_family = AF_UNSPEC; /* TODO: let them flag v4 only etc */
+	hints.ai_socktype = SOCK_STREAM;
+
+	/* for calling getaddrinfo:
+	 address == NULL and !AI_PASSIVE: local loopback
+	 address == NULL and AI_PASSIVE: all interfaces
+	 address != NULL: whatever the address says */
+	if (!address) {
+		TRACE(("dropbear_listen: local loopback"))
+	} else {
+		if (address[0] == '\0') {
+			TRACE(("dropbear_listen: all interfaces"))
+			address = NULL;
+		}
+		hints.ai_flags = AI_PASSIVE;
+	}
+	err = getaddrinfo(address, port, &hints, &res0);
+
+	if (err) {
+		if (errstring != NULL && *errstring == NULL) {
+			int len;
+			len = 20 + strlen(gai_strerror(err));
+			*errstring = (char*)m_malloc(len);
+			snprintf(*errstring, len, "Error resolving: %s", gai_strerror(err));
+		}
+		if (res0) {
+			freeaddrinfo(res0);
+			res0 = NULL;
+		}
+		TRACE(("leave dropbear_listen: failed resolving"))
+		return -1;
+	}
+
+
+	nsock = 0;
+	for (res = res0; res != NULL && nsock < sockcount;
+			res = res->ai_next) {
+
+		/* Get a socket */
+		socks[nsock] = socket(res->ai_family, res->ai_socktype,
+				res->ai_protocol);
+
+		sock = socks[nsock]; /* For clarity */
+
+		if (sock < 0) {
+			err = errno;
+			TRACE(("socket() failed"))
+			continue;
+		}
+
+		/* Various useful socket options */
+		val = 1;
+		/* set to reuse, quick timeout */
+		setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void*) &val, sizeof(val));
+		linger.l_onoff = 1;
+		linger.l_linger = 5;
+		setsockopt(sock, SOL_SOCKET, SO_LINGER, (void*)&linger, sizeof(linger));
+
+#if defined(IPPROTO_IPV6) && defined(IPV6_V6ONLY)
+		if (res->ai_family == AF_INET6) {
+			int on = 1;
+			if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, 
+						&on, sizeof(on)) == -1) {
+				dropbear_log(LOG_WARNING, "Couldn't set IPV6_V6ONLY");
+			}
+		}
+#endif
+
+		set_sock_nodelay(sock);
+
+		if (bind(sock, res->ai_addr, res->ai_addrlen) < 0) {
+			err = errno;
+			close(sock);
+			TRACE(("bind(%s) failed", port))
+			continue;
+		}
+
+		if (listen(sock, DROPBEAR_LISTEN_BACKLOG) < 0) {
+			err = errno;
+			close(sock);
+			TRACE(("listen() failed"))
+			continue;
+		}
+
+		*maxfd = MAX(*maxfd, sock);
+
+		nsock++;
+	}
+
+	if (res0) {
+		freeaddrinfo(res0);
+		res0 = NULL;
+	}
+
+	if (nsock == 0) {
+		if (errstring != NULL && *errstring == NULL) {
+			int len;
+			len = 20 + strlen(strerror(err));
+			*errstring = (char*)m_malloc(len);
+			snprintf(*errstring, len, "Error listening: %s", strerror(err));
+		}
+		TRACE(("leave dropbear_listen: failure, %s", strerror(err)))
+		return -1;
+	}
+
+	TRACE(("leave dropbear_listen: success, %d socks bound", nsock))
+	return nsock;
+}
+
+void get_socket_address(int fd, char **local_host, char **local_port,
+						char **remote_host, char **remote_port, int host_lookup)
+{
+	struct sockaddr_storage addr;
+	socklen_t addrlen;
+	
+	if (local_host || local_port) {
+		addrlen = sizeof(addr);
+		if (getsockname(fd, (struct sockaddr*)&addr, &addrlen) < 0) {
+			dropbear_exit("Failed socket address: %s", strerror(errno));
+		}
+		getaddrstring(&addr, local_host, local_port, host_lookup);		
+	}
+	if (remote_host || remote_port) {
+		addrlen = sizeof(addr);
+		if (getpeername(fd, (struct sockaddr*)&addr, &addrlen) < 0) {
+			dropbear_exit("Failed socket address: %s", strerror(errno));
+		}
+		getaddrstring(&addr, remote_host, remote_port, host_lookup);		
+	}
+}
+
+/* Return a string representation of the socket address passed. The return
+ * value is allocated with malloc() */
+void getaddrstring(struct sockaddr_storage* addr, 
+			char **ret_host, char **ret_port,
+			int host_lookup) {
+
+	char host[NI_MAXHOST+1], serv[NI_MAXSERV+1];
+	unsigned int len;
+	int ret;
+	
+	int flags = NI_NUMERICSERV | NI_NUMERICHOST;
+
+#ifndef DO_HOST_LOOKUP
+	host_lookup = 0;
+#endif
+	
+	if (host_lookup) {
+		flags = NI_NUMERICSERV;
+	}
+
+	len = sizeof(struct sockaddr_storage);
+	/* Some platforms such as Solaris 8 require that len is the length
+	 * of the specific structure. Some older linux systems (glibc 2.1.3
+	 * such as debian potato) have sockaddr_storage.__ss_family instead
+	 * but we'll ignore them */
+#ifdef HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY
+	if (addr->ss_family == AF_INET) {
+		len = sizeof(struct sockaddr_in);
+	}
+#ifdef AF_INET6
+	if (addr->ss_family == AF_INET6) {
+		len = sizeof(struct sockaddr_in6);
+	}
+#endif
+#endif
+
+	ret = getnameinfo((struct sockaddr*)addr, len, host, sizeof(host)-1, 
+			serv, sizeof(serv)-1, flags);
+
+	if (ret != 0) {
+		if (host_lookup) {
+			/* On some systems (Darwin does it) we get EINTR from getnameinfo
+			 * somehow. Eew. So we'll just return the IP, since that doesn't seem
+			 * to exhibit that behaviour. */
+			getaddrstring(addr, ret_host, ret_port, 0);
+			return;
+		} else {
+			/* if we can't do a numeric lookup, something's gone terribly wrong */
+			dropbear_exit("Failed lookup: %s", gai_strerror(ret));
+		}
+	}
+
+	if (ret_host) {
+		*ret_host = m_strdup(host);
+	}
+	if (ret_port) {
+		*ret_port = m_strdup(serv);
+	}
+}
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/netio.h	Mon Mar 16 21:34:05 2015 +0800
@@ -0,0 +1,63 @@
+#ifndef DROPBEAR_NETIO_H
+#define DROPBEAR_NETIO_H
+
+#include "includes.h"
+#include "buffer.h"
+#include "queue.h"
+
+enum dropbear_prio {
+	DROPBEAR_PRIO_DEFAULT = 10,
+	DROPBEAR_PRIO_LOWDELAY = 11,
+	DROPBEAR_PRIO_BULK = 12,
+};
+
+void set_sock_nodelay(int sock);
+void set_sock_priority(int sock, enum dropbear_prio prio);
+
+void get_socket_address(int fd, char **local_host, char **local_port,
+		char **remote_host, char **remote_port, int host_lookup);
+void getaddrstring(struct sockaddr_storage* addr, 
+		char **ret_host, char **ret_port, int host_lookup);
+int dropbear_listen(const char* address, const char* port,
+		int *socks, unsigned int sockcount, char **errstring, int *maxfd);
+
+struct dropbear_progress_connection;
+
+/* result is DROPBEAR_SUCCESS or DROPBEAR_FAILURE.
+errstring is only set on DROPBEAR_FAILURE, returns failure message for the last attempted socket */
+typedef void(*connect_callback)(int result, int sock, void* data, const char* errstring);
+
+/* Always returns a progress connection, if it fails it will call the callback at a later point */
+struct dropbear_progress_connection * connect_remote (const char* remotehost, const char* remoteport,
+	connect_callback cb, void *cb_data);
+
+/* Sets up for select() */
+void set_connect_fds(fd_set *writefd);
+/* Handles ready sockets after select() */
+void handle_connect_fds(fd_set *writefd);
+/* Cleanup */
+void remove_connect_pending();
+
+/* Doesn't actually stop the connect, but adds a dummy callback instead */
+void cancel_connect(struct dropbear_progress_connection *c);
+
+void connect_set_writequeue(struct dropbear_progress_connection *c, struct Queue *writequeue);
+
+/* TODO: writev #ifdef guard */
+struct iovec * packet_queue_to_iovec(struct Queue *queue, int *ret_iov_count);
+void packet_queue_consume(struct Queue *queue, ssize_t written);
+
+#ifdef DROPBEAR_TCP_FAST_OPEN
+/* Try for any Linux builds, will fall back if the kernel doesn't support it */
+void set_listen_fast_open(int sock);
+/* Define values which may be supported by the kernel even if the libc is too old */
+#ifndef TCP_FASTOPEN
+#define TCP_FASTOPEN 23
+#endif
+#ifndef MSG_FASTOPEN
+#define MSG_FASTOPEN 0x20000000
+#endif
+#endif
+
+#endif
+
--- a/options.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/options.h	Mon Mar 16 21:34:05 2015 +0800
@@ -2,8 +2,8 @@
  * Copyright (c) 2002,2003 Matt Johnston
  * All rights reserved. See LICENSE for the license. */
 
-#ifndef _OPTIONS_H_
-#define _OPTIONS_H_
+#ifndef DROPBEAR_OPTIONS_H_
+#define DROPBEAR_OPTIONS_H_
 
 /* Define compile-time options below - the "#ifndef DROPBEAR_XXX .... #endif"
  * parts are to allow for commandline -DDROPBEAR_XXX options etc. */
@@ -98,6 +98,10 @@
 #define DROPBEAR_TWOFISH256
 #define DROPBEAR_TWOFISH128
 
+/* Enable CBC mode for ciphers. This has security issues though
+ * is the most compatible with older SSH implementations */
+#define DROPBEAR_ENABLE_CBC_MODE
+
 /* Enable "Counter Mode" for ciphers. This is more secure than normal
  * CBC mode against certain attacks. This adds around 1kB to binary 
  * size and is recommended for most cases */
@@ -170,6 +174,11 @@
 #define DROPBEAR_ZLIB_WINDOW_BITS 15 
 #endif
 
+/* Server won't allow zlib compression until after authentication. Prevents
+   flaws in the zlib library being unauthenticated exploitable flaws.
+   Some old ssh clients may not support the alternative [email protected] method */
+#define DROPBEAR_SERVER_DELAY_ZLIB 1
+
 /* Whether to do reverse DNS lookups. */
 /*#define DO_HOST_LOOKUP */
 
@@ -200,6 +209,10 @@
 #define ENABLE_CLI_PUBKEY_AUTH
 #define ENABLE_CLI_INTERACT_AUTH
 
+/* A default argument for dbclient -i <privatekey>. 
+   leading "~" is expanded */
+#define DROPBEAR_DEFAULT_CLI_AUTHKEY "~/.ssh/id_dropbear"
+
 /* This variable can be used to set a password for client
  * authentication on the commandline. Beware of platforms
  * that don't protect environment variables of processes etc. Also
@@ -269,7 +282,7 @@
 
 /* This is used by the scp binary when used as a client binary. If you're
  * not using the Dropbear client, you'll need to change it */
-#define _PATH_SSH_PROGRAM "/usr/bin/dbclient"
+#define DROPBEAR_PATH_SSH_PROGRAM "/usr/bin/dbclient"
 
 /* Whether to log commands executed by a client. This only logs the 
  * (single) command sent to the server, not what a user did in a 
@@ -317,4 +330,4 @@
  * in sysoptions.h */
 #include "sysoptions.h"
 
-#endif /* _OPTIONS_H_ */
+#endif /* DROPBEAR_OPTIONS_H_ */
--- a/packet.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/packet.c	Mon Mar 16 21:34:05 2015 +0800
@@ -34,6 +34,7 @@
 #include "service.h"
 #include "auth.h"
 #include "channel.h"
+#include "netio.h"
 
 static int read_packet_init();
 static void make_mac(unsigned int seqno, const struct key_context_directional * key_state,
@@ -55,14 +56,10 @@
 /* non-blocking function writing out a current encrypted packet */
 void write_packet() {
 
-	int len, written;
-	buffer * writebuf = NULL;
-	unsigned packet_type;
+	ssize_t written;
 #ifdef HAVE_WRITEV
 	struct iovec *iov = NULL;
-	int i;
-	struct Link *l;
-	int iov_max_count;
+	int iov_count;
 #endif
 	
 	TRACE2(("enter write_packet"))
@@ -70,62 +67,28 @@
 
 #if defined(HAVE_WRITEV) && (defined(IOV_MAX) || defined(UIO_MAXIOV))
 
-#ifndef IOV_MAX
-#define IOV_MAX UIO_MAXIOV
-#endif
-
-	/* Make sure the size of the iov is below the maximum allowed by the OS. */
-	iov_max_count = ses.writequeue.count;
-	if (iov_max_count > IOV_MAX)
-	{
-		iov_max_count = IOV_MAX;
-	}
-
-	iov = m_malloc(sizeof(*iov) * iov_max_count);
-	for (l = ses.writequeue.head, i = 0; l; l = l->link, i++)
-	{
-		writebuf = (buffer*)l->item;
-		packet_type = writebuf->data[writebuf->len-1];
-		len = writebuf->len - 1 - writebuf->pos;
-		dropbear_assert(len > 0);
-		TRACE2(("write_packet writev #%d  type %d len %d/%d", i, packet_type,
-				len, writebuf->len-1))
-		iov[i].iov_base = buf_getptr(writebuf, len);
-		iov[i].iov_len = len;
-	}
+	iov = packet_queue_to_iovec(&ses.writequeue, &iov_count);
 	/* This may return EAGAIN. The main loop sometimes
 	calls write_packet() without bothering to test with select() since
 	it's likely to be necessary */
-	written = writev(ses.sock_out, iov, iov_max_count);
+	written = writev(ses.sock_out, iov, iov_count);
 	if (written < 0) {
 		if (errno == EINTR || errno == EAGAIN) {
+			TRACE2(("leave write_packet: EINTR"))
 			m_free(iov);
-			TRACE2(("leave write_packet: EINTR"))
 			return;
 		} else {
 			dropbear_exit("Error writing: %s", strerror(errno));
 		}
 	}
+	m_free(iov);
+
+	packet_queue_consume(&ses.writequeue, written);
 
 	if (written == 0) {
 		ses.remoteclosed();
 	}
 
-	while (written > 0) {
-		writebuf = (buffer*)examine(&ses.writequeue);
-		len = writebuf->len - 1 - writebuf->pos;
-		if (len > written) {
-			/* partial buffer write */
-			buf_incrpos(writebuf, written);
-			written = 0;
-		} else {
-			written -= len;
-			dequeue(&ses.writequeue);
-			buf_free(writebuf);
-		}
-	}
-
-	m_free(iov);
 #else /* No writev () */
 	/* Get the next buffer in the queue of encrypted packets to write*/
 	writebuf = (buffer*)examine(&ses.writequeue);
@@ -283,18 +246,18 @@
 	}
 	len = buf_getint(ses.readbuf) + 4 + macsize;
 
-	TRACE2(("packet size is %d, block %d mac %d", len, blocksize, macsize))
+	TRACE2(("packet size is %u, block %u mac %u", len, blocksize, macsize))
 
 
 	/* check packet length */
 	if ((len > RECV_MAX_PACKET_LEN) ||
 		(len < MIN_PACKET_LEN + macsize) ||
 		((len - macsize) % blocksize != 0)) {
-		dropbear_exit("Integrity error (bad packet size %d)", len);
+		dropbear_exit("Integrity error (bad packet size %u)", len);
 	}
 
 	if (len > ses.readbuf->size) {
-		buf_resize(ses.readbuf, len);		
+		ses.readbuf = buf_resize(ses.readbuf, len);		
 	}
 	buf_setlen(ses.readbuf, len);
 	buf_setpos(ses.readbuf, blocksize);
@@ -342,7 +305,7 @@
 	/* - 4 - 1 is for LEN and PADLEN values */
 	len = ses.readbuf->len - padlen - 4 - 1 - macsize;
 	if ((len > RECV_MAX_PAYLOAD_LEN+ZLIB_COMPRESS_EXPANSION) || (len < 1)) {
-		dropbear_exit("Bad packet size %d", len);
+		dropbear_exit("Bad packet size %u", len);
 	}
 
 	buf_setpos(ses.readbuf, PACKET_PAYLOAD_OFF);
@@ -351,18 +314,21 @@
 	if (is_compress_recv()) {
 		/* decompress */
 		ses.payload = buf_decompress(ses.readbuf, len);
+		buf_setpos(ses.payload, 0);
+		ses.payload_beginning = 0;
+		buf_free(ses.readbuf);
 	} else 
 #endif
 	{
+		ses.payload = ses.readbuf;
+		ses.payload_beginning = ses.payload->pos;
+		buf_setlen(ses.payload, ses.payload->pos + len);
 		/* copy payload */
-		ses.payload = buf_new(len);
-		memcpy(ses.payload->data, buf_getptr(ses.readbuf, len), len);
-		buf_incrlen(ses.payload, len);
+		//ses.payload = buf_new(len);
+		//memcpy(ses.payload->data, buf_getptr(ses.readbuf, len), len);
+		//buf_incrlen(ses.payload, len);
 	}
-
-	buf_free(ses.readbuf);
 	ses.readbuf = NULL;
-	buf_setpos(ses.payload, 0);
 
 	ses.recvseq++;
 
@@ -435,7 +401,7 @@
 				dropbear_exit("bad packet, oversized decompressed");
 			}
 			new_size = MIN(RECV_MAX_PAYLOAD_LEN, ret->size + ZLIB_DECOMPRESS_INCR);
-			buf_resize(ret, new_size);
+			ret = buf_resize(ret, new_size);
 		}
 	}
 }
@@ -674,7 +640,8 @@
 
 #ifndef DISABLE_ZLIB
 /* compresses len bytes from src, outputting to dest (starting from the
- * respective current positions. */
+ * respective current positions. dest must have sufficient space,
+ * len+ZLIB_COMPRESS_EXPANSION */
 static void buf_compress(buffer * dest, buffer * src, unsigned int len) {
 
 	unsigned int endpos = src->pos + len;
@@ -682,38 +649,28 @@
 
 	TRACE2(("enter buf_compress"))
 
-	while (1) {
-
-		ses.keys->trans.zstream->avail_in = endpos - src->pos;
-		ses.keys->trans.zstream->next_in = 
-			buf_getptr(src, ses.keys->trans.zstream->avail_in);
+	dropbear_assert(dest->size - dest->pos >= len+ZLIB_COMPRESS_EXPANSION);
 
-		ses.keys->trans.zstream->avail_out = dest->size - dest->pos;
-		ses.keys->trans.zstream->next_out =
-			buf_getwriteptr(dest, ses.keys->trans.zstream->avail_out);
+	ses.keys->trans.zstream->avail_in = endpos - src->pos;
+	ses.keys->trans.zstream->next_in = 
+		buf_getptr(src, ses.keys->trans.zstream->avail_in);
 
-		result = deflate(ses.keys->trans.zstream, Z_SYNC_FLUSH);
-
-		buf_setpos(src, endpos - ses.keys->trans.zstream->avail_in);
-		buf_setlen(dest, dest->size - ses.keys->trans.zstream->avail_out);
-		buf_setpos(dest, dest->len);
+	ses.keys->trans.zstream->avail_out = dest->size - dest->pos;
+	ses.keys->trans.zstream->next_out =
+		buf_getwriteptr(dest, ses.keys->trans.zstream->avail_out);
 
-		if (result != Z_OK) {
-			dropbear_exit("zlib error");
-		}
+	result = deflate(ses.keys->trans.zstream, Z_SYNC_FLUSH);
 
-		if (ses.keys->trans.zstream->avail_in == 0) {
-			break;
-		}
+	buf_setpos(src, endpos - ses.keys->trans.zstream->avail_in);
+	buf_setlen(dest, dest->size - ses.keys->trans.zstream->avail_out);
+	buf_setpos(dest, dest->len);
 
-		dropbear_assert(ses.keys->trans.zstream->avail_out == 0);
+	if (result != Z_OK) {
+		dropbear_exit("zlib error");
+	}
 
-		/* the buffer has been filled, we must extend. This only happens in
-		 * unusual circumstances where the data grows in size after deflate(),
-		 * but it is possible */
-		buf_resize(dest, dest->size + ZLIB_COMPRESS_EXPANSION);
-
-	}
+	/* fails if destination buffer wasn't large enough */
+	dropbear_assert(ses.keys->trans.zstream->avail_in == 0);
 	TRACE2(("leave buf_compress"))
 }
 #endif
--- a/packet.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/packet.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,11 +22,12 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _PACKET_H_
+#ifndef DROPBEAR_PACKET_H_
 
-#define _PACKET_H_
+#define DROPBEAR_PACKET_H_
 
 #include "includes.h"
+#include "queue.h"
 
 void write_packet();
 void read_packet();
@@ -46,4 +47,4 @@
 
 #define INIT_READBUF 128
 
-#endif /* _PACKET_H_ */
+#endif /* DROPBEAR_PACKET_H_ */
--- a/queue.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/queue.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _QUEUE_H_
-#define _QUEUE_H_
+#ifndef DROPBEAR_QUEUE_H_
+#define DROPBEAR_QUEUE_H_
 
 struct Link {
 
--- a/release.sh	Fri Jan 23 22:32:49 2015 +0800
+++ b/release.sh	Mon Mar 16 21:34:05 2015 +0800
@@ -7,7 +7,7 @@
 fi
 
 if ! head -n1 debian/changelog | grep -q $VERSION ; then
-	echo "CHANGES needs updating"
+	echo "debian/changelog needs updating"
 	exit 1
 fi
 
@@ -36,5 +36,5 @@
 (cd $RELDIR/.. && tar cjf $ARCHIVE `basename "$RELDIR"`) || exit 2
 
 ls -l $ARCHIVE
-openssl sha1 $ARCHIVE
+openssl sha -sha256 $ARCHIVE
 echo "Done to $ARCHIVE"
--- a/rsa.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/rsa.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _RSA_H_
-#define _RSA_H_
+#ifndef DROPBEAR_RSA_H_
+#define DROPBEAR_RSA_H_
 
 #include "includes.h"
 #include "buffer.h"
@@ -55,4 +55,4 @@
 
 #endif /* DROPBEAR_RSA */
 
-#endif /* _RSA_H_ */
+#endif /* DROPBEAR_RSA_H_ */
--- a/runopts.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/runopts.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _RUNOPTS_H_
-#define _RUNOPTS_H_
+#ifndef DROPBEAR_RUNOPTS_H_
+#define DROPBEAR_RUNOPTS_H_
 
 #include "includes.h"
 #include "signkey.h"
@@ -44,7 +44,11 @@
 	/* TODO: add a commandline flag. Currently this is on by default if compression
 	 * is compiled in, but disabled for a client's non-final multihop stages. (The
 	 * intermediate stages are compressed streams, so are uncompressible. */
-	int enable_compress;
+	enum {
+		DROPBEAR_COMPRESS_DELAYED, /* Server only */
+		DROPBEAR_COMPRESS_ON,
+		DROPBEAR_COMPRESS_OFF,
+	} compress_mode;
 #endif
 
 #ifdef ENABLE_USER_ALGO_LIST
@@ -166,4 +170,4 @@
 
 void print_version(void);
 
-#endif /* _RUNOPTS_H_ */
+#endif /* DROPBEAR_RUNOPTS_H_ */
--- a/scp.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/scp.c	Mon Mar 16 21:34:05 2015 +0800
@@ -437,7 +437,7 @@
 	}
 	/*
 	 * Finally check the exit status of the ssh process, if one was forked
-	 * and no error has occured yet
+	 * and no error has occurred yet
 	 */
 	if (do_cmd_pid != -1 && errs == 0) {
 		if (remin != -1)
--- a/service.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/service.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,9 +22,9 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _SERVICE_H_
-#define _SERVICE_H_
+#ifndef DROPBEAR_SERVICE_H_
+#define DROPBEAR_SERVICE_H_
 
 void recv_msg_service_request(); /* Server */
 
-#endif /* _SERVICE_H_ */
+#endif /* DROPBEAR_SERVICE_H_ */
--- a/session.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/session.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _SESSION_H_
-#define _SESSION_H_
+#ifndef DROPBEAR_SESSION_H_
+#define DROPBEAR_SESSION_H_
 
 #include "includes.h"
 #include "options.h"
@@ -38,12 +38,13 @@
 #include "tcpfwd.h"
 #include "chansession.h"
 #include "dbutil.h"
+#include "netio.h"
 
 extern int sessinitdone; /* Is set to 0 somewhere */
 extern int exitflag;
 
 void common_session_init(int sock_in, int sock_out);
-void session_loop();
+void session_loop(void(*loophandler)()) ATTRIB_NORETURN;
 void session_cleanup();
 void send_session_identification();
 void send_msg_ignore();
@@ -55,12 +56,13 @@
 void fill_passwd(const char* username);
 
 /* Server */
-void svr_session(int sock, int childpipe);
+void svr_session(int sock, int childpipe) ATTRIB_NORETURN;
 void svr_dropbear_exit(int exitcode, const char* format, va_list param) ATTRIB_NORETURN;
 void svr_dropbear_log(int priority, const char* format, va_list param);
 
 /* Client */
-void cli_session(int sock_in, int sock_out);
+void cli_session(int sock_in, int sock_out, struct dropbear_progress_connection *progress) ATTRIB_NORETURN;
+void cli_connected(int result, int sock, void* userdata, const char *errstring);
 void cleantext(unsigned char* dirtytext);
 
 /* crypto parameters that are stored individually for transmit and receive */
@@ -124,7 +126,11 @@
 							 buffer with the packet to send. */
 	struct Queue writequeue; /* A queue of encrypted packets to send */
 	buffer *readbuf; /* From the wire, decrypted in-place */
-	buffer *payload; /* Post-decompression, the actual SSH packet */
+	buffer *payload; /* Post-decompression, the actual SSH packet. 
+						May have extra data at the beginning, will be
+						passed to packet processing functions positioned past
+						that, see payload_beginning */
+	unsigned int payload_beginning;
 	unsigned int transseq, recvseq; /* Sequence IDs */
 
 	/* Packet-handling flags */
@@ -148,6 +154,8 @@
 	
 	int signal_pipe[2]; /* stores endpoints of a self-pipe used for
 						   race-free signal handling */
+
+	m_list conn_pending;
 						
 	/* time of the last packet send/receive, for keepalive. Not real-world clock */
 	time_t last_packet_time_keepalive_sent;
@@ -314,4 +322,4 @@
 extern struct clientsession cli_ses;
 #endif /* DROPBEAR_CLIENT */
 
-#endif /* _SESSION_H_ */
+#endif /* DROPBEAR_SESSION_H_ */
--- a/signkey.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/signkey.c	Mon Mar 16 21:34:05 2015 +0800
@@ -140,7 +140,7 @@
 
 	unsigned char* ident;
 	unsigned int len;
-	int keytype;
+	enum signkey_type keytype;
 	int ret = DROPBEAR_FAILURE;
 
 	TRACE2(("enter buf_get_pub_key"))
@@ -187,6 +187,7 @@
 		if (eck) {
 			if (*eck) {
 				ecc_free(*eck);
+				m_free(*eck);
 				*eck = NULL;
 			}
 			*eck = buf_get_ecdsa_pub_key(buf);
@@ -210,7 +211,7 @@
 
 	unsigned char* ident;
 	unsigned int len;
-	int keytype;
+	enum signkey_type keytype;
 	int ret = DROPBEAR_FAILURE;
 
 	TRACE2(("enter buf_get_priv_key"))
@@ -255,6 +256,7 @@
 		if (eck) {
 			if (*eck) {
 				ecc_free(*eck);
+				m_free(*eck);
 				*eck = NULL;
 			}
 			*eck = buf_get_ecdsa_priv_key(buf);
@@ -355,18 +357,21 @@
 #ifdef DROPBEAR_ECC_256
 	if (key->ecckey256) {
 		ecc_free(key->ecckey256);
+		m_free(key->ecckey256);
 		key->ecckey256 = NULL;
 	}
 #endif
 #ifdef DROPBEAR_ECC_384
 	if (key->ecckey384) {
 		ecc_free(key->ecckey384);
+		m_free(key->ecckey384);
 		key->ecckey384 = NULL;
 	}
 #endif
 #ifdef DROPBEAR_ECC_521
 	if (key->ecckey521) {
 		ecc_free(key->ecckey521);
+		m_free(key->ecckey521);
 		key->ecckey521 = NULL;
 	}
 #endif
--- a/signkey.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/signkey.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _SIGNKEY_H_
-#define _SIGNKEY_H_
+#ifndef DROPBEAR_SIGNKEY_H_
+#define DROPBEAR_SIGNKEY_H_
 
 #include "buffer.h"
 #include "dss.h"
@@ -101,4 +101,4 @@
 
 void** signkey_key_ptr(sign_key *key, enum signkey_type type);
 
-#endif /* _SIGNKEY_H_ */
+#endif /* DROPBEAR_SIGNKEY_H_ */
--- a/svr-agentfwd.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/svr-agentfwd.c	Mon Mar 16 21:34:05 2015 +0800
@@ -117,7 +117,7 @@
 }
 
 /* set up the environment variable pointing to the socket. This is called
- * just before command/shell execution, after dropping priveleges */
+ * just before command/shell execution, after dropping privileges */
 void svr_agentset(struct ChanSess * chansess) {
 
 	char *path = NULL;
--- a/svr-authpubkey.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/svr-authpubkey.c	Mon Mar 16 21:34:05 2015 +0800
@@ -86,6 +86,7 @@
 	unsigned int algolen;
 	unsigned char* keyblob = NULL;
 	unsigned int keybloblen;
+	unsigned int sign_payload_length;
 	buffer * signbuf = NULL;
 	sign_key * key = NULL;
 	char* fp = NULL;
@@ -125,9 +126,18 @@
 
 	/* create the data which has been signed - this a string containing
 	 * session_id, concatenated with the payload packet up to the signature */
+	assert(ses.payload_beginning <= ses.payload->pos);
+	sign_payload_length = ses.payload->pos - ses.payload_beginning;
 	signbuf = buf_new(ses.payload->pos + 4 + ses.session_id->len);
 	buf_putbufstring(signbuf, ses.session_id);
-	buf_putbytes(signbuf, ses.payload->data, ses.payload->pos);
+
+	/* The entire contents of the payload prior. */
+	buf_setpos(ses.payload, ses.payload_beginning);
+	buf_putbytes(signbuf, 
+		buf_getptr(ses.payload, sign_payload_length),
+		sign_payload_length);
+	buf_incrpos(ses.payload, sign_payload_length);
+
 	buf_setpos(signbuf, 0);
 
 	/* ... and finally verify the signature */
--- a/svr-chansession.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/svr-chansession.c	Mon Mar 16 21:34:05 2015 +0800
@@ -234,7 +234,7 @@
 
 	struct ChanSess *chansess;
 
-	TRACE(("new chansess %p", channel))
+	TRACE(("new chansess %p", (void*)channel))
 
 	dropbear_assert(channel->typedata == NULL);
 
--- a/svr-main.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/svr-main.c	Mon Mar 16 21:34:05 2015 +0800
@@ -138,7 +138,6 @@
 	}
 
 	for (i = 0; i < listensockcount; i++) {
-		set_sock_priority(listensocks[i], DROPBEAR_PRIO_LOWDELAY);
 		FD_SET(listensocks[i], &fds);
 	}
 
@@ -343,6 +342,7 @@
 
 	sa_chld.sa_handler = sigchld_handler;
 	sa_chld.sa_flags = SA_NOCLDSTOP;
+	sigemptyset(&sa_chld.sa_mask);
 	if (sigaction(SIGCHLD, &sa_chld, NULL) < 0) {
 		dropbear_exit("signal() error");
 	}
@@ -402,9 +402,9 @@
 }
 
 /* Set up listening sockets for all the requested ports */
-static size_t listensockets(int *sock, size_t sockcount, int *maxfd) {
-	
-	unsigned int i;
+static size_t listensockets(int *socks, size_t sockcount, int *maxfd) {
+
+	unsigned int i, n;
 	char* errstring = NULL;
 	size_t sockpos = 0;
 	int nsock;
@@ -415,7 +415,7 @@
 
 		TRACE(("listening on '%s:%s'", svr_opts.addresses[i], svr_opts.ports[i]))
 
-		nsock = dropbear_listen(svr_opts.addresses[i], svr_opts.ports[i], &sock[sockpos], 
+		nsock = dropbear_listen(svr_opts.addresses[i], svr_opts.ports[i], &socks[sockpos], 
 				sockcount - sockpos,
 				&errstring, maxfd);
 
@@ -426,6 +426,14 @@
 			continue;
 		}
 
+		for (n = 0; n < (unsigned int)nsock; n++) {
+			int sock = socks[sockpos + n];
+			set_sock_priority(sock, DROPBEAR_PRIO_LOWDELAY);
+#ifdef DROPBEAR_TCP_FAST_OPEN
+			set_listen_fast_open(sock);
+#endif
+		}
+
 		sockpos += nsock;
 
 	}
--- a/svr-runopts.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/svr-runopts.c	Mon Mar 16 21:34:05 2015 +0800
@@ -140,9 +140,15 @@
 #ifdef ENABLE_SVR_REMOTETCPFWD
 	svr_opts.noremotetcp = 0;
 #endif
+
 #ifndef DISABLE_ZLIB
-	opts.enable_compress = 1;
+#if DROPBEAR_SERVER_DELAY_ZLIB
+	opts.compress_mode = DROPBEAR_COMPRESS_DELAYED;
+#else
+	opts.compress_mode = DROPBEAR_COMPRESS_ON;
 #endif
+#endif 
+
 	/* not yet
 	opts.ipv4 = 1;
 	opts.ipv6 = 1;
--- a/svr-session.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/svr-session.c	Mon Mar 16 21:34:05 2015 +0800
@@ -81,10 +81,14 @@
 };
 
 static void
-svr_session_cleanup(void)
-{
+svr_session_cleanup(void) {
 	/* free potential public key options */
 	svr_pubkey_options_cleanup();
+
+	m_free(svr_ses.addrstring);
+	m_free(svr_ses.remotehost);
+	m_free(svr_ses.childpids);
+	svr_ses.childpidsize = 0;
 }
 
 static void
@@ -153,6 +157,7 @@
 void svr_dropbear_exit(int exitcode, const char* format, va_list param) {
 
 	char fmtbuf[300];
+	int i;
 
 	if (!sessinitdone) {
 		/* before session init */
@@ -186,6 +191,15 @@
 		session_cleanup();
 	}
 
+	if (svr_opts.hostkey) {
+		sign_key_free(svr_opts.hostkey);
+		svr_opts.hostkey = NULL;
+	}
+	for (i = 0; i < DROPBEAR_MAX_PORTS; i++) {
+		m_free(svr_opts.addresses[i]);
+		m_free(svr_opts.ports[i]);
+	}
+
 	exit(exitcode);
 
 }
--- a/svr-tcpfwd.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/svr-tcpfwd.c	Mon Mar 16 21:34:05 2015 +0800
@@ -33,6 +33,7 @@
 #include "listener.h"
 #include "runopts.h"
 #include "auth.h"
+#include "netio.h"
 
 #ifndef ENABLE_SVR_REMOTETCPFWD
 
@@ -236,7 +237,6 @@
 	unsigned char* orighost = NULL;
 	unsigned int origport;
 	char portstring[NI_MAXSERV];
-	int sock;
 	int len;
 	int err = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED;
 
@@ -270,19 +270,7 @@
 	}
 
 	snprintf(portstring, sizeof(portstring), "%d", destport);
-	sock = connect_remote(desthost, portstring, 1, NULL);
-	if (sock < 0) {
-		err = SSH_OPEN_CONNECT_FAILED;
-		TRACE(("leave newtcpdirect: sock failed"))
-		goto out;
-	}
-
-	ses.maxfd = MAX(ses.maxfd, sock);
-
-	 /* We don't set readfd, that will get set after the connection's
-	 * progress succeeds */
-	channel->writefd = sock;
-	channel->initconn = 1;
+	channel->conn_pending = connect_remote(desthost, portstring, channel_connect_done, channel);
 
 	channel->prio = DROPBEAR_CHANNEL_PRIO_UNKNOWABLE;
 	
--- a/svr-x11fwd.c	Fri Jan 23 22:32:49 2015 +0800
+++ b/svr-x11fwd.c	Mon Mar 16 21:34:05 2015 +0800
@@ -175,7 +175,7 @@
 	m_free(chansess->x11authprot);
 	m_free(chansess->x11authcookie);
 
-	TRACE(("chansess %p", chansess))
+	TRACE(("chansess %p", (void*)chansess))
 	if (chansess->x11listener != NULL) {
 		remove_listener(chansess->x11listener);
 		chansess->x11listener = NULL;
--- a/sysoptions.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/sysoptions.h	Mon Mar 16 21:34:05 2015 +0800
@@ -4,7 +4,7 @@
  *******************************************************************/
 
 #ifndef DROPBEAR_VERSION
-#define DROPBEAR_VERSION "2014.66"
+#define DROPBEAR_VERSION "2015.67"
 #endif
 
 #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION
@@ -254,7 +254,15 @@
 #define DROPBEAR_LISTEN_BACKLOG MAX_CHANNELS
 #endif
 
+/* free memory before exiting */
+#define DROPBEAR_CLEANUP
+
 /* Use this string since some implementations might special-case it */
 #define DROPBEAR_KEEPALIVE_STRING "[email protected]"
 
+/* Linux will attempt TCP fast open, falling back if not supported by the kernel */
+#ifdef __linux__
+#define DROPBEAR_TCP_FAST_OPEN 1
+#endif
+
 /* no include guard for this file */
--- a/tcpfwd.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/tcpfwd.h	Mon Mar 16 21:34:05 2015 +0800
@@ -21,8 +21,8 @@
  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
-#ifndef _TCPFWD_H
-#define _TCPFWD_H
+#ifndef DROPBEAR_TCPFWD_H
+#define DROPBEAR_TCPFWD_H
 
 #include "channel.h"
 #include "list.h"
--- a/termcodes.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/termcodes.h	Mon Mar 16 21:34:05 2015 +0800
@@ -22,8 +22,8 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
 
-#ifndef _TERMCODES_H_
-#define _TERMCODES_H_
+#ifndef DROPBEAR_TERMCODES_H_
+#define DROPBEAR_TERMCODES_H_
 
 #define TERMCODE_NONE 0
 #define TERMCODE_CONTROL 1
@@ -43,4 +43,4 @@
 
 extern const struct TermCode termcodes[];
 
-#endif /* _TERMCODES_H_ */
+#endif /* DROPBEAR_TERMCODES_H_ */
--- a/x11fwd.h	Fri Jan 23 22:32:49 2015 +0800
+++ b/x11fwd.h	Mon Mar 16 21:34:05 2015 +0800
@@ -21,8 +21,8 @@
  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE. */
-#ifndef _X11FWD_H_
-#define _X11FWD_H_
+#ifndef DROPBEAR__X11FWD_H_
+#define DROPBEAR__X11FWD_H_
 #ifndef DISABLE_X11FWD
 
 #include "includes.h"
@@ -34,4 +34,4 @@
 void x11cleanup(struct ChanSess *chansess);
 
 #endif /* DROPBEAR_X11FWD */
-#endif /* _X11FWD_H_ */
+#endif /* DROPBEAR__X11FWD_H_ */