Mercurial > dropbear
changeset 685:5af8993f7529 insecure-nocrypto
Add ALLOW_NONE_PASSWORD_AUTH option
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Thu, 17 May 2012 08:33:11 +0800 |
| parents | c37857676924 |
| children | 983a817f8e41 |
| files | cli-auth.c options.h |
| diffstat | 2 files changed, 13 insertions(+), 9 deletions(-) [+] |
line wrap: on
line diff
--- a/cli-auth.c Thu May 17 08:09:19 2012 +0800 +++ b/cli-auth.c Thu May 17 08:33:11 2012 +0800 @@ -257,10 +257,13 @@ #endif #ifdef ENABLE_CLI_INTERACT_AUTH +#if defined(DROPBEAR_NONE_CIPHER) && !defined(ALLOW_NONE_PASSWORD_AUTH) if (ses.keys->trans.algo_crypt->cipherdesc == NULL) { fprintf(stderr, "Sorry, I won't let you use interactive auth unencrypted.\n"); } - else if (!finished && ses.authstate.authtypes & AUTH_TYPE_INTERACT) { + else +#endif + if (!finished && ses.authstate.authtypes & AUTH_TYPE_INTERACT) { if (cli_ses.auth_interact_failed) { finished = 0; } else { @@ -272,10 +275,13 @@ #endif #ifdef ENABLE_CLI_PASSWORD_AUTH +#if defined(DROPBEAR_NONE_CIPHER) && !defined(ALLOW_NONE_PASSWORD_AUTH) if (ses.keys->trans.algo_crypt->cipherdesc == NULL) { fprintf(stderr, "Sorry, I won't let you use password auth unencrypted.\n"); } - else if (!finished && ses.authstate.authtypes & AUTH_TYPE_PASSWORD) { + else +#endif + if (!finished && ses.authstate.authtypes & AUTH_TYPE_PASSWORD) { cli_auth_password(); finished = 1; cli_ses.lastauthtype = AUTH_TYPE_PASSWORD;
--- a/options.h Thu May 17 08:09:19 2012 +0800 +++ b/options.h Thu May 17 08:33:11 2012 +0800 @@ -103,15 +103,13 @@ /* You can compile with no encryption if you want. In some circumstances * this could be safe security-wise, though make sure you know what * you're doing. Anyone can see everything that goes over the wire, so - * the only safe auth method is public key. You'll have to disable all other - * ciphers above in the client if you want to use this, or implement cipher - * prioritisation in cli-runopts. - * - * The best way to do things is probably make normal compile of dropbear with - * all ciphers including "none" as the server, then recompile a special - * "dbclient-insecure" client. */ + * the only safe auth method is public key. */ #define DROPBEAR_NONE_CIPHER +/* Define this to allow password authentication even when no encryption + * is being used. This can be unsafe */ +#define ALLOW_NONE_PASSWORD_AUTH + /* Message Integrity - at least one required. * Protocol RFC requires sha1 and recommends sha1-96. * sha1-96 is of use for slow links as it has a smaller overhead.