changeset 559:7f66b8e40f2d agent-client

propagate from branch 'au.asn.ucc.matt.dropbear' (head bbe4e11695a7b22bd89a722600eb4a4020b6fdf3) to branch 'au.asn.ucc.matt.dropbear.cli-agent' (head 276cf5e82276b6c879d246ba64739ec6868f5150)
author Matt Johnston <matt@ucc.asn.au>
date Wed, 29 Jul 2009 02:58:33 +0000
parents de3653483ac0 (current diff) bcc5b69d15a6 (diff)
children 52d7301e46bd
files debug.h options.h session.h
diffstat 5 files changed, 48 insertions(+), 7 deletions(-) [+]
line wrap: on
line diff
--- a/common-kex.c	Mon Jul 06 14:02:45 2009 +0000
+++ b/common-kex.c	Wed Jul 29 02:58:33 2009 +0000
@@ -371,7 +371,9 @@
 		ses.newkeys->trans.zstream->zalloc = Z_NULL;
 		ses.newkeys->trans.zstream->zfree = Z_NULL;
 	
-		if (deflateInit(ses.newkeys->trans.zstream, Z_DEFAULT_COMPRESSION) 
+		if (deflateInit2(ses.newkeys->trans.zstream, Z_DEFAULT_COMPRESSION,
+					Z_DEFLATED, DROPBEAR_ZLIB_WINDOW_BITS, 
+					DROPBEAR_ZLIB_MEM_LEVEL, Z_DEFAULT_STRATEGY)
 				!= Z_OK) {
 			dropbear_exit("zlib error");
 		}
--- a/options.h	Mon Jul 06 14:02:45 2009 +0000
+++ b/options.h	Wed Jul 29 02:58:33 2009 +0000
@@ -87,7 +87,8 @@
 #define DROPBEAR_AES128
 #define DROPBEAR_3DES
 #define DROPBEAR_AES256
-#define DROPBEAR_BLOWFISH
+/* Compiling in Blowfish will add ~6kB to runtime heap memory usage */
+/*#define DROPBEAR_BLOWFISH*/
 #define DROPBEAR_TWOFISH256
 #define DROPBEAR_TWOFISH128
 
@@ -130,6 +131,21 @@
  * if the random number source isn't good. In general this isn't required */
 /* #define DSS_PROTOK */
 
+/* Control the memory/performance/compression tradeoff for zlib.
+ * Set windowBits=8, memLevel=1 for least memory usage, see your system's
+ * zlib.h for full details.
+ * Default settings (windowBits=15, memLevel=8) will use 
+ * 256kB for compression + 32kB for decompression.
+ * windowBits=8, memLevel=1 will use 10kB compression + 32kB decompression.
+ * Note that windowBits is only set for deflate() - inflate() always uses the
+ * default of 15 so as to interoperate with other clients. */
+#ifndef DROPBEAR_ZLIB_WINDOW_BITS
+#define DROPBEAR_ZLIB_WINDOW_BITS 15 
+#endif
+#ifndef DROPBEAR_ZLIB_MEM_LEVEL
+#define DROPBEAR_ZLIB_MEM_LEVEL 8
+#endif
+
 /* Whether to do reverse DNS lookups. */
 #define DO_HOST_LOOKUP
 
@@ -248,13 +264,19 @@
    significant difference to network performance. 24kB was empirically
    chosen for a 100mbit ethernet network. The value can be altered at
    runtime with the -W argument. */
+#ifndef DEFAULT_RECV_WINDOW
 #define DEFAULT_RECV_WINDOW 24576
+#endif
 /* Maximum size of a received SSH data packet - this _MUST_ be >= 32768
    in order to interoperate with other implementations */
+#ifndef RECV_MAX_PAYLOAD_LEN
 #define RECV_MAX_PAYLOAD_LEN 32768
+#endif
 /* Maximum size of a transmitted data packet - this can be any value,
    though increasing it may not make a significant difference. */
+#ifndef TRANS_MAX_PAYLOAD_LEN
 #define TRANS_MAX_PAYLOAD_LEN 16384
+#endif
 
 /* Ensure that data is transmitted every KEEPALIVE seconds. This can
 be overridden at runtime with -K. 0 disables keepalives */
--- a/packet.c	Mon Jul 06 14:02:45 2009 +0000
+++ b/packet.c	Wed Jul 29 02:58:33 2009 +0000
@@ -261,7 +261,7 @@
 		
 	/* payload length */
 	/* - 4 - 1 is for LEN and PADLEN values */
-	len = ses.readbuf->len - padlen - 4 - 1;
+	len = ses.readbuf->len - padlen - 4 - 1 - macsize;
 	if ((len > RECV_MAX_PAYLOAD_LEN) || (len < 1)) {
 		dropbear_exit("bad packet size");
 	}
--- a/session.h	Mon Jul 06 14:02:45 2009 +0000
+++ b/session.h	Wed Jul 29 02:58:33 2009 +0000
@@ -213,6 +213,10 @@
 	/* The numeric address they connected from, used for logging */
 	char * addrstring;
 
+#ifdef __uClinux__
+	pid_t server_pid;
+#endif
+
 };
 
 typedef enum {
--- a/svr-session.c	Mon Jul 06 14:02:45 2009 +0000
+++ b/svr-session.c	Wed Jul 29 02:58:33 2009 +0000
@@ -85,6 +85,10 @@
 	/* Initialise server specific parts of the session */
 	svr_ses.childpipe = childpipe;
 	svr_ses.addrstring = addrstring;
+#ifdef __uClinux__
+	svr_ses.server_pid = getpid();
+#endif
+	svr_ses.addrstring = addrstring;
 	svr_authinitialise();
 	chaninitialise(svr_chantypes);
 	svr_chansessinitialise();
@@ -144,11 +148,20 @@
 
 	_dropbear_log(LOG_INFO, fmtbuf, param);
 
-	/* free potential public key options */
-	svr_pubkey_options_cleanup();
+#ifdef __uClinux__
+	/* only the main server process should cleanup - we don't want
+	 * forked children doing that */
+	if (svr_ses.server_pid == getpid())
+#else
+	if (1)
+#endif
+	{
+		/* free potential public key options */
+		svr_pubkey_options_cleanup();
 
-	/* must be after we've done with username etc */
-	common_session_cleanup();
+		/* must be after we've done with username etc */
+		common_session_cleanup();
+	}
 
 	exit(exitcode);