Mercurial > dropbear
changeset 1196:a29559086628 coverity
merge
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Wed, 02 Dec 2015 22:37:51 +0800 |
parents | d734fe76b72f (current diff) 8a5e9a97bd7a (diff) |
children | 84cf9062718d |
files | |
diffstat | 16 files changed, 100 insertions(+), 42 deletions(-) [+] |
line wrap: on
line diff
--- a/.hgsigs Mon Nov 23 23:04:48 2015 +0800 +++ b/.hgsigs Wed Dec 02 22:37:51 2015 +0800 @@ -16,3 +16,5 @@ 1d2d81b1b7c1b100e9c369e40b9fa5b2d491eea9 0 iEYEABECAAYFAlTKOKUACgkQjPn4sExkf7xWMACfYFozyHiRk5GaocTa5z6Ws1uyB4kAoLubxoxcnM3E7AA9mHAzc3OB5M0Y a687f835236c7025b5cb2968fe9c4ebc4a49f0ea 0 iQIcBAABCgAGBQJVxg62AAoJEPSYMBLCC7qsC+EQAKw8YWogrVHhIFct2fx/nqybSPVrhFyKFKHhq7K/lZeVm0MGIWdSyVcQgP+Hs2jWNBWzG4AJ1BtifHWQH6IDh7W5RuwOXu5KobgPW9BsN3EVE9KIR+xe9jCAmFl9rIw0tNpy1q6R0TpYXx/sWlMilxecyEGyr2Ias2Sm19aY2mOEv8PLfh9BLfrJEKtt2NxL7TX8ScPwJXJMmVIQjN9WK4Ptx3tjcGNRivEVR/dftP5sJx2DBJx9avyDqrfloMW7Q7sPgJ88MPruCDxedOkbzH7JdHe3Humr2G4LsI0KPU7pNN6EBDjhJ+SVXuOyAgu5j/C0R+0ggGfjSrjDu8WjHyclFlwwu2MSGuHf111I1qkLtaRY3H1FZO5Y2gbLwBLQ82svA4klcBIxtP5jKAZDTh1jQMYsfKotvZdawOWrPDkNmKoUg2JXLHAtj9Dd0uGIhqfspZY3qlpzxw9uCkljWclUBD097ygotwAb2XdLoAWZ3KdvoPM+k448vIAQ7Q/aqcnm/dLQJr3Le029gpkOKoWKaQTlk0itrRGpgETHAhE2LnmWxYSKp6NYSKMgEONbfDiVNLyDTOlvpPiEb20RsOP64xA4wVDGmPenCURmMYoepQK6oJdtkNtCdth2S49KxPQAC+Dem4YZ7b+5b+cXrK5Nz7elBxZzRQWdjmZ4JDQK ef4b26364b0cdda1084751d7de3d76c589e2d9cb 0 iQIcBAABCgAGBQJVxg7BAAoJEESTFJTynGdz9Q4P/A0Kq4H52rQqxq42PoEMFbVQIUfkFzyWjAz8eEGLmP5x5/sdpyxZDEyBSUG55uyNvOPTHE+Sd3t2h2Iieq749qwYgqggXC0P+C0zGzW3hB5Rv6dTUrKN1yCyaWE2tY488RsyVlcAs4vrp1Cum5Gv8/BUVKjzZmkZ1iq/3RyrvbLEiLoMrcLnQ+sUdaYHvfEwxDbzpOEvepg8iDJBitTrfG9xHp9otX6ucahwn1EumFvC5mvUxbiQ9jv76t4FJztjMoB24hPCH9T1FjB8uNsoM+j2Z67r81eJrGgNpJzjX0S3lY/AADZGhfGnfybTM9gFuQayIJuCJqduQibVwYkAAnPi17NmbdwPu0Rdz55oU+ft09XLVm/qkQcD1EP5bxYWnLIEMkkZQnFx7WdMpjKK9oGxZHeFYAKEgPgePCkk4TQ4PxNa+3854H19AUssQlaueGcbDLyPIRiSyqhleXawGfaJi+1jBt0DM7CNbAHAUWUE07VhQzNGWjabdEk4eXKTmDL+mZJFdHGBhyCve8sPmZBYJvM2PRgcXe8fwFh+R7gVj6kFbZJvgM9kG7EeF+4ZMEXG4yKpV/SKfMMeEPBCZjFxZhlJJ0fsZbB1Y/iLw8LXnJ0fa/5xFYv6k+iytfom/rqS4iUD7NWTjcEYHjd4EO4QlPD2Ef/AWOO8YBUBv8kA +af074dbcb68ff8670b3818e0d66d5dc6f1bd5877 0 iQIcBAABCgAGBQJWVdQfAAoJEPSYMBLCC7qs+n4P/RgZU3GsLFJN7v7Cn6NOdKdfjJBmlbCtK9KwlZZaj8fW4noqnLDcDd6a2xT4mDV3rCE6+QYialGXjNkkNCBwD9Z+gFc8spOtThrpQ54dgWzbgDlYB1y7Hp7DoWoJQIlU6Od9nWBemcSrAviOFNAX8+S6poRdEhrHgMcv2xJoqHjvT7X8gob0RnJcYxW5nLWzDaJV58QnX6QlXg4ClSB6IoCeEawdW6WzXlZ9MGsRycTtx1ool7Uo6Vo2xg48n9TaJqM/lbSsMAjHxO/fdTJMWzTId1fuZxJGFVeJbkhjSwlf7fkVXxrgDxjvIAmFDR8TSTfJo50CD82j5rPcd7KSEpQ12ImBUsntPDgOtt/mJZ3HcFds86OZ7NkPpqoJGVFFQ8yUpe//DNSB2Ovg1FrwhSKOq/9N61BBwk1INVFDp1hMq45PIa9gI9zW/99inGDeSSQlxa4iafEUEjXZTRYuX7mFjnWm5q7r134J7kyWQtN/jNUZ71F0mvhnemufgpNY/I/D7K6qkONpbDZ2nuzkhfoqugzhHYp467UePM0qmLTLdXGPPMukoGorpWeiSb2T25AEKm7N4A9NwPmdAnoFjAibjF9FAuU03sl+pu9MqFb+1ldsqjNfxhcJmoAUR5vy3pED9ailCb/OCBVTHkDPfTEhGU3waO9tPM+5x2rGB5fe +5bb5976e6902a0c9fba974a880c68c9487ee1e77 0 iQIcBAABCgAGBQJWVyIKAAoJEESTFJTynGdzQosP/0k5bVTerpUKZLjyNuMU8o0eyc7njkX8EyMOyGbtcArKpzO2opSBTRsuCT9Zsk1iiQ1GMTY1quKD7aNr86Hipqo4th/+ZXmLe9mmaCDukKjD0ZYC4dBVUy6RSUAMvdkDP9sZs7CMTO/22a9SqOsKTv3s2NN6XnsBGnmNbvVx5hkAk5hMVNFrjKIaexzI/7bWQIDRo2HQCaWaL06JvWEDSEQd2mynGSXxT/+m4hBnuGg6qxn2pd4XfG0g10tDAFx64HQkWgZqSB+F8z71Cvfjondy1zjJYgtABqNlwCKQJZhRUW2+PblqQnz08TUy83XN2vtisOju4avGcHSaBgBbMvg8Wx4ZtM7sPP9pLrhhOTd5ceERHeTceTJy+iI1SQFvccjrRfs5aJ0zAQX5q6f4bV0zp5SmxkvnZUEkZIoetkM8VrPOYugqx31LtHAWfVT9NM+VkV/rrxLhk6J0giIQvC9MPWxRDileFVDszPiOgTLcxWjOziOLT+xijcj7dtx1b/f2bNCduN5G7i+icjjTlCNtyRPRqhBqn705W7F+xESP2gsscM/1BjQ7TGidU5m1njdkUjbrqm3+Qic6iqkG7SfETHmQB9mHqpJ0hACRPvZlhwB7oimNHllkrlw8UJw9f0SiuLjfERIgVS2EOp+mAia0RU7MlTt19o017M1ffEYL
--- a/.hgtags Mon Nov 23 23:04:48 2015 +0800 +++ b/.hgtags Wed Dec 02 22:37:51 2015 +0800 @@ -48,3 +48,5 @@ 735511a4c761141416ad0e6728989d2dafa55bc2 DROPBEAR_2014.66 cbd674d63cd4f3781464a8d4056a5506c8ae926f DROPBEAR_2015.67 809feaa9408f036734129c77f2b3c7e779d4f099 DROPBEAR_2015.68 +1637dbd262124d113e52967df46afd6c715e4fad DROPBEAR_2015.69 +79a6ef02307d05cb9dda10465cb5b807baa8f62e DROPBEAR_2015.70
--- a/CHANGES Mon Nov 23 23:04:48 2015 +0800 +++ b/CHANGES Wed Dec 02 22:37:51 2015 +0800 @@ -1,3 +1,28 @@ +2015.70 - 26 November 2015 + +- Fix server password authentication on Linux, broke in 2015.69 + +2015.69 - 25 November 2015 + +- Fix crash when forwarded TCP connections fail to connect (bug introduced in 2015.68) + +- Avoid hang on session close when multiple sessions are started, affects Qt Creator + Patch from Andrzej Szombierski + +- Reduce per-channel memory consumption in common case, increase default + channel limit from 100 to 1000 which should improve SOCKS forwarding for modern + webpages + +- Handle multiple command line arguments in a single flag, thanks to Guilhem Moulin + +- Manpage improvements from Guilhem Moulin + +- Build fixes for Android from Mike Frysinger + +- Don't display the MOTD when an explicit command is run from Guilhem Moulin + +- Check curve25519 shared secret isn't zero + 2015.68 - Saturday 8 August 2015 - Reduce local data copying for improved efficiency. Measured 30%
--- a/common-channel.c Mon Nov 23 23:04:48 2015 +0800 +++ b/common-channel.c Wed Dec 02 22:37:51 2015 +0800 @@ -255,8 +255,6 @@ } } - ses.channel_signal_pending = 0; - #ifdef USING_LISTENERS handle_listeners(readfds); #endif @@ -447,9 +445,10 @@ close_chan_fd(channel, fd, SHUT_WR); return DROPBEAR_FAILURE; } + } else { + cbuf_incrread(cbuf, written); + channel->recvdonelen += written; } - cbuf_incrread(cbuf, written); - channel->recvdonelen += written; return DROPBEAR_SUCCESS; } #endif /* !HAVE_WRITEV */ @@ -462,7 +461,7 @@ unsigned char *circ_p1, *circ_p2; unsigned int circ_len1, circ_len2; int io_count = 0; - int cbuf_written; + ssize_t written; cbuf_readptrs(cbuf, &circ_p1, &circ_len1, &circ_p2, &circ_len2); @@ -510,14 +509,14 @@ close_chan_fd(channel, fd, SHUT_WR); return DROPBEAR_FAILURE; } - } - - cbuf_written = MIN(circ_len1+circ_len2, (unsigned int)written); - cbuf_incrread(cbuf, cbuf_written); - if (morelen) { - *morelen = written - cbuf_written; + } else { + int cbuf_written = MIN(circ_len1+circ_len2, (unsigned int)written); + cbuf_incrread(cbuf, cbuf_written); + if (morelen) { + *morelen = written - cbuf_written; + } + channel->recvdonelen += written; } - channel->recvdonelen += written; return DROPBEAR_SUCCESS; } #endif /* HAVE_WRITEV */
--- a/common-kex.c Mon Nov 23 23:04:48 2015 +0800 +++ b/common-kex.c Wed Dec 02 22:37:51 2015 +0800 @@ -760,6 +760,7 @@ unsigned char out[CURVE25519_LEN]; const unsigned char* Q_C = NULL; const unsigned char* Q_S = NULL; + char zeroes[CURVE25519_LEN] = {0}; if (buf_pub_them->len != CURVE25519_LEN) { @@ -767,6 +768,11 @@ } curve25519_donna(out, param->priv, buf_pub_them->data); + + if (constant_time_memcmp(zeroes, out, CURVE25519_LEN) == 0) { + dropbear_exit("Bad curve25519"); + } + m_mp_alloc_init_multi(&ses.dh_K, NULL); bytes_to_mp(ses.dh_K, out, CURVE25519_LEN); m_burn(out, sizeof(out));
--- a/common-session.c Mon Nov 23 23:04:48 2015 +0800 +++ b/common-session.c Wed Dec 02 22:37:51 2015 +0800 @@ -162,6 +162,7 @@ /* We get woken up when signal handlers write to this pipe. SIGCHLD in svr-chansession is the only one currently. */ FD_SET(ses.signal_pipe[0], &readfd); + ses.channel_signal_pending = 0; /* set up for channels which can be read/written */ setchannelfds(&readfd, &writefd, writequeue_has_space); @@ -211,7 +212,9 @@ wake up the select() above. */ if (FD_ISSET(ses.signal_pipe[0], &readfd)) { char x; + TRACE(("signal pipe set")) while (read(ses.signal_pipe[0], &x, 1) > 0) {} + ses.channel_signal_pending = 1; } /* check for auth timeout, rekeying required etc */
--- a/configure.ac Mon Nov 23 23:04:48 2015 +0800 +++ b/configure.ac Wed Dec 02 22:37:51 2015 +0800 @@ -82,9 +82,19 @@ AC_MSG_NOTICE([Using uClibc - login() and logout() probably don't work, so we won't use them.]) ],,,) -# Checks for libraries. -AC_CHECK_LIB(crypt, crypt, CRYPTLIB="-lcrypt") +dnl We test for crypt() specially. On Linux (and others?) it resides in libcrypt +dnl but we don't want link all binaries to -lcrypt, just dropbear server. +dnl OS X doesn't need -lcrypt +AC_CHECK_FUNC(crypt, found_crypt_func=here) +AC_CHECK_LIB(crypt, crypt, + [ + CRYPTLIB="-lcrypt" + found_crypt_func=here + ]) AC_SUBST(CRYPTLIB) +if test "t$found_crypt_func" = there; then +AC_DEFINE(HAVE_CRYPT, 1, [crypt() function]) +fi # Check if zlib is needed AC_ARG_WITH(zlib, @@ -632,7 +642,7 @@ AC_PROG_GCC_TRADITIONAL AC_FUNC_MEMCMP AC_FUNC_SELECT_ARGTYPES -AC_CHECK_FUNCS([dup2 getpass getspnam getusershell memset putenv select socket strdup clearenv strlcpy strlcat daemon basename _getpty getaddrinfo freeaddrinfo getnameinfo fork writev crypt]) +AC_CHECK_FUNCS([dup2 getpass getspnam getusershell memset putenv select socket strdup clearenv strlcpy strlcat daemon basename _getpty getaddrinfo freeaddrinfo getnameinfo fork writev]) AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME)) @@ -730,7 +740,7 @@ AC_MSG_NOTICE([getpass() not available, dbclient will only have public-key authentication]) fi -if test "x$ac_cv_func_crypt" != xyes; then +if test "t$found_crypt_func" != there; then AC_MSG_NOTICE() AC_MSG_NOTICE([crypt() not available, dropbear server will not have password authentication]) fi
--- a/dbclient.1 Mon Nov 23 23:04:48 2015 +0800 +++ b/dbclient.1 Wed Dec 02 22:37:51 2015 +0800 @@ -3,20 +3,19 @@ dbclient \- lightweight SSH client .SH SYNOPSIS .B dbclient -[flag arguments] [\-p +[\fIflag arguments\fR] [\-p .I port\fR] [\-i .I id\fR] [\-L .I l\fR:\fIh\fR:\fIp\fR] [\-R .I l\fR:\fIh\fR:\fIp\fR] [\-l .IR user ] .I host -.RI [ more\ flags ] +.RI [ \fImore\ flags\fR ] .RI [ command ] .B dbclient -[ -.I args ] -.I [user1]@host1[^port1],[user2]@host2[^port2],... +[\fIargs\fR] +[\fIuser1\fR]@\fIhost1\fR[^\fIport1\fR],[\fIuser2\fR]@\fIhost2\fR[^\fIport2\fR],... .SH DESCRIPTION .B dbclient @@ -43,7 +42,7 @@ (multiple allowed). This file is created with dropbearkey(1) or converted from OpenSSH with dropbearconvert(1). The default path ~/.ssh/id_dropbear is used .TP -.B \-L [\fIlistenaddress\fR]:\fIlistenport\fR:\fIhost\fR:\fIport\fR +.B \-L\fR [\fIlistenaddress\fR]:\fIlistenport\fR:\fIhost\fR:\fIport\fR Local port forwarding. Forward the port .I listenport @@ -52,7 +51,7 @@ on the host .IR host . .TP -.B \-R [\fIlistenaddress\fR]:\fIlistenport\fR:\fIhost\fR:\fIport\fR +.B \-R\fR [\fIlistenaddress\fR]:\fIlistenport\fR:\fIhost\fR:\fIport\fR Remote port forwarding. Forward the port .I listenport
--- a/debian/changelog Mon Nov 23 23:04:48 2015 +0800 +++ b/debian/changelog Wed Dec 02 22:37:51 2015 +0800 @@ -1,3 +1,15 @@ +dropbear (2015.70-0.1) unstable; urgency=low + + * New upstream release. + + -- Matt Johnston <[email protected]> Thu, 26 Nov 2015 22:52:58 +0800 + +dropbear (2015.69-0.1) unstable; urgency=low + + * New upstream release. + + -- Matt Johnston <[email protected]> Wed, 25 Nov 2015 22:52:58 +0800 + dropbear (2015.68-0.1) unstable; urgency=low * New upstream release.
--- a/dropbear.8 Mon Nov 23 23:04:48 2015 +0800 +++ b/dropbear.8 Wed Dec 02 22:37:51 2015 +0800 @@ -3,11 +3,10 @@ dropbear \- lightweight SSH server .SH SYNOPSIS .B dropbear -[flag arguments] [\-b +[\fIflag arguments\fR] [\-b .I banner\fR] [\-r -.I hostkeyfile\fR] [\-p -.IR [address:]port ] +.I hostkeyfile\fR] [\-p [\fIaddress\fR:]\fIport\fR] .SH DESCRIPTION .B dropbear is a small SSH server @@ -54,7 +53,7 @@ .B \-k Disable remote port forwarding. .TP -.B \-p \fI[address:]port +.B \-p\fR [\fIaddress\fR:]\fIport Listen on specified .I address and TCP @@ -128,7 +127,7 @@ same functionality with other means even if no-pty is set. .TP -.B command="\fIforced_command\fR" +.B command=\fR"\fIforced_command\fR" Disregard the command provided by the user and always run \fIforced_command\fR. The authorized_keys file and its containing ~/.ssh directory must only be
--- a/dropbearconvert.1 Mon Nov 23 23:04:48 2015 +0800 +++ b/dropbearconvert.1 Wed Dec 02 22:37:51 2015 +0800 @@ -21,24 +21,24 @@ .P Encrypted private keys are not supported, use ssh-keygen(1) to decrypt them first. -.SH OPTIONS +.SH ARGUMENTS .TP -.B input type +.I input_type Either .I dropbear or .I openssh .TP -.B output type +.I output_type Either .I dropbear or .I openssh .TP -.B input file +.I input_file An existing Dropbear or OpenSSH private key file .TP -.B output file +.I output_file The path to write the converted private key file. For client authentication ~/.ssh/id_dropbear is loaded by default .SH EXAMPLE # dropbearconvert openssh dropbear ~/.ssh/id_rsa ~/.ssh/id_dropbear
--- a/dropbearkey.1 Mon Nov 23 23:04:48 2015 +0800 +++ b/dropbearkey.1 Wed Dec 02 22:37:51 2015 +0800 @@ -13,10 +13,7 @@ .SH DESCRIPTION .B dropbearkey generates a -.I RSA -.I DSS, -or -.I ECDSA +\fIRSA\fR, \fIDSS\fR, or \fIECDSA\fR format SSH private key, and saves it to a file for the use with the Dropbear client or server. Note that @@ -34,7 +31,7 @@ .TP .B \-f \fIfile Write the secret key to the file -.IR file . For client authentication ~/.ssh/id_dropbear is loaded by default +\fIfile\fR. For client authentication ~/.ssh/id_dropbear is loaded by default .TP .B \-s \fIbits Set the key size to
--- a/release.sh Mon Nov 23 23:04:48 2015 +0800 +++ b/release.sh Wed Dec 02 22:37:51 2015 +0800 @@ -39,4 +39,7 @@ ls -l $ARCHIVE openssl sha -sha256 $ARCHIVE -echo "Done to $ARCHIVE" +echo Done to +echo "$ARCHIVE" +echo Sign it with +echo gpg2 --detach-sign -a -u F29C6773 "$ARCHIVE"
--- a/runopts.h Mon Nov 23 23:04:48 2015 +0800 +++ b/runopts.h Wed Dec 02 22:37:51 2015 +0800 @@ -33,7 +33,8 @@ typedef struct runopts { -#if defined(ENABLE_SVR_REMOTETCPFWD) || defined(ENABLE_CLI_LOCALTCPFWD) +#if defined(ENABLE_SVR_REMOTETCPFWD) || defined(ENABLE_CLI_LOCALTCPFWD) \ + || defined(ENABLE_CLI_REMOTETCPFWD) int listen_fwd_all; #endif unsigned int recv_window;
--- a/svr-runopts.c Mon Nov 23 23:04:48 2015 +0800 +++ b/svr-runopts.c Wed Dec 02 22:37:51 2015 +0800 @@ -551,6 +551,6 @@ #endif /* DROPBEAR_ECDSA */ if (!any_keys) { - dropbear_exit("No hostkeys available"); + dropbear_exit("No hostkeys available. 'dropbear -R' may be useful or run dropbearkey."); } }
--- a/sysoptions.h Mon Nov 23 23:04:48 2015 +0800 +++ b/sysoptions.h Wed Dec 02 22:37:51 2015 +0800 @@ -4,7 +4,7 @@ *******************************************************************/ #ifndef DROPBEAR_VERSION -#define DROPBEAR_VERSION "2015.68" +#define DROPBEAR_VERSION "2015.70" #endif #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION