Mercurial > dropbear

changeset 954:e257f94ef8a7 coverity

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
merge
author Matt Johnston <matt@ucc.asn.au>
date Mon, 28 Jul 2014 22:56:07 +0800
parents 9969cee83d0a (current diff) 356a25a108a3 (diff)
children 46a0b2ebc22c
files
diffstat 15 files changed, 123 insertions(+), 27 deletions(-) [+]
line wrap: on
line diff
--- a/.hgsigs	Sat Jul 26 10:23:53 2014 +0800
+++ b/.hgsigs	Mon Jul 28 22:56:07 2014 +0800
@@ -10,3 +10,4 @@
 9ec083a21adfcb099f21eb03704b66d14a4ba800 0 iEYEABECAAYFAlKE4JoACgkQjPn4sExkf7wLDgCghkVGwMjI138bEv+ORVzN7zIH7cEAoLckaxZc1k1aXlmlSCRlP8cuKH3o
 3d1d7d151c0ce3a79da62e86463f5632fa2b144a 0 iEYEABECAAYFAlKd5AEACgkQjPn4sExkf7wzWgCfdvPEEIdlMPqcbOQMJ7b+eAyy164An2ip1lPh1eS5g26/gSfruvWBVym4
 277429102f1337bd10c89107d3e01de509cc1a7e 0 iEYEABECAAYFAlMEvF4ACgkQjPn4sExkf7xeVQCgtbxJ4G3hsFwUOM0K1WGr1J2vsbEAoMM8dEyr1mdrbgO1tzNLfD1nxbyn
+96584b934d04ebab443f603e78d38fe692d36313 0 iEYEABECAAYFAlPVFrQACgkQjPn4sExkf7xr6ACglRiLE21vRrS1rJ809o2yMADIKtwAn1f5SyZUngSde8eE55JxCMwtMC5m
--- a/.hgtags	Sat Jul 26 10:23:53 2014 +0800
+++ b/.hgtags	Mon Jul 28 22:56:07 2014 +0800
@@ -43,3 +43,4 @@
 e894dbc015ba7ff4c3bf897ee20e28ca90c55a16 DROPBEAR_2013.61test
 3d1d7d151c0ce3a79da62e86463f5632fa2b144a DROPBEAR_2013.62
 2351b2da8e0d08dcc6e64fcc328b53b9630bda68 DROPBEAR_2014.63
+0d2d39957c029adb7f4327d37fe6b4900f0736d9 DROPBEAR_2014.64
--- a/CHANGES	Sat Jul 26 10:23:53 2014 +0800
+++ b/CHANGES	Mon Jul 28 22:56:07 2014 +0800
@@ -1,4 +1,4 @@
-2014.64 pending
+2014.64 - Sunday 27 July 2014
 
 - Fix compiling with ECDSA and DSS disabled
 
@@ -24,6 +24,8 @@
 - Use monotonic clock where available, timeouts won't be affected by system time
   changes
 
+- Add -V for version
+
 2014.63 - Wednesday 19 February 2014
 
 - Fix ~. to terminate a client interactive session after waking a laptop
--- a/cli-runopts.c	Sat Jul 26 10:23:53 2014 +0800
+++ b/cli-runopts.c	Mon Jul 28 22:56:07 2014 +0800
@@ -90,6 +90,7 @@
 					"-c <cipher list> Specify preferred ciphers ('-c help' to list options)\n"
 					"-m <MAC list> Specify preferred MACs for packet verification (or '-m help')\n"
 #endif
+					"-V    Version\n"
 #ifdef DEBUG_TRACE
 					"-v    verbose (compiled with DEBUG_TRACE)\n"
 #endif
@@ -324,6 +325,10 @@
 #ifndef ENABLE_CLI_LOCALTCPFWD
 				case 'L':
 #endif
+				case 'V':
+					print_version();
+					exit(EXIT_SUCCESS);
+					break;
 				case 'o':
 				case 'b':
 					next = &dummy;
--- a/common-runopts.c	Sat Jul 26 10:23:53 2014 +0800
+++ b/common-runopts.c	Mon Jul 28 22:56:07 2014 +0800
@@ -106,3 +106,8 @@
 }
 #endif
 
+void print_version() {
+	fprintf(stderr, "Dropbear v%s\n", DROPBEAR_VERSION);
+}
+
+
--- a/dbclient.1	Sat Jul 26 10:23:53 2014 +0800
+++ b/dbclient.1	Mon Jul 28 22:56:07 2014 +0800
@@ -19,8 +19,7 @@
 
 .SH DESCRIPTION
 .B dbclient
-is a SSH client designed to be small enough to be used in small memory
-environments, while still being functional and secure enough for general use.
+is a small SSH client 
 .SH OPTIONS
 .TP
 .B \-p \fIport
@@ -98,7 +97,7 @@
 useful for working around firewalls or routers that drop connections after
 a certain period of inactivity. The trade-off is that a session may be
 closed if there is a temporary lapse of network connectivity. A setting
-if 0 disables keepalives.
+if 0 disables keepalives. If no response is received for 3 consecutive keepalives the connection will be closed.
 .TP
 .B \-I \fIidle_timeout
 Disconnect the session if no traffic is transmitted or received for \fIidle_timeout\fR seconds.
@@ -121,6 +120,9 @@
 .TP
 .B \-s 
 The specified command will be requested as a subsystem, used for sftp. Dropbear doesn't implement sftp itself but the OpenSSH sftp client can be used eg \fIsftp -S dbclient user@host\fR
+.TP
+.B \-V
+Print the version
 
 .SH MULTI-HOP
 Dropbear will also allow multiple "hops" to be specified, separated by commas. In
--- a/dbutil.c	Sat Jul 26 10:23:53 2014 +0800
+++ b/dbutil.c	Mon Jul 28 22:56:07 2014 +0800
@@ -161,7 +161,7 @@
 	gettimeofday(&tv, NULL);
 
 	va_start(param, format);
-	fprintf(stderr, "TRACE  (%d) %d.%d: ", getpid(), tv.tv_sec, tv.tv_usec);
+	fprintf(stderr, "TRACE  (%d) %d.%d: ", getpid(), (int)tv.tv_sec, (int)tv.tv_usec);
 	vfprintf(stderr, format, param);
 	fprintf(stderr, "\n");
 	va_end(param);
@@ -183,7 +183,7 @@
 	gettimeofday(&tv, NULL);
 
 	va_start(param, format);
-	fprintf(stderr, "TRACE2 (%d) %d.%d: ", getpid(), tv.tv_sec, tv.tv_usec);
+	fprintf(stderr, "TRACE2 (%d) %d.%d: ", getpid(), (int)tv.tv_sec, (int)tv.tv_usec);
 	vfprintf(stderr, format, param);
 	fprintf(stderr, "\n");
 	va_end(param);
@@ -945,22 +945,46 @@
 	return c;
 }
 
-time_t monotonic_now() {
-
 #if defined(__linux__) && defined(SYS_clock_gettime)
-	/* CLOCK_MONOTONIC_COARSE was added in Linux 2.6.32. Probably cheaper. */
+/* CLOCK_MONOTONIC_COARSE was added in Linux 2.6.32 but took a while to
+reach userspace include headers */
 #ifndef CLOCK_MONOTONIC_COARSE
 #define CLOCK_MONOTONIC_COARSE 6
 #endif
-	static clockid_t clock_source = CLOCK_MONOTONIC_COARSE;
+static clockid_t get_linux_clock_source() {
 	struct timespec ts;
+	if (syscall(SYS_clock_gettime, CLOCK_MONOTONIC_COARSE, &ts) == 0) {
+		return CLOCK_MONOTONIC_COARSE;
+	}
+
+	if (syscall(SYS_clock_gettime, CLOCK_MONOTONIC, &ts) == 0) {
+		return CLOCK_MONOTONIC;
+	}
+	return -1;
+}
+#endif 
+
+time_t monotonic_now() {
+#if defined(__linux__) && defined(SYS_clock_gettime)
+	static clockid_t clock_source = -2;
 
-	if (syscall(SYS_clock_gettime, clock_source, &ts) == EINVAL) {
-		clock_source = CLOCK_MONOTONIC;
-		syscall(SYS_clock_gettime, CLOCK_MONOTONIC, &ts);
+	if (clock_source == -2) {
+		/* First run, find out which one works. 
+		-1 will fall back to time() */
+		clock_source = get_linux_clock_source();
 	}
-	return ts.tv_sec;
-#elif defined(HAVE_MACH_ABSOLUTE_TIME)
+
+	if (clock_source >= 0) {
+		struct timespec ts;
+		if (syscall(SYS_clock_gettime, clock_source, &ts) != 0) {
+			/* Intermittent clock failures should not happen */
+			dropbear_exit("Clock broke");
+		}
+		return ts.tv_sec;
+	}
+#endif /* linux clock_gettime */
+
+#if defined(HAVE_MACH_ABSOLUTE_TIME)
 	/* OS X, see https://developer.apple.com/library/mac/qa/qa1398/_index.html */
 	static mach_timebase_info_data_t timebase_info;
 	if (timebase_info.denom == 0) {
@@ -968,10 +992,9 @@
 	}
 	return mach_absolute_time() * timebase_info.numer / timebase_info.denom
 		/ 1e9;
-#else 
+#endif /* osx mach_absolute_time */
+
 	/* Fallback for everything else - this will sometimes go backwards */
 	return time(NULL);
-#endif
-
 }
 
--- a/dbutil.h	Sat Jul 26 10:23:53 2014 +0800
+++ b/dbutil.h	Mon Jul 28 22:56:07 2014 +0800
@@ -62,9 +62,9 @@
 #endif
 
 enum dropbear_prio {
-	DROPBEAR_PRIO_DEFAULT = 'dffd',
-	DROPBEAR_PRIO_LOWDELAY = 'lddl',
-	DROPBEAR_PRIO_BULK = 'bllb',
+	DROPBEAR_PRIO_DEFAULT = 10,
+	DROPBEAR_PRIO_LOWDELAY = 11,
+	DROPBEAR_PRIO_BULK = 12,
 };
 
 char * stripcontrol(const char * text);
--- a/debian/changelog	Sat Jul 26 10:23:53 2014 +0800
+++ b/debian/changelog	Mon Jul 28 22:56:07 2014 +0800
@@ -1,3 +1,9 @@
+dropbear (2014.64-0.1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Matt Johnston <[email protected]>  Sun, 27 Jul 2014 22:54:00 +0800
+
 dropbear (2014.63-0.1) unstable; urgency=low
 
   * New upstream release.
--- a/dropbear.8	Sat Jul 26 10:23:53 2014 +0800
+++ b/dropbear.8	Mon Jul 28 22:56:07 2014 +0800
@@ -10,8 +10,7 @@
 .IR [address:]port ]
 .SH DESCRIPTION
 .B dropbear
-is a SSH server designed to be small enough to be used in small memory
-environments, while still being functional and secure enough for general use.
+is a small SSH server 
 .SH OPTIONS
 .TP
 .B \-b \fIbanner
@@ -88,10 +87,14 @@
 useful for working around firewalls or routers that drop connections after
 a certain period of inactivity. The trade-off is that a session may be
 closed if there is a temporary lapse of network connectivity. A setting
-if 0 disables keepalives.
+if 0 disables keepalives. If no response is received for 3 consecutive keepalives the connection will be closed.
 .TP
 .B \-I \fIidle_timeout
 Disconnect the session if no traffic is transmitted or received for \fIidle_timeout\fR seconds.
+.TP
+.B \-V
+Print the version
+
 .SH FILES
 
 .TP
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/release.sh	Mon Jul 28 22:56:07 2014 +0800
@@ -0,0 +1,40 @@
+#!/bin/sh
+VERSION=$(echo '#include "sysoptions.h"\necho DROPBEAR_VERSION' | cpp - | sh)
+echo Releasing version "$VERSION" ...
+if ! head -n1 CHANGES | grep -q $VERSION ; then
+	echo "CHANGES needs updating"
+	exit 1
+fi
+
+if ! head -n1 debian/changelog | grep -q $VERSION ; then
+	echo "CHANGES needs updating"
+	exit 1
+fi
+
+head -n1 CHANGES
+
+#sleep 3
+
+RELDIR=$PWD/../dropbear-$VERSION
+ARCHIVE=${RELDIR}.tar.bz2
+if test -e $RELDIR; then
+	echo "$RELDIR exists"
+	exit 1
+fi
+
+if test -e $ARCHIVE; then
+	echo "$ARCHIVE exists"
+	exit 1
+fi
+
+hg archive "$RELDIR"  || exit 2
+
+(cd "$RELDIR" && autoconf && autoheader) || exit 2
+
+rm -r "$RELDIR/autom4te.cache" || exit 2
+
+(cd $RELDIR/.. && tar cjf $ARCHIVE `basename "$RELDIR"`) || exit 2
+
+ls -l $ARCHIVE
+openssl sha1 $ARCHIVE
+echo "Done to $ARCHIVE"
--- a/runopts.h	Sat Jul 26 10:23:53 2014 +0800
+++ b/runopts.h	Mon Jul 28 22:56:07 2014 +0800
@@ -164,4 +164,6 @@
 void parse_ciphers_macs();
 #endif
 
+void print_version(void);
+
 #endif /* _RUNOPTS_H_ */
--- a/svr-runopts.c	Sat Jul 26 10:23:53 2014 +0800
+++ b/svr-runopts.c	Mon Jul 28 22:56:07 2014 +0800
@@ -92,6 +92,7 @@
 					"-W <receive_window_buffer> (default %d, larger may be faster, max 1MB)\n"
 					"-K <keepalive>  (0 is never, default %d, in seconds)\n"
 					"-I <idle_timeout>  (0 is never, default %d, in seconds)\n"
+					"-V    Version\n"
 #ifdef DEBUG_TRACE
 					"-v		verbose (compiled with DEBUG_TRACE)\n"
 #endif
@@ -256,7 +257,7 @@
 #endif
 				case 'h':
 					printhelp(argv[0]);
-					exit(EXIT_FAILURE);
+					exit(EXIT_SUCCESS);
 					break;
 				case 'u':
 					/* backwards compatibility with old urandom option */
@@ -266,6 +267,10 @@
 					debug_trace = 1;
 					break;
 #endif
+				case 'V':
+					print_version();
+					exit(EXIT_SUCCESS);
+					break;
 				default:
 					fprintf(stderr, "Unknown argument %s\n", argv[i]);
 					printhelp(argv[0]);
--- a/sysoptions.h	Sat Jul 26 10:23:53 2014 +0800
+++ b/sysoptions.h	Mon Jul 28 22:56:07 2014 +0800
@@ -4,7 +4,7 @@
  *******************************************************************/
 
 #ifndef DROPBEAR_VERSION
-#define DROPBEAR_VERSION "2014.63"
+#define DROPBEAR_VERSION "2014.64"
 #endif
 
 #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION
--- a/tcpfwd.h	Sat Jul 26 10:23:53 2014 +0800
+++ b/tcpfwd.h	Mon Jul 28 22:56:07 2014 +0800
@@ -72,6 +72,7 @@
 int listen_tcpfwd(struct TCPListener* tcpinfo);
 int tcp_prio_inithandler(struct Channel* chan);
 
-#define CHANNEL_ID_TCPFORWARDED 'tcpf'
+/* A random identifier */
+#define CHANNEL_ID_TCPFORWARDED 0x43612c67
 
 #endif