Commit 45b27b01 authored by Matt Johnston's avatar Matt Johnston
Browse files

merge 2017.75

parents 2a921c2c 9f674382
...@@ -20,5 +20,6 @@ af074dbcb68ff8670b3818e0d66d5dc6f1bd5877 0 iQIcBAABCgAGBQJWVdQfAAoJEPSYMBLCC7qs+ ...@@ -20,5 +20,6 @@ af074dbcb68ff8670b3818e0d66d5dc6f1bd5877 0 iQIcBAABCgAGBQJWVdQfAAoJEPSYMBLCC7qs+
5bb5976e6902a0c9fba974a880c68c9487ee1e77 0 iQIcBAABCgAGBQJWVyIKAAoJEESTFJTynGdzQosP/0k5bVTerpUKZLjyNuMU8o0eyc7njkX8EyMOyGbtcArKpzO2opSBTRsuCT9Zsk1iiQ1GMTY1quKD7aNr86Hipqo4th/+ZXmLe9mmaCDukKjD0ZYC4dBVUy6RSUAMvdkDP9sZs7CMTO/22a9SqOsKTv3s2NN6XnsBGnmNbvVx5hkAk5hMVNFrjKIaexzI/7bWQIDRo2HQCaWaL06JvWEDSEQd2mynGSXxT/+m4hBnuGg6qxn2pd4XfG0g10tDAFx64HQkWgZqSB+F8z71Cvfjondy1zjJYgtABqNlwCKQJZhRUW2+PblqQnz08TUy83XN2vtisOju4avGcHSaBgBbMvg8Wx4ZtM7sPP9pLrhhOTd5ceERHeTceTJy+iI1SQFvccjrRfs5aJ0zAQX5q6f4bV0zp5SmxkvnZUEkZIoetkM8VrPOYugqx31LtHAWfVT9NM+VkV/rrxLhk6J0giIQvC9MPWxRDileFVDszPiOgTLcxWjOziOLT+xijcj7dtx1b/f2bNCduN5G7i+icjjTlCNtyRPRqhBqn705W7F+xESP2gsscM/1BjQ7TGidU5m1njdkUjbrqm3+Qic6iqkG7SfETHmQB9mHqpJ0hACRPvZlhwB7oimNHllkrlw8UJw9f0SiuLjfERIgVS2EOp+mAia0RU7MlTt19o017M1ffEYL 5bb5976e6902a0c9fba974a880c68c9487ee1e77 0 iQIcBAABCgAGBQJWVyIKAAoJEESTFJTynGdzQosP/0k5bVTerpUKZLjyNuMU8o0eyc7njkX8EyMOyGbtcArKpzO2opSBTRsuCT9Zsk1iiQ1GMTY1quKD7aNr86Hipqo4th/+ZXmLe9mmaCDukKjD0ZYC4dBVUy6RSUAMvdkDP9sZs7CMTO/22a9SqOsKTv3s2NN6XnsBGnmNbvVx5hkAk5hMVNFrjKIaexzI/7bWQIDRo2HQCaWaL06JvWEDSEQd2mynGSXxT/+m4hBnuGg6qxn2pd4XfG0g10tDAFx64HQkWgZqSB+F8z71Cvfjondy1zjJYgtABqNlwCKQJZhRUW2+PblqQnz08TUy83XN2vtisOju4avGcHSaBgBbMvg8Wx4ZtM7sPP9pLrhhOTd5ceERHeTceTJy+iI1SQFvccjrRfs5aJ0zAQX5q6f4bV0zp5SmxkvnZUEkZIoetkM8VrPOYugqx31LtHAWfVT9NM+VkV/rrxLhk6J0giIQvC9MPWxRDileFVDszPiOgTLcxWjOziOLT+xijcj7dtx1b/f2bNCduN5G7i+icjjTlCNtyRPRqhBqn705W7F+xESP2gsscM/1BjQ7TGidU5m1njdkUjbrqm3+Qic6iqkG7SfETHmQB9mHqpJ0hACRPvZlhwB7oimNHllkrlw8UJw9f0SiuLjfERIgVS2EOp+mAia0RU7MlTt19o017M1ffEYL
926e7275cef4f4f2a4251597ee4814748394824c 0 iQIcBAABCgAGBQJWYES4AAoJEESTFJTynGdzdT0P/0O/1frevtr698DwMe6kmJx35P6Bqq8szntMxYucv0HROTfr85JRcCCSvl/2SflDS215QmOxdvYLGLUWPJNz/gURCLpzsT88KLF68Y1tC72nl4Fj+LGIOlsWsvwEqQqw0v4iQkHIfcxI6q7g1r9Hfldf/ju4bzQ4HnKLxm6KNcLLoAsuehVpQ+njHpLmlLAGHU5a84B7xeXHFR+U/EBPxSdm637rNhmpLpkuK2Mym/Mzv7BThKDstpB8lhFHIwAVNqi3Cy4nGYxFZOJpooUN9pDornqAwuzHmOAMs9+49L8GZ1de5PBRGyFKibzjBIUWPEU9EIkfJVaVwTlqYK8Q/IRi9HjITPx6GpE8cZhdSvAibrQdb6BbIDrZ8eCvD9vnod6Uk0Jb9/ui6nCF9x+CN/3Qez4epV5+JCMYsqCiXFkVPm9Lab6L2eGZis7Q2TXImA/sSV+E4BGfH2urpkKlnuXTTtDp4XRG+lOISkIBXgjVY+uy8soVKNdx1gv+LeY8hu/oQ2NyOlaOeL47aSQ3who4Pk6pVRUOl6zfcKo9Vs6xDWm35A3Z6x/mrAENaXasB0JrfY5nIbefJUpbeSmi76fYldU98HdQNHPHCSeiKVYl7v/B6gi2JXp5xngLZz/5VVAurago7sRmpIp7G/AqU6LNE85IUzG8aQz8AfR0d1dW 926e7275cef4f4f2a4251597ee4814748394824c 0 iQIcBAABCgAGBQJWYES4AAoJEESTFJTynGdzdT0P/0O/1frevtr698DwMe6kmJx35P6Bqq8szntMxYucv0HROTfr85JRcCCSvl/2SflDS215QmOxdvYLGLUWPJNz/gURCLpzsT88KLF68Y1tC72nl4Fj+LGIOlsWsvwEqQqw0v4iQkHIfcxI6q7g1r9Hfldf/ju4bzQ4HnKLxm6KNcLLoAsuehVpQ+njHpLmlLAGHU5a84B7xeXHFR+U/EBPxSdm637rNhmpLpkuK2Mym/Mzv7BThKDstpB8lhFHIwAVNqi3Cy4nGYxFZOJpooUN9pDornqAwuzHmOAMs9+49L8GZ1de5PBRGyFKibzjBIUWPEU9EIkfJVaVwTlqYK8Q/IRi9HjITPx6GpE8cZhdSvAibrQdb6BbIDrZ8eCvD9vnod6Uk0Jb9/ui6nCF9x+CN/3Qez4epV5+JCMYsqCiXFkVPm9Lab6L2eGZis7Q2TXImA/sSV+E4BGfH2urpkKlnuXTTtDp4XRG+lOISkIBXgjVY+uy8soVKNdx1gv+LeY8hu/oQ2NyOlaOeL47aSQ3who4Pk6pVRUOl6zfcKo9Vs6xDWm35A3Z6x/mrAENaXasB0JrfY5nIbefJUpbeSmi76fYldU98HdQNHPHCSeiKVYl7v/B6gi2JXp5xngLZz/5VVAurago7sRmpIp7G/AqU6LNE85IUzG8aQz8AfR0d1dW
fd1981f41c626a969f07b4823848deaefef3c8aa 0 iQIcBAABCgAGBQJW4W2TAAoJEESTFJTynGdzuOcP/j6tvB2WRwSj39KoJuRcRebFWWv4ZHiQXYMXWa3X0Ppzz52r9W0cXDjjlp5FyGdovCQsK+IXmjPo5cCvWBrZJYA6usFr9ssnUtTC+45lvPxPYwj47ZGPngCXDt7LD+v08XhqCu4LsctXIP/zejd30KVS1eR2RHI+tnEyaIKC0Xaa0igcv74MZX7Q8/U+B730QMX5adfYAHoeyRhoctRWaxVV3To7Vadd9jNXP45MRY5auhRcK7XyQcS85vJeCRoysfDUas4ERRQWYkX+68GyzO9GrkYFle931Akw2K6ZZfUuiC2TrF5xv1eRP1Zm2GX481U4ZGFTI8IzZL8sVQ6tvzq2Mxsecu589JNui9aB2d8Gp2Su/E2zn0h0ShIRmviGzf2HiBt+Bnji5X2h/fJKWbLaWge0MdOU5Jidfyh9k0YT7xo4piJLJYSaZ3nv+j4jTYnTfL7uYvuWbYkJ1T32aQVCan7Eup3BFAgQjzbWYi1XQVg6fvu8uHPpS3tNNA9EAMeeyTyg1l6zI2EIU5gPfd/dKmdyotY2lZBkFZNJqFkKRZuzjWekcw7hAxS+Bd68GKklt/DGrQiVycAgimqwXrfkzzQagawq2fXL2uXB8ghlsyxKLSQPnAtBF2Jcn5FH2z7HOQ+e18ZrFfNy0cYa/4OdH6K5aK1igTzhZZP2Urn0 fd1981f41c626a969f07b4823848deaefef3c8aa 0 iQIcBAABCgAGBQJW4W2TAAoJEESTFJTynGdzuOcP/j6tvB2WRwSj39KoJuRcRebFWWv4ZHiQXYMXWa3X0Ppzz52r9W0cXDjjlp5FyGdovCQsK+IXmjPo5cCvWBrZJYA6usFr9ssnUtTC+45lvPxPYwj47ZGPngCXDt7LD+v08XhqCu4LsctXIP/zejd30KVS1eR2RHI+tnEyaIKC0Xaa0igcv74MZX7Q8/U+B730QMX5adfYAHoeyRhoctRWaxVV3To7Vadd9jNXP45MRY5auhRcK7XyQcS85vJeCRoysfDUas4ERRQWYkX+68GyzO9GrkYFle931Akw2K6ZZfUuiC2TrF5xv1eRP1Zm2GX481U4ZGFTI8IzZL8sVQ6tvzq2Mxsecu589JNui9aB2d8Gp2Su/E2zn0h0ShIRmviGzf2HiBt+Bnji5X2h/fJKWbLaWge0MdOU5Jidfyh9k0YT7xo4piJLJYSaZ3nv+j4jTYnTfL7uYvuWbYkJ1T32aQVCan7Eup3BFAgQjzbWYi1XQVg6fvu8uHPpS3tNNA9EAMeeyTyg1l6zI2EIU5gPfd/dKmdyotY2lZBkFZNJqFkKRZuzjWekcw7hAxS+Bd68GKklt/DGrQiVycAgimqwXrfkzzQagawq2fXL2uXB8ghlsyxKLSQPnAtBF2Jcn5FH2z7HOQ+e18ZrFfNy0cYa/4OdH6K5aK1igTzhZZP2Urn0
70705edee9dd29cd3d410f19fbd15cc3489313e2 0 iQIcBAABCgAGBQJW7CQRAAoJEESTFJTynGdzTj0QAJL38CKSZthBAeI9c6B+IlwIeT6kPZaPqk1pkycCTWOe87NiNU9abrsF+JrjTuRQiO1EpM2IvfQEIXTijUcMxvld3PnzrZDDv6UvBLtOkn3i++HSVRO0MOuTKI8gFDEPUxRtcaCKXEbqYnf1OTK25FT09Vb//qP9mK1thvlLJmbV+D2a9MkMK66rom1d1h+347IsuwsM+ycHjB80VVAQLA7VYLC5YIwmL17dSmcQLvetfikAMwwmUE+KES4qiLSaqOcAWcKcU67RZzgMMv5o0rESlQmv1nj0mHZtHoUR71sd21emPaRXLOr0oT5YogWUphKq2qVthRn2B06+vd3hPdtn92CmJw9j7zT2jl4OeSjNm9qfAajsRzHIANssFxkGAb7w/LxcMoO29JC+01iUUJMdOVm+4Ns6wGI7qxssWPKdB+VbQUDlHrXLR+sopO524uhkYoWB6DVfTj4R6tImaHtj5/VXON0lsYaLGj8cSH60emL6nNQ0lYV/bSlk6l0s+0x3uXGZnp9oKA+vqMzHfG3vJeMm6KUqtFVjUsYx+q8nHm5/SlWxj1EwnkH8s8ELKZAUXjd76nWEwJ7JFRNRSQWvjOUh3/rsOo4JopzZXPsjCjm+Vql9TG0X6hB21noai32oD5RvfhtR/NX6sXNS5TKZz/j/cMsMnAAsSKb6W7Jm
9030ffdbe5625e35ed7189ab84a41dfc8d413e9c 0 iQIcBAABCgAGBQJXkOg0AAoJEESTFJTynGdzc1kP/3vSKCnhOOvjCjnpTQadYcCUq8vTNnfLHYVu0R4ItPa/jT6RmxoaYP+lZnLnnBx9+aX7kzwHsa9BUX3MbMEyLrOzX2I+bDJbNPhQyupyCuPYlf5Q9KVcO9YlpbsC4q5XBzCn3j2+pT8kSfi9uD8fgY3TgE4w9meINrfQAealfjwMLT8S/I49/ni0r+usSfk/dnSShJYDUO7Ja0VWbJea/GkkZTu30bCnMUZPjRApipU3hPP63WFjkSMT1rp2mAXbWqyr9lf8z32yxzM9nMSjq4ViRFzFlkGtE3EVRJ4PwkO7JuiWAMPJpiQcEr+r52cCsmWhiGyHuINo01MwoMO9/n6uL1WVa3mJcE9se3xBOvfgDu2FRFGCAdm1tef+AGVo9EG1uJXi0sX2yUc6DMeuYaRWrXMMlZh7zp9cuNU9Y/lLui9RFmq66yeXG3Z2B72doju3Ig5QGrNNw2AOsSzeHdAtOp6ychqPcl9QfIeJQG18KyPSefZKM3G8YRKBRIwXFEH6iZJe5ZIP4iXrHDMn2JqtTRtDqKR8VNDAgb9z4Ffx8QRxFyj5JzTTMM1GddHb9udLvTQlO0ULYG7hCSMRNzvUBE2aTw8frjLRyfyyg3QpDu/hz8op8s1ecE8rTCD8RuX9DiiylNozypPtGNS+UDbAmkc1PCWaRpPVl+9K6787 9030ffdbe5625e35ed7189ab84a41dfc8d413e9c 0 iQIcBAABCgAGBQJXkOg0AAoJEESTFJTynGdzc1kP/3vSKCnhOOvjCjnpTQadYcCUq8vTNnfLHYVu0R4ItPa/jT6RmxoaYP+lZnLnnBx9+aX7kzwHsa9BUX3MbMEyLrOzX2I+bDJbNPhQyupyCuPYlf5Q9KVcO9YlpbsC4q5XBzCn3j2+pT8kSfi9uD8fgY3TgE4w9meINrfQAealfjwMLT8S/I49/ni0r+usSfk/dnSShJYDUO7Ja0VWbJea/GkkZTu30bCnMUZPjRApipU3hPP63WFjkSMT1rp2mAXbWqyr9lf8z32yxzM9nMSjq4ViRFzFlkGtE3EVRJ4PwkO7JuiWAMPJpiQcEr+r52cCsmWhiGyHuINo01MwoMO9/n6uL1WVa3mJcE9se3xBOvfgDu2FRFGCAdm1tef+AGVo9EG1uJXi0sX2yUc6DMeuYaRWrXMMlZh7zp9cuNU9Y/lLui9RFmq66yeXG3Z2B72doju3Ig5QGrNNw2AOsSzeHdAtOp6ychqPcl9QfIeJQG18KyPSefZKM3G8YRKBRIwXFEH6iZJe5ZIP4iXrHDMn2JqtTRtDqKR8VNDAgb9z4Ffx8QRxFyj5JzTTMM1GddHb9udLvTQlO0ULYG7hCSMRNzvUBE2aTw8frjLRyfyyg3QpDu/hz8op8s1ecE8rTCD8RuX9DiiylNozypPtGNS+UDbAmkc1PCWaRpPVl+9K6787
5c9207ceedaea794f958224c19214d66af6e2d56 0 iQIzBAABCgAdFiEE9zR+8u4uB6JnYoypRJMUlPKcZ3MFAlkdtooACgkQRJMUlPKcZ3P6ZxAAmLy/buZB/d96DJF/pViRWt/fWdjQFC4MqWfeSLW02OZ8Qkm1vPL3ln6WPHC2thy3xZWVg2uan3pLk/XXnsIFu8Q7r1EAfFFpvlMUmdl7asE8V6ilaeqmiI7bIvGMFbf4cZkQliLjiFkJX56tFHRCNi+rb7WgRuru3/GzPXUq2AvXZvFpFJgik0B72TxVlmCKeBRZq1FvP0UhAH48RJWYJksdEyzh2paMfjX9ZO5Q2SFFrmPw6k2ArdJFC1AYcgceZC84y06RKJ0WiSntUPlEUXgQbQVVWbtQDhjfJXMr/beuroNdT/vsRraLVkAzvhaDXNnHlAJNLQxci+AcLpnzZhxMW+ax7RRtrpXGxRN4cs0lBGUcSkaDybFqMYXwEjXAE8w6fdJRWCIlxctkAW/iNEO4kAG97hI2Qwcw5oU2Ymnv09zyGR+XJE35pJqPulJHExdwanJHvmjH0QF7TNFS82yxS5dKnP954cj3Lu9SWGYWjxQJRmLtOwb+lqqol4VTxG7Ois4uef9/Tpp9skeMZXVeNlpn2wrp6iFcX3uiiVDg9VKkl3ig6UqCiqQSuiIN87RXwUOeHXlCnW3adz3Xei0ziBrwLSql7lBIHGEAlUUNmJ3CrR8IwQtcynGEMKfNIeZ/XK+uNlm9cJIqZf1fzqc8KexlyS9AS0i/kiYZTr4= 5c9207ceedaea794f958224c19214d66af6e2d56 0 iQIzBAABCgAdFiEE9zR+8u4uB6JnYoypRJMUlPKcZ3MFAlkdtooACgkQRJMUlPKcZ3P6ZxAAmLy/buZB/d96DJF/pViRWt/fWdjQFC4MqWfeSLW02OZ8Qkm1vPL3ln6WPHC2thy3xZWVg2uan3pLk/XXnsIFu8Q7r1EAfFFpvlMUmdl7asE8V6ilaeqmiI7bIvGMFbf4cZkQliLjiFkJX56tFHRCNi+rb7WgRuru3/GzPXUq2AvXZvFpFJgik0B72TxVlmCKeBRZq1FvP0UhAH48RJWYJksdEyzh2paMfjX9ZO5Q2SFFrmPw6k2ArdJFC1AYcgceZC84y06RKJ0WiSntUPlEUXgQbQVVWbtQDhjfJXMr/beuroNdT/vsRraLVkAzvhaDXNnHlAJNLQxci+AcLpnzZhxMW+ax7RRtrpXGxRN4cs0lBGUcSkaDybFqMYXwEjXAE8w6fdJRWCIlxctkAW/iNEO4kAG97hI2Qwcw5oU2Ymnv09zyGR+XJE35pJqPulJHExdwanJHvmjH0QF7TNFS82yxS5dKnP954cj3Lu9SWGYWjxQJRmLtOwb+lqqol4VTxG7Ois4uef9/Tpp9skeMZXVeNlpn2wrp6iFcX3uiiVDg9VKkl3ig6UqCiqQSuiIN87RXwUOeHXlCnW3adz3Xei0ziBrwLSql7lBIHGEAlUUNmJ3CrR8IwQtcynGEMKfNIeZ/XK+uNlm9cJIqZf1fzqc8KexlyS9AS0i/kiYZTr4=
...@@ -52,5 +52,6 @@ cbd674d63cd4f3781464a8d4056a5506c8ae926f DROPBEAR_2015.67 ...@@ -52,5 +52,6 @@ cbd674d63cd4f3781464a8d4056a5506c8ae926f DROPBEAR_2015.67
79a6ef02307d05cb9dda10465cb5b807baa8f62e DROPBEAR_2015.70 79a6ef02307d05cb9dda10465cb5b807baa8f62e DROPBEAR_2015.70
9a944a243f08be6b22d32f166a0690eb4872462b DROPBEAR_2015.71 9a944a243f08be6b22d32f166a0690eb4872462b DROPBEAR_2015.71
78b12b6549be08b0bea3da329b2578060a76ca31 DROPBEAR_2016.72 78b12b6549be08b0bea3da329b2578060a76ca31 DROPBEAR_2016.72
309e1c4a87682b6ca7d80b8555a1db416c3cb7ac DROPBEAR_2016.73
0ed3d2bbf956cb8a9bf0f4b5a86b7dd9688205cb DROPBEAR_2016.74 0ed3d2bbf956cb8a9bf0f4b5a86b7dd9688205cb DROPBEAR_2016.74
c31276613181c5cff7854e7ef586ace03424e55e DROPBEAR_2017.75 c31276613181c5cff7854e7ef586ace03424e55e DROPBEAR_2017.75
...@@ -41,7 +41,9 @@ install: ...@@ -41,7 +41,9 @@ install:
script: script:
- autoconf && autoheader && ./configure "$BUNDLEDLIBTOM" CFLAGS="-O2 -Wall -Wno-pointer-sign $WEXTRAFLAGS" --prefix="$HOME/inst" - autoconf && autoheader && ./configure "$BUNDLEDLIBTOM" CFLAGS="-O2 -Wall -Wno-pointer-sign $WEXTRAFLAGS" --prefix="$HOME/inst"
- if [ "$NOWRITEV" = "1" ]; then sed -i -e s/HAVE_WRITEV/DONT_HAVE_WRITEV/ config.h ; fi - if [ "$NOWRITEV" = "1" ]; then sed -i -e s/HAVE_WRITEV/DONT_HAVE_WRITEV/ config.h ; fi
- make -j3 install - make -j3
# avoid concurrent install, osx/freebsd is racey (https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=208093)
- make install
after_success: after_success:
- ~/inst/bin/dropbearkey -t rsa -f testrsa - ~/inst/bin/dropbearkey -t rsa -f testrsa
......
...@@ -24,6 +24,10 @@ CFLAGS+=-I$(srcdir)/libtomcrypt/src/headers/ ...@@ -24,6 +24,10 @@ CFLAGS+=-I$(srcdir)/libtomcrypt/src/headers/
LIBTOM_LIBS=$(STATIC_LTC) $(STATIC_LTM) LIBTOM_LIBS=$(STATIC_LTC) $(STATIC_LTM)
endif endif
ifneq ($(wildcard localoptions.h),)
CFLAGS+=-DLOCALOPTIONS_H_EXISTS
endif
COMMONOBJS=dbutil.o buffer.o dbhelpers.o \ COMMONOBJS=dbutil.o buffer.o dbhelpers.o \
dss.o bignum.o \ dss.o bignum.o \
signkey.o rsa.o dbrandom.o \ signkey.o rsa.o dbrandom.o \
...@@ -76,6 +80,8 @@ [email protected]@ ...@@ -76,6 +80,8 @@ [email protected]@
sbindir=@[email protected] sbindir=@[email protected]
mandir=@[email protected] mandir=@[email protected]
.DELETE_ON_ERROR:
CC=@[email protected] CC=@[email protected]
AR=@[email protected] AR=@[email protected]
RANLIB=@[email protected] RANLIB=@[email protected]
...@@ -155,7 +161,6 @@ inst_%: % ...@@ -155,7 +161,6 @@ inst_%: %
inst_dropbearmulti: $(addprefix insmulti, $(PROGRAMS)) inst_dropbearmulti: $(addprefix insmulti, $(PROGRAMS))
# for some reason the rule further down doesn't like $([email protected]) as a prereq. # for some reason the rule further down doesn't like $([email protected]) as a prereq.
dropbear: $(dropbearobjs) dropbear: $(dropbearobjs)
dbclient: $(dbclientobjs) dbclient: $(dbclientobjs)
...@@ -195,18 +200,18 @@ link%: ...@@ -195,18 +200,18 @@ link%:
-ln -s dropbearmulti$(EXEEXT) $*$(EXEEXT) -ln -s dropbearmulti$(EXEEXT) $*$(EXEEXT)
$(STATIC_LTC): options.h $(STATIC_LTC): options.h
cd libtomcrypt && $(MAKE) $(MAKE) -C libtomcrypt
$(STATIC_LTM): options.h $(STATIC_LTM): options.h
cd libtommath && $(MAKE) $(MAKE) -C libtommath
.PHONY : clean sizes thisclean distclean tidy ltc-clean ltm-clean .PHONY : clean sizes thisclean distclean tidy ltc-clean ltm-clean
ltc-clean: ltc-clean:
cd libtomcrypt && $(MAKE) clean $(MAKE) -C libtomcrypt clean
ltm-clean: ltm-clean:
cd libtommath && $(MAKE) clean $(MAKE) -C libtommath clean
sizes: dropbear sizes: dropbear
objdump -t dropbear|grep ".text"|cut -d "." -f 2|sort -rn objdump -t dropbear|grep ".text"|cut -d "." -f 2|sort -rn
...@@ -215,7 +220,7 @@ clean: ltc-clean ltm-clean thisclean ...@@ -215,7 +220,7 @@ clean: ltc-clean ltm-clean thisclean
thisclean: thisclean:
-rm -f dropbear dbclient dropbearkey dropbearconvert scp scp-progress \ -rm -f dropbear dbclient dropbearkey dropbearconvert scp scp-progress \
dropbearmulti *.o *.da *.bb *.bbg *.prof dropbearmulti *.o *.da *.bb *.bbg *.prof
distclean: clean tidy distclean: clean tidy
-rm -f config.h -rm -f config.h
...@@ -223,3 +228,11 @@ distclean: clean tidy ...@@ -223,3 +228,11 @@ distclean: clean tidy
tidy: tidy:
-rm -f *~ *.gcov */*~ -rm -f *~ *.gcov */*~
# default_options.h is stored in version control, could not find a workaround
# for parallel "make -j" and dependency rules.
default_options.h: default_options.h.in
echo "# > > > Generated from $^, edit that file instead !" > [email protected].tmp
echo >> [email protected].tmp
$(srcdir)/ifndef_wrapper.sh < $^ > [email protected].tmp
mv [email protected].tmp [email protected]
...@@ -30,7 +30,7 @@ ...@@ -30,7 +30,7 @@
#include "auth.h" #include "auth.h"
#include "list.h" #include "list.h"
#ifdef ENABLE_CLI_AGENTFWD #if DROPBEAR_CLI_AGENTFWD
/* An agent reply can be reasonably large, as it can /* An agent reply can be reasonably large, as it can
* contain a list of all public keys held by the agent. * contain a list of all public keys held by the agent.
...@@ -50,14 +50,14 @@ void cli_setup_agent(struct Channel *channel); ...@@ -50,14 +50,14 @@ void cli_setup_agent(struct Channel *channel);
extern const struct ChanType cli_chan_agent; extern const struct ChanType cli_chan_agent;
#endif /* ENABLE_CLI_AGENTFWD */ #endif /* DROPBEAR_CLI_AGENTFWD */
#ifdef ENABLE_SVR_AGENTFWD #if DROPBEAR_SVR_AGENTFWD
int svr_agentreq(struct ChanSess * chansess); int svr_agentreq(struct ChanSess * chansess);
void svr_agentcleanup(struct ChanSess * chansess); void svr_agentcleanup(struct ChanSess * chansess);
void svr_agentset(struct ChanSess *chansess); void svr_agentset(struct ChanSess *chansess);
#endif /* ENABLE_SVR_AGENTFWD */ #endif /* DROPBEAR_SVR_AGENTFWD */
#endif /* DROPBEAR_AGENTFWD_H_ */ #endif /* DROPBEAR_AGENTFWD_H_ */
...@@ -83,9 +83,15 @@ struct dropbear_hash { ...@@ -83,9 +83,15 @@ struct dropbear_hash {
}; };
enum dropbear_kex_mode { enum dropbear_kex_mode {
#if DROPBEAR_NORMAL_DH
DROPBEAR_KEX_NORMAL_DH, DROPBEAR_KEX_NORMAL_DH,
#endif
#if DROPBEAR_ECDH
DROPBEAR_KEX_ECDH, DROPBEAR_KEX_ECDH,
#endif
#if DROPBEAR_CURVE25519
DROPBEAR_KEX_CURVE25519, DROPBEAR_KEX_CURVE25519,
#endif
}; };
struct dropbear_kex { struct dropbear_kex {
...@@ -96,7 +102,7 @@ struct dropbear_kex { ...@@ -96,7 +102,7 @@ struct dropbear_kex {
const int dh_p_len; const int dh_p_len;
/* elliptic curve DH KEX */ /* elliptic curve DH KEX */
#ifdef DROPBEAR_ECDH #if DROPBEAR_ECDH
const struct dropbear_ecc_curve *ecc_curve; const struct dropbear_ecc_curve *ecc_curve;
#else #else
const void* dummy; const void* dummy;
...@@ -122,7 +128,7 @@ enum kexguess2_used { ...@@ -122,7 +128,7 @@ enum kexguess2_used {
algo_type * buf_match_algo(buffer* buf, algo_type localalgos[], algo_type * buf_match_algo(buffer* buf, algo_type localalgos[],
enum kexguess2_used *kexguess2, int *goodguess); enum kexguess2_used *kexguess2, int *goodguess);
#ifdef ENABLE_USER_ALGO_LIST #if DROPBEAR_USER_ALGO_LIST
int check_user_algos(const char* user_algo_list, algo_type * algos, int check_user_algos(const char* user_algo_list, algo_type * algos,
const char *algo_desc); const char *algo_desc);
char * algolist_string(algo_type algos[]); char * algolist_string(algo_type algos[]);
......
/* $OpenBSD: atomicio.c,v 1.17 2006/04/01 05:51:34 djm Exp $ */
/* /*
* Copied from OpenSSH 3.6.1p2. * Copied from OpenSSH/OpenBSD.
* *
* Copyright (c) 2005 Anil Madhavapeddy. All rights reserved.
* Copyright (c) 1995,1999 Theo de Raadt. All rights reserved. * Copyright (c) 1995,1999 Theo de Raadt. All rights reserved.
* All rights reserved. * All rights reserved.
* *
...@@ -25,39 +27,32 @@ ...@@ -25,39 +27,32 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/ */
/* RCSID("OpenBSD: atomicio.c,v 1.10 2001/05/08 22:48:07 markus Exp "); */ #include "includes.h"
#include "atomicio.h" #include "atomicio.h"
/* /*
* ensure all of data on socket comes through. f==read || f==write * ensure all of data on socket comes through. f==read || f==vwrite
*/ */
ssize_t size_t
atomicio(f, fd, _s, n) atomicio(ssize_t (*f) (int, void *, size_t), int fd, void *_s, size_t n)
ssize_t (*f) ();
int fd;
void *_s;
size_t n;
{ {
char *s = _s; char *s = _s;
ssize_t res;
size_t pos = 0; size_t pos = 0;
ssize_t res;
while (n > pos) { while (n > pos) {
res = (f) (fd, s + pos, n - pos); res = (f) (fd, s + pos, n - pos);
switch (res) { switch (res) {
case -1: case -1:
#ifdef EWOULDBLOCK
if (errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK)
#else
if (errno == EINTR || errno == EAGAIN) if (errno == EINTR || errno == EAGAIN)
#endif
continue; continue;
/* FALLTHROUGH */ return 0;
case 0: case 0:
return (res); errno = EPIPE;
return pos;
default: default:
pos += res; pos += (size_t)res;
} }
} }
return (pos); return (pos);
......
/* $OpenBSD: atomicio.h,v 1.7 2006/03/25 22:22:42 djm Exp $ */
/* /*
* Copied from OpenSSH 3.6.1p2, required for loginrec.c * Copied from OpenSSH/OpenBSD, required for loginrec.c
*
* $OpenBSD: atomicio.h,v 1.4 2001/06/26 06:32:46 itojun Exp $
* *
* Copyright (c) 1995,1999 Theo de Raadt. All rights reserved. * Copyright (c) 1995,1999 Theo de Raadt. All rights reserved.
* All rights reserved. * All rights reserved.
...@@ -28,9 +27,9 @@ ...@@ -28,9 +27,9 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/ */
#include "includes.h"
/* /*
* Ensure all of data on socket comes through. f==read || f==write * Ensure all of data on socket comes through. f==read || f==vwrite
*/ */
ssize_t atomicio(ssize_t (*)(), int, void *, size_t); size_t atomicio(ssize_t (*)(int, void *, size_t), int, void *, size_t);
#define vwrite (ssize_t (*)(int, void *, size_t))write
...@@ -41,7 +41,7 @@ void svr_auth_password(void); ...@@ -41,7 +41,7 @@ void svr_auth_password(void);
void svr_auth_pubkey(void); void svr_auth_pubkey(void);
void svr_auth_pam(void); void svr_auth_pam(void);
#ifdef ENABLE_SVR_PUBKEY_OPTIONS #if DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT
int svr_pubkey_allows_agentfwd(void); int svr_pubkey_allows_agentfwd(void);
int svr_pubkey_allows_tcpfwd(void); int svr_pubkey_allows_tcpfwd(void);
int svr_pubkey_allows_x11fwd(void); int svr_pubkey_allows_x11fwd(void);
...@@ -119,12 +119,12 @@ struct AuthState { ...@@ -119,12 +119,12 @@ struct AuthState {
char *pw_shell; char *pw_shell;
char *pw_name; char *pw_name;
char *pw_passwd; char *pw_passwd;
#ifdef ENABLE_SVR_PUBKEY_OPTIONS #if DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT
struct PubKeyOptions* pubkey_options; struct PubKeyOptions* pubkey_options;
#endif #endif
}; };
#ifdef ENABLE_SVR_PUBKEY_OPTIONS #if DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT
struct PubKeyOptions; struct PubKeyOptions;
struct PubKeyOptions { struct PubKeyOptions {
/* Flags */ /* Flags */
......
...@@ -126,11 +126,11 @@ void recv_msg_channel_eof(void); ...@@ -126,11 +126,11 @@ void recv_msg_channel_eof(void);
void common_recv_msg_channel_data(struct Channel *channel, int fd, void common_recv_msg_channel_data(struct Channel *channel, int fd,
circbuffer * buf); circbuffer * buf);
#ifdef DROPBEAR_CLIENT #if DROPBEAR_CLIENT
extern const struct ChanType clichansess; extern const struct ChanType clichansess;
#endif #endif
#if defined(USING_LISTENERS) || defined(DROPBEAR_CLIENT) #if DROPBEAR_LISTENERS || DROPBEAR_CLIENT
int send_msg_channel_open_init(int fd, const struct ChanType *type); int send_msg_channel_open_init(int fd, const struct ChanType *type);
void recv_msg_channel_open_confirmation(void); void recv_msg_channel_open_confirmation(void);
void recv_msg_channel_open_failure(void); void recv_msg_channel_open_failure(void);
......
...@@ -58,7 +58,7 @@ struct ChanSess { ...@@ -58,7 +58,7 @@ struct ChanSess {
/* Used to set $SSH_CLIENT in the child session. */ /* Used to set $SSH_CLIENT in the child session. */
char *client_string; char *client_string;
#ifndef DISABLE_X11FWD #if DROPBEAR_X11FWD
struct Listener * x11listener; struct Listener * x11listener;
int x11port; int x11port;
char * x11authprot; char * x11authprot;
...@@ -67,13 +67,13 @@ struct ChanSess { ...@@ -67,13 +67,13 @@ struct ChanSess {
unsigned char x11singleconn; unsigned char x11singleconn;
#endif #endif
#ifdef ENABLE_SVR_AGENTFWD #if DROPBEAR_SVR_AGENTFWD
struct Listener * agentlistener; struct Listener * agentlistener;
char * agentfile; char * agentfile;
char * agentdir; char * agentdir;
#endif #endif
#ifdef ENABLE_SVR_PUBKEY_OPTIONS #if DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT
char *original_command; char *original_command;
#endif #endif
}; };
...@@ -89,7 +89,7 @@ void addnewvar(const char* param, const char* var); ...@@ -89,7 +89,7 @@ void addnewvar(const char* param, const char* var);
void cli_send_chansess_request(void); void cli_send_chansess_request(void);
void cli_tty_cleanup(void); void cli_tty_cleanup(void);
void cli_chansess_winchange(void); void cli_chansess_winchange(void);
#ifdef ENABLE_CLI_NETCAT #if DROPBEAR_CLI_NETCAT
void cli_send_netcat_request(void); void cli_send_netcat_request(void);
#endif #endif
......
...@@ -24,7 +24,7 @@ ...@@ -24,7 +24,7 @@
#include "includes.h" #include "includes.h"
#ifdef ENABLE_CLI_AGENTFWD #if DROPBEAR_CLI_AGENTFWD
#include "agentfwd.h" #include "agentfwd.h"
#include "session.h" #include "session.h"
...@@ -130,7 +130,7 @@ static buffer * agent_request(unsigned char type, buffer *data) { ...@@ -130,7 +130,7 @@ static buffer * agent_request(unsigned char type, buffer *data) {
} }
buf_setpos(payload, 0); buf_setpos(payload, 0);
ret = atomicio(write, fd, buf_getptr(payload, payload->len), payload->len); ret = atomicio(vwrite, fd, buf_getptr(payload, payload->len), payload->len);
if ((size_t)ret != payload->len) { if ((size_t)ret != payload->len) {
TRACE(("write failed fd %d for agent_request, %s", fd, strerror(errno))) TRACE(("write failed fd %d for agent_request, %s", fd, strerror(errno)))
goto out; goto out;
......
...@@ -51,7 +51,7 @@ void cli_auth_getmethods() { ...@@ -51,7 +51,7 @@ void cli_auth_getmethods() {
encrypt_packet(); encrypt_packet();
#ifdef DROPBEAR_CLI_IMMEDIATE_AUTH #if DROPBEAR_CLI_IMMEDIATE_AUTH
/* We can't haven't two auth requests in-flight with delayed zlib mode /* We can't haven't two auth requests in-flight with delayed zlib mode
since if the first one succeeds then the remote side will since if the first one succeeds then the remote side will
expect the second one to be compressed. expect the second one to be compressed.
...@@ -78,6 +78,7 @@ void recv_msg_userauth_banner() { ...@@ -78,6 +78,7 @@ void recv_msg_userauth_banner() {
char* banner = NULL; char* banner = NULL;
unsigned int bannerlen; unsigned int bannerlen;
unsigned int i, linecount; unsigned int i, linecount;
int truncated = 0;
TRACE(("enter recv_msg_userauth_banner")) TRACE(("enter recv_msg_userauth_banner"))
if (ses.authstate.authdone) { if (ses.authstate.authdone) {
...@@ -90,26 +91,29 @@ void recv_msg_userauth_banner() { ...@@ -90,26 +91,29 @@ void recv_msg_userauth_banner() {
if (bannerlen > MAX_BANNER_SIZE) { if (bannerlen > MAX_BANNER_SIZE) {
TRACE(("recv_msg_userauth_banner: bannerlen too long: %d", bannerlen)) TRACE(("recv_msg_userauth_banner: bannerlen too long: %d", bannerlen))
goto out; truncated = 1;
} } else {
cleantext(banner);
cleantext(banner);
/* Limit to 24 lines */
/* Limit to 25 lines */ linecount = 1;
linecount = 1; for (i = 0; i < bannerlen; i++) {
for (i = 0; i < bannerlen; i++) { if (banner[i] == '\n') {
if (banner[i] == '\n') { if (linecount >= MAX_BANNER_LINES) {
if (linecount >= MAX_BANNER_LINES) { banner[i] = '\0';
banner[i] = '\0'; truncated = 1;
break; break;
}
linecount++;
} }
linecount++;
} }
fprintf(stderr, "%s\n", banner);
} }
fprintf(stderr, "%s\n", banner); if (truncated) {
fprintf(stderr, "[Banner from the server is too long]\n");
}
out:
m_free(banner); m_free(banner);
TRACE(("leave recv_msg_userauth_banner")) TRACE(("leave recv_msg_userauth_banner"))
} }
...@@ -121,21 +125,21 @@ out: ...@@ -121,21 +125,21 @@ out:
* SSH_MSG_USERAUTH_INFO_REQUEST. */ * SSH_MSG_USERAUTH_INFO_REQUEST. */
void recv_msg_userauth_specific_60() { void recv_msg_userauth_specific_60() {
#ifdef ENABLE_CLI_PUBKEY_AUTH #if DROPBEAR_CLI_PUBKEY_AUTH
if (cli_ses.lastauthtype == AUTH_TYPE_PUBKEY) { if (cli_ses.lastauthtype == AUTH_TYPE_PUBKEY) {
recv_msg_userauth_pk_ok(); recv_msg_userauth_pk_ok();
return; return;
} }
#endif #endif
#ifdef ENABLE_CLI_INTERACT_AUTH #if DROPBEAR_CLI_INTERACT_AUTH
if (cli_ses.lastauthtype == AUTH_TYPE_INTERACT) { if (cli_ses.lastauthtype == AUTH_TYPE_INTERACT) {
recv_msg_userauth_info_request(); recv_msg_userauth_info_request();
return; return;
} }
#endif #endif
#ifdef ENABLE_CLI_PASSWORD_AUTH #if DROPBEAR_CLI_PASSWORD_AUTH
if (cli_ses.lastauthtype == AUTH_TYPE_PASSWORD) { if (cli_ses.lastauthtype == AUTH_TYPE_PASSWORD) {
/* Eventually there could be proper password-changing /* Eventually there could be proper password-changing
* support. However currently few servers seem to * support. However currently few servers seem to
...@@ -179,7 +183,7 @@ void recv_msg_userauth_failure() { ...@@ -179,7 +183,7 @@ void recv_msg_userauth_failure() {
TRACE(("leave recv_msg_userauth_failure, ignored response, state set to USERAUTH_REQ_SENT")); TRACE(("leave recv_msg_userauth_failure, ignored response, state set to USERAUTH_REQ_SENT"));
return; return;
} else { } else {
#ifdef ENABLE_CLI_PUBKEY_AUTH #if DROPBEAR_CLI_PUBKEY_AUTH
/* If it was a pubkey auth request, we should cross that key /* If it was a pubkey auth request, we should cross that key
* off the list. */ * off the list. */
if (cli_ses.lastauthtype == AUTH_TYPE_PUBKEY) { if (cli_ses.lastauthtype == AUTH_TYPE_PUBKEY) {
...@@ -187,7 +191,7 @@ void recv_msg_userauth_failure() { ...@@ -187,7 +191,7 @@ void recv_msg_userauth_failure() {
} }
#endif #endif
#ifdef ENABLE_CLI_INTERACT_AUTH #if DROPBEAR_CLI_INTERACT_AUTH
/* If we get a failure message for keyboard interactive without /* If we get a failure message for keyboard interactive without
* receiving any request info packet, then we don't bother trying * receiving any request info packet, then we don't bother trying
* keyboard interactive again */ * keyboard interactive again */
...@@ -227,19 +231,19 @@ void recv_msg_userauth_failure() { ...@@ -227,19 +231,19 @@ void recv_msg_userauth_failure() {
for (i = 0; i <= methlen; i++) { for (i = 0; i <= methlen; i++) {
if (methods[i] == '\0') { if (methods[i] == '\0') {
TRACE(("auth method '%s'", tok)) TRACE(("auth method '%s'", tok))
#ifdef ENABLE_CLI_PUBKEY_AUTH #if DROPBEAR_CLI_PUBKEY_AUTH
if (strncmp(AUTH_METHOD_PUBKEY, tok, if (strncmp(AUTH_METHOD_PUBKEY, tok,
AUTH_METHOD_PUBKEY_LEN) == 0) { AUTH_METHOD_PUBKEY_LEN) == 0) {
ses.authstate.authtypes |= AUTH_TYPE_PUBKEY; ses.authstate.authtypes |= AUTH_TYPE_PUBKEY;
} }