The unified diff between revisions [63530dac..] and [e99d4659..] is displayed below. It can also be downloaded as a raw diff.
#
#
# patch "buffer.c"
# from [8f125f86d15bdf2c9798980cc314ff77327c1643]
# to [2fe54eba701ee5c354f265c40914f2733519af16]
#
# patch "buffer.h"
# from [43501949798700fbfcc5ad66a2da88d04e12a8a0]
# to [82132c5abb40cc58e8a189f93cb06d617385c167]
#
# patch "channel.h"
# from [a1f39e784cc0bab82d3dabc67275071ff3b5b5ec]
# to [2616df4031a05a3fea394b765fd1004944677ef5]
#
# patch "cli-auth.c"
# from [de5116bdce9224fb01ed065fe625a069ab60e4d6]
# to [e4689b84510bdf41e8aa2279bfdb8fb31879c0a7]
#
# patch "cli-channel.c"
# from [ebc3cf6508c4f1614a9436c024abb50ebdd03e7d]
# to [223322b04b361391fccf712909179cd93fdbf258]
#
# patch "cli-chansession.c"
# from [b294715add944d6b9ce10d10222452adf72e6f33]
# to [e830bb4828a09f4f5c2094ae43bbc77b3d8a8970]
#
# patch "cli-runopts.c"
# from [98480314e077ce95d6749387e1157fe01e85b444]
# to [b8faf5f20ca149fb9e661d18f97bb50c97ce3ea5]
#
# patch "cli-session.c"
# from [044e633a29f6fea152646a63193851598f5d0b4d]
# to [456ed9269b52604e2d0c8aa700ba987974d0fd7b]
#
# patch "common-channel.c"
# from [41d23ec70e730462c35d15f7632d1b5ba554637d]
# to [20cff6c269bc3c5bf298c5b68a243898d02d538b]
#
# patch "common-kex.c"
# from [cd4c38b3cda9c8a7d9ac70a585baa1ad2e078c54]
# to [9788bd7db05be84eb9abdaa8f0f72c95e10a0d8d]
#
# patch "debug.h"
# from [d4357f0487e00882920677e96d9b222244484ac3]
# to [23bff5344e9f49a0879115b2e23e4633e93d3121]
#
# patch "dropbear.8"
# from [123a9ce6536f4b23a1fbbf40ba8ebb5c4cd1ce17]
# to [8d1707f168fb2870937ffc24cb85e328328225ce]
#
# patch "dropbearkey.8"
# from [70369e8fb88f1fef9d564237c5e6481275d26923]
# to [89423aafd3753efa9e0d25db514a53d5258c2a23]
#
# patch "dss.c"
# from [fca4c893b5e1d02795699d1a43503d3caac6bb87]
# to [05beaaaa9c0eed14b7b865979aeb9c9dbaca1220]
#
# patch "kex.h"
# from [8aff64a09902642525da7bb53987414c8eb5c799]
# to [4aedb4c80abfbc1df32da43a4903b34e8cddc56a]
#
# patch "scp.c"
# from [1fa9f74d6298b95f07c5a85c27adf764fa090865]
# to [4ef18ec9a3c36d87f1f28efc1a0186bdaf7548b3]
#
# patch "session.h"
# from [cc4c1b731836950406593afc60fedd35a59f9adb]
# to [8b1677ad8f52c19aa94571211683d6ef04de2d6a]
#
# patch "svr-authpam.c"
# from [81ac1b1ac84fcf7f710263961bdff8ea0d4e2638]
# to [48afbf9c99df79c7ba65ddbed8180fc4e2036386]
#
# patch "svr-authpasswd.c"
# from [a839cbbbadb4bf4a2641e6f45ac6b46bffd99833]
# to [163ade7f267461bf9e873fb27d4ad2d98a857133]
#
# patch "svr-authpubkey.c"
# from [396564530dca886acad21ebbbc01cac5e5f42067]
# to [a659d961ca849841adc5ac41a68f360a135763d5]
#
# patch "svr-chansession.c"
# from [1bd760ae6b618ba69ef795f1df97817236d2a0b9]
# to [116db08f0e91f74f1372770790ce4615a9110bc4]
#
# patch "svr-tcpfwd.c"
# from [8db8dade7909c3c9b824af4107213b312d2d8c6f]
# to [9c0362f8d1c15ce9d702873cc1a2064754d7919b]
#
# patch "svr-x11fwd.c"
# from [9a96372da1c2e00791881900e07b72c76a9175d7]
# to [79db165bbf9982b3cfee9f616e5626656a35d13e]
#
============================================================
--- buffer.c 8f125f86d15bdf2c9798980cc314ff77327c1643
+++ buffer.c 2fe54eba701ee5c354f265c40914f2733519af16
@@ -160,6 +160,16 @@ unsigned char buf_getbyte(buffer* buf) {
return buf->data[buf->pos++];
}
+/* Get a bool from the buffer and increment the pos */
+unsigned char buf_getbool(buffer* buf) {
+
+ unsigned char b;
+ b = buf_getbyte(buf);
+ if (b != 0)
+ b = 1;
+ return b;
+}
+
/* put a byte, incrementing the length if required */
void buf_putbyte(buffer* buf, unsigned char val) {
============================================================
--- buffer.h 43501949798700fbfcc5ad66a2da88d04e12a8a0
+++ buffer.h 82132c5abb40cc58e8a189f93cb06d617385c167
@@ -50,6 +50,7 @@ unsigned char buf_getbyte(buffer* buf);
void buf_incrpos(buffer* buf, int incr); /* -ve is ok, to go backwards */
void buf_incrwritepos(buffer* buf, unsigned int incr);
unsigned char buf_getbyte(buffer* buf);
+unsigned char buf_getbool(buffer* buf);
void buf_putbyte(buffer* buf, unsigned char val);
unsigned char* buf_getptr(buffer* buf, unsigned int len);
unsigned char* buf_getwriteptr(buffer* buf, unsigned int len);
============================================================
--- channel.h a1f39e784cc0bab82d3dabc67275071ff3b5b5ec
+++ channel.h 2616df4031a05a3fea394b765fd1004944677ef5
@@ -100,7 +100,7 @@ void channelio(fd_set *readfd, fd_set *w
void chancleanup();
void setchannelfds(fd_set *readfd, fd_set *writefd);
void channelio(fd_set *readfd, fd_set *writefd);
-struct Channel* getchannel(unsigned int chan);
+struct Channel* getchannel();
struct Channel* newchannel(unsigned int remotechan,
const struct ChanType *type,
unsigned int transwindow, unsigned int transmaxpacket);
============================================================
--- cli-auth.c de5116bdce9224fb01ed065fe625a069ab60e4d6
+++ cli-auth.c e4689b84510bdf41e8aa2279bfdb8fb31879c0a7
@@ -127,7 +127,7 @@ void recv_msg_userauth_failure() {
methods = buf_getstring(ses.payload, &methlen);
- partial = buf_getbyte(ses.payload);
+ partial = buf_getbool(ses.payload);
if (partial) {
dropbear_log(LOG_INFO, "Authentication partially succeeded, more attempts required");
============================================================
--- cli-channel.c ebc3cf6508c4f1614a9436c024abb50ebdd03e7d
+++ cli-channel.c 223322b04b361391fccf712909179cd93fdbf258
@@ -33,15 +33,12 @@ void recv_msg_channel_extended_data() {
/* We receive channel data - only used by the client chansession code*/
void recv_msg_channel_extended_data() {
- unsigned int chan;
struct Channel *channel;
unsigned int datatype;
TRACE(("enter recv_msg_channel_extended_data"))
- chan = buf_getint(ses.payload);
- channel = getchannel(chan);
-
+ channel = getchannel();
if (channel == NULL) {
dropbear_exit("Unknown channel");
}
============================================================
--- cli-chansession.c b294715add944d6b9ce10d10222452adf72e6f33
+++ cli-chansession.c e830bb4828a09f4f5c2094ae43bbc77b3d8a8970
@@ -62,7 +62,7 @@ static void cli_chansessreq(struct Chann
TRACE(("enter cli_chansessreq"))
type = buf_getstring(ses.payload, NULL);
- wantreply = buf_getbyte(ses.payload);
+ wantreply = buf_getbool(ses.payload);
if (strcmp(type, "exit-status") != 0) {
TRACE(("unknown request '%s'", type))
============================================================
--- cli-runopts.c 98480314e077ce95d6749387e1157fe01e85b444
+++ cli-runopts.c b8faf5f20ca149fb9e661d18f97bb50c97ce3ea5
@@ -53,7 +53,7 @@ static void printhelp() {
"-i <identityfile> (multiple allowed)\n"
#endif
#ifdef ENABLE_CLI_LOCALTCPFWD
- "-L <listenport:remotehsot:reportport> Local port forwarding\n"
+ "-L <listenport:remotehost:remoteport> Local port forwarding\n"
#endif
#ifdef ENABLE_CLI_REMOTETCPFWD
"-R <listenport:remotehost:remoteport> Remote port forwarding\n"
============================================================
--- cli-session.c 044e633a29f6fea152646a63193851598f5d0b4d
+++ cli-session.c 456ed9269b52604e2d0c8aa700ba987974d0fd7b
@@ -113,10 +113,14 @@ static void cli_session_init() {
cli_ses.tty_raw_mode = 0;
cli_ses.winchange = 0;
- /* We store stdin's flags, so we can set them back on exit (otherwise
- * busybox's ash isn't happy */
+ /* We store std{in,out,err}'s flags, so we can set them back on exit
+ * (otherwise busybox's ash isn't happy */
cli_ses.stdincopy = dup(STDIN_FILENO);
cli_ses.stdinflags = fcntl(STDIN_FILENO, F_GETFL, 0);
+ cli_ses.stdoutcopy = dup(STDOUT_FILENO);
+ cli_ses.stdoutflags = fcntl(STDOUT_FILENO, F_GETFL, 0);
+ cli_ses.stderrcopy = dup(STDERR_FILENO);
+ cli_ses.stderrflags = fcntl(STDERR_FILENO, F_GETFL, 0);
cli_ses.retval = EXIT_SUCCESS; /* Assume it's clean if we don't get a
specific exit status */
@@ -250,9 +254,11 @@ void cli_session_cleanup() {
return;
}
- /* Set stdin back to non-blocking - busybox ash dies nastily
- * if we don't revert the flags */
+ /* Set std{in,out,err} back to non-blocking - busybox ash dies nastily if
+ * we don't revert the flags */
fcntl(cli_ses.stdincopy, F_SETFL, cli_ses.stdinflags);
+ fcntl(cli_ses.stdoutcopy, F_SETFL, cli_ses.stdoutflags);
+ fcntl(cli_ses.stderrcopy, F_SETFL, cli_ses.stderrflags);
cli_tty_cleanup();
============================================================
--- common-channel.c 41d23ec70e730462c35d15f7632d1b5ba554637d
+++ common-channel.c 20cff6c269bc3c5bf298c5b68a243898d02d538b
@@ -162,8 +162,13 @@ struct Channel* newchannel(unsigned int
return newchan;
}
-/* Get the channel structure corresponding to a channel number */
-struct Channel* getchannel(unsigned int chan) {
+/* Returns the channel structure corresponding to the channel in the current
+ * data packet (ses.payload must be positioned appropriately) */
+struct Channel* getchannel() {
+
+ unsigned int chan;
+
+ chan = buf_getint(ses.payload);
if (chan >= ses.chansize || ses.channels[chan] == NULL) {
return NULL;
}
@@ -474,14 +479,11 @@ void recv_msg_channel_eof() {
* etc) FD is also EOF */
void recv_msg_channel_eof() {
- unsigned int chan;
struct Channel * channel;
TRACE(("enter recv_msg_channel_eof"))
- chan = buf_getint(ses.payload);
- channel = getchannel(chan);
-
+ channel = getchannel();
if (channel == NULL) {
dropbear_exit("EOF for unknown channel");
}
@@ -500,15 +502,11 @@ void recv_msg_channel_close() {
/* Handle channel closure(), respond in kind and close the channels */
void recv_msg_channel_close() {
- unsigned int chan;
struct Channel * channel;
TRACE(("enter recv_msg_channel_close"))
- chan = buf_getint(ses.payload);
- TRACE(("close channel = %d", chan))
- channel = getchannel(chan);
-
+ channel = getchannel();
if (channel == NULL) {
/* disconnect ? */
dropbear_exit("Close for unknown channel");
@@ -567,14 +565,11 @@ void recv_msg_channel_request() {
* such as chansession or x11fwd */
void recv_msg_channel_request() {
- unsigned int chan;
struct Channel *channel;
TRACE(("enter recv_msg_channel_request"))
- chan = buf_getint(ses.payload);
- channel = getchannel(chan);
-
+ channel = getchannel();
if (channel == NULL) {
/* disconnect ? */
dropbear_exit("Unknown channel");
@@ -666,12 +661,9 @@ void recv_msg_channel_data() {
/* We receive channel data */
void recv_msg_channel_data() {
- unsigned int chan;
struct Channel *channel;
- chan = buf_getint(ses.payload);
- channel = getchannel(chan);
-
+ channel = getchannel();
if (channel == NULL) {
dropbear_exit("Unknown channel");
}
@@ -738,13 +730,10 @@ void recv_msg_channel_window_adjust() {
* as data is sent, and incremented upon receiving window-adjust messages */
void recv_msg_channel_window_adjust() {
- unsigned int chan;
struct Channel * channel;
unsigned int incr;
- chan = buf_getint(ses.payload);
- channel = getchannel(chan);
-
+ channel = getchannel();
if (channel == NULL) {
dropbear_exit("Unknown channel");
}
@@ -961,14 +950,12 @@ void recv_msg_channel_open_confirmation(
* successful*/
void recv_msg_channel_open_confirmation() {
- unsigned int chan;
struct Channel * channel;
int ret;
TRACE(("enter recv_msg_channel_open_confirmation"))
- chan = buf_getint(ses.payload);
- channel = getchannel(chan);
+ channel = getchannel();
if (channel == NULL) {
dropbear_exit("Unknown channel");
}
@@ -995,11 +982,9 @@ void recv_msg_channel_open_failure() {
/* Notification that our channel open request failed */
void recv_msg_channel_open_failure() {
- unsigned int chan;
struct Channel * channel;
- chan = buf_getbyte(ses.payload);
- channel = getchannel(chan);
+ channel = getchannel();
if (channel == NULL) {
dropbear_exit("Unknown channel");
}
============================================================
--- common-kex.c cd4c38b3cda9c8a7d9ac70a585baa1ad2e078c54
+++ common-kex.c 9788bd7db05be84eb9abdaa8f0f72c95e10a0d8d
@@ -457,7 +457,6 @@ void recv_msg_kexinit() {
/* the rest of ses.kexhashbuf will be done after DH exchange */
ses.kexstate.recvkexinit = 1;
-// ses.expecting = 0; // client matt
TRACE(("leave recv_msg_kexinit"))
}
@@ -683,7 +682,7 @@ static void read_kex_algos() {
buf_eatstring(ses.payload);
/* first_kex_packet_follows */
- if (buf_getbyte(ses.payload)) {
+ if (buf_getbool(ses.payload)) {
ses.kexstate.firstfollows = 1;
/* if the guess wasn't good, we ignore the packet sent */
if (!allgood) {
============================================================
--- debug.h d4357f0487e00882920677e96d9b222244484ac3
+++ debug.h 23bff5344e9f49a0879115b2e23e4633e93d3121
@@ -39,7 +39,7 @@
* Caution: Don't use this in an unfriendly environment (ie unfirewalled),
* since the printing may not sanitise strings etc. This will add a reasonable
* amount to your executable size. */
- //#define DEBUG_TRACE
+/*#define DEBUG_TRACE */
/* All functions writing to the cleartext payload buffer call
* CHECKCLEARTOWRITE() before writing. This is only really useful if you're
============================================================
--- dropbear.8 123a9ce6536f4b23a1fbbf40ba8ebb5c4cd1ce17
+++ dropbear.8 8d1707f168fb2870937ffc24cb85e328328225ce
@@ -76,6 +76,6 @@ Gerrit Pape (pape@smarden.org) wrote thi
.br
Gerrit Pape (pape@smarden.org) wrote this manual page.
.SH SEE ALSO
-dropbearkey(8)
+dropbearkey(8), dbclient(1)
.P
http://matt.ucc.asn.au/dropbear/dropbear.html
============================================================
--- dropbearkey.8 70369e8fb88f1fef9d564237c5e6481275d26923
+++ dropbearkey.8 89423aafd3753efa9e0d25db514a53d5258c2a23
@@ -42,6 +42,6 @@ Gerrit Pape (pape@smarden.org) wrote thi
.br
Gerrit Pape (pape@smarden.org) wrote this manual page.
.SH SEE ALSO
-dropbear(8)
+dropbear(8), dbclient(1)
.P
http://matt.ucc.asn.au/dropbear/dropbear.html
============================================================
--- dss.c fca4c893b5e1d02795699d1a43503d3caac6bb87
+++ dss.c 05beaaaa9c0eed14b7b865979aeb9c9dbaca1220
@@ -261,6 +261,7 @@ out:
}
#endif /* DROPBEAR_SIGNKEY_VERIFY */
+#ifdef DSS_PROTOK
/* convert an unsigned mp into an array of bytes, malloced.
* This array must be freed after use, len contains the length of the array,
* if len != NULL */
@@ -279,6 +280,7 @@ static unsigned char* mptobytes(mp_int *
}
return ret;
}
+#endif
/* Sign the data presented with key, writing the signature contents
* to the buffer
============================================================
--- kex.h 8aff64a09902642525da7bb53987414c8eb5c799
+++ kex.h 4aedb4c80abfbc1df32da43a4903b34e8cddc56a
@@ -37,10 +37,10 @@ void kexdh_comb_key(mp_int *dh_pub_us, m
void kexdh_comb_key(mp_int *dh_pub_us, mp_int *dh_priv, mp_int *dh_pub_them,
sign_key *hostkey);
-void recv_msg_kexdh_init(); // server
+void recv_msg_kexdh_init(); /* server */
-void send_msg_kexdh_init(); // client
-void recv_msg_kexdh_reply(); // client
+void send_msg_kexdh_init(); /* client */
+void recv_msg_kexdh_reply(); /* client */
extern const unsigned char dh_p_val[];
#define DH_P_LEN 128 /* The length of the dh_p_val array */
============================================================
--- scp.c 1fa9f74d6298b95f07c5a85c27adf764fa090865
+++ scp.c 4ef18ec9a3c36d87f1f28efc1a0186bdaf7548b3
@@ -244,9 +244,6 @@ main(int argc, char **argv)
extern char *optarg;
extern int optind;
- /* hack, seems to work */
-// __progname = argv[0];
-
args.list = NULL;
addargs(&args, "ssh"); /* overwritten with ssh_program */
addargs(&args, "-x");
============================================================
--- session.h cc4c1b731836950406593afc60fedd35a59f9adb
+++ session.h 8b1677ad8f52c19aa94571211683d6ef04de2d6a
@@ -218,6 +218,10 @@ struct clientsession {
struct termios saved_tio;
int stdincopy;
int stdinflags;
+ int stdoutcopy;
+ int stdoutflags;
+ int stderrcopy;
+ int stderrflags;
int winchange; /* Set to 1 when a windowchange signal happens */
============================================================
--- svr-authpam.c 81ac1b1ac84fcf7f710263961bdff8ea0d4e2638
+++ svr-authpam.c 48afbf9c99df79c7ba65ddbed8180fc4e2036386
@@ -155,7 +155,7 @@ void svr_auth_pam() {
unsigned char changepw;
/* check if client wants to change password */
- changepw = buf_getbyte(ses.payload);
+ changepw = buf_getbool(ses.payload);
if (changepw) {
/* not implemented by this server */
send_msg_userauth_failure(0, 1);
============================================================
--- svr-authpasswd.c a839cbbbadb4bf4a2641e6f45ac6b46bffd99833
+++ svr-authpasswd.c 163ade7f267461bf9e873fb27d4ad2d98a857133
@@ -71,7 +71,7 @@ void svr_auth_password() {
}
/* check if client wants to change password */
- changepw = buf_getbyte(ses.payload);
+ changepw = buf_getbool(ses.payload);
if (changepw) {
/* not implemented by this server */
send_msg_userauth_failure(0, 1);
============================================================
--- svr-authpubkey.c 396564530dca886acad21ebbbc01cac5e5f42067
+++ svr-authpubkey.c a659d961ca849841adc5ac41a68f360a135763d5
@@ -64,7 +64,7 @@ void svr_auth_pubkey() {
/* 0 indicates user just wants to check if key can be used, 1 is an
* actual attempt*/
- testkey = (buf_getbyte(ses.payload) == 0);
+ testkey = (buf_getbool(ses.payload) == 0);
algo = buf_getstring(ses.payload, &algolen);
keybloblen = buf_getint(ses.payload);
============================================================
--- svr-chansession.c 1bd760ae6b618ba69ef795f1df97817236d2a0b9
+++ svr-chansession.c 116db08f0e91f74f1372770790ce4615a9110bc4
@@ -305,7 +305,7 @@ static void chansessionrequest(struct Ch
TRACE(("enter chansessionrequest"))
type = buf_getstring(ses.payload, &typelen);
- wantreply = buf_getbyte(ses.payload);
+ wantreply = buf_getbool(ses.payload);
if (typelen > MAX_NAME_LEN) {
TRACE(("leave chansessionrequest: type too long")) /* XXX send error?*/
============================================================
--- svr-tcpfwd.c 8db8dade7909c3c9b824af4107213b312d2d8c6f
+++ svr-tcpfwd.c 9c0362f8d1c15ce9d702873cc1a2064754d7919b
@@ -78,7 +78,7 @@ void recv_msg_global_request_remotetcp()
}
reqname = buf_getstring(ses.payload, &namelen);
- wantreply = buf_getbyte(ses.payload);
+ wantreply = buf_getbool(ses.payload);
if (namelen > MAXNAMLEN) {
TRACE(("name len is wrong: %d", namelen))
============================================================
--- svr-x11fwd.c 9a96372da1c2e00791881900e07b72c76a9175d7
+++ svr-x11fwd.c 79db165bbf9982b3cfee9f616e5626656a35d13e
@@ -52,7 +52,7 @@ int x11req(struct ChanSess * chansess) {
return DROPBEAR_FAILURE;
}
- chansess->x11singleconn = buf_getbyte(ses.payload);
+ chansess->x11singleconn = buf_getbool(ses.payload);
chansess->x11authprot = buf_getstring(ses.payload, NULL);
chansess->x11authcookie = buf_getstring(ses.payload, NULL);
chansess->x11screennum = buf_getint(ses.payload);