summaryrefslogtreecommitdiff
path: root/cli-session.c
Commit message (Collapse)AuthorAgeFilesLines
* changed TRACE to DEBUG1 for dbclientHansH1112022-03-191-1/+1
|
* Leave non-interactive at default QoS classMatt Johnston2022-01-271-0/+3
| | | | | | | | Lower class levels are less well defined, and non-interactive SSH can carry various different types of applications. This change also sets lowdelay class (AF21) earlier in an an outbound dbclient session
* MergeMatt Johnston2021-10-111-0/+1
|\
| * added option to disable trivial auth methods (#128)Manfred Kaiser2021-08-191-0/+1
| | | | | | | | | | | | | | | | * added option to disable trivial auth methods * rename argument to match with other ssh clients * fixed trivial auth detection for pubkeys
* | Add a comment about sending initial auth requestMatt Johnston2021-10-111-0/+3
|/
* Use buf_eatstring insteadMatt Johnston2020-12-101-3/+1
|
* Fix handling of replies to global requests (#112)Dirkjan Bussink2020-12-101-3/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The current code assumes that all global requests want / need a reply. This isn't always true and the request itself indicates if it wants a reply or not. It causes a specific problem with hostkeys-00@openssh.com messages. These are sent by OpenSSH after authentication to inform the client of potential other host keys for the host. This can be used to add a new type of host key or to rotate host keys. The initial information message from the server is sent as a global request, but with want_reply set to false. This means that the server doesn't expect an answer to this message. Instead the client needs to send a prove request as a reply if it wants to receive proof of ownership for the host keys. The bug doesn't cause any current problems with due to how OpenSSH treats receiving the failure message. It instead treats it as a keepalive message and further ignores it. Arguably this is a protocol violation though of Dropbear and it is only accidental that it doesn't cause a problem with OpenSSH. The bug was found when adding host keys support to libssh, which is more strict protocol wise and treats the unexpected failure message an error, also see https://gitlab.com/libssh/libssh-mirror/-/merge_requests/145 for more information. The fix here is to honor the want_reply flag in the global request and to only send a reply if the other side expects a reply.
* Add fuzzer-client_nomaths, fix client fuzzerMatt Johnston2020-10-181-5/+11
|
* Get client fuzzer building and starting (fails straight away)Matt Johnston2020-10-181-0/+59
|
* fix typoMatt Johnston2020-05-261-1/+1
|
* ext-info handling for server-sig-algsMatt Johnston2020-05-191-1/+4
| | | | only client side is handled
* Split ChanType closehandler() and cleanup() so that dbclient doesn'tMatt Johnston2018-11-141-0/+1
| | | | lose exit status messages
* more linting (#58)Fran?ois Perrad2018-02-261-1/+1
| | | | | | * const parameter * fix indentation
* make signal flags volatile, simplify handlingMatt Johnston2018-02-141-2/+2
|
* missed saving a file removing none cipherMatt Johnston2018-02-091-15/+0
|
* when pointer, use NULL instead of 0Francois Perrad2017-06-021-1/+1
|
* Use DROPBEAR_PATH_DEVNULL instead of undefined _PATH_DEVNULLBen Gardner2016-05-241-1/+1
|
* Convert #ifdef to #if, other build changesMatt Johnston2016-05-041-10/+10
|
* mergeMatt Johnston2016-03-161-3/+3
|\
| * fix empty C prototypesFrancois Perrad2016-01-011-3/+3
| |
* | ignore return value from fcntl()Matt Johnston2016-03-151-3/+4
|/
* Support syslog logging in dbclient.Konstantin Tokarev2015-12-011-0/+5
|
* Client: kill proxy command when exiting application.Konstantin Tokarev2015-12-031-5/+19
|
* buf_getstring and buf_putstring now use non-unsigned char*Matt Johnston2015-06-041-1/+1
|
* Merge pull request #13 from gazoo74/fix-warningsMatt Johnston2015-06-041-0/+2
|\ | | | | | | Fix warnings
| * Make sure kexfirstinitialise is called early enoughMatt Johnston2015-05-031-0/+2
| |
* | Turn cleantext()'s dirtytext argument into char *Ga?l PORTAY2015-05-021-2/+2
| |
* | Fix pointer differ in signess warnings [-Werror=pointer-sign]Ga?l PORTAY2015-05-021-1/+1
|/
* merge from defaultMatt Johnston2015-02-281-2/+2
|\
| * Add more ATTRIB_NORETURN annotations, from Thorsten HorstmannMatt Johnston2015-02-241-2/+2
| |
* | Move generic network routines to netio.cMatt Johnston2015-02-201-3/+4
| |
* | Update priority once the socket is openMatt Johnston2015-02-201-0/+1
| |
* | In theory TFO should work. Needs platform cleanup and testingMatt Johnston2015-02-191-1/+6
| |
* | async connections workingMatt Johnston2015-02-181-0/+9
|/
* Make keepalive handling more robust, this should now match what OpenSSH doesMatt Johnston2014-08-191-1/+5
|
* Don't send SSH_MSG_UNIMPLEMENTED for keepalive responsesMatt Johnston2014-08-131-0/+2
|
* Send a failure response if a client receives a global requestMatt Johnston2014-07-081-0/+8
|
* DROPBEAR_CLI_AUTH_IMMEDIATE fixed, now enabled by defaultMatt Johnston2014-01-171-0/+4
|
* rename random.h to dbrandom.h since some OSes have a system random.hMatt Johnston2013-11-141-1/+1
|
* use oldstyle commentsMatt Johnston2013-11-141-1/+1
|
* merge in HEADMatt Johnston2013-05-211-32/+60
|\
| * setup tcp after requesting a channel - might hide some DNS latencyMatt Johnston2013-04-041-7/+8
| |
| * Take transmit and receive keys into use separatelyMatt Johnston2013-04-041-2/+2
| |
| * fix leftover kexguess debuggingMatt Johnston2013-04-031-2/+0
| |
| * merge kexguess branchMatt Johnston2013-04-031-4/+8
| |\
| | * Be a bit more careful about when we want to use CLI_AUTH_IMMEDIATEMatt Johnston2013-04-021-1/+3
| | | | | | | | | | | | Only use it if we have pubkeys to try, or we have $DROPBEAR_PASSWORD set
| | * Run the cleanup handler also when we close due to TCP connection being closedMatt Johnston2013-04-011-3/+4
| | |
| * | Put some #ifdef options around first-follows options in case theykexguessMatt Johnston2013-04-031-1/+4
| | | | | | | | | | | | need to be disabled
| * | Don't usually need to recalculate dh_e for the repeated kexdh_init packetMatt Johnston2013-04-031-3/+7
| | |
| * | merge from head roundtrip changesMatt Johnston2013-04-011-8/+20
| |\ \ | | |/
View Lorry Controller Status