Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | changed TRACE to DEBUG1 for dbclient | HansH111 | 2022-03-19 | 1 | -1/+1 |
| | |||||
* | Leave non-interactive at default QoS class | Matt Johnston | 2022-01-27 | 1 | -0/+3 |
| | | | | | | | | Lower class levels are less well defined, and non-interactive SSH can carry various different types of applications. This change also sets lowdelay class (AF21) earlier in an an outbound dbclient session | ||||
* | Merge | Matt Johnston | 2021-10-11 | 1 | -0/+1 |
|\ | |||||
| * | added option to disable trivial auth methods (#128) | Manfred Kaiser | 2021-08-19 | 1 | -0/+1 |
| | | | | | | | | | | | | | | | | * added option to disable trivial auth methods * rename argument to match with other ssh clients * fixed trivial auth detection for pubkeys | ||||
* | | Add a comment about sending initial auth request | Matt Johnston | 2021-10-11 | 1 | -0/+3 |
|/ | |||||
* | Use buf_eatstring instead | Matt Johnston | 2020-12-10 | 1 | -3/+1 |
| | |||||
* | Fix handling of replies to global requests (#112) | Dirkjan Bussink | 2020-12-10 | 1 | -3/+13 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The current code assumes that all global requests want / need a reply. This isn't always true and the request itself indicates if it wants a reply or not. It causes a specific problem with hostkeys-00@openssh.com messages. These are sent by OpenSSH after authentication to inform the client of potential other host keys for the host. This can be used to add a new type of host key or to rotate host keys. The initial information message from the server is sent as a global request, but with want_reply set to false. This means that the server doesn't expect an answer to this message. Instead the client needs to send a prove request as a reply if it wants to receive proof of ownership for the host keys. The bug doesn't cause any current problems with due to how OpenSSH treats receiving the failure message. It instead treats it as a keepalive message and further ignores it. Arguably this is a protocol violation though of Dropbear and it is only accidental that it doesn't cause a problem with OpenSSH. The bug was found when adding host keys support to libssh, which is more strict protocol wise and treats the unexpected failure message an error, also see https://gitlab.com/libssh/libssh-mirror/-/merge_requests/145 for more information. The fix here is to honor the want_reply flag in the global request and to only send a reply if the other side expects a reply. | ||||
* | Add fuzzer-client_nomaths, fix client fuzzer | Matt Johnston | 2020-10-18 | 1 | -5/+11 |
| | |||||
* | Get client fuzzer building and starting (fails straight away) | Matt Johnston | 2020-10-18 | 1 | -0/+59 |
| | |||||
* | fix typo | Matt Johnston | 2020-05-26 | 1 | -1/+1 |
| | |||||
* | ext-info handling for server-sig-algs | Matt Johnston | 2020-05-19 | 1 | -1/+4 |
| | | | | only client side is handled | ||||
* | Split ChanType closehandler() and cleanup() so that dbclient doesn't | Matt Johnston | 2018-11-14 | 1 | -0/+1 |
| | | | | lose exit status messages | ||||
* | more linting (#58) | Fran?ois Perrad | 2018-02-26 | 1 | -1/+1 |
| | | | | | | * const parameter * fix indentation | ||||
* | make signal flags volatile, simplify handling | Matt Johnston | 2018-02-14 | 1 | -2/+2 |
| | |||||
* | missed saving a file removing none cipher | Matt Johnston | 2018-02-09 | 1 | -15/+0 |
| | |||||
* | when pointer, use NULL instead of 0 | Francois Perrad | 2017-06-02 | 1 | -1/+1 |
| | |||||
* | Use DROPBEAR_PATH_DEVNULL instead of undefined _PATH_DEVNULL | Ben Gardner | 2016-05-24 | 1 | -1/+1 |
| | |||||
* | Convert #ifdef to #if, other build changes | Matt Johnston | 2016-05-04 | 1 | -10/+10 |
| | |||||
* | merge | Matt Johnston | 2016-03-16 | 1 | -3/+3 |
|\ | |||||
| * | fix empty C prototypes | Francois Perrad | 2016-01-01 | 1 | -3/+3 |
| | | |||||
* | | ignore return value from fcntl() | Matt Johnston | 2016-03-15 | 1 | -3/+4 |
|/ | |||||
* | Support syslog logging in dbclient. | Konstantin Tokarev | 2015-12-01 | 1 | -0/+5 |
| | |||||
* | Client: kill proxy command when exiting application. | Konstantin Tokarev | 2015-12-03 | 1 | -5/+19 |
| | |||||
* | buf_getstring and buf_putstring now use non-unsigned char* | Matt Johnston | 2015-06-04 | 1 | -1/+1 |
| | |||||
* | Merge pull request #13 from gazoo74/fix-warnings | Matt Johnston | 2015-06-04 | 1 | -0/+2 |
|\ | | | | | | | Fix warnings | ||||
| * | Make sure kexfirstinitialise is called early enough | Matt Johnston | 2015-05-03 | 1 | -0/+2 |
| | | |||||
* | | Turn cleantext()'s dirtytext argument into char * | Ga?l PORTAY | 2015-05-02 | 1 | -2/+2 |
| | | |||||
* | | Fix pointer differ in signess warnings [-Werror=pointer-sign] | Ga?l PORTAY | 2015-05-02 | 1 | -1/+1 |
|/ | |||||
* | merge from default | Matt Johnston | 2015-02-28 | 1 | -2/+2 |
|\ | |||||
| * | Add more ATTRIB_NORETURN annotations, from Thorsten Horstmann | Matt Johnston | 2015-02-24 | 1 | -2/+2 |
| | | |||||
* | | Move generic network routines to netio.c | Matt Johnston | 2015-02-20 | 1 | -3/+4 |
| | | |||||
* | | Update priority once the socket is open | Matt Johnston | 2015-02-20 | 1 | -0/+1 |
| | | |||||
* | | In theory TFO should work. Needs platform cleanup and testing | Matt Johnston | 2015-02-19 | 1 | -1/+6 |
| | | |||||
* | | async connections working | Matt Johnston | 2015-02-18 | 1 | -0/+9 |
|/ | |||||
* | Make keepalive handling more robust, this should now match what OpenSSH does | Matt Johnston | 2014-08-19 | 1 | -1/+5 |
| | |||||
* | Don't send SSH_MSG_UNIMPLEMENTED for keepalive responses | Matt Johnston | 2014-08-13 | 1 | -0/+2 |
| | |||||
* | Send a failure response if a client receives a global request | Matt Johnston | 2014-07-08 | 1 | -0/+8 |
| | |||||
* | DROPBEAR_CLI_AUTH_IMMEDIATE fixed, now enabled by default | Matt Johnston | 2014-01-17 | 1 | -0/+4 |
| | |||||
* | rename random.h to dbrandom.h since some OSes have a system random.h | Matt Johnston | 2013-11-14 | 1 | -1/+1 |
| | |||||
* | use oldstyle comments | Matt Johnston | 2013-11-14 | 1 | -1/+1 |
| | |||||
* | merge in HEAD | Matt Johnston | 2013-05-21 | 1 | -32/+60 |
|\ | |||||
| * | setup tcp after requesting a channel - might hide some DNS latency | Matt Johnston | 2013-04-04 | 1 | -7/+8 |
| | | |||||
| * | Take transmit and receive keys into use separately | Matt Johnston | 2013-04-04 | 1 | -2/+2 |
| | | |||||
| * | fix leftover kexguess debugging | Matt Johnston | 2013-04-03 | 1 | -2/+0 |
| | | |||||
| * | merge kexguess branch | Matt Johnston | 2013-04-03 | 1 | -4/+8 |
| |\ | |||||
| | * | Be a bit more careful about when we want to use CLI_AUTH_IMMEDIATE | Matt Johnston | 2013-04-02 | 1 | -1/+3 |
| | | | | | | | | | | | | Only use it if we have pubkeys to try, or we have $DROPBEAR_PASSWORD set | ||||
| | * | Run the cleanup handler also when we close due to TCP connection being closed | Matt Johnston | 2013-04-01 | 1 | -3/+4 |
| | | | |||||
| * | | Put some #ifdef options around first-follows options in case theykexguess | Matt Johnston | 2013-04-03 | 1 | -1/+4 |
| | | | | | | | | | | | | need to be disabled | ||||
| * | | Don't usually need to recalculate dh_e for the repeated kexdh_init packet | Matt Johnston | 2013-04-03 | 1 | -3/+7 |
| | | | |||||
| * | | merge from head roundtrip changes | Matt Johnston | 2013-04-01 | 1 | -8/+20 |
| |\ \ | | |/ |