For the sake of review, this commit alters only the code; the affiliated comments within the source files also need to be updated, but doing so now would obscure the operational changes that have been made here.
* All on/off options have been switched to the numeric `#if' variant; that is the only way to make this `default_options.h.in' thing work in a reasonable manner. * There is now some very minor compile-time checking of the user's choice of options. * NO_FAST_EXPTMOD doesn't seem to be used, so it has been removed. * According to the file `CHANGES': 0.53 - Thurs 24 February 2011 ... DROPBEAR_SMALL_CODE is now disabled by default Thus, this commit disables it by default. * ENABLE_USER_ALGO_LIST was supposed to be renamed DROPBEAR_USER_ALGO_LIST, and this commit completes that work. * The configuration option `DROPBEAR_PASSWORD_ENV' is no longer listed in `default_options.h.in'; it is no longer meant to be set by the user, and is instead left to be defined in `sysoptions.h' (where it was already being defined) as merely the name of the environment variable in question: DROPBEAR_PASSWORD To enable or disable use of that environment variable, the user must now toggle `DROPBEAR_USE_DROPBEAR_PASSWORD'. * The sFTP support is now toggled by setting `DROPBEAR_SFTPSERVER', and the path of the sFTP server program is set independently through the usual SFTPSERVER_PATH. --- cli-auth.c | 4 ++- cli-runopts.c | 4 +-- default_options.h.in | 48 ++++++++++++++++++++++++------- libtomcrypt/src/headers/tomcrypt_custom.h | 10 +++---- netio.c | 2 +- runopts.h | 2 +- svr-authpubkeyoptions.c | 2 +- svr-chansession.c | 8 +++--- svr-main.c | 12 ++++---- svr-runopts.c | 10 +++---- svr-tcpfwd.c | 2 +- sysoptions.h | 6 +--- 12 files changed, 68 insertions(+), 42 deletions(-) diff --git a/cli-auth.c b/cli-auth.c index 3914c58..9392265 100644 --- a/cli-auth.c +++ b/cli-auth.c @@ -60,9 +60,11 @@ void cli_auth_getmethods() { */ if (ses.keys->trans.algo_comp != DROPBEAR_COMP_ZLIB_DELAY) { ses.authstate.authtypes = AUTH_TYPE_PUBKEY; +#if DROPBEAR_USE_DROPBEAR_PASSWORD if (getenv(DROPBEAR_PASSWORD_ENV)) { ses.authstate.authtypes |= AUTH_TYPE_PASSWORD | AUTH_TYPE_INTERACT; } +#endif if (cli_auth_try() == DROPBEAR_SUCCESS) { TRACE(("skipped initial none auth query")) /* Note that there will be two auth responses in-flight */ @@ -335,7 +337,7 @@ char* getpass_or_cancel(char* prompt) { char* password = NULL; -#ifdef DROPBEAR_PASSWORD_ENV +#if DROPBEAR_USE_DROPBEAR_PASSWORD /* Password provided in an environment var */ password = getenv(DROPBEAR_PASSWORD_ENV); if (password) diff --git a/cli-runopts.c b/cli-runopts.c index ca50709..2896d88 100644 --- a/cli-runopts.c +++ b/cli-runopts.c @@ -303,10 +303,10 @@ void cli_getopts(int argc, char ** argv) { case 'm': #endif case 'D': -#ifndef DROPBEAR_CLI_REMOTETCPFWD +#if !DROPBEAR_CLI_REMOTETCPFWD case 'R': #endif -#ifndef DROPBEAR_CLI_LOCALTCPFWD +#if !DROPBEAR_CLI_LOCALTCPFWD case 'L': #endif case 'V': diff --git a/default_options.h.in b/default_options.h.in index c44fb97..b061391 100644 --- a/default_options.h.in +++ b/default_options.h.in @@ -37,16 +37,15 @@ #define NON_INETD_MODE 1 #define INETD_MODE 1 -/* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is - * perhaps 20% slower for pubkey operations (it is probably worth experimenting - * if you want to use this) */ -/*#define NO_FAST_EXPTMOD*/ +#if !(NON_INETD_MODE || INETD_MODE) + #error "NON_INETD_MODE or INETD_MODE (or both) must be enabled." +#endif /* Set this if you want to use the DROPBEAR_SMALL_CODE option. This can save several kB in binary size however will make the symmetrical ciphers and hashes slower, perhaps by 50%. Recommended for small systems that aren't doing much traffic. */ -#define DROPBEAR_SMALL_CODE 1 +#define DROPBEAR_SMALL_CODE 0 /* Enable X11 Forwarding - server only */ #define DROPBEAR_X11FWD 1 @@ -78,7 +77,7 @@ #define DROPBEAR_CLI_NETCAT 1 /* Whether to support "-c" and "-m" flags to choose ciphers/MACs at runtime */ -#define ENABLE_USER_ALGO_LIST 1 +#define DROPBEAR_USER_ALGO_LIST 1 /* Encryption - at least one required. * Protocol RFC requires 3DES and recommends AES128 for interoperability. @@ -88,10 +87,15 @@ #define DROPBEAR_3DES 1 #define DROPBEAR_AES256 1 /* Compiling in Blowfish will add ~6kB to runtime heap memory usage */ -/*#define DROPBEAR_BLOWFISH*/ +#define DROPBEAR_BLOWFISH 0 #define DROPBEAR_TWOFISH256 1 #define DROPBEAR_TWOFISH128 1 +#if !(DROPBEAR_AES128 || DROPBEAR_3DES || DROPBEAR_AES256 || DROPBEAR_BLOWFISH \ + || DROPBEAR_TWOFISH256 || DROPBEAR_TWOFISH128) + #error "At least one encryption algorithm must be enabled; 3DES and AES129 are recommended." +#endif + /* Enable CBC mode for ciphers. This has security issues though * is the most compatible with older SSH implementations */ #define DROPBEAR_ENABLE_CBC_MODE 1 @@ -130,6 +134,10 @@ * on x86-64 */ #define DROPBEAR_ECDSA 1 +#if !(DROPBEAR_RSA || DROPBEAR_DSS || DROPBEAR_ECDSA) + #error "At least one hostkey or public-key algorithm must be enabled; RSA is recommended." +#endif + /* RSA must be >=1024 */ #define DROPBEAR_DEFAULT_RSA_SIZE 2048 /* DSS is always 1024 */ @@ -173,7 +181,7 @@ * windowBits=8 will use 129kB for compression. * Both modes will use ~35kB for decompression (using windowBits=15 for * interoperability) */ -#define DROPBEAR_ZLIB_WINDOW_BITS 15 +#define DROPBEAR_ZLIB_WINDOW_BITS 15 /* Whether to do reverse DNS lookups. */ #define DO_HOST_LOOKUP 0 @@ -204,6 +212,14 @@ #define DROPBEAR_SVR_PAM_AUTH 0 #define DROPBEAR_SVR_PUBKEY_AUTH 1 +#if !(DROPBEAR_SVR_PASSWORD_AUTH || DROPBEAR_SVR_PAM_AUTH || DROPBEAR_SVR_PUBKEY_AUTH) + #error "At least one server authentication type must be enabled; PUBKEY and PASSWORD are recommended." +#endif + +#if DROPBEAR_SVR_PASSWORD_AUTH && DROPBEAR_SVR_PAM_AUTH + #error "DROPBEAR_SVR_PASSWORD_AUTH cannot be enabled at the same time as DROPBEAR_SVR_PAM_AUTH." +#endif + /* Whether to take public key options in * authorized_keys file into account */ #define DROPBEAR_SVR_PUBKEY_OPTIONS 1 @@ -212,9 +228,16 @@ #ifdef HAVE_GETPASS #define DROPBEAR_CLI_PASSWORD_AUTH 1 #define DROPBEAR_CLI_INTERACT_AUTH 1 +#else +#define DROPBEAR_CLI_PASSWORD_AUTH 0 +#define DROPBEAR_CLI_INTERACT_AUTH 0 #endif #define DROPBEAR_CLI_PUBKEY_AUTH 1 +#if !(DROPBEAR_CLI_PASSWORD_AUTH || DROPBEAR_CLI_PUBKEY_AUTH) + #error "At least one client authentication type must be enabled; PUBKEY and PASSWORD are recommended." +#endif + /* A default argument for dbclient -i <privatekey>. Homedir is prepended unless path begins with / */ #define DROPBEAR_DEFAULT_CLI_AUTHKEY ".ssh/id_dropbear" @@ -225,7 +248,7 @@ * note that it will be provided for all "hidden" client-interactive * style prompts - if you want something more sophisticated, use * SSH_ASKPASS instead. Comment out this var to remove this functionality.*/ -#define DROPBEAR_PASSWORD_ENV "DROPBEAR_PASSWORD" +#define DROPBEAR_USE_DROPBEAR_PASSWORD 1 /* Define this (as well as DROPBEAR_CLI_PASSWORD_AUTH) to allow the use of * a helper program for the ssh client. The helper program should be @@ -234,6 +257,10 @@ * return the password on standard output */ #define DROPBEAR_CLI_ASKPASS_HELPER 0 +#if DROPBEAR_CLI_ASKPASS_HELPER + #define DROPBEAR_CLI_PASSWORD_AUTH 1 +#endif + /* Save a network roundtrip by sendng a real auth request immediately after * sending a query for the available methods. It is at the expense of < 100 * bytes of extra network traffic. This is not yet enabled by default since it @@ -248,7 +275,6 @@ /* Set this to use PRNGD or EGD instead of /dev/urandom or /dev/random */ /*#define DROPBEAR_PRNGD_SOCKET "/var/run/dropbear-rng"*/ - /* Specify the number of clients we will allow to be connected but * not yet authenticated. After this limit, connections are rejected */ /* The first setting is per-IP, to avoid denial of service */ @@ -270,6 +296,8 @@ * "-q" for quiet */ #define XAUTH_COMMAND "/usr/bin/xauth -q" +#define DROPBEAR_SFTPSERVER 1 + /* if you want to enable running an sftp server (such as the one included with * OpenSSH), set the path below. If the path isn't defined, sftp will not * be enabled */ diff --git a/libtomcrypt/src/headers/tomcrypt_custom.h b/libtomcrypt/src/headers/tomcrypt_custom.h index b6f4f1f..b1ceab4 100644 --- a/libtomcrypt/src/headers/tomcrypt_custom.h +++ b/libtomcrypt/src/headers/tomcrypt_custom.h @@ -64,7 +64,7 @@ #define LTC_NO_PRNGS #define LTC_NO_PK -#ifdef DROPBEAR_SMALL_CODE +#if DROPBEAR_SMALL_CODE #define LTC_SMALL_CODE #endif /* These spit out warnings etc */ @@ -97,7 +97,7 @@ /* #define LTC_NO_BSWAP */ -#ifdef DROPBEAR_BLOWFISH +#if DROPBEAR_BLOWFISH #define LTC_BLOWFISH #endif @@ -105,7 +105,7 @@ #define LTC_RIJNDAEL #endif -#ifdef DROPBEAR_TWOFISH +#if DROPBEAR_TWOFISH #define LTC_TWOFISH /* _TABLES tells it to use tables during setup, _SMALL means to use the smaller scheduled key format @@ -117,13 +117,13 @@ /*#define LTC_TWOFISH_TABLES*/ #endif -#ifdef DROPBEAR_3DES +#if DROPBEAR_3DES #define LTC_DES #endif #define LTC_CBC_MODE -#ifdef DROPBEAR_ENABLE_CTR_MODE +#if DROPBEAR_ENABLE_CTR_MODE #define LTC_CTR_MODE #endif diff --git a/netio.c b/netio.c index 89a0843..d63b9df 100644 --- a/netio.c +++ b/netio.c @@ -510,7 +510,7 @@ void getaddrstring(struct sockaddr_storage* addr, int flags = NI_NUMERICSERV | NI_NUMERICHOST; -#ifndef DO_HOST_LOOKUP +#if !DO_HOST_LOOKUP host_lookup = 0; #endif diff --git a/runopts.h b/runopts.h index 47c12f0..da804ba 100644 --- a/runopts.h +++ b/runopts.h @@ -86,7 +86,7 @@ typedef struct svr_runopts { int ipv6; */ -#ifdef DO_MOTD +#if DO_MOTD /* whether to print the MOTD */ int domotd; #endif diff --git a/svr-authpubkeyoptions.c b/svr-authpubkeyoptions.c index d08fc2c..19f07b9 100644 --- a/svr-authpubkeyoptions.c +++ b/svr-authpubkeyoptions.c @@ -100,7 +100,7 @@ void svr_pubkey_set_forced_command(struct ChanSess *chansess) { chansess->original_command = m_strdup(""); } chansess->cmd = m_strdup(ses.authstate.pubkey_options->forced_command); -#ifdef LOG_COMMANDS +#if LOG_COMMANDS dropbear_log(LOG_INFO, "Command forced to '%s'", chansess->original_command); #endif } diff --git a/svr-chansession.c b/svr-chansession.c index 22fc954..ce01e1b 100644 --- a/svr-chansession.c +++ b/svr-chansession.c @@ -658,7 +658,7 @@ static int sessioncommand(struct Channel *channel, struct ChanSess *chansess, } } if (issubsys) { -#ifdef SFTPSERVER_PATH +#if DROPBEAR_SFTPSERVER if ((cmdlen == 4) && strncmp(chansess->cmd, "sftp", 4) == 0) { m_free(chansess->cmd); chansess->cmd = m_strdup(SFTPSERVER_PATH); @@ -682,7 +682,7 @@ static int sessioncommand(struct Channel *channel, struct ChanSess *chansess, } -#ifdef LOG_COMMANDS +#if LOG_COMMANDS if (chansess->cmd) { dropbear_log(LOG_INFO, "User %s executing '%s'", ses.authstate.pw_name, chansess->cmd); @@ -769,7 +769,7 @@ static int ptycommand(struct Channel *channel, struct ChanSess *chansess) { pid_t pid; struct logininfo *li = NULL; -#ifdef DO_MOTD +#if DO_MOTD buffer * motdbuf = NULL; int len; struct stat sb; @@ -821,7 +821,7 @@ static int ptycommand(struct Channel *channel, struct ChanSess *chansess) { login_login(li); login_free_entry(li); -#ifdef DO_MOTD +#if DO_MOTD if (svr_opts.domotd && !chansess->cmd) { /* don't show the motd if ~/.hushlogin exists */ diff --git a/svr-main.c b/svr-main.c index d1ee764..35f327c 100644 --- a/svr-main.c +++ b/svr-main.c @@ -35,10 +35,10 @@ static size_t listensockets(int *sock, size_t sockcount, int *maxfd); static void sigchld_handler(int dummy); static void sigsegv_handler(int); static void sigintterm_handler(int fish); -#ifdef INETD_MODE +#if INETD_MODE static void main_inetd(void); #endif -#ifdef NON_INETD_MODE +#if NON_INETD_MODE static void main_noinetd(void); #endif static void commonsetup(void); @@ -58,7 +58,7 @@ int main(int argc, char ** argv) /* get commandline options */ svr_getopts(argc, argv); -#ifdef INETD_MODE +#if INETD_MODE /* service program mode */ if (svr_opts.inetdmode) { main_inetd(); @@ -66,7 +66,7 @@ int main(int argc, char ** argv) } #endif -#ifdef NON_INETD_MODE +#if NON_INETD_MODE main_noinetd(); /* notreached */ #endif @@ -76,7 +76,7 @@ int main(int argc, char ** argv) } #endif -#ifdef INETD_MODE +#if INETD_MODE static void main_inetd() { char *host, *port = NULL; @@ -103,7 +103,7 @@ static void main_inetd() { } #endif /* INETD_MODE */ -#ifdef NON_INETD_MODE +#if NON_INETD_MODE static void main_noinetd() { fd_set fds; unsigned int i, j; diff --git a/svr-runopts.c b/svr-runopts.c index cca5562..3d97023 100644 --- a/svr-runopts.c +++ b/svr-runopts.c @@ -64,7 +64,7 @@ static void printhelp(const char * progname) { #else "-E Log to stderr rather than syslog\n" #endif -#ifdef DO_MOTD +#if DO_MOTD "-m Don't display the motd on login\n" #endif "-w Disallow root logins\n" @@ -88,7 +88,7 @@ static void printhelp(const char * progname) { " (default port is %s if none specified)\n" "-P PidFile Create pid file PidFile\n" " (default %s)\n" -#ifdef INETD_MODE +#if INETD_MODE "-i Start for inetd\n" #endif "-W <receive_window_buffer> (default %d, larger may be faster, max 1MB)\n" @@ -156,7 +156,7 @@ void svr_getopts(int argc, char ** argv) { opts.ipv4 = 1; opts.ipv6 = 1; */ -#ifdef DO_MOTD +#if DO_MOTD svr_opts.domotd = 1; #endif #ifndef DISABLE_SYSLOG @@ -210,7 +210,7 @@ void svr_getopts(int argc, char ** argv) { opts.listen_fwd_all = 1; break; #endif -#ifdef INETD_MODE +#if INETD_MODE case 'i': svr_opts.inetdmode = 1; break; @@ -221,7 +221,7 @@ void svr_getopts(int argc, char ** argv) { case 'P': next = &svr_opts.pidfile; break; -#ifdef DO_MOTD +#if DO_MOTD /* motd is displayed by default, -m turns it off */ case 'm': svr_opts.domotd = 0; diff --git a/svr-tcpfwd.c b/svr-tcpfwd.c index 207587c..8a4765a 100644 --- a/svr-tcpfwd.c +++ b/svr-tcpfwd.c @@ -35,7 +35,7 @@ #include "auth.h" #include "netio.h" -#ifndef DROPBEAR_SVR_REMOTETCPFWD +#if !DROPBEAR_SVR_REMOTETCPFWD /* This is better than SSH_MSG_UNIMPLEMENTED */ void recv_msg_global_request_remotetcp() { diff --git a/sysoptions.h b/sysoptions.h index 64b149e..a1f33e6 100644 --- a/sysoptions.h +++ b/sysoptions.h @@ -192,7 +192,7 @@ #define DROPBEAR_CLI_MULTIHOP ((DROPBEAR_CLI_NETCAT) && (DROPBEAR_CLI_PROXYCMD)) -#define ENABLE_CONNECT_UNIX ((DROPBEAR_CLI_AGENTFWD) || (DROPBEAR_PRNGD_SOCKET)) +#define ENABLE_CONNECT_UNIX ((DROPBEAR_CLI_AGENTFWD) || (defined DROPBEAR_PRNGD_SOCKET)) /* if we're using authorized_keys or known_hosts */ #define DROPBEAR_KEY_LINES ((DROPBEAR_CLIENT) || (DROPBEAR_SVR_PUBKEY_AUTH)) @@ -201,10 +201,6 @@ * with flushing compressed data */ #define DROPBEAR_ZLIB_MEM_LEVEL 8 -#if (DROPBEAR_SVR_PASSWORD_AUTH) && (DROPBEAR_SVR_PAM_AUTH) -#error "You can't turn on PASSWORD and PAM auth both at once. Fix it in options.h" -#endif - /* We use dropbear_client and dropbear_server as shortcuts to avoid redundant * code, if we're just compiling as client or server */ #if (DROPBEAR_SERVER) && (DROPBEAR_CLIENT) -- 2.10.0