Date: Mon, 17 Jul 2017 21:11:17 -0000 * These macros are not used anywhere, and have therefore been removed:
MIN_DSS_KEYLEN ENV_SIZE * According to `CHANGES', the macro `DROPBEAR_CLEANUP' is supposed to be disabled by default; this commit disables it by default. * A number of the object-like macros that have been in `constant_options.h' are meant to be potentially customized by the user; thus, they have been moved to the bottom of `default_options.h.in', where it is noted that they are options which are experimental or which probably should not be changed. The "define guard" has been removed from each object-like macro that does belong in `constant_options.h'; this file provides each such macro's definition, which is not meant to be overridden. Interestingly, The C11 standard states the following in section 6.10.3, paragraph 2: An identifier currently defined as an object-like macro shall not be redefined by another #define preprocessing directive unless the second definition is an object-like macro definition and the two replacement lists are identical So, in a sense, each object-like macro definition in `constant_options.h' should perhaps be preceded by a corresponding `#undef', just to make sure that any attempts to override the definition are undone "properly", as per the C standard. However, that seems ridiculous; instead, any breach of that rule can instead be interpreted as the fault of the one who is trying to override the definition. No corresponding `#undef' is included. --- constant_options.h | 125 +-------------------------------------------------- default_options.h.in | 118 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 120 insertions(+), 123 deletions(-) diff --git a/constant_options.h b/constant_options.h index a1f33e6..21177ea 100644 --- a/constant_options.h +++ b/constant_options.h @@ -3,72 +3,15 @@ * This file is only included from options.h *******************************************************************/ -#ifndef DROPBEAR_VERSION #define DROPBEAR_VERSION "2017.75" -#endif #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION #define PROGNAME "dropbear" -/* Spec recommends after one hour or 1 gigabyte of data. One hour - * is a bit too verbose, so we try 8 hours */ -#ifndef KEX_REKEY_TIMEOUT -#define KEX_REKEY_TIMEOUT (3600 * 8) -#endif -#ifndef KEX_REKEY_DATA -#define KEX_REKEY_DATA (1<<30) /* 2^30 == 1GB, this value must be < INT_MAX */ -#endif -/* Close connections to clients which haven't authorised after AUTH_TIMEOUT */ -#ifndef AUTH_TIMEOUT -#define AUTH_TIMEOUT 300 /* we choose 5 minutes */ -#endif - - #define DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT ((DROPBEAR_SVR_PUBKEY_AUTH) && (DROPBEAR_SVR_PUBKEY_OPTIONS)) - -/* A client should try and send an initial key exchange packet guessing - * the algorithm that will match - saves a round trip connecting, has little - * overhead if the guess was "wrong". */ -#ifndef DROPBEAR_KEX_FIRST_FOLLOWS -#define DROPBEAR_KEX_FIRST_FOLLOWS 1 -#endif -/* Use protocol extension to allow "first follows" to succeed more frequently. - * This is currently Dropbear-specific but will gracefully fallback when connecting - * to other implementations. */ -#ifndef DROPBEAR_KEXGUESS2 -#define DROPBEAR_KEXGUESS2 1 -#endif - -/* Minimum key sizes for DSS and RSA */ -#ifndef MIN_DSS_KEYLEN -#define MIN_DSS_KEYLEN 1024 -#endif -#ifndef MIN_RSA_KEYLEN -#define MIN_RSA_KEYLEN 1024 -#endif +#define DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT ((DROPBEAR_SVR_PUBKEY_AUTH) && (DROPBEAR_SVR_PUBKEY_OPTIONS)) -#define MAX_BANNER_SIZE 2000 /* this is 25*80 chars, any more is foolish */ -#define MAX_BANNER_LINES 20 /* How many lines the client will display */ - -/* the number of NAME=VALUE pairs to malloc for environ, if we don't have - * the clearenv() function */ -#define ENV_SIZE 100 - -#define MAX_CMD_LEN 9000 /* max length of a command */ -#define MAX_TERM_LEN 200 /* max length of TERM name */ - -#define MAX_HOST_LEN 254 /* max hostname len for tcp fwding */ #define MAX_IP_LEN 15 /* strlen("255.255.255.255") == 15 */ -#define DROPBEAR_MAX_PORTS 10 /* max number of ports which can be specified, - ipv4 and ipv6 don't count twice */ - -/* Each port might have at least a v4 and a v6 address */ -#define MAX_LISTEN_ADDR (DROPBEAR_MAX_PORTS*3) - -#define _PATH_TTY "/dev/tty" - -#define _PATH_CP "/bin/cp" - #define DROPBEAR_ESCAPE_CHAR '~' /* success/failure defines */ @@ -95,7 +38,6 @@ #define MAX_MAC_LEN 20 #endif - #define DROPBEAR_ECC ((DROPBEAR_ECDH) || (DROPBEAR_ECDSA)) /* Debian doesn't define this in system headers */ @@ -109,11 +51,6 @@ #define DROPBEAR_LTC_PRNG (DROPBEAR_ECC) -/* RSA can be vulnerable to timing attacks which use the time required for - * signing to guess the private key. Blinding avoids this attack, though makes - * signing operations slightly slower. */ -#define DROPBEAR_RSA_BLINDING 1 - /* hashes which will be linked and registered */ #define DROPBEAR_SHA256 ((DROPBEAR_SHA2_256_HMAC) || (DROPBEAR_ECC_256) \ || (DROPBEAR_CURVE25519) || (DROPBEAR_DH_GROUP14_SHA256)) @@ -130,39 +67,15 @@ /* roughly 2x 521 bits */ #define MAX_ECC_SIZE 140 -#define MAX_NAME_LEN 64 /* maximum length of a protocol name, isn't - explicitly specified for all protocols (just - for algos) but seems valid */ - -#define MAX_PROPOSED_ALGO 20 - /* size/count limits */ /* From transport rfc */ #define MIN_PACKET_LEN 16 -#define RECV_MAX_PACKET_LEN (MAX(35000, ((RECV_MAX_PAYLOAD_LEN)+100))) - -/* for channel code */ -#define TRANS_MAX_WINDOW 500000000 /* 500MB is sufficient, stopping overflow */ -#define TRANS_MAX_WIN_INCR 500000000 /* overflow prevention */ - -#define RECV_WINDOWEXTEND (opts.recv_window / 3) /* We send a "window extend" every - RECV_WINDOWEXTEND bytes */ -#define MAX_RECV_WINDOW (1024*1024) /* 1 MB should be enough */ - -#define MAX_CHANNELS 1000 /* simple mem restriction, includes each tcp/x11 - connection, so can't be _too_ small */ - -#define MAX_STRING_LEN (MAX(MAX_CMD_LEN, 2400)) /* Sun SSH needs 2400 for algos, - MAX_CMD_LEN is usually longer */ - /* For a 4096 bit DSS key, empirically determined */ #define MAX_PUBKEY_SIZE 1700 /* For a 4096 bit DSS key, empirically determined */ #define MAX_PRIVKEY_SIZE 1700 -#define MAX_HOSTKEYS 3 - /* The maximum size of the bignum portion of the kexhash buffer */ /* Sect. 8 of the transport rfc 4253, K_S + e + f + K */ #define KEXHASHBUF_MAX_INTS (1700 + 130 + 130 + 130) @@ -170,13 +83,6 @@ #define DROPBEAR_MAX_SOCKS 2 /* IPv4, IPv6 are all we'll get for now. Revisit in a few years time.... */ -#define DROPBEAR_MAX_CLI_PASS 1024 - -#define DROPBEAR_MAX_CLI_INTERACT_PROMPTS 80 /* The number of prompts we'll - accept for keyb-interactive - auth */ - - #define DROPBEAR_AES ((DROPBEAR_AES256) || (DROPBEAR_AES128)) #define DROPBEAR_TWOFISH ((DROPBEAR_TWOFISH256) || (DROPBEAR_TWOFISH128)) @@ -197,10 +103,6 @@ /* if we're using authorized_keys or known_hosts */ #define DROPBEAR_KEY_LINES ((DROPBEAR_CLIENT) || (DROPBEAR_SVR_PUBKEY_AUTH)) -/* Changing this is inadvisable, it appears to have problems - * with flushing compressed data */ -#define DROPBEAR_ZLIB_MEM_LEVEL 8 - /* We use dropbear_client and dropbear_server as shortcuts to avoid redundant * code, if we're just compiling as client or server */ #if (DROPBEAR_SERVER) && (DROPBEAR_CLIENT) @@ -223,7 +125,7 @@ #define IS_DROPBEAR_SERVER 0 #define IS_DROPBEAR_CLIENT 0 -#endif /* neither DROPBEAR_SERVER nor DROPBEAR_CLIENT */ +#endif #ifdef HAVE_FORK #define DROPBEAR_VFORK 0 @@ -231,33 +133,10 @@ #define DROPBEAR_VFORK 1 #endif -#ifndef DROPBEAR_LISTEN_BACKLOG #if MAX_UNAUTH_CLIENTS > MAX_CHANNELS #define DROPBEAR_LISTEN_BACKLOG MAX_UNAUTH_CLIENTS #else #define DROPBEAR_LISTEN_BACKLOG MAX_CHANNELS #endif -#endif - -#ifndef DROPBEAR_NONE_CIPHER -#define DROPBEAR_NONE_CIPHER 0 -#endif - -/* free memory before exiting */ -#define DROPBEAR_CLEANUP 1 - -/* Use this string since some implementations might special-case it */ -#define DROPBEAR_KEEPALIVE_STRING "keepal...@openssh.com" - -/* Linux will attempt TCP fast open, falling back if not supported by the kernel. - * Currently server is enabled but client is disabled by default until there - * is further compatibility testing */ -#ifdef __linux__ -#define DROPBEAR_SERVER_TCP_FAST_OPEN 1 -#define DROPBEAR_CLIENT_TCP_FAST_OPEN 0 -#else -#define DROPBEAR_SERVER_TCP_FAST_OPEN 0 -#define DROPBEAR_CLIENT_TCP_FAST_OPEN 0 -#endif /* no include guard for this file */ diff --git a/default_options.h.in b/default_options.h.in index 2ba3d87..3d21440 100644 --- a/default_options.h.in +++ b/default_options.h.in @@ -401,4 +401,122 @@ // else. #define DEFAULT_PATH "/usr/bin:/bin" +/////////////////////////// +//// DANGEROUS OPTIONS //// +/////////////////////////// +// +// The following options are experimental or +// should probably be left unchanged. + +// Close connections to clients which haven't authorised after AUTH_TIMEOUT +#define AUTH_TIMEOUT 300 /* we choose 5 minutes */ + +// Spec recommends after one hour or 1 GiB of data. One hour +// is a bit too verbose, so we try 8 hours. +#define KEX_REKEY_TIMEOUT (3600 * 8) + +// 2^30 == 1 GiB; this value must be < INT_MAX +#define KEX_REKEY_DATA (1<<30) + +// A client should try to send an initial key exchange packet guessing +// the algorithm that will match; this saves a round trip when connecting, +// and it has little overhead when the guess is "wrong". +#define DROPBEAR_KEX_FIRST_FOLLOWS 1 + +// Use a protocol extension to allow "first follows" to succeed more +// frequently. This is currently Dropbear-specific, but will gracefully +// fallback when connecting to other implementations. +#define DROPBEAR_KEXGUESS2 1 + +// Minimum key size for RSA. +#define MIN_RSA_KEYLEN 1024 + +// This is 25*80 chars; any more is foolish. +#define MAX_BANNER_SIZE 2000 +// How many lines the client will display. +#define MAX_BANNER_LINES 20 + +// Max length of a command +#define MAX_CMD_LEN 9000 +// Max length of TERM name +#define MAX_TERM_LEN 200 +// Max hostname length for TCP forwarding +#define MAX_HOST_LEN 254 + +// Max length of a protocol name; this isn't explicitly specified for all +// protocols (just for algos), but this value seems reasonable. +#define MAX_NAME_LEN 64 +#define MAX_PROPOSED_ALGO 20 + +// Max number of ports which can be specified; +// IPv4 and IPv6 don't count twice. +#define DROPBEAR_MAX_PORTS 10 +// Each port might have at least a v4 and a v6 address */ +#define MAX_LISTEN_ADDR (DROPBEAR_MAX_PORTS*3) + +#define _PATH_TTY "/dev/tty" +#define _PATH_CP "/bin/cp" + +// RSA can be vulnerable to timing attacks which use the time required for +// signing to guess the private key. Blinding avoids this attack, though +// makes signing operations slightly slower. +#define DROPBEAR_RSA_BLINDING 1 + +#define RECV_MAX_PACKET_LEN (MAX(35000, ((RECV_MAX_PAYLOAD_LEN)+100))) + +// For channel code. +// +// 500MB is sufficient to stop overflow. +#define TRANS_MAX_WINDOW 500000000 +// Overflow prevention. +#define TRANS_MAX_WIN_INCR 500000000 + +// We send a "window extend" every RECV_WINDOWEXTEND bytes. +#define RECV_WINDOWEXTEND (opts.recv_window / 3) + +//1 MiB should be enough. +#define MAX_RECV_WINDOW (1024*1024) + +// This provides a simple memory restriction; it entails each TCP/X11 +// connection, so it can't be *too* small. +#define MAX_CHANNELS 1000 + +// Sun SSH needs at least 2400 for algos; MAX_CMD_LEN is usually longer. +#define MAX_STRING_LEN (MAX(MAX_CMD_LEN, 2400)) + +#define MAX_HOSTKEYS 3 + +#define DROPBEAR_MAX_CLI_PASS 1024 +// The number of prompts we'll accept for keyb-interactive auth. +#define DROPBEAR_MAX_CLI_INTERACT_PROMPTS 80 + +// Changing this is inadvisable; it appears to have problems +// with flushing compressed data. +#define DROPBEAR_ZLIB_MEM_LEVEL 8 + +// A hack for to run dropbear with the "none" cipher. +// DO NOT ENABLE IT IF YOU DON'T KNOW THE CONSEQUENCES! +// Here is your noose. Use it wisely. +#define DROPBEAR_NONE_CIPHER 0 + +// Free memory before exiting. +// +// This is useful for embedded systems and for checking memory leaks +// with valgrind. +#define DROPBEAR_CLEANUP 0 + +// Use this string since some implementations might special-case it. +#define DROPBEAR_KEEPALIVE_STRING "keepal...@openssh.com" + +// Linux will attempt TCP fast open, falling back if not supported by the kernel. +// Currently server is enabled but client is disabled by default until there +// is further compatibility testing. +#ifdef __linux__ +#define DROPBEAR_SERVER_TCP_FAST_OPEN 1 +#define DROPBEAR_CLIENT_TCP_FAST_OPEN 0 +#else +#define DROPBEAR_SERVER_TCP_FAST_OPEN 0 +#define DROPBEAR_CLIENT_TCP_FAST_OPEN 0 +#endif + #endif /* DROPBEAR_DEFAULT_OPTIONS_H_ */ -- 2.10.0