1 /******************************************************************* 2 * You shouldn't edit this file unless you know you need to. 3 * This file is only included from options.h 4 *******************************************************************/ 5 6 #ifndef DROPBEAR_VERSION 7 #define DROPBEAR_VERSION "2020.81" 8 #endif 9 10 #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION 11 #define PROGNAME "dropbear" 12 13 /* Spec recommends after one hour or 1 gigabyte of data. One hour 14 * is a bit too verbose, so we try 8 hours */ 15 #ifndef KEX_REKEY_TIMEOUT 16 #define KEX_REKEY_TIMEOUT (3600 * 8) 17 #endif 18 #ifndef KEX_REKEY_DATA 19 #define KEX_REKEY_DATA (1<<30) /* 2^30 == 1GB, this value must be < INT_MAX */ 20 #endif 21 /* Close connections to clients which haven't authorised after AUTH_TIMEOUT */ 22 #ifndef AUTH_TIMEOUT 23 #define AUTH_TIMEOUT 300 /* we choose 5 minutes */ 24 #endif 25 26 #define DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT ((DROPBEAR_SVR_PUBKEY_AUTH) && (DROPBEAR_SVR_PUBKEY_OPTIONS)) 27 28 #if !(NON_INETD_MODE || INETD_MODE) 29 #error "NON_INETD_MODE or INETD_MODE (or both) must be enabled." 30 #endif 31 32 /* A client should try and send an initial key exchange packet guessing 33 * the algorithm that will match - saves a round trip connecting, has little 34 * overhead if the guess was "wrong". */ 35 #ifndef DROPBEAR_KEX_FIRST_FOLLOWS 36 #define DROPBEAR_KEX_FIRST_FOLLOWS 1 37 #endif 38 /* Use protocol extension to allow "first follows" to succeed more frequently. 39 * This is currently Dropbear-specific but will gracefully fallback when connecting 40 * to other implementations. */ 41 #ifndef DROPBEAR_KEXGUESS2 42 #define DROPBEAR_KEXGUESS2 1 43 #endif 44 45 /* Minimum key sizes for DSS and RSA */ 46 #ifndef MIN_DSS_KEYLEN 47 #define MIN_DSS_KEYLEN 1024 48 #endif 49 #ifndef MIN_RSA_KEYLEN 50 #define MIN_RSA_KEYLEN 1024 51 #endif 52 53 #define MAX_BANNER_SIZE 2000 /* this is 25*80 chars, any more is foolish */ 54 #define MAX_BANNER_LINES 20 /* How many lines the client will display */ 55 56 /* the number of NAME=VALUE pairs to malloc for environ, if we don't have 57 * the clearenv() function */ 58 #define ENV_SIZE 100 59 60 #define MAX_CMD_LEN 9000 /* max length of a command */ 61 #define MAX_TERM_LEN 200 /* max length of TERM name */ 62 63 #define MAX_HOST_LEN 254 /* max hostname len for tcp fwding */ 64 #define MAX_IP_LEN 15 /* strlen("255.255.255.255") == 15 */ 65 66 #define DROPBEAR_MAX_PORTS 10 /* max number of ports which can be specified, 67 ipv4 and ipv6 don't count twice */ 68 69 /* Each port might have at least a v4 and a v6 address */ 70 #define MAX_LISTEN_ADDR (DROPBEAR_MAX_PORTS*3) 71 72 #define _PATH_TTY "/dev/tty" 73 74 #define _PATH_CP "/bin/cp" 75 76 #define DROPBEAR_ESCAPE_CHAR '~' 77 78 /* success/failure defines */ 79 #define DROPBEAR_SUCCESS 0 80 #define DROPBEAR_FAILURE -1 81 82 #define DROPBEAR_PASSWORD_ENV "DROPBEAR_PASSWORD" 83 84 #define DROPBEAR_NGROUP_MAX 1024 85 86 /* Required for pubkey auth */ 87 #define DROPBEAR_SIGNKEY_VERIFY ((DROPBEAR_SVR_PUBKEY_AUTH) || (DROPBEAR_CLIENT)) 88 89 #define DROPBEAR_MAX_PASSWORD_LEN 100 90 91 #define SHA1_HASH_SIZE 20 92 #define MD5_HASH_SIZE 16 93 #define MAX_HASH_SIZE 64 /* sha512 */ 94 95 #if DROPBEAR_CHACHA20POLY1305 96 #define MAX_KEY_LEN 64 /* 2 x 256 bits for chacha20 */ 97 #else 98 #define MAX_KEY_LEN 32 /* 256 bits for aes256 etc */ 99 #endif 100 #define MAX_IV_LEN 20 /* must be same as max blocksize, */ 101 102 #if DROPBEAR_SHA2_512_HMAC 103 #define MAX_MAC_LEN 64 104 #elif DROPBEAR_SHA2_256_HMAC 105 #define MAX_MAC_LEN 32 106 #else 107 #define MAX_MAC_LEN 20 108 #endif 109 110 /* sha2-512 is not necessary unless unforseen problems arise with sha2-256 */ 111 #ifndef DROPBEAR_SHA2_512_HMAC 112 #define DROPBEAR_SHA2_512_HMAC 0 113 #endif 114 115 /* might be needed for compatibility with very old implementations */ 116 #ifndef DROPBEAR_MD5_HMAC 117 #define DROPBEAR_MD5_HMAC 0 118 #endif 119 120 /* Twofish counter mode is disabled by default because it 121 has not been tested for interoperability with other SSH implementations. 122 If you test it please contact the Dropbear author */ 123 #ifndef DROPBEAR_TWOFISH_CTR 124 #define DROPBEAR_TWOFISH_CTR 0 125 #endif 126 127 128 #define DROPBEAR_ECC ((DROPBEAR_ECDH) || (DROPBEAR_ECDSA)) 129 130 /* Debian doesn't define this in system headers */ 131 #if !defined(LTM_DESC) && (DROPBEAR_ECC) 132 #define LTM_DESC 133 #endif 134 135 #define DROPBEAR_ECC_256 (DROPBEAR_ECC) 136 #define DROPBEAR_ECC_384 (DROPBEAR_ECC) 137 #define DROPBEAR_ECC_521 (DROPBEAR_ECC) 138 139 #define DROPBEAR_LTC_PRNG (DROPBEAR_ECC) 140 141 /* RSA can be vulnerable to timing attacks which use the time required for 142 * signing to guess the private key. Blinding avoids this attack, though makes 143 * signing operations slightly slower. */ 144 #define DROPBEAR_RSA_BLINDING 1 145 146 #ifndef DROPBEAR_RSA_SHA1 147 #define DROPBEAR_RSA_SHA1 DROPBEAR_RSA 148 #endif 149 #ifndef DROPBEAR_RSA_SHA256 150 #define DROPBEAR_RSA_SHA256 DROPBEAR_RSA 151 #endif 152 153 /* hashes which will be linked and registered */ 154 #define DROPBEAR_SHA256 ((DROPBEAR_SHA2_256_HMAC) || (DROPBEAR_ECC_256) \ 155 || (DROPBEAR_CURVE25519) || (DROPBEAR_DH_GROUP14_SHA256) \ 156 || (DROPBEAR_RSA_SHA256)) 157 #define DROPBEAR_SHA384 (DROPBEAR_ECC_384) 158 /* LTC SHA384 depends on SHA512 */ 159 #define DROPBEAR_SHA512 ((DROPBEAR_SHA2_512_HMAC) || (DROPBEAR_ECC_521) \ 160 || (DROPBEAR_SHA384) || (DROPBEAR_DH_GROUP16) \ 161 || (DROPBEAR_ED25519)) 162 #define DROPBEAR_MD5 (DROPBEAR_MD5_HMAC) 163 164 #define DROPBEAR_DH_GROUP14 ((DROPBEAR_DH_GROUP14_SHA256) || (DROPBEAR_DH_GROUP14_SHA1)) 165 166 #define DROPBEAR_NORMAL_DH ((DROPBEAR_DH_GROUP1) || (DROPBEAR_DH_GROUP14) || (DROPBEAR_DH_GROUP16)) 167 168 /* Dropbear only uses server-sig-algs, only needed if we have rsa-sha256 pubkey auth */ 169 #define DROPBEAR_EXT_INFO ((DROPBEAR_RSA_SHA256) \ 170 && ((DROPBEAR_CLI_PUBKEY_AUTH) || (DROPBEAR_SVR_PUBKEY_AUTH))) 171 172 /* roughly 2x 521 bits */ 173 #define MAX_ECC_SIZE 140 174 175 #define MAX_NAME_LEN 64 /* maximum length of a protocol name, isn't 176 explicitly specified for all protocols (just 177 for algos) but seems valid */ 178 179 #define MAX_PROPOSED_ALGO 50 180 181 /* size/count limits */ 182 /* From transport rfc */ 183 #define MIN_PACKET_LEN 16 184 185 #define RECV_MAX_PACKET_LEN (MAX(35000, ((RECV_MAX_PAYLOAD_LEN)+100))) 186 187 /* for channel code */ 188 #define TRANS_MAX_WINDOW 500000000 /* 500MB is sufficient, stopping overflow */ 189 #define TRANS_MAX_WIN_INCR 500000000 /* overflow prevention */ 190 191 #define RECV_WINDOWEXTEND (opts.recv_window / 3) /* We send a "window extend" every 192 RECV_WINDOWEXTEND bytes */ 193 #define MAX_RECV_WINDOW (1024*1024) /* 1 MB should be enough */ 194 195 #define MAX_CHANNELS 1000 /* simple mem restriction, includes each tcp/x11 196 connection, so can't be _too_ small */ 197 198 #define MAX_STRING_LEN (MAX(MAX_CMD_LEN, 2400)) /* Sun SSH needs 2400 for algos, 199 MAX_CMD_LEN is usually longer */ 200 201 /* For a 4096 bit DSS key, empirically determined */ 202 #define MAX_PUBKEY_SIZE 1700 203 /* For a 4096 bit DSS key, empirically determined */ 204 #define MAX_PRIVKEY_SIZE 1700 205 206 #define MAX_HOSTKEYS 4 207 208 /* The maximum size of the bignum portion of the kexhash buffer */ 209 /* Sect. 8 of the transport rfc 4253, K_S + e + f + K */ 210 #define KEXHASHBUF_MAX_INTS (1700 + 130 + 130 + 130) 211 212 #define DROPBEAR_MAX_SOCKS 2 /* IPv4, IPv6 are all we'll get for now. Revisit 213 in a few years time.... */ 214 215 #define DROPBEAR_MAX_CLI_PASS 1024 216 217 #define DROPBEAR_MAX_CLI_INTERACT_PROMPTS 80 /* The number of prompts we'll 218 accept for keyb-interactive 219 auth */ 220 221 222 #define DROPBEAR_AES ((DROPBEAR_AES256) || (DROPBEAR_AES128)) 223 224 #define DROPBEAR_TWOFISH ((DROPBEAR_TWOFISH256) || (DROPBEAR_TWOFISH128)) 225 226 #define DROPBEAR_AEAD_MODE ((DROPBEAR_CHACHA20POLY1305) || (DROPBEAR_ENABLE_GCM_MODE)) 227 228 #define DROPBEAR_CLI_ANYTCPFWD ((DROPBEAR_CLI_REMOTETCPFWD) || (DROPBEAR_CLI_LOCALTCPFWD)) 229 230 #define DROPBEAR_TCP_ACCEPT ((DROPBEAR_CLI_LOCALTCPFWD) || (DROPBEAR_SVR_REMOTETCPFWD)) 231 232 #define DROPBEAR_LISTENERS \ 233 ((DROPBEAR_CLI_REMOTETCPFWD) || (DROPBEAR_CLI_LOCALTCPFWD) || \ 234 (DROPBEAR_SVR_REMOTETCPFWD) || (DROPBEAR_SVR_LOCALTCPFWD) || \ 235 (DROPBEAR_SVR_AGENTFWD) || (DROPBEAR_X11FWD)) 236 237 #define DROPBEAR_CLI_MULTIHOP ((DROPBEAR_CLI_NETCAT) && (DROPBEAR_CLI_PROXYCMD)) 238 239 #define ENABLE_CONNECT_UNIX ((DROPBEAR_CLI_AGENTFWD) || (DROPBEAR_USE_PRNGD)) 240 241 /* if we're using authorized_keys or known_hosts */ 242 #define DROPBEAR_KEY_LINES ((DROPBEAR_CLIENT) || (DROPBEAR_SVR_PUBKEY_AUTH)) 243 244 /* Changing this is inadvisable, it appears to have problems 245 * with flushing compressed data */ 246 #define DROPBEAR_ZLIB_MEM_LEVEL 8 247 248 #if (DROPBEAR_SVR_PASSWORD_AUTH) && (DROPBEAR_SVR_PAM_AUTH) 249 #error "You can't turn on PASSWORD and PAM auth both at once. Fix it in localoptions.h" 250 #endif 251 252 /* PAM requires ./configure --enable-pam */ 253 #if !defined(HAVE_LIBPAM) && DROPBEAR_SVR_PAM_AUTH 254 #error "DROPBEAR_SVR_PATM_AUTH requires PAM headers. Perhaps ./configure --enable-pam ?" 255 #endif 256 257 #if DROPBEAR_SVR_PASSWORD_AUTH && !HAVE_CRYPT 258 #error "DROPBEAR_SVR_PASSWORD_AUTH requires `crypt()'." 259 #endif 260 261 #if !(DROPBEAR_SVR_PASSWORD_AUTH || DROPBEAR_SVR_PAM_AUTH || DROPBEAR_SVR_PUBKEY_AUTH) 262 #error "At least one server authentication type must be enabled. DROPBEAR_SVR_PUBKEY_AUTH and DROPBEAR_SVR_PASSWORD_AUTH are recommended." 263 #endif 264 265 #if (DROPBEAR_PLUGIN && !DROPBEAR_SVR_PUBKEY_AUTH) 266 #error "You must define DROPBEAR_SVR_PUBKEY_AUTH in order to use plugins" 267 #endif 268 269 #if !(DROPBEAR_AES128 || DROPBEAR_3DES || DROPBEAR_AES256 || DROPBEAR_BLOWFISH \ 270 || DROPBEAR_TWOFISH256 || DROPBEAR_TWOFISH128 || DROPBEAR_CHACHA20POLY1305) 271 #error "At least one encryption algorithm must be enabled. AES128 is recommended." 272 #endif 273 274 #if !(DROPBEAR_RSA || DROPBEAR_DSS || DROPBEAR_ECDSA || DROPBEAR_ED25519) 275 #error "At least one hostkey or public-key algorithm must be enabled; RSA is recommended." 276 #endif 277 278 /* Source for randomness. This must be able to provide hundreds of bytes per SSH 279 * connection without blocking. */ 280 #ifndef DROPBEAR_URANDOM_DEV 281 #define DROPBEAR_URANDOM_DEV "/dev/urandom" 282 #endif 283 284 /* client keyboard interactive authentication is often used for password auth. 285 rfc4256 */ 286 #define DROPBEAR_CLI_INTERACT_AUTH (DROPBEAR_CLI_PASSWORD_AUTH) 287 288 /* We use dropbear_client and dropbear_server as shortcuts to avoid redundant 289 * code, if we're just compiling as client or server */ 290 #if (DROPBEAR_SERVER) && (DROPBEAR_CLIENT) 291 292 #define IS_DROPBEAR_SERVER (ses.isserver == 1) 293 #define IS_DROPBEAR_CLIENT (ses.isserver == 0) 294 295 #elif DROPBEAR_SERVER 296 297 #define IS_DROPBEAR_SERVER 1 298 #define IS_DROPBEAR_CLIENT 0 299 300 #elif DROPBEAR_CLIENT 301 302 #define IS_DROPBEAR_SERVER 0 303 #define IS_DROPBEAR_CLIENT 1 304 305 #else 306 /* Just building key utils? */ 307 #define IS_DROPBEAR_SERVER 0 308 #define IS_DROPBEAR_CLIENT 0 309 310 #endif /* neither DROPBEAR_SERVER nor DROPBEAR_CLIENT */ 311 312 #ifdef HAVE_FORK 313 #define DROPBEAR_VFORK 0 314 #else 315 #define DROPBEAR_VFORK 1 316 #endif 317 318 #ifndef DROPBEAR_LISTEN_BACKLOG 319 #if MAX_UNAUTH_CLIENTS > MAX_CHANNELS 320 #define DROPBEAR_LISTEN_BACKLOG MAX_UNAUTH_CLIENTS 321 #else 322 #define DROPBEAR_LISTEN_BACKLOG MAX_CHANNELS 323 #endif 324 #endif 325 326 /* free memory before exiting */ 327 #define DROPBEAR_CLEANUP 1 328 329 /* Use this string since some implementations might special-case it */ 330 #define DROPBEAR_KEEPALIVE_STRING "keepalive@openssh.com" 331 332 /* Linux will attempt TCP fast open, falling back if not supported by the kernel. 333 * Currently server is enabled but client is disabled by default until there 334 * is further compatibility testing */ 335 #ifdef __linux__ 336 #define DROPBEAR_SERVER_TCP_FAST_OPEN 1 337 #define DROPBEAR_CLIENT_TCP_FAST_OPEN 0 338 #else 339 #define DROPBEAR_SERVER_TCP_FAST_OPEN 0 340 #define DROPBEAR_CLIENT_TCP_FAST_OPEN 0 341 #endif 342 343 #define DROPBEAR_TRACKING_MALLOC (DROPBEAR_FUZZ) 344 345 /* Used to work around Memory Sanitizer false positives */ 346 #if defined(__has_feature) 347 # if __has_feature(memory_sanitizer) 348 # define DROPBEAR_MSAN 1 349 # endif 350 #endif 351 #ifndef DROPBEAR_MSAN 352 #define DROPBEAR_MSAN 0 353 #endif 354 355 356 /* no include guard for this file */ 357