1 /*******************************************************************
2  * You shouldn't edit this file unless you know you need to.
3  * This file is only included from options.h
4  *******************************************************************/
5 
6 #ifndef DROPBEAR_VERSION
7 #define DROPBEAR_VERSION "2020.81"
8 #endif
9 
10 #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION
11 #define PROGNAME "dropbear"
12 
13 /* Spec recommends after one hour or 1 gigabyte of data. One hour
14  * is a bit too verbose, so we try 8 hours */
15 #ifndef KEX_REKEY_TIMEOUT
16 #define KEX_REKEY_TIMEOUT (3600 * 8)
17 #endif
18 #ifndef KEX_REKEY_DATA
19 #define KEX_REKEY_DATA (1<<30) /* 2^30 == 1GB, this value must be < INT_MAX */
20 #endif
21 /* Close connections to clients which haven't authorised after AUTH_TIMEOUT */
22 #ifndef AUTH_TIMEOUT
23 #define AUTH_TIMEOUT 300 /* we choose 5 minutes */
24 #endif
25 
26 #define DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT ((DROPBEAR_SVR_PUBKEY_AUTH) && (DROPBEAR_SVR_PUBKEY_OPTIONS))
27 
28 #if !(NON_INETD_MODE || INETD_MODE)
29 	#error "NON_INETD_MODE or INETD_MODE (or both) must be enabled."
30 #endif
31 
32 /* A client should try and send an initial key exchange packet guessing
33  * the algorithm that will match - saves a round trip connecting, has little
34  * overhead if the guess was "wrong". */
35 #ifndef DROPBEAR_KEX_FIRST_FOLLOWS
36 #define DROPBEAR_KEX_FIRST_FOLLOWS 1
37 #endif
38 /* Use protocol extension to allow "first follows" to succeed more frequently.
39  * This is currently Dropbear-specific but will gracefully fallback when connecting
40  * to other implementations. */
41 #ifndef DROPBEAR_KEXGUESS2
42 #define DROPBEAR_KEXGUESS2 1
43 #endif
44 
45 /* Minimum key sizes for DSS and RSA */
46 #ifndef MIN_DSS_KEYLEN
47 #define MIN_DSS_KEYLEN 1024
48 #endif
49 #ifndef MIN_RSA_KEYLEN
50 #define MIN_RSA_KEYLEN 1024
51 #endif
52 
53 #define MAX_BANNER_SIZE 2000 /* this is 25*80 chars, any more is foolish */
54 #define MAX_BANNER_LINES 20 /* How many lines the client will display */
55 
56 /* the number of NAME=VALUE pairs to malloc for environ, if we don't have
57  * the clearenv() function */
58 #define ENV_SIZE 100
59 
60 #define MAX_CMD_LEN 9000 /* max length of a command */
61 #define MAX_TERM_LEN 200 /* max length of TERM name */
62 
63 #define MAX_HOST_LEN 254 /* max hostname len for tcp fwding */
64 #define MAX_IP_LEN 15 /* strlen("255.255.255.255") == 15 */
65 
66 #define DROPBEAR_MAX_PORTS 10 /* max number of ports which can be specified,
67 								 ipv4 and ipv6 don't count twice */
68 
69 /* Each port might have at least a v4 and a v6 address */
70 #define MAX_LISTEN_ADDR (DROPBEAR_MAX_PORTS*3)
71 
72 #define _PATH_TTY "/dev/tty"
73 
74 #define _PATH_CP "/bin/cp"
75 
76 #define DROPBEAR_ESCAPE_CHAR '~'
77 
78 /* success/failure defines */
79 #define DROPBEAR_SUCCESS 0
80 #define DROPBEAR_FAILURE -1
81 
82 #define DROPBEAR_PASSWORD_ENV "DROPBEAR_PASSWORD"
83 
84 #define DROPBEAR_NGROUP_MAX 1024
85 
86 /* Required for pubkey auth */
87 #define DROPBEAR_SIGNKEY_VERIFY ((DROPBEAR_SVR_PUBKEY_AUTH) || (DROPBEAR_CLIENT))
88 
89 #define DROPBEAR_MAX_PASSWORD_LEN 100
90 
91 #define SHA1_HASH_SIZE 20
92 #define MD5_HASH_SIZE 16
93 #define MAX_HASH_SIZE 64 /* sha512 */
94 
95 #if DROPBEAR_CHACHA20POLY1305
96 #define MAX_KEY_LEN 64 /* 2 x 256 bits for chacha20 */
97 #else
98 #define MAX_KEY_LEN 32 /* 256 bits for aes256 etc */
99 #endif
100 #define MAX_IV_LEN 20 /* must be same as max blocksize,  */
101 
102 #if DROPBEAR_SHA2_512_HMAC
103 #define MAX_MAC_LEN 64
104 #elif DROPBEAR_SHA2_256_HMAC
105 #define MAX_MAC_LEN 32
106 #else
107 #define MAX_MAC_LEN 20
108 #endif
109 
110 /* sha2-512 is not necessary unless unforseen problems arise with sha2-256 */
111 #ifndef DROPBEAR_SHA2_512_HMAC
112 #define DROPBEAR_SHA2_512_HMAC 0
113 #endif
114 
115 /* might be needed for compatibility with very old implementations */
116 #ifndef DROPBEAR_MD5_HMAC
117 #define DROPBEAR_MD5_HMAC 0
118 #endif
119 
120 /* Twofish counter mode is disabled by default because it
121 has not been tested for interoperability with other SSH implementations.
122 If you test it please contact the Dropbear author */
123 #ifndef DROPBEAR_TWOFISH_CTR
124 #define DROPBEAR_TWOFISH_CTR 0
125 #endif
126 
127 
128 #define DROPBEAR_ECC ((DROPBEAR_ECDH) || (DROPBEAR_ECDSA))
129 
130 /* Debian doesn't define this in system headers */
131 #if !defined(LTM_DESC) && (DROPBEAR_ECC)
132 #define LTM_DESC
133 #endif
134 
135 #define DROPBEAR_ECC_256 (DROPBEAR_ECC)
136 #define DROPBEAR_ECC_384 (DROPBEAR_ECC)
137 #define DROPBEAR_ECC_521 (DROPBEAR_ECC)
138 
139 #define DROPBEAR_LTC_PRNG (DROPBEAR_ECC)
140 
141 /* RSA can be vulnerable to timing attacks which use the time required for
142  * signing to guess the private key. Blinding avoids this attack, though makes
143  * signing operations slightly slower. */
144 #define DROPBEAR_RSA_BLINDING 1
145 
146 #ifndef DROPBEAR_RSA_SHA1
147 #define DROPBEAR_RSA_SHA1 DROPBEAR_RSA
148 #endif
149 #ifndef DROPBEAR_RSA_SHA256
150 #define DROPBEAR_RSA_SHA256 DROPBEAR_RSA
151 #endif
152 
153 /* hashes which will be linked and registered */
154 #define DROPBEAR_SHA256 ((DROPBEAR_SHA2_256_HMAC) || (DROPBEAR_ECC_256) \
155  			|| (DROPBEAR_CURVE25519) || (DROPBEAR_DH_GROUP14_SHA256) \
156 			|| (DROPBEAR_RSA_SHA256))
157 #define DROPBEAR_SHA384 (DROPBEAR_ECC_384)
158 /* LTC SHA384 depends on SHA512 */
159 #define DROPBEAR_SHA512 ((DROPBEAR_SHA2_512_HMAC) || (DROPBEAR_ECC_521) \
160 			|| (DROPBEAR_SHA384) || (DROPBEAR_DH_GROUP16) \
161 			|| (DROPBEAR_ED25519))
162 #define DROPBEAR_MD5 (DROPBEAR_MD5_HMAC)
163 
164 #define DROPBEAR_DH_GROUP14 ((DROPBEAR_DH_GROUP14_SHA256) || (DROPBEAR_DH_GROUP14_SHA1))
165 
166 #define DROPBEAR_NORMAL_DH ((DROPBEAR_DH_GROUP1) || (DROPBEAR_DH_GROUP14) || (DROPBEAR_DH_GROUP16))
167 
168 /* Dropbear only uses server-sig-algs, only needed if we have rsa-sha256 pubkey auth */
169 #define DROPBEAR_EXT_INFO ((DROPBEAR_RSA_SHA256) \
170 		&& ((DROPBEAR_CLI_PUBKEY_AUTH) || (DROPBEAR_SVR_PUBKEY_AUTH)))
171 
172 /* roughly 2x 521 bits */
173 #define MAX_ECC_SIZE 140
174 
175 #define MAX_NAME_LEN 64 /* maximum length of a protocol name, isn't
176 						   explicitly specified for all protocols (just
177 						   for algos) but seems valid */
178 
179 #define MAX_PROPOSED_ALGO 50
180 
181 /* size/count limits */
182 /* From transport rfc */
183 #define MIN_PACKET_LEN 16
184 
185 #define RECV_MAX_PACKET_LEN (MAX(35000, ((RECV_MAX_PAYLOAD_LEN)+100)))
186 
187 /* for channel code */
188 #define TRANS_MAX_WINDOW 500000000 /* 500MB is sufficient, stopping overflow */
189 #define TRANS_MAX_WIN_INCR 500000000 /* overflow prevention */
190 
191 #define RECV_WINDOWEXTEND (opts.recv_window / 3) /* We send a "window extend" every
192 								RECV_WINDOWEXTEND bytes */
193 #define MAX_RECV_WINDOW (1024*1024) /* 1 MB should be enough */
194 
195 #define MAX_CHANNELS 1000 /* simple mem restriction, includes each tcp/x11
196 							connection, so can't be _too_ small */
197 
198 #define MAX_STRING_LEN (MAX(MAX_CMD_LEN, 2400)) /* Sun SSH needs 2400 for algos,
199                                                    MAX_CMD_LEN is usually longer */
200 
201 /* For a 4096 bit DSS key, empirically determined */
202 #define MAX_PUBKEY_SIZE 1700
203 /* For a 4096 bit DSS key, empirically determined */
204 #define MAX_PRIVKEY_SIZE 1700
205 
206 #define MAX_HOSTKEYS 4
207 
208 /* The maximum size of the bignum portion of the kexhash buffer */
209 /* Sect. 8 of the transport rfc 4253, K_S + e + f + K */
210 #define KEXHASHBUF_MAX_INTS (1700 + 130 + 130 + 130)
211 
212 #define DROPBEAR_MAX_SOCKS 2 /* IPv4, IPv6 are all we'll get for now. Revisit
213 								in a few years time.... */
214 
215 #define DROPBEAR_MAX_CLI_PASS 1024
216 
217 #define DROPBEAR_MAX_CLI_INTERACT_PROMPTS 80 /* The number of prompts we'll
218 												accept for keyb-interactive
219 												auth */
220 
221 
222 #define DROPBEAR_AES ((DROPBEAR_AES256) || (DROPBEAR_AES128))
223 
224 #define DROPBEAR_TWOFISH ((DROPBEAR_TWOFISH256) || (DROPBEAR_TWOFISH128))
225 
226 #define DROPBEAR_AEAD_MODE ((DROPBEAR_CHACHA20POLY1305) || (DROPBEAR_ENABLE_GCM_MODE))
227 
228 #define DROPBEAR_CLI_ANYTCPFWD ((DROPBEAR_CLI_REMOTETCPFWD) || (DROPBEAR_CLI_LOCALTCPFWD))
229 
230 #define DROPBEAR_TCP_ACCEPT ((DROPBEAR_CLI_LOCALTCPFWD) || (DROPBEAR_SVR_REMOTETCPFWD))
231 
232 #define DROPBEAR_LISTENERS \
233    ((DROPBEAR_CLI_REMOTETCPFWD) || (DROPBEAR_CLI_LOCALTCPFWD) || \
234 	(DROPBEAR_SVR_REMOTETCPFWD) || (DROPBEAR_SVR_LOCALTCPFWD) || \
235 	(DROPBEAR_SVR_AGENTFWD) || (DROPBEAR_X11FWD))
236 
237 #define DROPBEAR_CLI_MULTIHOP ((DROPBEAR_CLI_NETCAT) && (DROPBEAR_CLI_PROXYCMD))
238 
239 #define ENABLE_CONNECT_UNIX ((DROPBEAR_CLI_AGENTFWD) || (DROPBEAR_USE_PRNGD))
240 
241 /* if we're using authorized_keys or known_hosts */
242 #define DROPBEAR_KEY_LINES ((DROPBEAR_CLIENT) || (DROPBEAR_SVR_PUBKEY_AUTH))
243 
244 /* Changing this is inadvisable, it appears to have problems
245  * with flushing compressed data */
246 #define DROPBEAR_ZLIB_MEM_LEVEL 8
247 
248 #if (DROPBEAR_SVR_PASSWORD_AUTH) && (DROPBEAR_SVR_PAM_AUTH)
249 #error "You can't turn on PASSWORD and PAM auth both at once. Fix it in localoptions.h"
250 #endif
251 
252 /* PAM requires ./configure --enable-pam */
253 #if !defined(HAVE_LIBPAM) && DROPBEAR_SVR_PAM_AUTH
254 #error "DROPBEAR_SVR_PATM_AUTH requires PAM headers. Perhaps ./configure --enable-pam ?"
255 #endif
256 
257 #if DROPBEAR_SVR_PASSWORD_AUTH && !HAVE_CRYPT
258 	#error "DROPBEAR_SVR_PASSWORD_AUTH requires `crypt()'."
259 #endif
260 
261 #if !(DROPBEAR_SVR_PASSWORD_AUTH || DROPBEAR_SVR_PAM_AUTH || DROPBEAR_SVR_PUBKEY_AUTH)
262 	#error "At least one server authentication type must be enabled. DROPBEAR_SVR_PUBKEY_AUTH and DROPBEAR_SVR_PASSWORD_AUTH are recommended."
263 #endif
264 
265 #if (DROPBEAR_PLUGIN && !DROPBEAR_SVR_PUBKEY_AUTH)
266 	#error "You must define DROPBEAR_SVR_PUBKEY_AUTH in order to use plugins"
267 #endif
268 
269 #if !(DROPBEAR_AES128 || DROPBEAR_3DES || DROPBEAR_AES256 || DROPBEAR_BLOWFISH \
270       || DROPBEAR_TWOFISH256 || DROPBEAR_TWOFISH128 || DROPBEAR_CHACHA20POLY1305)
271 	#error "At least one encryption algorithm must be enabled. AES128 is recommended."
272 #endif
273 
274 #if !(DROPBEAR_RSA || DROPBEAR_DSS || DROPBEAR_ECDSA || DROPBEAR_ED25519)
275 	#error "At least one hostkey or public-key algorithm must be enabled; RSA is recommended."
276 #endif
277 
278 /* Source for randomness. This must be able to provide hundreds of bytes per SSH
279  * connection without blocking. */
280 #ifndef DROPBEAR_URANDOM_DEV
281 #define DROPBEAR_URANDOM_DEV "/dev/urandom"
282 #endif
283 
284 /* client keyboard interactive authentication is often used for password auth.
285  rfc4256 */
286 #define DROPBEAR_CLI_INTERACT_AUTH (DROPBEAR_CLI_PASSWORD_AUTH)
287 
288 /* We use dropbear_client and dropbear_server as shortcuts to avoid redundant
289  * code, if we're just compiling as client or server */
290 #if (DROPBEAR_SERVER) && (DROPBEAR_CLIENT)
291 
292 #define IS_DROPBEAR_SERVER (ses.isserver == 1)
293 #define IS_DROPBEAR_CLIENT (ses.isserver == 0)
294 
295 #elif DROPBEAR_SERVER
296 
297 #define IS_DROPBEAR_SERVER 1
298 #define IS_DROPBEAR_CLIENT 0
299 
300 #elif DROPBEAR_CLIENT
301 
302 #define IS_DROPBEAR_SERVER 0
303 #define IS_DROPBEAR_CLIENT 1
304 
305 #else
306 /* Just building key utils? */
307 #define IS_DROPBEAR_SERVER 0
308 #define IS_DROPBEAR_CLIENT 0
309 
310 #endif /* neither DROPBEAR_SERVER nor DROPBEAR_CLIENT */
311 
312 #ifdef HAVE_FORK
313 #define DROPBEAR_VFORK 0
314 #else
315 #define DROPBEAR_VFORK 1
316 #endif
317 
318 #ifndef DROPBEAR_LISTEN_BACKLOG
319 #if MAX_UNAUTH_CLIENTS > MAX_CHANNELS
320 #define DROPBEAR_LISTEN_BACKLOG MAX_UNAUTH_CLIENTS
321 #else
322 #define DROPBEAR_LISTEN_BACKLOG MAX_CHANNELS
323 #endif
324 #endif
325 
326 /* free memory before exiting */
327 #define DROPBEAR_CLEANUP 1
328 
329 /* Use this string since some implementations might special-case it */
330 #define DROPBEAR_KEEPALIVE_STRING "keepalive@openssh.com"
331 
332 /* Linux will attempt TCP fast open, falling back if not supported by the kernel.
333  * Currently server is enabled but client is disabled by default until there
334  * is further compatibility testing */
335 #ifdef __linux__
336 #define DROPBEAR_SERVER_TCP_FAST_OPEN 1
337 #define DROPBEAR_CLIENT_TCP_FAST_OPEN 0
338 #else
339 #define DROPBEAR_SERVER_TCP_FAST_OPEN 0
340 #define DROPBEAR_CLIENT_TCP_FAST_OPEN 0
341 #endif
342 
343 #define DROPBEAR_TRACKING_MALLOC (DROPBEAR_FUZZ)
344 
345 /* Used to work around Memory Sanitizer false positives */
346 #if defined(__has_feature)
347 #  if __has_feature(memory_sanitizer)
348 #    define DROPBEAR_MSAN 1
349 #  endif
350 #endif
351 #ifndef DROPBEAR_MSAN
352 #define DROPBEAR_MSAN 0
353 #endif
354 
355 
356 /* no include guard for this file */
357