mailarchive of the ptxdist mailing list
 help / color / mirror / Atom feed
* [ptxdist] [PATCH 0/8] dropbear: version bump and option revise
@ 2022-07-04 12:18 Alexander Dahl
  2022-07-04 12:18 ` [ptxdist] [PATCH 1/8] dropbear: version bump 2020.81 -> 2022.82 Alexander Dahl
                   ` (7 more replies)
  0 siblings, 8 replies; 22+ messages in thread
From: Alexander Dahl @ 2022-07-04 12:18 UTC (permalink / raw)
  To: ptxdist; +Cc: Ian Abbott, Bruno Thomsen

Hei hei,

so the important change here is the version bump in the first of the
eight patches.  All the other patches change or fix things which
bugged me over the years.  Since this is touching a security sensitive
service, I would be happy about thorough review.

Greets
Alex

Alexander Dahl (8):
  dropbear: version bump 2020.81 -> 2022.82
  dropbear: Add ed25519 hostkey/public key support
  dropbear: Remove curve25519 dependency
  dropbear: Make Chacha20-Poly1305 encryption optional
  dropbear: Append hints to some menu prompts
  dropbear: Rework key exchange algorithm options
  dropbear: Add conditional comments with warnings
  dropbear: Move option groups to sub menus

 projectroot/etc/init.d/dropbear      |   3 +
 projectroot/etc/rc.once.d/dropbear   |   3 +
 projectroot/usr/lib/init/dropbear.sh |   1 +
 rules/dropbear.in                    | 142 ++++++++++++++++++++-------
 rules/dropbear.make                  |  74 ++++++++++----
 5 files changed, 170 insertions(+), 53 deletions(-)


base-commit: 7384b37919cb66e12ff15b4264325cb5eba911c3
-- 
2.30.2




^ permalink raw reply	[flat|nested] 22+ messages in thread

* [ptxdist] [PATCH 1/8] dropbear: version bump 2020.81 -> 2022.82
  2022-07-04 12:18 [ptxdist] [PATCH 0/8] dropbear: version bump and option revise Alexander Dahl
@ 2022-07-04 12:18 ` Alexander Dahl
  2022-07-08 15:13   ` Michael Olbrich
  2022-07-29  6:23   ` [ptxdist] [APPLIED] dropbear: version bump 2020.81 -> 2022.82 Michael Olbrich
  2022-07-04 12:18 ` [ptxdist] [PATCH 2/8] dropbear: Add ed25519 hostkey/public key support Alexander Dahl
                   ` (6 subsequent siblings)
  7 siblings, 2 replies; 22+ messages in thread
From: Alexander Dahl @ 2022-07-04 12:18 UTC (permalink / raw)
  To: ptxdist; +Cc: Ian Abbott, Bruno Thomsen

Noteworthy pieces from a longer list of changes and fixes:

- New server support for U2F/FIDO keys (explicitly disabled for now)
- Removed Twofish cipher
- Dropbear now re-executes itself rather than just forking for each connection
- A missing home directory is now non-fatal, starting in / instead

Link: https://matt.ucc.asn.au/dropbear/CHANGES
Signed-off-by: Alexander Dahl <ada@thorsis.com>
---
 rules/dropbear.in   | 23 -----------------------
 rules/dropbear.make | 25 +++++++------------------
 2 files changed, 7 insertions(+), 41 deletions(-)

diff --git a/rules/dropbear.in b/rules/dropbear.in
index 8ae2d788b..553e0268c 100644
--- a/rules/dropbear.in
+++ b/rules/dropbear.in
@@ -169,29 +169,6 @@ config DROPBEAR_AES256
 	  algorithm that may be used by U.S. Government organizations
 	  (and others) to protect sensitive information.
 
-
-config DROPBEAR_TWOFISH128
-	bool
-	prompt "Twofish128"
-	help
-	  Another great algorithm designed by Bruce Schneier.
-	  This block cipher was designed as a successor to
-	  the 64-bit Blowfish block cipher.
-	  Twofish combines a 16-round Feistel network with a
-	  bijective f function made by four key-dependent
-	  8x8-bit S-boxes.
-
-config DROPBEAR_TWOFISH256
-	bool
-	prompt "Twofish256"
-	help
-	  Another great algorithm designed by Bruce Schneier.
-	  This block cipher was designed as a successor to
-	  the 64-bit Blowfish block cipher.
-	  Twofish combines a 16-round Feistel network with a
-	  bijective f function made by four key-dependent
-	  8x8-bit S-boxes.
-
 config DROPBEAR_CBC_CIPHERS
 	bool
 	prompt "CBC mode ciphers"
diff --git a/rules/dropbear.make b/rules/dropbear.make
index cb949d761..3a434e2c8 100644
--- a/rules/dropbear.make
+++ b/rules/dropbear.make
@@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_DROPBEAR) += dropbear
 #
 # Paths and names
 #
-DROPBEAR_VERSION	:= 2020.81
-DROPBEAR_MD5		:= a07438a6159a24c61f98f1bce2d479c0
+DROPBEAR_VERSION	:= 2022.82
+DROPBEAR_MD5		:= 7a4a5f2c6d23ff2e6627c97d7c1aeceb
 DROPBEAR		:= dropbear-$(DROPBEAR_VERSION)
 DROPBEAR_SUFFIX		:= tar.bz2
 DROPBEAR_URL		:= https://matt.ucc.asn.au/dropbear/releases/$(DROPBEAR).$(DROPBEAR_SUFFIX)
@@ -42,6 +42,7 @@ DROPBEAR_CONF_TOOL	:= autoconf
 DROPBEAR_CONF_OPT 	:= \
 	$(CROSS_AUTOCONF_USR) \
 	--enable-harden \
+	--disable-werror \
 	$(GLOBAL_LARGE_FILE_OPTION) \
 	--$(call ptx/endis, PTXCONF_DROPBEAR_ZLIB)-zlib \
 	--disable-pam \
@@ -126,22 +127,6 @@ else
 	@echo "#define DROPBEAR_AES256 0" >> $(DROPBEAR_LOCALOPTIONS)
 endif
 
-ifdef PTXCONF_DROPBEAR_TWOFISH256
-	@echo "ptxdist: enabling twofish256"
-	@echo "#define DROPBEAR_TWOFISH256 1" >> $(DROPBEAR_LOCALOPTIONS)
-else
-	@echo "ptxdist: disabling twofish256"
-	@echo "#define DROPBEAR_TWOFISH256 0" >> $(DROPBEAR_LOCALOPTIONS)
-endif
-
-ifdef PTXCONF_DROPBEAR_TWOFISH128
-	@echo "ptxdist: enabling twofish128"
-	@echo "#define DROPBEAR_TWOFISH128 1" >> $(DROPBEAR_LOCALOPTIONS)
-else
-	@echo "ptxdist: disabling twofish128"
-	@echo "#define DROPBEAR_TWOFISH128 0" >> $(DROPBEAR_LOCALOPTIONS)
-endif
-
 # ciphers
 ifdef PTXCONF_DROPBEAR_CBC_CIPHERS
 	@echo "ptxdist: enabling cbc ciphers"
@@ -217,6 +202,10 @@ else
 	@echo "#define DROPBEAR_ECDSA 0" >> $(DROPBEAR_LOCALOPTIONS)
 endif
 
+	@echo "ptxdist: disabling u2f security key support"
+	@echo "#define DROPBEAR_SK_ECDSA 0" >> $(DROPBEAR_LOCALOPTIONS)
+	@echo "#define DROPBEAR_SK_ED25519 0" >> $(DROPBEAR_LOCALOPTIONS)
+
 # key exchange algorithm
 ifdef PTXCONF_DROPBEAR_ECDH
 	@echo "ptxdist: enabling ecdh"
-- 
2.30.2




^ permalink raw reply	[flat|nested] 22+ messages in thread

* [ptxdist] [PATCH 2/8] dropbear: Add ed25519 hostkey/public key support
  2022-07-04 12:18 [ptxdist] [PATCH 0/8] dropbear: version bump and option revise Alexander Dahl
  2022-07-04 12:18 ` [ptxdist] [PATCH 1/8] dropbear: version bump 2020.81 -> 2022.82 Alexander Dahl
@ 2022-07-04 12:18 ` Alexander Dahl
  2022-07-29  6:23   ` [ptxdist] [APPLIED] " Michael Olbrich
  2022-07-04 12:18 ` [ptxdist] [PATCH 3/8] dropbear: Remove curve25519 dependency Alexander Dahl
                   ` (5 subsequent siblings)
  7 siblings, 1 reply; 22+ messages in thread
From: Alexander Dahl @ 2022-07-04 12:18 UTC (permalink / raw)
  To: ptxdist; +Cc: Ian Abbott, Bruno Thomsen

This is supported by dropbear since version 2020.79, but was not used by
ptxdist yet.

Signed-off-by: Alexander Dahl <ada@thorsis.com>
---
 projectroot/etc/init.d/dropbear      |  3 +++
 projectroot/etc/rc.once.d/dropbear   |  3 +++
 projectroot/usr/lib/init/dropbear.sh |  1 +
 rules/dropbear.in                    | 12 ++++++++++++
 rules/dropbear.make                  | 11 +++++++++++
 5 files changed, 30 insertions(+)

diff --git a/projectroot/etc/init.d/dropbear b/projectroot/etc/init.d/dropbear
index 2039340b2..1b16de20a 100644
--- a/projectroot/etc/init.d/dropbear
+++ b/projectroot/etc/init.d/dropbear
@@ -25,6 +25,9 @@ dropbear_start() {
             ecdsa)
                 test -f "$DROPBEAR_ECDSAKEY" && KEY_ARGS="$KEY_ARGS -r $DROPBEAR_ECDSAKEY"
                 ;;
+            ed25519)
+                test -f "$DROPBEAR_ED25519KEY" && KEY_ARGS="$KEY_ARGS -r $DROPBEAR_ED25519KEY"
+                ;;
             *)
                 echo "Key type '$keytype' not supported"
                 ;;
diff --git a/projectroot/etc/rc.once.d/dropbear b/projectroot/etc/rc.once.d/dropbear
index a8725616a..191f6c61b 100644
--- a/projectroot/etc/rc.once.d/dropbear
+++ b/projectroot/etc/rc.once.d/dropbear
@@ -28,6 +28,9 @@ gen_keys() {
 			ecdsa)
 				gen_key ecdsa "$DROPBEAR_ECDSAKEY" || return
 				;;
+			ed25519)
+				gen_key ed25519 "$DROPBEAR_ED25519KEY" || return
+				;;
 			*)
 				echo "Key type '$keytype' not supported"
 				;;
diff --git a/projectroot/usr/lib/init/dropbear.sh b/projectroot/usr/lib/init/dropbear.sh
index 12fd6e5ce..aa375fe3c 100644
--- a/projectroot/usr/lib/init/dropbear.sh
+++ b/projectroot/usr/lib/init/dropbear.sh
@@ -2,4 +2,5 @@
 
 DROPBEAR_RSAKEY='@KEYDIR@/dropbear_rsa_host_key'
 DROPBEAR_ECDSAKEY='@KEYDIR@/dropbear_ecdsa_host_key'
+DROPBEAR_ED25519KEY='@KEYDIR@/dropbear_ed25519_host_key'
 DROPBEAR_KEYTYPES='@KEYTYPES@'
diff --git a/rules/dropbear.in b/rules/dropbear.in
index 553e0268c..a7698ba20 100644
--- a/rules/dropbear.in
+++ b/rules/dropbear.in
@@ -256,6 +256,18 @@ config DROPBEAR_ECDSA
 	  ECDSA stands for Elliptic Curve Digital Signature Algorithm.
 	  ECDSA is significantly faster than RSA.
 
+config DROPBEAR_ED25519
+	bool
+	prompt "ed25519"
+	default y
+	help
+	  Ed25519 is the EdDSA signature scheme using SHA-512 (SHA-2)
+	  and Curve25519.
+	  Ed25519 is intended to provide attack resistance comparable to
+	  quality 128-bit symmetric ciphers.
+	  Public keys are 256 bits long and signatures are 512 bits
+	  long.
+
 comment "Key exchange algorithm ---"
 
 config DROPBEAR_ECDH
diff --git a/rules/dropbear.make b/rules/dropbear.make
index 3a434e2c8..a5ff02c9e 100644
--- a/rules/dropbear.make
+++ b/rules/dropbear.make
@@ -202,6 +202,14 @@ else
 	@echo "#define DROPBEAR_ECDSA 0" >> $(DROPBEAR_LOCALOPTIONS)
 endif
 
+ifdef PTXCONF_DROPBEAR_ED25519
+	@echo "ptxdist: enabling ed25519"
+	@echo "#define DROPBEAR_ED25519 1" >> $(DROPBEAR_LOCALOPTIONS)
+else
+	@echo "ptxdist: disabling ed25519"
+	@echo "#define DROPBEAR_ED25519 0" >> $(DROPBEAR_LOCALOPTIONS)
+endif
+
 	@echo "ptxdist: disabling u2f security key support"
 	@echo "#define DROPBEAR_SK_ECDSA 0" >> $(DROPBEAR_LOCALOPTIONS)
 	@echo "#define DROPBEAR_SK_ED25519 0" >> $(DROPBEAR_LOCALOPTIONS)
@@ -263,6 +271,9 @@ endif
 ifdef PTXCONF_DROPBEAR_ECDSA
 DROPBEAR_KEY_TYPES	+= ecdsa
 endif
+ifdef PTXCONF_DROPBEAR_ED25519
+DROPBEAR_KEY_TYPES	+= ed25519
+endif
 
 $(STATEDIR)/dropbear.targetinstall:
 	@$(call targetinfo)
-- 
2.30.2




^ permalink raw reply	[flat|nested] 22+ messages in thread

* [ptxdist] [PATCH 3/8] dropbear: Remove curve25519 dependency
  2022-07-04 12:18 [ptxdist] [PATCH 0/8] dropbear: version bump and option revise Alexander Dahl
  2022-07-04 12:18 ` [ptxdist] [PATCH 1/8] dropbear: version bump 2020.81 -> 2022.82 Alexander Dahl
  2022-07-04 12:18 ` [ptxdist] [PATCH 2/8] dropbear: Add ed25519 hostkey/public key support Alexander Dahl
@ 2022-07-04 12:18 ` Alexander Dahl
  2022-07-29  6:23   ` [ptxdist] [APPLIED] " Michael Olbrich
  2022-07-04 12:18 ` [ptxdist] [PATCH 4/8] dropbear: Make Chacha20-Poly1305 encryption optional Alexander Dahl
                   ` (4 subsequent siblings)
  7 siblings, 1 reply; 22+ messages in thread
From: Alexander Dahl @ 2022-07-04 12:18 UTC (permalink / raw)
  To: ptxdist; +Cc: Ian Abbott, Bruno Thomsen

Builds fine with DROPBEAR_CURVE25519 only.  Runtime tests successful.

Signed-off-by: Alexander Dahl <ada@thorsis.com>
---
 rules/dropbear.in | 1 -
 1 file changed, 1 deletion(-)

diff --git a/rules/dropbear.in b/rules/dropbear.in
index a7698ba20..bbeb25f89 100644
--- a/rules/dropbear.in
+++ b/rules/dropbear.in
@@ -278,7 +278,6 @@ config DROPBEAR_ECDH
 
 config DROPBEAR_CURVE25519
 	bool
-	depends on DROPBEAR_ECDSA || DROPBEAR_ECDH
 	prompt "curve25519-donna"
 	help
 	  Enable curve25519-donna for key exchange.
-- 
2.30.2




^ permalink raw reply	[flat|nested] 22+ messages in thread

* [ptxdist] [PATCH 4/8] dropbear: Make Chacha20-Poly1305 encryption optional
  2022-07-04 12:18 [ptxdist] [PATCH 0/8] dropbear: version bump and option revise Alexander Dahl
                   ` (2 preceding siblings ...)
  2022-07-04 12:18 ` [ptxdist] [PATCH 3/8] dropbear: Remove curve25519 dependency Alexander Dahl
@ 2022-07-04 12:18 ` Alexander Dahl
  2022-07-29  6:23   ` [ptxdist] [APPLIED] " Michael Olbrich
  2022-07-04 12:18 ` [ptxdist] [PATCH 5/8] dropbear: Append hints to some menu prompts Alexander Dahl
                   ` (3 subsequent siblings)
  7 siblings, 1 reply; 22+ messages in thread
From: Alexander Dahl @ 2022-07-04 12:18 UTC (permalink / raw)
  To: ptxdist; +Cc: Ian Abbott, Bruno Thomsen

Making this optional was basically for testing purposes, but might be
interesting for users who want to squeeze out the last few bytes.
The option is enabled by dropbear by default, so now it's possible to
disable it in ptxdist.

Signed-off-by: Alexander Dahl <ada@thorsis.com>
---
 rules/dropbear.in   | 10 ++++++++++
 rules/dropbear.make |  8 ++++++++
 2 files changed, 18 insertions(+)

diff --git a/rules/dropbear.in b/rules/dropbear.in
index bbeb25f89..375d4c57c 100644
--- a/rules/dropbear.in
+++ b/rules/dropbear.in
@@ -169,6 +169,16 @@ config DROPBEAR_AES256
 	  algorithm that may be used by U.S. Government organizations
 	  (and others) to protect sensitive information.
 
+config DROPBEAR_CHACHA20POLY1305
+	bool
+	prompt "Chacha20-Poly1305"
+	default y
+	help
+	  Enable Chacha20-Poly1305 authenticated encryption mode.
+	  This is generally faster than AES256 on CPU w/o dedicated AES
+	  instructions, having the same key size.
+	  Recommended.
+
 config DROPBEAR_CBC_CIPHERS
 	bool
 	prompt "CBC mode ciphers"
diff --git a/rules/dropbear.make b/rules/dropbear.make
index a5ff02c9e..7653cf3e5 100644
--- a/rules/dropbear.make
+++ b/rules/dropbear.make
@@ -127,6 +127,14 @@ else
 	@echo "#define DROPBEAR_AES256 0" >> $(DROPBEAR_LOCALOPTIONS)
 endif
 
+ifdef PTXCONF_DROPBEAR_CHACHA20POLY1305
+	@echo "ptxdist: enabling chacha20-poly1305"
+	@echo "#define DROPBEAR_CHACHA20POLY1305 1" >> $(DROPBEAR_LOCALOPTIONS)
+else
+	@echo "ptxdist: disabling chacha20-poly1305"
+	@echo "#define DROPBEAR_CHACHA20POLY1305 0" >> $(DROPBEAR_LOCALOPTIONS)
+endif
+
 # ciphers
 ifdef PTXCONF_DROPBEAR_CBC_CIPHERS
 	@echo "ptxdist: enabling cbc ciphers"
-- 
2.30.2




^ permalink raw reply	[flat|nested] 22+ messages in thread

* [ptxdist] [PATCH 5/8] dropbear: Append hints to some menu prompts
  2022-07-04 12:18 [ptxdist] [PATCH 0/8] dropbear: version bump and option revise Alexander Dahl
                   ` (3 preceding siblings ...)
  2022-07-04 12:18 ` [ptxdist] [PATCH 4/8] dropbear: Make Chacha20-Poly1305 encryption optional Alexander Dahl
@ 2022-07-04 12:18 ` Alexander Dahl
  2022-07-29  6:23   ` [ptxdist] [APPLIED] " Michael Olbrich
  2022-07-04 12:18 ` [ptxdist] [PATCH 6/8] dropbear: Rework key exchange algorithm options Alexander Dahl
                   ` (2 subsequent siblings)
  7 siblings, 1 reply; 22+ messages in thread
From: Alexander Dahl @ 2022-07-04 12:18 UTC (permalink / raw)
  To: ptxdist; +Cc: Ian Abbott, Bruno Thomsen

We present multiple options in the menu here, so add some more guidance
for the non experienced user.

Signed-off-by: Alexander Dahl <ada@thorsis.com>
---
 rules/dropbear.in | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/rules/dropbear.in b/rules/dropbear.in
index 375d4c57c..f7f96a762 100644
--- a/rules/dropbear.in
+++ b/rules/dropbear.in
@@ -149,7 +149,7 @@ config DROPBEAR_AES128
 
 config DROPBEAR_3DES
 	bool
-	prompt "3DES"
+	prompt "3DES (legacy)"
 	help
 	  DES is an IBM algorithm designed during the 1970s.
 	  In 1976, NIST has officially adopted it as an encryption
@@ -181,7 +181,7 @@ config DROPBEAR_CHACHA20POLY1305
 
 config DROPBEAR_CBC_CIPHERS
 	bool
-	prompt "CBC mode ciphers"
+	prompt "CBC mode ciphers (legacy)"
 	help
 	  Enable CBC mode for ciphers. This has security issues though
 	  is the most compatible with older SSH implementations.
@@ -195,11 +195,11 @@ config DROPBEAR_CTR_CIPHERS
 	  CBC mode against certain attacks. This adds around 1kB to binary
 	  size and is recommended for most cases.
 
-comment "Integrity, at least one required --- sha2-256 is recommended as a default, sha1 for compatibility"
+comment "Message Integrity (HMAC), at least one required ---"
 
 config DROPBEAR_SHA1
 	bool
-	prompt "sha1"
+	prompt "sha1 (compat)"
 	help
 	  The Secure Hash Algorithm (SHA) was developed by NIST and
 	  is specified in the Secure Hash Standard (SHS, FIPS 180).
@@ -211,7 +211,7 @@ config DROPBEAR_SHA1
 
 config DROPBEAR_SHA1_96
 	bool
-	prompt "sha1-96"
+	prompt "sha1-96 (legacy)"
 	help
 	  The Secure Hash Algorithm (SHA) was developed by NIST and
 	  is specified in the Secure Hash Standard (SHS, FIPS 180).
@@ -223,7 +223,7 @@ config DROPBEAR_SHA1_96
 
 config DROPBEAR_SHA256
 	bool
-	prompt "sha256"
+	prompt "sha256 (recommended)"
 	default y
 	help
 	  SHA-2 is a set of cryptographic hash functions (SHA-224, SHA-256,
-- 
2.30.2




^ permalink raw reply	[flat|nested] 22+ messages in thread

* [ptxdist] [PATCH 6/8] dropbear: Rework key exchange algorithm options
  2022-07-04 12:18 [ptxdist] [PATCH 0/8] dropbear: version bump and option revise Alexander Dahl
                   ` (4 preceding siblings ...)
  2022-07-04 12:18 ` [ptxdist] [PATCH 5/8] dropbear: Append hints to some menu prompts Alexander Dahl
@ 2022-07-04 12:18 ` Alexander Dahl
  2022-07-04 12:31   ` Ian Abbott
  2022-07-29  6:23   ` [ptxdist] [APPLIED] " Michael Olbrich
  2022-07-04 12:18 ` [ptxdist] [PATCH 7/8] dropbear: Add conditional comments with warnings Alexander Dahl
  2022-07-04 12:18 ` [ptxdist] [PATCH 8/8] dropbear: Move option groups to sub menus Alexander Dahl
  7 siblings, 2 replies; 22+ messages in thread
From: Alexander Dahl @ 2022-07-04 12:18 UTC (permalink / raw)
  To: ptxdist; +Cc: Ian Abbott, Bruno Thomsen

The options for diffie-hellman key exchange were mixed up with message
integrity hmacs.

Signed-off-by: Alexander Dahl <ada@thorsis.com>
---
 rules/dropbear.in   | 43 +++++++++++++++++++++++++++++++++++++++++--
 rules/dropbear.make | 36 ++++++++++++++++++++++++++++++++----
 2 files changed, 73 insertions(+), 6 deletions(-)

diff --git a/rules/dropbear.in b/rules/dropbear.in
index f7f96a762..043b0e76d 100644
--- a/rules/dropbear.in
+++ b/rules/dropbear.in
@@ -278,23 +278,62 @@ config DROPBEAR_ED25519
 	  Public keys are 256 bits long and signatures are 512 bits
 	  long.
 
-comment "Key exchange algorithm ---"
+comment "Key exchange algorithm, at least one required ---"
+
+config DROPBEAR_DH_GROUP14_SHA256
+	bool
+	prompt "group14_sha256"
+	default y
+	help
+	  2048 bit, sha2-256.
+	  group14 is supported by most implementations.
+
+config DROPBEAR_DH_GROUP14_SHA1
+	bool
+	prompt "group14_sha1"
+	help
+	  2048 bit, sha1.
+	  group14 is supported by most implementations.
+
+config DROPBEAR_DH_GROUP16
+	bool
+	prompt "group16"
+	help
+	  4096 bit, sha2-512.
+	  group16 provides a greater strength level but is slower and
+	  increases binary size.
 
 config DROPBEAR_ECDH
 	bool
 	prompt "ecdh"
 	help
 	  ECDH stands for Elliptic Curve Diffie-Hellman.
+	  
+	  Small systems should generally include either curve25519 or
+	  ecdh for performance.
 
 config DROPBEAR_CURVE25519
 	bool
-	prompt "curve25519-donna"
+	prompt "curve25519"
 	help
 	  Enable curve25519-donna for key exchange.
 	  This is another elliptic curve method with good security properties.
 	  This algorithm does not rely on NIST-based curves
 	  and gives us more security confidence against a possible
 	  backdoor in nistp-256 curve.
+	  
+	  Small systems should generally include either curve25519 or
+	  ecdh for performance.
+
+config DROPBEAR_DH_GROUP1
+	bool
+	prompt "group1 (legacy, client only)"
+	help
+	  1024 bit, sha1.
+	  is too small for security though is necessary if you need
+	  compatibility with some implementations such as Dropbear
+	  versions < 0.53.
+	  Client only!
 
 comment "Authentication types, at least one required --- RFC Draft requires pubkey auth"
 
diff --git a/rules/dropbear.make b/rules/dropbear.make
index 7653cf3e5..e86b8bf43 100644
--- a/rules/dropbear.make
+++ b/rules/dropbear.make
@@ -157,13 +157,9 @@ endif
 ifdef PTXCONF_DROPBEAR_SHA1
 	@echo "ptxdist: enabling sha1"
 	@echo "#define DROPBEAR_SHA1_HMAC 1" >> $(DROPBEAR_LOCALOPTIONS)
-	@echo "#define DROPBEAR_DH_GROUP1 1" >> $(DROPBEAR_LOCALOPTIONS)
-	@echo "#define DROPBEAR_DH_GROUP14_SHA1 1" >> $(DROPBEAR_LOCALOPTIONS)
 else
 	@echo "ptxdist: disabling sha1"
 	@echo "#define DROPBEAR_SHA1_HMAC 0" >> $(DROPBEAR_LOCALOPTIONS)
-	@echo "#define DROPBEAR_DH_GROUP1 0" >> $(DROPBEAR_LOCALOPTIONS)
-	@echo "#define DROPBEAR_DH_GROUP14_SHA1 0" >> $(DROPBEAR_LOCALOPTIONS)
 endif
 
 ifdef PTXCONF_DROPBEAR_SHA1_96
@@ -223,6 +219,30 @@ endif
 	@echo "#define DROPBEAR_SK_ED25519 0" >> $(DROPBEAR_LOCALOPTIONS)
 
 # key exchange algorithm
+ifdef PTXCONF_DROPBEAR_DH_GROUP14_SHA256
+	@echo "ptxdist: enabling dh_group14_sha256"
+	@echo "#define DROPBEAR_DH_GROUP14_SHA256 1" >> $(DROPBEAR_LOCALOPTIONS)
+else
+	@echo "ptxdist: disabling dh_group14_sha256"
+	@echo "#define DROPBEAR_DH_GROUP14_SHA256 0" >> $(DROPBEAR_LOCALOPTIONS)
+endif
+
+ifdef PTXCONF_DROPBEAR_DH_GROUP14_SHA1
+	@echo "ptxdist: enabling dh_group14_sha1"
+	@echo "#define DROPBEAR_DH_GROUP14_SHA1 1" >> $(DROPBEAR_LOCALOPTIONS)
+else
+	@echo "ptxdist: disabling dh_group14_sha1"
+	@echo "#define DROPBEAR_DH_GROUP14_SHA1 0" >> $(DROPBEAR_LOCALOPTIONS)
+endif
+
+ifdef PTXCONF_DROPBEAR_DH_GROUP16
+	@echo "ptxdist: enabling dh_group16"
+	@echo "#define DROPBEAR_DH_GROUP16 1" >> $(DROPBEAR_LOCALOPTIONS)
+else
+	@echo "ptxdist: disabling dh_group16"
+	@echo "#define DROPBEAR_DH_GROUP16 0" >> $(DROPBEAR_LOCALOPTIONS)
+endif
+
 ifdef PTXCONF_DROPBEAR_ECDH
 	@echo "ptxdist: enabling ecdh"
 	@echo "#define DROPBEAR_ECDH 1" >> $(DROPBEAR_LOCALOPTIONS)
@@ -239,6 +259,14 @@ else
 	@echo "#define DROPBEAR_CURVE25519 0" >> $(DROPBEAR_LOCALOPTIONS)
 endif
 
+ifdef PTXCONF_DROPBEAR_DH_GROUP1
+	@echo "ptxdist: enabling dh_group1"
+	@echo "#define DROPBEAR_DH_GROUP1 1" >> $(DROPBEAR_LOCALOPTIONS)
+else
+	@echo "ptxdist: disabling dh_group1"
+	@echo "#define DROPBEAR_DH_GROUP1 0" >> $(DROPBEAR_LOCALOPTIONS)
+endif
+
 # authentication types
 ifdef PTXCONF_DROPBEAR_PASSWD
 	@echo "ptxdist: enabling passwd"
-- 
2.30.2




^ permalink raw reply	[flat|nested] 22+ messages in thread

* [ptxdist] [PATCH 7/8] dropbear: Add conditional comments with warnings
  2022-07-04 12:18 [ptxdist] [PATCH 0/8] dropbear: version bump and option revise Alexander Dahl
                   ` (5 preceding siblings ...)
  2022-07-04 12:18 ` [ptxdist] [PATCH 6/8] dropbear: Rework key exchange algorithm options Alexander Dahl
@ 2022-07-04 12:18 ` Alexander Dahl
  2022-07-29  6:23   ` [ptxdist] [APPLIED] " Michael Olbrich
  2022-07-04 12:18 ` [ptxdist] [PATCH 8/8] dropbear: Move option groups to sub menus Alexander Dahl
  7 siblings, 1 reply; 22+ messages in thread
From: Alexander Dahl @ 2022-07-04 12:18 UTC (permalink / raw)
  To: ptxdist; +Cc: Ahmad Fatoum, Ian Abbott, Bruno Thomsen

We have multiple groups where it is required to select at least one (and
optionally more) option.  On some groups selecting no option would fail
at buildtime, on other dropbear would build and run, but necessary user
interactions (like log in) would not be possible at runtime, e.g.
because no message integrity hmac method was built in.

These warnings still allow not selecting any option, but should give a
stronger hint than before, that this would be a bad idea.

Suggested-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
Signed-off-by: Alexander Dahl <ada@thorsis.com>
---
 rules/dropbear.in | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/rules/dropbear.in b/rules/dropbear.in
index 043b0e76d..4f6a6a906 100644
--- a/rules/dropbear.in
+++ b/rules/dropbear.in
@@ -179,6 +179,9 @@ config DROPBEAR_CHACHA20POLY1305
 	  instructions, having the same key size.
 	  Recommended.
 
+comment "WARNING: No encryption method selected!"
+	depends on !DROPBEAR_AES128 && !DROPBEAR_3DES && !DROPBEAR_AES256 && !DROPBEAR_CHACHA20POLY1305
+
 config DROPBEAR_CBC_CIPHERS
 	bool
 	prompt "CBC mode ciphers (legacy)"
@@ -247,6 +250,9 @@ config DROPBEAR_SHA512
 	  SHA-1. SHA-2 consists of a set of four hash functions with digests
 	  that are 224, 256, 384 or 512 bits.
 
+comment "WARNING: No Message Integrity method selected!"
+	depends on !DROPBEAR_SHA1 && !DROPBEAR_SHA1_96 && !DROPBEAR_SHA256 && !DROPBEAR_SHA512
+
 comment "Hostkey/public key algorithms, at least one required ---"
 
 config DROPBEAR_RSA
@@ -278,6 +284,9 @@ config DROPBEAR_ED25519
 	  Public keys are 256 bits long and signatures are 512 bits
 	  long.
 
+comment "WARNING: No Hostkey/public key algorithm selected!"
+	depends on !DROPBEAR_RSA && !DROPBEAR_ECDSA && !DROPBEAR_ED25519
+
 comment "Key exchange algorithm, at least one required ---"
 
 config DROPBEAR_DH_GROUP14_SHA256
@@ -335,6 +344,9 @@ config DROPBEAR_DH_GROUP1
 	  versions < 0.53.
 	  Client only!
 
+comment "WARNING: No key exchange algorithm selected!"
+	depends on !DROPBEAR_DH_GROUP14_SHA256 && !DROPBEAR_DH_GROUP14_SHA1 && !DROPBEAR_DH_GROUP16 && !DROPBEAR_ECDH && !DROPBEAR_CURVE25519 && !DROPBEAR_DH_GROUP1
+
 comment "Authentication types, at least one required --- RFC Draft requires pubkey auth"
 
 config DROPBEAR_PASSWD
@@ -351,6 +363,9 @@ config DROPBEAR_PUBKEY
 	help
 	  Use public key authentication
 
+comment "WARNING: No authentication type selected!"
+	depends on !DROPBEAR_PASSWD && !DROPBEAR_PUBKEY
+
 comment "installation options   ---"
 
 config DROPBEAR_DROPBEAR
-- 
2.30.2




^ permalink raw reply	[flat|nested] 22+ messages in thread

* [ptxdist] [PATCH 8/8] dropbear: Move option groups to sub menus
  2022-07-04 12:18 [ptxdist] [PATCH 0/8] dropbear: version bump and option revise Alexander Dahl
                   ` (6 preceding siblings ...)
  2022-07-04 12:18 ` [ptxdist] [PATCH 7/8] dropbear: Add conditional comments with warnings Alexander Dahl
@ 2022-07-04 12:18 ` Alexander Dahl
  2022-07-29  6:23   ` [ptxdist] [APPLIED] " Michael Olbrich
  7 siblings, 1 reply; 22+ messages in thread
From: Alexander Dahl @ 2022-07-04 12:18 UTC (permalink / raw)
  To: ptxdist; +Cc: Ian Abbott, Bruno Thomsen

This was getting confusing and you had to scroll down.  Sub menus also
make those requirements and warnings better visible.

Signed-off-by: Alexander Dahl <ada@thorsis.com>
---
 rules/dropbear.in | 38 ++++++++++++++++++++++++++++++--------
 1 file changed, 30 insertions(+), 8 deletions(-)

diff --git a/rules/dropbear.in b/rules/dropbear.in
index 4f6a6a906..29ab17dc6 100644
--- a/rules/dropbear.in
+++ b/rules/dropbear.in
@@ -111,7 +111,7 @@ config DROPBEAR_DIS_PUTUTXLINE
 	help
 	  pututxline is needed to write to the utmpx structure.
 
-comment "features"
+menu "Features                     "
 
 config DROPBEAR_DIS_X11
 	bool
@@ -135,7 +135,11 @@ config DROPBEAR_DIS_AGENT
 	  Authentication agent is a program to automate the
 	  use of authentication private keys.
 
-comment "Encryption, at least one required --- RFC Draft requires 3DES and recommends AES128"
+endmenu
+
+menu "Encryption                   "
+
+comment "at least one required --- RFC Draft requires 3DES and recommends AES128"
 
 config DROPBEAR_AES128
 	bool
@@ -198,7 +202,11 @@ config DROPBEAR_CTR_CIPHERS
 	  CBC mode against certain attacks. This adds around 1kB to binary
 	  size and is recommended for most cases.
 
-comment "Message Integrity (HMAC), at least one required ---"
+endmenu
+
+menu "Message Integrity (HMAC)     "
+
+comment "at least one required ---"
 
 config DROPBEAR_SHA1
 	bool
@@ -253,7 +261,11 @@ config DROPBEAR_SHA512
 comment "WARNING: No Message Integrity method selected!"
 	depends on !DROPBEAR_SHA1 && !DROPBEAR_SHA1_96 && !DROPBEAR_SHA256 && !DROPBEAR_SHA512
 
-comment "Hostkey/public key algorithms, at least one required ---"
+endmenu
+
+menu "Hostkey/public key algorithms"
+
+comment "at least one required ---"
 
 config DROPBEAR_RSA
 	bool
@@ -287,7 +299,11 @@ config DROPBEAR_ED25519
 comment "WARNING: No Hostkey/public key algorithm selected!"
 	depends on !DROPBEAR_RSA && !DROPBEAR_ECDSA && !DROPBEAR_ED25519
 
-comment "Key exchange algorithm, at least one required ---"
+endmenu
+
+menu "Key exchange algorithm       "
+
+comment "at least one required ---"
 
 config DROPBEAR_DH_GROUP14_SHA256
 	bool
@@ -347,7 +363,11 @@ config DROPBEAR_DH_GROUP1
 comment "WARNING: No key exchange algorithm selected!"
 	depends on !DROPBEAR_DH_GROUP14_SHA256 && !DROPBEAR_DH_GROUP14_SHA1 && !DROPBEAR_DH_GROUP16 && !DROPBEAR_ECDH && !DROPBEAR_CURVE25519 && !DROPBEAR_DH_GROUP1
 
-comment "Authentication types, at least one required --- RFC Draft requires pubkey auth"
+endmenu
+
+menu "Authentication types         "
+
+comment "at least one required --- RFC Draft requires pubkey auth"
 
 config DROPBEAR_PASSWD
 	bool
@@ -366,7 +386,9 @@ config DROPBEAR_PUBKEY
 comment "WARNING: No authentication type selected!"
 	depends on !DROPBEAR_PASSWD && !DROPBEAR_PUBKEY
 
-comment "installation options   ---"
+endmenu
+
+comment "Installation options           ---"
 
 config DROPBEAR_DROPBEAR
 	bool
@@ -402,7 +424,7 @@ config DROPBEAR_SCP
 comment "OpenSSH scp is selected!"
 	depends on OPENSSH_SCP
 
-comment "runtime options        ---"
+comment "Runtime options                ---"
 
 config DROPBEAR_STARTSCRIPT
 	bool
-- 
2.30.2




^ permalink raw reply	[flat|nested] 22+ messages in thread

* Re: [ptxdist] [PATCH 6/8] dropbear: Rework key exchange algorithm options
  2022-07-04 12:18 ` [ptxdist] [PATCH 6/8] dropbear: Rework key exchange algorithm options Alexander Dahl
@ 2022-07-04 12:31   ` Ian Abbott
  2022-07-08  9:09     ` Michael Olbrich
  2022-07-29  6:23   ` [ptxdist] [APPLIED] " Michael Olbrich
  1 sibling, 1 reply; 22+ messages in thread
From: Ian Abbott @ 2022-07-04 12:31 UTC (permalink / raw)
  To: ptxdist, Alexander Dahl; +Cc: Bruno Thomsen

On 04/07/2022 13:18, Alexander Dahl wrote:
> The options for diffie-hellman key exchange were mixed up with message
> integrity hmacs.
> 
> Signed-off-by: Alexander Dahl <ada@thorsis.com>
> ---
>   rules/dropbear.in   | 43 +++++++++++++++++++++++++++++++++++++++++--
>   rules/dropbear.make | 36 ++++++++++++++++++++++++++++++++----
>   2 files changed, 73 insertions(+), 6 deletions(-)
> 
> diff --git a/rules/dropbear.in b/rules/dropbear.in
> index f7f96a762..043b0e76d 100644
> --- a/rules/dropbear.in
> +++ b/rules/dropbear.in
[snip]
>   config DROPBEAR_CURVE25519
>   	bool
> -	prompt "curve25519-donna"
> +	prompt "curve25519"
>   	help
>   	  Enable curve25519-donna for key exchange.

The name in the prompt now differs from the name in the help text, which 
might be confusing.

>   	  This is another elliptic curve method with good security properties.
>   	  This algorithm does not rely on NIST-based curves
>   	  and gives us more security confidence against a possible
>   	  backdoor in nistp-256 curve.
> +	
> +	  Small systems should generally include either curve25519 or
> +	  ecdh for performance.
> +
> +config DROPBEAR_DH_GROUP1
> +	bool
> +	prompt "group1 (legacy, client only)"
> +	help
> +	  1024 bit, sha1.
> +	  is too small for security though is necessary if you need
> +	  compatibility with some implementations such as Dropbear
> +	  versions < 0.53.
> +	  Client only!

Missing word "This"?

-- 
-=( Ian Abbott <abbotti@mev.co.uk> || MEV Ltd. is a company  )=-
-=( registered in England & Wales.  Regd. number: 02862268.  )=-
-=( Regd. addr.: S11 & 12 Building 67, Europa Business Park, )=-
-=( Bird Hall Lane, STOCKPORT, SK3 0XA, UK. || www.mev.co.uk )=-



^ permalink raw reply	[flat|nested] 22+ messages in thread

* Re: [ptxdist] [PATCH 6/8] dropbear: Rework key exchange algorithm options
  2022-07-04 12:31   ` Ian Abbott
@ 2022-07-08  9:09     ` Michael Olbrich
  0 siblings, 0 replies; 22+ messages in thread
From: Michael Olbrich @ 2022-07-08  9:09 UTC (permalink / raw)
  To: Ian Abbott; +Cc: Alexander Dahl, Bruno Thomsen, ptxdist

On Mon, Jul 04, 2022 at 01:31:10PM +0100, Ian Abbott wrote:
> On 04/07/2022 13:18, Alexander Dahl wrote:
> > The options for diffie-hellman key exchange were mixed up with message
> > integrity hmacs.
> > 
> > Signed-off-by: Alexander Dahl <ada@thorsis.com>
> > ---
> >   rules/dropbear.in   | 43 +++++++++++++++++++++++++++++++++++++++++--
> >   rules/dropbear.make | 36 ++++++++++++++++++++++++++++++++----
> >   2 files changed, 73 insertions(+), 6 deletions(-)
> > 
> > diff --git a/rules/dropbear.in b/rules/dropbear.in
> > index f7f96a762..043b0e76d 100644
> > --- a/rules/dropbear.in
> > +++ b/rules/dropbear.in
> [snip]
> >   config DROPBEAR_CURVE25519
> >   	bool
> > -	prompt "curve25519-donna"
> > +	prompt "curve25519"
> >   	help
> >   	  Enable curve25519-donna for key exchange.
> 
> The name in the prompt now differs from the name in the help text, which
> might be confusing.

I'll change the help to match the prompt when I apply this (unless my test
builds find something else that require a v2).

> 
> >   	  This is another elliptic curve method with good security properties.
> >   	  This algorithm does not rely on NIST-based curves
> >   	  and gives us more security confidence against a possible
> >   	  backdoor in nistp-256 curve.
> > +	
> > +	  Small systems should generally include either curve25519 or
> > +	  ecdh for performance.
> > +
> > +config DROPBEAR_DH_GROUP1
> > +	bool
> > +	prompt "group1 (legacy, client only)"
> > +	help
> > +	  1024 bit, sha1.
> > +	  is too small for security though is necessary if you need
> > +	  compatibility with some implementations such as Dropbear
> > +	  versions < 0.53.
> > +	  Client only!
> 
> Missing word "This"?

I'll add it.

Michael

> 
> -- 
> -=( Ian Abbott <abbotti@mev.co.uk> || MEV Ltd. is a company  )=-
> -=( registered in England & Wales.  Regd. number: 02862268.  )=-
> -=( Regd. addr.: S11 & 12 Building 67, Europa Business Park, )=-
> -=( Bird Hall Lane, STOCKPORT, SK3 0XA, UK. || www.mev.co.uk )=-
> 
> 

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |



^ permalink raw reply	[flat|nested] 22+ messages in thread

* Re: [ptxdist] [PATCH 1/8] dropbear: version bump 2020.81 -> 2022.82
  2022-07-04 12:18 ` [ptxdist] [PATCH 1/8] dropbear: version bump 2020.81 -> 2022.82 Alexander Dahl
@ 2022-07-08 15:13   ` Michael Olbrich
  2022-07-21  7:10     ` [ptxdist] [PATCH] dropbear: Add patch to fix build with X11 forwarding Alexander Dahl
  2022-07-29  6:23   ` [ptxdist] [APPLIED] dropbear: version bump 2020.81 -> 2022.82 Michael Olbrich
  1 sibling, 1 reply; 22+ messages in thread
From: Michael Olbrich @ 2022-07-08 15:13 UTC (permalink / raw)
  To: Alexander Dahl; +Cc: Bruno Thomsen, Ian Abbott, ptxdist

On Mon, Jul 04, 2022 at 02:18:24PM +0200, Alexander Dahl wrote:
> Noteworthy pieces from a longer list of changes and fixes:
> 
> - New server support for U2F/FIDO keys (explicitly disabled for now)
> - Removed Twofish cipher
> - Dropbear now re-executes itself rather than just forking for each connection
> - A missing home directory is now non-fatal, starting in / instead
> 
> Link: https://matt.ucc.asn.au/dropbear/CHANGES
> Signed-off-by: Alexander Dahl <ada@thorsis.com>

I've changed the patch to disable x11 forwarding entirely because it fails
to build. Please take a look if that's relevant for you. I just wanted to
get this stuff merged before I'm gone for 2 weeks.

Michael

> ---
>  rules/dropbear.in   | 23 -----------------------
>  rules/dropbear.make | 25 +++++++------------------
>  2 files changed, 7 insertions(+), 41 deletions(-)
> 
> diff --git a/rules/dropbear.in b/rules/dropbear.in
> index 8ae2d788b..553e0268c 100644
> --- a/rules/dropbear.in
> +++ b/rules/dropbear.in
> @@ -169,29 +169,6 @@ config DROPBEAR_AES256
>  	  algorithm that may be used by U.S. Government organizations
>  	  (and others) to protect sensitive information.
>  
> -
> -config DROPBEAR_TWOFISH128
> -	bool
> -	prompt "Twofish128"
> -	help
> -	  Another great algorithm designed by Bruce Schneier.
> -	  This block cipher was designed as a successor to
> -	  the 64-bit Blowfish block cipher.
> -	  Twofish combines a 16-round Feistel network with a
> -	  bijective f function made by four key-dependent
> -	  8x8-bit S-boxes.
> -
> -config DROPBEAR_TWOFISH256
> -	bool
> -	prompt "Twofish256"
> -	help
> -	  Another great algorithm designed by Bruce Schneier.
> -	  This block cipher was designed as a successor to
> -	  the 64-bit Blowfish block cipher.
> -	  Twofish combines a 16-round Feistel network with a
> -	  bijective f function made by four key-dependent
> -	  8x8-bit S-boxes.
> -
>  config DROPBEAR_CBC_CIPHERS
>  	bool
>  	prompt "CBC mode ciphers"
> diff --git a/rules/dropbear.make b/rules/dropbear.make
> index cb949d761..3a434e2c8 100644
> --- a/rules/dropbear.make
> +++ b/rules/dropbear.make
> @@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_DROPBEAR) += dropbear
>  #
>  # Paths and names
>  #
> -DROPBEAR_VERSION	:= 2020.81
> -DROPBEAR_MD5		:= a07438a6159a24c61f98f1bce2d479c0
> +DROPBEAR_VERSION	:= 2022.82
> +DROPBEAR_MD5		:= 7a4a5f2c6d23ff2e6627c97d7c1aeceb
>  DROPBEAR		:= dropbear-$(DROPBEAR_VERSION)
>  DROPBEAR_SUFFIX		:= tar.bz2
>  DROPBEAR_URL		:= https://matt.ucc.asn.au/dropbear/releases/$(DROPBEAR).$(DROPBEAR_SUFFIX)
> @@ -42,6 +42,7 @@ DROPBEAR_CONF_TOOL	:= autoconf
>  DROPBEAR_CONF_OPT 	:= \
>  	$(CROSS_AUTOCONF_USR) \
>  	--enable-harden \
> +	--disable-werror \
>  	$(GLOBAL_LARGE_FILE_OPTION) \
>  	--$(call ptx/endis, PTXCONF_DROPBEAR_ZLIB)-zlib \
>  	--disable-pam \
> @@ -126,22 +127,6 @@ else
>  	@echo "#define DROPBEAR_AES256 0" >> $(DROPBEAR_LOCALOPTIONS)
>  endif
>  
> -ifdef PTXCONF_DROPBEAR_TWOFISH256
> -	@echo "ptxdist: enabling twofish256"
> -	@echo "#define DROPBEAR_TWOFISH256 1" >> $(DROPBEAR_LOCALOPTIONS)
> -else
> -	@echo "ptxdist: disabling twofish256"
> -	@echo "#define DROPBEAR_TWOFISH256 0" >> $(DROPBEAR_LOCALOPTIONS)
> -endif
> -
> -ifdef PTXCONF_DROPBEAR_TWOFISH128
> -	@echo "ptxdist: enabling twofish128"
> -	@echo "#define DROPBEAR_TWOFISH128 1" >> $(DROPBEAR_LOCALOPTIONS)
> -else
> -	@echo "ptxdist: disabling twofish128"
> -	@echo "#define DROPBEAR_TWOFISH128 0" >> $(DROPBEAR_LOCALOPTIONS)
> -endif
> -
>  # ciphers
>  ifdef PTXCONF_DROPBEAR_CBC_CIPHERS
>  	@echo "ptxdist: enabling cbc ciphers"
> @@ -217,6 +202,10 @@ else
>  	@echo "#define DROPBEAR_ECDSA 0" >> $(DROPBEAR_LOCALOPTIONS)
>  endif
>  
> +	@echo "ptxdist: disabling u2f security key support"
> +	@echo "#define DROPBEAR_SK_ECDSA 0" >> $(DROPBEAR_LOCALOPTIONS)
> +	@echo "#define DROPBEAR_SK_ED25519 0" >> $(DROPBEAR_LOCALOPTIONS)
> +
>  # key exchange algorithm
>  ifdef PTXCONF_DROPBEAR_ECDH
>  	@echo "ptxdist: enabling ecdh"
> -- 
> 2.30.2
> 
> 
> 

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |



^ permalink raw reply	[flat|nested] 22+ messages in thread

* [ptxdist] [PATCH] dropbear: Add patch to fix build with X11 forwarding
  2022-07-08 15:13   ` Michael Olbrich
@ 2022-07-21  7:10     ` Alexander Dahl
  2022-08-04 15:14       ` [ptxdist] [APPLIED] " Michael Olbrich
  0 siblings, 1 reply; 22+ messages in thread
From: Alexander Dahl @ 2022-07-21  7:10 UTC (permalink / raw)
  To: ptxdist

Fixes: fe0bcfd2aed9 ("dropbear: version bump 2020.81 -> 2022.82")
Signed-off-by: Alexander Dahl <ada@thorsis.com>
---
 ...d-failure-use-DROPBEAR_PRIO_LOWDELAY.patch | 21 +++++++++++++++++++
 patches/dropbear-2022.82/series               |  4 ++++
 rules/dropbear.in                             |  3 +--
 3 files changed, 26 insertions(+), 2 deletions(-)
 create mode 100644 patches/dropbear-2022.82/0001-Fix-X11-build-failure-use-DROPBEAR_PRIO_LOWDELAY.patch
 create mode 100644 patches/dropbear-2022.82/series

diff --git a/patches/dropbear-2022.82/0001-Fix-X11-build-failure-use-DROPBEAR_PRIO_LOWDELAY.patch b/patches/dropbear-2022.82/0001-Fix-X11-build-failure-use-DROPBEAR_PRIO_LOWDELAY.patch
new file mode 100644
index 000000000..8c46daf9c
--- /dev/null
+++ b/patches/dropbear-2022.82/0001-Fix-X11-build-failure-use-DROPBEAR_PRIO_LOWDELAY.patch
@@ -0,0 +1,21 @@
+From: Matt Johnston <matt@ucc.asn.au>
+Date: Sat, 23 Apr 2022 22:33:31 +0800
+Subject: [PATCH] Fix X11 build failure, use DROPBEAR_PRIO_LOWDELAY
+
+---
+ svr-x11fwd.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/svr-x11fwd.c b/svr-x11fwd.c
+index 353cb12e8dd1..5d9e6a96f577 100644
+--- a/svr-x11fwd.c
++++ b/svr-x11fwd.c
+@@ -206,7 +206,7 @@ void x11cleanup(struct ChanSess *chansess) {
+ }
+ 
+ static int x11_inithandler(struct Channel *channel) {
+-	channel->prio = DROPBEAR_CHANNEL_PRIO_INTERACTIVE;
++	channel->prio = DROPBEAR_PRIO_LOWDELAY;
+ 	return 0;
+ }
+ 
diff --git a/patches/dropbear-2022.82/series b/patches/dropbear-2022.82/series
new file mode 100644
index 000000000..87840318b
--- /dev/null
+++ b/patches/dropbear-2022.82/series
@@ -0,0 +1,4 @@
+# generated by git-ptx-patches
+#tag:base --start-number 1
+0001-Fix-X11-build-failure-use-DROPBEAR_PRIO_LOWDELAY.patch
+# dacc85cb839b0a9eec87bf2d3fc2463f  - git-ptx-patches magic
diff --git a/rules/dropbear.in b/rules/dropbear.in
index efc1c93fb..e2945f38d 100644
--- a/rules/dropbear.in
+++ b/rules/dropbear.in
@@ -115,8 +115,7 @@ menu "Features                     "
 
 config DROPBEAR_DIS_X11
 	bool
-	# X11 forwarding fails to build
-	#prompt "disable X11 Forwarding"
+	prompt "disable X11 Forwarding"
 	default y
 	help
 	  X11 forwarding means passing X11 (graphical interface)

base-commit: 02f8e5e7cb2ae088b69bfd2d75ba9e702eeaac5f
-- 
2.30.2




^ permalink raw reply	[flat|nested] 22+ messages in thread

* Re: [ptxdist] [APPLIED] dropbear: version bump 2020.81 -> 2022.82
  2022-07-04 12:18 ` [ptxdist] [PATCH 1/8] dropbear: version bump 2020.81 -> 2022.82 Alexander Dahl
  2022-07-08 15:13   ` Michael Olbrich
@ 2022-07-29  6:23   ` Michael Olbrich
  1 sibling, 0 replies; 22+ messages in thread
From: Michael Olbrich @ 2022-07-29  6:23 UTC (permalink / raw)
  To: ptxdist; +Cc: Alexander Dahl

Thanks, applied as fe0bcfd2aed916620677d63432defec21e72d523.

Michael

[sent from post-receive hook]

On Fri, 29 Jul 2022 08:23:28 +0200, Alexander Dahl <ada@thorsis.com> wrote:
> Noteworthy pieces from a longer list of changes and fixes:
> 
> - New server support for U2F/FIDO keys (explicitly disabled for now)
> - Removed Twofish cipher
> - Dropbear now re-executes itself rather than just forking for each connection
> - A missing home directory is now non-fatal, starting in / instead
> 
> Link: https://matt.ucc.asn.au/dropbear/CHANGES
> Signed-off-by: Alexander Dahl <ada@thorsis.com>
> Message-Id: <20220704121831.23787-2-ada@thorsis.com>
> [mol: disable broken x11 forwarding]
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> 
> diff --git a/rules/dropbear.in b/rules/dropbear.in
> index 8ae2d788bd27..0e726c70ef35 100644
> --- a/rules/dropbear.in
> +++ b/rules/dropbear.in
> @@ -115,7 +115,8 @@ comment "features"
>  
>  config DROPBEAR_DIS_X11
>  	bool
> -	prompt "disable X11 Forwarding"
> +	# X11 forwarding fails to build
> +	#prompt "disable X11 Forwarding"
>  	default y
>  	help
>  	  X11 forwarding means passing X11 (graphical interface)
> @@ -169,29 +170,6 @@ config DROPBEAR_AES256
>  	  algorithm that may be used by U.S. Government organizations
>  	  (and others) to protect sensitive information.
>  
> -
> -config DROPBEAR_TWOFISH128
> -	bool
> -	prompt "Twofish128"
> -	help
> -	  Another great algorithm designed by Bruce Schneier.
> -	  This block cipher was designed as a successor to
> -	  the 64-bit Blowfish block cipher.
> -	  Twofish combines a 16-round Feistel network with a
> -	  bijective f function made by four key-dependent
> -	  8x8-bit S-boxes.
> -
> -config DROPBEAR_TWOFISH256
> -	bool
> -	prompt "Twofish256"
> -	help
> -	  Another great algorithm designed by Bruce Schneier.
> -	  This block cipher was designed as a successor to
> -	  the 64-bit Blowfish block cipher.
> -	  Twofish combines a 16-round Feistel network with a
> -	  bijective f function made by four key-dependent
> -	  8x8-bit S-boxes.
> -
>  config DROPBEAR_CBC_CIPHERS
>  	bool
>  	prompt "CBC mode ciphers"
> diff --git a/rules/dropbear.make b/rules/dropbear.make
> index cb949d761693..3a434e2c8d37 100644
> --- a/rules/dropbear.make
> +++ b/rules/dropbear.make
> @@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_DROPBEAR) += dropbear
>  #
>  # Paths and names
>  #
> -DROPBEAR_VERSION	:= 2020.81
> -DROPBEAR_MD5		:= a07438a6159a24c61f98f1bce2d479c0
> +DROPBEAR_VERSION	:= 2022.82
> +DROPBEAR_MD5		:= 7a4a5f2c6d23ff2e6627c97d7c1aeceb
>  DROPBEAR		:= dropbear-$(DROPBEAR_VERSION)
>  DROPBEAR_SUFFIX		:= tar.bz2
>  DROPBEAR_URL		:= https://matt.ucc.asn.au/dropbear/releases/$(DROPBEAR).$(DROPBEAR_SUFFIX)
> @@ -42,6 +42,7 @@ DROPBEAR_CONF_TOOL	:= autoconf
>  DROPBEAR_CONF_OPT 	:= \
>  	$(CROSS_AUTOCONF_USR) \
>  	--enable-harden \
> +	--disable-werror \
>  	$(GLOBAL_LARGE_FILE_OPTION) \
>  	--$(call ptx/endis, PTXCONF_DROPBEAR_ZLIB)-zlib \
>  	--disable-pam \
> @@ -126,22 +127,6 @@ else
>  	@echo "#define DROPBEAR_AES256 0" >> $(DROPBEAR_LOCALOPTIONS)
>  endif
>  
> -ifdef PTXCONF_DROPBEAR_TWOFISH256
> -	@echo "ptxdist: enabling twofish256"
> -	@echo "#define DROPBEAR_TWOFISH256 1" >> $(DROPBEAR_LOCALOPTIONS)
> -else
> -	@echo "ptxdist: disabling twofish256"
> -	@echo "#define DROPBEAR_TWOFISH256 0" >> $(DROPBEAR_LOCALOPTIONS)
> -endif
> -
> -ifdef PTXCONF_DROPBEAR_TWOFISH128
> -	@echo "ptxdist: enabling twofish128"
> -	@echo "#define DROPBEAR_TWOFISH128 1" >> $(DROPBEAR_LOCALOPTIONS)
> -else
> -	@echo "ptxdist: disabling twofish128"
> -	@echo "#define DROPBEAR_TWOFISH128 0" >> $(DROPBEAR_LOCALOPTIONS)
> -endif
> -
>  # ciphers
>  ifdef PTXCONF_DROPBEAR_CBC_CIPHERS
>  	@echo "ptxdist: enabling cbc ciphers"
> @@ -217,6 +202,10 @@ else
>  	@echo "#define DROPBEAR_ECDSA 0" >> $(DROPBEAR_LOCALOPTIONS)
>  endif
>  
> +	@echo "ptxdist: disabling u2f security key support"
> +	@echo "#define DROPBEAR_SK_ECDSA 0" >> $(DROPBEAR_LOCALOPTIONS)
> +	@echo "#define DROPBEAR_SK_ED25519 0" >> $(DROPBEAR_LOCALOPTIONS)
> +
>  # key exchange algorithm
>  ifdef PTXCONF_DROPBEAR_ECDH
>  	@echo "ptxdist: enabling ecdh"



^ permalink raw reply	[flat|nested] 22+ messages in thread

* Re: [ptxdist] [APPLIED] dropbear: Add ed25519 hostkey/public key support
  2022-07-04 12:18 ` [ptxdist] [PATCH 2/8] dropbear: Add ed25519 hostkey/public key support Alexander Dahl
@ 2022-07-29  6:23   ` Michael Olbrich
  0 siblings, 0 replies; 22+ messages in thread
From: Michael Olbrich @ 2022-07-29  6:23 UTC (permalink / raw)
  To: ptxdist; +Cc: Alexander Dahl

Thanks, applied as 5b678ced4025abf60d5533cfdcd330bad8f90b65.

Michael

[sent from post-receive hook]

On Fri, 29 Jul 2022 08:23:29 +0200, Alexander Dahl <ada@thorsis.com> wrote:
> This is supported by dropbear since version 2020.79, but was not used by
> ptxdist yet.
> 
> Signed-off-by: Alexander Dahl <ada@thorsis.com>
> Message-Id: <20220704121831.23787-3-ada@thorsis.com>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> 
> diff --git a/projectroot/etc/init.d/dropbear b/projectroot/etc/init.d/dropbear
> index 2039340b2fbd..1b16de20ae8d 100644
> --- a/projectroot/etc/init.d/dropbear
> +++ b/projectroot/etc/init.d/dropbear
> @@ -25,6 +25,9 @@ dropbear_start() {
>              ecdsa)
>                  test -f "$DROPBEAR_ECDSAKEY" && KEY_ARGS="$KEY_ARGS -r $DROPBEAR_ECDSAKEY"
>                  ;;
> +            ed25519)
> +                test -f "$DROPBEAR_ED25519KEY" && KEY_ARGS="$KEY_ARGS -r $DROPBEAR_ED25519KEY"
> +                ;;
>              *)
>                  echo "Key type '$keytype' not supported"
>                  ;;
> diff --git a/projectroot/etc/rc.once.d/dropbear b/projectroot/etc/rc.once.d/dropbear
> index a8725616a7f2..191f6c61bfb9 100644
> --- a/projectroot/etc/rc.once.d/dropbear
> +++ b/projectroot/etc/rc.once.d/dropbear
> @@ -28,6 +28,9 @@ gen_keys() {
>  			ecdsa)
>  				gen_key ecdsa "$DROPBEAR_ECDSAKEY" || return
>  				;;
> +			ed25519)
> +				gen_key ed25519 "$DROPBEAR_ED25519KEY" || return
> +				;;
>  			*)
>  				echo "Key type '$keytype' not supported"
>  				;;
> diff --git a/projectroot/usr/lib/init/dropbear.sh b/projectroot/usr/lib/init/dropbear.sh
> index 12fd6e5ce3f6..aa375fe3c298 100644
> --- a/projectroot/usr/lib/init/dropbear.sh
> +++ b/projectroot/usr/lib/init/dropbear.sh
> @@ -2,4 +2,5 @@
>  
>  DROPBEAR_RSAKEY='@KEYDIR@/dropbear_rsa_host_key'
>  DROPBEAR_ECDSAKEY='@KEYDIR@/dropbear_ecdsa_host_key'
> +DROPBEAR_ED25519KEY='@KEYDIR@/dropbear_ed25519_host_key'
>  DROPBEAR_KEYTYPES='@KEYTYPES@'
> diff --git a/rules/dropbear.in b/rules/dropbear.in
> index 0e726c70ef35..e7760df49453 100644
> --- a/rules/dropbear.in
> +++ b/rules/dropbear.in
> @@ -257,6 +257,18 @@ config DROPBEAR_ECDSA
>  	  ECDSA stands for Elliptic Curve Digital Signature Algorithm.
>  	  ECDSA is significantly faster than RSA.
>  
> +config DROPBEAR_ED25519
> +	bool
> +	prompt "ed25519"
> +	default y
> +	help
> +	  Ed25519 is the EdDSA signature scheme using SHA-512 (SHA-2)
> +	  and Curve25519.
> +	  Ed25519 is intended to provide attack resistance comparable to
> +	  quality 128-bit symmetric ciphers.
> +	  Public keys are 256 bits long and signatures are 512 bits
> +	  long.
> +
>  comment "Key exchange algorithm ---"
>  
>  config DROPBEAR_ECDH
> diff --git a/rules/dropbear.make b/rules/dropbear.make
> index 3a434e2c8d37..a5ff02c9e0a0 100644
> --- a/rules/dropbear.make
> +++ b/rules/dropbear.make
> @@ -202,6 +202,14 @@ else
>  	@echo "#define DROPBEAR_ECDSA 0" >> $(DROPBEAR_LOCALOPTIONS)
>  endif
>  
> +ifdef PTXCONF_DROPBEAR_ED25519
> +	@echo "ptxdist: enabling ed25519"
> +	@echo "#define DROPBEAR_ED25519 1" >> $(DROPBEAR_LOCALOPTIONS)
> +else
> +	@echo "ptxdist: disabling ed25519"
> +	@echo "#define DROPBEAR_ED25519 0" >> $(DROPBEAR_LOCALOPTIONS)
> +endif
> +
>  	@echo "ptxdist: disabling u2f security key support"
>  	@echo "#define DROPBEAR_SK_ECDSA 0" >> $(DROPBEAR_LOCALOPTIONS)
>  	@echo "#define DROPBEAR_SK_ED25519 0" >> $(DROPBEAR_LOCALOPTIONS)
> @@ -263,6 +271,9 @@ endif
>  ifdef PTXCONF_DROPBEAR_ECDSA
>  DROPBEAR_KEY_TYPES	+= ecdsa
>  endif
> +ifdef PTXCONF_DROPBEAR_ED25519
> +DROPBEAR_KEY_TYPES	+= ed25519
> +endif
>  
>  $(STATEDIR)/dropbear.targetinstall:
>  	@$(call targetinfo)



^ permalink raw reply	[flat|nested] 22+ messages in thread

* Re: [ptxdist] [APPLIED] dropbear: Remove curve25519 dependency
  2022-07-04 12:18 ` [ptxdist] [PATCH 3/8] dropbear: Remove curve25519 dependency Alexander Dahl
@ 2022-07-29  6:23   ` Michael Olbrich
  0 siblings, 0 replies; 22+ messages in thread
From: Michael Olbrich @ 2022-07-29  6:23 UTC (permalink / raw)
  To: ptxdist; +Cc: Alexander Dahl

Thanks, applied as 558a48c187922d8a072257f7a0936d0c909e2222.

Michael

[sent from post-receive hook]

On Fri, 29 Jul 2022 08:23:31 +0200, Alexander Dahl <ada@thorsis.com> wrote:
> Builds fine with DROPBEAR_CURVE25519 only.  Runtime tests successful.
> 
> Signed-off-by: Alexander Dahl <ada@thorsis.com>
> Message-Id: <20220704121831.23787-4-ada@thorsis.com>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> 
> diff --git a/rules/dropbear.in b/rules/dropbear.in
> index e7760df49453..129e94cae4c8 100644
> --- a/rules/dropbear.in
> +++ b/rules/dropbear.in
> @@ -279,7 +279,6 @@ config DROPBEAR_ECDH
>  
>  config DROPBEAR_CURVE25519
>  	bool
> -	depends on DROPBEAR_ECDSA || DROPBEAR_ECDH
>  	prompt "curve25519-donna"
>  	help
>  	  Enable curve25519-donna for key exchange.



^ permalink raw reply	[flat|nested] 22+ messages in thread

* Re: [ptxdist] [APPLIED] dropbear: Make Chacha20-Poly1305 encryption optional
  2022-07-04 12:18 ` [ptxdist] [PATCH 4/8] dropbear: Make Chacha20-Poly1305 encryption optional Alexander Dahl
@ 2022-07-29  6:23   ` Michael Olbrich
  0 siblings, 0 replies; 22+ messages in thread
From: Michael Olbrich @ 2022-07-29  6:23 UTC (permalink / raw)
  To: ptxdist; +Cc: Alexander Dahl

Thanks, applied as cd3102b2cf895b8958855e93330417cc92b64454.

Michael

[sent from post-receive hook]

On Fri, 29 Jul 2022 08:23:32 +0200, Alexander Dahl <ada@thorsis.com> wrote:
> Making this optional was basically for testing purposes, but might be
> interesting for users who want to squeeze out the last few bytes.
> The option is enabled by dropbear by default, so now it's possible to
> disable it in ptxdist.
> 
> Signed-off-by: Alexander Dahl <ada@thorsis.com>
> Message-Id: <20220704121831.23787-5-ada@thorsis.com>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> 
> diff --git a/rules/dropbear.in b/rules/dropbear.in
> index 129e94cae4c8..25b92839b64e 100644
> --- a/rules/dropbear.in
> +++ b/rules/dropbear.in
> @@ -170,6 +170,16 @@ config DROPBEAR_AES256
>  	  algorithm that may be used by U.S. Government organizations
>  	  (and others) to protect sensitive information.
>  
> +config DROPBEAR_CHACHA20POLY1305
> +	bool
> +	prompt "Chacha20-Poly1305"
> +	default y
> +	help
> +	  Enable Chacha20-Poly1305 authenticated encryption mode.
> +	  This is generally faster than AES256 on CPU w/o dedicated AES
> +	  instructions, having the same key size.
> +	  Recommended.
> +
>  config DROPBEAR_CBC_CIPHERS
>  	bool
>  	prompt "CBC mode ciphers"
> diff --git a/rules/dropbear.make b/rules/dropbear.make
> index a5ff02c9e0a0..7653cf3e57cc 100644
> --- a/rules/dropbear.make
> +++ b/rules/dropbear.make
> @@ -127,6 +127,14 @@ else
>  	@echo "#define DROPBEAR_AES256 0" >> $(DROPBEAR_LOCALOPTIONS)
>  endif
>  
> +ifdef PTXCONF_DROPBEAR_CHACHA20POLY1305
> +	@echo "ptxdist: enabling chacha20-poly1305"
> +	@echo "#define DROPBEAR_CHACHA20POLY1305 1" >> $(DROPBEAR_LOCALOPTIONS)
> +else
> +	@echo "ptxdist: disabling chacha20-poly1305"
> +	@echo "#define DROPBEAR_CHACHA20POLY1305 0" >> $(DROPBEAR_LOCALOPTIONS)
> +endif
> +
>  # ciphers
>  ifdef PTXCONF_DROPBEAR_CBC_CIPHERS
>  	@echo "ptxdist: enabling cbc ciphers"



^ permalink raw reply	[flat|nested] 22+ messages in thread

* Re: [ptxdist] [APPLIED] dropbear: Append hints to some menu prompts
  2022-07-04 12:18 ` [ptxdist] [PATCH 5/8] dropbear: Append hints to some menu prompts Alexander Dahl
@ 2022-07-29  6:23   ` Michael Olbrich
  0 siblings, 0 replies; 22+ messages in thread
From: Michael Olbrich @ 2022-07-29  6:23 UTC (permalink / raw)
  To: ptxdist; +Cc: Alexander Dahl

Thanks, applied as 689eb5a63e35183cce4760a5fbdc1ede7c47e428.

Michael

[sent from post-receive hook]

On Fri, 29 Jul 2022 08:23:33 +0200, Alexander Dahl <ada@thorsis.com> wrote:
> We present multiple options in the menu here, so add some more guidance
> for the non experienced user.
> 
> Signed-off-by: Alexander Dahl <ada@thorsis.com>
> Message-Id: <20220704121831.23787-6-ada@thorsis.com>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> 
> diff --git a/rules/dropbear.in b/rules/dropbear.in
> index 25b92839b64e..33e8500a93ee 100644
> --- a/rules/dropbear.in
> +++ b/rules/dropbear.in
> @@ -150,7 +150,7 @@ config DROPBEAR_AES128
>  
>  config DROPBEAR_3DES
>  	bool
> -	prompt "3DES"
> +	prompt "3DES (legacy)"
>  	help
>  	  DES is an IBM algorithm designed during the 1970s.
>  	  In 1976, NIST has officially adopted it as an encryption
> @@ -182,7 +182,7 @@ config DROPBEAR_CHACHA20POLY1305
>  
>  config DROPBEAR_CBC_CIPHERS
>  	bool
> -	prompt "CBC mode ciphers"
> +	prompt "CBC mode ciphers (legacy)"
>  	help
>  	  Enable CBC mode for ciphers. This has security issues though
>  	  is the most compatible with older SSH implementations.
> @@ -196,11 +196,11 @@ config DROPBEAR_CTR_CIPHERS
>  	  CBC mode against certain attacks. This adds around 1kB to binary
>  	  size and is recommended for most cases.
>  
> -comment "Integrity, at least one required --- sha2-256 is recommended as a default, sha1 for compatibility"
> +comment "Message Integrity (HMAC), at least one required ---"
>  
>  config DROPBEAR_SHA1
>  	bool
> -	prompt "sha1"
> +	prompt "sha1 (compat)"
>  	help
>  	  The Secure Hash Algorithm (SHA) was developed by NIST and
>  	  is specified in the Secure Hash Standard (SHS, FIPS 180).
> @@ -212,7 +212,7 @@ config DROPBEAR_SHA1
>  
>  config DROPBEAR_SHA1_96
>  	bool
> -	prompt "sha1-96"
> +	prompt "sha1-96 (legacy)"
>  	help
>  	  The Secure Hash Algorithm (SHA) was developed by NIST and
>  	  is specified in the Secure Hash Standard (SHS, FIPS 180).
> @@ -224,7 +224,7 @@ config DROPBEAR_SHA1_96
>  
>  config DROPBEAR_SHA256
>  	bool
> -	prompt "sha256"
> +	prompt "sha256 (recommended)"
>  	default y
>  	help
>  	  SHA-2 is a set of cryptographic hash functions (SHA-224, SHA-256,



^ permalink raw reply	[flat|nested] 22+ messages in thread

* Re: [ptxdist] [APPLIED] dropbear: Rework key exchange algorithm options
  2022-07-04 12:18 ` [ptxdist] [PATCH 6/8] dropbear: Rework key exchange algorithm options Alexander Dahl
  2022-07-04 12:31   ` Ian Abbott
@ 2022-07-29  6:23   ` Michael Olbrich
  1 sibling, 0 replies; 22+ messages in thread
From: Michael Olbrich @ 2022-07-29  6:23 UTC (permalink / raw)
  To: ptxdist; +Cc: Alexander Dahl

Thanks, applied as 91608613316a0031ec4a9581f762160a99239ce2.

Michael

[sent from post-receive hook]

On Fri, 29 Jul 2022 08:23:34 +0200, Alexander Dahl <ada@thorsis.com> wrote:
> The options for diffie-hellman key exchange were mixed up with message
> integrity hmacs.
> 
> Signed-off-by: Alexander Dahl <ada@thorsis.com>
> Message-Id: <20220704121831.23787-7-ada@thorsis.com>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> 
> diff --git a/rules/dropbear.in b/rules/dropbear.in
> index 33e8500a93ee..a64b2306a64a 100644
> --- a/rules/dropbear.in
> +++ b/rules/dropbear.in
> @@ -279,7 +279,30 @@ config DROPBEAR_ED25519
>  	  Public keys are 256 bits long and signatures are 512 bits
>  	  long.
>  
> -comment "Key exchange algorithm ---"
> +comment "Key exchange algorithm, at least one required ---"
> +
> +config DROPBEAR_DH_GROUP14_SHA256
> +	bool
> +	prompt "group14_sha256"
> +	default y
> +	help
> +	  2048 bit, sha2-256.
> +	  group14 is supported by most implementations.
> +
> +config DROPBEAR_DH_GROUP14_SHA1
> +	bool
> +	prompt "group14_sha1"
> +	help
> +	  2048 bit, sha1.
> +	  group14 is supported by most implementations.
> +
> +config DROPBEAR_DH_GROUP16
> +	bool
> +	prompt "group16"
> +	help
> +	  4096 bit, sha2-512.
> +	  group16 provides a greater strength level but is slower and
> +	  increases binary size.
>  
>  config DROPBEAR_ECDH
>  	bool
> @@ -287,16 +310,32 @@ config DROPBEAR_ECDH
>  	help
>  	  ECDH stands for Elliptic Curve Diffie-Hellman.
>  
> +	  Small systems should generally include either curve25519 or
> +	  ecdh for performance.
> +
>  config DROPBEAR_CURVE25519
>  	bool
> -	prompt "curve25519-donna"
> +	prompt "curve25519"
>  	help
> -	  Enable curve25519-donna for key exchange.
> +	  Enable curve25519 for key exchange.
>  	  This is another elliptic curve method with good security properties.
>  	  This algorithm does not rely on NIST-based curves
>  	  and gives us more security confidence against a possible
>  	  backdoor in nistp-256 curve.
>  
> +	  Small systems should generally include either curve25519 or
> +	  ecdh for performance.
> +
> +config DROPBEAR_DH_GROUP1
> +	bool
> +	prompt "group1 (legacy, client only)"
> +	help
> +	  1024 bit, sha1.
> +	  This is too small for security though is necessary if you need
> +	  compatibility with some implementations such as Dropbear
> +	  versions < 0.53.
> +	  Client only!
> +
>  comment "Authentication types, at least one required --- RFC Draft requires pubkey auth"
>  
>  config DROPBEAR_PASSWD
> diff --git a/rules/dropbear.make b/rules/dropbear.make
> index 7653cf3e57cc..e86b8bf43803 100644
> --- a/rules/dropbear.make
> +++ b/rules/dropbear.make
> @@ -157,13 +157,9 @@ endif
>  ifdef PTXCONF_DROPBEAR_SHA1
>  	@echo "ptxdist: enabling sha1"
>  	@echo "#define DROPBEAR_SHA1_HMAC 1" >> $(DROPBEAR_LOCALOPTIONS)
> -	@echo "#define DROPBEAR_DH_GROUP1 1" >> $(DROPBEAR_LOCALOPTIONS)
> -	@echo "#define DROPBEAR_DH_GROUP14_SHA1 1" >> $(DROPBEAR_LOCALOPTIONS)
>  else
>  	@echo "ptxdist: disabling sha1"
>  	@echo "#define DROPBEAR_SHA1_HMAC 0" >> $(DROPBEAR_LOCALOPTIONS)
> -	@echo "#define DROPBEAR_DH_GROUP1 0" >> $(DROPBEAR_LOCALOPTIONS)
> -	@echo "#define DROPBEAR_DH_GROUP14_SHA1 0" >> $(DROPBEAR_LOCALOPTIONS)
>  endif
>  
>  ifdef PTXCONF_DROPBEAR_SHA1_96
> @@ -223,6 +219,30 @@ endif
>  	@echo "#define DROPBEAR_SK_ED25519 0" >> $(DROPBEAR_LOCALOPTIONS)
>  
>  # key exchange algorithm
> +ifdef PTXCONF_DROPBEAR_DH_GROUP14_SHA256
> +	@echo "ptxdist: enabling dh_group14_sha256"
> +	@echo "#define DROPBEAR_DH_GROUP14_SHA256 1" >> $(DROPBEAR_LOCALOPTIONS)
> +else
> +	@echo "ptxdist: disabling dh_group14_sha256"
> +	@echo "#define DROPBEAR_DH_GROUP14_SHA256 0" >> $(DROPBEAR_LOCALOPTIONS)
> +endif
> +
> +ifdef PTXCONF_DROPBEAR_DH_GROUP14_SHA1
> +	@echo "ptxdist: enabling dh_group14_sha1"
> +	@echo "#define DROPBEAR_DH_GROUP14_SHA1 1" >> $(DROPBEAR_LOCALOPTIONS)
> +else
> +	@echo "ptxdist: disabling dh_group14_sha1"
> +	@echo "#define DROPBEAR_DH_GROUP14_SHA1 0" >> $(DROPBEAR_LOCALOPTIONS)
> +endif
> +
> +ifdef PTXCONF_DROPBEAR_DH_GROUP16
> +	@echo "ptxdist: enabling dh_group16"
> +	@echo "#define DROPBEAR_DH_GROUP16 1" >> $(DROPBEAR_LOCALOPTIONS)
> +else
> +	@echo "ptxdist: disabling dh_group16"
> +	@echo "#define DROPBEAR_DH_GROUP16 0" >> $(DROPBEAR_LOCALOPTIONS)
> +endif
> +
>  ifdef PTXCONF_DROPBEAR_ECDH
>  	@echo "ptxdist: enabling ecdh"
>  	@echo "#define DROPBEAR_ECDH 1" >> $(DROPBEAR_LOCALOPTIONS)
> @@ -239,6 +259,14 @@ else
>  	@echo "#define DROPBEAR_CURVE25519 0" >> $(DROPBEAR_LOCALOPTIONS)
>  endif
>  
> +ifdef PTXCONF_DROPBEAR_DH_GROUP1
> +	@echo "ptxdist: enabling dh_group1"
> +	@echo "#define DROPBEAR_DH_GROUP1 1" >> $(DROPBEAR_LOCALOPTIONS)
> +else
> +	@echo "ptxdist: disabling dh_group1"
> +	@echo "#define DROPBEAR_DH_GROUP1 0" >> $(DROPBEAR_LOCALOPTIONS)
> +endif
> +
>  # authentication types
>  ifdef PTXCONF_DROPBEAR_PASSWD
>  	@echo "ptxdist: enabling passwd"



^ permalink raw reply	[flat|nested] 22+ messages in thread

* Re: [ptxdist] [APPLIED] dropbear: Add conditional comments with warnings
  2022-07-04 12:18 ` [ptxdist] [PATCH 7/8] dropbear: Add conditional comments with warnings Alexander Dahl
@ 2022-07-29  6:23   ` Michael Olbrich
  0 siblings, 0 replies; 22+ messages in thread
From: Michael Olbrich @ 2022-07-29  6:23 UTC (permalink / raw)
  To: ptxdist; +Cc: Alexander Dahl

Thanks, applied as e8f526c3a8d126139da25384d68542ce4895480c.

Michael

[sent from post-receive hook]

On Fri, 29 Jul 2022 08:23:36 +0200, Alexander Dahl <ada@thorsis.com> wrote:
> We have multiple groups where it is required to select at least one (and
> optionally more) option.  On some groups selecting no option would fail
> at buildtime, on other dropbear would build and run, but necessary user
> interactions (like log in) would not be possible at runtime, e.g.
> because no message integrity hmac method was built in.
> 
> These warnings still allow not selecting any option, but should give a
> stronger hint than before, that this would be a bad idea.
> 
> Suggested-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
> Signed-off-by: Alexander Dahl <ada@thorsis.com>
> Message-Id: <20220704121831.23787-8-ada@thorsis.com>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> 
> diff --git a/rules/dropbear.in b/rules/dropbear.in
> index a64b2306a64a..a3059c60502d 100644
> --- a/rules/dropbear.in
> +++ b/rules/dropbear.in
> @@ -180,6 +180,9 @@ config DROPBEAR_CHACHA20POLY1305
>  	  instructions, having the same key size.
>  	  Recommended.
>  
> +comment "WARNING: No encryption method selected!"
> +	depends on !DROPBEAR_AES128 && !DROPBEAR_3DES && !DROPBEAR_AES256 && !DROPBEAR_CHACHA20POLY1305
> +
>  config DROPBEAR_CBC_CIPHERS
>  	bool
>  	prompt "CBC mode ciphers (legacy)"
> @@ -248,6 +251,9 @@ config DROPBEAR_SHA512
>  	  SHA-1. SHA-2 consists of a set of four hash functions with digests
>  	  that are 224, 256, 384 or 512 bits.
>  
> +comment "WARNING: No Message Integrity method selected!"
> +	depends on !DROPBEAR_SHA1 && !DROPBEAR_SHA1_96 && !DROPBEAR_SHA256 && !DROPBEAR_SHA512
> +
>  comment "Hostkey/public key algorithms, at least one required ---"
>  
>  config DROPBEAR_RSA
> @@ -279,6 +285,9 @@ config DROPBEAR_ED25519
>  	  Public keys are 256 bits long and signatures are 512 bits
>  	  long.
>  
> +comment "WARNING: No Hostkey/public key algorithm selected!"
> +	depends on !DROPBEAR_RSA && !DROPBEAR_ECDSA && !DROPBEAR_ED25519
> +
>  comment "Key exchange algorithm, at least one required ---"
>  
>  config DROPBEAR_DH_GROUP14_SHA256
> @@ -336,6 +345,9 @@ config DROPBEAR_DH_GROUP1
>  	  versions < 0.53.
>  	  Client only!
>  
> +comment "WARNING: No key exchange algorithm selected!"
> +	depends on !DROPBEAR_DH_GROUP14_SHA256 && !DROPBEAR_DH_GROUP14_SHA1 && !DROPBEAR_DH_GROUP16 && !DROPBEAR_ECDH && !DROPBEAR_CURVE25519 && !DROPBEAR_DH_GROUP1
> +
>  comment "Authentication types, at least one required --- RFC Draft requires pubkey auth"
>  
>  config DROPBEAR_PASSWD
> @@ -352,6 +364,9 @@ config DROPBEAR_PUBKEY
>  	help
>  	  Use public key authentication
>  
> +comment "WARNING: No authentication type selected!"
> +	depends on !DROPBEAR_PASSWD && !DROPBEAR_PUBKEY
> +
>  comment "installation options   ---"
>  
>  config DROPBEAR_DROPBEAR



^ permalink raw reply	[flat|nested] 22+ messages in thread

* Re: [ptxdist] [APPLIED] dropbear: Move option groups to sub menus
  2022-07-04 12:18 ` [ptxdist] [PATCH 8/8] dropbear: Move option groups to sub menus Alexander Dahl
@ 2022-07-29  6:23   ` Michael Olbrich
  0 siblings, 0 replies; 22+ messages in thread
From: Michael Olbrich @ 2022-07-29  6:23 UTC (permalink / raw)
  To: ptxdist; +Cc: Alexander Dahl

Thanks, applied as e14b8d56bcdf97accff3e3b1daac32fe1a865315.

Michael

[sent from post-receive hook]

On Fri, 29 Jul 2022 08:23:37 +0200, Alexander Dahl <ada@thorsis.com> wrote:
> This was getting confusing and you had to scroll down.  Sub menus also
> make those requirements and warnings better visible.
> 
> Signed-off-by: Alexander Dahl <ada@thorsis.com>
> Message-Id: <20220704121831.23787-9-ada@thorsis.com>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> 
> diff --git a/rules/dropbear.in b/rules/dropbear.in
> index a3059c60502d..efc1c93fbc5f 100644
> --- a/rules/dropbear.in
> +++ b/rules/dropbear.in
> @@ -111,7 +111,7 @@ config DROPBEAR_DIS_PUTUTXLINE
>  	help
>  	  pututxline is needed to write to the utmpx structure.
>  
> -comment "features"
> +menu "Features                     "
>  
>  config DROPBEAR_DIS_X11
>  	bool
> @@ -136,7 +136,11 @@ config DROPBEAR_DIS_AGENT
>  	  Authentication agent is a program to automate the
>  	  use of authentication private keys.
>  
> -comment "Encryption, at least one required --- RFC Draft requires 3DES and recommends AES128"
> +endmenu
> +
> +menu "Encryption                   "
> +
> +comment "at least one required --- RFC Draft requires 3DES and recommends AES128"
>  
>  config DROPBEAR_AES128
>  	bool
> @@ -199,7 +203,11 @@ config DROPBEAR_CTR_CIPHERS
>  	  CBC mode against certain attacks. This adds around 1kB to binary
>  	  size and is recommended for most cases.
>  
> -comment "Message Integrity (HMAC), at least one required ---"
> +endmenu
> +
> +menu "Message Integrity (HMAC)     "
> +
> +comment "at least one required ---"
>  
>  config DROPBEAR_SHA1
>  	bool
> @@ -254,7 +262,11 @@ config DROPBEAR_SHA512
>  comment "WARNING: No Message Integrity method selected!"
>  	depends on !DROPBEAR_SHA1 && !DROPBEAR_SHA1_96 && !DROPBEAR_SHA256 && !DROPBEAR_SHA512
>  
> -comment "Hostkey/public key algorithms, at least one required ---"
> +endmenu
> +
> +menu "Hostkey/public key algorithms"
> +
> +comment "at least one required ---"
>  
>  config DROPBEAR_RSA
>  	bool
> @@ -288,7 +300,11 @@ config DROPBEAR_ED25519
>  comment "WARNING: No Hostkey/public key algorithm selected!"
>  	depends on !DROPBEAR_RSA && !DROPBEAR_ECDSA && !DROPBEAR_ED25519
>  
> -comment "Key exchange algorithm, at least one required ---"
> +endmenu
> +
> +menu "Key exchange algorithm       "
> +
> +comment "at least one required ---"
>  
>  config DROPBEAR_DH_GROUP14_SHA256
>  	bool
> @@ -348,7 +364,11 @@ config DROPBEAR_DH_GROUP1
>  comment "WARNING: No key exchange algorithm selected!"
>  	depends on !DROPBEAR_DH_GROUP14_SHA256 && !DROPBEAR_DH_GROUP14_SHA1 && !DROPBEAR_DH_GROUP16 && !DROPBEAR_ECDH && !DROPBEAR_CURVE25519 && !DROPBEAR_DH_GROUP1
>  
> -comment "Authentication types, at least one required --- RFC Draft requires pubkey auth"
> +endmenu
> +
> +menu "Authentication types         "
> +
> +comment "at least one required --- RFC Draft requires pubkey auth"
>  
>  config DROPBEAR_PASSWD
>  	bool
> @@ -367,7 +387,9 @@ config DROPBEAR_PUBKEY
>  comment "WARNING: No authentication type selected!"
>  	depends on !DROPBEAR_PASSWD && !DROPBEAR_PUBKEY
>  
> -comment "installation options   ---"
> +endmenu
> +
> +comment "Installation options           ---"
>  
>  config DROPBEAR_DROPBEAR
>  	bool
> @@ -403,7 +425,7 @@ config DROPBEAR_SCP
>  comment "OpenSSH scp is selected!"
>  	depends on OPENSSH_SCP
>  
> -comment "runtime options        ---"
> +comment "Runtime options                ---"
>  
>  config DROPBEAR_STARTSCRIPT
>  	bool



^ permalink raw reply	[flat|nested] 22+ messages in thread

* Re: [ptxdist] [APPLIED] dropbear: Add patch to fix build with X11 forwarding
  2022-07-21  7:10     ` [ptxdist] [PATCH] dropbear: Add patch to fix build with X11 forwarding Alexander Dahl
@ 2022-08-04 15:14       ` Michael Olbrich
  0 siblings, 0 replies; 22+ messages in thread
From: Michael Olbrich @ 2022-08-04 15:14 UTC (permalink / raw)
  To: ptxdist; +Cc: Alexander Dahl

Thanks, applied as a346f07c3b88c9e03a3fadb6256c0e1a9ed0c8a0.

Michael

[sent from post-receive hook]

On Thu, 04 Aug 2022 17:14:14 +0200, Alexander Dahl <ada@thorsis.com> wrote:
> Fixes: fe0bcfd2aed9 ("dropbear: version bump 2020.81 -> 2022.82")
> Signed-off-by: Alexander Dahl <ada@thorsis.com>
> Message-Id: <20220721071008.27675-1-ada@thorsis.com>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> 
> diff --git a/patches/dropbear-2022.82/0001-Fix-X11-build-failure-use-DROPBEAR_PRIO_LOWDELAY.patch b/patches/dropbear-2022.82/0001-Fix-X11-build-failure-use-DROPBEAR_PRIO_LOWDELAY.patch
> new file mode 100644
> index 000000000000..8c46daf9ca5a
> --- /dev/null
> +++ b/patches/dropbear-2022.82/0001-Fix-X11-build-failure-use-DROPBEAR_PRIO_LOWDELAY.patch
> @@ -0,0 +1,21 @@
> +From: Matt Johnston <matt@ucc.asn.au>
> +Date: Sat, 23 Apr 2022 22:33:31 +0800
> +Subject: [PATCH] Fix X11 build failure, use DROPBEAR_PRIO_LOWDELAY
> +
> +---
> + svr-x11fwd.c | 2 +-
> + 1 file changed, 1 insertion(+), 1 deletion(-)
> +
> +diff --git a/svr-x11fwd.c b/svr-x11fwd.c
> +index 353cb12e8dd1..5d9e6a96f577 100644
> +--- a/svr-x11fwd.c
> ++++ b/svr-x11fwd.c
> +@@ -206,7 +206,7 @@ void x11cleanup(struct ChanSess *chansess) {
> + }
> + 
> + static int x11_inithandler(struct Channel *channel) {
> +-	channel->prio = DROPBEAR_CHANNEL_PRIO_INTERACTIVE;
> ++	channel->prio = DROPBEAR_PRIO_LOWDELAY;
> + 	return 0;
> + }
> + 
> diff --git a/patches/dropbear-2022.82/series b/patches/dropbear-2022.82/series
> new file mode 100644
> index 000000000000..87840318b1bc
> --- /dev/null
> +++ b/patches/dropbear-2022.82/series
> @@ -0,0 +1,4 @@
> +# generated by git-ptx-patches
> +#tag:base --start-number 1
> +0001-Fix-X11-build-failure-use-DROPBEAR_PRIO_LOWDELAY.patch
> +# dacc85cb839b0a9eec87bf2d3fc2463f  - git-ptx-patches magic
> diff --git a/rules/dropbear.in b/rules/dropbear.in
> index efc1c93fbc5f..e2945f38d05e 100644
> --- a/rules/dropbear.in
> +++ b/rules/dropbear.in
> @@ -115,8 +115,7 @@ menu "Features                     "
>  
>  config DROPBEAR_DIS_X11
>  	bool
> -	# X11 forwarding fails to build
> -	#prompt "disable X11 Forwarding"
> +	prompt "disable X11 Forwarding"
>  	default y
>  	help
>  	  X11 forwarding means passing X11 (graphical interface)



^ permalink raw reply	[flat|nested] 22+ messages in thread

end of thread, other threads:[~2022-08-04 15:15 UTC | newest]

Thread overview: 22+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-07-04 12:18 [ptxdist] [PATCH 0/8] dropbear: version bump and option revise Alexander Dahl
2022-07-04 12:18 ` [ptxdist] [PATCH 1/8] dropbear: version bump 2020.81 -> 2022.82 Alexander Dahl
2022-07-08 15:13   ` Michael Olbrich
2022-07-21  7:10     ` [ptxdist] [PATCH] dropbear: Add patch to fix build with X11 forwarding Alexander Dahl
2022-08-04 15:14       ` [ptxdist] [APPLIED] " Michael Olbrich
2022-07-29  6:23   ` [ptxdist] [APPLIED] dropbear: version bump 2020.81 -> 2022.82 Michael Olbrich
2022-07-04 12:18 ` [ptxdist] [PATCH 2/8] dropbear: Add ed25519 hostkey/public key support Alexander Dahl
2022-07-29  6:23   ` [ptxdist] [APPLIED] " Michael Olbrich
2022-07-04 12:18 ` [ptxdist] [PATCH 3/8] dropbear: Remove curve25519 dependency Alexander Dahl
2022-07-29  6:23   ` [ptxdist] [APPLIED] " Michael Olbrich
2022-07-04 12:18 ` [ptxdist] [PATCH 4/8] dropbear: Make Chacha20-Poly1305 encryption optional Alexander Dahl
2022-07-29  6:23   ` [ptxdist] [APPLIED] " Michael Olbrich
2022-07-04 12:18 ` [ptxdist] [PATCH 5/8] dropbear: Append hints to some menu prompts Alexander Dahl
2022-07-29  6:23   ` [ptxdist] [APPLIED] " Michael Olbrich
2022-07-04 12:18 ` [ptxdist] [PATCH 6/8] dropbear: Rework key exchange algorithm options Alexander Dahl
2022-07-04 12:31   ` Ian Abbott
2022-07-08  9:09     ` Michael Olbrich
2022-07-29  6:23   ` [ptxdist] [APPLIED] " Michael Olbrich
2022-07-04 12:18 ` [ptxdist] [PATCH 7/8] dropbear: Add conditional comments with warnings Alexander Dahl
2022-07-29  6:23   ` [ptxdist] [APPLIED] " Michael Olbrich
2022-07-04 12:18 ` [ptxdist] [PATCH 8/8] dropbear: Move option groups to sub menus Alexander Dahl
2022-07-29  6:23   ` [ptxdist] [APPLIED] " Michael Olbrich

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox