testing/tinyssh: fix keepalive not implemented

this fixes sessions being reset when a keepalive is sent
2026-05-05 12:26:52 +02:00 · 2015-07-19 14:17:31 +00:00 · 2015-07-19 14:17:31 +00:00 · d83d725860
commit d83d725860
parent 23cd29abe1
2 changed files with 94 additions and 4 deletions
--- a/testing/tinyssh/APKBUILD
+++ b/testing/tinyssh/APKBUILD
@ -2,7 +2,7 @@
 # Maintainer: Stuart Cardall <developer@it-offshore.co.uk>
 pkgname=tinyssh
 pkgver=20150501
-pkgrel=0
+pkgrel=1
 pkgdesc="Small SSH server using NaCl / TweetNaCl (no dependency on OpenSSL)"
 url="http://tinyssh.org/"
 arch="all"
@ -13,6 +13,7 @@ subpackages="$pkgname-doc"
 source="$pkgname-$pkgver.tar.bz2::http://mojzis.com/software/$pkgname/$pkgname-$pkgver.tar.bz2
 	$pkgname.initd
 	$pkgname.confd
+	keepalive-not-implemented.patch
 	"

 _builddir="$srcdir"/$pkgname-$pkgver
@ -55,15 +56,20 @@ echo '22 stream tcp nowait root /usr/sbin/tinysshd tinysshd -l -v /etc/tinyssh/s
 rc-service inetd start

 (3) Using runit with either (1) or (2)
+
+Stealth SSH with FWKNOP: https://it-offshore.co.uk/security/53-stealth-your-ssh-port-ssh-into-lxc-containers
 EOF
 }

 md5sums="0e8b4add3fa6c4481e7b8159aca75b2f  tinyssh-20150501.tar.bz2
 78ec724804035bae29e1c47abec737d8  tinyssh.initd
-83e705f0f71db5ae0d8530edafa63497  tinyssh.confd"
+83e705f0f71db5ae0d8530edafa63497  tinyssh.confd
+42cf023926c2b9472fa3d98a6f626db8  keepalive-not-implemented.patch"
 sha256sums="ccaee75ee04252c7e7db1e06e74e4c55b53911c310a0dc5e1288c0feb73a1470  tinyssh-20150501.tar.bz2
 b3584c463f6ba0de6a5fe2e28fb98cd8ef65a55f17a0f4c877f61f54019ef34c  tinyssh.initd
-c6c67395e7230d75077734f0b08d5f8c76f11aaef27878b013b7bd68dd7ba774  tinyssh.confd"
+c6c67395e7230d75077734f0b08d5f8c76f11aaef27878b013b7bd68dd7ba774  tinyssh.confd
+96ce731b29f76cba82047512a0c751370987fd51ff08d5bf124f10342f213251  keepalive-not-implemented.patch"
 sha512sums="780e4aa87fc5afbd0818f1c815c0e95a9ec5b096efedbc49d54492195725bbdf3fe860cc4b84a5e9b15b9b568fd0398e48601da3af22b3dfd64e4214d4797fbe  tinyssh-20150501.tar.bz2
 d10f995c6687e706453e51d06b3466427d476036efdbd86db2f9330281e46049bf2e3698208524b3f70cdbd30373f5bf46c7164dd626d22b3fa9a75ca5d8d478  tinyssh.initd
-4513bd0d43ef0825fbd77365a8a7adefcd99211102df76003becf7e3a09a47ad9bbd16a68c3fadfb7868e0562f8d42a26106b7582cb70490a7e52a7d1e6110e9  tinyssh.confd"
+4513bd0d43ef0825fbd77365a8a7adefcd99211102df76003becf7e3a09a47ad9bbd16a68c3fadfb7868e0562f8d42a26106b7582cb70490a7e52a7d1e6110e9  tinyssh.confd
+9511d09d8a62e673e3e6b2ae9fc55e5b6ca7c33485c1834b4f53a1f06d84d34619a7f620c9862fb059d8a0d24a79d4172bd355185ceff5ac8acb381350e41d2e  keepalive-not-implemented.patch"
--- a/testing/tinyssh/keepalive-not-implemented.patch
+++ b/testing/tinyssh/keepalive-not-implemented.patch
@ -0,0 +1,84 @@
+diff --git a/tinyssh-tests/packet_uinmplementedtest.c b/tinyssh-tests/packet_uinmplementedtest.c
+new file mode 120000
+index 0000000..c1c5f9b
+--- /dev/null
+++ b/tinyssh-tests/packet_uinmplementedtest.c
+@@ -0,0 +1 @@
+emptytest.c
+\ No newline at end of file
+diff --git a/tinyssh/LIBS b/tinyssh/LIBS
+index 7f1bcf5..9c1f27a 100644
+--- a/tinyssh/LIBS
+++ b/tinyssh/LIBS
+@@ -36,6 +36,7 @@ packetparser.o
+ packet_put.o
+ packet_recv.o
+ packet_send.o
+packet_uinmplemented.o
+ porttostr.o
+ randommod.o
+ readall.o
+diff --git a/tinyssh/SOURCES b/tinyssh/SOURCES
+index be77a5f..613535d 100644
+--- a/tinyssh/SOURCES
+++ b/tinyssh/SOURCES
+@@ -36,6 +36,7 @@ packetparser
+ packet_put
+ packet_recv
+ packet_send
+packet_uinmplemented
+ porttostr
+ randommod
+ readall
+diff --git a/tinyssh/packet.h b/tinyssh/packet.h
+index 891ede8..b2cba92 100644
+--- a/tinyssh/packet.h
+++ b/tinyssh/packet.h
+@@ -127,4 +127,7 @@ extern int packet_channel_send_windowadjust(struct buf *);
+ extern void packet_channel_send_eof(struct buf *);
+ extern int packet_channel_send_close(struct buf *, int, int);
+ 
+/* packet_uinmplemented.c */
+extern int packet_uinmplemented(struct buf *);
+
+ #endif
+diff --git a/tinyssh/packet_uinmplemented.c b/tinyssh/packet_uinmplemented.c
+new file mode 100644
+index 0000000..1ca82d6
+--- /dev/null
+++ b/tinyssh/packet_uinmplemented.c
+@@ -0,0 +1,18 @@
+/*
+20150719
+Jan Mojzis
+Public domain.
+*/
+
+#include "buf.h"
+#include "ssh.h"
+#include "packet.h"
+
+int packet_uinmplemented(struct buf *b) {
+
+    buf_purge(b);
+    buf_putnum8(b, SSH_MSG_UNIMPLEMENTED);       /* SSH_MSG_UNIMPLEMENTED */
+    buf_putnum32(b, packet.receivepacketid);     /* packeid */
+    packet_put(b);
+    return packet_sendall();
+}
+diff --git a/tinyssh/tinysshd.c b/tinyssh/tinysshd.c
+index ba44584..78677f5 100644
+--- a/tinyssh/tinysshd.c
+++ b/tinyssh/tinysshd.c
+@@ -300,8 +300,8 @@ int main(int argc, char **argv) {
+                 case SSH_MSG_KEXINIT:
+                     goto rekeying;
+                 default:
+-                    die_fatal("unknown message type", 0, 0);
+-                    /* XXX TODO - send SSH_MSG_UNIMPLEMENTED */
+                    log_d1("unknown packet - sending SSH_MSG_UNIMPLEMENTED message");
+                    if (!packet_uinmplemented(&b1)) die_fatal("unable to send SSH_MSG_UNIMPLEMENTED message", 0, 0);
+             }
+         }
+     }
+