|
|
|
diff -u -r ../openssh-7.7p1/sshd.c ./sshd.c
|
|
|
|
--- ../openssh-7.7p1/sshd.c 2018-04-02 07:38:28.000000000 +0200
|
|
|
|
+++ ./sshd.c 2018-04-03 23:48:49.605335389 +0200
|
|
|
|
@@ -553,8 +553,10 @@
|
|
|
|
debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid,
|
|
|
|
(u_int)privsep_pw->pw_gid);
|
|
|
|
gidset[0] = privsep_pw->pw_gid;
|
|
|
|
+#ifndef __ANDROID__
|
|
|
|
if (setgroups(1, gidset) < 0)
|
|
|
|
fatal("setgroups: %.100s", strerror(errno));
|
|
|
|
+#endif
|
|
|
|
permanently_set_uid(privsep_pw);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
@@ -1447,7 +1449,8 @@
|
|
|
|
saved_argc = ac;
|
|
|
|
rexec_argc = ac;
|
|
|
|
saved_argv = xcalloc(ac + 1, sizeof(*saved_argv));
|
|
|
|
- for (i = 0; (int)i < ac; i++)
|
|
|
|
+ saved_argv[0] = "@TERMUX_PREFIX@/bin/sshd";
|
|
|
|
+ for (i = 1; (int)i < ac; i++)
|
|
|
|
saved_argv[i] = xstrdup(av[i]);
|
|
|
|
saved_argv[i] = NULL;
|
|
|
|
|
|
|
|
@@ -1457,8 +1460,10 @@
|
|
|
|
av = saved_argv;
|
|
|
|
#endif
|
|
|
|
|
|
|
|
+#ifndef __ANDROID__
|
|
|
|
if (geteuid() == 0 && setgroups(0, NULL) == -1)
|
|
|
|
debug("setgroups(): %.200s", strerror(errno));
|
|
|
|
+#endif
|
|
|
|
|
|
|
|
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
|
|
|
|
sanitise_stdfd();
|
|
|
|
@@ -1577,8 +1582,6 @@
|
|
|
|
}
|
|
|
|
if (rexeced_flag || inetd_flag)
|
|
|
|
rexec_flag = 0;
|
|
|
|
- if (!test_flag && (rexec_flag && (av[0] == NULL || *av[0] != '/')))
|
|
|
|
- fatal("sshd re-exec requires execution with an absolute path");
|
|
|
|
if (rexeced_flag)
|
|
|
|
closefrom(REEXEC_MIN_FREE_FD);
|
|
|
|
else
|
|
|
|
@@ -1692,7 +1695,9 @@
|
|
|
|
freezero(privsep_pw->pw_passwd, strlen(privsep_pw->pw_passwd));
|
|
|
|
privsep_pw->pw_passwd = xstrdup("*");
|
|
|
|
}
|
|
|
|
+#ifndef __ANDROID__
|
|
|
|
endpwent();
|
|
|
|
+#endif
|
|
|
|
|
|
|
|
/* load host keys */
|
|
|
|
sensitive_data.host_keys = xcalloc(options.num_host_key_files,
|
|
|
|
@@ -1842,8 +1847,10 @@
|
|
|
|
* to create a file, and we can't control the code in every
|
|
|
|
* module which might be used).
|
|
|
|
*/
|
|
|
|
+#ifndef __ANDROID__
|
|
|
|
if (setgroups(0, NULL) < 0)
|
|
|
|
debug("setgroups() failed: %.200s", strerror(errno));
|
|
|
|
+#endif
|
|
|
|
|
|
|
|
if (rexec_flag) {
|
|
|
|
if (rexec_argc < 0)
|