Browse Source
* dropbear: update to 2018.76 * dropbear: fix hardcoded paths * dropbear: enable scpandroid-5
Leonid Plyushch
7 years ago
committed by
Fredrik Fornwall
13 changed files with 259 additions and 163 deletions
@ -0,0 +1,12 @@ |
|||
diff -uNr dropbear-2018.76/Makefile.in dropbear-2018.76.mod/Makefile.in
|
|||
--- dropbear-2018.76/Makefile.in 2018-02-27 16:25:10.000000000 +0200
|
|||
+++ dropbear-2018.76.mod/Makefile.in 2018-04-21 14:05:03.923792282 +0300
|
|||
@@ -9,7 +9,7 @@
|
|||
# dbclient functionality, and includes the progress-bar functionality in scp. |
|||
|
|||
ifndef PROGRAMS |
|||
- PROGRAMS=dropbear dbclient dropbearkey dropbearconvert
|
|||
+ PROGRAMS=dropbear dbclient dropbearkey dropbearconvert scp
|
|||
endif |
|||
|
|||
STATIC_LTC=libtomcrypt/libtomcrypt.a |
@ -0,0 +1,42 @@ |
|||
diff -uNr dropbear-2018.76/cli-auth.c dropbear-2018.76.mod/cli-auth.c
|
|||
--- dropbear-2018.76/cli-auth.c 2018-02-27 16:25:10.000000000 +0200
|
|||
+++ dropbear-2018.76.mod/cli-auth.c 2018-04-21 13:44:51.797063206 +0300
|
|||
@@ -32,6 +32,38 @@
|
|||
#include "packet.h" |
|||
#include "runopts.h" |
|||
|
|||
+
|
|||
+// getpass implementation
|
|||
+#ifdef __ANDROID__
|
|||
+#include <termios.h>
|
|||
+#include <readline/readline.h>
|
|||
+
|
|||
+static char* getpass(const char *prompt) {
|
|||
+ struct termios term_old, term_new;
|
|||
+ int nread;
|
|||
+
|
|||
+ /* Turn echoing off and fail if we can't. */
|
|||
+ if (tcgetattr (0, &term_old) != 0) {
|
|||
+ return NULL;
|
|||
+ }
|
|||
+
|
|||
+ term_new = term_old;
|
|||
+ term_new.c_lflag &= ~ECHO;
|
|||
+
|
|||
+ if (tcsetattr (0, TCSAFLUSH, &term_new) != 0) {
|
|||
+ return NULL;
|
|||
+ }
|
|||
+
|
|||
+ /* Read the password. */
|
|||
+ char *password = readline(prompt);
|
|||
+
|
|||
+ /* Restore terminal. */
|
|||
+ (void) tcsetattr (0, TCSAFLUSH, &term_old);
|
|||
+
|
|||
+ return password;
|
|||
+}
|
|||
+#endif
|
|||
+
|
|||
void cli_authinitialise() { |
|||
|
|||
memset(&ses.authstate, 0, sizeof(ses.authstate)); |
@ -0,0 +1,12 @@ |
|||
diff -uNr dropbear-2018.76/common-session.c dropbear-2018.76.mod/common-session.c
|
|||
--- dropbear-2018.76/common-session.c 2018-02-27 16:25:10.000000000 +0200
|
|||
+++ dropbear-2018.76.mod/common-session.c 2018-04-21 13:49:06.633742995 +0300
|
|||
@@ -570,7 +570,7 @@
|
|||
const char* get_user_shell() { |
|||
/* an empty shell should be interpreted as "/bin/sh" */ |
|||
if (ses.authstate.pw_shell[0] == '\0') { |
|||
- return "/bin/sh";
|
|||
+ return "@TERMUX_PREFIX@/bin/sh";
|
|||
} else { |
|||
return ses.authstate.pw_shell; |
|||
} |
@ -0,0 +1,21 @@ |
|||
diff -uNr dropbear-2018.76/compat.c dropbear-2018.76.mod/compat.c
|
|||
--- dropbear-2018.76/compat.c 2018-02-27 16:25:10.000000000 +0200
|
|||
+++ dropbear-2018.76.mod/compat.c 2018-04-21 13:47:36.443738351 +0300
|
|||
@@ -232,7 +232,7 @@
|
|||
|
|||
static char **initshells() { |
|||
/* don't touch this list. */ |
|||
- static const char *okshells[] = { "/bin/sh", "/bin/csh", NULL };
|
|||
+ static const char *okshells[] = { "@TERMUX_PREFIX@/bin/sh", "@TERMUX_PREFIX@/bin/csh", NULL };
|
|||
register char **sp, *cp; |
|||
register FILE *fp; |
|||
struct stat statb; |
|||
@@ -244,7 +244,7 @@
|
|||
if (strings != NULL) |
|||
free(strings); |
|||
strings = NULL; |
|||
- if ((fp = fopen("/etc/shells", "rc")) == NULL)
|
|||
+ if ((fp = fopen("@TERMUX_PREFIX@/etc/shells", "rc")) == NULL)
|
|||
return (char **) okshells; |
|||
if (fstat(fileno(fp), &statb) == -1) { |
|||
(void)fclose(fp); |
@ -1,95 +0,0 @@ |
|||
diff -u -r ../dropbear-2013.62/cli-auth.c ./cli-auth.c
|
|||
--- ../dropbear-2013.62/cli-auth.c 2013-12-03 14:39:15.000000000 +0100
|
|||
+++ ./cli-auth.c 2014-01-05 21:21:37.926812382 +0100
|
|||
@@ -32,6 +32,10 @@
|
|||
#include "packet.h" |
|||
#include "runopts.h" |
|||
|
|||
+char * getpass (const char *prompt) {
|
|||
+ return "";
|
|||
+}
|
|||
+
|
|||
void cli_authinitialise() { |
|||
|
|||
memset(&ses.authstate, 0, sizeof(ses.authstate)); |
|||
#ifdef ENABLE_CLI_ANYTCPFWD |
|||
diff -u -r ../dropbear-2013.62/sshpty.c ./sshpty.c
|
|||
--- ../dropbear-2013.62/sshpty.c 2013-12-03 14:39:15.000000000 +0100
|
|||
+++ ./sshpty.c 2014-01-05 21:21:37.930812382 +0100
|
|||
@@ -22,6 +22,10 @@
|
|||
#include "errno.h" |
|||
#include "sshpty.h" |
|||
|
|||
+#ifdef __ANDROID__
|
|||
+# define USE_DEV_PTMX 1
|
|||
+#endif
|
|||
+
|
|||
/* Pty allocated with _getpty gets broken if we do I_PUSH:es to it. */ |
|||
#if defined(HAVE__GETPTY) || defined(HAVE_OPENPTY) |
|||
#undef HAVE_DEV_PTMX |
|||
@@ -380,6 +384,7 @@
|
|||
tty_name, strerror(errno)); |
|||
} |
|||
|
|||
+ /*
|
|||
if (st.st_uid != pw->pw_uid || st.st_gid != gid) { |
|||
if (chown(tty_name, pw->pw_uid, gid) < 0) { |
|||
if (errno == EROFS && |
|||
@@ -409,4 +414,5 @@
|
|||
} |
|||
} |
|||
} |
|||
+ */
|
|||
} |
|||
diff -u -r ../dropbear-2013.62/svr-agentfwd.c ./svr-agentfwd.c
|
|||
--- ../dropbear-2013.62/svr-agentfwd.c 2013-12-03 14:39:15.000000000 +0100
|
|||
+++ ./svr-agentfwd.c 2014-01-05 21:21:37.930812382 +0100
|
|||
@@ -218,10 +218,12 @@
|
|||
/* drop to user privs to make the dir/file */ |
|||
uid = getuid(); |
|||
gid = getgid(); |
|||
+ /*
|
|||
if ((setegid(ses.authstate.pw_gid)) < 0 || |
|||
(seteuid(ses.authstate.pw_uid)) < 0) { |
|||
dropbear_exit("Failed to set euid"); |
|||
} |
|||
+ */
|
|||
|
|||
memset((void*)&addr, 0x0, sizeof(addr)); |
|||
addr.sun_family = AF_UNIX; |
|||
diff -u -r ../dropbear-2013.62/svr-chansession.c ./svr-chansession.c
|
|||
--- ../dropbear-2013.62/svr-chansession.c 2013-12-03 14:39:15.000000000 +0100
|
|||
+++ ./svr-chansession.c 2014-01-05 21:32:15.438797159 +0100
|
|||
@@ -874,6 +874,8 @@
|
|||
#endif |
|||
|
|||
/* clear environment */ |
|||
+ /* termux: do not clear environment on android */
|
|||
+#ifndef __ANDROID__
|
|||
/* if we're debugging using valgrind etc, we need to keep the LD_PRELOAD |
|||
* etc. This is hazardous, so should only be used for debugging. */ |
|||
#ifndef DEBUG_VALGRIND |
|||
@@ -886,6 +888,7 @@
|
|||
} |
|||
#endif /* HAVE_CLEARENV */ |
|||
#endif /* DEBUG_VALGRIND */ |
|||
+#endif /* __ANDROID__ */
|
|||
|
|||
/* We can only change uid/gid as root ... */ |
|||
if (getuid() == 0) { |
|||
@@ -911,12 +914,14 @@
|
|||
} |
|||
} |
|||
|
|||
+ /* termux: do not modify environment since we did not clean it */
|
|||
+#ifndef __ANDROID__
|
|||
/* set env vars */ |
|||
addnewvar("USER", ses.authstate.pw_name); |
|||
addnewvar("LOGNAME", ses.authstate.pw_name); |
|||
addnewvar("HOME", ses.authstate.pw_dir); |
|||
addnewvar("SHELL", get_user_shell()); |
|||
- addnewvar("PATH", DEFAULT_PATH);
|
|||
+#endif /* __ANDROID__ */
|
|||
if (chansess->term != NULL) { |
|||
addnewvar("TERM", chansess->term); |
|||
} |
@ -0,0 +1,28 @@ |
|||
diff -uNr dropbear-2018.76/sshpty.c dropbear-2018.76.mod/sshpty.c
|
|||
--- dropbear-2018.76/sshpty.c 2018-02-27 16:25:12.000000000 +0200
|
|||
+++ dropbear-2018.76.mod/sshpty.c 2018-04-21 13:45:06.703730641 +0300
|
|||
@@ -22,6 +22,10 @@
|
|||
#include "errno.h" |
|||
#include "sshpty.h" |
|||
|
|||
+#ifdef __ANDROID__
|
|||
+# define USE_DEV_PTMX 1
|
|||
+#endif
|
|||
+
|
|||
/* Pty allocated with _getpty gets broken if we do I_PUSH:es to it. */ |
|||
#if defined(HAVE__GETPTY) || defined(HAVE_OPENPTY) |
|||
#undef HAVE_DEV_PTMX |
|||
@@ -380,6 +384,7 @@
|
|||
tty_name, strerror(errno)); |
|||
} |
|||
|
|||
+ /*
|
|||
if (st.st_uid != pw->pw_uid || st.st_gid != gid) { |
|||
if (chown(tty_name, pw->pw_uid, gid) < 0) { |
|||
if (errno == EROFS && |
|||
@@ -409,4 +414,5 @@
|
|||
} |
|||
} |
|||
} |
|||
+ */
|
|||
} |
@ -0,0 +1,25 @@ |
|||
diff -uNr dropbear-2018.76/svr-agentfwd.c dropbear-2018.76.mod/svr-agentfwd.c
|
|||
--- dropbear-2018.76/svr-agentfwd.c 2018-02-27 16:25:12.000000000 +0200
|
|||
+++ dropbear-2018.76.mod/svr-agentfwd.c 2018-04-21 13:46:57.660403020 +0300
|
|||
@@ -41,7 +41,7 @@
|
|||
#include "listener.h" |
|||
#include "auth.h" |
|||
|
|||
-#define AGENTDIRPREFIX "/tmp/dropbear-"
|
|||
+#define AGENTDIRPREFIX "@TERMUX_PREFIX@/tmp/dropbear-"
|
|||
|
|||
static int send_msg_channel_open_agent(int fd); |
|||
static int bindagent(int fd, struct ChanSess * chansess); |
|||
@@ -218,10 +218,12 @@
|
|||
/* drop to user privs to make the dir/file */ |
|||
uid = getuid(); |
|||
gid = getgid(); |
|||
+ /*
|
|||
if ((setegid(ses.authstate.pw_gid)) < 0 || |
|||
(seteuid(ses.authstate.pw_uid)) < 0) { |
|||
dropbear_exit("Failed to set euid"); |
|||
} |
|||
+ */
|
|||
|
|||
memset((void*)&addr, 0x0, sizeof(addr)); |
|||
addr.sun_family = AF_UNIX; |
@ -0,0 +1,36 @@ |
|||
diff -uNr dropbear-2018.76/svr-chansession.c dropbear-2018.76.mod/svr-chansession.c
|
|||
--- dropbear-2018.76/svr-chansession.c 2018-02-27 16:25:12.000000000 +0200
|
|||
+++ dropbear-2018.76.mod/svr-chansession.c 2018-04-21 13:45:06.707063974 +0300
|
|||
@@ -919,6 +919,8 @@
|
|||
#endif |
|||
|
|||
/* clear environment */ |
|||
+ /* termux: do not clear environment on android */
|
|||
+#ifndef __ANDROID__
|
|||
/* if we're debugging using valgrind etc, we need to keep the LD_PRELOAD |
|||
* etc. This is hazardous, so should only be used for debugging. */ |
|||
#ifndef DEBUG_VALGRIND |
|||
@@ -931,6 +933,7 @@
|
|||
} |
|||
#endif /* HAVE_CLEARENV */ |
|||
#endif /* DEBUG_VALGRIND */ |
|||
+#endif /* __ANDROID__ */
|
|||
|
|||
/* We can only change uid/gid as root ... */ |
|||
if (getuid() == 0) { |
|||
@@ -956,12 +959,14 @@
|
|||
} |
|||
} |
|||
|
|||
+ /* termux: do not modify environment since we did not clean it */
|
|||
+#ifndef __ANDROID__
|
|||
/* set env vars */ |
|||
addnewvar("USER", ses.authstate.pw_name); |
|||
addnewvar("LOGNAME", ses.authstate.pw_name); |
|||
addnewvar("HOME", ses.authstate.pw_dir); |
|||
addnewvar("SHELL", get_user_shell()); |
|||
- addnewvar("PATH", DEFAULT_PATH);
|
|||
+#endif /* __ANDROID__ */
|
|||
if (chansess->term != NULL) { |
|||
addnewvar("TERM", chansess->term); |
|||
} |
@ -0,0 +1,12 @@ |
|||
diff -uNr dropbear-2018.76/sysoptions.h dropbear-2018.76.mod/sysoptions.h
|
|||
--- dropbear-2018.76/sysoptions.h 2018-02-27 16:25:12.000000000 +0200
|
|||
+++ dropbear-2018.76.mod/sysoptions.h 2018-04-21 13:48:41.227075019 +0300
|
|||
@@ -71,7 +71,7 @@
|
|||
|
|||
#define _PATH_TTY "/dev/tty" |
|||
|
|||
-#define _PATH_CP "/bin/cp"
|
|||
+#define _PATH_CP "@TERMUX_PREFIX@/bin/cp"
|
|||
|
|||
#define DROPBEAR_ESCAPE_CHAR '~' |
|||
|
Loading…
Reference in new issue