~mdw / termux-packages / blame
| Commit | Line | Data |
|---|---|---|
| 59f0d218 FF |
1 | diff -u -r ../dropbear-2013.62/cli-auth.c ./cli-auth.c |
| 2 | --- ../dropbear-2013.62/cli-auth.c 2013-12-03 14:39:15.000000000 +0100 | |
| 3 | +++ ./cli-auth.c 2014-01-05 21:21:37.926812382 +0100 | |
| 4 | @@ -32,6 +32,10 @@ | |
| 5 | #include "packet.h" | |
| 6 | #include "runopts.h" | |
| 7 | ||
| 8 | +char * getpass (const char *prompt) { | |
| 9 | + return ""; | |
| 10 | +} | |
| 11 | + | |
| 12 | void cli_authinitialise() { | |
| 13 | ||
| 14 | memset(&ses.authstate, 0, sizeof(ses.authstate)); | |
| 15 | #ifdef ENABLE_CLI_ANYTCPFWD | |
| 16 | diff -u -r ../dropbear-2013.62/options.h ./options.h | |
| 17 | --- ../dropbear-2013.62/options.h 2013-12-03 14:39:15.000000000 +0100 | |
| 18 | +++ ./options.h 2014-01-05 21:21:37.930812382 +0100 | |
| 19 | @@ -10,8 +10,10 @@ | |
| 20 | ||
| 21 | /* IMPORTANT: Many options will require "make clean" after changes */ | |
| 22 | + | |
| 23 | + | |
| 24 | ||
| 25 | #ifndef DROPBEAR_DEFPORT | |
| 26 | -#define DROPBEAR_DEFPORT "22" | |
| 27 | +#define DROPBEAR_DEFPORT "8022" | |
| 28 | #endif | |
| 29 | ||
| 30 | #ifndef DROPBEAR_DEFADDRESS | |
| 31 | @@ -21,13 +23,13 @@ | |
| 32 | ||
| 33 | /* Default hostkey paths - these can be specified on the command line */ | |
| 34 | #ifndef DSS_PRIV_FILENAME | |
| 35 | -#define DSS_PRIV_FILENAME "/etc/dropbear/dropbear_dss_host_key" | |
| 36 | +#define DSS_PRIV_FILENAME "@TERMUX_PREFIX@/etc/dropbear/dropbear_dss_host_key" | |
| 37 | #endif | |
| 38 | #ifndef RSA_PRIV_FILENAME | |
| 39 | -#define RSA_PRIV_FILENAME "/etc/dropbear/dropbear_rsa_host_key" | |
| 40 | +#define RSA_PRIV_FILENAME "@TERMUX_PREFIX@/etc/dropbear/dropbear_rsa_host_key" | |
| 41 | #endif | |
| 42 | #ifndef ECDSA_PRIV_FILENAME | |
| 43 | -#define ECDSA_PRIV_FILENAME "/etc/dropbear/dropbear_ecdsa_host_key" | |
| 44 | +#define ECDSA_PRIV_FILENAME "@TERMUX_PREFIX@/etc/dropbear/dropbear_ecdsa_host_key" | |
| 45 | #endif | |
| 46 | ||
| 47 | /* Set NON_INETD_MODE if you require daemon functionality (ie Dropbear listens | |
| 48 | @@ -41,7 +43,7 @@ | |
| 49 | * Both of these flags can be defined at once, don't compile without at least | |
| 50 | * one of them. */ | |
| 51 | #define NON_INETD_MODE | |
| 52 | -#define INETD_MODE | |
| 53 | +#undef INETD_MODE | |
| 54 | ||
| 55 | /* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is | |
| 56 | * perhaps 20% slower for pubkey operations (it is probably worth experimenting | |
| 57 | @@ -55,7 +57,7 @@ | |
| 58 | #define DROPBEAR_SMALL_CODE | |
| 59 | ||
| 60 | /* Enable X11 Forwarding - server only */ | |
| 61 | -#define ENABLE_X11FWD | |
| 62 | +#undef ENABLE_X11FWD | |
| 63 | ||
| 64 | /* Enable TCP Fowarding */ | |
| 65 | /* 'Local' is "-L" style (client listening port forwarded via server) | |
| 66 | @@ -179,7 +181,7 @@ | |
| 67 | ||
| 68 | /* The MOTD file path */ | |
| 69 | #ifndef MOTD_FILENAME | |
| 70 | -#define MOTD_FILENAME "/etc/motd" | |
| 71 | +#define MOTD_FILENAME "@TERMUX_PREFIX@/etc/motd" | |
| 72 | #endif | |
| 73 | ||
| 74 | /* Authentication Types - at least one required. | |
| 75 | @@ -192,7 +194,7 @@ | |
| 76 | * PAM challenge/response. | |
| 77 | * You can't enable both PASSWORD and PAM. */ | |
| 78 | ||
| 79 | -#define ENABLE_SVR_PASSWORD_AUTH | |
| 80 | +#undef ENABLE_SVR_PASSWORD_AUTH | |
| 81 | /* PAM requires ./configure --enable-pam */ | |
| 82 | /*#define ENABLE_SVR_PAM_AUTH */ | |
| 83 | #define ENABLE_SVR_PUBKEY_AUTH | |
| 84 | @@ -259,7 +261,7 @@ | |
| 85 | /* The default file to store the daemon's process ID, for shutdown | |
| 86 | scripts etc. This can be overridden with the -P flag */ | |
| 87 | #ifndef DROPBEAR_PIDFILE | |
| 88 | -#define DROPBEAR_PIDFILE "/var/run/dropbear.pid" | |
| 89 | +#define DROPBEAR_PIDFILE "@TERMUX_PREFIX@/var/run/dropbear.pid" | |
| 90 | #endif | |
| 91 | ||
| 92 | /* The command to invoke for xauth when using X11 forwarding. | |
| 93 | @@ -277,7 +279,7 @@ | |
| 94 | ||
| 95 | /* This is used by the scp binary when used as a client binary. If you're | |
| 96 | * not using the Dropbear client, you'll need to change it */ | |
| 97 | -#define _PATH_SSH_PROGRAM "/usr/bin/dbclient" | |
| 98 | +#define _PATH_SSH_PROGRAM "@TERMUX_PREFIX@/bin/dbclient" | |
| 99 | ||
| 100 | /* Whether to log commands executed by a client. This only logs the | |
| 101 | * (single) command sent to the server, not what a user did in a | |
| 102 | @@ -314,7 +316,7 @@ | |
| 103 | #define DEFAULT_IDLE_TIMEOUT 0 | |
| 104 | ||
| 105 | /* The default path. This will often get replaced by the shell */ | |
| 106 | -#define DEFAULT_PATH "/usr/bin:/bin" | |
| 107 | +#define DEFAULT_PATH "@TERMUX_PREFIX@:/system/bin" | |
| 108 | ||
| 109 | /* Some other defines (that mostly should be left alone) are defined | |
| 110 | * in sysoptions.h */ | |
| 111 | diff -u -r ../dropbear-2013.62/sshpty.c ./sshpty.c | |
| 112 | --- ../dropbear-2013.62/sshpty.c 2013-12-03 14:39:15.000000000 +0100 | |
| 113 | +++ ./sshpty.c 2014-01-05 21:21:37.930812382 +0100 | |
| 114 | @@ -22,6 +22,10 @@ | |
| 115 | #include "errno.h" | |
| 116 | #include "sshpty.h" | |
| 117 | ||
| 118 | +#ifdef __ANDROID__ | |
| 119 | +# define USE_DEV_PTMX 1 | |
| 120 | +#endif | |
| 121 | + | |
| 122 | /* Pty allocated with _getpty gets broken if we do I_PUSH:es to it. */ | |
| 123 | #if defined(HAVE__GETPTY) || defined(HAVE_OPENPTY) | |
| 124 | #undef HAVE_DEV_PTMX | |
| 125 | @@ -380,6 +384,7 @@ | |
| 126 | tty_name, strerror(errno)); | |
| 127 | } | |
| 128 | ||
| 129 | + /* | |
| 130 | if (st.st_uid != pw->pw_uid || st.st_gid != gid) { | |
| 131 | if (chown(tty_name, pw->pw_uid, gid) < 0) { | |
| 132 | if (errno == EROFS && | |
| 133 | @@ -409,4 +414,5 @@ | |
| 134 | } | |
| 135 | } | |
| 136 | } | |
| 137 | + */ | |
| 138 | } | |
| 139 | diff -u -r ../dropbear-2013.62/svr-agentfwd.c ./svr-agentfwd.c | |
| 140 | --- ../dropbear-2013.62/svr-agentfwd.c 2013-12-03 14:39:15.000000000 +0100 | |
| 141 | +++ ./svr-agentfwd.c 2014-01-05 21:21:37.930812382 +0100 | |
| 142 | @@ -218,10 +218,12 @@ | |
| 143 | /* drop to user privs to make the dir/file */ | |
| 144 | uid = getuid(); | |
| 145 | gid = getgid(); | |
| 146 | + /* | |
| 147 | if ((setegid(ses.authstate.pw_gid)) < 0 || | |
| 148 | (seteuid(ses.authstate.pw_uid)) < 0) { | |
| 149 | dropbear_exit("Failed to set euid"); | |
| 150 | } | |
| 151 | + */ | |
| 152 | ||
| 153 | memset((void*)&addr, 0x0, sizeof(addr)); | |
| 154 | addr.sun_family = AF_UNIX; | |
| 155 | diff -u -r ../dropbear-2013.62/svr-chansession.c ./svr-chansession.c | |
| 156 | --- ../dropbear-2013.62/svr-chansession.c 2013-12-03 14:39:15.000000000 +0100 | |
| 157 | +++ ./svr-chansession.c 2014-01-05 21:32:15.438797159 +0100 | |
| 158 | @@ -874,6 +874,8 @@ | |
| 159 | #endif | |
| 160 | ||
| 161 | /* clear environment */ | |
| 162 | + /* termux: do not clear environment on android */ | |
| 163 | +#ifndef __ANDROID__ | |
| 164 | /* if we're debugging using valgrind etc, we need to keep the LD_PRELOAD | |
| 165 | * etc. This is hazardous, so should only be used for debugging. */ | |
| 166 | #ifndef DEBUG_VALGRIND | |
| 167 | @@ -886,6 +888,7 @@ | |
| 168 | } | |
| 169 | #endif /* HAVE_CLEARENV */ | |
| 170 | #endif /* DEBUG_VALGRIND */ | |
| 171 | +#endif /* __ANDROID__ */ | |
| 172 | ||
| 173 | /* We can only change uid/gid as root ... */ | |
| 174 | if (getuid() == 0) { | |
| 175 | @@ -911,12 +914,14 @@ | |
| 176 | } | |
| 177 | } | |
| 178 | ||
| 179 | + /* termux: do not modify environment since we did not clean it */ | |
| 180 | +#ifndef __ANDROID__ | |
| 181 | /* set env vars */ | |
| 182 | addnewvar("USER", ses.authstate.pw_name); | |
| 183 | addnewvar("LOGNAME", ses.authstate.pw_name); | |
| 184 | addnewvar("HOME", ses.authstate.pw_dir); | |
| 185 | addnewvar("SHELL", get_user_shell()); | |
| 186 | - addnewvar("PATH", DEFAULT_PATH); | |
| 187 | +#endif /* __ANDROID__ */ | |
| 188 | if (chansess->term != NULL) { | |
| 189 | addnewvar("TERM", chansess->term); | |
| 190 | } |