| 1 | diff -u -r ../openssh-7.7p1/sshd.c ./sshd.c |
| 2 | --- ../openssh-7.7p1/sshd.c 2018-04-02 07:38:28.000000000 +0200 |
| 3 | +++ ./sshd.c 2018-04-03 23:48:49.605335389 +0200 |
| 4 | @@ -553,8 +553,10 @@ |
| 5 | debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid, |
| 6 | (u_int)privsep_pw->pw_gid); |
| 7 | gidset[0] = privsep_pw->pw_gid; |
| 8 | +#ifndef __ANDROID__ |
| 9 | if (setgroups(1, gidset) < 0) |
| 10 | fatal("setgroups: %.100s", strerror(errno)); |
| 11 | +#endif |
| 12 | permanently_set_uid(privsep_pw); |
| 13 | } |
| 14 | } |
| 15 | @@ -1447,7 +1449,8 @@ |
| 16 | saved_argc = ac; |
| 17 | rexec_argc = ac; |
| 18 | saved_argv = xcalloc(ac + 1, sizeof(*saved_argv)); |
| 19 | - for (i = 0; (int)i < ac; i++) |
| 20 | + saved_argv[0] = "@TERMUX_PREFIX@/bin/sshd"; |
| 21 | + for (i = 1; (int)i < ac; i++) |
| 22 | saved_argv[i] = xstrdup(av[i]); |
| 23 | saved_argv[i] = NULL; |
| 24 | |
| 25 | @@ -1457,8 +1460,10 @@ |
| 26 | av = saved_argv; |
| 27 | #endif |
| 28 | |
| 29 | +#ifndef __ANDROID__ |
| 30 | if (geteuid() == 0 && setgroups(0, NULL) == -1) |
| 31 | debug("setgroups(): %.200s", strerror(errno)); |
| 32 | +#endif |
| 33 | |
| 34 | /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ |
| 35 | sanitise_stdfd(); |
| 36 | @@ -1577,8 +1582,6 @@ |
| 37 | } |
| 38 | if (rexeced_flag || inetd_flag) |
| 39 | rexec_flag = 0; |
| 40 | - if (!test_flag && (rexec_flag && (av[0] == NULL || *av[0] != '/'))) |
| 41 | - fatal("sshd re-exec requires execution with an absolute path"); |
| 42 | if (rexeced_flag) |
| 43 | closefrom(REEXEC_MIN_FREE_FD); |
| 44 | else |
| 45 | @@ -1692,7 +1695,9 @@ |
| 46 | freezero(privsep_pw->pw_passwd, strlen(privsep_pw->pw_passwd)); |
| 47 | privsep_pw->pw_passwd = xstrdup("*"); |
| 48 | } |
| 49 | +#ifndef __ANDROID__ |
| 50 | endpwent(); |
| 51 | +#endif |
| 52 | |
| 53 | /* load host keys */ |
| 54 | sensitive_data.host_keys = xcalloc(options.num_host_key_files, |
| 55 | @@ -1842,8 +1847,10 @@ |
| 56 | * to create a file, and we can't control the code in every |
| 57 | * module which might be used). |
| 58 | */ |
| 59 | +#ifndef __ANDROID__ |
| 60 | if (setgroups(0, NULL) < 0) |
| 61 | debug("setgroups() failed: %.200s", strerror(errno)); |
| 62 | +#endif |
| 63 | |
| 64 | if (rexec_flag) { |
| 65 | if (rexec_argc < 0) |