mdw@git.distorted.org.uk Git - termux-packages/blob - packages/dropbear/dropbear.patch

   1 diff -u -r ../dropbear-2013.62/cli-auth.c ./cli-auth.c
   2 --- ../dropbear-2013.62/cli-auth.c      2013-12-03 14:39:15.000000000 +0100
   3 +++ ./cli-auth.c        2014-01-05 21:21:37.926812382 +0100
   4 @@ -32,6 +32,10 @@
   5  #include "packet.h"
   6  #include "runopts.h"
   7
   8 +char * getpass (const char *prompt) {
   9 +       return "";
  10 +}
  11 +
  12  void cli_authinitialise() {
  13
  14         memset(&ses.authstate, 0, sizeof(ses.authstate));
  15  #ifdef ENABLE_CLI_ANYTCPFWD
  16 diff -u -r ../dropbear-2013.62/options.h ./options.h
  17 --- ../dropbear-2013.62/options.h       2013-12-03 14:39:15.000000000 +0100
  18 +++ ./options.h 2014-01-05 21:21:37.930812382 +0100
  19 @@ -10,8 +10,10 @@
  20
  21  /* IMPORTANT: Many options will require "make clean" after changes */
  22 +
  23 +
  24
  25  #ifndef DROPBEAR_DEFPORT
  26 -#define DROPBEAR_DEFPORT "22"
  27 +#define DROPBEAR_DEFPORT "8022"
  28  #endif
  29
  30  #ifndef DROPBEAR_DEFADDRESS
  31 @@ -21,13 +23,13 @@
  32
  33  /* Default hostkey paths - these can be specified on the command line */
  34  #ifndef DSS_PRIV_FILENAME
  35 -#define DSS_PRIV_FILENAME "/etc/dropbear/dropbear_dss_host_key"
  36 +#define DSS_PRIV_FILENAME "@TERMUX_PREFIX@/etc/dropbear/dropbear_dss_host_key"
  37  #endif
  38  #ifndef RSA_PRIV_FILENAME
  39 -#define RSA_PRIV_FILENAME "/etc/dropbear/dropbear_rsa_host_key"
  40 +#define RSA_PRIV_FILENAME "@TERMUX_PREFIX@/etc/dropbear/dropbear_rsa_host_key"
  41  #endif
  42  #ifndef ECDSA_PRIV_FILENAME
  43 -#define ECDSA_PRIV_FILENAME "/etc/dropbear/dropbear_ecdsa_host_key"
  44 +#define ECDSA_PRIV_FILENAME "@TERMUX_PREFIX@/etc/dropbear/dropbear_ecdsa_host_key"
  45  #endif
  46
  47  /* Set NON_INETD_MODE if you require daemon functionality (ie Dropbear listens
  48 @@ -41,7 +43,7 @@
  49   * Both of these flags can be defined at once, don't compile without at least
  50   * one of them. */
  51  #define NON_INETD_MODE
  52 -#define INETD_MODE
  53 +#undef INETD_MODE
  54
  55  /* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is
  56   * perhaps 20% slower for pubkey operations (it is probably worth experimenting
  57 @@ -55,7 +57,7 @@
  58  #define DROPBEAR_SMALL_CODE
  59
  60  /* Enable X11 Forwarding - server only */
  61 -#define ENABLE_X11FWD
  62 +#undef ENABLE_X11FWD
  63
  64  /* Enable TCP Fowarding */
  65  /* 'Local' is "-L" style (client listening port forwarded via server)
  66 @@ -179,7 +181,7 @@
  67
  68  /* The MOTD file path */
  69  #ifndef MOTD_FILENAME
  70 -#define MOTD_FILENAME "/etc/motd"
  71 +#define MOTD_FILENAME "@TERMUX_PREFIX@/etc/motd"
  72  #endif
  73
  74  /* Authentication Types - at least one required.
  75 @@ -192,7 +194,7 @@
  76   * PAM challenge/response.
  77   * You can't enable both PASSWORD and PAM. */
  78
  79 -#define ENABLE_SVR_PASSWORD_AUTH
  80 +#undef ENABLE_SVR_PASSWORD_AUTH
  81  /* PAM requires ./configure --enable-pam */
  82  /*#define ENABLE_SVR_PAM_AUTH */
  83  #define ENABLE_SVR_PUBKEY_AUTH
  84 @@ -259,7 +261,7 @@
  85  /* The default file to store the daemon's process ID, for shutdown
  86     scripts etc. This can be overridden with the -P flag */
  87  #ifndef DROPBEAR_PIDFILE
  88 -#define DROPBEAR_PIDFILE "/var/run/dropbear.pid"
  89 +#define DROPBEAR_PIDFILE "@TERMUX_PREFIX@/var/run/dropbear.pid"
  90  #endif
  91
  92  /* The command to invoke for xauth when using X11 forwarding.
  93 @@ -277,7 +279,7 @@
  94
  95  /* This is used by the scp binary when used as a client binary. If you're
  96   * not using the Dropbear client, you'll need to change it */
  97 -#define _PATH_SSH_PROGRAM "/usr/bin/dbclient"
  98 +#define _PATH_SSH_PROGRAM "@TERMUX_PREFIX@/bin/dbclient"
  99
 100  /* Whether to log commands executed by a client. This only logs the
 101   * (single) command sent to the server, not what a user did in a
 102 @@ -314,7 +316,7 @@
 103  #define DEFAULT_IDLE_TIMEOUT 0
 104
 105  /* The default path. This will often get replaced by the shell */
 106 -#define DEFAULT_PATH "/usr/bin:/bin"
 107 +#define DEFAULT_PATH "@TERMUX_PREFIX@:/system/bin"
 108
 109  /* Some other defines (that mostly should be left alone) are defined
 110   * in sysoptions.h */
 111 diff -u -r ../dropbear-2013.62/sshpty.c ./sshpty.c
 112 --- ../dropbear-2013.62/sshpty.c        2013-12-03 14:39:15.000000000 +0100
 113 +++ ./sshpty.c  2014-01-05 21:21:37.930812382 +0100
 114 @@ -22,6 +22,10 @@
 115  #include "errno.h"
 116  #include "sshpty.h"
 117
 118 +#ifdef __ANDROID__
 119 +# define USE_DEV_PTMX 1
 120 +#endif
 121 +
 122  /* Pty allocated with _getpty gets broken if we do I_PUSH:es to it. */
 123  #if defined(HAVE__GETPTY) || defined(HAVE_OPENPTY)
 124  #undef HAVE_DEV_PTMX
 125 @@ -380,6 +384,7 @@
 126                                 tty_name, strerror(errno));
 127         }
 128
 129 +       /*
 130         if (st.st_uid != pw->pw_uid || st.st_gid != gid) {
 131                 if (chown(tty_name, pw->pw_uid, gid) < 0) {
 132                         if (errno == EROFS &&
 133 @@ -409,4 +414,5 @@
 134                         }
 135                 }
 136         }
 137 +       */
 138  }
 139 diff -u -r ../dropbear-2013.62/svr-agentfwd.c ./svr-agentfwd.c
 140 --- ../dropbear-2013.62/svr-agentfwd.c  2013-12-03 14:39:15.000000000 +0100
 141 +++ ./svr-agentfwd.c    2014-01-05 21:21:37.930812382 +0100
 142 @@ -218,10 +218,12 @@
 143         /* drop to user privs to make the dir/file */
 144         uid = getuid();
 145         gid = getgid();
 146 +       /*
 147         if ((setegid(ses.authstate.pw_gid)) < 0 ||
 148                 (seteuid(ses.authstate.pw_uid)) < 0) {
 149                 dropbear_exit("Failed to set euid");
 150         }
 151 +       */
 152
 153         memset((void*)&addr, 0x0, sizeof(addr));
 154         addr.sun_family = AF_UNIX;
 155 diff -u -r ../dropbear-2013.62/svr-chansession.c ./svr-chansession.c
 156 --- ../dropbear-2013.62/svr-chansession.c       2013-12-03 14:39:15.000000000 +0100
 157 +++ ./svr-chansession.c 2014-01-05 21:32:15.438797159 +0100
 158 @@ -874,6 +874,8 @@
 159  #endif
 160
 161         /* clear environment */
 162 +       /* termux: do not clear environment on android */
 163 +#ifndef __ANDROID__
 164         /* if we're debugging using valgrind etc, we need to keep the LD_PRELOAD
 165          * etc. This is hazardous, so should only be used for debugging. */
 166  #ifndef DEBUG_VALGRIND
 167 @@ -886,6 +888,7 @@
 168         }
 169  #endif /* HAVE_CLEARENV */
 170  #endif /* DEBUG_VALGRIND */
 171 +#endif /* __ANDROID__ */
 172
 173         /* We can only change uid/gid as root ... */
 174         if (getuid() == 0) {
 175 @@ -911,12 +914,14 @@
 176                 }
 177         }
 178
 179 +       /* termux: do not modify environment since we did not clean it */
 180 +#ifndef __ANDROID__
 181         /* set env vars */
 182         addnewvar("USER", ses.authstate.pw_name);
 183         addnewvar("LOGNAME", ses.authstate.pw_name);
 184         addnewvar("HOME", ses.authstate.pw_dir);
 185         addnewvar("SHELL", get_user_shell());
 186 -       addnewvar("PATH", DEFAULT_PATH);
 187 +#endif /* __ANDROID__ */
 188         if (chansess->term != NULL) {
 189                 addnewvar("TERM", chansess->term);
 190         }