191 lines
5.9 KiB
Diff
191 lines
5.9 KiB
Diff
|
diff -u -r ../dropbear-2013.62/cli-auth.c ./cli-auth.c
|
||
|
--- ../dropbear-2013.62/cli-auth.c 2013-12-03 14:39:15.000000000 +0100
|
||
|
+++ ./cli-auth.c 2014-01-05 21:21:37.926812382 +0100
|
||
|
@@ -32,6 +32,10 @@
|
||
|
#include "packet.h"
|
||
|
#include "runopts.h"
|
||
|
|
||
|
+char * getpass (const char *prompt) {
|
||
|
+ return "";
|
||
|
+}
|
||
|
+
|
||
|
void cli_authinitialise() {
|
||
|
|
||
|
memset(&ses.authstate, 0, sizeof(ses.authstate));
|
||
|
#ifdef ENABLE_CLI_ANYTCPFWD
|
||
|
diff -u -r ../dropbear-2013.62/options.h ./options.h
|
||
|
--- ../dropbear-2013.62/options.h 2013-12-03 14:39:15.000000000 +0100
|
||
|
+++ ./options.h 2014-01-05 21:21:37.930812382 +0100
|
||
|
@@ -10,8 +10,10 @@
|
||
|
|
||
|
/* IMPORTANT: Many options will require "make clean" after changes */
|
||
|
+
|
||
|
+
|
||
|
|
||
|
#ifndef DROPBEAR_DEFPORT
|
||
|
-#define DROPBEAR_DEFPORT "22"
|
||
|
+#define DROPBEAR_DEFPORT "8022"
|
||
|
#endif
|
||
|
|
||
|
#ifndef DROPBEAR_DEFADDRESS
|
||
|
@@ -21,13 +23,13 @@
|
||
|
|
||
|
/* Default hostkey paths - these can be specified on the command line */
|
||
|
#ifndef DSS_PRIV_FILENAME
|
||
|
-#define DSS_PRIV_FILENAME "/etc/dropbear/dropbear_dss_host_key"
|
||
|
+#define DSS_PRIV_FILENAME "@TERMUX_PREFIX@/etc/dropbear/dropbear_dss_host_key"
|
||
|
#endif
|
||
|
#ifndef RSA_PRIV_FILENAME
|
||
|
-#define RSA_PRIV_FILENAME "/etc/dropbear/dropbear_rsa_host_key"
|
||
|
+#define RSA_PRIV_FILENAME "@TERMUX_PREFIX@/etc/dropbear/dropbear_rsa_host_key"
|
||
|
#endif
|
||
|
#ifndef ECDSA_PRIV_FILENAME
|
||
|
-#define ECDSA_PRIV_FILENAME "/etc/dropbear/dropbear_ecdsa_host_key"
|
||
|
+#define ECDSA_PRIV_FILENAME "@TERMUX_PREFIX@/etc/dropbear/dropbear_ecdsa_host_key"
|
||
|
#endif
|
||
|
|
||
|
/* Set NON_INETD_MODE if you require daemon functionality (ie Dropbear listens
|
||
|
@@ -41,7 +43,7 @@
|
||
|
* Both of these flags can be defined at once, don't compile without at least
|
||
|
* one of them. */
|
||
|
#define NON_INETD_MODE
|
||
|
-#define INETD_MODE
|
||
|
+#undef INETD_MODE
|
||
|
|
||
|
/* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is
|
||
|
* perhaps 20% slower for pubkey operations (it is probably worth experimenting
|
||
|
@@ -55,7 +57,7 @@
|
||
|
#define DROPBEAR_SMALL_CODE
|
||
|
|
||
|
/* Enable X11 Forwarding - server only */
|
||
|
-#define ENABLE_X11FWD
|
||
|
+#undef ENABLE_X11FWD
|
||
|
|
||
|
/* Enable TCP Fowarding */
|
||
|
/* 'Local' is "-L" style (client listening port forwarded via server)
|
||
|
@@ -179,7 +181,7 @@
|
||
|
|
||
|
/* The MOTD file path */
|
||
|
#ifndef MOTD_FILENAME
|
||
|
-#define MOTD_FILENAME "/etc/motd"
|
||
|
+#define MOTD_FILENAME "@TERMUX_PREFIX@/etc/motd"
|
||
|
#endif
|
||
|
|
||
|
/* Authentication Types - at least one required.
|
||
|
@@ -192,7 +194,7 @@
|
||
|
* PAM challenge/response.
|
||
|
* You can't enable both PASSWORD and PAM. */
|
||
|
|
||
|
-#define ENABLE_SVR_PASSWORD_AUTH
|
||
|
+#undef ENABLE_SVR_PASSWORD_AUTH
|
||
|
/* PAM requires ./configure --enable-pam */
|
||
|
/*#define ENABLE_SVR_PAM_AUTH */
|
||
|
#define ENABLE_SVR_PUBKEY_AUTH
|
||
|
@@ -259,7 +261,7 @@
|
||
|
/* The default file to store the daemon's process ID, for shutdown
|
||
|
scripts etc. This can be overridden with the -P flag */
|
||
|
#ifndef DROPBEAR_PIDFILE
|
||
|
-#define DROPBEAR_PIDFILE "/var/run/dropbear.pid"
|
||
|
+#define DROPBEAR_PIDFILE "@TERMUX_PREFIX@/var/run/dropbear.pid"
|
||
|
#endif
|
||
|
|
||
|
/* The command to invoke for xauth when using X11 forwarding.
|
||
|
@@ -277,7 +279,7 @@
|
||
|
|
||
|
/* This is used by the scp binary when used as a client binary. If you're
|
||
|
* not using the Dropbear client, you'll need to change it */
|
||
|
-#define _PATH_SSH_PROGRAM "/usr/bin/dbclient"
|
||
|
+#define _PATH_SSH_PROGRAM "@TERMUX_PREFIX@/bin/dbclient"
|
||
|
|
||
|
/* Whether to log commands executed by a client. This only logs the
|
||
|
* (single) command sent to the server, not what a user did in a
|
||
|
@@ -314,7 +316,7 @@
|
||
|
#define DEFAULT_IDLE_TIMEOUT 0
|
||
|
|
||
|
/* The default path. This will often get replaced by the shell */
|
||
|
-#define DEFAULT_PATH "/usr/bin:/bin"
|
||
|
+#define DEFAULT_PATH "@TERMUX_PREFIX@:/system/bin"
|
||
|
|
||
|
/* Some other defines (that mostly should be left alone) are defined
|
||
|
* in sysoptions.h */
|
||
|
diff -u -r ../dropbear-2013.62/sshpty.c ./sshpty.c
|
||
|
--- ../dropbear-2013.62/sshpty.c 2013-12-03 14:39:15.000000000 +0100
|
||
|
+++ ./sshpty.c 2014-01-05 21:21:37.930812382 +0100
|
||
|
@@ -22,6 +22,10 @@
|
||
|
#include "errno.h"
|
||
|
#include "sshpty.h"
|
||
|
|
||
|
+#ifdef __ANDROID__
|
||
|
+# define USE_DEV_PTMX 1
|
||
|
+#endif
|
||
|
+
|
||
|
/* Pty allocated with _getpty gets broken if we do I_PUSH:es to it. */
|
||
|
#if defined(HAVE__GETPTY) || defined(HAVE_OPENPTY)
|
||
|
#undef HAVE_DEV_PTMX
|
||
|
@@ -380,6 +384,7 @@
|
||
|
tty_name, strerror(errno));
|
||
|
}
|
||
|
|
||
|
+ /*
|
||
|
if (st.st_uid != pw->pw_uid || st.st_gid != gid) {
|
||
|
if (chown(tty_name, pw->pw_uid, gid) < 0) {
|
||
|
if (errno == EROFS &&
|
||
|
@@ -409,4 +414,5 @@
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
+ */
|
||
|
}
|
||
|
diff -u -r ../dropbear-2013.62/svr-agentfwd.c ./svr-agentfwd.c
|
||
|
--- ../dropbear-2013.62/svr-agentfwd.c 2013-12-03 14:39:15.000000000 +0100
|
||
|
+++ ./svr-agentfwd.c 2014-01-05 21:21:37.930812382 +0100
|
||
|
@@ -218,10 +218,12 @@
|
||
|
/* drop to user privs to make the dir/file */
|
||
|
uid = getuid();
|
||
|
gid = getgid();
|
||
|
+ /*
|
||
|
if ((setegid(ses.authstate.pw_gid)) < 0 ||
|
||
|
(seteuid(ses.authstate.pw_uid)) < 0) {
|
||
|
dropbear_exit("Failed to set euid");
|
||
|
}
|
||
|
+ */
|
||
|
|
||
|
memset((void*)&addr, 0x0, sizeof(addr));
|
||
|
addr.sun_family = AF_UNIX;
|
||
|
diff -u -r ../dropbear-2013.62/svr-chansession.c ./svr-chansession.c
|
||
|
--- ../dropbear-2013.62/svr-chansession.c 2013-12-03 14:39:15.000000000 +0100
|
||
|
+++ ./svr-chansession.c 2014-01-05 21:32:15.438797159 +0100
|
||
|
@@ -874,6 +874,8 @@
|
||
|
#endif
|
||
|
|
||
|
/* clear environment */
|
||
|
+ /* termux: do not clear environment on android */
|
||
|
+#ifndef __ANDROID__
|
||
|
/* if we're debugging using valgrind etc, we need to keep the LD_PRELOAD
|
||
|
* etc. This is hazardous, so should only be used for debugging. */
|
||
|
#ifndef DEBUG_VALGRIND
|
||
|
@@ -886,6 +888,7 @@
|
||
|
}
|
||
|
#endif /* HAVE_CLEARENV */
|
||
|
#endif /* DEBUG_VALGRIND */
|
||
|
+#endif /* __ANDROID__ */
|
||
|
|
||
|
/* We can only change uid/gid as root ... */
|
||
|
if (getuid() == 0) {
|
||
|
@@ -911,12 +914,14 @@
|
||
|
}
|
||
|
}
|
||
|
|
||
|
+ /* termux: do not modify environment since we did not clean it */
|
||
|
+#ifndef __ANDROID__
|
||
|
/* set env vars */
|
||
|
addnewvar("USER", ses.authstate.pw_name);
|
||
|
addnewvar("LOGNAME", ses.authstate.pw_name);
|
||
|
addnewvar("HOME", ses.authstate.pw_dir);
|
||
|
addnewvar("SHELL", get_user_shell());
|
||
|
- addnewvar("PATH", DEFAULT_PATH);
|
||
|
+#endif /* __ANDROID__ */
|
||
|
if (chansess->term != NULL) {
|
||
|
addnewvar("TERM", chansess->term);
|
||
|
}
|