sergiotarxz/termux-packages
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

new package: shellinabox

Browse Source 
Requested in https://github.com/termux/termux-packages/issues/934.
This commit is contained in:
Leonid Pliushch 2020-01-03 02:01:09 +02:00
parent 8462adbc70
commit 50006bd1f2
6 changed files with 222 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
packages/shellinabox/build.sh Normal file
View File

@ -0,0 +1,18 @@
TERMUX_PKG_HOMEPAGE=https://github.com/shellinabox/shellinabox
TERMUX_PKG_DESCRIPTION="Implementation of a web server that can export arbitrary command line tools to a web based terminal emulator"
TERMUX_PKG_LICENSE="GPL-2.0"
TERMUX_PKG_VERSION=2.20
TERMUX_PKG_SRCURL=https://github.com/shellinabox/shellinabox/archive/v$TERMUX_PKG_VERSION.tar.gz
TERMUX_PKG_SHA256=27a5ec6c3439f87aee238c47cc56e7357a6249e5ca9ed0f044f0057ef389d81e
TERMUX_PKG_DEPENDS="openssl, openssl-tool, termux-auth (>= 1.2), zlib"
TERMUX_PKG_EXTRA_CONFIGURE_ARGS="
--enable-login
--disable-pam
--disable-utmp
--disable-runtime-loading
"
termux_step_pre_configure() {
export LIBS="-lssl -lcrypto"
autoreconf -i
}

13
packages/shellinabox/shellinabox-2.20_Makefile.am.patch Normal file
View File

@ -0,0 +1,13 @@
diff -uNr shellinabox-2.20/Makefile.am shellinabox-2.20.mod/Makefile.am
--- shellinabox-2.20/Makefile.am 2016-11-09 21:40:33.000000000 +0200
+++ shellinabox-2.20.mod/Makefile.am 2020-01-03 01:28:00.029246370 +0200
@@ -208,8 +208,7 @@
@rm -f "$@"
ln "$?" "$@"
-shellinaboxd.1: ${top_srcdir}/shellinabox/shellinaboxd.man.in \
- ${top_srcdir}/config.h
+shellinaboxd.1: ${top_srcdir}/shellinabox/shellinaboxd.man.in
@src="${top_srcdir}/shellinabox/shellinaboxd.man.in"; \
echo preprocess "$$src" '>'"$@"; \
if sed -e 's/^#define \([^ ]*\).*/\1/' -e t -e d config.h | \

12
packages/shellinabox/shellinabox-2.20_libhttp_ssl.c.patch Normal file
View File

@ -0,0 +1,12 @@
diff -uNr shellinabox-2.20/libhttp/ssl.c shellinabox-2.20.mod/libhttp/ssl.c
--- shellinabox-2.20/libhttp/ssl.c 2016-11-09 21:40:33.000000000 +0200
+++ shellinabox-2.20.mod/libhttp/ssl.c 2020-01-03 01:52:35.381088443 +0200
@@ -398,7 +398,7 @@
check(NOINTR(dup2(fd, STDIN_FILENO)) == STDIN_FILENO);
check(NOINTR(close(fd)) == 0);
umask(077);
- check(setenv("PATH", "/usr/bin:/usr/sbin", 1) == 0);
+ check(setenv("PATH", "@TERMUX_PREFIX@/bin:@TERMUX_PREFIX@/bin/applets", 1) == 0);
char *subject;
check(subject = stringPrintf(NULL, "/CN=%s/", serverName));
if (execlp("openssl", "openssl", "req", "-x509", "-nodes", "-days", "7300",

87
packages/shellinabox/shellinabox-2.20_shellinabox_launcher.c.patch Normal file
View File

@ -0,0 +1,87 @@
diff -uNr shellinabox-2.20/shellinabox/launcher.c shellinabox-2.20.mod/shellinabox/launcher.c
--- shellinabox-2.20/shellinabox/launcher.c 2016-11-09 21:40:33.000000000 +0200
+++ shellinabox-2.20.mod/shellinabox/launcher.c 2020-01-03 01:31:45.220824399 +0200
@@ -676,10 +676,13 @@
// Temporarily regain privileges to update the utmp database
uid_t r_uid, e_uid, s_uid;
uid_t r_gid, e_gid, s_gid;
+
+#ifndef __ANDROID__
check(!getresuid(&r_uid, &e_uid, &s_uid));
check(!getresgid(&r_gid, &e_gid, &s_gid));
UNUSED_RETURN(setresuid(0, 0, 0));
UNUSED_RETURN(setresgid(0, 0, 0));
+#endif
if (enableUtmpLogging) {
setutxent();
@@ -693,10 +696,12 @@
#endif
}
+#ifndef __ANDROID__
// Switch back to the lower privileges
check(!setresgid(r_gid, e_gid, s_gid));
check(!setresuid(r_uid, e_uid, s_uid));
#endif
+#endif
NOINTR(close(utmp->pty));
}
@@ -1162,8 +1167,7 @@
if (service->useDefaultShell) {
check(!service->cmdline);
- service->cmdline = strdup(*pw->pw_shell ?
- pw->pw_shell : "/bin/sh");
+ service->cmdline = strdup("@TERMUX_PREFIX@/bin/bash");
}
if (restricted &&
@@ -1231,7 +1235,7 @@
(*environment)[numEnvVars++] = stringPrintf(NULL, "SHELL=%s", pw->pw_shell);
check(
(*environment)[numEnvVars++] = strdup(
- "PATH=/usr/local/bin:/usr/bin:/bin:/usr/games"));
+ "PATH=@TERMUX_PREFIX@/bin:@TERMUX_PREFIX@/bin/applets"));
(*environment)[numEnvVars++] = stringPrintf(NULL, "LOGNAME=%s",
service->user);
(*environment)[numEnvVars++] = stringPrintf(NULL, "USER=%s", service->user);
@@ -1566,10 +1570,13 @@
cfsetospeed(&tt, B38400);
tcsetattr(0, TCSAFLUSH, &tt);
+#ifndef __ANDROID__
// Assert root privileges in order to update utmp entry. We can only do that,
// if we have root permissions otherwise this fails.
UNUSED_RETURN(setresuid(0, 0, 0));
UNUSED_RETURN(setresgid(0, 0, 0));
+#endif
+
#ifdef HAVE_UTMPX_H
if (enableUtmpLogging) {
setutxent();
@@ -1641,9 +1648,11 @@
#endif
}
+#ifndef __ANDROID__
// Change user and group ids
check(!setresgid(service->gid, service->gid, service->gid));
check(!setresuid(service->uid, service->uid, service->uid));
+#endif
// Change working directory
if (service->useHomeDir) {
@@ -1682,10 +1691,7 @@
snprintf(remoteHost, 256,
(*realIP) ? "%s, %s" : "%s%s", peerName,
(*realIP) ? realIP : "");
- execle("/bin/login", "login", "-p", "-h", remoteHost,
- (void *)0, environment);
- execle("/usr/bin/login", "login", "-p", "-h", remoteHost,
- (void *)0, environment);
+ execle("@TERMUX_PREFIX@/bin/pwlogin", "pwlogin", (void *)0, environment);
} else {
// Launch user provied service
execService(width, height, service, peerName, realIP, environment, url);

57
packages/shellinabox/shellinabox-2.20_shellinabox_privileges.c.patch Normal file
View File

@ -0,0 +1,57 @@
diff -uNr shellinabox-2.20/shellinabox/privileges.c shellinabox-2.20.mod/shellinabox/privileges.c
--- shellinabox-2.20/shellinabox/privileges.c 2016-11-09 21:40:33.000000000 +0200
+++ shellinabox-2.20.mod/shellinabox/privileges.c 2020-01-03 01:34:35.341048035 +0200
@@ -95,6 +95,10 @@
#endif
static void removeGroupPrivileges(int showError) {
+#ifdef __ANDROID__
+ return;
+#endif
+
gid_t rg, eg, sg;
check(!getresgid(&rg, &eg, &sg));
@@ -128,6 +132,10 @@
}
void lowerPrivileges(void) {
+#ifdef __ANDROID__
+ return;
+#endif
+
uid_t r, e, g;
check(!getresuid(&r, &e, &g));
@@ -159,6 +167,10 @@
}
void dropPrivileges(void) {
+#ifdef __ANDROID__
+ return;
+#endif
+
uid_t r, e, s;
check(!getresuid(&r, &e, &s));
@@ -256,6 +268,10 @@
#endif
uid_t getUserId(const char *name) {
+#ifdef __ANDROID__
+ return getuid();
+#endif
+
struct passwd pwbuf, *pw;
char *buf;
#ifdef _SC_GETPW_R_SIZE_MAX
@@ -364,6 +380,9 @@
#endif
gid_t getGroupId(const char *name) {
+#if __ANDROID__
+ return getgid();
+#endif
static const long gr_max = 64 * 1024;
struct group grbuf, *gr;
char *temp;

35
packages/shellinabox/shellinabox-2.20_shellinabox_service.c.patch Normal file
View File

@ -0,0 +1,35 @@
diff -uNr shellinabox-2.20/shellinabox/service.c shellinabox-2.20.mod/shellinabox/service.c
--- shellinabox-2.20/shellinabox/service.c 2016-11-09 21:40:33.000000000 +0200
+++ shellinabox-2.20.mod/shellinabox/service.c 2020-01-03 01:47:07.845623596 +0200
@@ -94,9 +94,11 @@
// The next part of the argument is either the word 'LOGIN' or the
// application definition.
if (!strcmp(arg, "LOGIN")) {
+#ifndef __ANDROID__
if (geteuid()) {
fatal("[config] Must be \"root\" to invoke LOGIN service!");
}
+#endif
service->useLogin = 1;
service->useHomeDir = 0;
service->authUser = 0;
@@ -106,8 +108,7 @@
check(service->user = strdup("root"));
check(service->group = strdup("root"));
check(service->cwd = strdup("/"));
- check(service->cmdline = strdup(
- "/bin/login -p -h ${peer}"));
+ check(service->cmdline = strdup("@TERMUX_PREFIX@/bin/pwlogin"));
} else
#endif
if (!strcmp(arg, "SSH") || !strncmp(arg, "SSH:", 4)) {
@@ -175,8 +176,7 @@
"-oHostbasedAuthentication=no -oIdentitiesOnly=yes "
"-oKbdInteractiveAuthentication=yes -oPasswordAuthentication=yes "
"-oPreferredAuthentications=keyboard-interactive,password "
- "-oPubkeyAuthentication=no -oRhostsRSAAuthentication=no "
- "-oRSAAuthentication=no -oStrictHostKeyChecking=no -oTunnel=no "
+ "-oPubkeyAuthentication=no -oStrictHostKeyChecking=no -oTunnel=no "
"-oUserKnownHostsFile=/dev/null -oVerifyHostKeyDNS=no "
// beewoolie-2012.03.30: while it would be nice to disable this
// feature, we cannot be sure that it is available on the