dropbear: Update from 2018.76 to 2019.77

This commit is contained in:
Fredrik Fornwall 2019-03-25 00:02:09 +01:00
parent 92ed2b8c1f
commit 994d993472
6 changed files with 125 additions and 68 deletions

View File

@ -0,0 +1,52 @@
From 7bc6280613f5ab4ee86c14c779739070e5784dfe Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Sun, 24 Mar 2019 20:41:02 +0800
Subject: [PATCH] Fix regression where TTY modes weren't reset for client
---
cli-chansession.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/cli-chansession.c b/cli-chansession.c
index 8b72e279..cfd3401b 100644
--- a/cli-chansession.c
+++ b/cli-chansession.c
@@ -35,7 +35,7 @@
#include "chansession.h"
#include "agentfwd.h"
-static void cli_cleanupchansess(const struct Channel *channel);
+static void cli_closechansess(const struct Channel *channel);
static int cli_initchansess(struct Channel *channel);
static void cli_chansessreq(struct Channel *channel);
static void send_chansess_pty_req(const struct Channel *channel);
@@ -51,8 +51,8 @@ const struct ChanType clichansess = {
cli_initchansess, /* inithandler */
NULL, /* checkclosehandler */
cli_chansessreq, /* reqhandler */
- NULL, /* closehandler */
- cli_cleanupchansess, /* cleanup */
+ cli_closechansess, /* closehandler */
+ NULL, /* cleanup */
};
static void cli_chansessreq(struct Channel *channel) {
@@ -84,7 +84,7 @@ static void cli_chansessreq(struct Channel *channel) {
/* If the main session goes, we close it up */
-static void cli_cleanupchansess(const struct Channel *UNUSED(channel)) {
+static void cli_closechansess(const struct Channel *UNUSED(channel)) {
cli_tty_cleanup(); /* Restore tty modes etc */
/* This channel hasn't gone yet, so we have > 1 */
@@ -388,8 +388,8 @@ static const struct ChanType cli_chan_netcat = {
cli_init_netcat, /* inithandler */
NULL,
NULL,
+ cli_closechansess,
NULL,
- cli_cleanupchansess
};
void cli_send_netcat_request() {

View File

@ -1,10 +1,10 @@
TERMUX_PKG_HOMEPAGE=https://matt.ucc.asn.au/dropbear/dropbear.html
TERMUX_PKG_DESCRIPTION="Small SSH server and client"
TERMUX_PKG_LICENSE="BSD"
TERMUX_PKG_VERSION=2018.76
TERMUX_PKG_REVISION=6
TERMUX_PKG_VERSION=2019.77
TERMUX_PKG_REVISION=1
TERMUX_PKG_SHA256=d91f78ebe633be1d071fd1b7e5535b9693794048b019e9f4bea257e1992b458d
TERMUX_PKG_SRCURL=https://matt.ucc.asn.au/dropbear/releases/dropbear-${TERMUX_PKG_VERSION}.tar.bz2
TERMUX_PKG_SHA256=f2fb9167eca8cf93456a5fc1d4faf709902a3ab70dd44e352f3acbc3ffdaea65
TERMUX_PKG_DEPENDS="termux-auth"
TERMUX_PKG_CONFLICTS="openssh"
TERMUX_PKG_BUILD_IN_SRC="yes"

View File

@ -1,7 +1,24 @@
diff -uNr dropbear-2018.76/common-session.c dropbear-2018.76.mod/common-session.c
--- dropbear-2018.76/common-session.c 2018-02-27 16:25:10.000000000 +0200
+++ dropbear-2018.76.mod/common-session.c 2018-04-21 13:49:06.633742995 +0300
@@ -570,7 +570,7 @@
diff -u -r ../dropbear-2019.77/common-session.c ./common-session.c
--- ../dropbear-2019.77/common-session.c 2019-03-23 13:46:29.000000000 +0000
+++ ./common-session.c 2019-03-24 22:46:36.558021934 +0000
@@ -68,16 +68,6 @@
/* Sets it to lowdelay */
update_channel_prio();
-#if !DROPBEAR_SVR_MULTIUSER
- /* A sanity check to prevent an accidental configuration option
- leaving multiuser systems exposed */
- errno = 0;
- getuid();
- if (errno != ENOSYS) {
- dropbear_exit("Non-multiuser Dropbear requires a non-multiuser kernel");
- }
-#endif
-
now = monotonic_now();
ses.connect_time = now;
ses.last_packet_time_keepalive_recv = now;
@@ -600,7 +590,7 @@
const char* get_user_shell() {
/* an empty shell should be interpreted as "/bin/sh" */
if (ses.authstate.pw_shell[0] == '\0') {

View File

@ -1,6 +1,6 @@
diff -uNr dropbear-2018.76/default_options.h dropbear-2018.76.mod/default_options.h
--- dropbear-2018.76/default_options.h 2018-02-27 16:25:10.000000000 +0200
+++ dropbear-2018.76.mod/default_options.h 2018-10-21 14:11:01.838918022 +0300
diff -u -r ../dropbear-2019.77/default_options.h ./default_options.h
--- ../dropbear-2019.77/default_options.h 2019-03-23 13:46:29.000000000 +0000
+++ ./default_options.h 2019-03-24 22:37:39.284638278 +0000
@@ -13,15 +13,15 @@
IMPORTANT: Some options will require "make clean" after changes */
@ -39,7 +39,16 @@ diff -uNr dropbear-2018.76/default_options.h dropbear-2018.76.mod/default_option
/* Authentication Types - at least one required.
RFC Draft requires pubkey auth, and recommends password */
@@ -222,7 +222,7 @@
@@ -199,7 +199,7 @@
/* Set this to 0 if your system does not have multiple user support.
(Linux kernel CONFIG_MULTIUSER option)
The resulting binary will not run on a normal system. */
-#define DROPBEAR_SVR_MULTIUSER 1
+#define DROPBEAR_SVR_MULTIUSER 0
/* Client authentication options */
#define DROPBEAR_CLI_PASSWORD_AUTH 1
@@ -227,7 +227,7 @@
/* Set this to use PRNGD or EGD instead of /dev/urandom */
#define DROPBEAR_USE_PRNGD 0
@ -48,7 +57,7 @@ diff -uNr dropbear-2018.76/default_options.h dropbear-2018.76.mod/default_option
/* Specify the number of clients we will allow to be connected but
* not yet authenticated. After this limit, connections are rejected */
@@ -239,22 +239,22 @@
@@ -244,22 +244,22 @@
/* The default file to store the daemon's process ID, for shutdown
scripts etc. This can be overridden with the -P flag */
@ -75,7 +84,7 @@ diff -uNr dropbear-2018.76/default_options.h dropbear-2018.76.mod/default_option
/* Whether to log commands executed by a client. This only logs the
* (single) command sent to the server, not what a user did in a
@@ -290,6 +290,6 @@
@@ -295,6 +295,6 @@
#define DEFAULT_IDLE_TIMEOUT 0
/* The default path. This will often get replaced by the shell */

View File

@ -10,16 +10,3 @@ diff -uNr dropbear-2018.76/svr-agentfwd.c dropbear-2018.76.mod/svr-agentfwd.c
static int send_msg_channel_open_agent(int fd);
static int bindagent(int fd, struct ChanSess * chansess);
@@ -218,10 +218,12 @@
/* drop to user privs to make the dir/file */
uid = getuid();
gid = getgid();
+ /*
if ((setegid(ses.authstate.pw_gid)) < 0 ||
(seteuid(ses.authstate.pw_uid)) < 0) {
dropbear_exit("Failed to set euid");
}
+ */
memset((void*)&addr, 0x0, sizeof(addr));
addr.sun_family = AF_UNIX;

View File

@ -1,7 +1,7 @@
diff -uNr dropbear-2018.76/svr-authpasswd.c dropbear-2018.76.mod/svr-authpasswd.c
--- dropbear-2018.76/svr-authpasswd.c 2018-02-27 16:25:12.000000000 +0200
+++ dropbear-2018.76.mod/svr-authpasswd.c 2018-10-21 14:05:37.774231619 +0300
@@ -33,36 +33,13 @@
diff -u -r ../dropbear-2019.77/svr-authpasswd.c ./svr-authpasswd.c
--- ../dropbear-2019.77/svr-authpasswd.c 2019-03-23 13:46:29.000000000 +0000
+++ ./svr-authpasswd.c 2019-03-24 22:40:59.586161245 +0000
@@ -33,28 +33,13 @@
#if DROPBEAR_SVR_PASSWORD_AUTH
@ -21,37 +21,46 @@ diff -uNr dropbear-2018.76/svr-authpasswd.c dropbear-2018.76.mod/svr-authpasswd.
/* Process a password auth request, sending success or failure messages as
* appropriate */
void svr_auth_password() {
void svr_auth_password(int valid_user) {
-
- char * passwdcrypt = NULL; /* the crypt from /etc/passwd or /etc/shadow */
- char * testcrypt = NULL; /* crypt generated from the user's password sent */
- char * password;
- char * password = NULL;
- unsigned int passwordlen;
-
- unsigned int changepw;
-
- passwdcrypt = ses.authstate.pw_passwd;
-
-#ifdef DEBUG_HACKCRYPT
- /* debugging crypt for non-root testing with shadows */
- passwdcrypt = DEBUG_HACKCRYPT;
-#endif
+ char *password;
+ unsigned int changepw, passwordlen;
+ char *password;
+ unsigned int changepw, passwordlen;
/* check if client wants to change password */
changepw = buf_getbool(ses.payload);
@@ -72,43 +49,23 @@
return;
@@ -65,47 +50,9 @@
}
- password = buf_getstring(ses.payload, &passwordlen);
-
- /* the first bytes of passwdcrypt are the salt */
- testcrypt = crypt(password, passwdcrypt);
password = buf_getstring(ses.payload, &passwordlen);
- if (valid_user && passwordlen <= DROPBEAR_MAX_PASSWORD_LEN) {
- /* the first bytes of passwdcrypt are the salt */
- passwdcrypt = ses.authstate.pw_passwd;
- testcrypt = crypt(password, passwdcrypt);
- }
- m_burn(password, passwordlen);
- m_free(password);
-
- /* After we have got the payload contents we can exit if the username
- is invalid. Invalid users have already been logged. */
- if (!valid_user) {
- send_msg_userauth_failure(0, 1);
- return;
- }
-
- if (passwordlen > DROPBEAR_MAX_PASSWORD_LEN) {
- dropbear_log(LOG_WARNING,
- "Too-long password attempt for '%s' from %s",
- ses.authstate.pw_name,
- svr_ses.addrstring);
- send_msg_userauth_failure(0, 1);
- return;
- }
-
- if (testcrypt == NULL) {
- /* crypt() with an invalid salt like "!!" */
- dropbear_log(LOG_WARNING, "User account '%s' is locked",
@ -67,27 +76,10 @@ diff -uNr dropbear-2018.76/svr-authpasswd.c dropbear-2018.76.mod/svr-authpasswd.
- send_msg_userauth_failure(0, 1);
- return;
- }
+ password = buf_getstring(ses.payload, &passwordlen);
- if (constant_time_strcmp(testcrypt, passwdcrypt) == 0) {
+ /* check if password is valid */
+ if (termux_auth(ses.authstate.pw_name, password)) {
+ /* check if password is valid */
+ if (termux_auth(ses.authstate.pw_name, password)) {
/* successful authentication */
- dropbear_log(LOG_NOTICE,
+ dropbear_log(LOG_NOTICE,
dropbear_log(LOG_NOTICE,
"Password auth succeeded for '%s' from %s",
ses.authstate.pw_name,
svr_ses.addrstring);
send_msg_userauth_success();
- } else {
+ } else {
dropbear_log(LOG_WARNING,
"Bad password attempt for '%s' from %s",
ses.authstate.pw_name,
svr_ses.addrstring);
send_msg_userauth_failure(0, 1);
- }
+ }
}
#endif