termux-packages/packages/dropbear/dropbear.patch

diff -u -r ../dropbear-2013.62/cli-auth.c ./cli-auth.c
--- ../dropbear-2013.62/cli-auth.c	2013-12-03 14:39:15.000000000 +0100
+++ ./cli-auth.c	2014-01-05 21:21:37.926812382 +0100
@@ -32,6 +32,10 @@
 #include "packet.h"
 #include "runopts.h"
 
+char * getpass (const char *prompt) {
+	return "";
+}
+
 void cli_authinitialise() {
 
 	memset(&ses.authstate, 0, sizeof(ses.authstate));
 #ifdef ENABLE_CLI_ANYTCPFWD
diff -u -r ../dropbear-2013.62/options.h ./options.h
--- ../dropbear-2013.62/options.h	2013-12-03 14:39:15.000000000 +0100
+++ ./options.h	2014-01-05 21:21:37.930812382 +0100
@@ -10,8 +10,10 @@
 
 /* IMPORTANT: Many options will require "make clean" after changes */
+
+
 
 #ifndef DROPBEAR_DEFPORT
-#define DROPBEAR_DEFPORT "22"
+#define DROPBEAR_DEFPORT "8022"
 #endif
 
 #ifndef DROPBEAR_DEFADDRESS
@@ -21,13 +23,13 @@
 
 /* Default hostkey paths - these can be specified on the command line */
 #ifndef DSS_PRIV_FILENAME
-#define DSS_PRIV_FILENAME "/etc/dropbear/dropbear_dss_host_key"
+#define DSS_PRIV_FILENAME "@TERMUX_PREFIX@/etc/dropbear/dropbear_dss_host_key"
 #endif
 #ifndef RSA_PRIV_FILENAME
-#define RSA_PRIV_FILENAME "/etc/dropbear/dropbear_rsa_host_key"
+#define RSA_PRIV_FILENAME "@TERMUX_PREFIX@/etc/dropbear/dropbear_rsa_host_key"
 #endif
 #ifndef ECDSA_PRIV_FILENAME
-#define ECDSA_PRIV_FILENAME "/etc/dropbear/dropbear_ecdsa_host_key"
+#define ECDSA_PRIV_FILENAME "@TERMUX_PREFIX@/etc/dropbear/dropbear_ecdsa_host_key"
 #endif
 
 /* Set NON_INETD_MODE if you require daemon functionality (ie Dropbear listens
@@ -41,7 +43,7 @@
  * Both of these flags can be defined at once, don't compile without at least
  * one of them. */
 #define NON_INETD_MODE
-#define INETD_MODE
+#undef INETD_MODE
 
 /* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is
  * perhaps 20% slower for pubkey operations (it is probably worth experimenting
@@ -55,7 +57,7 @@
 #define DROPBEAR_SMALL_CODE
 
 /* Enable X11 Forwarding - server only */
-#define ENABLE_X11FWD
+#undef ENABLE_X11FWD
 
 /* Enable TCP Fowarding */
 /* 'Local' is "-L" style (client listening port forwarded via server)
@@ -179,7 +181,7 @@
 
 /* The MOTD file path */
 #ifndef MOTD_FILENAME
-#define MOTD_FILENAME "/etc/motd"
+#define MOTD_FILENAME "@TERMUX_PREFIX@/etc/motd"
 #endif
 
 /* Authentication Types - at least one required.
@@ -192,7 +194,7 @@
  * PAM challenge/response.
  * You can't enable both PASSWORD and PAM. */
 
-#define ENABLE_SVR_PASSWORD_AUTH
+#undef ENABLE_SVR_PASSWORD_AUTH
 /* PAM requires ./configure --enable-pam */
 /*#define ENABLE_SVR_PAM_AUTH */
 #define ENABLE_SVR_PUBKEY_AUTH
@@ -259,7 +261,7 @@
 /* The default file to store the daemon's process ID, for shutdown
    scripts etc. This can be overridden with the -P flag */
 #ifndef DROPBEAR_PIDFILE
-#define DROPBEAR_PIDFILE "/var/run/dropbear.pid"
+#define DROPBEAR_PIDFILE "@TERMUX_PREFIX@/var/run/dropbear.pid"
 #endif
 
 /* The command to invoke for xauth when using X11 forwarding.
@@ -277,7 +279,7 @@
 
 /* This is used by the scp binary when used as a client binary. If you're
  * not using the Dropbear client, you'll need to change it */
-#define _PATH_SSH_PROGRAM "/usr/bin/dbclient"
+#define _PATH_SSH_PROGRAM "@TERMUX_PREFIX@/bin/dbclient"
 
 /* Whether to log commands executed by a client. This only logs the 
  * (single) command sent to the server, not what a user did in a 
@@ -314,7 +316,7 @@
 #define DEFAULT_IDLE_TIMEOUT 0
 
 /* The default path. This will often get replaced by the shell */
-#define DEFAULT_PATH "/usr/bin:/bin"
+#define DEFAULT_PATH "@TERMUX_PREFIX@:/system/bin"
 
 /* Some other defines (that mostly should be left alone) are defined
  * in sysoptions.h */
diff -u -r ../dropbear-2013.62/sshpty.c ./sshpty.c
--- ../dropbear-2013.62/sshpty.c	2013-12-03 14:39:15.000000000 +0100
+++ ./sshpty.c	2014-01-05 21:21:37.930812382 +0100
@@ -22,6 +22,10 @@
 #include "errno.h"
 #include "sshpty.h"
 
+#ifdef __ANDROID__
+# define USE_DEV_PTMX 1
+#endif
+
 /* Pty allocated with _getpty gets broken if we do I_PUSH:es to it. */
 #if defined(HAVE__GETPTY) || defined(HAVE_OPENPTY)
 #undef HAVE_DEV_PTMX
@@ -380,6 +384,7 @@
 				tty_name, strerror(errno));
 	}
 
+	/*
 	if (st.st_uid != pw->pw_uid || st.st_gid != gid) {
 		if (chown(tty_name, pw->pw_uid, gid) < 0) {
 			if (errno == EROFS &&
@@ -409,4 +414,5 @@
 			}
 		}
 	}
+	*/
 }
diff -u -r ../dropbear-2013.62/svr-agentfwd.c ./svr-agentfwd.c
--- ../dropbear-2013.62/svr-agentfwd.c	2013-12-03 14:39:15.000000000 +0100
+++ ./svr-agentfwd.c	2014-01-05 21:21:37.930812382 +0100
@@ -218,10 +218,12 @@
 	/* drop to user privs to make the dir/file */
 	uid = getuid();
 	gid = getgid();
+	/*
 	if ((setegid(ses.authstate.pw_gid)) < 0 ||
 		(seteuid(ses.authstate.pw_uid)) < 0) {
 		dropbear_exit("Failed to set euid");
 	}
+	*/
 
 	memset((void*)&addr, 0x0, sizeof(addr));
 	addr.sun_family = AF_UNIX;
diff -u -r ../dropbear-2013.62/svr-chansession.c ./svr-chansession.c
--- ../dropbear-2013.62/svr-chansession.c	2013-12-03 14:39:15.000000000 +0100
+++ ./svr-chansession.c	2014-01-05 21:32:15.438797159 +0100
@@ -874,6 +874,8 @@
 #endif
 
 	/* clear environment */
+	/* termux: do not clear environment on android */
+#ifndef __ANDROID__
 	/* if we're debugging using valgrind etc, we need to keep the LD_PRELOAD
 	 * etc. This is hazardous, so should only be used for debugging. */
 #ifndef DEBUG_VALGRIND
@@ -886,6 +888,7 @@
 	}
 #endif /* HAVE_CLEARENV */
 #endif /* DEBUG_VALGRIND */
+#endif /* __ANDROID__ */
 
 	/* We can only change uid/gid as root ... */
 	if (getuid() == 0) {
@@ -911,12 +914,14 @@
 		}
 	}
 
+	/* termux: do not modify environment since we did not clean it */
+#ifndef __ANDROID__
 	/* set env vars */
 	addnewvar("USER", ses.authstate.pw_name);
 	addnewvar("LOGNAME", ses.authstate.pw_name);
 	addnewvar("HOME", ses.authstate.pw_dir);
 	addnewvar("SHELL", get_user_shell());
-	addnewvar("PATH", DEFAULT_PATH);
+#endif /* __ANDROID__ */
 	if (chansess->term != NULL) {
 		addnewvar("TERM", chansess->term);
 	}