dropbear: upgrade to 0.51 - 160-tty_close merged upstream - patches refreshed
SVN-Revision: 11913
This commit is contained in:
parent
f20dd0803c
commit
09e2dcc255
6 changed files with 34 additions and 50 deletions
|
@ -1,5 +1,5 @@
|
||||||
#
|
#
|
||||||
# Copyright (C) 2006 OpenWrt.org
|
# Copyright (C) 2006-2008 OpenWrt.org
|
||||||
#
|
#
|
||||||
# This is free software, licensed under the GNU General Public License v2.
|
# This is free software, licensed under the GNU General Public License v2.
|
||||||
# See /LICENSE for more information.
|
# See /LICENSE for more information.
|
||||||
|
@ -9,13 +9,14 @@
|
||||||
include $(TOPDIR)/rules.mk
|
include $(TOPDIR)/rules.mk
|
||||||
|
|
||||||
PKG_NAME:=dropbear
|
PKG_NAME:=dropbear
|
||||||
PKG_VERSION:=0.50
|
PKG_VERSION:=0.51
|
||||||
PKG_RELEASE:=3
|
PKG_RELEASE:=1
|
||||||
|
|
||||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||||
PKG_SOURCE_URL:=http://matt.ucc.asn.au/dropbear/releases/ \
|
PKG_SOURCE_URL:= \
|
||||||
http://www.mirrors.wiretapped.net/security/cryptography/apps/ssh/dropbear/
|
http://www.mirrors.wiretapped.net/security/cryptography/apps/ssh/dropbear/ \
|
||||||
PKG_MD5SUM:=5c0f7405b915799c3d952d3a93a5df69
|
http://matt.ucc.asn.au/dropbear/releases/
|
||||||
|
PKG_MD5SUM:=1045df60c2bdbd39c707238305a1e9e5
|
||||||
|
|
||||||
include $(INCLUDE_DIR)/package.mk
|
include $(INCLUDE_DIR)/package.mk
|
||||||
|
|
||||||
|
|
|
@ -1,16 +1,16 @@
|
||||||
Index: dropbear-0.50/svr-authpubkey.c
|
Index: dropbear-0.51/svr-authpubkey.c
|
||||||
===================================================================
|
===================================================================
|
||||||
--- dropbear-0.50.orig/svr-authpubkey.c 2007-08-10 23:47:48.000000000 +0200
|
--- dropbear-0.51.orig/svr-authpubkey.c 2008-04-22 17:29:49.000000000 -0700
|
||||||
+++ dropbear-0.50/svr-authpubkey.c 2007-08-10 23:47:48.000000000 +0200
|
+++ dropbear-0.51/svr-authpubkey.c 2008-04-22 17:29:49.000000000 -0700
|
||||||
@@ -176,6 +176,8 @@
|
@@ -176,6 +176,8 @@
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
+ if (ses.authstate.pw->pw_uid != 0) {
|
+ if (ses.authstate.pw_uid != 0) {
|
||||||
+
|
+
|
||||||
/* we don't need to check pw and pw_dir for validity, since
|
/* we don't need to check pw and pw_dir for validity, since
|
||||||
* its been done in checkpubkeyperms. */
|
* its been done in checkpubkeyperms. */
|
||||||
len = strlen(ses.authstate.pw->pw_dir);
|
len = strlen(ses.authstate.pw_dir);
|
||||||
@@ -187,6 +189,9 @@
|
@@ -187,6 +189,9 @@
|
||||||
|
|
||||||
/* open the file */
|
/* open the file */
|
||||||
|
@ -25,7 +25,7 @@ Index: dropbear-0.50/svr-authpubkey.c
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
+ if (ses.authstate.pw->pw_uid != 0) {
|
+ if (ses.authstate.pw_uid != 0) {
|
||||||
+
|
+
|
||||||
/* allocate max required pathname storage,
|
/* allocate max required pathname storage,
|
||||||
* = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
|
* = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
|
||||||
|
|
|
@ -1,20 +1,20 @@
|
||||||
Index: dropbear-0.50/svr-chansession.c
|
Index: dropbear-0.51/svr-chansession.c
|
||||||
===================================================================
|
===================================================================
|
||||||
--- dropbear-0.50.orig/svr-chansession.c 2007-08-10 23:47:48.000000000 +0200
|
--- dropbear-0.51.orig/svr-chansession.c 2008-04-22 17:29:49.000000000 -0700
|
||||||
+++ dropbear-0.50/svr-chansession.c 2007-08-10 23:47:48.000000000 +0200
|
+++ dropbear-0.51/svr-chansession.c 2008-04-22 17:29:49.000000000 -0700
|
||||||
@@ -908,12 +908,12 @@
|
@@ -912,12 +912,12 @@
|
||||||
/* We can only change uid/gid as root ... */
|
/* We can only change uid/gid as root ... */
|
||||||
if (getuid() == 0) {
|
if (getuid() == 0) {
|
||||||
|
|
||||||
- if ((setgid(ses.authstate.pw->pw_gid) < 0) ||
|
- if ((setgid(ses.authstate.pw_gid) < 0) ||
|
||||||
+ if ((ses.authstate.pw->pw_gid != 0) && ((setgid(ses.authstate.pw->pw_gid) < 0) ||
|
+ if ((ses.authstate.pw_gid != 0) && ((setgid(ses.authstate.pw_gid) < 0) ||
|
||||||
(initgroups(ses.authstate.pw->pw_name,
|
(initgroups(ses.authstate.pw_name,
|
||||||
- ses.authstate.pw->pw_gid) < 0)) {
|
- ses.authstate.pw_gid) < 0)) {
|
||||||
+ ses.authstate.pw->pw_gid) < 0))) {
|
+ ses.authstate.pw_gid) < 0))) {
|
||||||
dropbear_exit("error changing user group");
|
dropbear_exit("error changing user group");
|
||||||
}
|
}
|
||||||
- if (setuid(ses.authstate.pw->pw_uid) < 0) {
|
- if (setuid(ses.authstate.pw_uid) < 0) {
|
||||||
+ if ((ses.authstate.pw->pw_uid != 0) && (setuid(ses.authstate.pw->pw_uid) < 0)) {
|
+ if ((ses.authstate.pw_uid != 0) && (setuid(ses.authstate.pw_uid) < 0)) {
|
||||||
dropbear_exit("error changing user");
|
dropbear_exit("error changing user");
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
Index: dropbear-0.50/cli-runopts.c
|
Index: dropbear-0.51/cli-runopts.c
|
||||||
===================================================================
|
===================================================================
|
||||||
--- dropbear-0.50.orig/cli-runopts.c 2007-08-10 23:47:47.000000000 +0200
|
--- dropbear-0.51.orig/cli-runopts.c 2008-04-22 17:29:49.000000000 -0700
|
||||||
+++ dropbear-0.50/cli-runopts.c 2007-08-10 23:47:49.000000000 +0200
|
+++ dropbear-0.51/cli-runopts.c 2008-04-22 17:29:50.000000000 -0700
|
||||||
@@ -219,6 +219,10 @@
|
@@ -220,6 +220,10 @@
|
||||||
debug_trace = 1;
|
debug_trace = 1;
|
||||||
break;
|
break;
|
||||||
#endif
|
#endif
|
||||||
|
@ -13,7 +13,7 @@ Index: dropbear-0.50/cli-runopts.c
|
||||||
case 'F':
|
case 'F':
|
||||||
case 'e':
|
case 'e':
|
||||||
case 'c':
|
case 'c':
|
||||||
@@ -230,7 +234,6 @@
|
@@ -231,7 +235,6 @@
|
||||||
#ifndef ENABLE_CLI_LOCALTCPFWD
|
#ifndef ENABLE_CLI_LOCALTCPFWD
|
||||||
case 'L':
|
case 'L':
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
Index: dropbear-0.50/options.h
|
Index: dropbear-0.51/options.h
|
||||||
===================================================================
|
===================================================================
|
||||||
--- dropbear-0.50.orig/options.h 2007-08-10 23:47:47.000000000 +0200
|
--- dropbear-0.51.orig/options.h 2008-04-22 17:29:49.000000000 -0700
|
||||||
+++ dropbear-0.50/options.h 2007-08-10 23:47:49.000000000 +0200
|
+++ dropbear-0.51/options.h 2008-04-22 17:29:50.000000000 -0700
|
||||||
@@ -5,6 +5,11 @@
|
@@ -5,6 +5,11 @@
|
||||||
#ifndef _OPTIONS_H_
|
#ifndef _OPTIONS_H_
|
||||||
#define _OPTIONS_H_
|
#define _OPTIONS_H_
|
||||||
|
|
|
@ -1,17 +0,0 @@
|
||||||
Index: dropbear-0.50/common-channel.c
|
|
||||||
===================================================================
|
|
||||||
--- dropbear-0.50.orig/common-channel.c 2007-08-10 23:47:47.000000000 +0200
|
|
||||||
+++ dropbear-0.50/common-channel.c 2007-08-10 23:47:50.000000000 +0200
|
|
||||||
@@ -311,10 +311,10 @@
|
|
||||||
send_msg_channel_eof(channel);
|
|
||||||
}
|
|
||||||
|
|
||||||
- /* And if we can't receive any more data from them either, close up */
|
|
||||||
+ /* And if we can't receive any more data from them either, close up (server only) */
|
|
||||||
if (!channel->sent_close
|
|
||||||
&& channel->readfd == FD_CLOSED
|
|
||||||
- && (ERRFD_IS_WRITE(channel) || channel->errfd == FD_CLOSED)
|
|
||||||
+ && !ERRFD_IS_WRITE(channel)
|
|
||||||
&& !write_pending(channel)) {
|
|
||||||
TRACE(("sending close, readfd is closed"))
|
|
||||||
send_msg_channel_close(channel);
|
|
Loading…
Reference in a new issue