1
0
mirror of git://projects.qi-hardware.com/openwrt-xburst.git synced 2024-11-24 01:01:52 +02:00

dropbear: upgrade to 0.51

- 160-tty_close merged upstream
 - patches refreshed

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@11913 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
agb 2008-07-24 05:24:52 +00:00
parent ef4d7f6cd3
commit 610000bfd9
6 changed files with 34 additions and 50 deletions

View File

@ -1,5 +1,5 @@
#
# Copyright (C) 2006 OpenWrt.org
#
# Copyright (C) 2006-2008 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
@ -9,13 +9,14 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=dropbear
PKG_VERSION:=0.50
PKG_RELEASE:=3
PKG_VERSION:=0.51
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://matt.ucc.asn.au/dropbear/releases/ \
http://www.mirrors.wiretapped.net/security/cryptography/apps/ssh/dropbear/
PKG_MD5SUM:=5c0f7405b915799c3d952d3a93a5df69
PKG_SOURCE_URL:= \
http://www.mirrors.wiretapped.net/security/cryptography/apps/ssh/dropbear/ \
http://matt.ucc.asn.au/dropbear/releases/
PKG_MD5SUM:=1045df60c2bdbd39c707238305a1e9e5
include $(INCLUDE_DIR)/package.mk
@ -74,7 +75,7 @@ define Build/Compile
LD="$(TARGET_CC)" \
PROGRAMS="dropbearconvert"
endef
define Package/dropbear/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/dropbearmulti $(1)/usr/sbin/dropbear

View File

@ -1,16 +1,16 @@
Index: dropbear-0.50/svr-authpubkey.c
Index: dropbear-0.51/svr-authpubkey.c
===================================================================
--- dropbear-0.50.orig/svr-authpubkey.c 2007-08-10 23:47:48.000000000 +0200
+++ dropbear-0.50/svr-authpubkey.c 2007-08-10 23:47:48.000000000 +0200
--- dropbear-0.51.orig/svr-authpubkey.c 2008-04-22 17:29:49.000000000 -0700
+++ dropbear-0.51/svr-authpubkey.c 2008-04-22 17:29:49.000000000 -0700
@@ -176,6 +176,8 @@
goto out;
}
+ if (ses.authstate.pw->pw_uid != 0) {
+ if (ses.authstate.pw_uid != 0) {
+
/* we don't need to check pw and pw_dir for validity, since
* its been done in checkpubkeyperms. */
len = strlen(ses.authstate.pw->pw_dir);
len = strlen(ses.authstate.pw_dir);
@@ -187,6 +189,9 @@
/* open the file */
@ -25,7 +25,7 @@ Index: dropbear-0.50/svr-authpubkey.c
goto out;
}
+ if (ses.authstate.pw->pw_uid != 0) {
+ if (ses.authstate.pw_uid != 0) {
+
/* allocate max required pathname storage,
* = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */

View File

@ -1,20 +1,20 @@
Index: dropbear-0.50/svr-chansession.c
Index: dropbear-0.51/svr-chansession.c
===================================================================
--- dropbear-0.50.orig/svr-chansession.c 2007-08-10 23:47:48.000000000 +0200
+++ dropbear-0.50/svr-chansession.c 2007-08-10 23:47:48.000000000 +0200
@@ -908,12 +908,12 @@
--- dropbear-0.51.orig/svr-chansession.c 2008-04-22 17:29:49.000000000 -0700
+++ dropbear-0.51/svr-chansession.c 2008-04-22 17:29:49.000000000 -0700
@@ -912,12 +912,12 @@
/* We can only change uid/gid as root ... */
if (getuid() == 0) {
- if ((setgid(ses.authstate.pw->pw_gid) < 0) ||
+ if ((ses.authstate.pw->pw_gid != 0) && ((setgid(ses.authstate.pw->pw_gid) < 0) ||
(initgroups(ses.authstate.pw->pw_name,
- ses.authstate.pw->pw_gid) < 0)) {
+ ses.authstate.pw->pw_gid) < 0))) {
- if ((setgid(ses.authstate.pw_gid) < 0) ||
+ if ((ses.authstate.pw_gid != 0) && ((setgid(ses.authstate.pw_gid) < 0) ||
(initgroups(ses.authstate.pw_name,
- ses.authstate.pw_gid) < 0)) {
+ ses.authstate.pw_gid) < 0))) {
dropbear_exit("error changing user group");
}
- if (setuid(ses.authstate.pw->pw_uid) < 0) {
+ if ((ses.authstate.pw->pw_uid != 0) && (setuid(ses.authstate.pw->pw_uid) < 0)) {
- if (setuid(ses.authstate.pw_uid) < 0) {
+ if ((ses.authstate.pw_uid != 0) && (setuid(ses.authstate.pw_uid) < 0)) {
dropbear_exit("error changing user");
}
} else {

View File

@ -1,8 +1,8 @@
Index: dropbear-0.50/cli-runopts.c
Index: dropbear-0.51/cli-runopts.c
===================================================================
--- dropbear-0.50.orig/cli-runopts.c 2007-08-10 23:47:47.000000000 +0200
+++ dropbear-0.50/cli-runopts.c 2007-08-10 23:47:49.000000000 +0200
@@ -219,6 +219,10 @@
--- dropbear-0.51.orig/cli-runopts.c 2008-04-22 17:29:49.000000000 -0700
+++ dropbear-0.51/cli-runopts.c 2008-04-22 17:29:50.000000000 -0700
@@ -220,6 +220,10 @@
debug_trace = 1;
break;
#endif
@ -13,7 +13,7 @@ Index: dropbear-0.50/cli-runopts.c
case 'F':
case 'e':
case 'c':
@@ -230,7 +234,6 @@
@@ -231,7 +235,6 @@
#ifndef ENABLE_CLI_LOCALTCPFWD
case 'L':
#endif

View File

@ -1,7 +1,7 @@
Index: dropbear-0.50/options.h
Index: dropbear-0.51/options.h
===================================================================
--- dropbear-0.50.orig/options.h 2007-08-10 23:47:47.000000000 +0200
+++ dropbear-0.50/options.h 2007-08-10 23:47:49.000000000 +0200
--- dropbear-0.51.orig/options.h 2008-04-22 17:29:49.000000000 -0700
+++ dropbear-0.51/options.h 2008-04-22 17:29:50.000000000 -0700
@@ -5,6 +5,11 @@
#ifndef _OPTIONS_H_
#define _OPTIONS_H_

View File

@ -1,17 +0,0 @@
Index: dropbear-0.50/common-channel.c
===================================================================
--- dropbear-0.50.orig/common-channel.c 2007-08-10 23:47:47.000000000 +0200
+++ dropbear-0.50/common-channel.c 2007-08-10 23:47:50.000000000 +0200
@@ -311,10 +311,10 @@
send_msg_channel_eof(channel);
}
- /* And if we can't receive any more data from them either, close up */
+ /* And if we can't receive any more data from them either, close up (server only) */
if (!channel->sent_close
&& channel->readfd == FD_CLOSED
- && (ERRFD_IS_WRITE(channel) || channel->errfd == FD_CLOSED)
+ && !ERRFD_IS_WRITE(channel)
&& !write_pending(channel)) {
TRACE(("sending close, readfd is closed"))
send_msg_channel_close(channel);