From 09e2dcc2559f6e0e6eea276bafc630bcdb1aff56 Mon Sep 17 00:00:00 2001 From: Andy Boyett Date: Thu, 24 Jul 2008 05:24:52 +0000 Subject: [PATCH] dropbear: upgrade to 0.51 - 160-tty_close merged upstream - patches refreshed SVN-Revision: 11913 --- package/dropbear/Makefile | 17 +++++++------- .../dropbear/patches/100-pubkey_path.patch | 12 +++++----- .../dropbear/patches/110-change_user.patch | 22 +++++++++---------- .../patches/130-ssh_ignore_o_and_x_args.patch | 10 ++++----- .../patches/150-dbconvert_standalone.patch | 6 ++--- package/dropbear/patches/160-tty_close.patch | 17 -------------- 6 files changed, 34 insertions(+), 50 deletions(-) delete mode 100644 package/dropbear/patches/160-tty_close.patch diff --git a/package/dropbear/Makefile b/package/dropbear/Makefile index 4baba925e8..bbea72fee4 100644 --- a/package/dropbear/Makefile +++ b/package/dropbear/Makefile @@ -1,5 +1,5 @@ -# -# Copyright (C) 2006 OpenWrt.org +# +# Copyright (C) 2006-2008 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -9,13 +9,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dropbear -PKG_VERSION:=0.50 -PKG_RELEASE:=3 +PKG_VERSION:=0.51 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=http://matt.ucc.asn.au/dropbear/releases/ \ - http://www.mirrors.wiretapped.net/security/cryptography/apps/ssh/dropbear/ -PKG_MD5SUM:=5c0f7405b915799c3d952d3a93a5df69 +PKG_SOURCE_URL:= \ + http://www.mirrors.wiretapped.net/security/cryptography/apps/ssh/dropbear/ \ + http://matt.ucc.asn.au/dropbear/releases/ +PKG_MD5SUM:=1045df60c2bdbd39c707238305a1e9e5 include $(INCLUDE_DIR)/package.mk @@ -74,7 +75,7 @@ define Build/Compile LD="$(TARGET_CC)" \ PROGRAMS="dropbearconvert" endef - + define Package/dropbear/install $(INSTALL_DIR) $(1)/usr/sbin $(INSTALL_BIN) $(PKG_BUILD_DIR)/dropbearmulti $(1)/usr/sbin/dropbear diff --git a/package/dropbear/patches/100-pubkey_path.patch b/package/dropbear/patches/100-pubkey_path.patch index 9c7fc19c43..ff6673488b 100644 --- a/package/dropbear/patches/100-pubkey_path.patch +++ b/package/dropbear/patches/100-pubkey_path.patch @@ -1,16 +1,16 @@ -Index: dropbear-0.50/svr-authpubkey.c +Index: dropbear-0.51/svr-authpubkey.c =================================================================== ---- dropbear-0.50.orig/svr-authpubkey.c 2007-08-10 23:47:48.000000000 +0200 -+++ dropbear-0.50/svr-authpubkey.c 2007-08-10 23:47:48.000000000 +0200 +--- dropbear-0.51.orig/svr-authpubkey.c 2008-04-22 17:29:49.000000000 -0700 ++++ dropbear-0.51/svr-authpubkey.c 2008-04-22 17:29:49.000000000 -0700 @@ -176,6 +176,8 @@ goto out; } -+ if (ses.authstate.pw->pw_uid != 0) { ++ if (ses.authstate.pw_uid != 0) { + /* we don't need to check pw and pw_dir for validity, since * its been done in checkpubkeyperms. */ - len = strlen(ses.authstate.pw->pw_dir); + len = strlen(ses.authstate.pw_dir); @@ -187,6 +189,9 @@ /* open the file */ @@ -25,7 +25,7 @@ Index: dropbear-0.50/svr-authpubkey.c goto out; } -+ if (ses.authstate.pw->pw_uid != 0) { ++ if (ses.authstate.pw_uid != 0) { + /* allocate max required pathname storage, * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ diff --git a/package/dropbear/patches/110-change_user.patch b/package/dropbear/patches/110-change_user.patch index 20bb41c2d2..4a0cdc5e75 100644 --- a/package/dropbear/patches/110-change_user.patch +++ b/package/dropbear/patches/110-change_user.patch @@ -1,20 +1,20 @@ -Index: dropbear-0.50/svr-chansession.c +Index: dropbear-0.51/svr-chansession.c =================================================================== ---- dropbear-0.50.orig/svr-chansession.c 2007-08-10 23:47:48.000000000 +0200 -+++ dropbear-0.50/svr-chansession.c 2007-08-10 23:47:48.000000000 +0200 -@@ -908,12 +908,12 @@ +--- dropbear-0.51.orig/svr-chansession.c 2008-04-22 17:29:49.000000000 -0700 ++++ dropbear-0.51/svr-chansession.c 2008-04-22 17:29:49.000000000 -0700 +@@ -912,12 +912,12 @@ /* We can only change uid/gid as root ... */ if (getuid() == 0) { -- if ((setgid(ses.authstate.pw->pw_gid) < 0) || -+ if ((ses.authstate.pw->pw_gid != 0) && ((setgid(ses.authstate.pw->pw_gid) < 0) || - (initgroups(ses.authstate.pw->pw_name, -- ses.authstate.pw->pw_gid) < 0)) { -+ ses.authstate.pw->pw_gid) < 0))) { +- if ((setgid(ses.authstate.pw_gid) < 0) || ++ if ((ses.authstate.pw_gid != 0) && ((setgid(ses.authstate.pw_gid) < 0) || + (initgroups(ses.authstate.pw_name, +- ses.authstate.pw_gid) < 0)) { ++ ses.authstate.pw_gid) < 0))) { dropbear_exit("error changing user group"); } -- if (setuid(ses.authstate.pw->pw_uid) < 0) { -+ if ((ses.authstate.pw->pw_uid != 0) && (setuid(ses.authstate.pw->pw_uid) < 0)) { +- if (setuid(ses.authstate.pw_uid) < 0) { ++ if ((ses.authstate.pw_uid != 0) && (setuid(ses.authstate.pw_uid) < 0)) { dropbear_exit("error changing user"); } } else { diff --git a/package/dropbear/patches/130-ssh_ignore_o_and_x_args.patch b/package/dropbear/patches/130-ssh_ignore_o_and_x_args.patch index 26b5b7f237..7f8b1816e9 100644 --- a/package/dropbear/patches/130-ssh_ignore_o_and_x_args.patch +++ b/package/dropbear/patches/130-ssh_ignore_o_and_x_args.patch @@ -1,8 +1,8 @@ -Index: dropbear-0.50/cli-runopts.c +Index: dropbear-0.51/cli-runopts.c =================================================================== ---- dropbear-0.50.orig/cli-runopts.c 2007-08-10 23:47:47.000000000 +0200 -+++ dropbear-0.50/cli-runopts.c 2007-08-10 23:47:49.000000000 +0200 -@@ -219,6 +219,10 @@ +--- dropbear-0.51.orig/cli-runopts.c 2008-04-22 17:29:49.000000000 -0700 ++++ dropbear-0.51/cli-runopts.c 2008-04-22 17:29:50.000000000 -0700 +@@ -220,6 +220,10 @@ debug_trace = 1; break; #endif @@ -13,7 +13,7 @@ Index: dropbear-0.50/cli-runopts.c case 'F': case 'e': case 'c': -@@ -230,7 +234,6 @@ +@@ -231,7 +235,6 @@ #ifndef ENABLE_CLI_LOCALTCPFWD case 'L': #endif diff --git a/package/dropbear/patches/150-dbconvert_standalone.patch b/package/dropbear/patches/150-dbconvert_standalone.patch index 54d74d3ac5..543902ef5a 100644 --- a/package/dropbear/patches/150-dbconvert_standalone.patch +++ b/package/dropbear/patches/150-dbconvert_standalone.patch @@ -1,7 +1,7 @@ -Index: dropbear-0.50/options.h +Index: dropbear-0.51/options.h =================================================================== ---- dropbear-0.50.orig/options.h 2007-08-10 23:47:47.000000000 +0200 -+++ dropbear-0.50/options.h 2007-08-10 23:47:49.000000000 +0200 +--- dropbear-0.51.orig/options.h 2008-04-22 17:29:49.000000000 -0700 ++++ dropbear-0.51/options.h 2008-04-22 17:29:50.000000000 -0700 @@ -5,6 +5,11 @@ #ifndef _OPTIONS_H_ #define _OPTIONS_H_ diff --git a/package/dropbear/patches/160-tty_close.patch b/package/dropbear/patches/160-tty_close.patch deleted file mode 100644 index 8c06e0f912..0000000000 --- a/package/dropbear/patches/160-tty_close.patch +++ /dev/null @@ -1,17 +0,0 @@ -Index: dropbear-0.50/common-channel.c -=================================================================== ---- dropbear-0.50.orig/common-channel.c 2007-08-10 23:47:47.000000000 +0200 -+++ dropbear-0.50/common-channel.c 2007-08-10 23:47:50.000000000 +0200 -@@ -311,10 +311,10 @@ - send_msg_channel_eof(channel); - } - -- /* And if we can't receive any more data from them either, close up */ -+ /* And if we can't receive any more data from them either, close up (server only) */ - if (!channel->sent_close - && channel->readfd == FD_CLOSED -- && (ERRFD_IS_WRITE(channel) || channel->errfd == FD_CLOSED) -+ && !ERRFD_IS_WRITE(channel) - && !write_pending(channel)) { - TRACE(("sending close, readfd is closed")) - send_msg_channel_close(channel); -- 2.30.2