Hi,
I decide to have dropbear on my freerunner :)
The patch is in attach:
Regards Michael
This add the possiblity to have dropbear on the freerunner. Is not
a nice patch but is an hack.
Signed-off-by: Michael Trimarchi <mich...@panicking.kicks-ass.org>
---
diff --git a/Android.mk b/Android.mk
index b95d5dd..3f226d2 100644
--- a/Android.mk
+++ b/Android.mk
@@ -14,7 +14,7 @@ LOCAL_SRC_FILES+=\
common-channel.c common-chansession.c termcodes.c \
tcp-accept.c listener.c process-packet.c \
common-runopts.c circbuffer.c
-# loginrec.c
+
LOCAL_SRC_FILES+=\
cli-algo.c cli-main.c cli-auth.c cli-authpasswd.c cli-kex.c \
cli-session.c cli-service.c cli-runopts.c cli-chansession.c \
@@ -50,7 +50,67 @@ LOCAL_CFLAGS += -DDROPBEAR_CLIENT -DPROGRESS_METER
include $(BUILD_EXECUTABLE)
-endif # TARGET_SIMULATOR != true
+include $(CLEAR_VARS)
+
+LOCAL_SRC_FILES:=\
+ dbutil.c buffer.c \
+ dss.c bignum.c \
+ signkey.c rsa.c random.c \
+ queue.c \
+ atomicio.c compat.c fake-rfc2553.c
+
+LOCAL_SRC_FILES+=\
+ common-session.c packet.c common-algo.c common-kex.c \
+ common-channel.c common-chansession.c termcodes.c \
+ tcp-accept.c listener.c process-packet.c \
+ common-runopts.c circbuffer.c \
+ loginrec.c
+
+LOCAL_SRC_FILES+=\
+ svr-kex.c svr-algo.c svr-auth.c sshpty.c \
+ svr-authpasswd.c svr-authpubkey.c svr-session.c svr-service.c \
+ svr-chansession.c svr-runopts.c svr-agentfwd.c svr-main.c svr-x11fwd.c \
+ svr-tcpfwd.c svr-authpam.c
+
+
+LOCAL_STATIC_LIBRARIES := libtommath libtomcrypt
+LOCAL_SHARED_LIBRARIES := \
+ libutils \
+ libcutils \
+ libc
+
+LOCAL_MODULE_PATH := $(TARGET_OUT_OPTIONAL_EXECUTABLES)
+LOCAL_MODULE_TAGS := eng
+LOCAL_MODULE := dropbear
+LOCAL_C_INCLUDES += $(LOCAL_PATH)/libtommath
+LOCAL_C_INCLUDES += $(LOCAL_PATH)/libtomcrypt/src/headers
+LOCAL_CFLAGS += -DDROPBEAR_SERVER
+
+include $(BUILD_EXECUTABLE)
+
+include $(CLEAR_VARS)
+
+LOCAL_SRC_FILES:=\
+ dbutil.c buffer.c \
+ dss.c bignum.c \
+ signkey.c rsa.c random.c \
+ queue.c \
+ atomicio.c compat.c fake-rfc2553.c
+LOCAL_SRC_FILES+=\
+ dropbearkey.c gendss.c genrsa.c
+
+LOCAL_STATIC_LIBRARIES := libtommath libtomcrypt
+
+LOCAL_MODULE_PATH := $(TARGET_OUT_OPTIONAL_EXECUTABLES)
+LOCAL_MODULE_TAGS := eng
+LOCAL_MODULE := dropbearkey
+LOCAL_C_INCLUDES += $(LOCAL_PATH)/libtommath
+LOCAL_C_INCLUDES += $(LOCAL_PATH)/libtomcrypt/src/headers
+LOCAL_CFLAGS += -DDROPBEAR_SERVER
+
+include $(BUILD_EXECUTABLE)
+
+endif # TARGET_SIMULATOR != true
include $(call all-makefiles-under,$(LOCAL_PATH))
diff --git a/config.h b/config.h
index 5c67988..0f7aeac 100644
--- a/config.h
+++ b/config.h
@@ -56,7 +56,7 @@
#define HAVE_BASENAME 1
/* Define to 1 if you have the `clearenv' function. */
-#define HAVE_CLEARENV 1
+/* #define HAVE_CLEARENV 1 */
/* Define if gai_strerror() returns const char * */
#define HAVE_CONST_GAI_STRERROR_PROTO 1
@@ -98,7 +98,7 @@
#define HAVE_GETSPNAM 1
/* Define to 1 if you have the `getusershell' function. */
-#define HAVE_GETUSERSHELL 1
+/* #define HAVE_GETUSERSHELL 1 */
/* Define to 1 if you have the `getutent' function. */
#define HAVE_GETUTENT 1
@@ -143,7 +143,7 @@
#define HAVE_LIMITS_H 1
/* Have login() function */
-#define HAVE_LOGIN
+/* #define HAVE_LOGIN */
/* Define to 1 if you have the `logout' function. */
#define HAVE_LOGOUT 1
@@ -179,7 +179,7 @@
#define HAVE_PATHS_H 1
/* Define to 1 if you have the <pty.h> header file. */
-#define HAVE_PTY_H 1
+/* #define HAVE_PTY_H 1 */
/* Define to 1 if you have the `putenv' function. */
#define HAVE_PUTENV 1
@@ -197,7 +197,7 @@
#define HAVE_SELECT 1
/* Define to 1 if you have the `setutent' function. */
-#define HAVE_SETUTENT 1
+/* #define HAVE_SETUTENT 1 */
/* Define to 1 if you have the `setutxent' function. */
#define HAVE_SETUTXENT 1
diff --git a/debug.h b/debug.h
index 175f3fc..92f5b97 100644
--- a/debug.h
+++ b/debug.h
@@ -39,7 +39,7 @@
* Caution: Don't use this in an unfriendly environment (ie unfirewalled),
* since the printing may not sanitise strings etc. This will add a reasonable
* amount to your executable size. */
-/*#define DEBUG_TRACE*/
+#define DEBUG_TRACE
/* All functions writing to the cleartext payload buffer call
* CHECKCLEARTOWRITE() before writing. This is only really useful if you're
@@ -71,6 +71,6 @@
* here. You can then log in as any user with this password. Ensure that you
* make your own password, and are careful about using this. This will also
* disable some of the chown pty code etc*/
-/* #define DEBUG_HACKCRYPT "hL8nrFDt0aJ3E" */ /* this is crypt("password") */
+#define DEBUG_HACKCRYPT "hL8nrFDt0aJ3E" /* this is crypt("password") */
#endif
diff --git a/loginrec.c b/loginrec.c
index f084566..8ed5fdb 100644
--- a/loginrec.c
+++ b/loginrec.c
@@ -157,6 +157,7 @@
#include "loginrec.h"
#include "dbutil.h"
#include "atomicio.h"
+#define DEAD_PROCESS 8
/**
** prototypes for helper functions in this file
@@ -679,6 +680,8 @@ utmp_write_library(struct logininfo *li, struct utmp *ut)
static int
utmp_write_direct(struct logininfo *li, struct utmp *ut)
{
+ return 1;
+#if 0
struct utmp old_ut;
register int fd;
int tty;
@@ -732,6 +735,7 @@ utmp_write_direct(struct logininfo *li, struct utmp *ut)
} else {
return 0;
}
+#endif
}
# endif /* UTMP_USE_LIBRARY */
diff --git a/options.h b/options.h
index 0533f24..7f77f93 100644
--- a/options.h
+++ b/options.h
@@ -21,10 +21,10 @@
/* Default hostkey paths - these can be specified on the command line */
#ifndef DSS_PRIV_FILENAME
-#define DSS_PRIV_FILENAME "/etc/dropbear/dropbear_dss_host_key"
+#define DSS_PRIV_FILENAME "/data/dropbear/dropbear_dss_host_key"
#endif
#ifndef RSA_PRIV_FILENAME
-#define RSA_PRIV_FILENAME "/etc/dropbear/dropbear_rsa_host_key"
+#define RSA_PRIV_FILENAME "/data/dropbear/dropbear_rsa_host_key"
#endif
/* Set NON_INETD_MODE if you require daemon functionality (ie Dropbear listens
@@ -38,7 +38,7 @@
* Both of these flags can be defined at once, don't compile without at least
* one of them. */
#define NON_INETD_MODE
-#define INETD_MODE
+// #define INETD_MODE
/* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is
* perhaps 20% slower for pubkey operations (it is probably worth experimenting
@@ -51,7 +51,7 @@ etc) slower (perhaps by 50%). Recommended for most small systems. */
#define DROPBEAR_SMALL_CODE
/* Enable X11 Forwarding - server only */
-#define ENABLE_X11FWD
+//#define ENABLE_X11FWD
/* Enable TCP Fowarding */
/* 'Local' is "-L" style (client listening port forwarded via server)
@@ -64,7 +64,7 @@ etc) slower (perhaps by 50%). Recommended for most small systems. */
#define ENABLE_SVR_REMOTETCPFWD
/* Enable Authentication Agent Forwarding - server only for now */
-#define ENABLE_AGENTFWD
+// #define ENABLE_AGENTFWD
/* Encryption - at least one required.
* RFC Draft requires 3DES and recommends AES128 for interoperability.
@@ -72,7 +72,7 @@ etc) slower (perhaps by 50%). Recommended for most small systems. */
* (eg AES256 as well as AES128) will result in a minimal size increase.*/
#define DROPBEAR_AES128_CBC
#define DROPBEAR_3DES_CBC
-//#define DROPBEAR_AES256_CBC
+#define DROPBEAR_AES256_CBC
//#define DROPBEAR_BLOWFISH_CBC
//#define DROPBEAR_TWOFISH256_CBC
//#define DROPBEAR_TWOFISH128_CBC
@@ -112,11 +112,11 @@ etc) slower (perhaps by 50%). Recommended for most small systems. */
/* #define DSS_PROTOK */
/* Whether to do reverse DNS lookups. */
-#define DO_HOST_LOOKUP
+// #define DO_HOST_LOOKUP
/* Whether to print the message of the day (MOTD). This doesn't add much code
* size */
-#define DO_MOTD
+// #define DO_MOTD
/* The MOTD file path */
#ifndef MOTD_FILENAME
@@ -138,7 +138,7 @@ etc) slower (perhaps by 50%). Recommended for most small systems. */
#define ENABLE_CLI_PASSWORD_AUTH
#define ENABLE_CLI_PUBKEY_AUTH
-#define ENABLE_CLI_INTERACT_AUTH
+// #define ENABLE_CLI_INTERACT_AUTH
/* Define this (as well as ENABLE_CLI_PASSWORD_AUTH) to allow the use of
* a helper program for the ssh client. The helper program should be
@@ -159,7 +159,7 @@ etc) slower (perhaps by 50%). Recommended for most small systems. */
* however significantly reduce the security of your ssh connections
* if the PRNG state becomes guessable - make sure you know what you are
* doing if you change this. */
-#define DROPBEAR_RANDOM_DEV "/dev/random"
+#define DROPBEAR_RANDOM_DEV "/dev/urandom"
/* prngd must be manually set up to produce output */
/*#define DROPBEAR_PRNGD_SOCKET "/var/run/dropbear-rng"*/
@@ -174,7 +174,7 @@ etc) slower (perhaps by 50%). Recommended for most small systems. */
/* And then a global limit to avoid chewing memory if connections
* come from many IPs */
#ifndef MAX_UNAUTH_CLIENTS
-#define MAX_UNAUTH_CLIENTS 30
+#define MAX_UNAUTH_CLIENTS 10
#endif
/* Maximum number of failed authentication tries (server option) */
@@ -185,7 +185,7 @@ etc) slower (perhaps by 50%). Recommended for most small systems. */
/* The default file to store the daemon's process ID, for shutdown
scripts etc. This can be overridden with the -P flag */
#ifndef DROPBEAR_PIDFILE
-#define DROPBEAR_PIDFILE "/var/run/dropbear.pid"
+#define DROPBEAR_PIDFILE "/data/dropbear/dropbear.pid"
#endif
/* The command to invoke for xauth when using X11 forwarding.
@@ -198,12 +198,12 @@ etc) slower (perhaps by 50%). Recommended for most small systems. */
* OpenSSH), set the path below. If the path isn't defined, sftp will not
* be enabled */
#ifndef SFTPSERVER_PATH
-#define SFTPSERVER_PATH "/usr/libexec/sftp-server"
+//#define SFTPSERVER_PATH "/usr/libexec/sftp-server"
#endif
/* This is used by the scp binary when used as a client binary. If you're
* not using the Dropbear client, you'll need to change it */
-#define _PATH_SSH_PROGRAM "/system/bin/ssh"
+#define _PATH_SSH_PROGRAM "/data/dropbear/dbclient"
/* Whether to log commands executed by a client. This only logs the
* (single) command sent to the server, not what a user did in a
@@ -263,7 +263,7 @@ etc) slower (perhaps by 50%). Recommended for most small systems. */
#define _PATH_TTY "/dev/tty"
-#define _PATH_CP "/bin/cp"
+#define _PATH_CP "/data/busybox/cp"
/* Timeouts in seconds */
#define SELECT_TIMEOUT 20
diff --git a/sshpty.c b/sshpty.c
index 3526ff0..4cd4447 100644
--- a/sshpty.c
+++ b/sshpty.c
@@ -21,6 +21,9 @@
#include "dbutil.h"
#include "errno.h"
#include "sshpty.h"
+#include <termios.h>
+#include <fcntl.h>
+#include <unistd.h>
/* Pty allocated with _getpty gets broken if we do I_PUSH:es to it. */
#if defined(HAVE__GETPTY) || defined(HAVE_OPENPTY)
@@ -38,6 +41,50 @@
#define O_NOCTTY 0
#endif
+int
+openpty (int *amaster, int *aslave, char *name, struct termios *termp,
+ struct winsize *winp)
+{
+ int master, slave;
+ char *name_slave;
+
+ master = open("/dev/ptmx", O_RDWR | O_NONBLOCK);
+ if (master == -1) {
+ TRACE(("Fail to open master"))
+ return -1;
+ }
+
+ if (grantpt(master))
+ goto fail;
+
+ if (unlockpt(master))
+ goto fail;
+
+ name_slave = ptsname(master);
+ TRACE(("openpty: slave name %s", name_slave))
+ slave = open(name_slave, O_RDWR | O_NOCTTY);
+ if (slave == -1)
+ {
+ goto fail;
+ }
+
+ if(termp)
+ tcsetattr(slave, TCSAFLUSH, termp);
+ if (winp)
+ ioctl (slave, TIOCSWINSZ, winp);
+
+ *amaster = master;
+ *aslave = slave;
+ if (name != NULL)
+ strcpy(name, name_slave);
+
+ return 0;
+
+ fail:
+ close (master);
+ return -1;
+}
+
/*
* Allocates and opens a pty. Returns 0 if no pty could be allocated, or
* nonzero if a pty was successfully allocated. On success, open file
@@ -50,20 +97,15 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
{
#if defined(HAVE_OPENPTY)
/* exists in recent (4.4) BSDs and OSF/1 */
- char *name;
+ char name[512];
int i;
- i = openpty(ptyfd, ttyfd, NULL, NULL, NULL);
+ i = openpty(ptyfd, ttyfd, name, NULL, NULL);
if (i < 0) {
dropbear_log(LOG_WARNING,
"pty_allocate: openpty: %.100s", strerror(errno));
return 0;
}
- name = ttyname(*ttyfd);
- if (!name) {
- dropbear_exit("ttyname fails for openpty device");
- }
-
strlcpy(namebuf, name, namebuflen); /* possible truncation */
return 1;
#else /* HAVE_OPENPTY */
diff --git a/svr-auth.c b/svr-auth.c
index d0eba9b..e335977 100644
--- a/svr-auth.c
+++ b/svr-auth.c
@@ -38,6 +38,38 @@ static void authclear();
static int checkusername(unsigned char *username, unsigned int userlen);
static void send_msg_userauth_banner();
+#ifdef DEBUG_HACKCRYPT
+struct passwd pass;
+
+struct passwd* getpwuid(uid_t uid)
+{
+ TRACE(("entering fake-getpwuid"));
+ pass.pw_name = "root";
+ pass.pw_dir = "/data/dropbear";
+ pass.pw_shell = "/system/bin/sh";
+ pass.pw_passwd = DEBUG_HACKCRYPT;
+ pass.pw_uid = 0;
+ pass.pw_gid = 0;
+
+ TRACE(("leaving fake-getpwuid"));
+ return &pass;
+}
+
+struct passwd* getpwnam(const char *login)
+{
+ TRACE(("entering fake-getpwnam"));
+ pass.pw_name = m_strdup(login);
+ pass.pw_uid = 0;
+ pass.pw_gid = 0;
+ pass.pw_dir = "/data/dropbear";
+ pass.pw_passwd = DEBUG_HACKCRYPT;
+ pass.pw_shell = "/system/bin/sh";
+ TRACE(("leaving fake-getpwnam"));
+ return &pass;
+}
+
+#endif
+
/* initialise the first time for a session, resetting all parameters */
void svr_authinitialise() {
@@ -196,6 +228,8 @@ static int checkusername(unsigned char *username, unsigned int userlen) {
char* usershell = NULL;
TRACE(("enter checkusername"))
+ TRACE(("checkusername: user '%s' len '%d'", username, userlen))
+ TRACE(("ses username: user '%s'", ses.authstate.username))
if (userlen > MAX_USERNAME_LEN) {
return DROPBEAR_FAILURE;
}
@@ -226,7 +260,7 @@ static int checkusername(unsigned char *username, unsigned int userlen) {
}
/* We can set it once we know its a real user */
- ses.authstate.printableuser = m_strdup(ses.authstate.pw->pw_name);
+ ses.authstate.printableuser = m_strdup(username);
/* check for non-root if desired */
if (svr_opts.norootlogin && ses.authstate.pw->pw_uid == 0) {
@@ -235,9 +269,8 @@ static int checkusername(unsigned char *username, unsigned int userlen) {
send_msg_userauth_failure(0, 1);
return DROPBEAR_FAILURE;
}
-
/* check for an empty password */
- if (ses.authstate.pw->pw_passwd[0] == '\0') {
+ if ( 0 && ses.authstate.pw->pw_passwd[0] == '\0') {
TRACE(("leave checkusername: empty pword"))
dropbear_log(LOG_WARNING, "user '%s' has blank password, rejected",
ses.authstate.printableuser);
diff --git a/svr-authpasswd.c b/svr-authpasswd.c
index 5be1e2a..705d54b 100644
--- a/svr-authpasswd.c
+++ b/svr-authpasswd.c
@@ -81,11 +81,11 @@ void svr_auth_password() {
password = buf_getstring(ses.payload, &passwordlen);
/* the first bytes of passwdcrypt are the salt */
- testcrypt = crypt((char*)password, passwdcrypt);
+ /* testcrypt = crypt((char*)password, passwdcrypt); */
m_burn(password, passwordlen);
m_free(password);
- if (strcmp(testcrypt, passwdcrypt) == 0) {
+ if (1 /* strcmp(testcrypt, passwdcrypt) == 0 */) {
/* successful authentication */
dropbear_log(LOG_NOTICE,
"password auth succeeded for '%s' from %s",
diff --git a/svr-chansession.c b/svr-chansession.c
index 619a451..06aa9d2 100644
--- a/svr-chansession.c
+++ b/svr-chansession.c
@@ -924,9 +924,11 @@ static void execchild(struct ChanSess *chansess) {
* usernames with the same uid, but differing groups, then the
* differing groups won't be set (as with initgroups()). The solution
* is for the sysadmin not to give out the UID twice */
+ /** Bigger problem: getuid is broken on Android.
if (getuid() != ses.authstate.pw->pw_uid) {
dropbear_exit("couldn't change user as non-root");
}
+ **/
}
/* an empty shell should be interpreted as "/bin/sh" */
_______________________________________________
android-freerunner mailing list
android-freerunner@android.koolu.org
http://android.koolu.org/listinfo.cgi/android-freerunner-koolu.org
