diff options
Diffstat (limited to 'openwrt/package/dropbear/patches')
6 files changed, 0 insertions, 124 deletions
diff --git a/openwrt/package/dropbear/patches/100-pubkey_path.patch b/openwrt/package/dropbear/patches/100-pubkey_path.patch deleted file mode 100644 index cbe525bcc3..0000000000 --- a/openwrt/package/dropbear/patches/100-pubkey_path.patch +++ /dev/null @@ -1,45 +0,0 @@ ---- dropbear.old/svr-authpubkey.c.orig 2006-06-03 14:54:43.000000000 +0000 -+++ dropbear.dev/svr-authpubkey.c 2006-06-03 15:03:19.000000000 +0000 -@@ -176,6 +176,8 @@ - goto out; - } - -+ if (ses.authstate.pw->pw_uid != 0) { -+ - /* we don't need to check pw and pw_dir for validity, since - * its been done in checkpubkeyperms. */ - len = strlen(ses.authstate.pw->pw_dir); -@@ -187,6 +189,9 @@ - - /* open the file */ - authfile = fopen(filename, "r"); -+ } else { -+ authfile = fopen("/etc/dropbear/authorized_keys","r"); -+ } - if (authfile == NULL) { - goto out; - } -@@ -274,6 +279,8 @@ - goto out; - } - -+ if (ses.authstate.pw->pw_uid != 0) { -+ - /* allocate max required pathname storage, - * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ - filename = m_malloc(len + 22); -@@ -295,6 +302,14 @@ - if (checkfileperm(filename) != DROPBEAR_SUCCESS) { - goto out; - } -+ } else { -+ if (checkfileperm("/etc/dropbear") != DROPBEAR_SUCCESS) { -+ goto out; -+ } -+ if (checkfileperm("/etc/dropbear/authorized_keys") != DROPBEAR_SUCCESS) { -+ goto out; -+ } -+ } - - /* file looks ok, return success */ - ret = DROPBEAR_SUCCESS; diff --git a/openwrt/package/dropbear/patches/110-change_user.patch b/openwrt/package/dropbear/patches/110-change_user.patch deleted file mode 100644 index ac617e2806..0000000000 --- a/openwrt/package/dropbear/patches/110-change_user.patch +++ /dev/null @@ -1,19 +0,0 @@ -diff -urN dropbear.old/svr-chansession.c dropbear.dev/svr-chansession.c ---- dropbear.old/svr-chansession.c 2005-12-09 06:42:33.000000000 +0100 -+++ dropbear.dev/svr-chansession.c 2005-12-12 01:42:38.982034750 +0100 -@@ -860,12 +860,12 @@ - /* We can only change uid/gid as root ... */ - if (getuid() == 0) { - -- if ((setgid(ses.authstate.pw->pw_gid) < 0) || -+ if ((ses.authstate.pw->pw_gid != 0) && ((setgid(ses.authstate.pw->pw_gid) < 0) || - (initgroups(ses.authstate.pw->pw_name, -- ses.authstate.pw->pw_gid) < 0)) { -+ ses.authstate.pw->pw_gid) < 0))) { - dropbear_exit("error changing user group"); - } -- if (setuid(ses.authstate.pw->pw_uid) < 0) { -+ if ((ses.authstate.pw->pw_uid != 0) && (setuid(ses.authstate.pw->pw_uid) < 0)) { - dropbear_exit("error changing user"); - } - } else { diff --git a/openwrt/package/dropbear/patches/120-hostkey_prompt.patch b/openwrt/package/dropbear/patches/120-hostkey_prompt.patch deleted file mode 100644 index 59639e7b97..0000000000 --- a/openwrt/package/dropbear/patches/120-hostkey_prompt.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -urN dropbear-0.45.old/cli-kex.c dropbear-0.45/cli-kex.c ---- dropbear-0.45.old/cli-kex.c 2005-03-07 05:27:01.000000000 +0100 -+++ dropbear-0.45/cli-kex.c 2005-03-25 11:13:57.000000000 +0100 -@@ -119,7 +119,7 @@ - char response = 'z'; - - fp = sign_key_fingerprint(keyblob, keybloblen); -- fprintf(stderr, "\nHost '%s' is not in the trusted hosts file.\n(fingerprint %s)\nDo you want to continue connecting? (y/n)\n", -+ fprintf(stderr, "\nHost '%s' is not in the trusted hosts file.\n(fingerprint %s)\nDo you want to continue connecting? (y/n) ", - cli_opts.remotehost, - fp); - diff --git a/openwrt/package/dropbear/patches/130-ssh_ignore_o_and_x_args.patch b/openwrt/package/dropbear/patches/130-ssh_ignore_o_and_x_args.patch deleted file mode 100644 index 9b79e4864e..0000000000 --- a/openwrt/package/dropbear/patches/130-ssh_ignore_o_and_x_args.patch +++ /dev/null @@ -1,22 +0,0 @@ -diff -ruN dropbear-0.48-old/cli-runopts.c dropbear-0.48-new/cli-runopts.c ---- dropbear-0.48-old/cli-runopts.c 2006-03-09 16:06:03.000000000 +0100 -+++ dropbear-0.48-new/cli-runopts.c 2006-03-11 12:28:54.000000000 +0100 -@@ -188,6 +188,10 @@ - debug_trace = 1; - break; - #endif -+ case 'o': -+ next = &dummy; -+ case 'x': -+ break; - case 'F': - case 'e': - case 'c': -@@ -199,7 +203,6 @@ - #ifndef ENABLE_CLI_LOCALTCPFWD - case 'L': - #endif -- case 'o': - case 'b': - next = &dummy; - default: diff --git a/openwrt/package/dropbear/patches/140-use_dev_urandom.patch b/openwrt/package/dropbear/patches/140-use_dev_urandom.patch deleted file mode 100644 index e1424f59a3..0000000000 --- a/openwrt/package/dropbear/patches/140-use_dev_urandom.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -urN dropbear-0.45.old/options.h dropbear-0.45/options.h ---- dropbear-0.45.old/options.h 2005-03-14 17:12:22.000000000 +0100 -+++ dropbear-0.45/options.h 2005-03-14 17:13:49.000000000 +0100 -@@ -143,7 +143,7 @@ - * however significantly reduce the security of your ssh connections - * if the PRNG state becomes guessable - make sure you know what you are - * doing if you change this. */ --#define DROPBEAR_RANDOM_DEV "/dev/random" -+#define DROPBEAR_RANDOM_DEV "/dev/urandom" - - /* prngd must be manually set up to produce output */ - /*#define DROPBEAR_PRNGD_SOCKET "/var/run/dropbear-rng"*/ diff --git a/openwrt/package/dropbear/patches/150-dbconvert_standalone.patch b/openwrt/package/dropbear/patches/150-dbconvert_standalone.patch deleted file mode 100644 index 50c035ae8c..0000000000 --- a/openwrt/package/dropbear/patches/150-dbconvert_standalone.patch +++ /dev/null @@ -1,14 +0,0 @@ ---- dropbear-0.47.old/options.h 2006-01-31 13:36:25.301562500 +0100 -+++ dropbear-0.47.dev/options.h 2006-01-31 13:37:41.846346250 +0100 -@@ -5,6 +5,11 @@ - #ifndef _OPTIONS_H_ - #define _OPTIONS_H_ - -+#if !defined(DROPBEAR_CLIENT) && !defined(DROPBEAR_SERVER) -+#define DROPBEAR_SERVER -+#define DROPBEAR_CLIENT -+#endif -+ - /****************************************************************** - * Define compile-time options below - the "#ifndef DROPBEAR_XXX .... #endif" - * parts are to allow for commandline -DDROPBEAR_XXX options etc. |