From bcfd578c6d587a7512d4edb16791cd51804817bd Mon Sep 17 00:00:00 2001
From: nbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Date: Tue, 13 Dec 2005 19:15:43 +0000
Subject: [PATCH] update dropbear to 0.47 (adds keyboard-interactive auth,
 fixes a potential security issue, fixes #59)

git-svn-id: svn://svn.openwrt.org/openwrt/trunk/openwrt@2660 3c298f89-4303-0410-b956-a3cf2f4a3e73
---
 package/dropbear/Config.in                    |  5 +-
 package/dropbear/Makefile                     |  4 +-
 .../dropbear/patches/100-pubkey_path.patch    | 89 +++++++++++++++++++
 ...hange-user.patch => 110-change_user.patch} |  6 +-
 ...-prompt.patch => 120-hostkey_prompt.patch} |  0
 ...ument-fix.patch => 130-scp_argument.patch} |  0
 ...random.patch => 140-use_dev_urandom.patch} |  0
 package/dropbear/patches/authpubkey.patch     | 73 ---------------
 8 files changed, 96 insertions(+), 81 deletions(-)
 create mode 100644 package/dropbear/patches/100-pubkey_path.patch
 rename package/dropbear/patches/{change-user.patch => 110-change_user.patch} (71%)
 rename package/dropbear/patches/{hostkey-prompt.patch => 120-hostkey_prompt.patch} (100%)
 rename package/dropbear/patches/{scp-argument-fix.patch => 130-scp_argument.patch} (100%)
 rename package/dropbear/patches/{use-dev-urandom.patch => 140-use_dev_urandom.patch} (100%)
 delete mode 100644 package/dropbear/patches/authpubkey.patch

diff --git a/package/dropbear/Config.in b/package/dropbear/Config.in
index 0c4b2f452..54d7284ee 100644
--- a/package/dropbear/Config.in
+++ b/package/dropbear/Config.in
@@ -1,10 +1,9 @@
 config BR2_PACKAGE_DROPBEAR
-	prompt "dropbear.......................... Small SSH 2 client/server"
-	tristate
+	tristate "dropbear - Small SSH 2 client/server"
 	default y
 	select BR2_PACKAGE_ZLIB
 	help
 	  A small SSH 2 server/client designed for small memory environments.
 	  
 	  http://matt.ucc.asn.au/dropbear/
-
+	  
diff --git a/package/dropbear/Makefile b/package/dropbear/Makefile
index e7144a60d..36548877d 100644
--- a/package/dropbear/Makefile
+++ b/package/dropbear/Makefile
@@ -3,9 +3,9 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dropbear
-PKG_VERSION:=0.46
+PKG_VERSION:=0.47
 PKG_RELEASE:=1
-PKG_MD5SUM:=f0e535a62b57e5bde9ecba4a11402178
+PKG_MD5SUM:=cf634614d52278d44dfd9c224a438bf2
 
 PKG_SOURCE_URL:=http://matt.ucc.asn.au/dropbear/releases/
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
diff --git a/package/dropbear/patches/100-pubkey_path.patch b/package/dropbear/patches/100-pubkey_path.patch
new file mode 100644
index 000000000..4adda38b2
--- /dev/null
+++ b/package/dropbear/patches/100-pubkey_path.patch
@@ -0,0 +1,89 @@
+diff -urN dropbear.old/svr-authpubkey.c dropbear.dev/svr-authpubkey.c
+--- dropbear.old/svr-authpubkey.c	2005-12-09 06:42:33.000000000 +0100
++++ dropbear.dev/svr-authpubkey.c	2005-12-12 01:35:32.139358750 +0100
+@@ -155,7 +155,6 @@
+ 		unsigned char* keyblob, unsigned int keybloblen) {
+ 
+ 	FILE * authfile = NULL;
+-	char * filename = NULL;
+ 	int ret = DROPBEAR_FAILURE;
+ 	buffer * line = NULL;
+ 	unsigned int len, pos;
+@@ -176,17 +175,8 @@
+ 		goto out;
+ 	}
+ 
+-	/* we don't need to check pw and pw_dir for validity, since
+-	 * its been done in checkpubkeyperms. */
+-	len = strlen(ses.authstate.pw->pw_dir);
+-	/* allocate max required pathname storage,
+-	 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
+-	filename = m_malloc(len + 22);
+-	snprintf(filename, len + 22, "%s/.ssh/authorized_keys", 
+-				ses.authstate.pw->pw_dir);
+-
+ 	/* open the file */
+-	authfile = fopen(filename, "r");
++	authfile = fopen("/etc/dropbear/authorized_keys", "r");
+ 	if (authfile == NULL) {
+ 		goto out;
+ 	}
+@@ -247,7 +237,6 @@
+ 	if (line) {
+ 		buf_free(line);
+ 	}
+-	m_free(filename);
+ 	TRACE(("leave checkpubkey: ret=%d", ret))
+ 	return ret;
+ }
+@@ -255,12 +244,11 @@
+ 
+ /* Returns DROPBEAR_SUCCESS if file permissions for pubkeys are ok,
+  * DROPBEAR_FAILURE otherwise.
+- * Checks that the user's homedir, ~/.ssh, and
+- * ~/.ssh/authorized_keys are all owned by either root or the user, and are
++ * Checks that /etc/dropbear and /etc/dropbear/authorized_keys
++ * are all owned by either root or the user, and are
+  * g-w, o-w */
+ static int checkpubkeyperms() {
+ 
+-	char* filename = NULL; 
+ 	int ret = DROPBEAR_FAILURE;
+ 	unsigned int len;
+ 
+@@ -274,25 +262,11 @@
+ 		goto out;
+ 	}
+ 
+-	/* allocate max required pathname storage,
+-	 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
+-	filename = m_malloc(len + 22);
+-	strncpy(filename, ses.authstate.pw->pw_dir, len+1);
+-
+-	/* check ~ */
+-	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
+-		goto out;
+-	}
+-
+-	/* check ~/.ssh */
+-	strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */
+-	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
++	if (checkfileperm("/etc/dropbear") != DROPBEAR_SUCCESS) {
+ 		goto out;
+ 	}
+ 
+-	/* now check ~/.ssh/authorized_keys */
+-	strncat(filename, "/authorized_keys", 16);
+-	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
++	if (checkfileperm("/etc/dropbear/authorized_keys") != DROPBEAR_SUCCESS) {
+ 		goto out;
+ 	}
+ 
+@@ -300,7 +274,6 @@
+ 	ret = DROPBEAR_SUCCESS;
+ 	
+ out:
+-	m_free(filename);
+ 
+ 	TRACE(("leave checkpubkeyperms"))
+ 	return ret;
diff --git a/package/dropbear/patches/change-user.patch b/package/dropbear/patches/110-change_user.patch
similarity index 71%
rename from package/dropbear/patches/change-user.patch
rename to package/dropbear/patches/110-change_user.patch
index 5ab4a5689..ac617e280 100644
--- a/package/dropbear/patches/change-user.patch
+++ b/package/dropbear/patches/110-change_user.patch
@@ -1,6 +1,6 @@
-diff -ruN dropbear-0.46-old/svr-chansession.c dropbear-0.46-new/svr-chansession.c
---- dropbear-0.46-old/svr-chansession.c	2005-07-08 21:20:59.000000000 +0200
-+++ dropbear-0.46-new/svr-chansession.c	2005-07-12 01:39:12.000000000 +0200
+diff -urN dropbear.old/svr-chansession.c dropbear.dev/svr-chansession.c
+--- dropbear.old/svr-chansession.c	2005-12-09 06:42:33.000000000 +0100
++++ dropbear.dev/svr-chansession.c	2005-12-12 01:42:38.982034750 +0100
 @@ -860,12 +860,12 @@
  	/* We can only change uid/gid as root ... */
  	if (getuid() == 0) {
diff --git a/package/dropbear/patches/hostkey-prompt.patch b/package/dropbear/patches/120-hostkey_prompt.patch
similarity index 100%
rename from package/dropbear/patches/hostkey-prompt.patch
rename to package/dropbear/patches/120-hostkey_prompt.patch
diff --git a/package/dropbear/patches/scp-argument-fix.patch b/package/dropbear/patches/130-scp_argument.patch
similarity index 100%
rename from package/dropbear/patches/scp-argument-fix.patch
rename to package/dropbear/patches/130-scp_argument.patch
diff --git a/package/dropbear/patches/use-dev-urandom.patch b/package/dropbear/patches/140-use_dev_urandom.patch
similarity index 100%
rename from package/dropbear/patches/use-dev-urandom.patch
rename to package/dropbear/patches/140-use_dev_urandom.patch
diff --git a/package/dropbear/patches/authpubkey.patch b/package/dropbear/patches/authpubkey.patch
deleted file mode 100644
index 07beefe71..000000000
--- a/package/dropbear/patches/authpubkey.patch
+++ /dev/null
@@ -1,73 +0,0 @@
---- dropbear-0.45.old/svr-authpubkey.c	2005-09-27 12:45:20.863639072 +0200
-+++ dropbear-0.45/svr-authpubkey.c	2005-09-27 13:15:09.066790872 +0200
-@@ -176,14 +176,10 @@
- 		goto out;
- 	}
- 
--	/* we don't need to check pw and pw_dir for validity, since
--	 * its been done in checkpubkeyperms. */
--	len = strlen(ses.authstate.pw->pw_dir);
- 	/* allocate max required pathname storage,
--	 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
--	filename = m_malloc(len + 22);
--	snprintf(filename, len + 22, "%s/.ssh/authorized_keys", 
--				ses.authstate.pw->pw_dir);
-+	 * = "/etc/dropbear/authorized_keys" + '\0' = 30 */
-+	filename = m_malloc(30);
-+	strncpy(filename, "/etc/dropbear/authorized_keys", 30);
- 
- 	/* open the file */
- 	authfile = fopen(filename, "r");
-@@ -255,43 +251,33 @@
- 
- /* Returns DROPBEAR_SUCCESS if file permissions for pubkeys are ok,
-  * DROPBEAR_FAILURE otherwise.
-- * Checks that the user's homedir, ~/.ssh, and
-- * ~/.ssh/authorized_keys are all owned by either root or the user, and are
-+ * Checks that /etc, /etc/dropbear and /etc/dropbear/authorized_keys
-+ * are all owned by either root or the user, and are
-  * g-w, o-w */
- static int checkpubkeyperms() {
- 
- 	char* filename = NULL; 
- 	int ret = DROPBEAR_FAILURE;
--	unsigned int len;
- 
- 	TRACE(("enter checkpubkeyperms"))
- 
--	assert(ses.authstate.pw);
--	if (ses.authstate.pw->pw_dir == NULL) {
--		goto out;
--	}
--
--	if ((len = strlen(ses.authstate.pw->pw_dir)) == 0) {
--		goto out;
--	}
--
- 	/* allocate max required pathname storage,
--	 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
--	filename = m_malloc(len + 22);
--	strncpy(filename, ses.authstate.pw->pw_dir, len+1);
-+	 * = "/etc/dropbear/authorized_keys" + '\0' = 30 */
-+	filename = m_malloc(30);
-+	strncpy(filename, "/etc", 4); /* strlen("/etc") == 4 */
- 
--	/* check ~ */
-+	/* check /etc */
- 	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
- 		goto out;
- 	}
- 
--	/* check ~/.ssh */
--	strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */
-+	/* check /etc/dropbear */
-+	strncat(filename, "/dropbear", 9); /* strlen("/dropbear") == 9 */
- 	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
- 		goto out;
- 	}
- 
--	/* now check ~/.ssh/authorized_keys */
-+	/* now check /etc/dropbear/authorized_keys */
- 	strncat(filename, "/authorized_keys", 16);
- 	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
- 		goto out;
-- 
2.20.1