diff --git a/packages/dropbear/build.sh b/packages/dropbear/build.sh index 109f38e31c..503dd4d464 100644 --- a/packages/dropbear/build.sh +++ b/packages/dropbear/build.sh @@ -1,11 +1,10 @@ TERMUX_PKG_HOMEPAGE=https://matt.ucc.asn.au/dropbear/dropbear.html TERMUX_PKG_DESCRIPTION="Small SSH server and client" -TERMUX_PKG_LICENSE="BSD" +TERMUX_PKG_LICENSE="MIT" TERMUX_PKG_MAINTAINER="@termux" -TERMUX_PKG_VERSION=2020.81 -TERMUX_PKG_REVISION=3 +TERMUX_PKG_VERSION=2022.82 TERMUX_PKG_SRCURL=https://matt.ucc.asn.au/dropbear/releases/dropbear-${TERMUX_PKG_VERSION}.tar.bz2 -TERMUX_PKG_SHA256=48235d10b37775dbda59341ac0c4b239b82ad6318c31568b985730c788aac53b +TERMUX_PKG_SHA256=3a038d2bbc02bf28bbdd20c012091f741a3ec5cbe460691811d714876aad75d1 TERMUX_PKG_DEPENDS="termux-auth, zlib" TERMUX_PKG_SUGGESTS="openssh-sftp-server" TERMUX_PKG_CONFLICTS="openssh" @@ -29,7 +28,7 @@ termux_step_create_debscripts() { { echo "#!$TERMUX_PREFIX/bin/sh" echo "mkdir -p $TERMUX_PREFIX/etc/dropbear" - echo "for a in rsa dss ecdsa; do" + echo "for a in rsa dss ecdsa ed25519; do" echo " KEYFILE=$TERMUX_PREFIX/etc/dropbear/dropbear_\${a}_host_key" echo " test ! -f \$KEYFILE && dropbearkey -t \$a -f \$KEYFILE" echo "done" diff --git a/packages/dropbear/default_options.h.patch b/packages/dropbear/default_options.h.patch index fd7022eb18..3650636d57 100644 --- a/packages/dropbear/default_options.h.patch +++ b/packages/dropbear/default_options.h.patch @@ -1,6 +1,6 @@ ---- ./default_options.h.orig 2020-06-15 17:38:08.000000000 +0200 -+++ ./default_options.h 2020-06-23 21:29:37.665940247 +0200 -@@ -13,16 +13,16 @@ +--- a/default_options.h ++++ b/default_options.h +@@ -13,7 +13,7 @@ IMPORTANT: Some options will require "make clean" after changes */ @@ -9,8 +9,10 @@ /* Listen on all interfaces */ #define DROPBEAR_DEFADDRESS "" - - /* Default hostkey paths - these can be specified on the command line */ +@@ -21,10 +21,10 @@ + /* Default hostkey paths - these can be specified on the command line. + * Homedir is prepended if path begins with ~/ + */ -#define DSS_PRIV_FILENAME "/etc/dropbear/dropbear_dss_host_key" -#define RSA_PRIV_FILENAME "/etc/dropbear/dropbear_rsa_host_key" -#define ECDSA_PRIV_FILENAME "/etc/dropbear/dropbear_ecdsa_host_key" @@ -58,10 +60,10 @@ /* Specify the number of clients we will allow to be connected but * not yet authenticated. After this limit, connections are rejected */ -@@ -258,22 +258,22 @@ - - /* The default file to store the daemon's process ID, for shutdown - scripts etc. This can be overridden with the -P flag */ +@@ -285,11 +285,11 @@ + * scripts etc. This can be overridden with the -P flag. + * Homedir is prepended if path begins with ~/ + */ -#define DROPBEAR_PIDFILE "/var/run/dropbear.pid" +#define DROPBEAR_PIDFILE "@TERMUX_PREFIX@/var/run/dropbear.pid" @@ -71,9 +73,10 @@ +#define XAUTH_COMMAND "@TERMUX_PREFIX@/bin/xauth -q" - /* if you want to enable running an sftp server (such as the one included with - * OpenSSH), set the path below and set DROPBEAR_SFTPSERVER. - * The sftp-server program is not provided by Dropbear itself */ + /* If you want to enable running an sftp server (such as the one included with +@@ -298,11 +298,11 @@ + * Homedir is prepended if path begins with ~/ + */ #define DROPBEAR_SFTPSERVER 1 -#define SFTPSERVER_PATH "/usr/libexec/sftp-server" +#define SFTPSERVER_PATH "@TERMUX_PREFIX@/libexec/sftp-server" @@ -85,11 +88,13 @@ /* Whether to log commands executed by a client. This only logs the * (single) command sent to the server, not what a user did in a -@@ -309,6 +309,6 @@ +@@ -338,7 +338,7 @@ #define DEFAULT_IDLE_TIMEOUT 0 /* The default path. This will often get replaced by the shell */ -#define DEFAULT_PATH "/usr/bin:/bin" +-#define DEFAULT_ROOT_PATH "/usr/sbin:/usr/bin:/sbin:/bin" +#define DEFAULT_PATH "@TERMUX_PREFIX@/bin" ++#define DEFAULT_ROOT_PATH DEFAULT_PATH #endif /* DROPBEAR_DEFAULT_OPTIONS_H_ */ diff --git a/packages/dropbear/svr-chansession.c.patch b/packages/dropbear/svr-chansession.c.patch index 77ac5181ac..bc5cee401b 100644 --- a/packages/dropbear/svr-chansession.c.patch +++ b/packages/dropbear/svr-chansession.c.patch @@ -1,7 +1,6 @@ -diff -uNr dropbear-2018.76/svr-chansession.c dropbear-2018.76.mod/svr-chansession.c ---- dropbear-2018.76/svr-chansession.c 2018-02-27 16:25:12.000000000 +0200 -+++ dropbear-2018.76.mod/svr-chansession.c 2018-04-21 13:45:06.707063974 +0300 -@@ -607,7 +607,11 @@ +--- a/svr-chansession.c ++++ b/svr-chansession.c +@@ -611,7 +611,11 @@ static int sessionpty(struct ChanSess * dropbear_exit("Out of memory"); /* TODO disconnect */ } @@ -16,33 +15,34 @@ diff -uNr dropbear-2018.76/svr-chansession.c dropbear-2018.76.mod/svr-chansessio @@ -919,6 +923,8 @@ #endif - /* clear environment */ + /* clear environment if -e was not set */ + /* termux: do not clear environment on android */ +#ifndef __ANDROID__ /* if we're debugging using valgrind etc, we need to keep the LD_PRELOAD * etc. This is hazardous, so should only be used for debugging. */ - #ifndef DEBUG_VALGRIND -@@ -931,6 +937,7 @@ - } + if ( !svr_opts.pass_on_env) { +@@ -980,6 +986,7 @@ static void execchild(const void *user_d #endif /* HAVE_CLEARENV */ #endif /* DEBUG_VALGRIND */ + } +#endif /* __ANDROID__ */ + #if DROPBEAR_SVR_MULTIUSER /* We can only change uid/gid as root ... */ - if (getuid() == 0) { -@@ -956,12 +963,14 @@ - } +@@ -1007,6 +1014,8 @@ static void execchild(const void *user_d } + #endif + /* termux: do not modify environment since we did not clean it */ +#ifndef __ANDROID__ /* set env vars */ addnewvar("USER", ses.authstate.pw_name); addnewvar("LOGNAME", ses.authstate.pw_name); - addnewvar("HOME", ses.authstate.pw_dir); - addnewvar("SHELL", get_user_shell()); -- addnewvar("PATH", DEFAULT_PATH); -+#endif /* __ANDROID__ */ - if (chansess->term != NULL) { - addnewvar("TERM", chansess->term); +@@ -1017,6 +1026,7 @@ static void execchild(const void *user_d + } else { + addnewvar("PATH", DEFAULT_PATH); } ++#endif /* __ANDROID__ */ + if (cp != NULL) { + addnewvar("LANG", cp); + m_free(cp);