Commit 0bc5ce04 authored by Antoine Catton's avatar Antoine Catton

Add dirty “no shell checking” patch to dropbear in order to specify a

shell not present in /etc/shells
parent b9c71068
...@@ -25,6 +25,13 @@ url = ${:_profile_base_location_}/${:filename} ...@@ -25,6 +25,13 @@ url = ${:_profile_base_location_}/${:filename}
filename = ipv6-support.patch filename = ipv6-support.patch
download-only = true download-only = true
[dropbear-no-shell-check-patch]
recipe = hexagonit.recipe.download
md5sum = bb2ac410bd4cb2b07c23bfcc712e45f7
url = ${:_profile_base_location_}/${:filename}
filename = no-shell-checking.patch
download-only = true
[dropbear] [dropbear]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
md5sum = 0284ea239083f04c8b874e08e1aca243 md5sum = 0284ea239083f04c8b874e08e1aca243
...@@ -33,7 +40,7 @@ url = http://matt.ucc.asn.au/dropbear/dropbear-0.53.1.tar.bz2 ...@@ -33,7 +40,7 @@ url = http://matt.ucc.asn.au/dropbear/dropbear-0.53.1.tar.bz2
configure-options = configure-options =
--prefix=${buildout:parts-directory}/${:_buildout_section_name_} --prefix=${buildout:parts-directory}/${:_buildout_section_name_}
--with-zlib=${zlib:location} --with-zlib=${zlib:location}
CFLAGS="-DENABLE_SINGLEUSER " CFLAGS="-DENABLE_SINGLEUSER -D__DIRTY_NO_SHELL_CHECKING"
environment = environment =
CPPFLAGS =-I${zlib:location}/include CPPFLAGS =-I${zlib:location}/include
...@@ -42,6 +49,7 @@ environment = ...@@ -42,6 +49,7 @@ environment =
patches= patches=
${dropbear-userspace-patch:location}/${dropbear-userspace-patch:filename} ${dropbear-userspace-patch:location}/${dropbear-userspace-patch:filename}
${dropbear-ipv6-patch:location}/${dropbear-ipv6-patch:filename} ${dropbear-ipv6-patch:location}/${dropbear-ipv6-patch:filename}
${dropbear-no-shell-check-patch:location}/${dropbear-no-shell-check-patch:filename}
patch-options= patch-options=
-p1 -p1
diff --git a/svr-auth.c b/svr-auth.c
index 87e3c5e..8b93a22 100644
--- a/svr-auth.c
+++ b/svr-auth.c
@@ -267,6 +267,7 @@ static int checkusername(unsigned char *username, unsigned int userlen) {
usershell = "/bin/sh";
}
+#ifndef __DIRTY_NO_SHELL_CHECKING
/* check the shell is valid. If /etc/shells doesn't exist, getusershell()
* should return some standard shells like "/bin/sh" and "/bin/csh" (this
* is platform-specific) */
@@ -288,6 +289,7 @@ static int checkusername(unsigned char *username, unsigned int userlen) {
goodshell:
endusershell();
+#endif
TRACE(("matching shell"))
TRACE(("uid = %d", ses.authstate.pw_uid))
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment