diff options
author | Jeremy Kerr <jk@ozlabs.org> | 2016-04-12 11:38:13 +0800 |
---|---|---|
committer | Jeremy Kerr <jk@ozlabs.org> | 2016-04-14 14:26:12 +0800 |
commit | fac2e5c6691f02aa1573ea6c882092d0a47b1a3c (patch) | |
tree | b1b0f56e5b23f9741c996a3dd6b1334ea577661e /meta-phosphor/common/recipes-core | |
parent | 75fc03aa5dbd43c64f927222209ad7326ad20c20 (diff) | |
download | talos-openbmc-fac2e5c6691f02aa1573ea6c882092d0a47b1a3c.tar.gz talos-openbmc-fac2e5c6691f02aa1573ea6c882092d0a47b1a3c.zip |
dropbear: Add patch for -c <command> option to dropbear
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
Diffstat (limited to 'meta-phosphor/common/recipes-core')
2 files changed, 93 insertions, 1 deletions
diff --git a/meta-phosphor/common/recipes-core/dropbear/dropbear/0001-dropbear-Add-c-command-option-to-force-a-specific-co.patch b/meta-phosphor/common/recipes-core/dropbear/dropbear/0001-dropbear-Add-c-command-option-to-force-a-specific-co.patch new file mode 100644 index 000000000..88d0ac0bb --- /dev/null +++ b/meta-phosphor/common/recipes-core/dropbear/dropbear/0001-dropbear-Add-c-command-option-to-force-a-specific-co.patch @@ -0,0 +1,91 @@ +From b4e094381ec846f4387dc6a3c210c2205a8db58a Mon Sep 17 00:00:00 2001 +From: Jeremy Kerr <jk@ozlabs.org> +Date: Tue, 12 Apr 2016 11:11:40 +0800 +Subject: [PATCH] dropbear: Add -c <command> option to force a specific command + +This change adds a -c option to dropbear, to force the session to use a +specific command, in a similar fashion to OpenSSH's ForceCommand +configuration option. + +This is useful to provide a simple fixed service over ssh, without +requiring an authorized key file for the per-key forced_command option. + +This setting takes precedence over the channel session's provided +command, and the per-key forced_command setting. + +Signed-off-by: Jeremy Kerr <jk@ozlabs.org> +--- + runopts.h | 2 ++ + svr-chansession.c | 12 ++++++++++-- + svr-runopts.c | 5 +++++ + 3 files changed, 17 insertions(+), 2 deletions(-) + +diff --git a/runopts.h b/runopts.h +index f7c869d..ffb573e 100644 +--- a/runopts.h ++++ b/runopts.h +@@ -114,6 +114,8 @@ typedef struct svr_runopts { + buffer * banner; + char * pidfile; + ++ char * command; ++ + } svr_runopts; + + extern svr_runopts svr_opts; +diff --git a/svr-chansession.c b/svr-chansession.c +index bfaf7f6..d6c9330 100644 +--- a/svr-chansession.c ++++ b/svr-chansession.c +@@ -671,8 +671,16 @@ static int sessioncommand(struct Channel *channel, struct ChanSess *chansess, + } + } + +- /* take public key option 'command' into account */ +- svr_pubkey_set_forced_command(chansess); ++ ++ /* take global command into account */ ++ if (svr_opts.command) { ++ chansess->original_command = chansess->cmd ? : m_strdup(""); ++ chansess->cmd = m_strdup(svr_opts.command); ++ } else { ++ /* take public key option 'command' into account */ ++ svr_pubkey_set_forced_command(chansess); ++ } ++ + + #ifdef LOG_COMMANDS + if (chansess->cmd) { +diff --git a/svr-runopts.c b/svr-runopts.c +index 8f60059..f845300 100644 +--- a/svr-runopts.c ++++ b/svr-runopts.c +@@ -79,6 +79,7 @@ static void printhelp(const char * progname) { + #ifdef ENABLE_SVR_REMOTETCPFWD + "-k Disable remote port forwarding\n" + "-a Allow connections to forwarded ports from any host\n" ++ "-c command Force executed command\n" + #endif + "-p [address:]port\n" + " Listen on specified tcp port (and optionally address),\n" +@@ -125,6 +126,7 @@ void svr_getopts(int argc, char ** argv) { + /* see printhelp() for options */ + svr_opts.bannerfile = NULL; + svr_opts.banner = NULL; ++ svr_opts.command = NULL; + svr_opts.forkbg = 1; + svr_opts.norootlogin = 0; + svr_opts.noauthpass = 0; +@@ -177,6 +179,9 @@ void svr_getopts(int argc, char ** argv) { + case 'b': + next = &svr_opts.bannerfile; + break; ++ case 'c': ++ next = &svr_opts.command; ++ break; + case 'd': + case 'r': + next = &keyfile; +-- +2.5.0 + diff --git a/meta-phosphor/common/recipes-core/dropbear/dropbear_%.bbappend b/meta-phosphor/common/recipes-core/dropbear/dropbear_%.bbappend index 36c0dcd12..52a38bdd9 100644 --- a/meta-phosphor/common/recipes-core/dropbear/dropbear_%.bbappend +++ b/meta-phosphor/common/recipes-core/dropbear/dropbear_%.bbappend @@ -1,2 +1,3 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" -SRC_URI += "file://dropbearkey.service" +SRC_URI += "file://dropbearkey.service \ + file://0001-dropbear-Add-c-command-option-to-force-a-specific-co.patch" |