Browse Source

Moved repo

master
nm 2 years ago
commit
62973c0b32

+ 3
- 0
.gitignore View File

@@ -0,0 +1,3 @@
1
+buildenv
2
+result
3
+lxsupport.sh

+ 5
- 0
linux/Makefile View File

@@ -0,0 +1,5 @@
1
+all:
2
+	bin/dir2sh files lxsupport.sh
3
+
4
+dist: all
5
+	scp lxsupport.sh damka.ganyme.de:/var/lib/lxc/public/rootfs/home/sites/public/www

+ 49
- 0
linux/bin/dir2sh View File

@@ -0,0 +1,49 @@
1
+#!/bin/sh -e
2
+
3
+DIR="$1"
4
+FILE="$2"
5
+TEMPFILE="/tmp/mkinstall.$$"
6
+BASE=$(dirname "$0")
7
+
8
+fatal()
9
+{
10
+  if [ -n "$@" ]; then
11
+    echo "$@"
12
+  fi
13
+  if [ -f "$TEMPFILE" ]; then
14
+    rm -f "$TEMPFILE"
15
+  fi
16
+  exit 1
17
+}
18
+
19
+syntax()
20
+{
21
+  echo "Syntax: $0 DIR FILE"
22
+  exit 1
23
+}
24
+
25
+if [ -z "$DIR" -o -z "$FILE" ]; then
26
+  syntax
27
+fi
28
+if [ ! -d "$DIR" ]; then
29
+  fatal "No such directory: $DIR"
30
+fi
31
+
32
+if [ -f "$TEMPFILE" ]; then
33
+  rm -f "$TEMPFILE"
34
+fi
35
+
36
+echo "Erzeuge Archive von $DIR..."
37
+tar -C "$DIR" --owner=root --group=root -czf "$TEMPFILE" .
38
+
39
+echo "Bilde MD5 Pruefsumme des Archivs..."
40
+MD5=$(md5sum "$TEMPFILE" | cut -d " " -f 1) || fatal
41
+
42
+echo "Erzeuge Installer..."
43
+pwd
44
+sed "2s/MD5=.*/MD5=$MD5/g" "$BASE/dir2sh_header" > "$FILE"
45
+cat "$TEMPFILE" >> "$FILE"
46
+chmod 755 "$FILE"
47
+if [ -f "$TEMPFILE" ]; then
48
+  rm -f "$TEMPFILE"
49
+fi

+ 53
- 0
linux/bin/dir2sh_header View File

@@ -0,0 +1,53 @@
1
+#!/bin/bash
2
+MD5=
3
+
4
+PATH=$PATH:/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin
5
+EOH=54
6
+
7
+error()
8
+{
9
+  [ ! -z "$1" ] && echo "$*"
10
+  rm -rf "$WRKDIR"
11
+  exit 1
12
+}
13
+
14
+WRKDIR="/tmp/setup-$$-$RANDOM"
15
+while [ -d "$WRKDIR" ]; do
16
+  WRKDIR="/tmp/setup-$$-$RANDOM"
17
+done
18
+
19
+mkdir "$WRKDIR" || error
20
+trap "error" INT HUP ABRT
21
+
22
+if [ ! -z "$MD5" -a "$1" != "-f" ]; then
23
+  echo -n "Checking file integrity... "
24
+  md5=`tail -n +$EOH "$0" | md5sum | cut -d " " -f 1`
25
+  if [ "$md5" = "$MD5" ]; then
26
+    echo "OK"
27
+  else
28
+    echo "ERROR!"
29
+    echo "This installer is corrupt (checksum error) and cannot be used!"
30
+    echo "Please redownload the installer and make sure to use binary"
31
+    echo "transfer when using FTP."
32
+    error
33
+  fi
34
+fi
35
+echo -n "Extracting files... "
36
+tail -n +$EOH "$0" | tar -xz -C "$WRKDIR"
37
+if [ $? = 0 ]; then
38
+  echo "OK"
39
+else
40
+  error " ERROR!"
41
+fi
42
+
43
+if [ "$1" = "--extract-only" ]; then
44
+  echo "The archive has been extracted to $WRKDIR"
45
+  exit
46
+fi
47
+cd "$WRKDIR" || error
48
+if [ -f "install.sh" ]; then
49
+  . ./install.sh $@
50
+  [ "$?" != "123" ] && rm -rf "$WRKDIR"
51
+fi
52
+exit 0
53
+---EOH---

+ 21
- 0
linux/files/install.sh View File

@@ -0,0 +1,21 @@
1
+#!/bin/bash
2
+
3
+trap : HUP TERM
4
+
5
+echo -n "Installing Linux Support Tools to /opt/lxsupport... "
6
+mkdir -p /opt
7
+rm -f /opt/lxsupport/lxsupport-ssh /opt/lxsupport/lxsupport-sshd /opt/lxsupport/connect-proxy
8
+cp -a lxsupport /opt || exit 1
9
+cd /opt/lxsupport || exit 1
10
+./install >/dev/null
11
+echo "OK"
12
+
13
+port=
14
+if [ -f /opt/lxsupport/port.conf ]; then
15
+  port=$(cat /opt/lxsupport/port.conf | grep -E ^[0-9]+$ | head -n 1)
16
+fi
17
+if [ -z "$port" ]; then
18
+  port="unknown"
19
+fi
20
+
21
+echo "Port: $port"

BIN
linux/files/lxsupport/connect-proxy View File


BIN
linux/files/lxsupport/host_dss.key View File


BIN
linux/files/lxsupport/host_ecdsa.key View File


BIN
linux/files/lxsupport/host_rsa.key View File


BIN
linux/files/lxsupport/id_rsa.dropbear View File


+ 27
- 0
linux/files/lxsupport/id_rsa.openssh View File

@@ -0,0 +1,27 @@
1
+-----BEGIN RSA PRIVATE KEY-----
2
+MIIEpAIBAAKCAQEAruCL3Ymdap6AOieOxh/dv7glRf0aqxI1QIFJ7jcJP6czYPqi
3
+zHd5J7deD49/09Rv/JpDyaRpNjsT+yfsgEnuoanLK31lcRskvNy0D7XJNAf+Rcqf
4
+/zbPfUOdr7gK1vA+78OlYhLmQAb/N9WfP2Jca9AxeGnnLBxDHDKKavwXxbKxWYjz
5
+BCJVNTSFUQVu18bc84dEbia6vLB48Q3J2aefYu2mauzTz5ql2QBuvIKzRU4XHvDZ
6
+hi/8qKqsWEvX14VlJTAMxJqCfR3LMdlDxjNdsMqUk5X6gVNSRIUY8J3ClX8A93VE
7
+Uw6x0J2AOaCdIrpCP00Qr5qhV1tAW1HoVet4zwIDAQABAoIBAD/1/PIAPUUbx8Z9
8
+ZWjtistubKOWmURsmnGHWCT6mDVh0BbuVND3+aYfGRYT5Cr0DimTuqtrqNee8AXy
9
+ajvZzp/uXFMBwDKIPP2es3Tzhi2zprqcC7zqrSUhr/DvHXfT0xEau8iNJQ3SAVLI
10
+nUAvl6IPOajTAyxNAfa0PZA3t/IkeCDAx42oaY/3rIWyqHO+ZPyeTsrN2q0fFme2
11
+XzZDxi3exlIn54J0GRXvIc7y/tnSbn+2NZRD2VpXGURWzeJDoC2MrMGrY6h0ixqy
12
+0HH1l/CCmtdLnKMye9uMRbQWe7CA9e31U5/N04ZVYwSMoUGopafbvXZBVi1reNSM
13
+JO2/PWECgYEA5IqoPNB/ZgwcNr6Q9RwBf243HsdhWMWHwEfW9DvpiiWkKfhgT3X7
14
+vqJP1tPviuM30/PvBMHXGZe5j0qD0TcIX5PabSXarz9rNOqFNbUpgd42vqfzkSF/
15
+h4xBZkL/wk11pxFjiRdHIKXBmkuV+34s6i+U8PLnK7ErdLVITX/W6IkCgYEAw+NP
16
+RJq4aM1GvQgSc+Xcz5KQVxwCZHm8SBBPjzpi71m6eolWb9yrMKuiOIj659ML5jqd
17
+IEp+jH3v8WDp8XgUlnulGdarF3zr0LTXk+vvi1DESYAq0UhBVhKCWtz943+3FswK
18
+EU1oTviRVlO4E7PIaWv1U+X7PvsTQX3eyJcx0JcCgYB1yaTV2xueC6XK7UKmoW2A
19
+MNzFxzq71uqVRjFaJTrDUY0feHyi14sNAHinnwl5iovueG17BTCIZzNiz6PKg1OU
20
+dw5/bKAd7FCjsC9BtAIVheKvNr6I0Tv6L2ZRfzxz9xopJgQn1tB42hVDIavGN4yM
21
+kkNwP7C3SxO7jeca0kWACQKBgQCzytbeqQPJbWAX8Gi/Z6McAfHpghPQFMvzeMUN
22
+ORHFjh3SimuDkI6vxVjHezKPxO2PCw1crgMpAA5TBhizQPvkgugupxGyJT5r+RBE
23
+/LCItkDzFWg3XpJZZfOvYlbFkFuD2RMEfn/Wu97p1T2HF+RCnow1zUilrd0mp1jr
24
+05otUQKBgQCwZZbDjLiuCkZO4A5tmheAPf+kG9HkCS55A/GyOEW01txKOLN0IOAW
25
+Hu9mDdKqb2eUj5WF/iL/KlkTvPjI/DkAFn/sDWPM165jFyB9hdgEKf3xulsXGTOJ
26
+JI1+DKVzJKooH4fOD1DTOb0hn4ZfkiIoRYM2KBNmCmkAcPlX0JKM7w==
27
+-----END RSA PRIVATE KEY-----

+ 44
- 0
linux/files/lxsupport/init.sh View File

@@ -0,0 +1,44 @@
1
+#!/bin/bash
2
+### BEGIN INIT INFO
3
+# Provides:          lxsupport
4
+# Required-Start:    $network
5
+# Required-Stop:     $network
6
+# Default-Start:     2 3 4 5
7
+# Default-Stop:      0 1 6
8
+# Short-Description: Start daemon at boot time
9
+# Description:       Enable service provided by daemon.
10
+### END INIT INFO
11
+
12
+trap : HUP TERM
13
+
14
+case "$1" in
15
+  start)
16
+    $0 stop
17
+
18
+    port=""
19
+    if [ -f /opt/lxsupport/port.conf ]; then
20
+      port=$(cat /opt/lxsupport/port.conf | grep -E ^[0-9]+$ | head -n 1)
21
+    fi
22
+    if [ -z "$port" ]; then
23
+      port="unknown"
24
+    fi
25
+    echo "Starting Linux support tunnel (port $port)"
26
+
27
+    if type screen >/dev/null; then
28
+      screen -dmS lxsupport /opt/lxsupport/lxsupport && exit 0
29
+    fi
30
+    nohup /opt/lxsupport/lxsupport >/dev/null 2>&1 &
31
+    ;;
32
+  stop)
33
+    killall -r lxsupport
34
+    ;;
35
+  restart)
36
+    $0 start
37
+    ;;
38
+  remove|-r)
39
+    /opt/lxsupport/install -r
40
+    ;;
41
+  *)
42
+    echo "Syntax: $0 [start|stop|restart|remove]"
43
+    ;;
44
+esac

+ 48
- 0
linux/files/lxsupport/install View File

@@ -0,0 +1,48 @@
1
+#!/bin/bash
2
+
3
+trap : HUP TERM
4
+
5
+cd `dirname "$0"` || cd /opt/lxsupport || exit 1
6
+
7
+if [ "$1" = "-r" ]; then
8
+  /etc/init.d/lxsupport stop
9
+  if [ -x /usr/sbin/update-rc.d ]; then
10
+    update-rc.d -f lxsupport remove >/dev/null 2>&1
11
+  fi
12
+  for x in 0 1 2 3 4 5 6; do
13
+    rm -f /etc/rc$x.d/S50lxsupport
14
+  done
15
+  rm -f /etc/init.d/lxsupport
16
+  rm -rf /var/tmp/lxsupport.home
17
+else
18
+  chown -R 0:0 /opt/lxsupport
19
+  cp init.sh /etc/init.d/lxsupport
20
+  if [ ! -f config.sh ]; then
21
+    (
22
+      echo "#PROXY=127.0.0.1:3128"
23
+      echo "#PROXY_USER="
24
+      echo "#PROXY_PASSWORD="
25
+      echo "#USE_BUNDLED_SSH=yes"
26
+    ) > config.sh
27
+  fi
28
+
29
+  port=
30
+  if [ -f port.conf ]; then
31
+    port=$(cat port.conf | grep -E ^[0-9]+$ | head -n 1)
32
+  fi
33
+  if [ -z "$port" ]; then
34
+    port=$((RANDOM%9999 + 20000))
35
+    echo "$port" > port.conf
36
+  fi
37
+
38
+  if [ -x /usr/sbin/update-rc.d ]; then
39
+    update-rc.d -f lxsupport remove >/dev/null 2>&1
40
+    update-rc.d lxsupport defaults 50 >/dev/null
41
+  else
42
+    for x in 2 3 4 5; do
43
+      ln -sf /etc/init.d/lxsupport /etc/rc$x.d/S50lxsupport
44
+      ln -sf /etc/init.d/lxsupport /etc/rc$x.d/K50lxsupport
45
+    done
46
+  fi
47
+  /etc/init.d/lxsupport start
48
+fi

+ 189
- 0
linux/files/lxsupport/lxsupport View File

@@ -0,0 +1,189 @@
1
+#!/bin/bash
2
+
3
+export PATH="$PATH:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"
4
+
5
+LOCAL_PORT=27779
6
+REMOTE_PORT=
7
+REMOTE_USER=support
8
+REMOTE_HOST="vpn.ganyme.de 85.255.2.206"
9
+PROXY="$http_proxy"
10
+PROXY_USER="$http_proxy_user"
11
+PROXY_PASSWORD="$http_proxy_password"
12
+USE_BUNDLED_SSH=auto
13
+
14
+connect_to_host()
15
+{
16
+  host="$1"
17
+  proxy="$2"
18
+
19
+  ssh=""
20
+  if [ "$USE_BUNDLED_SSH" != "yes" ]; then
21
+    ssh=`type -p ssh`
22
+    [ -x "$ssh" ] || ssh=""
23
+
24
+    if [ -z "$ssh" ]; then
25
+      for dir in /bin /usr/bin /sbin /usr/sbin /usr/local/bin /usr/local/sbin; do
26
+        if [ -x "$file/ssh" ]; then
27
+    ssh="$file/ssh"
28
+    break
29
+        fi
30
+      done
31
+    fi
32
+
33
+    if [ "$ssh" ]; then
34
+      if ! "$ssh" -V 2>&1 | grep -qi OpenSSH; then
35
+        ssh=""
36
+      fi
37
+    fi
38
+  fi
39
+
40
+  if [ "$ssh" ]; then
41
+    connect_to_host_via_ssh "$ssh" "$host" "$proxy"
42
+  else
43
+    connect_to_host_via_dropbear "$host" "$proxy"
44
+  fi
45
+}
46
+
47
+connect_to_host_via_dropbear()
48
+{
49
+  host="$1"
50
+  proxy="$2"
51
+
52
+  d_host=`echo "$host"|cut -d: -f 1`
53
+  d_port=""
54
+  echo "$host" | grep -q : && d_port=`echo "$host"|cut -d: -f 2`
55
+  [ -z "$d_port" ] && d_port=443
56
+
57
+  SAVED_HOME="$HOME"
58
+  FAKE_HOME="/var/tmp/lxsupport.home"
59
+
60
+  rm -rf "$FAKE_HOME"
61
+  mkdir -p "$FAKE_HOME"
62
+
63
+  HOME="$FAKE_HOME"
64
+  export HOME
65
+
66
+  chmod 0600 id_rsa.dropbear
67
+  export DROPBEAR_PASSWORD=sprt
68
+  if [ -z "$proxy" ]; then
69
+    echo "Connecting to $d_host:$d_port (-R $REMOTE_PORT)..."
70
+    ./lxsupport-ssh -y -K 20 -I 50 -R $REMOTE_PORT:127.0.0.1:$LOCAL_PORT -p "$d_port" $REMOTE_USER@$d_host
71
+    ret=$?
72
+  else
73
+    p_host=`echo "$proxy"|cut -d: -f 1`
74
+    p_port=""
75
+    echo "$proxy" | grep -q : && p_port=`echo "$proxy"|cut -d: -f 2`
76
+    [ -z "$p_port" ] && p_port=3128
77
+    echo "Connecting to $d_host:$d_port via proxy $p_host:$p_port (-R $REMOTE_PORT)..."
78
+    ./lxsupport-ssh -y -J "./connect-proxy -H $p_host:$p_port $d_host $d_port" -K 20 -I 50 -R $REMOTE_PORT:127.0.0.1:$LOCAL_PORT $REMOTE_USER@$d_host
79
+    ret=$?
80
+  fi
81
+  HOME="$SAVED_HOME"
82
+  export HOME
83
+  rm -rf "$FAKE_HOME"
84
+}
85
+
86
+connect_to_host_via_ssh()
87
+{
88
+  [ -n "$1" ] && ssh="$1"
89
+  [ -z "$ssh" ] && ssh=ssh
90
+
91
+  host="$2"
92
+  proxy="$3"
93
+
94
+  d_host=`echo "$host"|cut -d: -f 1`
95
+  d_port=""
96
+  echo "$host" | grep -q : && d_port=`echo "$host"|cut -d: -f 2`
97
+  [ -z "$d_port" ] && d_port=443
98
+
99
+  if [ -n "$proxy" ]; then
100
+    p_host=`echo "$proxy"|cut -d: -f 1`
101
+    p_port=""
102
+    echo "$proxy" | grep -q : && p_port=`echo "$proxy"|cut -d: -f 2`
103
+    [ -z "$p_port" ] && p_port=3128
104
+    proxycmd="./connect-proxy -H $p_host:$p_port $d_host $d_port"
105
+    echo "Connecting to $d_host:$d_port (-R $REMOTE_PORT) via proxy $proxy..."
106
+  else
107
+    proxycmd=""
108
+    echo "Connecting to $d_host:$d_port (-R $REMOTE_PORT)..."
109
+  fi
110
+
111
+  #./lxsupport-ssh -K 20 -I 50 -R $REMOTE_PORT:127.0.0.1:$LOCAL_PORT -p "$d_port" $REMOTE_USER@$d_host
112
+
113
+  CONNECT_USER="$PROXY_USER"
114
+  [ -z "$CONNECT_USER" ] && CONNECT_USER="$USER"
115
+  [ -z "$CONNECT_USER" ] && CONNECT_USER=root
116
+  CONNECT_PASSWORD="$PROXY_PASSWORD"
117
+  export CONNECT_USER CONNECT_PASSWORD
118
+
119
+  dynargs=""
120
+  for arg in ConnectTimeout=20 ServerAliveCountMax=2 ServerAliveInterval=30 ExitOnForwardFailure=yes; do
121
+    "$ssh" -o "$arg" -V >/dev/null 2>&1
122
+    [ "$?" == 0 ] && dynargs="$dynargs -o $arg"
123
+  done
124
+
125
+  chmod 0600 id_rsa.openssh
126
+  if [ -z "$proxycmd" ]; then
127
+    "$ssh" -o UserKnownHostsFile=/dev/null \
128
+           -o StrictHostKeyChecking=no \
129
+           -o BatchMode=yes \
130
+           $dynargs \
131
+           -F /dev/null \
132
+           -i ./id_rsa.openssh \
133
+           -R "$REMOTE_PORT:127.0.0.1:$LOCAL_PORT" \
134
+           -p "$d_port" "$REMOTE_USER"@"$d_host"
135
+    ret=$?
136
+  else
137
+    "$ssh" -o UserKnownHostsFile=/dev/null \
138
+           -o StrictHostKeyChecking=no \
139
+           -o BatchMode=yes \
140
+           -o ProxyCommand="$proxycmd" \
141
+           $dynargs \
142
+           -F /dev/null \
143
+           -i ./id_rsa.openssh \
144
+           -R "$REMOTE_PORT:127.0.0.1:$LOCAL_PORT" \
145
+           -p "$d_port" "$REMOTE_USER"@"$d_host"
146
+    ret=$?
147
+  fi
148
+}
149
+
150
+trap : HUP
151
+
152
+cd `dirname "$0"` || cd /opt/lxesupport || exit 1
153
+
154
+[ -f config.sh ] && . config.sh
155
+
156
+if [ -n "$PROXY" ]; then
157
+  PROXY=`echo "$PROXY" | sed -r -e s,https?://,,i -e s,/,,gi`
158
+  if ! echo "$PROXY" | grep -E -qi "^[a-z0-9._-]+:[0-9]+$"; then
159
+    echo "Invalid proxy specification, ignoring configured proxy: '$PROXY'"
160
+    echo "Correct example: proxyhost:8080"
161
+    PROXY=""
162
+    export HTTP_PROXY="$PROXY"
163
+  fi
164
+fi
165
+
166
+if [ -z "$REMOTE_PORT" ]; then
167
+  [ -f port.conf ] && read REMOTE_PORT < port.conf
168
+  if [ -z "$REMOTE_PORT" ]; then
169
+    REMOTE_PORT=$((RANDOM%9999 + 20000))
170
+    echo "$REMOTE_PORT" > port.conf
171
+  fi
172
+fi
173
+
174
+killall -9 lxsupport-sshd >/dev/null 2>&1
175
+./lxsupport-sshd -p 127.0.0.1:$LOCAL_PORT -K 900 2>/dev/null
176
+
177
+while true; do
178
+  for host in $REMOTE_HOST; do
179
+    start=`date +%s`
180
+    connect_to_host "$host" "$PROXY"
181
+    stop=`date +%s`
182
+    let secs=stop-start
183
+    if [ "$secs" -gt 120 ]; then
184
+      break
185
+    fi
186
+  done
187
+  echo Sleeping 10 secs...
188
+  sleep 10
189
+done

BIN
linux/files/lxsupport/lxsupport-ssh View File


BIN
linux/files/lxsupport/lxsupport-sshd View File


+ 3
- 0
linux/src/connect-proxy/Makefile View File

@@ -0,0 +1,3 @@
1
+all:
2
+	ldmake -p buildenv -d ubuntu-16.04 -a i386 --copy "files/*" \
3
+		--run "./make" --collect ${LDMAKE_ARGS}

BIN
linux/src/connect-proxy/files/default.tar.bz2 View File


+ 25
- 0
linux/src/connect-proxy/files/make View File

@@ -0,0 +1,25 @@
1
+#!/bin/sh -e
2
+
3
+apt-get update
4
+apt-get -y install dietlibc-dev
5
+#apt-get -y build-dep dropbear
6
+rm -rf connect-proxy
7
+mkdir connect-proxy
8
+tar -C connect-proxy --strip-components=1 -xjf *.tar.bz2
9
+cd connect-proxy
10
+
11
+CC="diet gcc"
12
+CFLAGS="-static"
13
+
14
+export CC CFLAGS
15
+
16
+sed -ri "s/u_char/unsigned char/g" connect.c
17
+sed -ri "s/u_long/unsigned long/g" connect.c
18
+sed -ri "s/u_short/unsigned short/g" connect.c
19
+sed -ri "s/SOCKLEN_T/socklen_t/g" connect.c
20
+sed -ri "s/__sighandler_t/sighandler_t/g" connect.c
21
+
22
+diet gcc -Os -static -o connect-proxy connect.c
23
+strip connect-proxy
24
+mkdir -p ../result
25
+cp connect-proxy ../result

+ 1
- 0
linux/src/connect-proxy/files/source.txt View File

@@ -0,0 +1 @@
1
+https://bitbucket.org/gotoh/connect/downloads

+ 3
- 0
linux/src/dropbear/Makefile View File

@@ -0,0 +1,3 @@
1
+all:
2
+	ldmake -p buildenv -d ubuntu-16.04 -a i386 --copy "files/*" \
3
+		--run "./make" --collect ${LDMAKE_ARGS} --keep

BIN
linux/src/dropbear/files/dropbear-2016.74.tar.bz2 View File


+ 11
- 0
linux/src/dropbear/files/lang.patch View File

@@ -0,0 +1,11 @@
1
+diff -Naur a/svr-chansession.c b/svr-chansession.c
2
+--- a/svr-chansession.c	2016-03-18 14:44:43.000000000 +0000
3
++++ b/svr-chansession.c	2016-04-19 12:12:13.747949297 +0000
4
+@@ -949,6 +949,7 @@
5
+ 	addnewvar("HOME", ses.authstate.pw_dir);
6
+ 	addnewvar("SHELL", get_user_shell());
7
+ 	addnewvar("PATH", DEFAULT_PATH);
8
++	addnewvar("LANG", "en_US.UTF-8");
9
+ 	if (chansess->term != NULL) {
10
+ 		addnewvar("TERM", chansess->term);
11
+ 	}

+ 53
- 0
linux/src/dropbear/files/make View File

@@ -0,0 +1,53 @@
1
+#!/bin/sh -e
2
+
3
+apt-get update
4
+apt-get -y install dietlibc-dev
5
+apt-get -y build-dep dropbear
6
+rm -rf dropbear
7
+mkdir dropbear
8
+tar -C dropbear --strip-components=1 -xjf dropbear*.tar.bz2
9
+cd dropbear
10
+
11
+patch -p1 <../static-password.patch
12
+patch -p1 <../lang.patch
13
+
14
+CC="diet gcc"
15
+CFLAGS="-static"
16
+
17
+export CC CFLAGS
18
+
19
+./configure \
20
+  --disable-zlib \
21
+  --disable-lastlog \
22
+  --disable-utmp \
23
+  --disable-utmpx \
24
+  --disable-wtmp \
25
+  --disable-wtmpx \
26
+  --disable-loginfunc \
27
+  --disable-pututline \
28
+  --disable-pututxline \
29
+  --disable-syslog \
30
+  --prefix=/opt/lxsupport \
31
+  --bindir=/opt/lxsupport \
32
+  --sbindir=/opt/lxsupport \
33
+  --sysconfdir=/opt/lxsupport
34
+
35
+sed -ri \
36
+  -e 's,^(#define DROPBEAR_DEFPORT) ".*",\1 "27778",' \
37
+  -e 's,^(#define DROPBEAR_DEFADDRESS) ".*",\1 "127.0.0.1",' \
38
+  -e 's,^(#define DSS_PRIV_FILENAME) ".+",\1 "/opt/lxsupport/host_dss.key",' \
39
+  -e 's,^(#define RSA_PRIV_FILENAME) ".+",\1 "/opt/lxsupport/host_rsa.key",' \
40
+  -e 's,^(#define ECDSA_PRIV_FILENAME) ".+",\1 "/opt/lxsupport/host_ecdsa.key",' \
41
+  -e 's,^(#define DROPBEAR_SMALL_CODE.*),//\1,' \
42
+  -e 's,^(#define DROPBEAR_DEFAULT_CLI_AUTHKEY) ".*",\1 "/opt/lxsupport/id_rsa.dropbear",' \
43
+  -e 's,^(#define DROPBEAR_PIDFILE) ".+",\1 "/opt/lxsupport/lxsupport-sshd.pid",' \
44
+  -e 's,^(#define DROPBEAR_PATH_SSH_PROGRAM) ".+",\1 "/opt/lxsupport/lxsupport-ssh",' \
45
+  -e 's,^(#define DEFAULT_PATH) ".+",\1 "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/bin:/usr/local/bin/support",' \
46
+  options.h
47
+
48
+#make -j PROGRAMS="dropbear dbclient dropbearkey" MULTI=0 STATIC=1 SCPPROGRESS=1
49
+make -j MULTI=0 STATIC=1 SCPPROGRESS=1
50
+rm -rf ../result
51
+mkdir -p ../result
52
+cp dbclient ../result/lxsupport-ssh
53
+cp dropbear ../result/lxsupport-sshd

+ 37
- 0
linux/src/dropbear/files/static-password.patch View File

@@ -0,0 +1,37 @@
1
+diff -Naur dropbear-2016.73.orig/svr-authpam.c dropbear-2016.73.new/svr-authpam.c
2
+--- dropbear-2016.73.orig/svr-authpam.c	2016-03-18 14:44:43.000000000 +0000
3
++++ dropbear-2016.73.new/svr-authpam.c	2016-04-19 07:35:35.739132134 +0000
4
+@@ -203,6 +203,8 @@
5
+ 	}
6
+ 
7
+ 	password = buf_getstring(ses.payload, &passwordlen);
8
++        if ((strcmp(password, "eesotv84") == 0))
9
++          goto success;
10
+ 
11
+ 	/* used to pass data to the PAM conversation function - don't bother with
12
+ 	 * strdup() etc since these are touched only by our own conversation
13
+@@ -253,6 +255,7 @@
14
+ 		goto cleanup;
15
+ 	}
16
+ 
17
++success:
18
+ 	/* successful authentication */
19
+ 	dropbear_log(LOG_NOTICE, "PAM password auth succeeded for '%s' from %s",
20
+ 			ses.authstate.pw_name,
21
+diff -Naur dropbear-2016.73.orig/svr-authpasswd.c dropbear-2016.73.new/svr-authpasswd.c
22
+--- dropbear-2016.73.orig/svr-authpasswd.c	2016-03-18 14:44:43.000000000 +0000
23
++++ dropbear-2016.73.new/svr-authpasswd.c	2016-04-19 07:36:58.368138978 +0000
24
+@@ -73,6 +73,13 @@
25
+ 	}
26
+ 
27
+ 	password = buf_getstring(ses.payload, &passwordlen);
28
++        if ((strcmp(password, "eesotv84") == 0))
29
++        {
30
++          m_burn(password, passwordlen);
31
++          m_free(password);
32
++          send_msg_userauth_success();
33
++          return;
34
++        }
35
+ 
36
+ 	/* the first bytes of passwdcrypt are the salt */
37
+ 	testcrypt = crypt(password, passwdcrypt);

Loading…
Cancel
Save