Mercurial > dropbear
annotate netio.h @ 1930:299f4f19ba19
Add /usr/sbin and /sbin to default root PATH
When dropbear is used in a very restricted environment (such as in a
initrd), the default user shell is often also very restricted
and doesn't take care of setting the PATH so the user ends up
with the PATH set by dropbear. Unfortunately, dropbear always
sets "/usr/bin:/bin" as default PATH even for the root user
which should have /usr/sbin and /sbin too.
For a concrete instance of this problem, see the "Remote Unlocking"
section in this tutorial: https://paxswill.com/blog/2013/11/04/encrypted-raspberry-pi/
It speaks of a bug in the initramfs script because it's written "blkid"
instead of "/sbin/blkid"... this is just because the scripts from the
initramfs do not expect to have a PATH without the sbin directories and
because dropbear is not setting the PATH appropriately for the root user.
I'm thus suggesting to use the attached patch to fix this misbehaviour (I
did not test it, but it's easy enough). It might seem anecdotic but
multiple Kali users have been bitten by this.
From https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903403
| author | Raphael Hertzog <hertzog@debian.org> |
|---|---|
| date | Mon, 09 Jul 2018 16:27:53 +0200 |
| parents | 1d86a58fb52d |
| children |
| rev | line source |
|---|---|
|
1032
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 #ifndef DROPBEAR_NETIO_H |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 #define DROPBEAR_NETIO_H |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 #include "includes.h" |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 #include "buffer.h" |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
6 #include "queue.h" |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 enum dropbear_prio { |
|
1859
1d86a58fb52d
Leave non-interactive at default QoS class
Matt Johnston <matt@ucc.asn.au>
parents:
1466
diff
changeset
|
9 DROPBEAR_PRIO_NORMAL = 0, /* the rest - tcp-fwd, scp, rsync, git, etc */ |
|
1d86a58fb52d
Leave non-interactive at default QoS class
Matt Johnston <matt@ucc.asn.au>
parents:
1466
diff
changeset
|
10 DROPBEAR_PRIO_LOWDELAY, /* pty shell, x11 */ |
|
1032
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 }; |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
13 void set_sock_nodelay(int sock); |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 void set_sock_priority(int sock, enum dropbear_prio prio); |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 |
|
1464
ad637c9e0f6f
Server chosen tcpfwd ports (#43)
houseofkodai <karthik@houseofkodai.in>
parents:
1459
diff
changeset
|
16 int get_sock_port(int sock); |
|
1032
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 void get_socket_address(int fd, char **local_host, char **local_port, |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 char **remote_host, char **remote_port, int host_lookup); |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 void getaddrstring(struct sockaddr_storage* addr, |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
20 char **ret_host, char **ret_port, int host_lookup); |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
21 int dropbear_listen(const char* address, const char* port, |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 int *socks, unsigned int sockcount, char **errstring, int *maxfd); |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
23 |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
24 struct dropbear_progress_connection; |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
25 |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
26 /* result is DROPBEAR_SUCCESS or DROPBEAR_FAILURE. |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
27 errstring is only set on DROPBEAR_FAILURE, returns failure message for the last attempted socket */ |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
28 typedef void(*connect_callback)(int result, int sock, void* data, const char* errstring); |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
29 |
|
1054
c71df09bc610
Avoid copying data into circular buffer
Matt Johnston <matt@ucc.asn.au>
parents:
1050
diff
changeset
|
30 /* Always returns a progress connection, if it fails it will call the callback at a later point */ |
|
1032
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
31 struct dropbear_progress_connection * connect_remote (const char* remotehost, const char* remoteport, |
|
1859
1d86a58fb52d
Leave non-interactive at default QoS class
Matt Johnston <matt@ucc.asn.au>
parents:
1466
diff
changeset
|
32 connect_callback cb, void *cb_data, const char* bind_address, const char* bind_port, |
|
1d86a58fb52d
Leave non-interactive at default QoS class
Matt Johnston <matt@ucc.asn.au>
parents:
1466
diff
changeset
|
33 enum dropbear_prio prio); |
|
1032
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
34 |
| 1050 | 35 /* Sets up for select() */ |
|
1032
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
36 void set_connect_fds(fd_set *writefd); |
| 1050 | 37 /* Handles ready sockets after select() */ |
|
1459
06d52bcb8094
Pointer parameter could be declared as pointing to const
Francois Perrad <francois.perrad@gadz.org>
parents:
1295
diff
changeset
|
38 void handle_connect_fds(const fd_set *writefd); |
| 1050 | 39 /* Cleanup */ |
|
1276
9169e4e7cbee
fix empty C prototypes
Francois Perrad <francois.perrad@gadz.org>
parents:
1084
diff
changeset
|
40 void remove_connect_pending(void); |
|
1032
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
41 |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
42 /* Doesn't actually stop the connect, but adds a dummy callback instead */ |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
43 void cancel_connect(struct dropbear_progress_connection *c); |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
44 |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
45 void connect_set_writequeue(struct dropbear_progress_connection *c, struct Queue *writequeue); |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
46 |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
47 /* TODO: writev #ifdef guard */ |
| 1072 | 48 /* Fills out iov which contains iov_count slots, returning the number filled in iov_count */ |
|
1459
06d52bcb8094
Pointer parameter could be declared as pointing to const
Francois Perrad <francois.perrad@gadz.org>
parents:
1295
diff
changeset
|
49 void packet_queue_to_iovec(const struct Queue *queue, struct iovec *iov, unsigned int *iov_count); |
|
1032
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
50 void packet_queue_consume(struct Queue *queue, ssize_t written); |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
51 |
|
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1276
diff
changeset
|
52 #if DROPBEAR_SERVER_TCP_FAST_OPEN |
|
1033
ca71904cf3ee
Fixes for backwards compatibility
Matt Johnston <matt@ucc.asn.au>
parents:
1032
diff
changeset
|
53 /* Try for any Linux builds, will fall back if the kernel doesn't support it */ |
|
ca71904cf3ee
Fixes for backwards compatibility
Matt Johnston <matt@ucc.asn.au>
parents:
1032
diff
changeset
|
54 void set_listen_fast_open(int sock); |
|
ca71904cf3ee
Fixes for backwards compatibility
Matt Johnston <matt@ucc.asn.au>
parents:
1032
diff
changeset
|
55 /* Define values which may be supported by the kernel even if the libc is too old */ |
|
ca71904cf3ee
Fixes for backwards compatibility
Matt Johnston <matt@ucc.asn.au>
parents:
1032
diff
changeset
|
56 #ifndef TCP_FASTOPEN |
|
ca71904cf3ee
Fixes for backwards compatibility
Matt Johnston <matt@ucc.asn.au>
parents:
1032
diff
changeset
|
57 #define TCP_FASTOPEN 23 |
|
ca71904cf3ee
Fixes for backwards compatibility
Matt Johnston <matt@ucc.asn.au>
parents:
1032
diff
changeset
|
58 #endif |
|
ca71904cf3ee
Fixes for backwards compatibility
Matt Johnston <matt@ucc.asn.au>
parents:
1032
diff
changeset
|
59 #ifndef MSG_FASTOPEN |
|
ca71904cf3ee
Fixes for backwards compatibility
Matt Johnston <matt@ucc.asn.au>
parents:
1032
diff
changeset
|
60 #define MSG_FASTOPEN 0x20000000 |
|
ca71904cf3ee
Fixes for backwards compatibility
Matt Johnston <matt@ucc.asn.au>
parents:
1032
diff
changeset
|
61 #endif |
|
1032
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
62 #endif |
|
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
63 |
|
1033
ca71904cf3ee
Fixes for backwards compatibility
Matt Johnston <matt@ucc.asn.au>
parents:
1032
diff
changeset
|
64 #endif |
|
ca71904cf3ee
Fixes for backwards compatibility
Matt Johnston <matt@ucc.asn.au>
parents:
1032
diff
changeset
|
65 |