From 8fc2981bcd63547d9e45896a261918342e8137aa Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Sun, 31 Jul 2011 12:05:54 +0000 Subject: dropbear: - split port argument at the rightmost colon, allows binding to specific IPv6 addresses - don't use uci ipaddr var but resolve ifname and get addresses from it (#9853) SVN-Revision: 27843 --- package/dropbear/Makefile | 4 +-- package/dropbear/files/dropbear.init | 30 ++++++++++++++++++---- .../patches/300-ipv6_addr_port_split.patch | 11 ++++++++ 3 files changed, 38 insertions(+), 7 deletions(-) create mode 100644 package/dropbear/patches/300-ipv6_addr_port_split.patch (limited to 'package') diff --git a/package/dropbear/Makefile b/package/dropbear/Makefile index 3fba1347ef..34f064c37f 100644 --- a/package/dropbear/Makefile +++ b/package/dropbear/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2006-2009 OpenWrt.org +# Copyright (C) 2006-2011 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dropbear PKG_VERSION:=0.53.1 -PKG_RELEASE:=3 +PKG_RELEASE:=4 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:= \ diff --git a/package/dropbear/files/dropbear.init b/package/dropbear/files/dropbear.init index aa7e07dd6d..d06d2d5349 100755 --- a/package/dropbear/files/dropbear.init +++ b/package/dropbear/files/dropbear.init @@ -12,6 +12,27 @@ EXTRA_HELP=" killclients Kill ${NAME} processes except servers and yourself" dropbear_start() { + append_ports() + { + local ifname="$1" + local port="$2" + + grep -qs "^ *$ifname:" /proc/net/dev || { + append args "-p $port" + return + } + + for addr in $( + ifconfig "$ifname" | sed -ne ' + /addr: *fe[89ab][0-9a-f]:/d + s/.* addr: *\([0-9a-f:\.]*\).*/\1/p + ' + ); do + append args "-p $addr:$port" + done + } + + local section="$1" # check if section is enabled (default) @@ -33,13 +54,12 @@ dropbear_start() config_get_bool val "${section}" PasswordAuth 1 [ "${val}" -eq 0 ] && append args "-s" # B) listen interface and port + local port local interface - local address config_get interface "${section}" Interface - config_get address "${interface}" ipaddr - config_get val "${section}" Port - val="${address:+${address}:}${val}" - [ -n "${val}" ] && append args "-p ${val}" + config_get interface "${interface}" ifname "$interface" + config_get port "${section}" Port 22 + append_ports "$interface" "$port" # C) banner file config_get val "${section}" BannerFile [ -f "${val}" ] && append args "-b ${val}" diff --git a/package/dropbear/patches/300-ipv6_addr_port_split.patch b/package/dropbear/patches/300-ipv6_addr_port_split.patch new file mode 100644 index 0000000000..7da435ab15 --- /dev/null +++ b/package/dropbear/patches/300-ipv6_addr_port_split.patch @@ -0,0 +1,11 @@ +--- a/svr-runopts.c ++++ b/svr-runopts.c +@@ -325,7 +325,7 @@ static void addportandaddress(char* spec + myspec = m_strdup(spec); + + /* search for ':', that separates address and port */ +- svr_opts.ports[svr_opts.portcount] = strchr(myspec, ':'); ++ svr_opts.ports[svr_opts.portcount] = strrchr(myspec, ':'); + + if (svr_opts.ports[svr_opts.portcount] == NULL) { + /* no ':' -> the whole string specifies just a port */ -- cgit v1.2.3