Minor dropbear build tweaks (#706)

* Tweak dropbear build
Disable FORTIFY so that stuff runs on legacy Kindles
Tweak a few default settings for speed, and to avoid clobbering system
files.

Makefile.third

@@ -327,11 +327,13 @@ endif
 $(OUTPUT_DIR)/dropbearmulti: $(ZLIB) $(THIRDPARTY_DIR)/dropbear/CMakeLists.txt
 	install -d $(DROPBEAR_BUILD_DIR)
 	cd $(DROPBEAR_BUILD_DIR) && \
-		$(CMAKE) -DCC="$(CC)" \
+		$(CMAKE) \
+		-DCC="$(CC)" \
+		-DCPPFLAGS="$(CPPFLAGS) -I$(ZLIB_DIR)" \
+		-DCFLAGS="$(CFLAGS)" \
 		-DLIBS="$(if $(ANDROID),-static,)" \
-		-DCHOST="$(if $(EMULATE_READER),,$(CHOST))" \
-		-DCPPFLAGS="$(CFLAGS) -I$(ZLIB_DIR)" \
 		-DLDFLAGS="$(LDFLAGS) -L$(ZLIB_DIR)" \
+		-DCHOST="$(if $(EMULATE_READER),,$(CHOST))" \
 		$(CURDIR)/$(THIRDPARTY_DIR)/dropbear && \
 		$(MAKE)
 	cp $(DROPBEAR_DIR)/dropbearmulti $(OUTPUT_DIR)/

thirdparty/dropbear/CMakeLists.txt

@@ -3,29 +3,40 @@ cmake_minimum_required(VERSION 2.8.3)
 
 SET(CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH} "${CMAKE_CURRENT_LIST_DIR}/../cmake_modules")
 include("koreader_thirdparty_common")
+
 enable_language(C)
 
+assert_var_defined(CC)
+assert_var_defined(CPPFLAGS)
+assert_var_defined(CFLAGS)
 assert_var_defined(LIBS)
 assert_var_defined(LDFLAGS)
-assert_var_defined(CPPFLAGS)
+assert_var_defined(CHOST)
 
 ep_get_source_dir(SOURCE_DIR)
-ep_get_binary_dir(BINARY_DIR)
 
-set(CFG_ENV_VAR "CC=\"${CC}\" CFLAGS=\"${CFLAGS} -I${SOURCE_DIR}\" LIBS=\"${LIBS}\"  CPPFLAGS=\"${CPPFLAGS}\" LDFLAGS=\"${LDFLAGS}\" ")
-set(CFG_OPTS "-q --host=\"${CHOST}\" --disable-lastlog")
+set(PATCH_CMD1 sh -c "patch -N -p1 < ${CMAKE_CURRENT_SOURCE_DIR}/dropbear-2018.76-kindle-nopasswd-hack.patch || true")
+set(PATCH_CMD2 sh -c "patch -N -p1 < ${CMAKE_CURRENT_SOURCE_DIR}/dropbear-2018.76-kindle-pubkey-hack.patch || true")
+set(PATCH_CMD3 sh -c "patch -N -p1 < ${CMAKE_CURRENT_SOURCE_DIR}/dropbear-2018.76-kindle-pubkey-gen-hack.patch || true")
+set(PATCH_CMD4 sh -c "patch -N -p1 < ${CMAKE_CURRENT_SOURCE_DIR}/dropbear-2018.76-kindle-nochdir-hack.patch || true")
+set(PATCH_CMD5 sh -c "patch -N -p1 < ${CMAKE_CURRENT_SOURCE_DIR}/dropbear-2018.76-kindle-options-hack.patch || true")
+
+set(CFG_ENV_VAR "CC=\"${CC}\" CPPFLAGS=\"${CPPFLAGS}\ -I${SOURCE_DIR}\" CFLAGS=\"${CFLAGS}\" LIBS=\"${LIBS}\"  LDFLAGS=\"${LDFLAGS}\"")
+set(CFG_OPTS "--host=\"${CHOST}\" --disable-lastlog --enable-zlib --enable-openpty --enable-shadow --enable-syslog --disable-harden")
 set(CFG_CMD "${CFG_ENV_VAR} ${SOURCE_DIR}/configure ${CFG_OPTS}")
 set(CFG_CMD sh -c ${CFG_CMD})
 
+set(BUILD_CMD sh -c "$(MAKE) -j${PARALLEL_JOBS} strip MULTI=1")
+
 include(ExternalProject)
 set(DROPBEAR_VER "2018.76")
 ExternalProject_Add(
     dropbear
     URL https://matt.ucc.asn.au/dropbear/releases/dropbear-${DROPBEAR_VER}.tar.bz2
     URL_MD5 c3912f7fcdcc57c99937e4a79480d2c2
     DOWNLOAD_DIR ${KO_DOWNLOAD_DIR}
-    PATCH_COMMAND COMMAND patch -N -p1 -i ${CMAKE_CURRENT_SOURCE_DIR}/dropbear-2018.76-kindle-nopasswd-hack.patch COMMAND patch -N -p1 -i ${CMAKE_CURRENT_SOURCE_DIR}/dropbear-2018.76-kindle-pubkey-hack.patch COMMAND patch -N -p1 -i ${CMAKE_CURRENT_SOURCE_DIR}/dropbear-2018.76-kindle-pubkey-gen-hack.patch COMMAND patch -N -p1 -i ${CMAKE_CURRENT_SOURCE_DIR}/dropbear-2018.76-kindle-pubkey2-gen-hack.patch
+    PATCH_COMMAND COMMAND ${PATCH_CMD1} COMMAND ${PATCH_CMD2} COMMAND ${PATCH_CMD3} COMMAND ${PATCH_CMD4} COMMAND ${PATCH_CMD5}
     CONFIGURE_COMMAND ${CFG_CMD}
-    BUILD_COMMAND $(MAKE) -j${PARALLEL_JOBS} strip MULTI=1 --silent
+    BUILD_COMMAND ${BUILD_CMD}
     INSTALL_COMMAND ""
 )

thirdparty/dropbear/dropbear-2018.76-kindle-nochdir-hack.patch

@@ -0,0 +1,13 @@
+diff --git a/svr-main.c b/svr-main.c
+index 6f3144b..65a5c63 100644
+--- a/svr-main.c
++++ b/svr-main.c
+@@ -156,7 +156,7 @@ static void main_noinetd() {
+ 			closefds = 1;
+ 		}
+ #endif
+-		if (daemon(0, closefds) < 0) {
++		if (daemon(1, closefds) < 0) {
+ 			dropbear_exit("Failed to daemonize: %s", strerror(errno));
+ 		}
+ 	}

thirdparty/dropbear/dropbear-2018.76-kindle-nopasswd-hack.patch

@@ -1,18 +1,20 @@
-diff -ur dropbear-2018.76/runopts.h dropbear-2018.76.PATCHED/runopts.h
---- dropbear-2018.76/runopts.h	2018-02-27 15:25:12.000000000 +0100
-+++ dropbear-2018.76.PATCHED/runopts.h	2018-04-10 21:39:14.570884773 +0200
-@@ -122,6 +122,7 @@
+diff --git a/runopts.h b/runopts.h
+index 3123383..1bf4f1d 100644
+--- a/runopts.h
++++ b/runopts.h
+@@ -122,6 +122,7 @@ typedef struct svr_runopts {
 
  	buffer * banner;
  	char * pidfile;
 +	int nopasschk;
 
  	char * forced_command;
 
-diff -ur dropbear-2018.76/svr-authpasswd.c dropbear-2018.76.PATCHED/svr-authpasswd.c
---- dropbear-2018.76/svr-authpasswd.c	2018-02-27 15:25:12.000000000 +0100
-+++ dropbear-2018.76.PATCHED/svr-authpasswd.c	2018-04-10 21:39:14.571884773 +0200
-@@ -79,35 +79,74 @@
+diff --git a/svr-authpasswd.c b/svr-authpasswd.c
+index bdee2aa..d5fb2cf 100644
+--- a/svr-authpasswd.c
++++ b/svr-authpasswd.c
+@@ -79,35 +79,74 @@ void svr_auth_password() {
  	m_burn(password, passwordlen);
  	m_free(password);
 
@@ -23,43 +25,45 @@ diff -ur dropbear-2018.76/svr-authpasswd.c dropbear-2018.76.PATCHED/svr-authpass
 -		send_msg_userauth_failure(0, 1);
 -		return;
 -	}
+-
+-	/* check for empty password */
+-	if (passwdcrypt[0] == '\0') {
+-		dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected",
+-				ses.authstate.pw_name);
+-		send_msg_userauth_failure(0, 1);
+-		return;
+-	}
+-
+-	if (constant_time_strcmp(testcrypt, passwdcrypt) == 0) {
+-		/* successful authentication */
+-		dropbear_log(LOG_NOTICE, 
+-				"Password auth succeeded for '%s' from %s",
+-				ses.authstate.pw_name,
+-				svr_ses.addrstring);
+-		send_msg_userauth_success();
 +	/*
-+	 * Kindle Hack. Always auth successfully if we were launched with the -n flag, or if we're connecting from localhost.
++	 * Hack. Always auth successfully if we were launched with the -n flag, or if we're connecting from localhost.
 +	 * Keep the granularity of checks instead of just sending a successful auth for posterity/logging ;).
 +	 */
 +	if (svr_opts.nopasschk || strncmp(svr_ses.addrstring, "127.0.0.1", 9) == 0) {
 +		if (testcrypt == NULL) {
 +			/* crypt() with an invalid salt like "!!" */
-+			dropbear_log(LOG_WARNING, "User account '%s' is locked (But we're letting you in because we're a nice Kindle ;))",
++			dropbear_log(LOG_WARNING, "User account '%s' is locked (But we're letting you in, as configured ;))",
 +					ses.authstate.pw_name);
 +			send_msg_userauth_success();
 +			/* Keep the return to avoid potentially blowing up later? */
 +			return;
 +		}
-
--	/* check for empty password */
--	if (passwdcrypt[0] == '\0') {
--		dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected",
--				ses.authstate.pw_name);
--		send_msg_userauth_failure(0, 1);
--		return;
--	}
++
 +		/* check for empty password */
 +		if (passwdcrypt[0] == '\0') {
-+			dropbear_log(LOG_WARNING, "Allowing user '%s' with a blank password, as configured;)",
++			dropbear_log(LOG_WARNING, "User '%s' has blank password, but we're letting you in, as configured ;)",
 +					ses.authstate.pw_name);
 +			send_msg_userauth_success();
 +			/* Ditto */
 +			return;
 +		}
-
--	if (constant_time_strcmp(testcrypt, passwdcrypt) == 0) {
--		/* successful authentication */
--		dropbear_log(LOG_NOTICE, 
--				"Password auth succeeded for '%s' from %s",
--				ses.authstate.pw_name,
--				svr_ses.addrstring);
--		send_msg_userauth_success();
++
 +		if (constant_time_strcmp(testcrypt, passwdcrypt) == 0) {
 +			/* successful authentication */
 +			dropbear_log(LOG_NOTICE,
@@ -69,7 +73,7 @@ diff -ur dropbear-2018.76/svr-authpasswd.c dropbear-2018.76.PATCHED/svr-authpass
 +			send_msg_userauth_success();
 +		} else {
 +			dropbear_log(LOG_WARNING,
-+					"Allowing '%s' from %s with a bad password, as configured;))",
++					"Bad password attempt for '%s' from %s (But we're letting you in, as configured ;))",
 +					ses.authstate.pw_name,
 +					svr_ses.addrstring);
 +			send_msg_userauth_success();
@@ -113,33 +117,33 @@ diff -ur dropbear-2018.76/svr-authpasswd.c dropbear-2018.76.PATCHED/svr-authpass
  	}
  }
 
-diff -ur dropbear-2018.76/svr-runopts.c dropbear-2018.76.PATCHED/svr-runopts.c
---- dropbear-2018.76/svr-runopts.c	2018-02-27 15:25:12.000000000 +0100
-+++ dropbear-2018.76.PATCHED/svr-runopts.c	2018-04-10 21:41:30.197880763 +0200
-@@ -93,6 +93,7 @@
+diff --git a/svr-runopts.c b/svr-runopts.c
+index fe83e02..69079b5 100644
+--- a/svr-runopts.c
++++ b/svr-runopts.c
+@@ -93,6 +93,7 @@ static void printhelp(const char * progname) {
  					"		(default port is %s if none specified)\n"
  					"-P PidFile	Create pid file PidFile\n"
  					"		(default %s)\n"
-+                    "-n     Disable password checking (/!\\Hack, don't use this!)\n"
++					"-n             Disable password checking (/!\\ Hack, don't use this!)\n"
  #if INETD_MODE
  					"-i		Start for inetd\n"
  #endif
-@@ -150,6 +151,7 @@
+@@ -150,6 +151,7 @@ void svr_getopts(int argc, char ** argv) {
  	svr_opts.hostkey = NULL;
  	svr_opts.delay_hostkey = 0;
  	svr_opts.pidfile = DROPBEAR_PIDFILE;
 +	svr_opts.nopasschk = 0;
  #if DROPBEAR_SVR_LOCALTCPFWD
  	svr_opts.nolocaltcp = 0;
  #endif
-@@ -230,6 +232,10 @@
+@@ -230,6 +232,9 @@ void svr_getopts(int argc, char ** argv) {
  				case 'P':
  					next = &svr_opts.pidfile;
  					break;
-+                case 'n':
-+                    svr_opts.nopasschk = 1;
-+                    break;
-+
++				case 'n':
++					svr_opts.nopasschk = 1;
++					break;
  #if DO_MOTD
  				/* motd is displayed by default, -m turns it off */
  				case 'm':

thirdparty/dropbear/dropbear-2018.76-kindle-options-hack.patch

@@ -0,0 +1,47 @@
+diff --git a/default_options.h b/default_options.h
+index 3b75eb8..1b3588d 100644
+--- a/default_options.h
++++ b/default_options.h
+@@ -19,9 +19,9 @@ IMPORTANT: Some options will require "make clean" after changes */
+ #define DROPBEAR_DEFADDRESS ""
+
+ /* Default hostkey paths - these can be specified on the command line */
+-#define DSS_PRIV_FILENAME "/etc/dropbear/dropbear_dss_host_key"
+-#define RSA_PRIV_FILENAME "/etc/dropbear/dropbear_rsa_host_key"
+-#define ECDSA_PRIV_FILENAME "/etc/dropbear/dropbear_ecdsa_host_key"
++#define DSS_PRIV_FILENAME "settings/SSH/dropbear_dss_host_key"
++#define RSA_PRIV_FILENAME "settings/SSH/dropbear_rsa_host_key"
++#define ECDSA_PRIV_FILENAME "settings/SSH/dropbear_ecdsa_host_key"
+
+ /* Set NON_INETD_MODE if you require daemon functionality (ie Dropbear listens
+  * on chosen ports and keeps accepting connections. This is the default.
+@@ -44,10 +44,10 @@ IMPORTANT: Some options will require "make clean" after changes */
+  * several kB in binary size however will make the symmetrical ciphers and hashes
+  * slower, perhaps by 50%. Recommended for small systems that aren't doing
+  * much traffic. */
+-#define DROPBEAR_SMALL_CODE 1
++#define DROPBEAR_SMALL_CODE 0
+
+ /* Enable X11 Forwarding - server only */
+-#define DROPBEAR_X11FWD 1
++#define DROPBEAR_X11FWD 0
+
+ /* Enable TCP Fowarding */
+ /* 'Local' is "-L" style (client listening port forwarded via server)
+@@ -239,7 +239,7 @@ Homedir is prepended unless path begins with / */
+
+ /* The default file to store the daemon's process ID, for shutdown
+    scripts etc. This can be overridden with the -P flag */
+-#define DROPBEAR_PIDFILE "/var/run/dropbear.pid"
++#define DROPBEAR_PIDFILE "settings/SSH/dropbear.pid"
+
+ /* The command to invoke for xauth when using X11 forwarding.
+  * "-q" for quiet */
+@@ -290,6 +290,6 @@ be overridden at runtime with -I. 0 disables idle timeouts */
+ #define DEFAULT_IDLE_TIMEOUT 0
+
+ /* The default path. This will often get replaced by the shell */
+-#define DEFAULT_PATH "/usr/bin:/bin"
++#define DEFAULT_PATH "/sbin:/usr/sbin:/bin:/usr/bin"
+
+ #endif /* DROPBEAR_DEFAULT_OPTIONS_H_ */

thirdparty/dropbear/dropbear-2018.76-kindle-pubkey-gen-hack.patch

@@ -1,17 +1,10 @@
-diff -ur dropbear-2018.76/gensignkey.c dropbear-2018.76-PATCHED/gensignkey.c
---- dropbear-2018.76/gensignkey.c	2018-02-27 15:25:10.000000000 +0100
-+++ dropbear-2018.76-PATCHED/gensignkey.c	2018-04-14 17:17:03.419481762 +0200
-@@ -139,17 +139,14 @@
- 	if (ret == DROPBEAR_FAILURE) {
+diff --git a/gensignkey.c b/gensignkey.c
+index 8317fea..7c212ce 100644
+--- a/gensignkey.c
++++ b/gensignkey.c
+@@ -140,16 +140,13 @@ int signkey_generate(enum signkey_type keytype, int bits, const char* filename,
  		goto out;
  	}
-+   /* Hard links are not possible and renam. */
-+   if (skip_exist && access(filename, F_OK) == 0) {
-+       /* Ok. */
-+   } else if (rename(fn_temp, filename) < 0) {
-+       dropbear_log(LOG_ERR, "Failed moving key file to %s: %s", filename,
-+           strerror(errno));
-+       ret = DROPBEAR_FAILURE;
 
 -	if (link(fn_temp, filename) < 0) {
 -		/* If generating keys on connection (skipexist) it's OK to get EEXIST 
@@ -23,6 +16,13 @@ diff -ur dropbear-2018.76/gensignkey.c dropbear-2018.76-PATCHED/gensignkey.c
 -			ret = DROPBEAR_FAILURE;
 -			goto out;
 -		}
++	/* Hack. We can't do hardlinks on vfat, so just use rename */
++	if (skip_exist && access(filename, F_OK) == 0) {
++		/* Ok. */
++	} else if (rename(fn_temp, filename) < 0) {
++		dropbear_log(LOG_ERR, "Failed moving key file to %s: %s", filename,
++		strerror(errno));
++		ret = DROPBEAR_FAILURE;
  	}
 
  out:

thirdparty/dropbear/dropbear-2018.76-kindle-pubkey-hack.patch

@@ -1,7 +1,8 @@
-diff -ur dropbear-2018.76/svr-authpubkey.c dropbear-2018.76-PATCHED/svr-authpubkey.c
---- dropbear-2018.76/svr-authpubkey.c	2018-02-27 15:25:12.000000000 +0100
-+++ dropbear-2018.76-PATCHED/svr-authpubkey.c	2018-04-12 19:55:49.172699790 +0200
-@@ -296,7 +296,7 @@
+diff --git a/svr-authpubkey.c b/svr-authpubkey.c
+index aa6087c..7395837 100644
+--- a/svr-authpubkey.c
++++ b/svr-authpubkey.c
+@@ -296,7 +296,7 @@ static int checkpubkey(const char* algo, unsigned int algolen,
  		const unsigned char* keyblob, unsigned int keybloblen) {
 
  	FILE * authfile = NULL;
@@ -10,7 +11,7 @@ diff -ur dropbear-2018.76/svr-authpubkey.c dropbear-2018.76-PATCHED/svr-authpubk
  	int ret = DROPBEAR_FAILURE;
  	buffer * line = NULL;
  	unsigned int len;
-@@ -320,15 +320,6 @@
+@@ -320,15 +320,6 @@ static int checkpubkey(const char* algo, unsigned int algolen,
  		goto out;
  	}
 
@@ -26,20 +27,20 @@ diff -ur dropbear-2018.76/svr-authpubkey.c dropbear-2018.76-PATCHED/svr-authpubk
  	/* open the file as the authenticating user. */
  	origuid = getuid();
  	origgid = getgid();
-@@ -377,7 +368,6 @@
+@@ -377,7 +368,6 @@ out:
  	if (line) {
  		buf_free(line);
  	}
 -	m_free(filename);
  	TRACE(("leave checkpubkey: ret=%d", ret))
  	return ret;
  }
-@@ -390,38 +380,12 @@
+@@ -390,48 +380,20 @@ out:
   * g-w, o-w */
  static int checkpubkeyperms() {
 
 -	char* filename = NULL; 
-+	char filename[] = "settings/SSH/authorized_keys"; 
++	char filename[] = "settings/SSH/authorized_keys";
  	int ret = DROPBEAR_FAILURE;
  	unsigned int len;
 
@@ -74,16 +75,18 @@ diff -ur dropbear-2018.76/svr-authpubkey.c dropbear-2018.76-PATCHED/svr-authpubk
  	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
  		goto out;
  	}
-@@ -430,8 +394,6 @@
+
+ 	/* file looks ok, return success */
  	ret = DROPBEAR_SUCCESS;
- 	
- out:
+-	
+-out:
 -	m_free(filename);
--
+
++out:
  	TRACE(("leave checkpubkeyperms"))
  	return ret;
  }
-@@ -449,25 +411,6 @@
+@@ -449,25 +411,6 @@ static int checkfileperm(char * filename) {
  		TRACE(("leave checkfileperm: stat() != 0"))
  		return DROPBEAR_FAILURE;
  	}