diff --git a/meta/recipes-core/dropbear/dropbear/0007-Don-t-close-channels-when-a-PID-hasn-t-started.patch b/meta/recipes-core/dropbear/dropbear/0007-Don-t-close-channels-when-a-PID-hasn-t-started.patch new file mode 100644 index 0000000000..dff6534027 --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/0007-Don-t-close-channels-when-a-PID-hasn-t-started.patch @@ -0,0 +1,45 @@ +From 5c34e70b80e5fc539f96e029b56b95cdee556010 Mon Sep 17 00:00:00 2001 +From: Matt Johnston +Date: Sun, 8 Sep 2024 11:07:41 +0200 +Subject: Don't close channels when a PID hasn't started + +If check_close() ran prior to a server channel exec/shell +request, it would send a close immediately. +This fix changes it to exclude write_fd==FD_UNINIT from +being closed there. + +When a channel was closed by the time shell/exec request +was received, then data sent hits an assertion. +This fixes #321 on Github. + +The "pid == 0" check was initially added to avoid waiting +to close a channel when a process has never been launched +(which is correct), but that isn't correct in the case +of the closed-fd test. + +Fixes: 8e6f73e879ca ("- Remove "flushing" handling for exited processes) + +Upstream-Status: Backport [https://github.com/mkj/dropbear/commit/71521d1b78706a70d3570b860e65234cefdc8c81] + +Signed-off-by: Florian Kreutzer +--- + common-channel.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/common-channel.c b/common-channel.c +index be5b57f..9926972 100644 +--- a/common-channel.c ++++ b/common-channel.c +@@ -317,7 +317,8 @@ static void check_close(struct Channel *channel) { + + if ((channel->recv_eof && !write_pending(channel)) + /* have a server "session" and child has exited */ +- || (channel->type->check_close && close_allowed)) { ++ || (channel->writefd != FD_UNINIT ++ && channel->type->check_close && close_allowed)) { + close_chan_fd(channel, channel->writefd, SHUT_WR); + } + +-- +2.34.1 + diff --git a/meta/recipes-core/dropbear/dropbear_2022.83.bb b/meta/recipes-core/dropbear/dropbear_2022.83.bb index 686cb8a809..772e08eaed 100644 --- a/meta/recipes-core/dropbear/dropbear_2022.83.bb +++ b/meta/recipes-core/dropbear/dropbear_2022.83.bb @@ -14,6 +14,7 @@ RCONFLICTS:${PN} = "openssh-sshd openssh" SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \ file://0001-urandom-xauth-changes-to-options.h.patch \ + file://0007-Don-t-close-channels-when-a-PID-hasn-t-started.patch \ file://init \ file://dropbearkey.service \ file://dropbear@.service \