Attachment #2156 for bug #2012

Lines 205-210 sys_auth_passwd(Authctxt authctxt, const char password) Link Here

(-)a/auth-passwd.c (+7 lines)
205	encrypted_password = xcrypt(password,	205	encrypted_password = xcrypt(password,
206	(pw_password[0] && pw_password[1]) ? pw_password : "xx");	206	(pw_password[0] && pw_password[1]) ? pw_password : "xx");
207		207
		208	#if defined(__ANDROID__)
		209	/* FIXME: By default android does not support passwords
		210	* Avoid crash in strcmp if password is not present
		211	*/
		212	if (!encrypted_password)
		213	return (0);
		214	#endif
208	/*	215	/*
209	* Authentication is accepted if the encrypted passwords	216	* Authentication is accepted if the encrypted passwords
210	* are identical.	217	* are identical.

Lines 684-690 fakepw(void) Link Here

(-)a/auth.c (+2 lines)
684	fake.pw_name = "NOUSER";	684	fake.pw_name = "NOUSER";
685	fake.pw_passwd =	685	fake.pw_passwd =
686	"$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK";	686	"$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK";
		687	#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
687	fake.pw_gecos = "NOUSER";	688	fake.pw_gecos = "NOUSER";
		689	#endif
688	fake.pw_uid = privsep_pw == NULL ? (uid_t)-1 : privsep_pw->pw_uid;	690	fake.pw_uid = privsep_pw == NULL ? (uid_t)-1 : privsep_pw->pw_uid;
689	fake.pw_gid = privsep_pw == NULL ? (gid_t)-1 : privsep_pw->pw_gid;	691	fake.pw_gid = privsep_pw == NULL ? (gid_t)-1 : privsep_pw->pw_gid;
690	#ifdef HAVE_PW_CLASS_IN_PASSWD	692	#ifdef HAVE_PW_CLASS_IN_PASSWD

Lines 357-363 AC_CHECK_HEADERS([ \ Link Here

(-)a/configure.ac (-5 / +52 lines)
357	sys/sysmacros.h \	357	sys/sysmacros.h \
358	sys/time.h \	358	sys/time.h \
359	sys/timers.h \	359	sys/timers.h \
360	sys/un.h \
361	time.h \	360	time.h \
362	tmpdir.h \	361	tmpdir.h \
363	ttyent.h \	362	ttyent.h \
Lines 371-376 AC_CHECK_HEADERS([ \ Link Here
371	vis.h \	370	vis.h \
372	])	371	])
373		372
		373	# sys/un.h requires sys/socket.h to be included first on Android
		374	AC_CHECK_HEADERS([sys/un.h], [], [], [
		375	#include <sys/socket.h>
		376	])
		377
374	# lastlog.h requires sys/time.h to be included first on Solaris	378	# lastlog.h requires sys/time.h to be included first on Solaris
375	AC_CHECK_HEADERS([lastlog.h], [], [], [	379	AC_CHECK_HEADERS([lastlog.h], [], [], [
376	#ifdef HAVE_SYS_TIME_H	380	#ifdef HAVE_SYS_TIME_H
Lines 667-675 main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) Link Here
667	AC_DEFINE([LINK_OPNOTSUPP_ERRNO], [EPERM],	671	AC_DEFINE([LINK_OPNOTSUPP_ERRNO], [EPERM],
668	[Define to whatever link() returns for "not supported"	672	[Define to whatever link() returns for "not supported"
669	if it doesn't return EOPNOTSUPP.])	673	if it doesn't return EOPNOTSUPP.])
		674	case "$host" in
		675	--linux-android*) :
		676	;;
		677	*)
670	AC_DEFINE([_PATH_BTMP], ["/var/log/btmp"], [log for bad login attempts])	678	AC_DEFINE([_PATH_BTMP], ["/var/log/btmp"], [log for bad login attempts])
671	AC_DEFINE([USE_BTMP])	679	AC_DEFINE([USE_BTMP])
		680	;;
		681	esac
672	AC_DEFINE([LINUX_OOM_ADJUST], [1], [Adjust Linux out-of-memory killer])	682	AC_DEFINE([LINUX_OOM_ADJUST], [1], [Adjust Linux out-of-memory killer])
		683	case "$host" in
		684	--linux-android*)
		685	AC_DEFINE([MISSING_HOWMANY], [1], [Define on *nto-qnx systems])
		686	AC_DEFINE([MISSING_FD_MASK], [1], [Define on *nto-qnx systems])
		687	SSHDLIBS="$SSHDLIBS -llog"
		688	;;
		689	esac
		690
673	inet6_default_4in6=yes	691	inet6_default_4in6=yes
674	case `uname -r` in	692	case `uname -r` in
675	1.\|2.0.)	693	1.\|2.0.)
Lines 1768-1779 AC_CHECK_FUNC([daemon], Link Here
1768	[LIBS="$LIBS -lbsd"; AC_DEFINE([HAVE_DAEMON])])]	1786	[LIBS="$LIBS -lbsd"; AC_DEFINE([HAVE_DAEMON])])]
1769	)	1787	)
1770		1788
		1789	case "$host" in
		1790	--linux-android*)
		1791	dnl inline function on Android
		1792	AC_DEFINE([HAVE_GETPAGESIZE], [1],
		1793	[Define if your libraries define getpagesize()])
		1794	;;
		1795	*)
1771	AC_CHECK_FUNC([getpagesize],	1796	AC_CHECK_FUNC([getpagesize],
1772	[AC_DEFINE([HAVE_GETPAGESIZE], [1],	1797	[AC_DEFINE([HAVE_GETPAGESIZE], [1],
1773	[Define if your libraries define getpagesize()])],	1798	[Define if your libraries define getpagesize()])],
1774	[AC_CHECK_LIB([ucb], [getpagesize],	1799	[AC_CHECK_LIB([ucb], [getpagesize],
1775	[LIBS="$LIBS -lucb"; AC_DEFINE([HAVE_GETPAGESIZE])])]	1800	[LIBS="$LIBS -lucb"; AC_DEFINE([HAVE_GETPAGESIZE])])]
1776	)	1801	)
		1802	;;
		1803	esac
1777		1804
1778	# Check for broken snprintf	1805	# Check for broken snprintf
1779	if test "x$ac_cv_func_snprintf" = "xyes" ; then	1806	if test "x$ac_cv_func_snprintf" = "xyes" ; then
Lines 2931-2938 AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t], , , [ Link Here
2931	#endif	2958	#endif
2932	])	2959	])
2933		2960
		2961	dnl on Android netinet/in.h define __in_addr_t and arpa/inet.h define in_addr_t
		2962	AC_CHECK_HEADERS([arpa/inet.h])
2934	AC_CHECK_TYPES([in_addr_t, in_port_t], , ,	2963	AC_CHECK_TYPES([in_addr_t, in_port_t], , ,
2935	[#include <sys/types.h>	2964	[#include <sys/types.h>
		2965	#ifdef HAVE_ARPA_INET_H
		2966	#include <arpa/inet.h>
		2967	#endif
2936	#include <netinet/in.h>])	2968	#include <netinet/in.h>])
2937		2969
2938	AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [	2970	AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
Lines 3186-3191 if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then Link Here
3186	[Fields in struct sockaddr_storage])	3218	[Fields in struct sockaddr_storage])
3187	fi	3219	fi
3188		3220
		3221	AC_CHECK_MEMBERS([struct passwd.pw_gecos],,,[#include <pwd.h>])
3189	AC_CACHE_CHECK([for pw_class field in struct passwd],	3222	AC_CACHE_CHECK([for pw_class field in struct passwd],
3190	ac_cv_have_pw_class_in_struct_passwd, [	3223	ac_cv_have_pw_class_in_struct_passwd, [
3191	AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <pwd.h> ]],	3224	AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <pwd.h> ]],
Lines 4280-4294 AC_ARG_ENABLE([utmp], Link Here
4280	fi	4313	fi
4281	]	4314	]
4282	)	4315	)
		4316	ssh_disable_utmpx=no
4283	AC_ARG_ENABLE([utmpx],	4317	AC_ARG_ENABLE([utmpx],
4284	[ --disable-utmpx disable use of utmpx even if detected [no]],	4318	[ --disable-utmpx disable use of utmpx even if detected [no]],
4285	[	4319	[
4286	if test "x$enableval" = "xno" ; then	4320	ssh_disable_utmpx=$enableval
4287	AC_DEFINE([DISABLE_UTMPX], [1],
4288	[Define if you don't want to use utmpx])
4289	fi
4290	]	4321	]
4291	)	4322	)
		4323	if test no = $ac_cv_header_utmpx_h; then
		4324	dnl Always disable utmpx if missing header utmpx.h (Android)
		4325	ssh_disable_utmpx=yes
		4326	fi
		4327	if test yes = $ssh_disable_utmpx; then
		4328	AC_DEFINE([DISABLE_UTMPX], [1],
		4329	[Define if you don't want to use utmpx])
		4330	fi
4292	AC_ARG_ENABLE([wtmp],	4331	AC_ARG_ENABLE([wtmp],
4293	[ --disable-wtmp disable use of wtmp even if detected [no]],	4332	[ --disable-wtmp disable use of wtmp even if detected [no]],
4294	[	4333	[
Lines 4414-4419 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ Link Here
4414	#ifdef HAVE_PATHS_H	4453	#ifdef HAVE_PATHS_H
4415	# include <paths.h>	4454	# include <paths.h>
4416	#endif	4455	#endif
		4456	/* Compatibility names for the strings of the canonical file names */
		4457	#ifndef UTMP_FILE
		4458	#define UTMP_FILE _PATH_UTMP
		4459	#endif
4417	]], [[ char *utmp = UTMP_FILE; ]])],	4460	]], [[ char *utmp = UTMP_FILE; ]])],
4418	[ AC_MSG_RESULT([yes]) ],	4461	[ AC_MSG_RESULT([yes]) ],
4419	[ AC_MSG_RESULT([no])	4462	[ AC_MSG_RESULT([no])
Lines 4444-4449 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ Link Here
4444	#ifdef HAVE_PATHS_H	4487	#ifdef HAVE_PATHS_H
4445	# include <paths.h>	4488	# include <paths.h>
4446	#endif	4489	#endif
		4490	/* Compatibility names for the strings of the canonical file names */
		4491	#ifndef WTMP_FILE
		4492	#define WTMP_FILE _PATH_WTMP
		4493	#endif
4447	]], [[ char *wtmp = WTMP_FILE; ]])],	4494	]], [[ char *wtmp = WTMP_FILE; ]])],
4448	[ AC_MSG_RESULT([yes]) ],	4495	[ AC_MSG_RESULT([yes]) ],
4449	[ AC_MSG_RESULT([no])	4496	[ AC_MSG_RESULT([no])

Lines 804-807 struct winsize { Link Here

(-)a/defines.h (+7 lines)
804	# endif	804	# endif
805	#endif	805	#endif
806		806
		807	/* Write by owner (BSD compatible) */
		808	#ifndef S_IWRITE
		809	# ifdef S_IWUSR
		810	# define S_IWRITE S_IWUSR
		811	# endif
		812	#endif
		813
807	#endif /* _DEFINES_H */	814	#endif /* _DEFINES_H */




/* pick the shortest string */
#define MIN_SIZEOF(s1,s2) (sizeof(s1) < sizeof(s2) ? sizeof(s1) : sizeof(s2))

#if defined(__ANDROID__)
/* Android define only user process */
#ifndef DEAD_PROCESS
#  define DEAD_PROCESS	USER_PROCESS
#endif
#ifndef LOGIN_PROCESS
#  define LOGIN_PROCESS	USER_PROCESS
#endif
#endif

/**
 ** platform-independent login functions
 **/

Lines 206-212 pwcopy(struct passwd *pw) Link Here

(-)a/misc.c (+2 lines)
206		206
207	copy->pw_name = xstrdup(pw->pw_name);	207	copy->pw_name = xstrdup(pw->pw_name);
208	copy->pw_passwd = xstrdup(pw->pw_passwd);	208	copy->pw_passwd = xstrdup(pw->pw_passwd);
		209	#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
209	copy->pw_gecos = xstrdup(pw->pw_gecos);	210	copy->pw_gecos = xstrdup(pw->pw_gecos);
		211	#endif
210	copy->pw_uid = pw->pw_uid;	212	copy->pw_uid = pw->pw_uid;
211	copy->pw_gid = pw->pw_gid;	213	copy->pw_gid = pw->pw_gid;
212	#ifdef HAVE_PW_EXPIRE_IN_PASSWD	214	#ifdef HAVE_PW_EXPIRE_IN_PASSWD

Lines 762-768 mm_answer_pwnamallow(int sock, Buffer *m) Link Here

(-)a/monitor.c (+2 lines)
762	buffer_put_string(m, pwent, sizeof(struct passwd));	762	buffer_put_string(m, pwent, sizeof(struct passwd));
763	buffer_put_cstring(m, pwent->pw_name);	763	buffer_put_cstring(m, pwent->pw_name);
764	buffer_put_cstring(m, "*");	764	buffer_put_cstring(m, "*");
		765	#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
765	buffer_put_cstring(m, pwent->pw_gecos);	766	buffer_put_cstring(m, pwent->pw_gecos);
		767	#endif
766	#ifdef HAVE_PW_CLASS_IN_PASSWD	768	#ifdef HAVE_PW_CLASS_IN_PASSWD
767	buffer_put_cstring(m, pwent->pw_class);	769	buffer_put_cstring(m, pwent->pw_class);
768	#endif	770	#endif

Lines 259-265 mm_getpwnamallow(const char *username) Link Here

(-)a/monitor_wrap.c (+2 lines)
259	fatal("%s: struct passwd size mismatch", __func__);	259	fatal("%s: struct passwd size mismatch", __func__);
260	pw->pw_name = buffer_get_string(&m, NULL);	260	pw->pw_name = buffer_get_string(&m, NULL);
261	pw->pw_passwd = buffer_get_string(&m, NULL);	261	pw->pw_passwd = buffer_get_string(&m, NULL);
		262	#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
262	pw->pw_gecos = buffer_get_string(&m, NULL);	263	pw->pw_gecos = buffer_get_string(&m, NULL);
		264	#endif
263	#ifdef HAVE_PW_CLASS_IN_PASSWD	265	#ifdef HAVE_PW_CLASS_IN_PASSWD
264	pw->pw_class = buffer_get_string(&m, NULL);	266	pw->pw_class = buffer_get_string(&m, NULL);
265	#endif	267	#endif




    struct dirent *dent;
    DIR *dirp;
    int len;
#ifdef __ANDROID__
    int pws_fd = -1;
#endif

#ifdef __ANDROID__
{
    /* keep android property workspace open */
    char *pws_env = getenv("ANDROID_PROPERTY_WORKSPACE");
    if (pws_env) {
	char *s, *q;
	s = strdup(pws_env);
	/* format "int,int" */
	q = strchr(s, ',');
	if (q) {
	    q = '\0';
	    pws_fd = atoi(s);
	}
	free(s);
    }
}
#endif
    /* Check for a /proc/$$/fd directory. */
    len = snprintf(fdpath, sizeof(fdpath), "/proc/%ld/fd", (long)getpid());
    if (len > 0 && (size_t)len <= sizeof(fdpath) && (dirp = opendir(fdpath))) {
	while ((dent = readdir(dirp)) != NULL) {
	    fd = strtol(dent->d_name, &endp, 10);
	    if (dent->d_name != endp && *endp == '\0' &&
	    #ifdef __ANDROID__
		(fd != pws_fd) &&
	    #endif
		fd >= 0 && fd < INT_MAX && fd >= lowfd && fd != dirfd(dirp))
		(void) close((int) fd);
	}




	if (getenv("TZ"))
		child_set_env(&env, &envsize, "TZ", getenv("TZ"));

#ifdef __ANDROID__
{
#define COPY_ANDROID_ENV(name)	{			\
	char *s = getenv(name);				\
	if (s)	child_set_env(&env, &envsize, name, s); }

	/* from /init.rc */
	COPY_ANDROID_ENV("ANDROID_BOOTLOGO");
	COPY_ANDROID_ENV("ANDROID_ROOT");
	COPY_ANDROID_ENV("ANDROID_ASSETS");
	COPY_ANDROID_ENV("ANDROID_DATA");
	COPY_ANDROID_ENV("ASEC_MOUNTPOINT");
	COPY_ANDROID_ENV("LOOP_MOUNTPOINT");
	COPY_ANDROID_ENV("BOOTCLASSPATH");

	/* FIXME: keep android property workspace open
	 * (see openbsd-compat/bsd-closefrom.c)
	 */
	COPY_ANDROID_ENV("ANDROID_PROPERTY_WORKSPACE");

	COPY_ANDROID_ENV("EXTERNAL_STORAGE");		/* ??? */
	COPY_ANDROID_ENV("SD_EXT_DIRECTORY");		/* ??? */

#undef COPY_ANDROID_ENV
}
#endif

	/* Set custom environment options from RSA authentication. */
	if (!options.use_login) {
		while (custom_environment) {

			perror("initgroups");
			exit(1);
		}
	#if !defined(__ANDROID__)
		/* FIXME: function is not defined in bionic (Android)
		 * TODO: add function check to confugure
		 */
		endgrent();
	#endif
#endif

		platform_setusercontext_post_groups(pw);




/* Unprivileged user */
struct passwd *privsep_pw = NULL;

#ifdef __ANDROID__

#include <android/log.h>

static void
android_log(LogLevel level, const char *msg, void *ctx) {
	android_LogPriority a;

	(void)ctx;

	switch (level) {
	case SYSLOG_LEVEL_QUIET		: a = ANDROID_LOG_SILENT	; break;
	case SYSLOG_LEVEL_FATAL		: a = ANDROID_LOG_FATAL		; break;
	case SYSLOG_LEVEL_ERROR		: a = ANDROID_LOG_ERROR		; break;
	case SYSLOG_LEVEL_INFO		: a = ANDROID_LOG_WARN		; break;
	case SYSLOG_LEVEL_VERBOSE	: a = ANDROID_LOG_INFO		; break;
	case SYSLOG_LEVEL_DEBUG1	: a = ANDROID_LOG_DEBUG		; break;
	case SYSLOG_LEVEL_DEBUG2	: a = ANDROID_LOG_DEBUG		; break;
	case SYSLOG_LEVEL_DEBUG3	: a = ANDROID_LOG_VERBOSE	; break;
	default				: a = ANDROID_LOG_UNKNOWN	; break;
	}

	if (a != ANDROID_LOG_UNKNOWN)
		__android_log_write(a, __progname, msg);
}

#endif

/* Prototypes for various functions defined later in this file. */
void destroy_sensitive_data(void);
void demote_sensitive_data(void);

	}
	/* Reinitialize the log (because of the fork above). */
	log_init(__progname, options.log_level, options.log_facility, log_stderr);
#ifdef __ANDROID__
	if (!log_stderr)
		set_log_handler(android_log, NULL);
#endif

	/* Initialize the random number generator. */
	arc4random_stir();
- 

Return to bug 2012

Lines 1203-1208 do_setup_env(Session s, const char shell) Link Here

(-)a/session.c (+32 lines)
1203	if (getenv("TZ"))	1203	if (getenv("TZ"))
1204	child_set_env(&env, &envsize, "TZ", getenv("TZ"));	1204	child_set_env(&env, &envsize, "TZ", getenv("TZ"));
1205		1205
		1206	#ifdef __ANDROID__
		1207	{
		1208	#define COPY_ANDROID_ENV(name) { \
		1209	char *s = getenv(name); \
		1210	if (s) child_set_env(&env, &envsize, name, s); }
		1211
		1212	/* from /init.rc */
		1213	COPY_ANDROID_ENV("ANDROID_BOOTLOGO");
		1214	COPY_ANDROID_ENV("ANDROID_ROOT");
		1215	COPY_ANDROID_ENV("ANDROID_ASSETS");
		1216	COPY_ANDROID_ENV("ANDROID_DATA");
		1217	COPY_ANDROID_ENV("ASEC_MOUNTPOINT");
		1218	COPY_ANDROID_ENV("LOOP_MOUNTPOINT");
		1219	COPY_ANDROID_ENV("BOOTCLASSPATH");
		1220
		1221	/* FIXME: keep android property workspace open
		1222	* (see openbsd-compat/bsd-closefrom.c)
		1223	*/
		1224	COPY_ANDROID_ENV("ANDROID_PROPERTY_WORKSPACE");
		1225
		1226	COPY_ANDROID_ENV("EXTERNAL_STORAGE"); /* ??? */
		1227	COPY_ANDROID_ENV("SD_EXT_DIRECTORY"); /* ??? */
		1228
		1229	#undef COPY_ANDROID_ENV
		1230	}
		1231	#endif
		1232
1206	/* Set custom environment options from RSA authentication. */	1233	/* Set custom environment options from RSA authentication. */
1207	if (!options.use_login) {	1234	if (!options.use_login) {
1208	while (custom_environment) {	1235	while (custom_environment) {
Lines 1496-1502 do_setusercontext(struct passwd *pw) Link Here
1496	perror("initgroups");	1523	perror("initgroups");
1497	exit(1);	1524	exit(1);
1498	}	1525	}
		1526	#if !defined(__ANDROID__)
		1527	/* FIXME: function is not defined in bionic (Android)
		1528	* TODO: add function check to confugure
		1529	*/
1499	endgrent();	1530	endgrent();
		1531	#endif
1500	#endif	1532	#endif
1501		1533
1502	platform_setusercontext_post_groups(pw);	1534	platform_setusercontext_post_groups(pw);

Lines 216-221 extern Buffer loginmsg; Link Here

(-)a/loginrec.c (+10 lines)
216	/* pick the shortest string */	216	/* pick the shortest string */
217	#define MIN_SIZEOF(s1,s2) (sizeof(s1) < sizeof(s2) ? sizeof(s1) : sizeof(s2))	217	#define MIN_SIZEOF(s1,s2) (sizeof(s1) < sizeof(s2) ? sizeof(s1) : sizeof(s2))
218		218
		219	#if defined(__ANDROID__)
		220	/* Android define only user process */
		221	#ifndef DEAD_PROCESS
		222	# define DEAD_PROCESS USER_PROCESS
		223	#endif
		224	#ifndef LOGIN_PROCESS
		225	# define LOGIN_PROCESS USER_PROCESS
		226	#endif
		227	#endif
		228
219	/**	229	/**
220	** platform-independent login functions	230	** platform-independent login functions
221	**/	231	**/

Lines 74-86 closefrom(int lowfd) Link Here

(-)a/openbsd-compat/bsd-closefrom.c (+23 lines)
74	struct dirent *dent;	74	struct dirent *dent;
75	DIR *dirp;	75	DIR *dirp;
76	int len;	76	int len;
		77	#ifdef __ANDROID__
		78	int pws_fd = -1;
		79	#endif
77		80
		81	#ifdef __ANDROID__
		82	{
		83	/* keep android property workspace open */
		84	char *pws_env = getenv("ANDROID_PROPERTY_WORKSPACE");
		85	if (pws_env) {
		86	char s, q;
		87	s = strdup(pws_env);
		88	/* format "int,int" */
		89	q = strchr(s, ',');
		90	if (q) {
		91	q = '\0';
		92	pws_fd = atoi(s);
		93	}
		94	free(s);
		95	}
		96	}
		97	#endif
78	/* Check for a /proc/$$/fd directory. */	98	/* Check for a /proc/$$/fd directory. */
79	len = snprintf(fdpath, sizeof(fdpath), "/proc/%ld/fd", (long)getpid());	99	len = snprintf(fdpath, sizeof(fdpath), "/proc/%ld/fd", (long)getpid());
80	if (len > 0 && (size_t)len <= sizeof(fdpath) && (dirp = opendir(fdpath))) {	100	if (len > 0 && (size_t)len <= sizeof(fdpath) && (dirp = opendir(fdpath))) {
81	while ((dent = readdir(dirp)) != NULL) {	101	while ((dent = readdir(dirp)) != NULL) {
82	fd = strtol(dent->d_name, &endp, 10);	102	fd = strtol(dent->d_name, &endp, 10);
83	if (dent->d_name != endp && *endp == '\0' &&	103	if (dent->d_name != endp && *endp == '\0' &&
		104	#ifdef __ANDROID__
		105	(fd != pws_fd) &&
		106	#endif
84	fd >= 0 && fd < INT_MAX && fd >= lowfd && fd != dirfd(dirp))	107	fd >= 0 && fd < INT_MAX && fd >= lowfd && fd != dirfd(dirp))
85	(void) close((int) fd);	108	(void) close((int) fd);
86	}	109	}

Lines 260-265 Buffer loginmsg; Link Here

(-)a/sshd.c (-1 / +32 lines)
260	/* Unprivileged user */	260	/* Unprivileged user */
261	struct passwd *privsep_pw = NULL;	261	struct passwd *privsep_pw = NULL;
262		262
		263	#ifdef __ANDROID__
		264
		265	#include <android/log.h>
		266
		267	static void
		268	android_log(LogLevel level, const char msg, void ctx) {
		269	android_LogPriority a;
		270
		271	(void)ctx;
		272
		273	switch (level) {
		274	case SYSLOG_LEVEL_QUIET : a = ANDROID_LOG_SILENT ; break;
		275	case SYSLOG_LEVEL_FATAL : a = ANDROID_LOG_FATAL ; break;
		276	case SYSLOG_LEVEL_ERROR : a = ANDROID_LOG_ERROR ; break;
		277	case SYSLOG_LEVEL_INFO : a = ANDROID_LOG_WARN ; break;
		278	case SYSLOG_LEVEL_VERBOSE : a = ANDROID_LOG_INFO ; break;
		279	case SYSLOG_LEVEL_DEBUG1 : a = ANDROID_LOG_DEBUG ; break;
		280	case SYSLOG_LEVEL_DEBUG2 : a = ANDROID_LOG_DEBUG ; break;
		281	case SYSLOG_LEVEL_DEBUG3 : a = ANDROID_LOG_VERBOSE ; break;
		282	default : a = ANDROID_LOG_UNKNOWN ; break;
		283	}
		284
		285	if (a != ANDROID_LOG_UNKNOWN)
		286	__android_log_write(a, __progname, msg);
		287	}
		288
		289	#endif
		290
263	/* Prototypes for various functions defined later in this file. */	291	/* Prototypes for various functions defined later in this file. */
264	void destroy_sensitive_data(void);	292	void destroy_sensitive_data(void);
265	void demote_sensitive_data(void);	293	void demote_sensitive_data(void);
Lines 1777-1782 main(int ac, char **av) Link Here
1777	}	1805	}
1778	/* Reinitialize the log (because of the fork above). */	1806	/* Reinitialize the log (because of the fork above). */
1779	log_init(__progname, options.log_level, options.log_facility, log_stderr);	1807	log_init(__progname, options.log_level, options.log_facility, log_stderr);
		1808	#ifdef __ANDROID__
		1809	if (!log_stderr)
		1810	set_log_handler(android_log, NULL);
		1811	#endif
1780		1812
1781	/* Initialize the random number generator. */	1813	/* Initialize the random number generator. */
1782	arc4random_stir();	1814	arc4random_stir();
1783	-