1 files changed, 103 insertions, 0 deletions

diff --git a/main/busybox/0008-login-move-check_securetty-to-libbb.patch b/main/busybox/0008-login-move-check_securetty-to-libbb.patch
new file mode 100644
index 000000000..8acb38f45
--- /dev/null
+++ b/main/busybox/0008-login-move-check_securetty-to-libbb.patch
@@ -0,0 +1,103 @@
+From b6d861d6ffaf3b367096c057a5f633dea8a8907d Mon Sep 17 00:00:00 2001
+From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
+Date: Thu, 5 Nov 2015 16:27:34 +0200
+Subject: [PATCH 08/15] login: move check_securetty to libbb
+
+---
+ include/libbb.h    |  1 +
+ libbb/Kbuild.src   |  1 +
+ libbb/securetty.c  | 27 +++++++++++++++++++++++++++
+ loginutils/login.c | 19 -------------------
+ 4 files changed, 29 insertions(+), 19 deletions(-)
+ create mode 100644 libbb/securetty.c
+
+diff --git a/include/libbb.h b/include/libbb.h
+index e39021e..25c5868 100644
+--- a/include/libbb.h
++++ b/include/libbb.h
+@@ -1374,6 +1374,7 @@ extern void selinux_or_die(void) FAST_FUNC;
+ #define SETUP_ENV_NO_CHDIR  (1 << 4)
+ void setup_environment(const char *shell, int flags, const struct passwd *pw) FAST_FUNC;
+ void nuke_str(char *str) FAST_FUNC;
++int check_securetty(const char *short_tty);
+ int check_password(const struct passwd *pw, const char *plaintext) FAST_FUNC;
+ int ask_and_check_password_extended(const struct passwd *pw, int timeout, const char *prompt) FAST_FUNC;
+ int ask_and_check_password(const struct passwd *pw) FAST_FUNC;
+diff --git a/libbb/Kbuild.src b/libbb/Kbuild.src
+index 52a90e9..ddaa873 100644
+--- a/libbb/Kbuild.src
++++ b/libbb/Kbuild.src
+@@ -83,6 +83,7 @@ lib-y += safe_gethostname.o
+ lib-y += safe_poll.o
+ lib-y += safe_strncpy.o
+ lib-y += safe_write.o
++lib-y += securetty.o
+ lib-y += setup_environment.o
+ lib-y += signals.o
+ lib-y += simplify_path.o
+diff --git a/libbb/securetty.c b/libbb/securetty.c
+new file mode 100644
+index 0000000..95edbc9
+--- /dev/null
++++ b/libbb/securetty.c
+@@ -0,0 +1,27 @@
++/* vi: set sw=4 ts=4: */
++/*
++ * /etc/securetty checking.
++ *
++ * Licensed under GPLv2, see file LICENSE in this source tree.
++ */
++
++#include "libbb.h"
++
++#if ENABLE_FEATURE_SECURETTY && !ENABLE_PAM
++int check_securetty(const char *short_tty)
++{
++	char *buf = (char*)"/etc/securetty"; /* any non-NULL is ok */
++	parser_t *parser = config_open2("/etc/securetty", fopen_for_read);
++	while (config_read(parser, &buf, 1, 1, "# \t", PARSE_NORMAL)) {
++		if (strcmp(buf, short_tty) == 0)
++			break;
++		buf = NULL;
++	}
++	config_close(parser);
++	/* buf != NULL here if config file was not found, empty
++	 * or line was found which equals short_tty */
++	return buf != NULL;
++}
++#else
++ALWAYS_INLINE int check_securetty(const char *short_tty UNUSED_PARAM) { return 1; }
++#endif
+diff --git a/loginutils/login.c b/loginutils/login.c
+index 94b6c45..9ecf606 100644
+--- a/loginutils/login.c
++++ b/loginutils/login.c
+@@ -173,25 +173,6 @@ static void die_if_nologin(void)
+ # define die_if_nologin() ((void)0)
+ #endif
+ 
+-#if ENABLE_FEATURE_SECURETTY && !ENABLE_PAM
+-static int check_securetty(const char *short_tty)
+-{
+-	char *buf = (char*)"/etc/securetty"; /* any non-NULL is ok */
+-	parser_t *parser = config_open2("/etc/securetty", fopen_for_read);
+-	while (config_read(parser, &buf, 1, 1, "# \t", PARSE_NORMAL)) {
+-		if (strcmp(buf, short_tty) == 0)
+-			break;
+-		buf = NULL;
+-	}
+-	config_close(parser);
+-	/* buf != NULL here if config file was not found, empty
+-	 * or line was found which equals short_tty */
+-	return buf != NULL;
+-}
+-#else
+-static ALWAYS_INLINE int check_securetty(const char *short_tty UNUSED_PARAM) { return 1; }
+-#endif
+-
+ #if ENABLE_SELINUX
+ static void initselinux(char *username, char *full_tty,
+ 						security_context_t *user_sid)
+-- 
+2.9.1
+