The attached patch should fix your issue. I submitted it to the mailing
list in December, but you may not have been a member at that point.
Regards,
Claude Bing
On 1/25/19 3:34 AM, Stefan Hegny (hydrografix Consulting GmbH) wrote:
> Hello,
>
>
>
> trying to build dropbear-2018.76 for ARM, and trying to
>
>
>
> #define DROPBEAR_SVR_PUBKEY_AUTH 0
>
>
>
> in Order to get around CVE-2018-15599, aware that it would not conform
> to IETF, I receive:
>
>
>
> svr-chansession.c:682:11: error: 'struct ChanSess' has no member named
> 'original_command'
>
>
>
> Is there an #if missing around that line?
>
>
>
> Thx & regards
>
> Stefan
>
>
--- svr-chansession.c.orig 2018-12-26 12:35:30.838027183 -0500
+++ svr-chansession.c 2018-12-26 12:34:32.194026255 -0500
@@ -679,7 +679,9 @@
/* take global command into account */
if (svr_opts.forced_command) {
+#if DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT
chansess->original_command = chansess->cmd ? : m_strdup("");
+#endif
chansess->cmd = m_strdup(svr_opts.forced_command);
} else {
/* take public key option 'command' into account */
