dropbear: backport fix for concurrent channel open/close

Prevents sporadic crashes of dropbear server when multiple channels are
active at the same time.

Upstream discussion:
https://github.com/mkj/dropbear/pull/326/commits
https://github.com/mkj/dropbear/issues/321

Issue was introduced in dropbear-2022.83 and fixed in v2024.86.

(From OE-Core rev: 808972c0418a64fbed2134b55f25fb90e5d498e9)

Signed-off-by: Florian Kreutzer <florian.kreutzer.oss@rohde-schwarz.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2 files changed, 46 insertions, 0 deletions

diff --git a/meta/recipes-core/dropbear/dropbear/0007-Don-t-close-channels-when-a-PID-hasn-t-started.patch b/meta/recipes-core/dropbear/dropbear/0007-Don-t-close-channels-when-a-PID-hasn-t-started.patch
new file mode 100644
index 0000000000..dff6534027
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear/0007-Don-t-close-channels-when-a-PID-hasn-t-started.patch
@@ -0,0 +1,45 @@
+From 5c34e70b80e5fc539f96e029b56b95cdee556010 Mon Sep 17 00:00:00 2001
+From: Matt Johnston <matt@ucc.asn.au>
+Date: Sun, 8 Sep 2024 11:07:41 +0200
+Subject: Don't close channels when a PID hasn't started
+
+If check_close() ran prior to a server channel exec/shell
+request, it would send a close immediately.
+This fix changes it to exclude write_fd==FD_UNINIT from
+being closed there.
+
+When a channel was closed by the time shell/exec request
+was received, then data sent hits an assertion.
+This fixes #321 on Github.
+
+The "pid == 0" check was initially added to avoid waiting
+to close a channel when a process has never been launched
+(which is correct), but that isn't correct in the case
+of the closed-fd test.
+
+Fixes: 8e6f73e879ca ("- Remove "flushing" handling for exited processes)
+
+Upstream-Status: Backport [https://github.com/mkj/dropbear/commit/71521d1b78706a70d3570b860e65234cefdc8c81]
+
+Signed-off-by: Florian Kreutzer <florian.kreutzer.oss@rohde-schwarz.com>
+---
+ common-channel.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/common-channel.c b/common-channel.c
+index be5b57f..9926972 100644
+--- a/common-channel.c
++++ b/common-channel.c
+@@ -317,7 +317,8 @@ static void check_close(struct Channel *channel) {
+ 
+        if ((channel->recv_eof && !write_pending(channel))
+                /* have a server "session" and child has exited */
+-               || (channel->type->check_close && close_allowed)) {
++               || (channel->writefd != FD_UNINIT
++                       && channel->type->check_close && close_allowed)) {
+                close_chan_fd(channel, channel->writefd, SHUT_WR);
+        }
+ 
+-- 
+2.34.1
+
diff --git a/meta/recipes-core/dropbear/dropbear_2022.83.bb b/meta/recipes-core/dropbear/dropbear_2022.83.bb
index 686cb8a809..772e08eaed 100644
--- a/meta/recipes-core/dropbear/dropbear_2022.83.bb
+++ b/meta/recipes-core/dropbear/dropbear_2022.83.bb
@@ -14,6 +14,7 @@ RCONFLICTS:${PN} = "openssh-sshd openssh"
 
 SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \
            file://0001-urandom-xauth-changes-to-options.h.patch \
+           file://0007-Don-t-close-channels-when-a-PID-hasn-t-started.patch \
            file://init \
            file://dropbearkey.service \
            file://dropbear@.service \