From 88c8053d47fb5ecc53e46d8ba261df2932dd5649 Mon Sep 17 00:00:00 2001
From: Konstantin Demin <rockdrilla@gmail.com>
Date: Tue, 9 Jan 2024 03:40:01 +0300
Subject: [PATCH] dropbear: adjust allowed shell list

this takes an effect only if getusershell(3) is missing

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
---
 package/network/services/dropbear/Makefile | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/package/network/services/dropbear/Makefile b/package/network/services/dropbear/Makefile
index 77104431db..ef67371e1d 100644
--- a/package/network/services/dropbear/Makefile
+++ b/package/network/services/dropbear/Makefile
@@ -104,6 +104,8 @@ CONFIGURE_ARGS += \
 #
 ##############################################################################
 
+# adjust allowed shell list (if getusershell(3) is missing):
+# - COMPAT_USER_SHELLS
 # remove protocol idented software version number:
 # - LOCAL_IDENT
 # disable legacy/unsafe methods and unused functionality:
@@ -114,6 +116,7 @@ CONFIGURE_ARGS += \
 # - DROPBEAR_SHA1_HMAC
 DB_OPT_COMMON = \
 	!!LOCAL_IDENT,"SSH-2.0-dropbear" \
+	COMPAT_USER_SHELLS,"/bin/ash","/bin/sh" \
 	DEFAULT_PATH,"$(TARGET_INIT_PATH)" \
 	DEFAULT_ROOT_PATH,"$(TARGET_INIT_PATH)" \
 	DROPBEAR_DSS,0 \
-- 
2.30.2