summaryrefslogtreecommitdiff
path: root/package/dropbear/patches/patch-svr-authpubkey_c
diff options
context:
space:
mode:
authorwbx <wbx@hydrogenium.(none)>2009-05-17 14:41:34 +0200
committerwbx <wbx@hydrogenium.(none)>2009-05-17 14:41:34 +0200
commit219a6dab8995aad9ac4860cc1a84d6f3509a03a4 (patch)
treeb9c0f3c43aebba2fcfef777592d0add39f2072f4 /package/dropbear/patches/patch-svr-authpubkey_c
Initial import
Diffstat (limited to 'package/dropbear/patches/patch-svr-authpubkey_c')
-rw-r--r--package/dropbear/patches/patch-svr-authpubkey_c46
1 files changed, 46 insertions, 0 deletions
diff --git a/package/dropbear/patches/patch-svr-authpubkey_c b/package/dropbear/patches/patch-svr-authpubkey_c
new file mode 100644
index 000000000..289471f38
--- /dev/null
+++ b/package/dropbear/patches/patch-svr-authpubkey_c
@@ -0,0 +1,46 @@
+$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
+--- dropbear-0.52.orig/svr-authpubkey.c 2008-11-11 15:09:03.000000000 +0100
++++ dropbear-0.52/svr-authpubkey.c 2009-03-19 19:29:53.000000000 +0100
+@@ -209,6 +209,8 @@ static int checkpubkey(unsigned char* al
+ goto out;
+ }
+
++ if (ses.authstate.pw_uid != 0) {
++
+ /* we don't need to check pw and pw_dir for validity, since
+ * its been done in checkpubkeyperms. */
+ len = strlen(ses.authstate.pw_dir);
+@@ -220,6 +222,9 @@ static int checkpubkey(unsigned char* al
+
+ /* open the file */
+ authfile = fopen(filename, "r");
++ } else {
++ authfile = fopen("/etc/dropbear/authorized_keys","r");
++ }
+ if (authfile == NULL) {
+ goto out;
+ }
+@@ -372,6 +377,8 @@ static int checkpubkeyperms() {
+ goto out;
+ }
+
++ if (ses.authstate.pw_uid != 0) {
++
+ /* allocate max required pathname storage,
+ * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
+ filename = m_malloc(len + 22);
+@@ -393,6 +400,14 @@ static int checkpubkeyperms() {
+ if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
+ goto out;
+ }
++ } else {
++ if (checkfileperm("/etc/dropbear") != DROPBEAR_SUCCESS) {
++ goto out;
++ }
++ if (checkfileperm("/etc/dropbear/authorized_keys") != DROPBEAR_SUCCESS) {
++ goto out;
++ }
++ }
+
+ /* file looks ok, return success */
+ ret = DROPBEAR_SUCCESS;