diff options
author | wbx <wbx@hydrogenium.(none)> | 2009-05-17 14:41:34 +0200 |
---|---|---|
committer | wbx <wbx@hydrogenium.(none)> | 2009-05-17 14:41:34 +0200 |
commit | 219a6dab8995aad9ac4860cc1a84d6f3509a03a4 (patch) | |
tree | b9c0f3c43aebba2fcfef777592d0add39f2072f4 /package/dropbear/patches/patch-svr-authpubkey_c |
Initial import
Diffstat (limited to 'package/dropbear/patches/patch-svr-authpubkey_c')
-rw-r--r-- | package/dropbear/patches/patch-svr-authpubkey_c | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/package/dropbear/patches/patch-svr-authpubkey_c b/package/dropbear/patches/patch-svr-authpubkey_c new file mode 100644 index 000000000..289471f38 --- /dev/null +++ b/package/dropbear/patches/patch-svr-authpubkey_c @@ -0,0 +1,46 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- dropbear-0.52.orig/svr-authpubkey.c 2008-11-11 15:09:03.000000000 +0100 ++++ dropbear-0.52/svr-authpubkey.c 2009-03-19 19:29:53.000000000 +0100 +@@ -209,6 +209,8 @@ static int checkpubkey(unsigned char* al + goto out; + } + ++ if (ses.authstate.pw_uid != 0) { ++ + /* we don't need to check pw and pw_dir for validity, since + * its been done in checkpubkeyperms. */ + len = strlen(ses.authstate.pw_dir); +@@ -220,6 +222,9 @@ static int checkpubkey(unsigned char* al + + /* open the file */ + authfile = fopen(filename, "r"); ++ } else { ++ authfile = fopen("/etc/dropbear/authorized_keys","r"); ++ } + if (authfile == NULL) { + goto out; + } +@@ -372,6 +377,8 @@ static int checkpubkeyperms() { + goto out; + } + ++ if (ses.authstate.pw_uid != 0) { ++ + /* allocate max required pathname storage, + * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ + filename = m_malloc(len + 22); +@@ -393,6 +400,14 @@ static int checkpubkeyperms() { + if (checkfileperm(filename) != DROPBEAR_SUCCESS) { + goto out; + } ++ } else { ++ if (checkfileperm("/etc/dropbear") != DROPBEAR_SUCCESS) { ++ goto out; ++ } ++ if (checkfileperm("/etc/dropbear/authorized_keys") != DROPBEAR_SUCCESS) { ++ goto out; ++ } ++ } + + /* file looks ok, return success */ + ret = DROPBEAR_SUCCESS; |