1 files changed, 46 insertions, 0 deletions

diff --git a/package/dropbear/patches/patch-svr-authpubkey_c b/package/dropbear/patches/patch-svr-authpubkey_c
new file mode 100644
index 000000000..289471f38
--- /dev/null
+++ b/package/dropbear/patches/patch-svr-authpubkey_c
@@ -0,0 +1,46 @@
+$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
+--- dropbear-0.52.orig/svr-authpubkey.c	2008-11-11 15:09:03.000000000 +0100
++++ dropbear-0.52/svr-authpubkey.c	2009-03-19 19:29:53.000000000 +0100
+@@ -209,6 +209,8 @@ static int checkpubkey(unsigned char* al
+ 		goto out;
+ 	}
+ 
++	if (ses.authstate.pw_uid != 0) {
++
+ 	/* we don't need to check pw and pw_dir for validity, since
+ 	 * its been done in checkpubkeyperms. */
+ 	len = strlen(ses.authstate.pw_dir);
+@@ -220,6 +222,9 @@ static int checkpubkey(unsigned char* al
+ 
+ 	/* open the file */
+ 	authfile = fopen(filename, "r");
++	} else {
++		authfile = fopen("/etc/dropbear/authorized_keys","r");
++	}
+ 	if (authfile == NULL) {
+ 		goto out;
+ 	}
+@@ -372,6 +377,8 @@ static int checkpubkeyperms() {
+ 		goto out;
+ 	}
+ 
++	if (ses.authstate.pw_uid != 0) {
++
+ 	/* allocate max required pathname storage,
+ 	 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
+ 	filename = m_malloc(len + 22);
+@@ -393,6 +400,14 @@ static int checkpubkeyperms() {
+ 	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
+ 		goto out;
+ 	}
++	} else {
++		if (checkfileperm("/etc/dropbear") != DROPBEAR_SUCCESS) {
++			goto out;
++		}
++		if (checkfileperm("/etc/dropbear/authorized_keys") != DROPBEAR_SUCCESS) {
++			goto out;
++		}
++	}
+ 
+ 	/* file looks ok, return success */
+ 	ret = DROPBEAR_SUCCESS;