diff options
| author | Felix Fietkau <nbd@openwrt.org> | 2012-10-10 12:32:29 +0000 |
|---|---|---|
| committer | Felix Fietkau <nbd@openwrt.org> | 2012-10-10 12:32:29 +0000 |
| commit | 405e21d16731b2764ab82aaaadcf36a813b105f7 (patch) | |
| tree | c6f9a8402389a5081519b91ce62c4a8cafcb8917 /package/dropbear/patches/100-pubkey_path.patch | |
| parent | d0ec348ded6f715b43b396b06ccb10599b37969d (diff) | |
| download | upstream-405e21d16731b2764ab82aaaadcf36a813b105f7.tar.gz upstream-405e21d16731b2764ab82aaaadcf36a813b105f7.tar.bz2 upstream-405e21d16731b2764ab82aaaadcf36a813b105f7.zip | |
packages: sort network related packages into package/network/
SVN-Revision: 33688
Diffstat (limited to 'package/dropbear/patches/100-pubkey_path.patch')
| -rw-r--r-- | package/dropbear/patches/100-pubkey_path.patch | 91 |
1 files changed, 0 insertions, 91 deletions
diff --git a/package/dropbear/patches/100-pubkey_path.patch b/package/dropbear/patches/100-pubkey_path.patch deleted file mode 100644 index c1802f51e5..0000000000 --- a/package/dropbear/patches/100-pubkey_path.patch +++ /dev/null @@ -1,91 +0,0 @@ ---- a/svr-authpubkey.c -+++ b/svr-authpubkey.c -@@ -209,17 +209,21 @@ static int checkpubkey(unsigned char* al - goto out; - } - -- /* we don't need to check pw and pw_dir for validity, since -- * its been done in checkpubkeyperms. */ -- len = strlen(ses.authstate.pw_dir); -- /* allocate max required pathname storage, -- * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ -- filename = m_malloc(len + 22); -- snprintf(filename, len + 22, "%s/.ssh/authorized_keys", -- ses.authstate.pw_dir); -- -- /* open the file */ -- authfile = fopen(filename, "r"); -+ if (ses.authstate.pw_uid != 0) { -+ /* we don't need to check pw and pw_dir for validity, since -+ * its been done in checkpubkeyperms. */ -+ len = strlen(ses.authstate.pw_dir); -+ /* allocate max required pathname storage, -+ * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ -+ filename = m_malloc(len + 22); -+ snprintf(filename, len + 22, "%s/.ssh/authorized_keys", -+ ses.authstate.pw_dir); -+ -+ /* open the file */ -+ authfile = fopen(filename, "r"); -+ } else { -+ authfile = fopen("/etc/dropbear/authorized_keys","r"); -+ } - if (authfile == NULL) { - goto out; - } -@@ -372,26 +376,35 @@ static int checkpubkeyperms() { - goto out; - } - -- /* allocate max required pathname storage, -- * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ -- filename = m_malloc(len + 22); -- strncpy(filename, ses.authstate.pw_dir, len+1); -- -- /* check ~ */ -- if (checkfileperm(filename) != DROPBEAR_SUCCESS) { -- goto out; -- } -- -- /* check ~/.ssh */ -- strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */ -- if (checkfileperm(filename) != DROPBEAR_SUCCESS) { -- goto out; -- } -- -- /* now check ~/.ssh/authorized_keys */ -- strncat(filename, "/authorized_keys", 16); -- if (checkfileperm(filename) != DROPBEAR_SUCCESS) { -- goto out; -+ if (ses.authstate.pw_uid == 0) { -+ if (checkfileperm("/etc/dropbear") != DROPBEAR_SUCCESS) { -+ goto out; -+ } -+ if (checkfileperm("/etc/dropbear/authorized_keys") != DROPBEAR_SUCCESS) { -+ goto out; -+ } -+ } else { -+ /* allocate max required pathname storage, -+ * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ -+ filename = m_malloc(len + 22); -+ strncpy(filename, ses.authstate.pw_dir, len+1); -+ -+ /* check ~ */ -+ if (checkfileperm(filename) != DROPBEAR_SUCCESS) { -+ goto out; -+ } -+ -+ /* check ~/.ssh */ -+ strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */ -+ if (checkfileperm(filename) != DROPBEAR_SUCCESS) { -+ goto out; -+ } -+ -+ /* now check ~/.ssh/authorized_keys */ -+ strncat(filename, "/authorized_keys", 16); -+ if (checkfileperm(filename) != DROPBEAR_SUCCESS) { -+ goto out; -+ } - } - - /* file looks ok, return success */ |