diff options
| author | Waldemar Brodkorb <wbx@openwrt.org> | 2005-10-15 08:46:51 +0000 |
|---|---|---|
| committer | Waldemar Brodkorb <wbx@openwrt.org> | 2005-10-15 08:46:51 +0000 |
| commit | 286da6f050e277a1e0f1a852d60a8bb00c3f5f85 (patch) | |
| tree | 6a677b649e1453dff74519d4aae2172537c1fb01 /package/dropbear | |
| parent | 6530fd33fa3534006a7be584ee1261dd0ee75f72 (diff) | |
| download | upstream-286da6f050e277a1e0f1a852d60a8bb00c3f5f85.tar.gz upstream-286da6f050e277a1e0f1a852d60a8bb00c3f5f85.tar.bz2 upstream-286da6f050e277a1e0f1a852d60a8bb00c3f5f85.zip | |
sync dropbear package with whiterussian
git-svn-id: svn://svn.openwrt.org/openwrt/trunk/openwrt@2112 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package/dropbear')
| -rw-r--r-- | package/dropbear/Makefile | 2 | ||||
| -rw-r--r-- | package/dropbear/patches/authpubkey.patch | 73 |
2 files changed, 74 insertions, 1 deletions
diff --git a/package/dropbear/Makefile b/package/dropbear/Makefile index 871a5c710c..72697be19b 100644 --- a/package/dropbear/Makefile +++ b/package/dropbear/Makefile @@ -4,7 +4,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dropbear PKG_VERSION:=0.45 -PKG_RELEASE:=3 +PKG_RELEASE:=4 PKG_MD5SUM:=2bcc46e4c239aec982bf36a723dd0b0e PKG_SOURCE_URL:=http://matt.ucc.asn.au/dropbear/releases/ diff --git a/package/dropbear/patches/authpubkey.patch b/package/dropbear/patches/authpubkey.patch new file mode 100644 index 0000000000..07beefe714 --- /dev/null +++ b/package/dropbear/patches/authpubkey.patch @@ -0,0 +1,73 @@ +--- dropbear-0.45.old/svr-authpubkey.c 2005-09-27 12:45:20.863639072 +0200 ++++ dropbear-0.45/svr-authpubkey.c 2005-09-27 13:15:09.066790872 +0200 +@@ -176,14 +176,10 @@ + goto out; + } + +- /* we don't need to check pw and pw_dir for validity, since +- * its been done in checkpubkeyperms. */ +- len = strlen(ses.authstate.pw->pw_dir); + /* allocate max required pathname storage, +- * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ +- filename = m_malloc(len + 22); +- snprintf(filename, len + 22, "%s/.ssh/authorized_keys", +- ses.authstate.pw->pw_dir); ++ * = "/etc/dropbear/authorized_keys" + '\0' = 30 */ ++ filename = m_malloc(30); ++ strncpy(filename, "/etc/dropbear/authorized_keys", 30); + + /* open the file */ + authfile = fopen(filename, "r"); +@@ -255,43 +251,33 @@ + + /* Returns DROPBEAR_SUCCESS if file permissions for pubkeys are ok, + * DROPBEAR_FAILURE otherwise. +- * Checks that the user's homedir, ~/.ssh, and +- * ~/.ssh/authorized_keys are all owned by either root or the user, and are ++ * Checks that /etc, /etc/dropbear and /etc/dropbear/authorized_keys ++ * are all owned by either root or the user, and are + * g-w, o-w */ + static int checkpubkeyperms() { + + char* filename = NULL; + int ret = DROPBEAR_FAILURE; +- unsigned int len; + + TRACE(("enter checkpubkeyperms")) + +- assert(ses.authstate.pw); +- if (ses.authstate.pw->pw_dir == NULL) { +- goto out; +- } +- +- if ((len = strlen(ses.authstate.pw->pw_dir)) == 0) { +- goto out; +- } +- + /* allocate max required pathname storage, +- * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ +- filename = m_malloc(len + 22); +- strncpy(filename, ses.authstate.pw->pw_dir, len+1); ++ * = "/etc/dropbear/authorized_keys" + '\0' = 30 */ ++ filename = m_malloc(30); ++ strncpy(filename, "/etc", 4); /* strlen("/etc") == 4 */ + +- /* check ~ */ ++ /* check /etc */ + if (checkfileperm(filename) != DROPBEAR_SUCCESS) { + goto out; + } + +- /* check ~/.ssh */ +- strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */ ++ /* check /etc/dropbear */ ++ strncat(filename, "/dropbear", 9); /* strlen("/dropbear") == 9 */ + if (checkfileperm(filename) != DROPBEAR_SUCCESS) { + goto out; + } + +- /* now check ~/.ssh/authorized_keys */ ++ /* now check /etc/dropbear/authorized_keys */ + strncat(filename, "/authorized_keys", 16); + if (checkfileperm(filename) != DROPBEAR_SUCCESS) { + goto out; |