diff options
Diffstat (limited to 'package/network/services/dropbear/patches/100-pubkey_path.patch')
-rw-r--r-- | package/network/services/dropbear/patches/100-pubkey_path.patch | 45 |
1 files changed, 22 insertions, 23 deletions
diff --git a/package/network/services/dropbear/patches/100-pubkey_path.patch b/package/network/services/dropbear/patches/100-pubkey_path.patch index 274d3af46a..732d84078f 100644 --- a/package/network/services/dropbear/patches/100-pubkey_path.patch +++ b/package/network/services/dropbear/patches/100-pubkey_path.patch @@ -1,6 +1,6 @@ --- a/svr-authpubkey.c +++ b/svr-authpubkey.c -@@ -229,14 +229,20 @@ static int checkpubkey(char* algo, unsig +@@ -338,14 +338,19 @@ static int checkpubkey(const char* algo, goto out; } @@ -25,34 +25,23 @@ + filename = m_malloc(30); + strncpy(filename, "/etc/dropbear/authorized_keys", 30); + } -+ + #if DROPBEAR_SVR_MULTIUSER /* open the file as the authenticating user. */ - origuid = getuid(); -@@ -405,26 +411,35 @@ static int checkpubkeyperms() { +@@ -426,27 +431,36 @@ static int checkpubkeyperms() { goto out; } - /* allocate max required pathname storage, - * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ -- filename = m_malloc(len + 22); -- strncpy(filename, ses.authstate.pw_dir, len+1); +- len += 22; +- filename = m_malloc(len); +- strlcpy(filename, ses.authstate.pw_dir, len); - - /* check ~ */ - if (checkfileperm(filename) != DROPBEAR_SUCCESS) { - goto out; - } -- -- /* check ~/.ssh */ -- strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */ -- if (checkfileperm(filename) != DROPBEAR_SUCCESS) { -- goto out; -- } -- -- /* now check ~/.ssh/authorized_keys */ -- strncat(filename, "/authorized_keys", 16); -- if (checkfileperm(filename) != DROPBEAR_SUCCESS) { -- goto out; + if (ses.authstate.pw_uid == 0) { + if (checkfileperm("/etc/dropbear") != DROPBEAR_SUCCESS) { + goto out; @@ -63,22 +52,32 @@ + } else { + /* allocate max required pathname storage, + * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ -+ filename = m_malloc(len + 22); -+ strncpy(filename, ses.authstate.pw_dir, len+1); ++ len += 22; ++ filename = m_malloc(len); ++ strlcpy(filename, ses.authstate.pw_dir, len); + + /* check ~ */ + if (checkfileperm(filename) != DROPBEAR_SUCCESS) { + goto out; + } -+ + +- /* check ~/.ssh */ +- strlcat(filename, "/.ssh", len); +- if (checkfileperm(filename) != DROPBEAR_SUCCESS) { +- goto out; +- } + /* check ~/.ssh */ -+ strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */ ++ strlcat(filename, "/.ssh", len); + if (checkfileperm(filename) != DROPBEAR_SUCCESS) { + goto out; + } -+ + +- /* now check ~/.ssh/authorized_keys */ +- strlcat(filename, "/authorized_keys", len); +- if (checkfileperm(filename) != DROPBEAR_SUCCESS) { +- goto out; + /* now check ~/.ssh/authorized_keys */ -+ strncat(filename, "/authorized_keys", 16); ++ strlcat(filename, "/authorized_keys", len); + if (checkfileperm(filename) != DROPBEAR_SUCCESS) { + goto out; + } |