projects
/
openwrt
/
openwrt.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
dropbear: bump to 2017.75
[openwrt/openwrt.git]
/
package
/
network
/
services
/
dropbear
/
patches
/
100-pubkey_path.patch
diff --git
a/package/network/services/dropbear/patches/100-pubkey_path.patch
b/package/network/services/dropbear/patches/100-pubkey_path.patch
index 41fdc1adab96cf9efffa8593000336c504fdf6fb..401c7e1ba56443560a89c2e0dd571afce9cf0838 100644
(file)
--- a/
package/network/services/dropbear/patches/100-pubkey_path.patch
+++ b/
package/network/services/dropbear/patches/100-pubkey_path.patch
@@
-1,6
+1,6
@@
--- a/svr-authpubkey.c
+++ b/svr-authpubkey.c
--- a/svr-authpubkey.c
+++ b/svr-authpubkey.c
-@@ -2
18,17 +218,21
@@ static int checkpubkey(char* algo, unsig
+@@ -2
20,14 +220,20
@@ static int checkpubkey(char* algo, unsig
goto out;
}
goto out;
}
@@
-12,9
+12,6
@@
- filename = m_malloc(len + 22);
- snprintf(filename, len + 22, "%s/.ssh/authorized_keys",
- ses.authstate.pw_dir);
- filename = m_malloc(len + 22);
- snprintf(filename, len + 22, "%s/.ssh/authorized_keys",
- ses.authstate.pw_dir);
--
-- /* open the file */
-- authfile = fopen(filename, "r");
+ if (ses.authstate.pw_uid != 0) {
+ /* we don't need to check pw and pw_dir for validity, since
+ * its been done in checkpubkeyperms. */
+ if (ses.authstate.pw_uid != 0) {
+ /* we don't need to check pw and pw_dir for validity, since
+ * its been done in checkpubkeyperms. */
@@
-22,18
+19,17
@@
+ /* allocate max required pathname storage,
+ * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
+ filename = m_malloc(len + 22);
+ /* allocate max required pathname storage,
+ * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
+ filename = m_malloc(len + 22);
-+ snprintf(filename, len + 22, "%s/.ssh/authorized_keys",
-+ ses.authstate.pw_dir);
-+
-+ /* open the file */
-+ authfile = fopen(filename, "r");
++ snprintf(filename, len + 22, "%s/.ssh/authorized_keys",
++ ses.authstate.pw_dir);
+ } else {
+ } else {
-+ authfile = fopen("/etc/dropbear/authorized_keys","r");
++ filename = m_malloc(30);
++ strncpy(filename, "/etc/dropbear/authorized_keys", 30);
+ }
+ }
- if (authfile == NULL) {
- goto out;
- }
-@@ -381,26 +385,35 @@ static int checkpubkeyperms() {
++
+
+ /* open the file as the authenticating user. */
+ origuid = getuid();
+@@ -396,26 +402,35 @@ static int checkpubkeyperms() {
goto out;
}
goto out;
}