diff options
| author | nbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2012-10-10 12:32:29 +0000 |
|---|---|---|
| committer | nbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2012-10-10 12:32:29 +0000 |
| commit | 9c8997d54dc9df184bfcedeabf0b3c85cf5e6753 (patch) | |
| tree | 46b83031a0da1b4458317413c00d13c252c72afa /package/dropbear/patches/100-pubkey_path.patch | |
| parent | eecf5b17520f6b3b6ffb45ac7dca298d93b27501 (diff) | |
packages: sort network related packages into package/network/
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@33688 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package/dropbear/patches/100-pubkey_path.patch')
| -rw-r--r-- | package/dropbear/patches/100-pubkey_path.patch | 91 |
1 files changed, 0 insertions, 91 deletions
diff --git a/package/dropbear/patches/100-pubkey_path.patch b/package/dropbear/patches/100-pubkey_path.patch deleted file mode 100644 index c1802f51e..000000000 --- a/package/dropbear/patches/100-pubkey_path.patch +++ /dev/null @@ -1,91 +0,0 @@ ---- a/svr-authpubkey.c -+++ b/svr-authpubkey.c -@@ -209,17 +209,21 @@ static int checkpubkey(unsigned char* al - goto out; - } - -- /* we don't need to check pw and pw_dir for validity, since -- * its been done in checkpubkeyperms. */ -- len = strlen(ses.authstate.pw_dir); -- /* allocate max required pathname storage, -- * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ -- filename = m_malloc(len + 22); -- snprintf(filename, len + 22, "%s/.ssh/authorized_keys", -- ses.authstate.pw_dir); -- -- /* open the file */ -- authfile = fopen(filename, "r"); -+ if (ses.authstate.pw_uid != 0) { -+ /* we don't need to check pw and pw_dir for validity, since -+ * its been done in checkpubkeyperms. */ -+ len = strlen(ses.authstate.pw_dir); -+ /* allocate max required pathname storage, -+ * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ -+ filename = m_malloc(len + 22); -+ snprintf(filename, len + 22, "%s/.ssh/authorized_keys", -+ ses.authstate.pw_dir); -+ -+ /* open the file */ -+ authfile = fopen(filename, "r"); -+ } else { -+ authfile = fopen("/etc/dropbear/authorized_keys","r"); -+ } - if (authfile == NULL) { - goto out; - } -@@ -372,26 +376,35 @@ static int checkpubkeyperms() { - goto out; - } - -- /* allocate max required pathname storage, -- * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ -- filename = m_malloc(len + 22); -- strncpy(filename, ses.authstate.pw_dir, len+1); -- -- /* check ~ */ -- if (checkfileperm(filename) != DROPBEAR_SUCCESS) { -- goto out; -- } -- -- /* check ~/.ssh */ -- strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */ -- if (checkfileperm(filename) != DROPBEAR_SUCCESS) { -- goto out; -- } -- -- /* now check ~/.ssh/authorized_keys */ -- strncat(filename, "/authorized_keys", 16); -- if (checkfileperm(filename) != DROPBEAR_SUCCESS) { -- goto out; -+ if (ses.authstate.pw_uid == 0) { -+ if (checkfileperm("/etc/dropbear") != DROPBEAR_SUCCESS) { -+ goto out; -+ } -+ if (checkfileperm("/etc/dropbear/authorized_keys") != DROPBEAR_SUCCESS) { -+ goto out; -+ } -+ } else { -+ /* allocate max required pathname storage, -+ * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ -+ filename = m_malloc(len + 22); -+ strncpy(filename, ses.authstate.pw_dir, len+1); -+ -+ /* check ~ */ -+ if (checkfileperm(filename) != DROPBEAR_SUCCESS) { -+ goto out; -+ } -+ -+ /* check ~/.ssh */ -+ strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */ -+ if (checkfileperm(filename) != DROPBEAR_SUCCESS) { -+ goto out; -+ } -+ -+ /* now check ~/.ssh/authorized_keys */ -+ strncat(filename, "/authorized_keys", 16); -+ if (checkfileperm(filename) != DROPBEAR_SUCCESS) { -+ goto out; -+ } - } - - /* file looks ok, return success */ |