summaryrefslogtreecommitdiff
path: root/package/dropbear/patches/100-pubkey_path.patch
diff options
context:
space:
mode:
Diffstat (limited to 'package/dropbear/patches/100-pubkey_path.patch')
-rw-r--r--package/dropbear/patches/100-pubkey_path.patch45
1 files changed, 45 insertions, 0 deletions
diff --git a/package/dropbear/patches/100-pubkey_path.patch b/package/dropbear/patches/100-pubkey_path.patch
new file mode 100644
index 0000000000..cbe525bcc3
--- /dev/null
+++ b/package/dropbear/patches/100-pubkey_path.patch
@@ -0,0 +1,45 @@
+--- dropbear.old/svr-authpubkey.c.orig 2006-06-03 14:54:43.000000000 +0000
++++ dropbear.dev/svr-authpubkey.c 2006-06-03 15:03:19.000000000 +0000
+@@ -176,6 +176,8 @@
+ goto out;
+ }
+
++ if (ses.authstate.pw->pw_uid != 0) {
++
+ /* we don't need to check pw and pw_dir for validity, since
+ * its been done in checkpubkeyperms. */
+ len = strlen(ses.authstate.pw->pw_dir);
+@@ -187,6 +189,9 @@
+
+ /* open the file */
+ authfile = fopen(filename, "r");
++ } else {
++ authfile = fopen("/etc/dropbear/authorized_keys","r");
++ }
+ if (authfile == NULL) {
+ goto out;
+ }
+@@ -274,6 +279,8 @@
+ goto out;
+ }
+
++ if (ses.authstate.pw->pw_uid != 0) {
++
+ /* allocate max required pathname storage,
+ * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
+ filename = m_malloc(len + 22);
+@@ -295,6 +302,14 @@
+ if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
+ goto out;
+ }
++ } else {
++ if (checkfileperm("/etc/dropbear") != DROPBEAR_SUCCESS) {
++ goto out;
++ }
++ if (checkfileperm("/etc/dropbear/authorized_keys") != DROPBEAR_SUCCESS) {
++ goto out;
++ }
++ }
+
+ /* file looks ok, return success */
+ ret = DROPBEAR_SUCCESS;