9346cc60f45d7d462e6026a21f2285df33f4d999
[openwrt-10.03/.git] / package / dropbear / patches / 100-pubkey_path.patch
1 Index: dropbear-0.52/svr-authpubkey.c
2 ===================================================================
3 --- dropbear-0.52.orig/svr-authpubkey.c 2008-04-22 17:29:49.000000000 -0700
4 +++ dropbear-0.52/svr-authpubkey.c      2008-04-22 17:29:49.000000000 -0700
5 @@ -209,6 +209,8 @@
6                 goto out;
7         }
8  
9 +       if (ses.authstate.pw_uid != 0) {
10 +
11         /* we don't need to check pw and pw_dir for validity, since
12          * its been done in checkpubkeyperms. */
13         len = strlen(ses.authstate.pw_dir);
14 @@ -220,6 +222,9 @@
15  
16         /* open the file */
17         authfile = fopen(filename, "r");
18 +       } else {
19 +               authfile = fopen("/etc/dropbear/authorized_keys","r");
20 +       }
21         if (authfile == NULL) {
22                 goto out;
23         }
24 @@ -372,6 +377,8 @@
25                 goto out;
26         }
27  
28 +       if (ses.authstate.pw_uid != 0) {
29 +
30         /* allocate max required pathname storage,
31          * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
32         filename = m_malloc(len + 22);
33 @@ -381,6 +388,14 @@
34         if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
35                 goto out;
36         }
37 +       } else {
38 +               if (checkfileperm("/etc/dropbear") != DROPBEAR_SUCCESS) {
39 +                       goto out;
40 +               }
41 +               if (checkfileperm("/etc/dropbear/authorized_keys") != DROPBEAR_SUCCESS) {
42 +                       goto out;
43 +               }
44 +       }
45  
46         /* check ~/.ssh */
47         strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */