package/dropbear/patches/100-pubkey_path.patch

   1 --- dropbear.old/svr-authpubkey.c.orig  2006-06-03 14:54:43.000000000 +0000
   2 +++ dropbear.dev/svr-authpubkey.c       2006-06-03 15:03:19.000000000 +0000
   3 @@ -176,6 +176,8 @@
   4                 goto out;
   5         }
   6
   7 +       if (ses.authstate.pw->pw_uid != 0) {
   8 +
   9         /* we don't need to check pw and pw_dir for validity, since
  10          * its been done in checkpubkeyperms. */
  11         len = strlen(ses.authstate.pw->pw_dir);
  12 @@ -187,6 +189,9 @@
  13
  14         /* open the file */
  15         authfile = fopen(filename, "r");
  16 +       } else {
  17 +               authfile = fopen("/etc/dropbear/authorized_keys","r");
  18 +       }
  19         if (authfile == NULL) {
  20                 goto out;
  21         }
  22 @@ -274,6 +279,8 @@
  23                 goto out;
  24         }
  25
  26 +       if (ses.authstate.pw->pw_uid != 0) {
  27 +
  28         /* allocate max required pathname storage,
  29          * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
  30         filename = m_malloc(len + 22);
  31 @@ -295,6 +302,14 @@
  32         if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
  33                 goto out;
  34         }
  35 +       } else {
  36 +               if (checkfileperm("/etc/dropbear") != DROPBEAR_SUCCESS) {
  37 +                       goto out;
  38 +               }
  39 +               if (checkfileperm("/etc/dropbear/authorized_keys") != DROPBEAR_SUCCESS) {
  40 +                       goto out;
  41 +               }
  42 +       }
  43
  44         /* file looks ok, return success */
  45         ret = DROPBEAR_SUCCESS;