package/dropbear/patches/100-pubkey_path.patch

   1 --- a/svr-authpubkey.c
   2 +++ b/svr-authpubkey.c
   3 @@ -209,17 +209,21 @@ static int checkpubkey(unsigned char* al
   4                 goto out;
   5         }
   6
   7 -       /* we don't need to check pw and pw_dir for validity, since
   8 -        * its been done in checkpubkeyperms. */
   9 -       len = strlen(ses.authstate.pw_dir);
  10 -       /* allocate max required pathname storage,
  11 -        * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
  12 -       filename = m_malloc(len + 22);
  13 -       snprintf(filename, len + 22, "%s/.ssh/authorized_keys",
  14 -                               ses.authstate.pw_dir);
  15 -
  16 -       /* open the file */
  17 -       authfile = fopen(filename, "r");
  18 +       if (ses.authstate.pw_uid != 0) {
  19 +               /* we don't need to check pw and pw_dir for validity, since
  20 +                * its been done in checkpubkeyperms. */
  21 +               len = strlen(ses.authstate.pw_dir);
  22 +               /* allocate max required pathname storage,
  23 +                * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
  24 +               filename = m_malloc(len + 22);
  25 +               snprintf(filename, len + 22, "%s/.ssh/authorized_keys",
  26 +                        ses.authstate.pw_dir);
  27 +
  28 +               /* open the file */
  29 +               authfile = fopen(filename, "r");
  30 +       } else {
  31 +               authfile = fopen("/etc/dropbear/authorized_keys","r");
  32 +       }
  33         if (authfile == NULL) {
  34                 goto out;
  35         }
  36 @@ -372,26 +376,35 @@ static int checkpubkeyperms() {
  37                 goto out;
  38         }
  39
  40 -       /* allocate max required pathname storage,
  41 -        * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
  42 -       filename = m_malloc(len + 22);
  43 -       strncpy(filename, ses.authstate.pw_dir, len+1);
  44 -
  45 -       /* check ~ */
  46 -       if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
  47 -               goto out;
  48 -       }
  49 -
  50 -       /* check ~/.ssh */
  51 -       strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */
  52 -       if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
  53 -               goto out;
  54 -       }
  55 -
  56 -       /* now check ~/.ssh/authorized_keys */
  57 -       strncat(filename, "/authorized_keys", 16);
  58 -       if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
  59 -               goto out;
  60 +       if (ses.authstate.pw_uid == 0) {
  61 +               if (checkfileperm("/etc/dropbear") != DROPBEAR_SUCCESS) {
  62 +                       goto out;
  63 +               }
  64 +               if (checkfileperm("/etc/dropbear/authorized_keys") != DROPBEAR_SUCCESS) {
  65 +                       goto out;
  66 +               }
  67 +       } else {
  68 +               /* allocate max required pathname storage,
  69 +                * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
  70 +               filename = m_malloc(len + 22);
  71 +               strncpy(filename, ses.authstate.pw_dir, len+1);
  72 +
  73 +               /* check ~ */
  74 +               if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
  75 +                       goto out;
  76 +               }
  77 +
  78 +               /* check ~/.ssh */
  79 +               strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */
  80 +               if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
  81 +                       goto out;
  82 +               }
  83 +
  84 +               /* now check ~/.ssh/authorized_keys */
  85 +               strncat(filename, "/authorized_keys", 16);
  86 +               if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
  87 +                       goto out;
  88 +               }
  89         }
  90
  91         /* file looks ok, return success */