diff options
-rw-r--r-- | package/network/services/dropbear/Makefile | 6 | ||||
-rw-r--r-- | package/network/services/dropbear/patches/100-pubkey_path.patch | 24 |
2 files changed, 13 insertions, 17 deletions
diff --git a/package/network/services/dropbear/Makefile b/package/network/services/dropbear/Makefile index 5e518da..1e2588d 100644 --- a/package/network/services/dropbear/Makefile +++ b/package/network/services/dropbear/Makefile @@ -8,14 +8,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dropbear -PKG_VERSION:=2016.74 -PKG_RELEASE:=2 +PKG_VERSION:=2017.75 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:= \ http://matt.ucc.asn.au/dropbear/releases/ \ https://dropbear.nl/mirror/releases/ -PKG_HASH:=2720ea54ed009af812701bcc290a2a601d5c107d12993e5d92c0f5f81f718891 +PKG_HASH:=6cbc1dcb1c9709d226dff669e5604172a18cf5dbf9a201474d5618ae4465098c PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE diff --git a/package/network/services/dropbear/patches/100-pubkey_path.patch b/package/network/services/dropbear/patches/100-pubkey_path.patch index 41fdc1a..401c7e1 100644 --- a/package/network/services/dropbear/patches/100-pubkey_path.patch +++ b/package/network/services/dropbear/patches/100-pubkey_path.patch @@ -1,6 +1,6 @@ --- a/svr-authpubkey.c +++ b/svr-authpubkey.c -@@ -218,17 +218,21 @@ static int checkpubkey(char* algo, unsig +@@ -220,14 +220,20 @@ static int checkpubkey(char* algo, unsig goto out; } @@ -12,9 +12,6 @@ - filename = m_malloc(len + 22); - snprintf(filename, len + 22, "%s/.ssh/authorized_keys", - ses.authstate.pw_dir); -- -- /* open the file */ -- authfile = fopen(filename, "r"); + if (ses.authstate.pw_uid != 0) { + /* we don't need to check pw and pw_dir for validity, since + * its been done in checkpubkeyperms. */ @@ -22,18 +19,17 @@ + /* allocate max required pathname storage, + * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ + filename = m_malloc(len + 22); -+ snprintf(filename, len + 22, "%s/.ssh/authorized_keys", -+ ses.authstate.pw_dir); -+ -+ /* open the file */ -+ authfile = fopen(filename, "r"); ++ snprintf(filename, len + 22, "%s/.ssh/authorized_keys", ++ ses.authstate.pw_dir); + } else { -+ authfile = fopen("/etc/dropbear/authorized_keys","r"); ++ filename = m_malloc(30); ++ strncpy(filename, "/etc/dropbear/authorized_keys", 30); + } - if (authfile == NULL) { - goto out; - } -@@ -381,26 +385,35 @@ static int checkpubkeyperms() { ++ + + /* open the file as the authenticating user. */ + origuid = getuid(); +@@ -396,26 +402,35 @@ static int checkpubkeyperms() { goto out; } |