123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 |
- --- a/svr-authpubkey.c
- +++ b/svr-authpubkey.c
- @@ -229,14 +229,20 @@ static int checkpubkey(char* algo, unsig
- goto out;
- }
-
- - /* we don't need to check pw and pw_dir for validity, since
- - * its been done in checkpubkeyperms. */
- - len = strlen(ses.authstate.pw_dir);
- - /* allocate max required pathname storage,
- - * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
- - filename = m_malloc(len + 22);
- - snprintf(filename, len + 22, "%s/.ssh/authorized_keys",
- - ses.authstate.pw_dir);
- + if (ses.authstate.pw_uid != 0) {
- + /* we don't need to check pw and pw_dir for validity, since
- + * its been done in checkpubkeyperms. */
- + len = strlen(ses.authstate.pw_dir);
- + /* allocate max required pathname storage,
- + * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
- + filename = m_malloc(len + 22);
- + snprintf(filename, len + 22, "%s/.ssh/authorized_keys",
- + ses.authstate.pw_dir);
- + } else {
- + filename = m_malloc(30);
- + strncpy(filename, "/etc/dropbear/authorized_keys", 30);
- + }
- +
-
- /* open the file as the authenticating user. */
- origuid = getuid();
- @@ -405,26 +411,35 @@ static int checkpubkeyperms() {
- goto out;
- }
-
- - /* allocate max required pathname storage,
- - * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
- - filename = m_malloc(len + 22);
- - strncpy(filename, ses.authstate.pw_dir, len+1);
- -
- - /* check ~ */
- - if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
- - goto out;
- - }
- -
- - /* check ~/.ssh */
- - strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */
- - if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
- - goto out;
- - }
- -
- - /* now check ~/.ssh/authorized_keys */
- - strncat(filename, "/authorized_keys", 16);
- - if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
- - goto out;
- + if (ses.authstate.pw_uid == 0) {
- + if (checkfileperm("/etc/dropbear") != DROPBEAR_SUCCESS) {
- + goto out;
- + }
- + if (checkfileperm("/etc/dropbear/authorized_keys") != DROPBEAR_SUCCESS) {
- + goto out;
- + }
- + } else {
- + /* allocate max required pathname storage,
- + * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
- + filename = m_malloc(len + 22);
- + strncpy(filename, ses.authstate.pw_dir, len+1);
- +
- + /* check ~ */
- + if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
- + goto out;
- + }
- +
- + /* check ~/.ssh */
- + strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */
- + if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
- + goto out;
- + }
- +
- + /* now check ~/.ssh/authorized_keys */
- + strncat(filename, "/authorized_keys", 16);
- + if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
- + goto out;
- + }
- }
-
- /* file looks ok, return success */
|