diff options
| author | Matt Johnston <matt@ucc.asn.au> | 2008-01-13 03:55:59 +0000 |
|---|---|---|
| committer | Matt Johnston <matt@ucc.asn.au> | 2008-01-13 03:55:59 +0000 |
| commit | 2b6a90ef86c0227ee843a72c3da95ca122983269 (patch) | |
| tree | 9692d7d32f6e274634af9345f79c1d436b38aed8 /svr-authpubkey.c | |
| parent | ad532cd196adca8c6913c706e32da7b1c8cb5574 (diff) | |
| download | dropbear-2b6a90ef86c0227ee843a72c3da95ca122983269.tar.gz | |
Make a copy of passwd fields since getpwnam()'s retval isn't safe to keep
Diffstat (limited to 'svr-authpubkey.c')
| -rw-r--r-- | svr-authpubkey.c | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/svr-authpubkey.c b/svr-authpubkey.c index d611c89..71477de 100644 --- a/svr-authpubkey.c +++ b/svr-authpubkey.c @@ -105,12 +105,12 @@ void svr_auth_pubkey() { signbuf->len) == DROPBEAR_SUCCESS) { dropbear_log(LOG_NOTICE, "pubkey auth succeeded for '%s' with key %s from %s", - ses.authstate.printableuser, fp, svr_ses.addrstring); + ses.authstate.pw_name, fp, svr_ses.addrstring); send_msg_userauth_success(); } else { dropbear_log(LOG_WARNING, "pubkey auth bad signature for '%s' with key %s from %s", - ses.authstate.printableuser, fp, svr_ses.addrstring); + ses.authstate.pw_name, fp, svr_ses.addrstring); send_msg_userauth_failure(0, 1); } m_free(fp); @@ -166,7 +166,7 @@ static int checkpubkey(unsigned char* algo, unsigned int algolen, if (have_algo(algo, algolen, sshhostkey) == DROPBEAR_FAILURE) { dropbear_log(LOG_WARNING, "pubkey auth attempt with unknown algo for '%s' from %s", - ses.authstate.printableuser, svr_ses.addrstring); + ses.authstate.pw_name, svr_ses.addrstring); goto out; } @@ -178,12 +178,12 @@ static int checkpubkey(unsigned char* algo, unsigned int algolen, /* we don't need to check pw and pw_dir for validity, since * its been done in checkpubkeyperms. */ - len = strlen(ses.authstate.pw->pw_dir); + len = strlen(ses.authstate.pw_dir); /* allocate max required pathname storage, * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ filename = m_malloc(len + 22); snprintf(filename, len + 22, "%s/.ssh/authorized_keys", - ses.authstate.pw->pw_dir); + ses.authstate.pw_dir); /* open the file */ authfile = fopen(filename, "r"); @@ -266,18 +266,18 @@ static int checkpubkeyperms() { TRACE(("enter checkpubkeyperms")) - if (ses.authstate.pw->pw_dir == NULL) { + if (ses.authstate.pw_dir == NULL) { goto out; } - if ((len = strlen(ses.authstate.pw->pw_dir)) == 0) { + if ((len = strlen(ses.authstate.pw_dir)) == 0) { goto out; } /* allocate max required pathname storage, * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ filename = m_malloc(len + 22); - strncpy(filename, ses.authstate.pw->pw_dir, len+1); + strncpy(filename, ses.authstate.pw_dir, len+1); /* check ~ */ if (checkfileperm(filename) != DROPBEAR_SUCCESS) { @@ -320,7 +320,7 @@ static int checkfileperm(char * filename) { return DROPBEAR_FAILURE; } /* check ownership - user or root only*/ - if (filestat.st_uid != ses.authstate.pw->pw_uid + if (filestat.st_uid != ses.authstate.pw_uid && filestat.st_uid != 0) { badperm = 1; TRACE(("wrong ownership")) |