diff options
Diffstat (limited to 'meta/recipes-core/dropbear/dropbear/nopw-option.patch')
-rw-r--r-- | meta/recipes-core/dropbear/dropbear/nopw-option.patch | 106 |
1 files changed, 0 insertions, 106 deletions
diff --git a/meta/recipes-core/dropbear/dropbear/nopw-option.patch b/meta/recipes-core/dropbear/dropbear/nopw-option.patch deleted file mode 100644 index 2ff84d24b3..0000000000 --- a/meta/recipes-core/dropbear/dropbear/nopw-option.patch +++ /dev/null | |||
@@ -1,106 +0,0 @@ | |||
1 | Allow configuring "allow blank password option" at runtime | ||
2 | |||
3 | Changes this from a compile-time switch to a command-line option. | ||
4 | |||
5 | Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> | ||
6 | |||
7 | Upstream-Status: Accepted [expected in next release after 2012.55] | ||
8 | |||
9 | diff --git a/options.h b/options.h | ||
10 | index 00f6179..b8d0ccb 100644 | ||
11 | --- a/options.h | ||
12 | +++ b/options.h | ||
13 | @@ -176,12 +176,6 @@ much traffic. */ | ||
14 | #define ENABLE_SVR_PUBKEY_OPTIONS | ||
15 | #endif | ||
16 | |||
17 | -/* Define this to allow logging in to accounts that have no password specified. | ||
18 | - * Public key logins are allowed for blank-password accounts regardless of this | ||
19 | - * setting. PAM is not affected by this setting, it uses the normal pam.d | ||
20 | - * settings ('nullok' option) */ | ||
21 | -/* #define ALLOW_BLANK_PASSWORD */ | ||
22 | - | ||
23 | #define ENABLE_CLI_PASSWORD_AUTH | ||
24 | #define ENABLE_CLI_PUBKEY_AUTH | ||
25 | #define ENABLE_CLI_INTERACT_AUTH | ||
26 | diff --git a/runopts.h b/runopts.h | ||
27 | index 83b5861..126585b 100644 | ||
28 | --- a/runopts.h | ||
29 | +++ b/runopts.h | ||
30 | @@ -85,6 +85,7 @@ typedef struct svr_runopts { | ||
31 | |||
32 | int noauthpass; | ||
33 | int norootpass; | ||
34 | + int allowblankpass; | ||
35 | |||
36 | #ifdef ENABLE_SVR_REMOTETCPFWD | ||
37 | int noremotetcp; | ||
38 | diff --git a/svr-authpasswd.c b/svr-authpasswd.c | ||
39 | index 54b4889..d9b7928 100644 | ||
40 | --- a/svr-authpasswd.c | ||
41 | +++ b/svr-authpasswd.c | ||
42 | @@ -29,6 +29,7 @@ | ||
43 | #include "buffer.h" | ||
44 | #include "dbutil.h" | ||
45 | #include "auth.h" | ||
46 | +#include "runopts.h" | ||
47 | |||
48 | #ifdef ENABLE_SVR_PASSWORD_AUTH | ||
49 | |||
50 | @@ -78,16 +79,17 @@ void svr_auth_password() { | ||
51 | |||
52 | /* check for empty password */ | ||
53 | if (passwdcrypt[0] == '\0') { | ||
54 | -#ifdef ALLOW_BLANK_PASSWORD | ||
55 | - if (passwordlen == 0) { | ||
56 | - success_blank = 1; | ||
57 | + if (svr_opts.allowblankpass) { | ||
58 | + if (passwordlen == 0) { | ||
59 | + success_blank = 1; | ||
60 | + } | ||
61 | + } | ||
62 | + else { | ||
63 | + dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected", | ||
64 | + ses.authstate.pw_name); | ||
65 | + send_msg_userauth_failure(0, 1); | ||
66 | + return; | ||
67 | } | ||
68 | -#else | ||
69 | - dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected", | ||
70 | - ses.authstate.pw_name); | ||
71 | - send_msg_userauth_failure(0, 1); | ||
72 | - return; | ||
73 | -#endif | ||
74 | } | ||
75 | |||
76 | if (success_blank || strcmp(testcrypt, passwdcrypt) == 0) { | ||
77 | diff --git a/svr-runopts.c b/svr-runopts.c | ||
78 | index c6e3508..b39ffb2 100644 | ||
79 | --- a/svr-runopts.c | ||
80 | +++ b/svr-runopts.c | ||
81 | @@ -63,6 +63,7 @@ static void printhelp(const char * progname) { | ||
82 | #if defined(ENABLE_SVR_PASSWORD_AUTH) || defined(ENABLE_SVR_PAM_AUTH) | ||
83 | "-s Disable password logins\n" | ||
84 | "-g Disable password logins for root\n" | ||
85 | + "-B Allow blank password logins\n" | ||
86 | #endif | ||
87 | #ifdef ENABLE_SVR_LOCALTCPFWD | ||
88 | "-j Disable local port forwarding\n" | ||
89 | @@ -115,6 +116,7 @@ void svr_getopts(int argc, char ** argv) { | ||
90 | svr_opts.norootlogin = 0; | ||
91 | svr_opts.noauthpass = 0; | ||
92 | svr_opts.norootpass = 0; | ||
93 | + svr_opts.allowblankpass = 0; | ||
94 | svr_opts.inetdmode = 0; | ||
95 | svr_opts.portcount = 0; | ||
96 | svr_opts.hostkey = NULL; | ||
97 | @@ -234,6 +236,9 @@ void svr_getopts(int argc, char ** argv) { | ||
98 | case 'g': | ||
99 | svr_opts.norootpass = 1; | ||
100 | break; | ||
101 | + case 'B': | ||
102 | + svr_opts.allowblankpass = 1; | ||
103 | + break; | ||
104 | #endif | ||
105 | case 'h': | ||
106 | printhelp(argv[0]); | ||