comparison svr-runopts.c @ 1921:284c3837891c

Allow user space file locations (rootless support) Why: Running dropbear as a user (rootless) is aided if files and programs can be saved/removed without needing sudo. What: Use the same convention as DROPBEAR_DEFAULT_CLI_AUTHKEY; if not starting with '/', then is relative to hedge's /home/hedge: *_PRIV_FILENAME DROPBEAR_PIDFILE SFTPSERVER_PATH default_options.h commentary added. Changes kept to a minimum, so log entry in svr_kex.c#163 is refactored. From: Generated hostkey is <path> ... <finger-print> to: Generated hostkey path is <path> Generated hostkey fingerprint is <fp> Otherwise the unexpanded path was reported. Patch modified by Matt Johnston Signed-off-by: Begley Brothers Inc <[email protected]>
author Begley Brothers Inc <begleybrothers@gmail.com>
date Thu, 09 Jul 2020 17:47:58 +1000
parents be236878efcf
children 4528afefe45d
comparison
equal deleted inserted replaced
1920:1489449eceb1 1921:284c3837891c
161 svr_opts.maxauthtries = MAX_AUTH_TRIES; 161 svr_opts.maxauthtries = MAX_AUTH_TRIES;
162 svr_opts.inetdmode = 0; 162 svr_opts.inetdmode = 0;
163 svr_opts.portcount = 0; 163 svr_opts.portcount = 0;
164 svr_opts.hostkey = NULL; 164 svr_opts.hostkey = NULL;
165 svr_opts.delay_hostkey = 0; 165 svr_opts.delay_hostkey = 0;
166 svr_opts.pidfile = DROPBEAR_PIDFILE; 166 svr_opts.pidfile = expand_homedir_path(DROPBEAR_PIDFILE);
167 #if DROPBEAR_SVR_LOCALTCPFWD 167 #if DROPBEAR_SVR_LOCALTCPFWD
168 svr_opts.nolocaltcp = 0; 168 svr_opts.nolocaltcp = 0;
169 #endif 169 #endif
170 #if DROPBEAR_SVR_REMOTETCPFWD 170 #if DROPBEAR_SVR_REMOTETCPFWD
171 svr_opts.noremotetcp = 0; 171 svr_opts.noremotetcp = 0;
528 } 528 }
529 529
530 /* Must be called after syslog/etc is working */ 530 /* Must be called after syslog/etc is working */
531 static void loadhostkey(const char *keyfile, int fatal_duplicate) { 531 static void loadhostkey(const char *keyfile, int fatal_duplicate) {
532 sign_key * read_key = new_sign_key(); 532 sign_key * read_key = new_sign_key();
533 char *expand_path = expand_homedir_path(keyfile);
533 enum signkey_type type = DROPBEAR_SIGNKEY_ANY; 534 enum signkey_type type = DROPBEAR_SIGNKEY_ANY;
534 if (readhostkey(keyfile, read_key, &type) == DROPBEAR_FAILURE) { 535 if (readhostkey(expand_path, read_key, &type) == DROPBEAR_FAILURE) {
535 if (!svr_opts.delay_hostkey) { 536 if (!svr_opts.delay_hostkey) {
536 dropbear_log(LOG_WARNING, "Failed loading %s", keyfile); 537 dropbear_log(LOG_WARNING, "Failed loading %s", expand_path);
537 } 538 }
538 } 539 }
540 m_free(expand_path);
539 541
540 #if DROPBEAR_RSA 542 #if DROPBEAR_RSA
541 if (type == DROPBEAR_SIGNKEY_RSA) { 543 if (type == DROPBEAR_SIGNKEY_RSA) {
542 loadhostkey_helper("RSA", (void**)&read_key->rsakey, (void**)&svr_opts.hostkey->rsakey, fatal_duplicate); 544 loadhostkey_helper("RSA", (void**)&read_key->rsakey, (void**)&svr_opts.hostkey->rsakey, fatal_duplicate);
543 } 545 }