summaryrefslogtreecommitdiff
path: root/source/installer/sources/dropbear/dropbear_emptypass.patch
diff options
context:
space:
mode:
Diffstat (limited to 'source/installer/sources/dropbear/dropbear_emptypass.patch')
-rw-r--r--source/installer/sources/dropbear/dropbear_emptypass.patch30
1 files changed, 19 insertions, 11 deletions
diff --git a/source/installer/sources/dropbear/dropbear_emptypass.patch b/source/installer/sources/dropbear/dropbear_emptypass.patch
index 25924008..a3f27f47 100644
--- a/source/installer/sources/dropbear/dropbear_emptypass.patch
+++ b/source/installer/sources/dropbear/dropbear_emptypass.patch
@@ -1,12 +1,20 @@
-diff -Nur dropbear-2012.55.orig/options.h dropbear-2012.55/options.h
---- dropbear-2012.55.orig/options.h 2012-02-23 07:47:06.000000000 -0600
-+++ dropbear-2012.55/options.h 2012-04-07 15:09:15.676322495 -0500
-@@ -180,7 +180,7 @@
- * Public key logins are allowed for blank-password accounts regardless of this
- * setting. PAM is not affected by this setting, it uses the normal pam.d
- * settings ('nullok' option) */
--/* #define ALLOW_BLANK_PASSWORD */
-+#define ALLOW_BLANK_PASSWORD
+diff -Nur dropbear-20171018_fa3b0dd3.orig/svr-authpasswd.c dropbear-20171018_fa3b0dd3/svr-authpasswd.c
+--- dropbear-20171018_fa3b0dd3.orig/svr-authpasswd.c 2018-01-13 19:19:59.000000000 -0600
++++ dropbear-20171018_fa3b0dd3/svr-authpasswd.c 2018-01-13 23:07:16.441369958 -0600
+@@ -88,12 +88,16 @@
+ }
- #define ENABLE_CLI_PASSWORD_AUTH
- #define ENABLE_CLI_PUBKEY_AUTH
+ /* check for empty password */
++ /* Yep, good idea, but for our usage, it's okay - dropbear has to be
++ started manually in the installer, so setting a password or not is
++ up to the admin
+ if (passwdcrypt[0] == '\0') {
+ dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected",
+ ses.authstate.pw_name);
+ send_msg_userauth_failure(0, 1);
+ return;
+ }
++ */
+
+ if (constant_time_strcmp(testcrypt, passwdcrypt) == 0) {
+ /* successful authentication */