mirror of
https://github.com/openwrt/openwrt.git
synced 2025-01-16 01:40:26 +00:00
b5cde26048
critical fixes: - libtommath: possible integer overflow (CVE-2023-36328) - implement Strict KEX mode (CVE-2023-48795) various fixes: - fix DROPBEAR_DSS and DROPBEAR_RSA config options - y2038 issues - remove SO_LINGER socket option - make banner reading failure non-fatal - fix "noremotetcp" behavior - don't try to shutdown a pty - fix test for multiuser kernels adds new features: - option to bind to interface - allow inetd with non-syslog - ignore unsupported command line options with dropbearkey Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
75 lines
2.1 KiB
Diff
75 lines
2.1 KiB
Diff
From 62a06cd95f58060a59359f8769c3f35cd680d4fd Mon Sep 17 00:00:00 2001
|
|
From: Matt Johnston <matt@ucc.asn.au>
|
|
Date: Sun, 23 Jul 2023 21:01:48 +0800
|
|
Subject: Make banner reading failure non-fatal
|
|
|
|
---
|
|
svr-runopts.c | 45 ++++++++++++++++++++++++++++-----------------
|
|
1 file changed, 28 insertions(+), 17 deletions(-)
|
|
|
|
--- a/svr-runopts.c
|
|
+++ b/svr-runopts.c
|
|
@@ -38,6 +38,7 @@ static void printhelp(const char * progn
|
|
static void addportandaddress(const char* spec);
|
|
static void loadhostkey(const char *keyfile, int fatal_duplicate);
|
|
static void addhostkey(const char *keyfile);
|
|
+static void load_banner();
|
|
|
|
static void printhelp(const char * progname) {
|
|
|
|
@@ -382,23 +383,7 @@ void svr_getopts(int argc, char ** argv)
|
|
}
|
|
|
|
if (svr_opts.bannerfile) {
|
|
- struct stat buf;
|
|
- if (stat(svr_opts.bannerfile, &buf) != 0) {
|
|
- dropbear_exit("Error opening banner file '%s'",
|
|
- svr_opts.bannerfile);
|
|
- }
|
|
-
|
|
- if (buf.st_size > MAX_BANNER_SIZE) {
|
|
- dropbear_exit("Banner file too large, max is %d bytes",
|
|
- MAX_BANNER_SIZE);
|
|
- }
|
|
-
|
|
- svr_opts.banner = buf_new(buf.st_size);
|
|
- if (buf_readfile(svr_opts.banner, svr_opts.bannerfile)!=DROPBEAR_SUCCESS) {
|
|
- dropbear_exit("Error reading banner file '%s'",
|
|
- svr_opts.bannerfile);
|
|
- }
|
|
- buf_setpos(svr_opts.banner, 0);
|
|
+ load_banner();
|
|
}
|
|
|
|
#ifdef HAVE_GETGROUPLIST
|
|
@@ -715,3 +700,29 @@ void load_all_hostkeys() {
|
|
dropbear_exit("No hostkeys available. 'dropbear -R' may be useful or run dropbearkey.");
|
|
}
|
|
}
|
|
+
|
|
+static void load_banner() {
|
|
+ struct stat buf;
|
|
+ if (stat(svr_opts.bannerfile, &buf) != 0) {
|
|
+ dropbear_log(LOG_WARNING, "Error opening banner file '%s'",
|
|
+ svr_opts.bannerfile);
|
|
+ return;
|
|
+ }
|
|
+
|
|
+ if (buf.st_size > MAX_BANNER_SIZE) {
|
|
+ dropbear_log(LOG_WARNING, "Banner file too large, max is %d bytes",
|
|
+ MAX_BANNER_SIZE);
|
|
+ return;
|
|
+ }
|
|
+
|
|
+ svr_opts.banner = buf_new(buf.st_size);
|
|
+ if (buf_readfile(svr_opts.banner, svr_opts.bannerfile) != DROPBEAR_SUCCESS) {
|
|
+ dropbear_log(LOG_WARNING, "Error reading banner file '%s'",
|
|
+ svr_opts.bannerfile);
|
|
+ buf_free(svr_opts.banner);
|
|
+ svr_opts.banner = NULL;
|
|
+ return;
|
|
+ }
|
|
+ buf_setpos(svr_opts.banner, 0);
|
|
+
|
|
+}
|