RogerMarcoHernandez
commented
2 months ago @M95D Not sure if someone is working on it, but I believe this patch fixes it. Should go through test workflow though.
The problem was that under undefined DROPBEAR_SVR_PUBKEY_OPTIONS (hence, undefined DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT), struct AuthState would omit the declaration of pubkey_options and pubkey_info, even though svr_auth_pubkey and checkpubkey functions would still use them.
struct AuthState {
...
132 #if DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT
133 struct PubKeyOptions* pubkey_options;
134 char *pubkey_info;
135 #endif
};diff --git a/src/svr-authpubkey.c b/src/svr-authpubkey.c
index 5d298cb..6f8c99e 100644
--- a/src/svr-authpubkey.c
+++ b/src/svr-authpubkey.c
@@ -185,12 +185,16 @@ void svr_auth_pubkey(int valid_user) {
#if DROPBEAR_SK_ECDSA || DROPBEAR_SK_ED25519
key->sk_flags_mask = SSH_SK_USER_PRESENCE_REQD;
+
+#if DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT
if (ses.authstate.pubkey_options && ses.authstate.pubkey_options->no_touch_required_flag) {
key->sk_flags_mask &= ~SSH_SK_USER_PRESENCE_REQD;
}
if (ses.authstate.pubkey_options && ses.authstate.pubkey_options->verify_required_flag) {
key->sk_flags_mask |= SSH_SK_USER_VERIFICATION_REQD;
}
+#endif
+
#endif
/* create the data which has been signed - this a string containing
@@ -500,8 +504,13 @@ static int checkpubkey(const char* keyalgo, unsigned int keyalgolen,
}
line_num++;
+#ifdef DROPBEAR_SVR_PUBKEY_OPTINS_BUILT
ret = checkpubkey_line(line, line_num, filename, keyalgo, keyalgolen,
keyblob, keybloblen, &ses.authstate.pubkey_info);
+#else
+ ret = checkpubkey_line(line, line_num, filename, keyalgo, keyalgolen,
+ keyblob, keybloblen, NULL);
+#endif
if (ret == DROPBEAR_SUCCESS) {
break;
}
Hi.
New error. This one is harder to reproduce.
1) Clone the git repo. 2) Create localoptions.h with this contents:
#define DROPBEAR_SVR_PUBKEY_OPTIONS 03) Run./configure --enable-bundled-libtom && make clean && make -j1 V=sThe "-j1" is very important! It doesn't happen with "-j2". I hope you can reproduce it on your system.Error:
Thanks.