Skip to content

Commit ebd0e51

Browse files
JacobBarthelmehJacobBarthelmeh
committed
handle basic absolute paths for authorized keys file
1 parent 17f3a02 commit ebd0e51

1 file changed

Lines changed: 24 additions & 13 deletions

File tree

apps/wolfsshd/auth.c

Lines changed: 24 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -72,6 +72,13 @@ struct WOLFSSHD_AUTH {
7272
#define WOLFSSHD_MAX_PASSWORD_ATTEMPTS 3
7373
#endif
7474

75+
#ifndef MAX_LEN_SZ
76+
#define MAX_LINE_SZ 500
77+
#endif
78+
#ifndef MAX_PATH_SZ
79+
#define MAX_PATH_SZ 80
80+
#endif
81+
7582
#if 0
7683
/* this could potentially be useful in a deeply embeded future port */
7784

@@ -400,7 +407,7 @@ static int CheckUserUnix(const char* name) {
400407
}
401408

402409
static const char authKeysDefault[] = ".ssh/authorized_keys";
403-
static char authKeysPattern[32] = {0};
410+
static char authKeysPattern[MAX_PATH_SZ] = {0};
404411

405412
void SetAuthKeysPattern(const char* pattern)
406413
{
@@ -425,22 +432,31 @@ static int ResolveAuthKeysPath(const char* homeDir, char* resolved)
425432
if (*authKeysPattern != 0) {
426433
/* TODO: token substitutions (e.g. %h) */
427434
if (*authKeysPattern == '/') {
428-
/* TODO: handle absolute path case */
429-
ret = WS_FATAL_ERROR;
435+
WSTRNCPY(resolved, authKeysPattern, MAX_PATH_SZ - 1);
436+
return WS_SUCCESS;
430437
}
431438
else {
432439
suffix = authKeysPattern;
433440
}
434441
}
435442
}
443+
436444
if (ret == WS_SUCCESS) {
437445
idx = resolved;
438446
homeDirSz = (int)XSTRLEN(homeDir);
439-
XMEMCPY(idx, homeDir, homeDirSz);
440-
idx += homeDirSz;
441-
*(idx++) = '/';
442-
/* Intentionally copying the null term from suffix. */
443-
XMEMCPY(idx, suffix, WSTRLEN(suffix));
447+
if (homeDirSz + 1 + WSTRLEN(suffix) >= MAX_PATH_SZ) {
448+
wolfSSH_Log(WS_LOG_ERROR,
449+
"[SSHD] Path for key file larger than max allowed");
450+
ret = WS_FATAL_ERROR;
451+
}
452+
453+
if (ret == WS_SUCCESS) {
454+
XMEMCPY(idx, homeDir, homeDirSz);
455+
idx += homeDirSz;
456+
*(idx++) = '/';
457+
/* Intentionally copying the null term from suffix. */
458+
XMEMCPY(idx, suffix, WSTRLEN(suffix));
459+
}
444460
}
445461

446462
return ret;
@@ -453,11 +469,6 @@ static int CheckPublicKeyUnix(const char* name, const byte* key, word32 keySz)
453469
struct passwd* pwInfo;
454470
char* authKeysFile = NULL;
455471
XFILE f = NULL;
456-
enum {
457-
/* TODO: Probably needs to be even bigger for larger key sizes. */
458-
MAX_LINE_SZ = 500,
459-
MAX_PATH_SZ = 80
460-
};
461472
char* lineBuf = NULL;
462473
char* current;
463474
word32 currentSz;

0 commit comments

Comments
 (0)