dropbear源代码分析之二----openwrt的登录到root用户公钥为什么保存在/etc/dropbear/authorized_keys

openwrt的登录到root用户公钥为什么保存在/etc/dropbear/authorized_keys？

原因是openwrt对dropbear做了一点点的更改！！！打了一个patch

下面是一个openwrt的源代码

https://pan.baidu.com/share/link?shareid=3399010809&uk=939937960

openwrt-mt7620/package/dropbear/patches/100-pubkey_path.patch

--- a/svr-authpubkey.c
+++ b/svr-authpubkey.c
@@ -209,17 +209,21 @@ static int checkpubkey(unsigned char* al
         goto out;
     }
 
-    /* we don't need to check pw and pw_dir for validity, since
-     * its been done in checkpubkeyperms. */
-    len = strlen(ses.authstate.pw_dir);
-    /* allocate max required pathname storage,
-     * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
-    filename = m_malloc(len + 22);
-    snprintf(filename, len + 22, "%s/.ssh/authorized_keys", 
-                ses.authstate.pw_dir);
-
-    /* open the file */
-    authfile = fopen(filename, "r");
+    if (ses.authstate.pw_uid != 0) {
+        /* we don't need to check pw and pw_dir for validity, since
+         * its been done in checkpubkeyperms. */
+        len = strlen(ses.authstate.pw_dir);
+        /* allocate max required pathname storage,
+         * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
+        filename = m_malloc(len + 22);
+        snprintf(filename, len + 22, "%s/.ssh/authorized_keys", 
+                 ses.authstate.pw_dir);
+
+        /* open the file */
+        authfile = fopen(filename, "r");
+    } else {
+        authfile = fopen("/etc/dropbear/authorized_keys","r");  看到这里了吗，原因就在这里！！！
+    }
     if (authfile == NULL) {
         goto out;
     }
@@ -372,26 +376,35 @@ static int checkpubkeyperms() {
         goto out;
     }
 
-    /* allocate max required pathname storage,
-     * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
-    filename = m_malloc(len + 22);
-    strncpy(filename, ses.authstate.pw_dir, len+1);
-
-    /* check ~ */
-    if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
-        goto out;
-    }
-
-    /* check ~/.ssh */
-    strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */
-    if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
-        goto out;
-    }
-
-    /* now check ~/.ssh/authorized_keys */
-    strncat(filename, "/authorized_keys", 16);
-    if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
-        goto out;
+    if (ses.authstate.pw_uid == 0) {
+        if (checkfileperm("/etc/dropbear") != DROPBEAR_SUCCESS) {
+            goto out;
+        }
+        if (checkfileperm("/etc/dropbear/authorized_keys") != DROPBEAR_SUCCESS) {
+            goto out;
+        }
+    } else {
+        /* allocate max required pathname storage,
+         * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
+        filename = m_malloc(len + 22);
+        strncpy(filename, ses.authstate.pw_dir, len+1);
+
+        /* check ~ */
+        if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
+            goto out;
+        }
+
+        /* check ~/.ssh */
+        strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */
+        if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
+            goto out;
+        }
+
+        /* now check ~/.ssh/authorized_keys */
+        strncat(filename, "/authorized_keys", 16);
+        if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
+            goto out;
+        }
     }
 
     /* file looks ok, return success */