From 22f2dc159cd953a620ea82f8505bf096eb2c8959 Mon Sep 17 00:00:00 2001 From: Marc Andre Tanner Date: Fri, 13 Nov 2009 01:07:33 +0100 Subject: [PATCH] dropbear: add patch to allow logins with empty passwords Signed-off-by: Marc Andre Tanner --- .../dropbear-allow-login-with-empty-password.patch | 40 ++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 sources/patches/dropbear-allow-login-with-empty-password.patch diff --git a/sources/patches/dropbear-allow-login-with-empty-password.patch b/sources/patches/dropbear-allow-login-with-empty-password.patch new file mode 100644 index 0000000..3f3e8b1 --- /dev/null +++ b/sources/patches/dropbear-allow-login-with-empty-password.patch @@ -0,0 +1,40 @@ +Index: dropbear-0.51/svr-auth.c +=================================================================== +--- dropbear-0.51.orig/svr-auth.c ++++ dropbear-0.51/svr-auth.c +@@ -270,7 +270,7 @@ static int checkusername(unsigned char * + send_msg_userauth_failure(0, 1); + return DROPBEAR_FAILURE; + } +- ++#ifdef DISALLOW_EMPTY_PW + /* check for an empty password */ + if (ses.authstate.pw_passwd[0] == '\0') { + TRACE(("leave checkusername: empty pword")) +@@ -279,7 +279,7 @@ static int checkusername(unsigned char * + send_msg_userauth_failure(0, 1); + return DROPBEAR_FAILURE; + } +- ++#endif + TRACE(("shell is %s", ses.authstate.pw_shell)) + + /* check that the shell is set */ +Index: dropbear-0.51/svr-authpasswd.c +=================================================================== +--- dropbear-0.51.orig/svr-authpasswd.c ++++ dropbear-0.51/svr-authpasswd.c +@@ -64,9 +64,13 @@ void svr_auth_password() { + * since the shadow password may differ to that tested + * in auth.c */ + if (passwdcrypt[0] == '\0') { ++#ifdef DISALLOW_EMPTY_PW + dropbear_log(LOG_WARNING, "user '%s' has blank password, rejected", + ses.authstate.pw_name); + send_msg_userauth_failure(0, 1); ++#else ++ send_msg_userauth_success(); ++#endif + return; + } + -- 2.11.4.GIT