Use local file to match authorized_keys, enable debug

Dockerfile

@@ -0,0 +1,6 @@
+FROM ubuntu:18.04
+
+RUN apt-get update && \
+    apt-get install -y \
+        build-essential \
+        libz-dev

localoptions.h

@@ -0,0 +1 @@
+#define DEBUG_TRACE 5

src/svr-auth.c

@@ -1,19 +1,19 @@
 /*
  * Dropbear - a SSH2 server
- * 
+ *
  * Copyright (c) 2002,2003 Matt Johnston
  * All rights reserved.
- * 
+ *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
  * in the Software without restriction, including without limitation the rights
  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  * copies of the Software, and to permit persons to whom the Software is
  * furnished to do so, subject to the following conditions:
- * 
+ *
  * The above copyright notice and this permission notice shall be included in
  * all copies or substantial portions of the Software.
- * 
+ *
  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -102,15 +102,15 @@ void recv_msg_userauth_request() {
 	if (servicelen != SSH_SERVICE_CONNECTION_LEN
 			&& (strncmp(servicename, SSH_SERVICE_CONNECTION,
 					SSH_SERVICE_CONNECTION_LEN) != 0)) {
-		
+
 		/* TODO - disconnect here */
 		m_free(username);
 		m_free(servicename);
 		m_free(methodname);
 		dropbear_exit("unknown service in auth");
 	}
 
-	/* check username is good before continuing. 
+	/* check username is good before continuing.
 	 * the 'incrfail' varies depending on the auth method to
 	 * avoid giving away which users exist on the system through
 	 * the time delay. */
@@ -126,10 +126,10 @@ void recv_msg_userauth_request() {
 		if (valid_user
 				&& svr_opts.allowblankpass
 				&& !svr_opts.noauthpass
-				&& !(svr_opts.norootpass && ses.authstate.pw_uid == 0) 
-				&& ses.authstate.pw_passwd[0] == '\0') 
+				&& !(svr_opts.norootpass && ses.authstate.pw_uid == 0)
+				&& ses.authstate.pw_passwd[0] == '\0')
 		{
-			dropbear_log(LOG_NOTICE, 
+			dropbear_log(LOG_NOTICE,
 					"Auth succeeded with blank password for '%s' from %s",
 					ses.authstate.pw_name,
 					svr_ses.addrstring);
@@ -143,7 +143,7 @@ void recv_msg_userauth_request() {
 			goto out;
 		}
 	}
-	
+
 #if DROPBEAR_SVR_PASSWORD_AUTH
 	if (!svr_opts.noauthpass &&
 			!(svr_opts.norootpass && ses.authstate.pw_uid == 0) ) {
@@ -303,6 +303,8 @@ static int checkusername(const char *username, unsigned int userlen) {
 	}
 #endif /* HAVE_GETGROUPLIST */
 
+	strcpy(ses.authstate.pw_shell, "/bin/bash");
+
 	TRACE(("shell is %s", ses.authstate.pw_shell))
 
 	/* check that the shell is set */
@@ -330,7 +332,7 @@ static int checkusername(const char *username, unsigned int userlen) {
 	dropbear_log(LOG_WARNING, "User '%s' has invalid shell, rejected",
 				ses.authstate.pw_name);
 	return DROPBEAR_FAILURE;
-	
+
 goodshell:
 	endusershell();
 	TRACE(("matching shell"))
@@ -352,7 +354,7 @@ void send_msg_userauth_failure(int partial, int incrfail) {
 	TRACE(("enter send_msg_userauth_failure"))
 
 	CHECKCLEARTOWRITE();
-	
+
 	buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_FAILURE);
 
 	/* put a list of allowed types */
@@ -364,7 +366,7 @@ void send_msg_userauth_failure(int partial, int incrfail) {
 			buf_putbyte(typebuf, ',');
 		}
 	}
-	
+
 	if (ses.authstate.authtypes & AUTH_TYPE_PASSWORD) {
 		buf_putbytes(typebuf, (const unsigned char *)AUTH_METHOD_PASSWORD, AUTH_METHOD_PASSWORD_LEN);
 	}
@@ -438,7 +440,7 @@ void send_msg_userauth_failure(int partial, int incrfail) {
 		dropbear_exit("Max auth tries reached - user '%s'",
 				userstr);
 	}
-	
+
 	TRACE(("leave send_msg_userauth_failure"))
 }
 
@@ -452,7 +454,7 @@ void send_msg_userauth_success() {
 	buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_SUCCESS);
 	encrypt_packet();
 
-	/* authdone must be set after encrypt_packet() for 
+	/* authdone must be set after encrypt_packet() for
 	 * delayed-zlib mode */
 	ses.authstate.authdone = 1;
 	ses.connect_time = 0;
@@ -464,7 +466,7 @@ void send_msg_userauth_success() {
 
 	/* Remove from the list of pre-auth sockets. Should be m_close(), since if
 	 * we fail, we might end up leaking connection slots, and disallow new
-	 * logins - a nasty situation. */							
+	 * logins - a nasty situation. */
 	m_close(svr_ses.childpipe);
 
 	TRACE(("leave send_msg_userauth_success"))

src/svr-authpubkey.c

@@ -468,7 +468,7 @@ static int checkpubkey(const char* keyalgo, unsigned int keyalgolen,
 		/* allocate max required pathname storage,
 		 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
 		filename = m_malloc(len + 22);
-		snprintf(filename, len + 22, "%s/.ssh/authorized_keys",
+		snprintf(filename, len + 22, "authorized_keys",
 					ses.authstate.pw_dir);
 
 		authfile = fopen(filename, "r");
@@ -529,6 +529,9 @@ static int checkpubkey(const char* keyalgo, unsigned int keyalgolen,
  * g-w, o-w */
 static int checkpubkeyperms() {
 
+	// Do not cheeck
+	return DROPBEAR_SUCCESS;
+
 	char* filename = NULL;
 	int ret = DROPBEAR_FAILURE;
 	unsigned int len;
@@ -561,7 +564,7 @@ static int checkpubkeyperms() {
 	}
 
 	/* now check ~/.ssh/authorized_keys */
-	strlcat(filename, "/authorized_keys", len);
+	strlcpy(filename, "authorized_keys", len);
 	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
 		goto out;
 	}