busybox: enable telnet only when root password is really empty, not when it is locked

Otherwise, telnet login is allowed by default when neither a password nor SSH keys are configured.
2014-12-05 18:58:25 +01:00 · 2014-12-05 18:58:25 +01:00 · 111cf1268a
commit 111cf1268a
parent 5860f81737
1 changed files with 26 additions and 0 deletions
--- a/patches/openwrt/0009-busybox-enable-telnet-only-when-root-password-is-really-empty-not-when-it-is-locked.patch
+++ b/patches/openwrt/0009-busybox-enable-telnet-only-when-root-password-is-really-empty-not-when-it-is-locked.patch
@ -0,0 +1,26 @@
+From: Matthias Schiffer <mschiffer@universe-factory.net>
+Date: Fri, 5 Dec 2014 18:57:16 +0100
+Subject: busybox: enable telnet only when root password is really empty, not when it is locked
+
+diff --git a/package/utils/busybox/files/telnet b/package/utils/busybox/files/telnet
+index a1d1cdf..f95be90 100755
+--- a/package/utils/busybox/files/telnet
+++ b/package/utils/busybox/files/telnet
+@@ -11,7 +11,7 @@ has_root_pwd() {
+ 	      pwd="${pwd#*root:}"
+ 	      pwd="${pwd%%:*}"
+ 
+-	test -n "${pwd#[\!x]}"
+	test -n "${pwd}"
+ }
+ 
+ get_root_home() {
+@@ -28,7 +28,7 @@ has_ssh_pubkey() {
+ 
+ start_service() {
+ 	if ( ! has_ssh_pubkey && \
+-	     ! has_root_pwd /etc/passwd && ! has_root_pwd /etc/shadow ) || \
+	   ( ! has_root_pwd /etc/passwd || ! has_root_pwd /etc/shadow ) ) || \
+ 	   ( ! /etc/init.d/dropbear enabled 2> /dev/null && ! /etc/init.d/sshd enabled 2> /dev/null );
+ 	then
+ 		procd_open_instance