- markus@cvs.openbsd.org 2001/04/17 19:34:25

     [session.c]
     move auth_approval to do_authenticated().
     do_child(): nuke hostkeys from memory
     don't source .ssh/rc for subsystems.

2 files changed, 21 insertions, 11 deletions

diff --git a/ChangeLog b/ChangeLog
index d0b761fec..b83507e01 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+20010418
+ - OpenBSD CVS Sync                            
+   - markus@cvs.openbsd.org 2001/04/17 19:34:25
+     [session.c]                               
+     move auth_approval to do_authenticated(). 
+     do_child(): nuke hostkeys from memory     
+     don't source .ssh/rc for subsystems.      
 20010417
   - (bal) Add perl5 check for HP/UX, Removed GNUness from Makefile.in
     and temporary commented out 'catman-do:' since it is broken.  Patches
@@ -5145,4 +5152,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1135 2001/04/17 18:14:34 mouring Exp $
+$Id: ChangeLog,v 1.1136 2001/04/18 15:29:33 mouring Exp $
diff --git a/session.c b/session.c
index 4580c3025..3960c9f25 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.73 2001/04/16 08:19:31 djm Exp $");
+RCSID("$OpenBSD: session.c,v 1.74 2001/04/17 19:34:25 markus Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -140,8 +140,8 @@ extern char *__progname;
 extern int log_stderr;
 extern int debug_flag;
 extern u_int utmp_len;
-
 extern int startup_pipe;
+extern void destroy_sensitive_data(void);
 
 /* Local Xauthority file. */
 static char *xauthfile;
@@ -179,6 +179,12 @@ do_authenticated(Authctxt *authctxt)
                 error("unable to get login class");
                 return;
         }
+#ifdef BSD_AUTH
+        if (auth_approval(NULL, lc, authctxt->pw->pw_name, "ssh") <= 0) {
+                packet_disconnect("Approval failure for %s",
+                    authctxt->pw->pw_name);
+        }
+#endif
 #endif
         /* setup the channel layer */
         if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
@@ -1050,6 +1056,9 @@ do_child(Session *s, const char *command)
 #endif /* WITH_IRIX_ARRAY */
 #endif /* WITH_IRIX_JOBS */
 
+        /* remove hostkey from the child's memory */
+        destroy_sensitive_data();
+
         /* login(1) is only called if we execute the login shell */
         if (options.use_login && command != NULL)
                 options.use_login = 0;
@@ -1097,13 +1106,6 @@ do_child(Session *s, const char *command)
                                 perror("unable to set user context");
                                 exit(1);
                         }
-#ifdef BSD_AUTH
-                        if (auth_approval(NULL, lc, pw->pw_name, "ssh") <= 0) {
-                                error("approval failure for %s", pw->pw_name);
-                                fprintf(stderr, "Approval failure");
-                                exit(1);
-                        }
-#endif
 # else /* HAVE_LOGIN_CAP */
 #if defined(HAVE_GETLUID) && defined(HAVE_SETLUID)
                         /* Sets login uid for accounting */
@@ -1389,7 +1391,8 @@ do_child(Session *s, const char *command)
          * in this order).
          */
         if (!options.use_login) {
-                if (stat(_PATH_SSH_USER_RC, &st) >= 0) {
+                /* ignore _PATH_SSH_USER_RC for subsystems */
+                if (!s->is_subsystem && (stat(_PATH_SSH_USER_RC, &st) >= 0)) {
                         if (debug_flag)
                                 fprintf(stderr, "Running %s %s\n", _PATH_BSHELL,
                                     _PATH_SSH_USER_RC);