diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2002-03-22 03:04:08 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2002-03-22 03:04:08 +0000 |
commit | 7ebb635d812d68772ce3fb0b64d798c54fbfab71 (patch) | |
tree | 6bf832ba30e5d9643ed75677ce9ff6155fe7e549 | |
parent | 6328ab39891ea64ccd5c91e9be2ec5c4f843bbd0 (diff) |
- markus@cvs.openbsd.org 2002/03/19 14:27:39
[auth.c auth1.c auth2.c]
make getpwnamallow() allways call pwcopy()
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | auth.c | 5 | ||||
-rw-r--r-- | auth1.c | 22 | ||||
-rw-r--r-- | auth2.c | 10 |
4 files changed, 15 insertions, 27 deletions
@@ -94,6 +94,9 @@ | |||
94 | sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c sshconnect2.c sshd.c | 94 | sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c sshconnect2.c sshd.c |
95 | ttymodes.c] | 95 | ttymodes.c] |
96 | KNF whitespace | 96 | KNF whitespace |
97 | - markus@cvs.openbsd.org 2002/03/19 14:27:39 | ||
98 | [auth.c auth1.c auth2.c] | ||
99 | make getpwnamallow() allways call pwcopy() | ||
97 | 100 | ||
98 | 20020317 | 101 | 20020317 |
99 | - (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is wanted, | 102 | - (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is wanted, |
@@ -7940,4 +7943,4 @@ | |||
7940 | - Wrote replacements for strlcpy and mkdtemp | 7943 | - Wrote replacements for strlcpy and mkdtemp |
7941 | - Released 1.0pre1 | 7944 | - Released 1.0pre1 |
7942 | 7945 | ||
7943 | $Id: ChangeLog,v 1.1951 2002/03/22 02:54:23 mouring Exp $ | 7946 | $Id: ChangeLog,v 1.1952 2002/03/22 03:04:08 mouring Exp $ |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth.c,v 1.39 2002/03/19 10:49:35 markus Exp $"); | 26 | RCSID("$OpenBSD: auth.c,v 1.40 2002/03/19 14:27:39 markus Exp $"); |
27 | 27 | ||
28 | #ifdef HAVE_LOGIN_H | 28 | #ifdef HAVE_LOGIN_H |
29 | #include <login.h> | 29 | #include <login.h> |
@@ -48,6 +48,7 @@ RCSID("$OpenBSD: auth.c,v 1.39 2002/03/19 10:49:35 markus Exp $"); | |||
48 | #include "bufaux.h" | 48 | #include "bufaux.h" |
49 | #include "uidswap.h" | 49 | #include "uidswap.h" |
50 | #include "tildexpand.h" | 50 | #include "tildexpand.h" |
51 | #include "misc.h" | ||
51 | 52 | ||
52 | /* import */ | 53 | /* import */ |
53 | extern ServerOptions options; | 54 | extern ServerOptions options; |
@@ -469,5 +470,5 @@ getpwnamallow(const char *user) | |||
469 | auth_close(as); | 470 | auth_close(as); |
470 | #endif | 471 | #endif |
471 | #endif | 472 | #endif |
472 | return (pw); | 473 | return (pwcopy(pw)); |
473 | } | 474 | } |
@@ -10,7 +10,7 @@ | |||
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include "includes.h" | 12 | #include "includes.h" |
13 | RCSID("$OpenBSD: auth1.c,v 1.38 2002/03/18 17:50:31 provos Exp $"); | 13 | RCSID("$OpenBSD: auth1.c,v 1.39 2002/03/19 14:27:39 markus Exp $"); |
14 | 14 | ||
15 | #include "xmalloc.h" | 15 | #include "xmalloc.h" |
16 | #include "rsa.h" | 16 | #include "rsa.h" |
@@ -24,7 +24,6 @@ RCSID("$OpenBSD: auth1.c,v 1.38 2002/03/18 17:50:31 provos Exp $"); | |||
24 | #include "auth.h" | 24 | #include "auth.h" |
25 | #include "channels.h" | 25 | #include "channels.h" |
26 | #include "session.h" | 26 | #include "session.h" |
27 | #include "misc.h" | ||
28 | #include "uidswap.h" | 27 | #include "uidswap.h" |
29 | #include "monitor_wrap.h" | 28 | #include "monitor_wrap.h" |
30 | 29 | ||
@@ -359,7 +358,6 @@ Authctxt * | |||
359 | do_authentication(void) | 358 | do_authentication(void) |
360 | { | 359 | { |
361 | Authctxt *authctxt; | 360 | Authctxt *authctxt; |
362 | struct passwd *pw = NULL, *pwent; | ||
363 | u_int ulen; | 361 | u_int ulen; |
364 | char *p, *user, *style = NULL; | 362 | char *p, *user, *style = NULL; |
365 | 363 | ||
@@ -382,21 +380,12 @@ do_authentication(void) | |||
382 | authctxt->style = style; | 380 | authctxt->style = style; |
383 | 381 | ||
384 | /* Verify that the user is a valid user. */ | 382 | /* Verify that the user is a valid user. */ |
385 | pwent = PRIVSEP(getpwnamallow(user)); | 383 | if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL) |
386 | if (pwent) { | ||
387 | authctxt->valid = 1; | 384 | authctxt->valid = 1; |
388 | pw = pwcopy(pwent); | 385 | else |
389 | } else { | ||
390 | debug("do_authentication: illegal user %s", user); | 386 | debug("do_authentication: illegal user %s", user); |
391 | pw = NULL; | ||
392 | } | ||
393 | /* Free memory */ | ||
394 | if (use_privsep && pwent != NULL) | ||
395 | pwfree(pwent); | ||
396 | |||
397 | authctxt->pw = pw; | ||
398 | 387 | ||
399 | setproctitle("%s%s", pw ? user : "unknown", | 388 | setproctitle("%s%s", authctxt->pw ? user : "unknown", |
400 | use_privsep ? " [net]" : ""); | 389 | use_privsep ? " [net]" : ""); |
401 | 390 | ||
402 | #ifdef USE_PAM | 391 | #ifdef USE_PAM |
@@ -408,7 +397,8 @@ do_authentication(void) | |||
408 | * the server. (Unless you are running Windows) | 397 | * the server. (Unless you are running Windows) |
409 | */ | 398 | */ |
410 | #ifndef HAVE_CYGWIN | 399 | #ifndef HAVE_CYGWIN |
411 | if (!use_privsep && getuid() != 0 && pw && pw->pw_uid != getuid()) | 400 | if (!use_privsep && getuid() != 0 && authctxt->pw && |
401 | authctxt->pw->pw_uid != getuid()) | ||
412 | packet_disconnect("Cannot change user when server not running as root."); | 402 | packet_disconnect("Cannot change user when server not running as root."); |
413 | #endif | 403 | #endif |
414 | 404 | ||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth2.c,v 1.88 2002/03/18 17:50:31 provos Exp $"); | 26 | RCSID("$OpenBSD: auth2.c,v 1.89 2002/03/19 14:27:39 markus Exp $"); |
27 | 27 | ||
28 | #include <openssl/evp.h> | 28 | #include <openssl/evp.h> |
29 | 29 | ||
@@ -47,7 +47,6 @@ RCSID("$OpenBSD: auth2.c,v 1.88 2002/03/18 17:50:31 provos Exp $"); | |||
47 | #include "pathnames.h" | 47 | #include "pathnames.h" |
48 | #include "uidswap.h" | 48 | #include "uidswap.h" |
49 | #include "auth-options.h" | 49 | #include "auth-options.h" |
50 | #include "misc.h" | ||
51 | #include "hostfile.h" | 50 | #include "hostfile.h" |
52 | #include "canohost.h" | 51 | #include "canohost.h" |
53 | #include "match.h" | 52 | #include "match.h" |
@@ -200,16 +199,11 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) | |||
200 | start_pam("NOUSER"); | 199 | start_pam("NOUSER"); |
201 | #endif | 200 | #endif |
202 | } | 201 | } |
203 | /* Free memory */ | 202 | setproctitle("%s%s", authctxt->pw ? user : "unknown", |
204 | if (use_privsep && pw != NULL) | ||
205 | pwfree(pw); | ||
206 | |||
207 | setproctitle("%s%s", pw ? user : "unknown", | ||
208 | use_privsep ? " [net]" : ""); | 203 | use_privsep ? " [net]" : ""); |
209 | authctxt->user = xstrdup(user); | 204 | authctxt->user = xstrdup(user); |
210 | authctxt->service = xstrdup(service); | 205 | authctxt->service = xstrdup(service); |
211 | authctxt->style = style ? xstrdup(style) : NULL; | 206 | authctxt->style = style ? xstrdup(style) : NULL; |
212 | |||
213 | if (use_privsep) | 207 | if (use_privsep) |
214 | mm_inform_authserv(service, style); | 208 | mm_inform_authserv(service, style); |
215 | } else if (strcmp(user, authctxt->user) != 0 || | 209 | } else if (strcmp(user, authctxt->user) != 0 || |