summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2014-05-27 14:34:42 +1000
committerDamien Miller <djm@mindrot.org>2014-05-27 14:34:42 +1000
commit6482d90a65459a88c18c925368525855832272b3 (patch)
tree31e27a84f573921a080f066b11ef64be18e5c817
parentf9eb5e0734f7a7f6e975809eb54684d2a06a7ffc (diff)
- (djm) [configure.ac openbsd-compat/bsd-cygwin_util.c]
[openbsd-compat/bsd-cygwin_util.h] On Cygwin, determine privilege separation user at runtime, since it may need to be a domain account. Patch from Corinna Vinschen.
Diffstat
-rw-r--r--ChangeLog4
-rw-r--r--configure.ac22
-rw-r--r--openbsd-compat/bsd-cygwin_util.c16
-rw-r--r--openbsd-compat/bsd-cygwin_util.h6
4 files changed, 42 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index a79c2204c..d5192e470 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,10 @@
3 - (djm) [contrib/cygwin/ssh-host-config] Updated Cygwin ssh-host-config 3 - (djm) [contrib/cygwin/ssh-host-config] Updated Cygwin ssh-host-config
4 from Corinna Vinschen, fixing a number of bugs and preparing for 4 from Corinna Vinschen, fixing a number of bugs and preparing for
5 Cygwin 1.7.30. 5 Cygwin 1.7.30.
6 - (djm) [configure.ac openbsd-compat/bsd-cygwin_util.c]
7 [openbsd-compat/bsd-cygwin_util.h] On Cygwin, determine privilege
8 separation user at runtime, since it may need to be a domain account.
9 Patch from Corinna Vinschen.
6 10
720140522 1120140522
8 - (djm) [Makefile.in] typo in path 12 - (djm) [Makefile.in] typo in path
diff --git a/configure.ac b/configure.ac
index 7a89b57e6..66fbe821f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
1# $Id: configure.ac,v 1.574 2014/05/21 07:06:47 djm Exp $ 1# $Id: configure.ac,v 1.575 2014/05/27 04:34:43 djm Exp $
2# 2#
3# Copyright (c) 1999-2004 Damien Miller 3# Copyright (c) 1999-2004 Damien Miller
4# 4#
@@ -15,7 +15,7 @@
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 16
17AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) 17AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org])
18AC_REVISION($Revision: 1.574 $) 18AC_REVISION($Revision: 1.575 $)
19AC_CONFIG_SRCDIR([ssh.c]) 19AC_CONFIG_SRCDIR([ssh.c])
20AC_LANG([C]) 20AC_LANG([C])
21 21
@@ -2871,7 +2871,14 @@ if test "x$PAM_MSG" = "xyes" ; then
2871 ]) 2871 ])
2872fi 2872fi
2873 2873
2874SSH_PRIVSEP_USER=sshd 2874case "$host" in
2875*-*-cygwin*)
2876 SSH_PRIVSEP_USER=CYGWIN_SSH_PRIVSEP_USER
2877 ;;
2878*)
2879 SSH_PRIVSEP_USER=sshd
2880 ;;
2881esac
2875AC_ARG_WITH([privsep-user], 2882AC_ARG_WITH([privsep-user],
2876 [ --with-privsep-user=user Specify non-privileged user for privilege separation], 2883 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
2877 [ 2884 [
@@ -2881,8 +2888,13 @@ AC_ARG_WITH([privsep-user],
2881 fi 2888 fi
2882 ] 2889 ]
2883) 2890)
2884AC_DEFINE_UNQUOTED([SSH_PRIVSEP_USER], ["$SSH_PRIVSEP_USER"], 2891if test "x$SSH_PRIVSEP_USER" = "xCYGWIN_SSH_PRIVSEP_USER" ; then
2885 [non-privileged user for privilege separation]) 2892 AC_DEFINE_UNQUOTED([SSH_PRIVSEP_USER], [CYGWIN_SSH_PRIVSEP_USER],
2893 [Cygwin function to fetch non-privileged user for privilege separation])
2894else
2895 AC_DEFINE_UNQUOTED([SSH_PRIVSEP_USER], ["$SSH_PRIVSEP_USER"],
2896 [non-privileged user for privilege separation])
2897fi
2886AC_SUBST([SSH_PRIVSEP_USER]) 2898AC_SUBST([SSH_PRIVSEP_USER])
2887 2899
2888if test "x$have_linux_no_new_privs" = "x1" ; then 2900if test "x$have_linux_no_new_privs" = "x1" ; then
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c
index 267e77a11..a2d82126d 100644
--- a/openbsd-compat/bsd-cygwin_util.c
+++ b/openbsd-compat/bsd-cygwin_util.c
@@ -57,6 +57,22 @@ check_ntsec(const char *filename)
57 return (pathconf(filename, _PC_POSIX_PERMISSIONS)); 57 return (pathconf(filename, _PC_POSIX_PERMISSIONS));
58} 58}
59 59
60const char *
61cygwin_ssh_privsep_user()
62{
63 static char cyg_privsep_user[DNLEN + UNLEN + 2];
64
65 if (!cyg_privsep_user[0])
66 {
67#ifdef CW_CYGNAME_FROM_WINNAME
68 if (cygwin_internal (CW_CYGNAME_FROM_WINNAME, "sshd", cyg_privsep_user,
69 sizeof cyg_privsep_user) != 0)
70#endif
71 strcpy (cyg_privsep_user, "sshd");
72 }
73 return cyg_privsep_user;
74}
75
60#define NL(x) x, (sizeof (x) - 1) 76#define NL(x) x, (sizeof (x) - 1)
61#define WENV_SIZ (sizeof (wenv_arr) / sizeof (wenv_arr[0])) 77#define WENV_SIZ (sizeof (wenv_arr) / sizeof (wenv_arr[0]))
62 78
diff --git a/openbsd-compat/bsd-cygwin_util.h b/openbsd-compat/bsd-cygwin_util.h
index 1177366f1..79cb2a197 100644
--- a/openbsd-compat/bsd-cygwin_util.h
+++ b/openbsd-compat/bsd-cygwin_util.h
@@ -1,4 +1,4 @@
1/* $Id: bsd-cygwin_util.h,v 1.17 2014/01/18 10:04:00 dtucker Exp $ */ 1/* $Id: bsd-cygwin_util.h,v 1.18 2014/05/27 04:34:43 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001, 2011, 2013 Corinna Vinschen <vinschen@redhat.com> 4 * Copyright (c) 2000, 2001, 2011, 2013 Corinna Vinschen <vinschen@redhat.com>
@@ -39,6 +39,8 @@
39/* Avoid including windows headers. */ 39/* Avoid including windows headers. */
40typedef void *HANDLE; 40typedef void *HANDLE;
41#define INVALID_HANDLE_VALUE ((HANDLE) -1) 41#define INVALID_HANDLE_VALUE ((HANDLE) -1)
42#define DNLEN 16
43#define UNLEN 256
42 44
43/* Cygwin functions for which declarations are only available when including 45/* Cygwin functions for which declarations are only available when including
44 windows headers, so we have to define them here explicitely. */ 46 windows headers, so we have to define them here explicitely. */
@@ -48,6 +50,8 @@ extern void cygwin_set_impersonation_token (const HANDLE);
48#include <sys/cygwin.h> 50#include <sys/cygwin.h>
49#include <io.h> 51#include <io.h>
50 52
53#define CYGWIN_SSH_PRIVSEP_USER (cygwin_ssh_privsep_user())
54const char *cygwin_ssh_privsep_user();
51 55
52int binary_open(const char *, int , ...); 56int binary_open(const char *, int , ...);
53int check_ntsec(const char *); 57int check_ntsec(const char *);
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 09:29:45 +0000