- (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case

check into platform.c
author: Darren Tucker <dtucker@zip.com.au> 2010-11-05 14:47:01 +1100
committer: Darren Tucker <dtucker@zip.com.au> 2010-11-05 14:47:01 +1100
commit: b12fe272a0e850175417aa56e6efef8f08250977 (patch)
tree: abd6a1ee2fefd9b12525a85d21667bee3b8cb99a
parent: cc12418e18242ce1f61d7035da4956274ba13a96 (diff)
4 files changed, 22 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index cc6e09ad5..65e0f9e3e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -40,6 +40,8 @@
   platform.c.
 - (dtucker) [platform.c session.c] Move PAM credential establishment for the
   non-LOGIN_CAP case into platform.c.
+ - (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case
+   check into platform.c
 20101025
 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with
diff --git a/platform.c b/platform.c
index b4fb88e5f..f2cf11f56 100644
--- a/platform.c
+++ b/platform.c
@@ -1,4 +1,4 @@
-/* $Id: platform.c,v 1.13 2010/11/05 02:32:53 dtucker Exp $ */
+/* $Id: platform.c,v 1.14 2010/11/05 03:47:01 dtucker Exp $ */
 /*
 * Copyright (c) 2006 Darren Tucker.  All rights reserved.
@@ -17,6 +17,10 @@
 */
 #include "config.h"
+#include <sys/types.h>
+#include <unistd.h>
 #include "platform.h"
 #include "openbsd-compat/openbsd-compat.h"
@@ -59,6 +63,18 @@ platform_post_fork_child(void)
 #endif
 }
+/* return 1 if we are running with privilege to swap UIDs, 0 otherwise */
+int
+platform_privileged_uidswap(void)
+{
+#ifdef HAVE_CYGWIN
+        /* uid 0 is not special on Cygwin so always try */
+        return 1;
+#else
+        return (getuid() == 0 || geteuid() == 0);
+#endif
+}
 /*
 * This gets called before switching UIDs, and is called even when sshd is
 * not running as root.
diff --git a/platform.h b/platform.h
index be66d55c6..944d2c340 100644
--- a/platform.h
+++ b/platform.h
@@ -1,4 +1,4 @@
-/* $Id: platform.h,v 1.6 2010/11/05 01:36:15 dtucker Exp $ */
+/* $Id: platform.h,v 1.7 2010/11/05 03:47:01 dtucker Exp $ */
 /*
 * Copyright (c) 2006 Darren Tucker.  All rights reserved.
@@ -24,6 +24,7 @@ void platform_pre_listen(void);
 void platform_pre_fork(void);
 void platform_post_fork_parent(pid_t child_pid);
 void platform_post_fork_child(void);
+int  platform_privileged_uidswap(void);
 void platform_setusercontext(struct passwd *);
 void platform_setusercontext_post_groups(struct passwd *);
 char *platform_get_krb5_client(const char *);
diff --git a/session.c b/session.c
index f1f26ef69..58e681282 100644
--- a/session.c
+++ b/session.c
@@ -1471,10 +1471,7 @@ do_setusercontext(struct passwd *pw)
        platform_setusercontext(pw);
-#ifndef HAVE_CYGWIN
+        if (platform_privileged_uidswap()) {
-        if (getuid() == 0 || geteuid() == 0)
-#endif /* HAVE_CYGWIN */
-        {
 #ifdef HAVE_LOGIN_CAP
                if (setusercontext(lc, pw, pw->pw_uid,
                    (LOGIN_SETALL & ~(LOGIN_SETPATH|LOGIN_SETUSER))) < 0) {
author	Darren Tucker <dtucker@zip.com.au>	2010-11-05 14:47:01 +1100
committer	Darren Tucker <dtucker@zip.com.au>	2010-11-05 14:47:01 +1100
commit	b12fe272a0e850175417aa56e6efef8f08250977 (patch)
tree	abd6a1ee2fefd9b12525a85d21667bee3b8cb99a
parent	cc12418e18242ce1f61d7035da4956274ba13a96 (diff)