diff options
| author | Colin Watson <cjwatson@debian.org> | 2019-10-09 22:59:48 +0100 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2019-10-09 22:59:48 +0100 |
| commit | 4213eec74e74de6310c27a40c3e9759a08a73996 (patch) | |
| tree | e97a6dcafc6763aea7c804e4e113c2750cb1400d /auth.c | |
| parent | 102062f825fb26a74295a1c089c00c4c4c76b68a (diff) | |
| parent | cdf1d0a9f5d18535e0a18ff34860e81a6d83aa5c (diff) | |
Import openssh_8.1p1.orig.tar.gz
Diffstat (limited to 'auth.c')
| -rw-r--r-- | auth.c | 18 |
1 files changed, 9 insertions, 9 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth.c,v 1.138 2019/01/19 21:41:18 djm Exp $ */ | 1 | /* $OpenBSD: auth.c,v 1.141 2019/10/02 00:42:30 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -32,6 +32,7 @@ | |||
| 32 | 32 | ||
| 33 | #include <netinet/in.h> | 33 | #include <netinet/in.h> |
| 34 | 34 | ||
| 35 | #include <stdlib.h> | ||
| 35 | #include <errno.h> | 36 | #include <errno.h> |
| 36 | #include <fcntl.h> | 37 | #include <fcntl.h> |
| 37 | #ifdef HAVE_PATHS_H | 38 | #ifdef HAVE_PATHS_H |
| @@ -72,7 +73,6 @@ | |||
| 72 | #endif | 73 | #endif |
| 73 | #include "authfile.h" | 74 | #include "authfile.h" |
| 74 | #include "monitor_wrap.h" | 75 | #include "monitor_wrap.h" |
| 75 | #include "authfile.h" | ||
| 76 | #include "ssherr.h" | 76 | #include "ssherr.h" |
| 77 | #include "compat.h" | 77 | #include "compat.h" |
| 78 | #include "channels.h" | 78 | #include "channels.h" |
| @@ -167,7 +167,7 @@ allowed_user(struct ssh *ssh, struct passwd * pw) | |||
| 167 | char *shell = xstrdup((pw->pw_shell[0] == '\0') ? | 167 | char *shell = xstrdup((pw->pw_shell[0] == '\0') ? |
| 168 | _PATH_BSHELL : pw->pw_shell); /* empty = /bin/sh */ | 168 | _PATH_BSHELL : pw->pw_shell); /* empty = /bin/sh */ |
| 169 | 169 | ||
| 170 | if (stat(shell, &st) != 0) { | 170 | if (stat(shell, &st) == -1) { |
| 171 | logit("User %.100s not allowed because shell %.100s " | 171 | logit("User %.100s not allowed because shell %.100s " |
| 172 | "does not exist", pw->pw_name, shell); | 172 | "does not exist", pw->pw_name, shell); |
| 173 | free(shell); | 173 | free(shell); |
| @@ -517,7 +517,7 @@ auth_openfile(const char *file, struct passwd *pw, int strict_modes, | |||
| 517 | return NULL; | 517 | return NULL; |
| 518 | } | 518 | } |
| 519 | 519 | ||
| 520 | if (fstat(fd, &st) < 0) { | 520 | if (fstat(fd, &st) == -1) { |
| 521 | close(fd); | 521 | close(fd); |
| 522 | return NULL; | 522 | return NULL; |
| 523 | } | 523 | } |
| @@ -746,7 +746,7 @@ remote_hostname(struct ssh *ssh) | |||
| 746 | fromlen = sizeof(from); | 746 | fromlen = sizeof(from); |
| 747 | memset(&from, 0, sizeof(from)); | 747 | memset(&from, 0, sizeof(from)); |
| 748 | if (getpeername(ssh_packet_get_connection_in(ssh), | 748 | if (getpeername(ssh_packet_get_connection_in(ssh), |
| 749 | (struct sockaddr *)&from, &fromlen) < 0) { | 749 | (struct sockaddr *)&from, &fromlen) == -1) { |
| 750 | debug("getpeername failed: %.100s", strerror(errno)); | 750 | debug("getpeername failed: %.100s", strerror(errno)); |
| 751 | return strdup(ntop); | 751 | return strdup(ntop); |
| 752 | } | 752 | } |
| @@ -884,7 +884,7 @@ subprocess(const char *tag, struct passwd *pw, const char *command, | |||
| 884 | return 0; | 884 | return 0; |
| 885 | } | 885 | } |
| 886 | temporarily_use_uid(pw); | 886 | temporarily_use_uid(pw); |
| 887 | if (stat(av[0], &st) < 0) { | 887 | if (stat(av[0], &st) == -1) { |
| 888 | error("Could not stat %s \"%s\": %s", tag, | 888 | error("Could not stat %s \"%s\": %s", tag, |
| 889 | av[0], strerror(errno)); | 889 | av[0], strerror(errno)); |
| 890 | restore_uid(); | 890 | restore_uid(); |
| @@ -896,7 +896,7 @@ subprocess(const char *tag, struct passwd *pw, const char *command, | |||
| 896 | return 0; | 896 | return 0; |
| 897 | } | 897 | } |
| 898 | /* Prepare to keep the child's stdout if requested */ | 898 | /* Prepare to keep the child's stdout if requested */ |
| 899 | if (pipe(p) != 0) { | 899 | if (pipe(p) == -1) { |
| 900 | error("%s: pipe: %s", tag, strerror(errno)); | 900 | error("%s: pipe: %s", tag, strerror(errno)); |
| 901 | restore_uid(); | 901 | restore_uid(); |
| 902 | return 0; | 902 | return 0; |
| @@ -946,12 +946,12 @@ subprocess(const char *tag, struct passwd *pw, const char *command, | |||
| 946 | closefrom(STDERR_FILENO + 1); | 946 | closefrom(STDERR_FILENO + 1); |
| 947 | 947 | ||
| 948 | /* Don't use permanently_set_uid() here to avoid fatal() */ | 948 | /* Don't use permanently_set_uid() here to avoid fatal() */ |
| 949 | if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) != 0) { | 949 | if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) { |
| 950 | error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid, | 950 | error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid, |
| 951 | strerror(errno)); | 951 | strerror(errno)); |
| 952 | _exit(1); | 952 | _exit(1); |
| 953 | } | 953 | } |
| 954 | if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) != 0) { | 954 | if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1) { |
| 955 | error("%s: setresuid %u: %s", tag, (u_int)pw->pw_uid, | 955 | error("%s: setresuid %u: %s", tag, (u_int)pw->pw_uid, |
| 956 | strerror(errno)); | 956 | strerror(errno)); |
| 957 | _exit(1); | 957 | _exit(1); |