diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2018-06-01 03:33:53 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2018-06-01 13:35:59 +1000 |
| commit | 9c935dd9bf05628826ad2495d3e8bdf3d3271c21 (patch) | |
| tree | 35ccf63e51d3daf2fa927b843d813295e41e96e6 /auth2-pubkey.c | |
| parent | d8748b91d1d6c108c0c260ed41fa55f37b9ef34b (diff) | |
upstream: make UID available as a %-expansion everywhere that the
username is available currently. In the client this is via %i, in the server
%U (since %i was already used in the client in some places for this, but used
for something different in the server); bz#2870, ok dtucker@
OpenBSD-Commit-ID: c7e912b0213713316cb55db194b3a6415b3d4b95
Diffstat (limited to 'auth2-pubkey.c')
| -rw-r--r-- | auth2-pubkey.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 8024b1d6a..5603f5ef3 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth2-pubkey.c,v 1.77 2018/03/03 03:15:51 djm Exp $ */ | 1 | /* $OpenBSD: auth2-pubkey.c,v 1.78 2018/06/01 03:33:53 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -387,7 +387,7 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw, | |||
| 387 | pid_t pid; | 387 | pid_t pid; |
| 388 | char *tmp, *username = NULL, *command = NULL, **av = NULL; | 388 | char *tmp, *username = NULL, *command = NULL, **av = NULL; |
| 389 | char *ca_fp = NULL, *key_fp = NULL, *catext = NULL, *keytext = NULL; | 389 | char *ca_fp = NULL, *key_fp = NULL, *catext = NULL, *keytext = NULL; |
| 390 | char serial_s[16]; | 390 | char serial_s[16], uidstr[32]; |
| 391 | void (*osigchld)(int); | 391 | void (*osigchld)(int); |
| 392 | 392 | ||
| 393 | if (authoptsp != NULL) | 393 | if (authoptsp != NULL) |
| @@ -447,8 +447,11 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw, | |||
| 447 | } | 447 | } |
| 448 | snprintf(serial_s, sizeof(serial_s), "%llu", | 448 | snprintf(serial_s, sizeof(serial_s), "%llu", |
| 449 | (unsigned long long)cert->serial); | 449 | (unsigned long long)cert->serial); |
| 450 | snprintf(uidstr, sizeof(uidstr), "%llu", | ||
| 451 | (unsigned long long)user_pw->pw_uid); | ||
| 450 | for (i = 1; i < ac; i++) { | 452 | for (i = 1; i < ac; i++) { |
| 451 | tmp = percent_expand(av[i], | 453 | tmp = percent_expand(av[i], |
| 454 | "U", uidstr, | ||
| 452 | "u", user_pw->pw_name, | 455 | "u", user_pw->pw_name, |
| 453 | "h", user_pw->pw_dir, | 456 | "h", user_pw->pw_dir, |
| 454 | "t", sshkey_ssh_name(key), | 457 | "t", sshkey_ssh_name(key), |
| @@ -852,7 +855,7 @@ user_key_command_allowed2(struct ssh *ssh, struct passwd *user_pw, | |||
| 852 | int i, uid_swapped = 0, ac = 0; | 855 | int i, uid_swapped = 0, ac = 0; |
| 853 | pid_t pid; | 856 | pid_t pid; |
| 854 | char *username = NULL, *key_fp = NULL, *keytext = NULL; | 857 | char *username = NULL, *key_fp = NULL, *keytext = NULL; |
| 855 | char *tmp, *command = NULL, **av = NULL; | 858 | char uidstr[32], *tmp, *command = NULL, **av = NULL; |
| 856 | void (*osigchld)(int); | 859 | void (*osigchld)(int); |
| 857 | 860 | ||
| 858 | if (authoptsp != NULL) | 861 | if (authoptsp != NULL) |
| @@ -902,8 +905,11 @@ user_key_command_allowed2(struct ssh *ssh, struct passwd *user_pw, | |||
| 902 | command); | 905 | command); |
| 903 | goto out; | 906 | goto out; |
| 904 | } | 907 | } |
| 908 | snprintf(uidstr, sizeof(uidstr), "%llu", | ||
| 909 | (unsigned long long)user_pw->pw_uid); | ||
| 905 | for (i = 1; i < ac; i++) { | 910 | for (i = 1; i < ac; i++) { |
| 906 | tmp = percent_expand(av[i], | 911 | tmp = percent_expand(av[i], |
| 912 | "U", uidstr, | ||
| 907 | "u", user_pw->pw_name, | 913 | "u", user_pw->pw_name, |
| 908 | "h", user_pw->pw_dir, | 914 | "h", user_pw->pw_dir, |
| 909 | "t", sshkey_ssh_name(key), | 915 | "t", sshkey_ssh_name(key), |