diff options
author | djm@openbsd.org <djm@openbsd.org> | 2018-06-01 03:33:53 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2018-06-01 13:35:59 +1000 |
commit | 9c935dd9bf05628826ad2495d3e8bdf3d3271c21 (patch) | |
tree | 35ccf63e51d3daf2fa927b843d813295e41e96e6 /auth2-pubkey.c | |
parent | d8748b91d1d6c108c0c260ed41fa55f37b9ef34b (diff) |
upstream: make UID available as a %-expansion everywhere that the
username is available currently. In the client this is via %i, in the server
%U (since %i was already used in the client in some places for this, but used
for something different in the server); bz#2870, ok dtucker@
OpenBSD-Commit-ID: c7e912b0213713316cb55db194b3a6415b3d4b95
Diffstat (limited to 'auth2-pubkey.c')
-rw-r--r-- | auth2-pubkey.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 8024b1d6a..5603f5ef3 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-pubkey.c,v 1.77 2018/03/03 03:15:51 djm Exp $ */ | 1 | /* $OpenBSD: auth2-pubkey.c,v 1.78 2018/06/01 03:33:53 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -387,7 +387,7 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw, | |||
387 | pid_t pid; | 387 | pid_t pid; |
388 | char *tmp, *username = NULL, *command = NULL, **av = NULL; | 388 | char *tmp, *username = NULL, *command = NULL, **av = NULL; |
389 | char *ca_fp = NULL, *key_fp = NULL, *catext = NULL, *keytext = NULL; | 389 | char *ca_fp = NULL, *key_fp = NULL, *catext = NULL, *keytext = NULL; |
390 | char serial_s[16]; | 390 | char serial_s[16], uidstr[32]; |
391 | void (*osigchld)(int); | 391 | void (*osigchld)(int); |
392 | 392 | ||
393 | if (authoptsp != NULL) | 393 | if (authoptsp != NULL) |
@@ -447,8 +447,11 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw, | |||
447 | } | 447 | } |
448 | snprintf(serial_s, sizeof(serial_s), "%llu", | 448 | snprintf(serial_s, sizeof(serial_s), "%llu", |
449 | (unsigned long long)cert->serial); | 449 | (unsigned long long)cert->serial); |
450 | snprintf(uidstr, sizeof(uidstr), "%llu", | ||
451 | (unsigned long long)user_pw->pw_uid); | ||
450 | for (i = 1; i < ac; i++) { | 452 | for (i = 1; i < ac; i++) { |
451 | tmp = percent_expand(av[i], | 453 | tmp = percent_expand(av[i], |
454 | "U", uidstr, | ||
452 | "u", user_pw->pw_name, | 455 | "u", user_pw->pw_name, |
453 | "h", user_pw->pw_dir, | 456 | "h", user_pw->pw_dir, |
454 | "t", sshkey_ssh_name(key), | 457 | "t", sshkey_ssh_name(key), |
@@ -852,7 +855,7 @@ user_key_command_allowed2(struct ssh *ssh, struct passwd *user_pw, | |||
852 | int i, uid_swapped = 0, ac = 0; | 855 | int i, uid_swapped = 0, ac = 0; |
853 | pid_t pid; | 856 | pid_t pid; |
854 | char *username = NULL, *key_fp = NULL, *keytext = NULL; | 857 | char *username = NULL, *key_fp = NULL, *keytext = NULL; |
855 | char *tmp, *command = NULL, **av = NULL; | 858 | char uidstr[32], *tmp, *command = NULL, **av = NULL; |
856 | void (*osigchld)(int); | 859 | void (*osigchld)(int); |
857 | 860 | ||
858 | if (authoptsp != NULL) | 861 | if (authoptsp != NULL) |
@@ -902,8 +905,11 @@ user_key_command_allowed2(struct ssh *ssh, struct passwd *user_pw, | |||
902 | command); | 905 | command); |
903 | goto out; | 906 | goto out; |
904 | } | 907 | } |
908 | snprintf(uidstr, sizeof(uidstr), "%llu", | ||
909 | (unsigned long long)user_pw->pw_uid); | ||
905 | for (i = 1; i < ac; i++) { | 910 | for (i = 1; i < ac; i++) { |
906 | tmp = percent_expand(av[i], | 911 | tmp = percent_expand(av[i], |
912 | "U", uidstr, | ||
907 | "u", user_pw->pw_name, | 913 | "u", user_pw->pw_name, |
908 | "h", user_pw->pw_dir, | 914 | "h", user_pw->pw_dir, |
909 | "t", sshkey_ssh_name(key), | 915 | "t", sshkey_ssh_name(key), |