- (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III

<tibbs@math.uh.edu> - (djm) OpenBSD CVS updates: - todd@cvs.openbsd.org [sshconnect2.c] teach protocol v2 to count login failures properly and also enable an explanation of why the password prompt comes up again like v1; this is NOT crypto - markus@cvs.openbsd.org [readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8] xauth_location support; pr 1234 [readconf.c sshconnect2.c] typo, unused [session.c] allow use_login only for login sessions, otherwise remote commands are execed with uid==0 [sshd.8] document UseLogin better [version.h] OpenSSH 2.1.1 [auth-rsa.c] fix match_hostname() logic for auth-rsa: deny access if we have a negative match or no match at all [channels.c hostfile.c match.c] don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via kris@FreeBSD.org
author: Damien Miller <djm@mindrot.org> 2000-06-07 19:55:44 +1000
committer: Damien Miller <djm@mindrot.org> 2000-06-07 19:55:44 +1000
commit: d3a185709dfb8588ae7cacc079312d1fcc450e9c (patch)
tree: 8e9798d35f76171481f034720767e507e6bbd6f9 /channels.c
parent: e37bfc19f7263b838896ae403e55aa703a06b69a (diff)
1 files changed, 14 insertions, 5 deletions
diff --git a/channels.c b/channels.c
index f26b3a65b..bfa025ad7 100644
--- a/channels.c
+++ b/channels.c
@@ -17,7 +17,7 @@
 */
 #include "includes.h"
-RCSID("$Id: channels.c,v 1.31 2000/05/17 12:34:23 damien Exp $");
+RCSID("$Id: channels.c,v 1.32 2000/06/07 09:55:44 djm Exp $");
 #include "ssh.h"
 #include "packet.h"
@@ -2113,11 +2113,11 @@ cleanup_socket(void)
 }
 /*
- * This if called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server.
+ * This is called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server.
 * This starts forwarding authentication requests.
 */
-void
+int
 auth_input_request_forwarding(struct passwd * pw)
 {
        int sock, newch;
@@ -2135,8 +2135,16 @@ auth_input_request_forwarding(struct passwd * pw)
        strlcpy(channel_forwarded_auth_socket_dir, "/tmp/ssh-XXXXXXXX", MAX_SOCKET_NAME);
        /* Create private directory for socket */
-        if (mkdtemp(channel_forwarded_auth_socket_dir) == NULL)
+        if (mkdtemp(channel_forwarded_auth_socket_dir) == NULL) {
-                packet_disconnect("mkdtemp: %.100s", strerror(errno));
+                packet_send_debug("Agent forwarding disabled: mkdtemp() failed: %.100s",
+                    strerror(errno));
+                restore_uid();
+                xfree(channel_forwarded_auth_socket_name);
+                xfree(channel_forwarded_auth_socket_dir);
+                channel_forwarded_auth_socket_name = NULL;
+                channel_forwarded_auth_socket_dir = NULL;
+                return 0;
+        }
        snprintf(channel_forwarded_auth_socket_name, MAX_SOCKET_NAME, "%s/agent.%d",
                 channel_forwarded_auth_socket_dir, (int) getpid());
@@ -2171,6 +2179,7 @@ auth_input_request_forwarding(struct passwd * pw)
                                 xstrdup("auth socket"));
        strlcpy(channels[newch].path, channel_forwarded_auth_socket_name,
            sizeof(channels[newch].path));
+        return 1;
 }
 /* This is called to process an SSH_SMSG_AGENT_OPEN message. */
author	Damien Miller <djm@mindrot.org>	2000-06-07 19:55:44 +1000
committer	Damien Miller <djm@mindrot.org>	2000-06-07 19:55:44 +1000
commit	d3a185709dfb8588ae7cacc079312d1fcc450e9c (patch)
tree	8e9798d35f76171481f034720767e507e6bbd6f9 /channels.c
parent	e37bfc19f7263b838896ae403e55aa703a06b69a (diff)