diff options
author | Damien Miller <djm@mindrot.org> | 2003-02-24 12:03:38 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2003-02-24 12:03:38 +1100 |
commit | 06ebedf3656bbe603d0a0d8db9eeeb35ff702643 (patch) | |
tree | 755e626188c06e427106aeb475b7a479c36d88f8 /monitor_wrap.c | |
parent | 8e7fb335235bd6a7f8387a40bf71eaf9798f6f7e (diff) |
- markus@cvs.openbsd.org 2003/02/16 17:30:33
[monitor.c monitor_wrap.c]
fix permitrootlogin forced-commands-only for privsep; bux #387; ok provos@
Diffstat (limited to 'monitor_wrap.c')
-rw-r--r-- | monitor_wrap.c | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/monitor_wrap.c b/monitor_wrap.c index 551bbc15a..1395a32f4 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c | |||
@@ -25,7 +25,7 @@ | |||
25 | */ | 25 | */ |
26 | 26 | ||
27 | #include "includes.h" | 27 | #include "includes.h" |
28 | RCSID("$OpenBSD: monitor_wrap.c,v 1.21 2003/02/04 09:33:22 markus Exp $"); | 28 | RCSID("$OpenBSD: monitor_wrap.c,v 1.22 2003/02/16 17:30:33 markus Exp $"); |
29 | 29 | ||
30 | #include <openssl/bn.h> | 30 | #include <openssl/bn.h> |
31 | #include <openssl/dh.h> | 31 | #include <openssl/dh.h> |
@@ -34,6 +34,7 @@ RCSID("$OpenBSD: monitor_wrap.c,v 1.21 2003/02/04 09:33:22 markus Exp $"); | |||
34 | #include "dh.h" | 34 | #include "dh.h" |
35 | #include "kex.h" | 35 | #include "kex.h" |
36 | #include "auth.h" | 36 | #include "auth.h" |
37 | #include "auth-options.h" | ||
37 | #include "buffer.h" | 38 | #include "buffer.h" |
38 | #include "bufaux.h" | 39 | #include "bufaux.h" |
39 | #include "packet.h" | 40 | #include "packet.h" |
@@ -312,7 +313,7 @@ mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key) | |||
312 | Buffer m; | 313 | Buffer m; |
313 | u_char *blob; | 314 | u_char *blob; |
314 | u_int len; | 315 | u_int len; |
315 | int allowed = 0; | 316 | int allowed = 0, have_forced = 0; |
316 | 317 | ||
317 | debug3("%s entering", __func__); | 318 | debug3("%s entering", __func__); |
318 | 319 | ||
@@ -334,6 +335,11 @@ mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key) | |||
334 | 335 | ||
335 | allowed = buffer_get_int(&m); | 336 | allowed = buffer_get_int(&m); |
336 | 337 | ||
338 | /* fake forced command */ | ||
339 | auth_clear_options(); | ||
340 | have_forced = buffer_get_int(&m); | ||
341 | forced_command = have_forced ? xstrdup("true") : NULL; | ||
342 | |||
337 | /* Send potential debug messages */ | 343 | /* Send potential debug messages */ |
338 | mm_send_debug(&m); | 344 | mm_send_debug(&m); |
339 | 345 | ||
@@ -853,7 +859,7 @@ mm_auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) | |||
853 | Key *key; | 859 | Key *key; |
854 | u_char *blob; | 860 | u_char *blob; |
855 | u_int blen; | 861 | u_int blen; |
856 | int allowed = 0; | 862 | int allowed = 0, have_forced = 0; |
857 | 863 | ||
858 | debug3("%s entering", __func__); | 864 | debug3("%s entering", __func__); |
859 | 865 | ||
@@ -865,6 +871,11 @@ mm_auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) | |||
865 | 871 | ||
866 | allowed = buffer_get_int(&m); | 872 | allowed = buffer_get_int(&m); |
867 | 873 | ||
874 | /* fake forced command */ | ||
875 | auth_clear_options(); | ||
876 | have_forced = buffer_get_int(&m); | ||
877 | forced_command = have_forced ? xstrdup("true") : NULL; | ||
878 | |||
868 | if (allowed && rkey != NULL) { | 879 | if (allowed && rkey != NULL) { |
869 | blob = buffer_get_string(&m, &blen); | 880 | blob = buffer_get_string(&m, &blen); |
870 | if ((key = key_from_blob(blob, blen)) == NULL) | 881 | if ((key = key_from_blob(blob, blen)) == NULL) |