diff options
author | Colin Watson <cjwatson@debian.org> | 2010-01-24 22:46:54 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2010-01-24 22:46:54 +0000 |
commit | 59247ecde39f2d826a94ab07f6095ca1f6644e88 (patch) | |
tree | 5910d4a840352aafbf67e8a39fa63936e5529b26 /session.c | |
parent | 07d905b406c4ab64ea2f10a22f4f8f0d595269f6 (diff) | |
parent | 964476f91b66c475d5b8fa1e8b28d39a97a1b56e (diff) |
* New upstream release.
* Update to GSSAPI patch from
http://www.sxw.org.uk/computing/patches/openssh-5.3p1-gsskex-all-20100124.patch.
Diffstat (limited to 'session.c')
-rw-r--r-- | session.c | 30 |
1 files changed, 12 insertions, 18 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: session.c,v 1.245 2009/01/22 09:46:01 djm Exp $ */ | 1 | /* $OpenBSD: session.c,v 1.246 2009/04/17 19:23:06 stevesk Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
4 | * All rights reserved | 4 | * All rights reserved |
@@ -571,8 +571,7 @@ do_exec_no_pty(Session *s, const char *command) | |||
571 | signal(WJSIGNAL, cray_job_termination_handler); | 571 | signal(WJSIGNAL, cray_job_termination_handler); |
572 | #endif /* _UNICOS */ | 572 | #endif /* _UNICOS */ |
573 | #ifdef HAVE_CYGWIN | 573 | #ifdef HAVE_CYGWIN |
574 | if (is_winnt) | 574 | cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); |
575 | cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); | ||
576 | #endif | 575 | #endif |
577 | 576 | ||
578 | s->pid = pid; | 577 | s->pid = pid; |
@@ -716,8 +715,8 @@ do_exec_pty(Session *s, const char *command) | |||
716 | * Do common processing for the child, such as execing | 715 | * Do common processing for the child, such as execing |
717 | * the command. | 716 | * the command. |
718 | */ | 717 | */ |
719 | do_child(s, command); | 718 | do_child(s, command); |
720 | /* NOTREACHED */ | 719 | /* NOTREACHED */ |
721 | default: | 720 | default: |
722 | break; | 721 | break; |
723 | } | 722 | } |
@@ -726,8 +725,7 @@ do_exec_pty(Session *s, const char *command) | |||
726 | signal(WJSIGNAL, cray_job_termination_handler); | 725 | signal(WJSIGNAL, cray_job_termination_handler); |
727 | #endif /* _UNICOS */ | 726 | #endif /* _UNICOS */ |
728 | #ifdef HAVE_CYGWIN | 727 | #ifdef HAVE_CYGWIN |
729 | if (is_winnt) | 728 | cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); |
730 | cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); | ||
731 | #endif | 729 | #endif |
732 | 730 | ||
733 | s->pid = pid; | 731 | s->pid = pid; |
@@ -847,7 +845,7 @@ do_login(Session *s, const char *command) | |||
847 | fromlen = sizeof(from); | 845 | fromlen = sizeof(from); |
848 | if (packet_connection_is_on_socket()) { | 846 | if (packet_connection_is_on_socket()) { |
849 | if (getpeername(packet_get_connection_in(), | 847 | if (getpeername(packet_get_connection_in(), |
850 | (struct sockaddr *) & from, &fromlen) < 0) { | 848 | (struct sockaddr *)&from, &fromlen) < 0) { |
851 | debug("getpeername: %.100s", strerror(errno)); | 849 | debug("getpeername: %.100s", strerror(errno)); |
852 | cleanup_exit(255); | 850 | cleanup_exit(255); |
853 | } | 851 | } |
@@ -1116,7 +1114,7 @@ do_setup_env(Session *s, const char *shell) | |||
1116 | u_int i, envsize; | 1114 | u_int i, envsize; |
1117 | char **env, *laddr; | 1115 | char **env, *laddr; |
1118 | struct passwd *pw = s->pw; | 1116 | struct passwd *pw = s->pw; |
1119 | #ifndef HAVE_LOGIN_CAP | 1117 | #if !defined (HAVE_LOGIN_CAP) && !defined (HAVE_CYGWIN) |
1120 | char *path = NULL; | 1118 | char *path = NULL; |
1121 | #endif | 1119 | #endif |
1122 | 1120 | ||
@@ -1468,11 +1466,6 @@ do_setusercontext(struct passwd *pw) | |||
1468 | if (getuid() == 0 || geteuid() == 0) | 1466 | if (getuid() == 0 || geteuid() == 0) |
1469 | #endif /* HAVE_CYGWIN */ | 1467 | #endif /* HAVE_CYGWIN */ |
1470 | { | 1468 | { |
1471 | |||
1472 | #ifdef HAVE_SETPCRED | ||
1473 | if (setpcred(pw->pw_name, (char **)NULL) == -1) | ||
1474 | fatal("Failed to set process credentials"); | ||
1475 | #endif /* HAVE_SETPCRED */ | ||
1476 | #ifdef HAVE_LOGIN_CAP | 1469 | #ifdef HAVE_LOGIN_CAP |
1477 | # ifdef __bsdi__ | 1470 | # ifdef __bsdi__ |
1478 | setpgid(0, 0); | 1471 | setpgid(0, 0); |
@@ -1544,6 +1537,10 @@ do_setusercontext(struct passwd *pw) | |||
1544 | free(chroot_path); | 1537 | free(chroot_path); |
1545 | } | 1538 | } |
1546 | 1539 | ||
1540 | #ifdef HAVE_SETPCRED | ||
1541 | if (setpcred(pw->pw_name, (char **)NULL) == -1) | ||
1542 | fatal("Failed to set process credentials"); | ||
1543 | #endif /* HAVE_SETPCRED */ | ||
1547 | #ifdef HAVE_LOGIN_CAP | 1544 | #ifdef HAVE_LOGIN_CAP |
1548 | if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUSER) < 0) { | 1545 | if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUSER) < 0) { |
1549 | perror("unable to set user context (setuser)"); | 1546 | perror("unable to set user context (setuser)"); |
@@ -1555,9 +1552,6 @@ do_setusercontext(struct passwd *pw) | |||
1555 | #endif | 1552 | #endif |
1556 | } | 1553 | } |
1557 | 1554 | ||
1558 | #ifdef HAVE_CYGWIN | ||
1559 | if (is_winnt) | ||
1560 | #endif | ||
1561 | if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) | 1555 | if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) |
1562 | fatal("Failed to set uids to %u.", (u_int) pw->pw_uid); | 1556 | fatal("Failed to set uids to %u.", (u_int) pw->pw_uid); |
1563 | } | 1557 | } |
@@ -1794,7 +1788,7 @@ do_child(Session *s, const char *command) | |||
1794 | int i; | 1788 | int i; |
1795 | char *p, *args; | 1789 | char *p, *args; |
1796 | 1790 | ||
1797 | setproctitle("%s@internal-sftp-server", s->pw->pw_name); | 1791 | setproctitle("%s@%s", s->pw->pw_name, INTERNAL_SFTP_NAME); |
1798 | args = xstrdup(command ? command : "sftp-server"); | 1792 | args = xstrdup(command ? command : "sftp-server"); |
1799 | for (i = 0, (p = strtok(args, " ")); p; (p = strtok(NULL, " "))) | 1793 | for (i = 0, (p = strtok(args, " ")); p; (p = strtok(NULL, " "))) |
1800 | if (i < ARGV_MAX - 1) | 1794 | if (i < ARGV_MAX - 1) |