* New upstream release (http://www.openssh.org/txt/release-5.7):

- Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. - sftp(1)/sftp-server(8): add a protocol extension to support a hard link operation. It is available through the "ln" command in the client. The old "ln" behaviour of creating a symlink is available using its "-s" option or through the preexisting "symlink" command. - scp(1): Add a new -3 option to scp: Copies between two remote hosts are transferred through the local host (closes: #508613). - ssh(1): "atomically" create the listening mux socket by binding it on a temporary name and then linking it into position after listen() has succeeded. This allows the mux clients to determine that the server socket is either ready or stale without races (closes: #454784). Stale server sockets are now automatically removed (closes: #523250). - ssh(1): install a SIGCHLD handler to reap expired child process (closes: #594687). - ssh(1)/ssh-agent(1): honour $TMPDIR for client xauth and ssh-agent temporary directories (closes: #357469, although only if you arrange for ssh-agent to actually see $TMPDIR since the setgid bit will cause it to be stripped off).
author: Colin Watson <cjwatson@debian.org> 2011-01-24 12:43:25 +0000
committer: Colin Watson <cjwatson@debian.org> 2011-01-24 12:43:25 +0000
commit: 626f1d986ff72aa514da63e34744e1de9cf21b9a (patch)
tree: d215a5280bc2e57251e4a9e08bfd3674ad824a94 /session.c
parent: 6ed622cb6fe8f71bbe0d998cdd12280410bfb420 (diff)
parent: 0970072c89b079b022538e3c366fbfa2c53fc821 (diff)
1 files changed, 9 insertions, 71 deletions
diff --git a/session.c b/session.c
index 71e4fbe7c..fff31b02e 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.256 2010/06/25 07:20:04 djm Exp $ */
+/* $OpenBSD: session.c,v 1.258 2010/11/25 04:10:09 djm Exp $ */
 /*
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
@@ -585,7 +585,8 @@ do_exec_no_pty(Session *s, const char *command)
        s->pid = pid;
        /* Set interactive/non-interactive mode. */
-        packet_set_interactive(s->display != NULL);
+        packet_set_interactive(s->display != NULL,
+            options.ip_qos_interactive, options.ip_qos_bulk);
        /*
         * Clear loginmsg, since it's the child's responsibility to display
@@ -739,7 +740,8 @@ do_exec_pty(Session *s, const char *command)
        /* Enter interactive session. */
        s->ptymaster = ptymaster;
-        packet_set_interactive(1);
+        packet_set_interactive(1, 
+            options.ip_qos_interactive, options.ip_qos_bulk);
        if (compat20) {
                session_set_fds(s, ptyfd, fdout, -1, 1, 1);
        } else {
@@ -1469,36 +1471,16 @@ do_setusercontext(struct passwd *pw)
 {
        char *chroot_path, *tmp;
-#ifdef WITH_SELINUX
+        platform_setusercontext(pw);
-        /* Cache selinux status for later use */
-        (void)ssh_selinux_enabled();
-#endif
-#ifndef HAVE_CYGWIN
+        if (platform_privileged_uidswap()) {
-        if (getuid() == 0 || geteuid() == 0)
-#endif /* HAVE_CYGWIN */
-        {
 #ifdef HAVE_LOGIN_CAP
-# ifdef __bsdi__
-                setpgid(0, 0);
-# endif
-# ifdef USE_PAM
-                if (options.use_pam) {
-                        do_pam_setcred(use_privsep);
-                }
-# endif /* USE_PAM */
                if (setusercontext(lc, pw, pw->pw_uid,
                    (LOGIN_SETALL & ~(LOGIN_SETPATH|LOGIN_SETUSER))) < 0) {
                        perror("unable to set user context");
                        exit(1);
                }
 #else
-# if defined(HAVE_GETLUID) && defined(HAVE_SETLUID)
-                /* Sets login uid for accounting */
-                if (getluid() == -1 && setluid(pw->pw_uid) == -1)
-                        error("setluid: %s", strerror(errno));
-# endif /* defined(HAVE_GETLUID) && defined(HAVE_SETLUID) */
                if (setlogin(pw->pw_name) < 0)
                        error("setlogin failed: %s", strerror(errno));
                if (setgid(pw->pw_gid) < 0) {
@@ -1511,50 +1493,9 @@ do_setusercontext(struct passwd *pw)
                        exit(1);
                }
                endgrent();
-# ifdef USE_PAM
-                /*
-                 * PAM credentials may take the form of supplementary groups.
-                 * These will have been wiped by the above initgroups() call.
-                 * Reestablish them here.
-                 */
-                if (options.use_pam) {
-                        do_pam_setcred(use_privsep);
-                }
-# endif /* USE_PAM */
-# if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY)
-                irix_setusercontext(pw);
-# endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */
-# ifdef _AIX
-                aix_usrinfo(pw);
-# endif /* _AIX */
-# ifdef USE_LIBIAF
-                if (set_id(pw->pw_name) != 0) {
-                        exit(1);
-                }
-# endif /* USE_LIBIAF */
 #endif
-#ifdef HAVE_SETPCRED
-                /*
-                 * If we have a chroot directory, we set all creds except real
-                 * uid which we will need for chroot.  If we don't have a
-                 * chroot directory, we don't override anything.
-                 */
-                {
-                        char **creds = NULL, *chroot_creds[] =
-                            { "REAL_USER=root", NULL };
-                        if (options.chroot_directory != NULL &&
-                            strcasecmp(options.chroot_directory, "none") != 0)
-                                creds = chroot_creds;
-                        if (setpcred(pw->pw_name, creds) == -1)
-                                fatal("Failed to set process credentials");
-                }
-#endif /* HAVE_SETPCRED */
-#ifdef WITH_SELINUX
+                platform_setusercontext_post_groups(pw);
-                ssh_selinux_setup_exec_context(pw->pw_name);
-#endif
                if (options.chroot_directory != NULL &&
                    strcasecmp(options.chroot_directory, "none") != 0) {
@@ -1628,8 +1569,6 @@ launch_login(struct passwd *pw, const char *hostname)
 static void
 child_close_fds(void)
 {
-        int i;
        if (packet_get_connection_in() == packet_get_connection_out())
                close(packet_get_connection_in());
        else {
@@ -1655,8 +1594,7 @@ child_close_fds(void)
         * initgroups, because at least on Solaris 2.3 it leaves file
         * descriptors open.
         */
-        for (i = 3; i < 64; i++)
+        closefrom(STDERR_FILENO + 1);
-                close(i);
 }
 /*
author	Colin Watson <cjwatson@debian.org>	2011-01-24 12:43:25 +0000
committer	Colin Watson <cjwatson@debian.org>	2011-01-24 12:43:25 +0000
commit	626f1d986ff72aa514da63e34744e1de9cf21b9a (patch)
tree	d215a5280bc2e57251e4a9e08bfd3674ad824a94 /session.c
parent	6ed622cb6fe8f71bbe0d998cdd12280410bfb420 (diff)
parent	0970072c89b079b022538e3c366fbfa2c53fc821 (diff)

diff --git a/session.c b/session.c index 71e4fbe7c..fff31b02e 100644 --- a/session.c +++ b/session.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: session.c,v 1.256 2010/06/25 07:20:04 djm Exp $ */	1	/* $OpenBSD: session.c,v 1.258 2010/11/25 04:10:09 djm Exp $ */
2	/*	2	/*
3	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	3	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4	* All rights reserved	4	* All rights reserved
@@ -585,7 +585,8 @@ do_exec_no_pty(Session s, const char command)
585		585
586	s->pid = pid;	586	s->pid = pid;
587	/* Set interactive/non-interactive mode. */	587	/* Set interactive/non-interactive mode. */
588	packet_set_interactive(s->display != NULL);	588	packet_set_interactive(s->display != NULL,
		589	options.ip_qos_interactive, options.ip_qos_bulk);
589		590
590	/*	591	/*
591	* Clear loginmsg, since it's the child's responsibility to display	592	* Clear loginmsg, since it's the child's responsibility to display
@@ -739,7 +740,8 @@ do_exec_pty(Session s, const char command)
739		740
740	/* Enter interactive session. */	741	/* Enter interactive session. */
741	s->ptymaster = ptymaster;	742	s->ptymaster = ptymaster;
742	packet_set_interactive(1);	743	packet_set_interactive(1,
		744	options.ip_qos_interactive, options.ip_qos_bulk);
743	if (compat20) {	745	if (compat20) {
744	session_set_fds(s, ptyfd, fdout, -1, 1, 1);	746	session_set_fds(s, ptyfd, fdout, -1, 1, 1);
745	} else {	747	} else {
@@ -1469,36 +1471,16 @@ do_setusercontext(struct passwd *pw)
1469	{	1471	{
1470	char chroot_path, tmp;	1472	char chroot_path, tmp;
1471		1473
1472	#ifdef WITH_SELINUX	1474	platform_setusercontext(pw);
1473	/* Cache selinux status for later use */
1474	(void)ssh_selinux_enabled();
1475	#endif
1476		1475
1477	#ifndef HAVE_CYGWIN	1476	if (platform_privileged_uidswap()) {
1478	if (getuid() == 0 \|\| geteuid() == 0)
1479	#endif /* HAVE_CYGWIN */
1480	{
1481	#ifdef HAVE_LOGIN_CAP	1477	#ifdef HAVE_LOGIN_CAP
1482	# ifdef __bsdi__
1483	setpgid(0, 0);
1484	# endif
1485	# ifdef USE_PAM
1486	if (options.use_pam) {
1487	do_pam_setcred(use_privsep);
1488	}
1489	# endif /* USE_PAM */
1490	if (setusercontext(lc, pw, pw->pw_uid,	1478	if (setusercontext(lc, pw, pw->pw_uid,
1491	(LOGIN_SETALL & ~(LOGIN_SETPATH\|LOGIN_SETUSER))) < 0) {	1479	(LOGIN_SETALL & ~(LOGIN_SETPATH\|LOGIN_SETUSER))) < 0) {
1492	perror("unable to set user context");	1480	perror("unable to set user context");
1493	exit(1);	1481	exit(1);
1494	}	1482	}
1495	#else	1483	#else
1496	# if defined(HAVE_GETLUID) && defined(HAVE_SETLUID)
1497	/* Sets login uid for accounting */
1498	if (getluid() == -1 && setluid(pw->pw_uid) == -1)
1499	error("setluid: %s", strerror(errno));
1500	# endif /* defined(HAVE_GETLUID) && defined(HAVE_SETLUID) */
1501
1502	if (setlogin(pw->pw_name) < 0)	1484	if (setlogin(pw->pw_name) < 0)
1503	error("setlogin failed: %s", strerror(errno));	1485	error("setlogin failed: %s", strerror(errno));
1504	if (setgid(pw->pw_gid) < 0) {	1486	if (setgid(pw->pw_gid) < 0) {
@@ -1511,50 +1493,9 @@ do_setusercontext(struct passwd *pw)
1511	exit(1);	1493	exit(1);
1512	}	1494	}
1513	endgrent();	1495	endgrent();
1514	# ifdef USE_PAM
1515	/*
1516	* PAM credentials may take the form of supplementary groups.
1517	* These will have been wiped by the above initgroups() call.
1518	* Reestablish them here.
1519	*/
1520	if (options.use_pam) {
1521	do_pam_setcred(use_privsep);
1522	}
1523	# endif /* USE_PAM */
1524	# if defined(WITH_IRIX_PROJECT) \|\| defined(WITH_IRIX_JOBS) \|\| defined(WITH_IRIX_ARRAY)
1525	irix_setusercontext(pw);
1526	# endif /* defined(WITH_IRIX_PROJECT) \|\| defined(WITH_IRIX_JOBS) \|\| defined(WITH_IRIX_ARRAY) */
1527	# ifdef _AIX
1528	aix_usrinfo(pw);
1529	# endif /* _AIX */
1530	# ifdef USE_LIBIAF
1531	if (set_id(pw->pw_name) != 0) {
1532	exit(1);
1533	}
1534	# endif /* USE_LIBIAF */
1535	#endif	1496	#endif
1536	#ifdef HAVE_SETPCRED
1537	/*
1538	* If we have a chroot directory, we set all creds except real
1539	* uid which we will need for chroot. If we don't have a
1540	* chroot directory, we don't override anything.
1541	*/
1542	{
1543	char *creds = NULL, chroot_creds[] =
1544	{ "REAL_USER=root", NULL };
1545
1546	if (options.chroot_directory != NULL &&
1547	strcasecmp(options.chroot_directory, "none") != 0)
1548	creds = chroot_creds;
1549
1550	if (setpcred(pw->pw_name, creds) == -1)
1551	fatal("Failed to set process credentials");
1552	}
1553	#endif /* HAVE_SETPCRED */
1554		1497
1555	#ifdef WITH_SELINUX	1498	platform_setusercontext_post_groups(pw);
1556	ssh_selinux_setup_exec_context(pw->pw_name);
1557	#endif
1558		1499
1559	if (options.chroot_directory != NULL &&	1500	if (options.chroot_directory != NULL &&
1560	strcasecmp(options.chroot_directory, "none") != 0) {	1501	strcasecmp(options.chroot_directory, "none") != 0) {
@@ -1628,8 +1569,6 @@ launch_login(struct passwd pw, const char hostname)
1628	static void	1569	static void
1629	child_close_fds(void)	1570	child_close_fds(void)
1630	{	1571	{
1631	int i;
1632
1633	if (packet_get_connection_in() == packet_get_connection_out())	1572	if (packet_get_connection_in() == packet_get_connection_out())
1634	close(packet_get_connection_in());	1573	close(packet_get_connection_in());
1635	else {	1574	else {
@@ -1655,8 +1594,7 @@ child_close_fds(void)
1655	* initgroups, because at least on Solaris 2.3 it leaves file	1594	* initgroups, because at least on Solaris 2.3 it leaves file
1656	* descriptors open.	1595	* descriptors open.
1657	*/	1596	*/
1658	for (i = 3; i < 64; i++)	1597	closefrom(STDERR_FILENO + 1);
1659	close(i);
1660	}	1598	}
1661		1599
1662	/*	1600	/*