- markus@cvs.openbsd.org 2002/06/11 04:14:26

[ssh.c sshconnect.c sshconnect.h] no longer use uidswap.[ch] from the ssh client run less code with euid==0 if ssh is installed setuid root just switch the euid, don't switch the complete set of groups (this is only needed by sshd). ok provos@
author: Ben Lindstrom <mouring@eviladmin.org> 2002-06-11 16:37:51 +0000
committer: Ben Lindstrom <mouring@eviladmin.org> 2002-06-11 16:37:51 +0000
commit: f9c4884c8effe6dd78ab3ed4e42ed69c4a8652d0 (patch)
tree: bf92c1c3374176a70d0a2dd9ea23d97e13d5ee57 /sshconnect.h
parent: 8bb6f36c8fab33f7ca59b9c56e11d54caf36f965 (diff)
1 files changed, 18 insertions, 2 deletions
diff --git a/sshconnect.h b/sshconnect.h
index aeb2e51a5..48148833f 100644
--- a/sshconnect.h
+++ b/sshconnect.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: sshconnect.h,v 1.15 2002/06/09 13:32:01 markus Exp $  */
+/*      $OpenBSD: sshconnect.h,v 1.16 2002/06/11 04:14:26 markus Exp $  */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -35,7 +35,7 @@ struct Sensitive {
 int
 ssh_connect(const char *, struct sockaddr_storage *, u_short, int, int,
-    int, struct passwd *, const char *);
+    int, const char *);
 void
 ssh_login(Sensitive *, const char *, struct sockaddr *, struct passwd *);
@@ -50,4 +50,20 @@ void	 ssh_userauth2(const char *, const char *, char *, Sensitive *);
 void     ssh_put_password(char *);
+/*
+ * Macros to raise/lower permissions.
+ */
+#define PRIV_START do {                         \
+        int save_errno = errno;                 \
+        (void)seteuid(original_effective_uid);  \
+        errno = save_errno;                     \
+} while (0)
+#define PRIV_END do {                           \
+        int save_errno = errno;                 \
+        (void)seteuid(original_real_uid);       \
+        errno = save_errno;                     \
+} while (0)
 #endif
author	Ben Lindstrom <mouring@eviladmin.org>	2002-06-11 16:37:51 +0000
committer	Ben Lindstrom <mouring@eviladmin.org>	2002-06-11 16:37:51 +0000
commit	f9c4884c8effe6dd78ab3ed4e42ed69c4a8652d0 (patch)
tree	bf92c1c3374176a70d0a2dd9ea23d97e13d5ee57 /sshconnect.h
parent	8bb6f36c8fab33f7ca59b9c56e11d54caf36f965 (diff)

diff --git a/sshconnect.h b/sshconnect.h index aeb2e51a5..48148833f 100644 --- a/sshconnect.h +++ b/sshconnect.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: sshconnect.h,v 1.15 2002/06/09 13:32:01 markus Exp $ */	1	/* $OpenBSD: sshconnect.h,v 1.16 2002/06/11 04:14:26 markus Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 2000 Markus Friedl. All rights reserved.	4	* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -35,7 +35,7 @@ struct Sensitive {
35		35
36	int	36	int
37	ssh_connect(const char , struct sockaddr_storage , u_short, int, int,	37	ssh_connect(const char , struct sockaddr_storage , u_short, int, int,
38	int, struct passwd , const char );	38	int, const char *);
39		39
40	void	40	void
41	ssh_login(Sensitive , const char , struct sockaddr , struct passwd );	41	ssh_login(Sensitive , const char , struct sockaddr , struct passwd );
@@ -50,4 +50,20 @@ void ssh_userauth2(const char , const char , char , Sensitive );
50		50
51	void ssh_put_password(char *);	51	void ssh_put_password(char *);
52		52
		53
		54	/*
		55	* Macros to raise/lower permissions.
		56	*/
		57	#define PRIV_START do { \
		58	int save_errno = errno; \
		59	(void)seteuid(original_effective_uid); \
		60	errno = save_errno; \
		61	} while (0)
		62
		63	#define PRIV_END do { \
		64	int save_errno = errno; \
		65	(void)seteuid(original_real_uid); \
		66	errno = save_errno; \
		67	} while (0)
		68
53	#endif	69	#endif