diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2002-06-06 20:46:25 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2002-06-06 20:46:25 +0000 |
| commit | a26ea63f8acd883603de9f780f1ff05775e51f78 (patch) | |
| tree | 606d4ca7380deb66d5c59c9556ccbb3b54d7511d /sshd.c | |
| parent | 20abb75f53d64718827cf2c0547fc3db443fa1b9 (diff) | |
- markus@cvs.openbsd.org 2002/05/29 11:21:57
[sshd.c]
don't start if privsep is enabled and SSH_PRIVSEP_USER or
_PATH_PRIVSEP_CHROOT_DIR are missing; ok deraadt@
Diffstat (limited to 'sshd.c')
| -rw-r--r-- | sshd.c | 15 |
1 files changed, 14 insertions, 1 deletions
| @@ -42,7 +42,7 @@ | |||
| 42 | */ | 42 | */ |
| 43 | 43 | ||
| 44 | #include "includes.h" | 44 | #include "includes.h" |
| 45 | RCSID("$OpenBSD: sshd.c,v 1.243 2002/05/22 23:18:25 deraadt Exp $"); | 45 | RCSID("$OpenBSD: sshd.c,v 1.244 2002/05/29 11:21:57 markus Exp $"); |
| 46 | 46 | ||
| 47 | #include <openssl/dh.h> | 47 | #include <openssl/dh.h> |
| 48 | #include <openssl/bn.h> | 48 | #include <openssl/bn.h> |
| @@ -1001,6 +1001,19 @@ main(int ac, char **av) | |||
| 1001 | } | 1001 | } |
| 1002 | } | 1002 | } |
| 1003 | 1003 | ||
| 1004 | if (use_privsep) { | ||
| 1005 | struct passwd *pw; | ||
| 1006 | struct stat st; | ||
| 1007 | |||
| 1008 | if ((pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) | ||
| 1009 | fatal("Privilege separation user %s does not exist", | ||
| 1010 | SSH_PRIVSEP_USER); | ||
| 1011 | if ((stat(_PATH_PRIVSEP_CHROOT_DIR, &st) == -1) || | ||
| 1012 | (S_ISDIR(st.st_mode) == 0)) | ||
| 1013 | fatal("Missing privilege separation directory: %s", | ||
| 1014 | _PATH_PRIVSEP_CHROOT_DIR); | ||
| 1015 | } | ||
| 1016 | |||
| 1004 | /* Configuration looks good, so exit if in test mode. */ | 1017 | /* Configuration looks good, so exit if in test mode. */ |
| 1005 | if (test_flag) | 1018 | if (test_flag) |
| 1006 | exit(0); | 1019 | exit(0); |