diff options
author | Damien Miller <djm@mindrot.org> | 1999-11-12 08:49:09 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 1999-11-12 08:49:09 +1100 |
commit | 776af5de4f7f2aa938cdd17bf85a9c891ce7dbd9 (patch) | |
tree | 75fab80e6ef52cfc80bbda3dddd9154b0fc28323 /sshd.c | |
parent | 7c64ba3fc505c14c172d9b2d7695a3104b4c49f5 (diff) |
- Merged changes from OpenBSD CVS
- [sshd.c] session_key_int may be zero
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 25 |
1 files changed, 15 insertions, 10 deletions
@@ -18,7 +18,7 @@ agent connections. | |||
18 | */ | 18 | */ |
19 | 19 | ||
20 | #include "includes.h" | 20 | #include "includes.h" |
21 | RCSID("$Id: sshd.c,v 1.14 1999/11/11 09:44:05 damien Exp $"); | 21 | RCSID("$Id: sshd.c,v 1.15 1999/11/11 21:49:09 damien Exp $"); |
22 | 22 | ||
23 | #include "xmalloc.h" | 23 | #include "xmalloc.h" |
24 | #include "rsa.h" | 24 | #include "rsa.h" |
@@ -1025,7 +1025,7 @@ void do_connection(int privileged_port) | |||
1025 | key is in the highest bits. */ | 1025 | key is in the highest bits. */ |
1026 | BN_mask_bits(session_key_int, sizeof(session_key) * 8); | 1026 | BN_mask_bits(session_key_int, sizeof(session_key) * 8); |
1027 | len = BN_num_bytes(session_key_int); | 1027 | len = BN_num_bytes(session_key_int); |
1028 | if (len <= 0 || len > sizeof(session_key)) | 1028 | if (len < 0 || len > sizeof(session_key)) |
1029 | fatal("do_connection: bad len: session_key_int %d > sizeof(session_key) %d", | 1029 | fatal("do_connection: bad len: session_key_int %d > sizeof(session_key) %d", |
1030 | len, sizeof(session_key)); | 1030 | len, sizeof(session_key)); |
1031 | memset(session_key, 0, sizeof(session_key)); | 1031 | memset(session_key, 0, sizeof(session_key)); |
@@ -1516,11 +1516,11 @@ do_authentication(char *user, int privileged_port) | |||
1516 | packet_disconnect("Too many authentication failures for %.100s from %.200s", | 1516 | packet_disconnect("Too many authentication failures for %.100s from %.200s", |
1517 | pw->pw_name, get_canonical_hostname()); | 1517 | pw->pw_name, get_canonical_hostname()); |
1518 | } | 1518 | } |
1519 | |||
1520 | /* Send a message indicating that the authentication attempt failed. */ | 1519 | /* Send a message indicating that the authentication attempt failed. */ |
1521 | packet_start(SSH_SMSG_FAILURE); | 1520 | packet_start(SSH_SMSG_FAILURE); |
1522 | packet_send(); | 1521 | packet_send(); |
1523 | packet_write_wait(); | 1522 | packet_write_wait(); |
1523 | |||
1524 | } | 1524 | } |
1525 | 1525 | ||
1526 | /* Check if the user is logging in as root and root logins are disallowed. */ | 1526 | /* Check if the user is logging in as root and root logins are disallowed. */ |
@@ -2296,7 +2296,13 @@ void do_child(const char *command, struct passwd *pw, const char *term, | |||
2296 | if (pw->pw_uid != 0) | 2296 | if (pw->pw_uid != 0) |
2297 | exit(254); | 2297 | exit(254); |
2298 | } | 2298 | } |
2299 | #endif | 2299 | #endif /* HAVE_LIBPAM */ |
2300 | |||
2301 | #ifdef HAVE_SETLOGIN | ||
2302 | /* Set login name in the kernel. */ | ||
2303 | if (setlogin(pw->pw_name) < 0) | ||
2304 | error("setlogin failed: %s", strerror(errno)); | ||
2305 | #endif /* HAVE_SETLOGIN */ | ||
2300 | 2306 | ||
2301 | /* Set uid, gid, and groups. */ | 2307 | /* Set uid, gid, and groups. */ |
2302 | /* Login(1) does this as well, and it needs uid 0 for the "-h" switch, | 2308 | /* Login(1) does this as well, and it needs uid 0 for the "-h" switch, |
@@ -2403,10 +2409,10 @@ void do_child(const char *command, struct passwd *pw, const char *term, | |||
2403 | 2409 | ||
2404 | #ifdef KRB4 | 2410 | #ifdef KRB4 |
2405 | { | 2411 | { |
2406 | extern char *ticket; | 2412 | extern char *ticket; |
2407 | 2413 | ||
2408 | if (ticket) | 2414 | if (ticket) |
2409 | child_set_env(&env, &envsize, "KRBTKFILE", ticket); | 2415 | child_set_env(&env, &envsize, "KRBTKFILE", ticket); |
2410 | } | 2416 | } |
2411 | #endif /* KRB4 */ | 2417 | #endif /* KRB4 */ |
2412 | 2418 | ||
@@ -2440,7 +2446,7 @@ void do_child(const char *command, struct passwd *pw, const char *term, | |||
2440 | if (auth_get_socket_name() != NULL) | 2446 | if (auth_get_socket_name() != NULL) |
2441 | child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME, | 2447 | child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME, |
2442 | auth_get_socket_name()); | 2448 | auth_get_socket_name()); |
2443 | 2449 | ||
2444 | /* Read $HOME/.ssh/environment. */ | 2450 | /* Read $HOME/.ssh/environment. */ |
2445 | if(!options.use_login) { | 2451 | if(!options.use_login) { |
2446 | snprintf(buf, sizeof buf, "%.200s/.ssh/environment", pw->pw_dir); | 2452 | snprintf(buf, sizeof buf, "%.200s/.ssh/environment", pw->pw_dir); |
@@ -2578,7 +2584,6 @@ void do_child(const char *command, struct passwd *pw, const char *term, | |||
2578 | } | 2584 | } |
2579 | } | 2585 | } |
2580 | } | 2586 | } |
2581 | |||
2582 | /* Start the shell. Set initial character to '-'. */ | 2587 | /* Start the shell. Set initial character to '-'. */ |
2583 | buf[0] = '-'; | 2588 | buf[0] = '-'; |
2584 | strncpy(buf + 1, cp, sizeof(buf) - 1); | 2589 | strncpy(buf + 1, cp, sizeof(buf) - 1); |