Import openssh_7.8p1.orig.tar.gz

author: Colin Watson <cjwatson@debian.org> 2018-08-24 12:49:36 +0100
committer: Colin Watson <cjwatson@debian.org> 2018-08-24 12:49:36 +0100
commit: e6547182a54f0f268ee36e7c99319eeddffbaff2 (patch)
tree: 417527229ad3f3764ba71ea383f478a168895087 /uidswap.c
parent: ed6ae9c1a014a08ff5db3d768f01f2e427eeb476 (diff)
parent: 71508e06fab14bc415a79a08f5535ad7bffa93d9 (diff)
1 files changed, 6 insertions, 33 deletions
diff --git a/uidswap.c b/uidswap.c
index 8bf6b244e..49f76d818 100644
--- a/uidswap.c
+++ b/uidswap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: uidswap.c,v 1.39 2015/06/24 01:49:19 dtucker Exp $ */
+/* $OpenBSD: uidswap.c,v 1.41 2018/07/18 11:34:04 dtucker Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -49,6 +49,7 @@ static gid_t	saved_egid = 0;
 /* Saved effective uid. */
 static int      privileged = 0;
 static int      temporarily_use_uid_effective = 0;
+static uid_t    user_groups_uid;
 static gid_t    *saved_egroups = NULL, *user_groups = NULL;
 static int      saved_egroupslen = -1, user_groupslen = -1;
@@ -92,10 +93,11 @@ temporarily_use_uid(struct passwd *pw)
                        fatal("getgroups: %.100s", strerror(errno));
        } else { /* saved_egroupslen == 0 */
                free(saved_egroups);
+                saved_egroups = NULL;
        }
        /* set and save the user's groups */
-        if (user_groupslen == -1) {
+        if (user_groupslen == -1 || user_groups_uid != pw->pw_uid) {
                if (initgroups(pw->pw_name, pw->pw_gid) < 0)
                        fatal("initgroups: %s: %.100s", pw->pw_name,
                            strerror(errno));
@@ -110,7 +112,9 @@ temporarily_use_uid(struct passwd *pw)
                                fatal("getgroups: %.100s", strerror(errno));
                } else { /* user_groupslen == 0 */
                        free(user_groups);
+                        user_groups = NULL;
                }
+                user_groups_uid = pw->pw_uid;
        }
        /* Set the effective uid to the given (unprivileged) uid. */
        if (setgroups(user_groupslen, user_groups) < 0)
@@ -131,37 +135,6 @@ temporarily_use_uid(struct passwd *pw)
                    strerror(errno));
 }
-void
-permanently_drop_suid(uid_t uid)
-{
-#ifndef NO_UID_RESTORATION_TEST
-        uid_t old_uid = getuid();
-#endif
-        debug("permanently_drop_suid: %u", (u_int)uid);
-        if (setresuid(uid, uid, uid) < 0)
-                fatal("setresuid %u: %.100s", (u_int)uid, strerror(errno));
-#ifndef NO_UID_RESTORATION_TEST
-        /*
-         * Try restoration of UID if changed (test clearing of saved uid).
-         *
-         * Note that we don't do this on Cygwin, or on Solaris-based platforms
-         * where fine-grained privileges are available (the user might be
-         * deliberately allowed the right to setuid back to root).
-         */
-        if (old_uid != uid &&
-            (setuid(old_uid) != -1 || seteuid(old_uid) != -1))
-                fatal("%s: was able to restore old [e]uid", __func__);
-#endif
-        /* Verify UID drop was successful */
-        if (getuid() != uid || geteuid() != uid) {
-                fatal("%s: euid incorrect uid:%u euid:%u (should be %u)",
-                    __func__, (u_int)getuid(), (u_int)geteuid(), (u_int)uid);
-        }
-}
 /*
 * Restores to the original (privileged) uid.
 */
author	Colin Watson <cjwatson@debian.org>	2018-08-24 12:49:36 +0100
committer	Colin Watson <cjwatson@debian.org>	2018-08-24 12:49:36 +0100
commit	e6547182a54f0f268ee36e7c99319eeddffbaff2 (patch)
tree	417527229ad3f3764ba71ea383f478a168895087 /uidswap.c
parent	ed6ae9c1a014a08ff5db3d768f01f2e427eeb476 (diff)
parent	71508e06fab14bc415a79a08f5535ad7bffa93d9 (diff)