diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | acconfig.h | 5 | ||||
-rw-r--r-- | configure.ac | 11 | ||||
-rw-r--r-- | openbsd-compat/bsd-misc.c | 13 | ||||
-rw-r--r-- | openbsd-compat/bsd-misc.h | 7 | ||||
-rw-r--r-- | sshd.c | 2 | ||||
-rw-r--r-- | uidswap.c | 4 |
7 files changed, 32 insertions, 15 deletions
@@ -6,6 +6,9 @@ | |||
6 | - markus@cvs.openbsd.org 2002/06/12 01:09:52 | 6 | - markus@cvs.openbsd.org 2002/06/12 01:09:52 |
7 | [ssh.c] | 7 | [ssh.c] |
8 | ssh_connect returns 0 on success | 8 | ssh_connect returns 0 on success |
9 | - (bal) Build noop setgroups() for cygwin to clean up code (For other | ||
10 | platforms without the setgroups() requirement, you MUST define | ||
11 | SETGROUPS_NOOP in the configure.ac) Based on patch by vinschen@redhat.com | ||
9 | 12 | ||
10 | 20020611 | 13 | 20020611 |
11 | - (bal) ssh-agent.c RCSD fix (|unexpand already done) | 14 | - (bal) ssh-agent.c RCSD fix (|unexpand already done) |
@@ -918,4 +921,4 @@ | |||
918 | - (stevesk) entropy.c: typo in debug message | 921 | - (stevesk) entropy.c: typo in debug message |
919 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ | 922 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ |
920 | 923 | ||
921 | $Id: ChangeLog,v 1.2213 2002/06/12 16:11:12 mouring Exp $ | 924 | $Id: ChangeLog,v 1.2214 2002/06/12 16:57:14 mouring Exp $ |
diff --git a/acconfig.h b/acconfig.h index bbe50162b..713b094d6 100644 --- a/acconfig.h +++ b/acconfig.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: acconfig.h,v 1.137 2002/05/13 03:15:43 djm Exp $ */ | 1 | /* $Id: acconfig.h,v 1.138 2002/06/12 16:57:15 mouring Exp $ */ |
2 | 2 | ||
3 | #ifndef _CONFIG_H | 3 | #ifndef _CONFIG_H |
4 | #define _CONFIG_H | 4 | #define _CONFIG_H |
@@ -12,6 +12,9 @@ | |||
12 | /* supported by bsd-setproctitle.c */ | 12 | /* supported by bsd-setproctitle.c */ |
13 | #undef SPT_TYPE | 13 | #undef SPT_TYPE |
14 | 14 | ||
15 | /* setgroups() NOOP allowed */ | ||
16 | #undef SETGROUPS_NOOP | ||
17 | |||
15 | /* SCO workaround */ | 18 | /* SCO workaround */ |
16 | #undef BROKEN_SYS_TERMIO_H | 19 | #undef BROKEN_SYS_TERMIO_H |
17 | 20 | ||
diff --git a/configure.ac b/configure.ac index 59d61fd65..450e49d24 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: configure.ac,v 1.65 2002/06/07 14:37:00 mouring Exp $ | 1 | # $Id: configure.ac,v 1.66 2002/06/12 16:57:15 mouring Exp $ |
2 | 2 | ||
3 | AC_INIT | 3 | AC_INIT |
4 | AC_CONFIG_SRCDIR([ssh.c]) | 4 | AC_CONFIG_SRCDIR([ssh.c]) |
@@ -85,6 +85,7 @@ case "$host" in | |||
85 | AC_DEFINE(IPV4_DEFAULT) | 85 | AC_DEFINE(IPV4_DEFAULT) |
86 | AC_DEFINE(IP_TOS_IS_BROKEN) | 86 | AC_DEFINE(IP_TOS_IS_BROKEN) |
87 | AC_DEFINE(NO_X11_UNIX_SOCKETS) | 87 | AC_DEFINE(NO_X11_UNIX_SOCKETS) |
88 | AC_DEFINE(SETGROUPS_NOOP) | ||
88 | ;; | 89 | ;; |
89 | *-*-dgux*) | 90 | *-*-dgux*) |
90 | AC_DEFINE(IP_TOS_IS_BROKEN) | 91 | AC_DEFINE(IP_TOS_IS_BROKEN) |
@@ -569,10 +570,10 @@ AC_CHECK_FUNCS(arc4random b64_ntop bcopy bindresvport_sa \ | |||
569 | inet_ntop innetgr login_getcapbool md5_crypt memmove \ | 570 | inet_ntop innetgr login_getcapbool md5_crypt memmove \ |
570 | mkdtemp mmap ngetaddrinfo openpty ogetaddrinfo readpassphrase \ | 571 | mkdtemp mmap ngetaddrinfo openpty ogetaddrinfo readpassphrase \ |
571 | realpath recvmsg rresvport_af sendmsg setdtablesize setegid \ | 572 | realpath recvmsg rresvport_af sendmsg setdtablesize setegid \ |
572 | setenv seteuid setlogin setproctitle setresgid setreuid setrlimit \ | 573 | setenv seteuid setgroups setlogin setproctitle setresgid setreuid \ |
573 | setsid setvbuf sigaction sigvec snprintf socketpair strerror \ | 574 | setrlimit setsid setvbuf sigaction sigvec snprintf socketpair \ |
574 | strlcat strlcpy strmode strsep sysconf tcgetpgrp truncate utimes \ | 575 | strerror strlcat strlcpy strmode strsep sysconf tcgetpgrp truncate \ |
575 | vhangup vsnprintf waitpid __b64_ntop _getpty) | 576 | utimes vhangup vsnprintf waitpid __b64_ntop _getpty) |
576 | 577 | ||
577 | dnl IRIX and Solaris 2.5.1 have dirname() in libgen | 578 | dnl IRIX and Solaris 2.5.1 have dirname() in libgen |
578 | AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ | 579 | AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ |
diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c index 237f93931..680375ce6 100644 --- a/openbsd-compat/bsd-misc.c +++ b/openbsd-compat/bsd-misc.c | |||
@@ -24,7 +24,7 @@ | |||
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | 26 | ||
27 | RCSID("$Id: bsd-misc.c,v 1.6 2002/05/08 02:51:32 tim Exp $"); | 27 | RCSID("$Id: bsd-misc.c,v 1.7 2002/06/12 16:57:15 mouring Exp $"); |
28 | 28 | ||
29 | char *get_progname(char *argv0) | 29 | char *get_progname(char *argv0) |
30 | { | 30 | { |
@@ -118,3 +118,14 @@ int truncate (const char *path, off_t length) | |||
118 | } | 118 | } |
119 | #endif /* HAVE_TRUNCATE */ | 119 | #endif /* HAVE_TRUNCATE */ |
120 | 120 | ||
121 | #if !defined(HAVE_SETGROUPS) && defined(SETGROUPS_NOOP) | ||
122 | /* | ||
123 | * Cygwin setgroups should be a noop. | ||
124 | */ | ||
125 | int | ||
126 | setgroups(size_t size, const git_t *list) | ||
127 | { | ||
128 | return 0; | ||
129 | } | ||
130 | #endif | ||
131 | |||
diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h index 9475a2945..aff231733 100644 --- a/openbsd-compat/bsd-misc.h +++ b/openbsd-compat/bsd-misc.h | |||
@@ -22,7 +22,7 @@ | |||
22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
23 | */ | 23 | */ |
24 | 24 | ||
25 | /* $Id: bsd-misc.h,v 1.4 2002/05/08 02:51:32 tim Exp $ */ | 25 | /* $Id: bsd-misc.h,v 1.5 2002/06/12 16:57:15 mouring Exp $ */ |
26 | 26 | ||
27 | #ifndef _BSD_MISC_H | 27 | #ifndef _BSD_MISC_H |
28 | #define _BSD_MISC_H | 28 | #define _BSD_MISC_H |
@@ -76,4 +76,9 @@ int utimes(char *filename, struct timeval *tvp); | |||
76 | int truncate (const char *path, off_t length); | 76 | int truncate (const char *path, off_t length); |
77 | #endif /* HAVE_TRUNCATE */ | 77 | #endif /* HAVE_TRUNCATE */ |
78 | 78 | ||
79 | #if !defined(HAVE_SETGROUPS) && defined(SETGROUPS_NOOP) | ||
80 | int setgroups(size_t size, const git_t *list); | ||
81 | #endif | ||
82 | |||
83 | |||
79 | #endif /* _BSD_MISC_H */ | 84 | #endif /* _BSD_MISC_H */ |
@@ -1018,7 +1018,6 @@ main(int ac, char **av) | |||
1018 | if (test_flag) | 1018 | if (test_flag) |
1019 | exit(0); | 1019 | exit(0); |
1020 | 1020 | ||
1021 | #ifndef HAVE_CYGWIN | ||
1022 | /* | 1021 | /* |
1023 | * Clear out any supplemental groups we may have inherited. This | 1022 | * Clear out any supplemental groups we may have inherited. This |
1024 | * prevents inadvertent creation of files with bad modes (in the | 1023 | * prevents inadvertent creation of files with bad modes (in the |
@@ -1028,7 +1027,6 @@ main(int ac, char **av) | |||
1028 | */ | 1027 | */ |
1029 | if (setgroups(0, NULL) < 0) | 1028 | if (setgroups(0, NULL) < 0) |
1030 | debug("setgroups() failed: %.200s", strerror(errno)); | 1029 | debug("setgroups() failed: %.200s", strerror(errno)); |
1031 | #endif /* !HAVE_CYGWIN */ | ||
1032 | 1030 | ||
1033 | /* Initialize the log (it is reinitialized below in case we forked). */ | 1031 | /* Initialize the log (it is reinitialized below in case we forked). */ |
1034 | if (debug_flag && !inetd_flag) | 1032 | if (debug_flag && !inetd_flag) |
@@ -80,11 +80,9 @@ temporarily_use_uid(struct passwd *pw) | |||
80 | if (user_groupslen < 0) | 80 | if (user_groupslen < 0) |
81 | fatal("getgroups: %.100s", strerror(errno)); | 81 | fatal("getgroups: %.100s", strerror(errno)); |
82 | } | 82 | } |
83 | #ifndef HAVE_CYGWIN | ||
84 | /* Set the effective uid to the given (unprivileged) uid. */ | 83 | /* Set the effective uid to the given (unprivileged) uid. */ |
85 | if (setgroups(user_groupslen, user_groups) < 0) | 84 | if (setgroups(user_groupslen, user_groups) < 0) |
86 | fatal("setgroups: %.100s", strerror(errno)); | 85 | fatal("setgroups: %.100s", strerror(errno)); |
87 | #endif /* !HAVE_CYGWIN */ | ||
88 | #ifndef SAVED_IDS_WORK_WITH_SETEUID | 86 | #ifndef SAVED_IDS_WORK_WITH_SETEUID |
89 | /* Propagate the privileged gid to all of our gids. */ | 87 | /* Propagate the privileged gid to all of our gids. */ |
90 | if (setgid(getegid()) < 0) | 88 | if (setgid(getegid()) < 0) |
@@ -130,10 +128,8 @@ restore_uid(void) | |||
130 | setgid(getgid()); | 128 | setgid(getgid()); |
131 | #endif /* SAVED_IDS_WORK_WITH_SETEUID */ | 129 | #endif /* SAVED_IDS_WORK_WITH_SETEUID */ |
132 | 130 | ||
133 | #ifndef HAVE_CYGWIN | ||
134 | if (setgroups(saved_egroupslen, saved_egroups) < 0) | 131 | if (setgroups(saved_egroupslen, saved_egroups) < 0) |
135 | fatal("setgroups: %.100s", strerror(errno)); | 132 | fatal("setgroups: %.100s", strerror(errno)); |
136 | #endif /* !HAVE_CYGWIN */ | ||
137 | temporarily_use_uid_effective = 0; | 133 | temporarily_use_uid_effective = 0; |
138 | } | 134 | } |
139 | 135 | ||