diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | auth.c | 26 |
2 files changed, 28 insertions, 3 deletions
@@ -6,6 +6,11 @@ | |||
6 | sftp.c: as above, plus add -p to get/put, and shorten their arg names | 6 | sftp.c: as above, plus add -p to get/put, and shorten their arg names |
7 | to keep the help usage nicely aligned | 7 | to keep the help usage nicely aligned |
8 | ok djm | 8 | ok djm |
9 | - djm@cvs.openbsd.org 2010/01/13 23:47:26 | ||
10 | [auth.c] | ||
11 | when using ChrootDirectory, make sure we test for the existence of the | ||
12 | user's shell inside the chroot; bz #1679, patch from alex AT rtfs.hu; | ||
13 | ok dtucker | ||
9 | 14 | ||
10 | 20100114 | 15 | 20100114 |
11 | - (djm) [platform.h] Add missing prototype for | 16 | - (djm) [platform.h] Add missing prototype for |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth.c,v 1.82 2010/01/13 00:19:04 dtucker Exp $ */ | 1 | /* $OpenBSD: auth.c,v 1.83 2010/01/13 23:47:26 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -95,7 +95,7 @@ allowed_user(struct passwd * pw) | |||
95 | { | 95 | { |
96 | struct stat st; | 96 | struct stat st; |
97 | const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; | 97 | const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; |
98 | char *shell; | 98 | char *shell, *tmp, *chroot_path; |
99 | u_int i; | 99 | u_int i; |
100 | #ifdef USE_SHADOW | 100 | #ifdef USE_SHADOW |
101 | struct spwd *spw = NULL; | 101 | struct spwd *spw = NULL; |
@@ -156,20 +156,40 @@ allowed_user(struct passwd * pw) | |||
156 | * Get the shell from the password data. An empty shell field is | 156 | * Get the shell from the password data. An empty shell field is |
157 | * legal, and means /bin/sh. | 157 | * legal, and means /bin/sh. |
158 | */ | 158 | */ |
159 | shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; | 159 | shell = xstrdup((pw->pw_shell[0] == '\0') ? |
160 | _PATH_BSHELL : pw->pw_shell); | ||
161 | |||
162 | /* | ||
163 | * Amend shell if chroot is requested. | ||
164 | */ | ||
165 | if (options.chroot_directory != NULL && | ||
166 | strcasecmp(options.chroot_directory, "none") != 0) { | ||
167 | tmp = tilde_expand_filename(options.chroot_directory, | ||
168 | pw->pw_uid); | ||
169 | chroot_path = percent_expand(tmp, "h", pw->pw_dir, | ||
170 | "u", pw->pw_name, (char *)NULL); | ||
171 | xfree(tmp); | ||
172 | xasprintf(&tmp, "%s/%s", chroot_path, shell); | ||
173 | xfree(shell); | ||
174 | shell = tmp; | ||
175 | free(chroot_path); | ||
176 | } | ||
160 | 177 | ||
161 | /* deny if shell does not exists or is not executable */ | 178 | /* deny if shell does not exists or is not executable */ |
162 | if (stat(shell, &st) != 0) { | 179 | if (stat(shell, &st) != 0) { |
163 | logit("User %.100s not allowed because shell %.100s does not exist", | 180 | logit("User %.100s not allowed because shell %.100s does not exist", |
164 | pw->pw_name, shell); | 181 | pw->pw_name, shell); |
182 | xfree(shell); | ||
165 | return 0; | 183 | return 0; |
166 | } | 184 | } |
167 | if (S_ISREG(st.st_mode) == 0 || | 185 | if (S_ISREG(st.st_mode) == 0 || |
168 | (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) { | 186 | (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) { |
169 | logit("User %.100s not allowed because shell %.100s is not executable", | 187 | logit("User %.100s not allowed because shell %.100s is not executable", |
170 | pw->pw_name, shell); | 188 | pw->pw_name, shell); |
189 | xfree(shell); | ||
171 | return 0; | 190 | return 0; |
172 | } | 191 | } |
192 | xfree(shell); | ||
173 | 193 | ||
174 | if (options.num_deny_users > 0 || options.num_allow_users > 0 || | 194 | if (options.num_deny_users > 0 || options.num_allow_users > 0 || |
175 | options.num_deny_groups > 0 || options.num_allow_groups > 0) { | 195 | options.num_deny_groups > 0 || options.num_allow_groups > 0) { |