summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog5
-rw-r--r--auth.c26
2 files changed, 28 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog
index 088af5f26..8a324f350 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,11 @@
6 sftp.c: as above, plus add -p to get/put, and shorten their arg names 6 sftp.c: as above, plus add -p to get/put, and shorten their arg names
7 to keep the help usage nicely aligned 7 to keep the help usage nicely aligned
8 ok djm 8 ok djm
9 - djm@cvs.openbsd.org 2010/01/13 23:47:26
10 [auth.c]
11 when using ChrootDirectory, make sure we test for the existence of the
12 user's shell inside the chroot; bz #1679, patch from alex AT rtfs.hu;
13 ok dtucker
9 14
1020100114 1520100114
11 - (djm) [platform.h] Add missing prototype for 16 - (djm) [platform.h] Add missing prototype for
diff --git a/auth.c b/auth.c
index 3dc116907..da87807a8 100644
--- a/auth.c
+++ b/auth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth.c,v 1.82 2010/01/13 00:19:04 dtucker Exp $ */ 1/* $OpenBSD: auth.c,v 1.83 2010/01/13 23:47:26 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -95,7 +95,7 @@ allowed_user(struct passwd * pw)
95{ 95{
96 struct stat st; 96 struct stat st;
97 const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; 97 const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL;
98 char *shell; 98 char *shell, *tmp, *chroot_path;
99 u_int i; 99 u_int i;
100#ifdef USE_SHADOW 100#ifdef USE_SHADOW
101 struct spwd *spw = NULL; 101 struct spwd *spw = NULL;
@@ -156,20 +156,40 @@ allowed_user(struct passwd * pw)
156 * Get the shell from the password data. An empty shell field is 156 * Get the shell from the password data. An empty shell field is
157 * legal, and means /bin/sh. 157 * legal, and means /bin/sh.
158 */ 158 */
159 shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; 159 shell = xstrdup((pw->pw_shell[0] == '\0') ?
160 _PATH_BSHELL : pw->pw_shell);
161
162 /*
163 * Amend shell if chroot is requested.
164 */
165 if (options.chroot_directory != NULL &&
166 strcasecmp(options.chroot_directory, "none") != 0) {
167 tmp = tilde_expand_filename(options.chroot_directory,
168 pw->pw_uid);
169 chroot_path = percent_expand(tmp, "h", pw->pw_dir,
170 "u", pw->pw_name, (char *)NULL);
171 xfree(tmp);
172 xasprintf(&tmp, "%s/%s", chroot_path, shell);
173 xfree(shell);
174 shell = tmp;
175 free(chroot_path);
176 }
160 177
161 /* deny if shell does not exists or is not executable */ 178 /* deny if shell does not exists or is not executable */
162 if (stat(shell, &st) != 0) { 179 if (stat(shell, &st) != 0) {
163 logit("User %.100s not allowed because shell %.100s does not exist", 180 logit("User %.100s not allowed because shell %.100s does not exist",
164 pw->pw_name, shell); 181 pw->pw_name, shell);
182 xfree(shell);
165 return 0; 183 return 0;
166 } 184 }
167 if (S_ISREG(st.st_mode) == 0 || 185 if (S_ISREG(st.st_mode) == 0 ||
168 (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) { 186 (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) {
169 logit("User %.100s not allowed because shell %.100s is not executable", 187 logit("User %.100s not allowed because shell %.100s is not executable",
170 pw->pw_name, shell); 188 pw->pw_name, shell);
189 xfree(shell);
171 return 0; 190 return 0;
172 } 191 }
192 xfree(shell);
173 193
174 if (options.num_deny_users > 0 || options.num_allow_users > 0 || 194 if (options.num_deny_users > 0 || options.num_allow_users > 0 ||
175 options.num_deny_groups > 0 || options.num_allow_groups > 0) { 195 options.num_deny_groups > 0 || options.num_allow_groups > 0) {