summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog4
-rw-r--r--auth.c57
2 files changed, 25 insertions, 36 deletions
diff --git a/ChangeLog b/ChangeLog
index 872f06e9f..db0b19df4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -27,6 +27,10 @@
27 - djm@cvs.openbsd.org 2010/02/09 03:56:28 27 - djm@cvs.openbsd.org 2010/02/09 03:56:28
28 [buffer.c buffer.h] 28 [buffer.c buffer.h]
29 constify the arguments to buffer_len, buffer_ptr and buffer_dump 29 constify the arguments to buffer_len, buffer_ptr and buffer_dump
30 - djm@cvs.openbsd.org 2010/02/09 06:18:46
31 [auth.c]
32 unbreak ChrootDirectory+internal-sftp by skipping check for executable
33 shell when chrooting; reported by danh AT wzrd.com; ok dtucker@
30 34
3120100210 3520100210
32 - (djm) add -lselinux to LIBS before calling AC_CHECK_FUNCS for 36 - (djm) add -lselinux to LIBS before calling AC_CHECK_FUNCS for
diff --git a/auth.c b/auth.c
index da87807a8..3005f815e 100644
--- a/auth.c
+++ b/auth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth.c,v 1.83 2010/01/13 23:47:26 djm Exp $ */ 1/* $OpenBSD: auth.c,v 1.84 2010/02/09 06:18:46 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -95,7 +95,6 @@ allowed_user(struct passwd * pw)
95{ 95{
96 struct stat st; 96 struct stat st;
97 const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; 97 const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL;
98 char *shell, *tmp, *chroot_path;
99 u_int i; 98 u_int i;
100#ifdef USE_SHADOW 99#ifdef USE_SHADOW
101 struct spwd *spw = NULL; 100 struct spwd *spw = NULL;
@@ -153,43 +152,29 @@ allowed_user(struct passwd * pw)
153 } 152 }
154 153
155 /* 154 /*
156 * Get the shell from the password data. An empty shell field is 155 * Deny if shell does not exist or is not executable unless we
157 * legal, and means /bin/sh. 156 * are chrooting.
158 */ 157 */
159 shell = xstrdup((pw->pw_shell[0] == '\0') ? 158 if (options.chroot_directory == NULL ||
160 _PATH_BSHELL : pw->pw_shell); 159 strcasecmp(options.chroot_directory, "none") == 0) {
161 160 char *shell = xstrdup((pw->pw_shell[0] == '\0') ?
162 /* 161 _PATH_BSHELL : pw->pw_shell); /* empty = /bin/sh */
163 * Amend shell if chroot is requested. 162
164 */ 163 if (stat(shell, &st) != 0) {
165 if (options.chroot_directory != NULL && 164 logit("User %.100s not allowed because shell %.100s "
166 strcasecmp(options.chroot_directory, "none") != 0) { 165 "does not exist", pw->pw_name, shell);
167 tmp = tilde_expand_filename(options.chroot_directory, 166 xfree(shell);
168 pw->pw_uid); 167 return 0;
169 chroot_path = percent_expand(tmp, "h", pw->pw_dir, 168 }
170 "u", pw->pw_name, (char *)NULL); 169 if (S_ISREG(st.st_mode) == 0 ||
171 xfree(tmp); 170 (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) {
172 xasprintf(&tmp, "%s/%s", chroot_path, shell); 171 logit("User %.100s not allowed because shell %.100s "
173 xfree(shell); 172 "is not executable", pw->pw_name, shell);
174 shell = tmp; 173 xfree(shell);
175 free(chroot_path); 174 return 0;
176 } 175 }
177
178 /* deny if shell does not exists or is not executable */
179 if (stat(shell, &st) != 0) {
180 logit("User %.100s not allowed because shell %.100s does not exist",
181 pw->pw_name, shell);
182 xfree(shell);
183 return 0;
184 }
185 if (S_ISREG(st.st_mode) == 0 ||
186 (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) {
187 logit("User %.100s not allowed because shell %.100s is not executable",
188 pw->pw_name, shell);
189 xfree(shell); 176 xfree(shell);
190 return 0;
191 } 177 }
192 xfree(shell);
193 178
194 if (options.num_deny_users > 0 || options.num_allow_users > 0 || 179 if (options.num_deny_users > 0 || options.num_allow_users > 0 ||
195 options.num_deny_groups > 0 || options.num_allow_groups > 0) { 180 options.num_deny_groups > 0 || options.num_allow_groups > 0) {