diff options
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | auth.c | 5 | ||||
| -rw-r--r-- | auth1.c | 22 | ||||
| -rw-r--r-- | auth2.c | 10 |
4 files changed, 15 insertions, 27 deletions
| @@ -94,6 +94,9 @@ | |||
| 94 | sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c sshconnect2.c sshd.c | 94 | sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c sshconnect2.c sshd.c |
| 95 | ttymodes.c] | 95 | ttymodes.c] |
| 96 | KNF whitespace | 96 | KNF whitespace |
| 97 | - markus@cvs.openbsd.org 2002/03/19 14:27:39 | ||
| 98 | [auth.c auth1.c auth2.c] | ||
| 99 | make getpwnamallow() allways call pwcopy() | ||
| 97 | 100 | ||
| 98 | 20020317 | 101 | 20020317 |
| 99 | - (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is wanted, | 102 | - (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is wanted, |
| @@ -7940,4 +7943,4 @@ | |||
| 7940 | - Wrote replacements for strlcpy and mkdtemp | 7943 | - Wrote replacements for strlcpy and mkdtemp |
| 7941 | - Released 1.0pre1 | 7944 | - Released 1.0pre1 |
| 7942 | 7945 | ||
| 7943 | $Id: ChangeLog,v 1.1951 2002/03/22 02:54:23 mouring Exp $ | 7946 | $Id: ChangeLog,v 1.1952 2002/03/22 03:04:08 mouring Exp $ |
| @@ -23,7 +23,7 @@ | |||
| 23 | */ | 23 | */ |
| 24 | 24 | ||
| 25 | #include "includes.h" | 25 | #include "includes.h" |
| 26 | RCSID("$OpenBSD: auth.c,v 1.39 2002/03/19 10:49:35 markus Exp $"); | 26 | RCSID("$OpenBSD: auth.c,v 1.40 2002/03/19 14:27:39 markus Exp $"); |
| 27 | 27 | ||
| 28 | #ifdef HAVE_LOGIN_H | 28 | #ifdef HAVE_LOGIN_H |
| 29 | #include <login.h> | 29 | #include <login.h> |
| @@ -48,6 +48,7 @@ RCSID("$OpenBSD: auth.c,v 1.39 2002/03/19 10:49:35 markus Exp $"); | |||
| 48 | #include "bufaux.h" | 48 | #include "bufaux.h" |
| 49 | #include "uidswap.h" | 49 | #include "uidswap.h" |
| 50 | #include "tildexpand.h" | 50 | #include "tildexpand.h" |
| 51 | #include "misc.h" | ||
| 51 | 52 | ||
| 52 | /* import */ | 53 | /* import */ |
| 53 | extern ServerOptions options; | 54 | extern ServerOptions options; |
| @@ -469,5 +470,5 @@ getpwnamallow(const char *user) | |||
| 469 | auth_close(as); | 470 | auth_close(as); |
| 470 | #endif | 471 | #endif |
| 471 | #endif | 472 | #endif |
| 472 | return (pw); | 473 | return (pwcopy(pw)); |
| 473 | } | 474 | } |
| @@ -10,7 +10,7 @@ | |||
| 10 | */ | 10 | */ |
| 11 | 11 | ||
| 12 | #include "includes.h" | 12 | #include "includes.h" |
| 13 | RCSID("$OpenBSD: auth1.c,v 1.38 2002/03/18 17:50:31 provos Exp $"); | 13 | RCSID("$OpenBSD: auth1.c,v 1.39 2002/03/19 14:27:39 markus Exp $"); |
| 14 | 14 | ||
| 15 | #include "xmalloc.h" | 15 | #include "xmalloc.h" |
| 16 | #include "rsa.h" | 16 | #include "rsa.h" |
| @@ -24,7 +24,6 @@ RCSID("$OpenBSD: auth1.c,v 1.38 2002/03/18 17:50:31 provos Exp $"); | |||
| 24 | #include "auth.h" | 24 | #include "auth.h" |
| 25 | #include "channels.h" | 25 | #include "channels.h" |
| 26 | #include "session.h" | 26 | #include "session.h" |
| 27 | #include "misc.h" | ||
| 28 | #include "uidswap.h" | 27 | #include "uidswap.h" |
| 29 | #include "monitor_wrap.h" | 28 | #include "monitor_wrap.h" |
| 30 | 29 | ||
| @@ -359,7 +358,6 @@ Authctxt * | |||
| 359 | do_authentication(void) | 358 | do_authentication(void) |
| 360 | { | 359 | { |
| 361 | Authctxt *authctxt; | 360 | Authctxt *authctxt; |
| 362 | struct passwd *pw = NULL, *pwent; | ||
| 363 | u_int ulen; | 361 | u_int ulen; |
| 364 | char *p, *user, *style = NULL; | 362 | char *p, *user, *style = NULL; |
| 365 | 363 | ||
| @@ -382,21 +380,12 @@ do_authentication(void) | |||
| 382 | authctxt->style = style; | 380 | authctxt->style = style; |
| 383 | 381 | ||
| 384 | /* Verify that the user is a valid user. */ | 382 | /* Verify that the user is a valid user. */ |
| 385 | pwent = PRIVSEP(getpwnamallow(user)); | 383 | if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL) |
| 386 | if (pwent) { | ||
| 387 | authctxt->valid = 1; | 384 | authctxt->valid = 1; |
| 388 | pw = pwcopy(pwent); | 385 | else |
| 389 | } else { | ||
| 390 | debug("do_authentication: illegal user %s", user); | 386 | debug("do_authentication: illegal user %s", user); |
| 391 | pw = NULL; | ||
| 392 | } | ||
| 393 | /* Free memory */ | ||
| 394 | if (use_privsep && pwent != NULL) | ||
| 395 | pwfree(pwent); | ||
| 396 | |||
| 397 | authctxt->pw = pw; | ||
| 398 | 387 | ||
| 399 | setproctitle("%s%s", pw ? user : "unknown", | 388 | setproctitle("%s%s", authctxt->pw ? user : "unknown", |
| 400 | use_privsep ? " [net]" : ""); | 389 | use_privsep ? " [net]" : ""); |
| 401 | 390 | ||
| 402 | #ifdef USE_PAM | 391 | #ifdef USE_PAM |
| @@ -408,7 +397,8 @@ do_authentication(void) | |||
| 408 | * the server. (Unless you are running Windows) | 397 | * the server. (Unless you are running Windows) |
| 409 | */ | 398 | */ |
| 410 | #ifndef HAVE_CYGWIN | 399 | #ifndef HAVE_CYGWIN |
| 411 | if (!use_privsep && getuid() != 0 && pw && pw->pw_uid != getuid()) | 400 | if (!use_privsep && getuid() != 0 && authctxt->pw && |
| 401 | authctxt->pw->pw_uid != getuid()) | ||
| 412 | packet_disconnect("Cannot change user when server not running as root."); | 402 | packet_disconnect("Cannot change user when server not running as root."); |
| 413 | #endif | 403 | #endif |
| 414 | 404 | ||
| @@ -23,7 +23,7 @@ | |||
| 23 | */ | 23 | */ |
| 24 | 24 | ||
| 25 | #include "includes.h" | 25 | #include "includes.h" |
| 26 | RCSID("$OpenBSD: auth2.c,v 1.88 2002/03/18 17:50:31 provos Exp $"); | 26 | RCSID("$OpenBSD: auth2.c,v 1.89 2002/03/19 14:27:39 markus Exp $"); |
| 27 | 27 | ||
| 28 | #include <openssl/evp.h> | 28 | #include <openssl/evp.h> |
| 29 | 29 | ||
| @@ -47,7 +47,6 @@ RCSID("$OpenBSD: auth2.c,v 1.88 2002/03/18 17:50:31 provos Exp $"); | |||
| 47 | #include "pathnames.h" | 47 | #include "pathnames.h" |
| 48 | #include "uidswap.h" | 48 | #include "uidswap.h" |
| 49 | #include "auth-options.h" | 49 | #include "auth-options.h" |
| 50 | #include "misc.h" | ||
| 51 | #include "hostfile.h" | 50 | #include "hostfile.h" |
| 52 | #include "canohost.h" | 51 | #include "canohost.h" |
| 53 | #include "match.h" | 52 | #include "match.h" |
| @@ -200,16 +199,11 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) | |||
| 200 | start_pam("NOUSER"); | 199 | start_pam("NOUSER"); |
| 201 | #endif | 200 | #endif |
| 202 | } | 201 | } |
| 203 | /* Free memory */ | 202 | setproctitle("%s%s", authctxt->pw ? user : "unknown", |
| 204 | if (use_privsep && pw != NULL) | ||
| 205 | pwfree(pw); | ||
| 206 | |||
| 207 | setproctitle("%s%s", pw ? user : "unknown", | ||
| 208 | use_privsep ? " [net]" : ""); | 203 | use_privsep ? " [net]" : ""); |
| 209 | authctxt->user = xstrdup(user); | 204 | authctxt->user = xstrdup(user); |
| 210 | authctxt->service = xstrdup(service); | 205 | authctxt->service = xstrdup(service); |
| 211 | authctxt->style = style ? xstrdup(style) : NULL; | 206 | authctxt->style = style ? xstrdup(style) : NULL; |
| 212 | |||
| 213 | if (use_privsep) | 207 | if (use_privsep) |
| 214 | mm_inform_authserv(service, style); | 208 | mm_inform_authserv(service, style); |
| 215 | } else if (strcmp(user, authctxt->user) != 0 || | 209 | } else if (strcmp(user, authctxt->user) != 0 || |