diff options
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | auth.c | 26 |
2 files changed, 28 insertions, 3 deletions
| @@ -6,6 +6,11 @@ | |||
| 6 | sftp.c: as above, plus add -p to get/put, and shorten their arg names | 6 | sftp.c: as above, plus add -p to get/put, and shorten their arg names |
| 7 | to keep the help usage nicely aligned | 7 | to keep the help usage nicely aligned |
| 8 | ok djm | 8 | ok djm |
| 9 | - djm@cvs.openbsd.org 2010/01/13 23:47:26 | ||
| 10 | [auth.c] | ||
| 11 | when using ChrootDirectory, make sure we test for the existence of the | ||
| 12 | user's shell inside the chroot; bz #1679, patch from alex AT rtfs.hu; | ||
| 13 | ok dtucker | ||
| 9 | 14 | ||
| 10 | 20100114 | 15 | 20100114 |
| 11 | - (djm) [platform.h] Add missing prototype for | 16 | - (djm) [platform.h] Add missing prototype for |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth.c,v 1.82 2010/01/13 00:19:04 dtucker Exp $ */ | 1 | /* $OpenBSD: auth.c,v 1.83 2010/01/13 23:47:26 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -95,7 +95,7 @@ allowed_user(struct passwd * pw) | |||
| 95 | { | 95 | { |
| 96 | struct stat st; | 96 | struct stat st; |
| 97 | const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; | 97 | const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; |
| 98 | char *shell; | 98 | char *shell, *tmp, *chroot_path; |
| 99 | u_int i; | 99 | u_int i; |
| 100 | #ifdef USE_SHADOW | 100 | #ifdef USE_SHADOW |
| 101 | struct spwd *spw = NULL; | 101 | struct spwd *spw = NULL; |
| @@ -156,20 +156,40 @@ allowed_user(struct passwd * pw) | |||
| 156 | * Get the shell from the password data. An empty shell field is | 156 | * Get the shell from the password data. An empty shell field is |
| 157 | * legal, and means /bin/sh. | 157 | * legal, and means /bin/sh. |
| 158 | */ | 158 | */ |
| 159 | shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; | 159 | shell = xstrdup((pw->pw_shell[0] == '\0') ? |
| 160 | _PATH_BSHELL : pw->pw_shell); | ||
| 161 | |||
| 162 | /* | ||
| 163 | * Amend shell if chroot is requested. | ||
| 164 | */ | ||
| 165 | if (options.chroot_directory != NULL && | ||
| 166 | strcasecmp(options.chroot_directory, "none") != 0) { | ||
| 167 | tmp = tilde_expand_filename(options.chroot_directory, | ||
| 168 | pw->pw_uid); | ||
| 169 | chroot_path = percent_expand(tmp, "h", pw->pw_dir, | ||
| 170 | "u", pw->pw_name, (char *)NULL); | ||
| 171 | xfree(tmp); | ||
| 172 | xasprintf(&tmp, "%s/%s", chroot_path, shell); | ||
| 173 | xfree(shell); | ||
| 174 | shell = tmp; | ||
| 175 | free(chroot_path); | ||
| 176 | } | ||
| 160 | 177 | ||
| 161 | /* deny if shell does not exists or is not executable */ | 178 | /* deny if shell does not exists or is not executable */ |
| 162 | if (stat(shell, &st) != 0) { | 179 | if (stat(shell, &st) != 0) { |
| 163 | logit("User %.100s not allowed because shell %.100s does not exist", | 180 | logit("User %.100s not allowed because shell %.100s does not exist", |
| 164 | pw->pw_name, shell); | 181 | pw->pw_name, shell); |
| 182 | xfree(shell); | ||
| 165 | return 0; | 183 | return 0; |
| 166 | } | 184 | } |
| 167 | if (S_ISREG(st.st_mode) == 0 || | 185 | if (S_ISREG(st.st_mode) == 0 || |
| 168 | (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) { | 186 | (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) { |
| 169 | logit("User %.100s not allowed because shell %.100s is not executable", | 187 | logit("User %.100s not allowed because shell %.100s is not executable", |
| 170 | pw->pw_name, shell); | 188 | pw->pw_name, shell); |
| 189 | xfree(shell); | ||
| 171 | return 0; | 190 | return 0; |
| 172 | } | 191 | } |
| 192 | xfree(shell); | ||
| 173 | 193 | ||
| 174 | if (options.num_deny_users > 0 || options.num_allow_users > 0 || | 194 | if (options.num_deny_users > 0 || options.num_allow_users > 0 || |
| 175 | options.num_deny_groups > 0 || options.num_allow_groups > 0) { | 195 | options.num_deny_groups > 0 || options.num_allow_groups > 0) { |