diff options
| -rw-r--r-- | ChangeLog | 12 | ||||
| -rw-r--r-- | auth.c | 12 | ||||
| -rw-r--r-- | sshconnect.c | 2 |
3 files changed, 23 insertions, 3 deletions
| @@ -1,3 +1,15 @@ | |||
| 1 | 20000518 | ||
| 2 | - Include Andre Lucas' fixprogs script. Forgot to "cvs add" it yesterday | ||
| 3 | - OpenBSD CVS updates: | ||
| 4 | - markus@cvs.openbsd.org | ||
| 5 | [sshconnect.c] | ||
| 6 | copy only ai_addrlen bytes; misiek@pld.org.pl | ||
| 7 | [auth.c] | ||
| 8 | accept an empty shell in authentication; bug reported by | ||
| 9 | chris@tinker.ucr.edu | ||
| 10 | [serverloop.c] | ||
| 11 | we don't have stderr for interactive terminal sessions (fcntl errors) | ||
| 12 | |||
| 1 | 20000517 | 13 | 20000517 |
| 2 | - Fix from Andre Lucas <andre.lucas@dial.pipex.com> | 14 | - Fix from Andre Lucas <andre.lucas@dial.pipex.com> |
| 3 | - Fixes command line printing segfaults (spotter: Bladt Norbert) | 15 | - Fixes command line printing segfaults (spotter: Bladt Norbert) |
| @@ -5,7 +5,7 @@ | |||
| 5 | */ | 5 | */ |
| 6 | 6 | ||
| 7 | #include "includes.h" | 7 | #include "includes.h" |
| 8 | RCSID("$OpenBSD: auth.c,v 1.6 2000/04/26 21:28:31 markus Exp $"); | 8 | RCSID("$OpenBSD: auth.c,v 1.7 2000/05/17 21:37:24 deraadt Exp $"); |
| 9 | 9 | ||
| 10 | #include "xmalloc.h" | 10 | #include "xmalloc.h" |
| 11 | #include "rsa.h" | 11 | #include "rsa.h" |
| @@ -48,6 +48,7 @@ allowed_user(struct passwd * pw) | |||
| 48 | { | 48 | { |
| 49 | struct stat st; | 49 | struct stat st; |
| 50 | struct group *grp; | 50 | struct group *grp; |
| 51 | char *shell; | ||
| 51 | int i; | 52 | int i; |
| 52 | #ifdef WITH_AIXAUTHENTICATE | 53 | #ifdef WITH_AIXAUTHENTICATE |
| 53 | char *loginmsg; | 54 | char *loginmsg; |
| @@ -58,7 +59,14 @@ allowed_user(struct passwd * pw) | |||
| 58 | return 0; | 59 | return 0; |
| 59 | 60 | ||
| 60 | /* deny if shell does not exists or is not executable */ | 61 | /* deny if shell does not exists or is not executable */ |
| 61 | if (stat(pw->pw_shell, &st) != 0) | 62 | /* |
| 63 | * Get the shell from the password data. An empty shell field is | ||
| 64 | * legal, and means /bin/sh. | ||
| 65 | */ | ||
| 66 | shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; | ||
| 67 | |||
| 68 | /* deny if shell does not exists or is not executable */ | ||
| 69 | if (stat(shell, &st) != 0) | ||
| 62 | return 0; | 70 | return 0; |
| 63 | if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)))) | 71 | if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)))) |
| 64 | return 0; | 72 | return 0; |
diff --git a/sshconnect.c b/sshconnect.c index 40e359ceb..bf00159b3 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
| @@ -8,7 +8,7 @@ | |||
| 8 | */ | 8 | */ |
| 9 | 9 | ||
| 10 | #include "includes.h" | 10 | #include "includes.h" |
| 11 | RCSID("$OpenBSD: sshconnect.c,v 1.73 2000/05/17 08:20:15 markus Exp $"); | 11 | RCSID("$OpenBSD: sshconnect.c,v 1.74 2000/05/17 16:57:02 markus Exp $"); |
| 12 | 12 | ||
| 13 | #include <openssl/bn.h> | 13 | #include <openssl/bn.h> |
| 14 | #include <openssl/dsa.h> | 14 | #include <openssl/dsa.h> |