diff options
Diffstat (limited to 'auth.c')
-rw-r--r-- | auth.c | 18 |
1 files changed, 9 insertions, 9 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth.c,v 1.138 2019/01/19 21:41:18 djm Exp $ */ | 1 | /* $OpenBSD: auth.c,v 1.141 2019/10/02 00:42:30 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -32,6 +32,7 @@ | |||
32 | 32 | ||
33 | #include <netinet/in.h> | 33 | #include <netinet/in.h> |
34 | 34 | ||
35 | #include <stdlib.h> | ||
35 | #include <errno.h> | 36 | #include <errno.h> |
36 | #include <fcntl.h> | 37 | #include <fcntl.h> |
37 | #ifdef HAVE_PATHS_H | 38 | #ifdef HAVE_PATHS_H |
@@ -72,7 +73,6 @@ | |||
72 | #endif | 73 | #endif |
73 | #include "authfile.h" | 74 | #include "authfile.h" |
74 | #include "monitor_wrap.h" | 75 | #include "monitor_wrap.h" |
75 | #include "authfile.h" | ||
76 | #include "ssherr.h" | 76 | #include "ssherr.h" |
77 | #include "compat.h" | 77 | #include "compat.h" |
78 | #include "channels.h" | 78 | #include "channels.h" |
@@ -167,7 +167,7 @@ allowed_user(struct ssh *ssh, struct passwd * pw) | |||
167 | char *shell = xstrdup((pw->pw_shell[0] == '\0') ? | 167 | char *shell = xstrdup((pw->pw_shell[0] == '\0') ? |
168 | _PATH_BSHELL : pw->pw_shell); /* empty = /bin/sh */ | 168 | _PATH_BSHELL : pw->pw_shell); /* empty = /bin/sh */ |
169 | 169 | ||
170 | if (stat(shell, &st) != 0) { | 170 | if (stat(shell, &st) == -1) { |
171 | logit("User %.100s not allowed because shell %.100s " | 171 | logit("User %.100s not allowed because shell %.100s " |
172 | "does not exist", pw->pw_name, shell); | 172 | "does not exist", pw->pw_name, shell); |
173 | free(shell); | 173 | free(shell); |
@@ -517,7 +517,7 @@ auth_openfile(const char *file, struct passwd *pw, int strict_modes, | |||
517 | return NULL; | 517 | return NULL; |
518 | } | 518 | } |
519 | 519 | ||
520 | if (fstat(fd, &st) < 0) { | 520 | if (fstat(fd, &st) == -1) { |
521 | close(fd); | 521 | close(fd); |
522 | return NULL; | 522 | return NULL; |
523 | } | 523 | } |
@@ -746,7 +746,7 @@ remote_hostname(struct ssh *ssh) | |||
746 | fromlen = sizeof(from); | 746 | fromlen = sizeof(from); |
747 | memset(&from, 0, sizeof(from)); | 747 | memset(&from, 0, sizeof(from)); |
748 | if (getpeername(ssh_packet_get_connection_in(ssh), | 748 | if (getpeername(ssh_packet_get_connection_in(ssh), |
749 | (struct sockaddr *)&from, &fromlen) < 0) { | 749 | (struct sockaddr *)&from, &fromlen) == -1) { |
750 | debug("getpeername failed: %.100s", strerror(errno)); | 750 | debug("getpeername failed: %.100s", strerror(errno)); |
751 | return strdup(ntop); | 751 | return strdup(ntop); |
752 | } | 752 | } |
@@ -884,7 +884,7 @@ subprocess(const char *tag, struct passwd *pw, const char *command, | |||
884 | return 0; | 884 | return 0; |
885 | } | 885 | } |
886 | temporarily_use_uid(pw); | 886 | temporarily_use_uid(pw); |
887 | if (stat(av[0], &st) < 0) { | 887 | if (stat(av[0], &st) == -1) { |
888 | error("Could not stat %s \"%s\": %s", tag, | 888 | error("Could not stat %s \"%s\": %s", tag, |
889 | av[0], strerror(errno)); | 889 | av[0], strerror(errno)); |
890 | restore_uid(); | 890 | restore_uid(); |
@@ -896,7 +896,7 @@ subprocess(const char *tag, struct passwd *pw, const char *command, | |||
896 | return 0; | 896 | return 0; |
897 | } | 897 | } |
898 | /* Prepare to keep the child's stdout if requested */ | 898 | /* Prepare to keep the child's stdout if requested */ |
899 | if (pipe(p) != 0) { | 899 | if (pipe(p) == -1) { |
900 | error("%s: pipe: %s", tag, strerror(errno)); | 900 | error("%s: pipe: %s", tag, strerror(errno)); |
901 | restore_uid(); | 901 | restore_uid(); |
902 | return 0; | 902 | return 0; |
@@ -946,12 +946,12 @@ subprocess(const char *tag, struct passwd *pw, const char *command, | |||
946 | closefrom(STDERR_FILENO + 1); | 946 | closefrom(STDERR_FILENO + 1); |
947 | 947 | ||
948 | /* Don't use permanently_set_uid() here to avoid fatal() */ | 948 | /* Don't use permanently_set_uid() here to avoid fatal() */ |
949 | if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) != 0) { | 949 | if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) { |
950 | error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid, | 950 | error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid, |
951 | strerror(errno)); | 951 | strerror(errno)); |
952 | _exit(1); | 952 | _exit(1); |
953 | } | 953 | } |
954 | if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) != 0) { | 954 | if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1) { |
955 | error("%s: setresuid %u: %s", tag, (u_int)pw->pw_uid, | 955 | error("%s: setresuid %u: %s", tag, (u_int)pw->pw_uid, |
956 | strerror(errno)); | 956 | strerror(errno)); |
957 | _exit(1); | 957 | _exit(1); |