diff options
Diffstat (limited to 'auth2-pubkey.c')
-rw-r--r-- | auth2-pubkey.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 8024b1d6a..5603f5ef3 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-pubkey.c,v 1.77 2018/03/03 03:15:51 djm Exp $ */ | 1 | /* $OpenBSD: auth2-pubkey.c,v 1.78 2018/06/01 03:33:53 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -387,7 +387,7 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw, | |||
387 | pid_t pid; | 387 | pid_t pid; |
388 | char *tmp, *username = NULL, *command = NULL, **av = NULL; | 388 | char *tmp, *username = NULL, *command = NULL, **av = NULL; |
389 | char *ca_fp = NULL, *key_fp = NULL, *catext = NULL, *keytext = NULL; | 389 | char *ca_fp = NULL, *key_fp = NULL, *catext = NULL, *keytext = NULL; |
390 | char serial_s[16]; | 390 | char serial_s[16], uidstr[32]; |
391 | void (*osigchld)(int); | 391 | void (*osigchld)(int); |
392 | 392 | ||
393 | if (authoptsp != NULL) | 393 | if (authoptsp != NULL) |
@@ -447,8 +447,11 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw, | |||
447 | } | 447 | } |
448 | snprintf(serial_s, sizeof(serial_s), "%llu", | 448 | snprintf(serial_s, sizeof(serial_s), "%llu", |
449 | (unsigned long long)cert->serial); | 449 | (unsigned long long)cert->serial); |
450 | snprintf(uidstr, sizeof(uidstr), "%llu", | ||
451 | (unsigned long long)user_pw->pw_uid); | ||
450 | for (i = 1; i < ac; i++) { | 452 | for (i = 1; i < ac; i++) { |
451 | tmp = percent_expand(av[i], | 453 | tmp = percent_expand(av[i], |
454 | "U", uidstr, | ||
452 | "u", user_pw->pw_name, | 455 | "u", user_pw->pw_name, |
453 | "h", user_pw->pw_dir, | 456 | "h", user_pw->pw_dir, |
454 | "t", sshkey_ssh_name(key), | 457 | "t", sshkey_ssh_name(key), |
@@ -852,7 +855,7 @@ user_key_command_allowed2(struct ssh *ssh, struct passwd *user_pw, | |||
852 | int i, uid_swapped = 0, ac = 0; | 855 | int i, uid_swapped = 0, ac = 0; |
853 | pid_t pid; | 856 | pid_t pid; |
854 | char *username = NULL, *key_fp = NULL, *keytext = NULL; | 857 | char *username = NULL, *key_fp = NULL, *keytext = NULL; |
855 | char *tmp, *command = NULL, **av = NULL; | 858 | char uidstr[32], *tmp, *command = NULL, **av = NULL; |
856 | void (*osigchld)(int); | 859 | void (*osigchld)(int); |
857 | 860 | ||
858 | if (authoptsp != NULL) | 861 | if (authoptsp != NULL) |
@@ -902,8 +905,11 @@ user_key_command_allowed2(struct ssh *ssh, struct passwd *user_pw, | |||
902 | command); | 905 | command); |
903 | goto out; | 906 | goto out; |
904 | } | 907 | } |
908 | snprintf(uidstr, sizeof(uidstr), "%llu", | ||
909 | (unsigned long long)user_pw->pw_uid); | ||
905 | for (i = 1; i < ac; i++) { | 910 | for (i = 1; i < ac; i++) { |
906 | tmp = percent_expand(av[i], | 911 | tmp = percent_expand(av[i], |
912 | "U", uidstr, | ||
907 | "u", user_pw->pw_name, | 913 | "u", user_pw->pw_name, |
908 | "h", user_pw->pw_dir, | 914 | "h", user_pw->pw_dir, |
909 | "t", sshkey_ssh_name(key), | 915 | "t", sshkey_ssh_name(key), |