1 files changed, 130 insertions, 2 deletions
diff --git a/platform.c b/platform.c
index e3a428aaa..a455472b3 100644
--- a/platform.c
+++ b/platform.c
@@ -1,4 +1,4 @@
-/* $Id: platform.c,v 1.3 2009/12/20 23:49:22 dtucker Exp $ */
+/* $Id: platform.c,v 1.18 2011/01/11 06:02:25 djm Exp $ */
 /*
 * Copyright (c) 2006 Darren Tucker.  All rights reserved.
@@ -16,11 +16,27 @@
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */
-#include "config.h"
+#include "includes.h"
+#include <sys/types.h>
+#include <stdarg.h>
+#include <unistd.h>
+#include "log.h"
+#include "buffer.h"
+#include "servconf.h"
+#include "key.h"
+#include "hostfile.h"
+#include "auth.h"
+#include "auth-pam.h"
 #include "platform.h"
 #include "openbsd-compat/openbsd-compat.h"
+extern int use_privsep;
+extern ServerOptions options;
 void
 platform_pre_listen(void)
 {
@@ -57,6 +73,118 @@ platform_post_fork_child(void)
 #endif
 }
+/* return 1 if we are running with privilege to swap UIDs, 0 otherwise */
+int
+platform_privileged_uidswap(void)
+{
+#ifdef HAVE_CYGWIN
+        /* uid 0 is not special on Cygwin so always try */
+        return 1;
+#else
+        return (getuid() == 0 || geteuid() == 0);
+#endif
+}
+/*
+ * This gets called before switching UIDs, and is called even when sshd is
+ * not running as root.
+ */
+void
+platform_setusercontext(struct passwd *pw)
+{
+#ifdef WITH_SELINUX
+        /* Cache selinux status for later use */
+        (void)ssh_selinux_enabled();
+#endif
+#ifdef USE_SOLARIS_PROJECTS
+        /* if solaris projects were detected, set the default now */
+        if (getuid() == 0 || geteuid() == 0)
+                solaris_set_default_project(pw);
+#endif
+#if defined(HAVE_LOGIN_CAP) && defined (__bsdi__)
+        if (getuid() == 0 || geteuid() == 0)
+                setpgid(0, 0);
+# endif
+#if defined(HAVE_LOGIN_CAP) && defined(USE_PAM)
+        /*
+         * If we have both LOGIN_CAP and PAM, we want to establish creds
+         * before calling setusercontext (in session.c:do_setusercontext).
+         */
+        if (getuid() == 0 || geteuid() == 0) {
+                if (options.use_pam) {
+                        do_pam_setcred(use_privsep);
+                }
+        }
+# endif /* USE_PAM */
+#if !defined(HAVE_LOGIN_CAP) && defined(HAVE_GETLUID) && defined(HAVE_SETLUID)
+        if (getuid() == 0 || geteuid() == 0) {
+                /* Sets login uid for accounting */
+                if (getluid() == -1 && setluid(pw->pw_uid) == -1)
+                        error("setluid: %s", strerror(errno));
+        }
+#endif
+}
+/*
+ * This gets called after we've established the user's groups, and is only
+ * called if sshd is running as root.
+ */
+void
+platform_setusercontext_post_groups(struct passwd *pw)
+{
+#if !defined(HAVE_LOGIN_CAP) && defined(USE_PAM)
+        /*
+         * PAM credentials may take the form of supplementary groups.
+         * These will have been wiped by the above initgroups() call.
+         * Reestablish them here.
+         */
+        if (options.use_pam) {
+                do_pam_setcred(use_privsep);
+        }
+#endif /* USE_PAM */
+#if !defined(HAVE_LOGIN_CAP) && (defined(WITH_IRIX_PROJECT) || \
+    defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY))
+        irix_setusercontext(pw);
+#endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */
+#ifdef _AIX
+        aix_usrinfo(pw);
+#endif /* _AIX */
+#if !defined(HAVE_LOGIN_CAP) && defined(USE_LIBIAF)
+        if (set_id(pw->pw_name) != 0) {
+                exit(1);
+        }
+# endif /* USE_LIBIAF */
+#ifdef HAVE_SETPCRED
+        /*
+         * If we have a chroot directory, we set all creds except real
+         * uid which we will need for chroot.  If we don't have a
+         * chroot directory, we don't override anything.
+         */
+        {
+                char **creds = NULL, *chroot_creds[] =
+                    { "REAL_USER=root", NULL };
+                if (options.chroot_directory != NULL &&
+                    strcasecmp(options.chroot_directory, "none") != 0)
+                        creds = chroot_creds;
+                if (setpcred(pw->pw_name, creds) == -1)
+                        fatal("Failed to set process credentials");
+        }
+#endif /* HAVE_SETPCRED */
+#ifdef WITH_SELINUX
+        ssh_selinux_setup_exec_context(pw->pw_name);
+#endif
+}
 char *
 platform_krb5_get_principal_name(const char *pw_name)
 {

diff --git a/platform.c b/platform.c index e3a428aaa..a455472b3 100644 --- a/platform.c +++ b/platform.c
@@ -1,4 +1,4 @@
1	/* $Id: platform.c,v 1.3 2009/12/20 23:49:22 dtucker Exp $ */	1	/* $Id: platform.c,v 1.18 2011/01/11 06:02:25 djm Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 2006 Darren Tucker. All rights reserved.	4	* Copyright (c) 2006 Darren Tucker. All rights reserved.
@@ -16,11 +16,27 @@
16	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.	16	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17	*/	17	*/
18		18
19	#include "config.h"	19	#include "includes.h"
		20
		21	#include <sys/types.h>
		22
		23	#include <stdarg.h>
		24	#include <unistd.h>
		25
		26	#include "log.h"
		27	#include "buffer.h"
		28	#include "servconf.h"
		29	#include "key.h"
		30	#include "hostfile.h"
		31	#include "auth.h"
		32	#include "auth-pam.h"
20	#include "platform.h"	33	#include "platform.h"
21		34
22	#include "openbsd-compat/openbsd-compat.h"	35	#include "openbsd-compat/openbsd-compat.h"
23		36
		37	extern int use_privsep;
		38	extern ServerOptions options;
		39
24	void	40	void
25	platform_pre_listen(void)	41	platform_pre_listen(void)
26	{	42	{
@@ -57,6 +73,118 @@ platform_post_fork_child(void)
57	#endif	73	#endif
58	}	74	}
59		75
		76	/* return 1 if we are running with privilege to swap UIDs, 0 otherwise */
		77	int
		78	platform_privileged_uidswap(void)
		79	{
		80	#ifdef HAVE_CYGWIN
		81	/* uid 0 is not special on Cygwin so always try */
		82	return 1;
		83	#else
		84	return (getuid() == 0 \|\| geteuid() == 0);
		85	#endif
		86	}
		87
		88	/*
		89	* This gets called before switching UIDs, and is called even when sshd is
		90	* not running as root.
		91	*/
		92	void
		93	platform_setusercontext(struct passwd *pw)
		94	{
		95	#ifdef WITH_SELINUX
		96	/* Cache selinux status for later use */
		97	(void)ssh_selinux_enabled();
		98	#endif
		99
		100	#ifdef USE_SOLARIS_PROJECTS
		101	/* if solaris projects were detected, set the default now */
		102	if (getuid() == 0 \|\| geteuid() == 0)
		103	solaris_set_default_project(pw);
		104	#endif
		105
		106	#if defined(HAVE_LOGIN_CAP) && defined (__bsdi__)
		107	if (getuid() == 0 \|\| geteuid() == 0)
		108	setpgid(0, 0);
		109	# endif
		110
		111	#if defined(HAVE_LOGIN_CAP) && defined(USE_PAM)
		112	/*
		113	* If we have both LOGIN_CAP and PAM, we want to establish creds
		114	* before calling setusercontext (in session.c:do_setusercontext).
		115	*/
		116	if (getuid() == 0 \|\| geteuid() == 0) {
		117	if (options.use_pam) {
		118	do_pam_setcred(use_privsep);
		119	}
		120	}
		121	# endif /* USE_PAM */
		122
		123	#if !defined(HAVE_LOGIN_CAP) && defined(HAVE_GETLUID) && defined(HAVE_SETLUID)
		124	if (getuid() == 0 \|\| geteuid() == 0) {
		125	/* Sets login uid for accounting */
		126	if (getluid() == -1 && setluid(pw->pw_uid) == -1)
		127	error("setluid: %s", strerror(errno));
		128	}
		129	#endif
		130	}
		131
		132	/*
		133	* This gets called after we've established the user's groups, and is only
		134	* called if sshd is running as root.
		135	*/
		136	void
		137	platform_setusercontext_post_groups(struct passwd *pw)
		138	{
		139	#if !defined(HAVE_LOGIN_CAP) && defined(USE_PAM)
		140	/*
		141	* PAM credentials may take the form of supplementary groups.
		142	* These will have been wiped by the above initgroups() call.
		143	* Reestablish them here.
		144	*/
		145	if (options.use_pam) {
		146	do_pam_setcred(use_privsep);
		147	}
		148	#endif /* USE_PAM */
		149
		150	#if !defined(HAVE_LOGIN_CAP) && (defined(WITH_IRIX_PROJECT) \|\| \
		151	defined(WITH_IRIX_JOBS) \|\| defined(WITH_IRIX_ARRAY))
		152	irix_setusercontext(pw);
		153	#endif /* defined(WITH_IRIX_PROJECT) \|\| defined(WITH_IRIX_JOBS) \|\| defined(WITH_IRIX_ARRAY) */
		154
		155	#ifdef _AIX
		156	aix_usrinfo(pw);
		157	#endif /* _AIX */
		158
		159	#if !defined(HAVE_LOGIN_CAP) && defined(USE_LIBIAF)
		160	if (set_id(pw->pw_name) != 0) {
		161	exit(1);
		162	}
		163	# endif /* USE_LIBIAF */
		164
		165	#ifdef HAVE_SETPCRED
		166	/*
		167	* If we have a chroot directory, we set all creds except real
		168	* uid which we will need for chroot. If we don't have a
		169	* chroot directory, we don't override anything.
		170	*/
		171	{
		172	char *creds = NULL, chroot_creds[] =
		173	{ "REAL_USER=root", NULL };
		174
		175	if (options.chroot_directory != NULL &&
		176	strcasecmp(options.chroot_directory, "none") != 0)
		177	creds = chroot_creds;
		178
		179	if (setpcred(pw->pw_name, creds) == -1)
		180	fatal("Failed to set process credentials");
		181	}
		182	#endif /* HAVE_SETPCRED */
		183	#ifdef WITH_SELINUX
		184	ssh_selinux_setup_exec_context(pw->pw_name);
		185	#endif
		186	}
		187
60	char *	188	char *
61	platform_krb5_get_principal_name(const char *pw_name)	189	platform_krb5_get_principal_name(const char *pw_name)
62	{	190	{