1 files changed, 26 insertions, 29 deletions

diff --git a/session.c b/session.c
index 9d43fc3c7..6250c2031 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.270 2014/01/31 16:39:19 tedu Exp $ */
+/* $OpenBSD: session.c,v 1.274 2014/07/15 15:54:14 millert Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -49,6 +49,7 @@
 #include <errno.h>
 #include <fcntl.h>
 #include <grp.h>
+#include <netdb.h>
 #ifdef HAVE_PATHS_H
 #include <paths.h>
 #endif
@@ -83,11 +84,11 @@
 #include "authfd.h"
 #include "pathnames.h"
 #include "log.h"
+#include "misc.h"
 #include "servconf.h"
 #include "sshlogin.h"
 #include "serverloop.h"
 #include "canohost.h"
-#include "misc.h"
 #include "session.h"
 #include "kex.h"
 #include "monitor_wrap.h"
@@ -183,7 +184,6 @@ auth_input_request_forwarding(struct passwd * pw)
 {
         Channel *nc;
         int sock = -1;
-        struct sockaddr_un sunaddr;
 
         if (auth_sock_name != NULL) {
                 error("authentication forwarding requested twice.");
@@ -209,33 +209,15 @@ auth_input_request_forwarding(struct passwd * pw)
         xasprintf(&auth_sock_name, "%s/agent.%ld",
             auth_sock_dir, (long) getpid());
 
-        /* Create the socket. */
-        sock = socket(AF_UNIX, SOCK_STREAM, 0);
-        if (sock < 0) {
-                error("socket: %.100s", strerror(errno));
-                restore_uid();
-                goto authsock_err;
-        }
-
-        /* Bind it to the name. */
-        memset(&sunaddr, 0, sizeof(sunaddr));
-        sunaddr.sun_family = AF_UNIX;
-        strlcpy(sunaddr.sun_path, auth_sock_name, sizeof(sunaddr.sun_path));
-
-        if (bind(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0) {
-                error("bind: %.100s", strerror(errno));
-                restore_uid();
-                goto authsock_err;
-        }
+        /* Start a Unix listener on auth_sock_name. */
+        sock = unix_listener(auth_sock_name, SSH_LISTEN_BACKLOG, 0);
 
         /* Restore the privileged uid. */
         restore_uid();
 
-        /* Start listening on the socket. */
-        if (listen(sock, SSH_LISTEN_BACKLOG) < 0) {
-                error("listen: %.100s", strerror(errno));
+        /* Check for socket/bind/listen failure. */
+        if (sock < 0)
                 goto authsock_err;
-        }
 
         /* Allocate a channel for the authentication agent socket. */
         nc = channel_new("auth socket",
@@ -274,6 +256,7 @@ do_authenticated(Authctxt *authctxt)
         setproctitle("%s", authctxt->pw->pw_name);
 
         /* setup the channel layer */
+        /* XXX - streamlocal? */
         if (no_port_forwarding_flag ||
             (options.allow_tcp_forwarding & FORWARD_LOCAL) == 0)
                 channel_disable_adm_local_opens();
@@ -393,7 +376,7 @@ do_authenticated1(Authctxt *authctxt)
                         }
                         debug("Received TCP/IP port forwarding request.");
                         if (channel_input_port_forward_request(s->pw->pw_uid == 0,
-                            options.gateway_ports) < 0) {
+                            &options.fwd_opts) < 0) {
                                 debug("Port forwarding failed.");
                                 break;
                         }
@@ -1367,7 +1350,8 @@ do_rc_files(Session *s, const char *shell)
 
         /* ignore _PATH_SSH_USER_RC for subsystems and admin forced commands */
         if (!s->is_subsystem && options.adm_forced_command == NULL &&
-            !no_user_rc && stat(_PATH_SSH_USER_RC, &st) >= 0) {
+            !no_user_rc && options.permit_user_rc &&
+            stat(_PATH_SSH_USER_RC, &st) >= 0) {
                 snprintf(cmd, sizeof cmd, "%s -c '%s %s'",
                     shell, _PATH_BSHELL, _PATH_SSH_USER_RC);
                 if (debug_flag)
@@ -1514,6 +1498,9 @@ void
 do_setusercontext(struct passwd *pw, const char *role)
 {
         char *chroot_path, *tmp;
+#ifdef USE_LIBIAF
+        int doing_chroot = 0;
+#endif
 
         platform_setusercontext(pw);
 
@@ -1553,6 +1540,9 @@ do_setusercontext(struct passwd *pw, const char *role)
                         /* Make sure we don't attempt to chroot again */
                         free(options.chroot_directory);
                         options.chroot_directory = NULL;
+#ifdef USE_LIBIAF
+                        doing_chroot = 1;
+#endif
                 }
 
 #ifdef HAVE_LOGIN_CAP
@@ -1567,7 +1557,14 @@ do_setusercontext(struct passwd *pw, const char *role)
                 (void) setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUMASK);
 #else
 # ifdef USE_LIBIAF
-        if (set_id(pw->pw_name) != 0) {
+/* In a chroot environment, the set_id() will always fail; typically 
+ * because of the lack of necessary authentication services and runtime
+ * such as ./usr/lib/libiaf.so, ./usr/lib/libpam.so.1, and ./etc/passwd
+ * We skip it in the internal sftp chroot case.
+ * We'll lose auditing and ACLs but permanently_set_uid will
+ * take care of the rest.
+ */
+        if ((doing_chroot == 0) && set_id(pw->pw_name) != 0) {
                 fatal("set_id(%s) Failed", pw->pw_name);
         }
 # endif /* USE_LIBIAF */
@@ -2653,7 +2650,7 @@ session_setup_x11fwd(Session *s)
 {
         struct stat st;
         char display[512], auth_display[512];
-        char hostname[MAXHOSTNAMELEN];
+        char hostname[NI_MAXHOST];
         u_int i;
 
         if (no_x11_forwarding_flag) {