From 97528353c2b4f27169ea9b81e5c4420c734ceea2 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Nov 2010 12:03:05 +1100 Subject: - (dtucker) [configure.ac platform.{c,h} session.c openbsd-compat/port-solaris.{c,h}] Bug #1824: Add Solaris Project support. Patch from cory.erickson at csu mnscu edu with a bit of rework from me. ok djm@ --- platform.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'platform.c') diff --git a/platform.c b/platform.c index e3a428aaa..c894190b2 100644 --- a/platform.c +++ b/platform.c @@ -1,4 +1,4 @@ -/* $Id: platform.c,v 1.3 2009/12/20 23:49:22 dtucker Exp $ */ +/* $Id: platform.c,v 1.4 2010/11/05 01:03:05 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -57,6 +57,16 @@ platform_post_fork_child(void) #endif } +void +platform_setusercontext(struct passwd *pw) +{ +#ifdef USE_SOLARIS_PROJECTS + /* if solaris projects were detected, set the default now */ + if (getuid() == 0 || geteuid() == 0) + solaris_set_default_project(pw); +#endif +} + char * platform_krb5_get_principal_name(const char *pw_name) { -- cgit v1.2.3 From 920612e45ae8183226e8841ff27cdc54a8287ba2 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Nov 2010 12:36:15 +1100 Subject: - (dtucker) [platform.c platform.h session.c] Add a platform hook to run after the user's groups are established and move the selinux calls into it. --- ChangeLog | 2 ++ platform.c | 23 ++++++++++++++++++++++- platform.h | 3 ++- session.c | 9 +-------- 4 files changed, 27 insertions(+), 10 deletions(-) (limited to 'platform.c') diff --git a/ChangeLog b/ChangeLog index 9622f1944..d1a0cd0fd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -24,6 +24,8 @@ openbsd-compat/port-solaris.{c,h}] Bug #1824: Add Solaris Project support. Patch from cory.erickson at csu mnscu edu with a bit of rework from me. ok djm@ + - (dtucker) [platform.c platform.h session.c] Add a platform hook to run + after the user's groups are established and move the selinux calls into it. 20101025 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with diff --git a/platform.c b/platform.c index c894190b2..730e7b718 100644 --- a/platform.c +++ b/platform.c @@ -1,4 +1,4 @@ -/* $Id: platform.c,v 1.4 2010/11/05 01:03:05 dtucker Exp $ */ +/* $Id: platform.c,v 1.5 2010/11/05 01:36:15 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -57,9 +57,18 @@ platform_post_fork_child(void) #endif } +/* + * This gets called before switching UIDs, and is called even when sshd is + * not running as root. + */ void platform_setusercontext(struct passwd *pw) { +#ifdef WITH_SELINUX + /* Cache selinux status for later use */ + (void)ssh_selinux_enabled(); +#endif + #ifdef USE_SOLARIS_PROJECTS /* if solaris projects were detected, set the default now */ if (getuid() == 0 || geteuid() == 0) @@ -67,6 +76,18 @@ platform_setusercontext(struct passwd *pw) #endif } +/* + * This gets called after we've established the user's groups, and is only + * called if sshd is running as root. + */ +void +platform_setusercontext_post_groups(struct passwd *pw) +{ +#ifdef WITH_SELINUX + ssh_selinux_setup_exec_context(pw->pw_name); +#endif +} + char * platform_krb5_get_principal_name(const char *pw_name) { diff --git a/platform.h b/platform.h index f0cdd8037..be66d55c6 100644 --- a/platform.h +++ b/platform.h @@ -1,4 +1,4 @@ -/* $Id: platform.h,v 1.5 2010/11/05 01:03:05 dtucker Exp $ */ +/* $Id: platform.h,v 1.6 2010/11/05 01:36:15 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -25,6 +25,7 @@ void platform_pre_fork(void); void platform_post_fork_parent(pid_t child_pid); void platform_post_fork_child(void); void platform_setusercontext(struct passwd *); +void platform_setusercontext_post_groups(struct passwd *); char *platform_get_krb5_client(const char *); char *platform_krb5_get_principal_name(const char *); diff --git a/session.c b/session.c index ab32bb55f..7994dd60b 100644 --- a/session.c +++ b/session.c @@ -1471,11 +1471,6 @@ do_setusercontext(struct passwd *pw) platform_setusercontext(pw); -#ifdef WITH_SELINUX - /* Cache selinux status for later use */ - (void)ssh_selinux_enabled(); -#endif - #ifndef HAVE_CYGWIN if (getuid() == 0 || geteuid() == 0) #endif /* HAVE_CYGWIN */ @@ -1554,9 +1549,7 @@ do_setusercontext(struct passwd *pw) } #endif /* HAVE_SETPCRED */ -#ifdef WITH_SELINUX - ssh_selinux_setup_exec_context(pw->pw_name); -#endif + platform_setusercontext_post_groups(pw); if (options.chroot_directory != NULL && strcasecmp(options.chroot_directory, "none") != 0) { -- cgit v1.2.3 From 4db380701d15727e43600e41a567d36177e4226e Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Nov 2010 12:41:13 +1100 Subject: - (dtucker) [platform.c session.c] Move the AIX setpcred+chroot hack into platform.c --- ChangeLog | 2 ++ platform.c | 20 +++++++++++++++++++- session.c | 18 ------------------ 3 files changed, 21 insertions(+), 19 deletions(-) (limited to 'platform.c') diff --git a/ChangeLog b/ChangeLog index d1a0cd0fd..cf6e00f6b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -26,6 +26,8 @@ ok djm@ - (dtucker) [platform.c platform.h session.c] Add a platform hook to run after the user's groups are established and move the selinux calls into it. + - (dtucker) [platform.c session.c] Move the AIX setpcred+chroot hack into + platform.c 20101025 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with diff --git a/platform.c b/platform.c index 730e7b718..1604f8b59 100644 --- a/platform.c +++ b/platform.c @@ -1,4 +1,4 @@ -/* $Id: platform.c,v 1.5 2010/11/05 01:36:15 dtucker Exp $ */ +/* $Id: platform.c,v 1.6 2010/11/05 01:41:13 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -83,6 +83,24 @@ platform_setusercontext(struct passwd *pw) void platform_setusercontext_post_groups(struct passwd *pw) { +#ifdef HAVE_SETPCRED + /* + * If we have a chroot directory, we set all creds except real + * uid which we will need for chroot. If we don't have a + * chroot directory, we don't override anything. + */ + { + char **creds = NULL, *chroot_creds[] = + { "REAL_USER=root", NULL }; + + if (options.chroot_directory != NULL && + strcasecmp(options.chroot_directory, "none") != 0) + creds = chroot_creds; + + if (setpcred(pw->pw_name, creds) == -1) + fatal("Failed to set process credentials"); + } +#endif /* HAVE_SETPCRED */ #ifdef WITH_SELINUX ssh_selinux_setup_exec_context(pw->pw_name); #endif diff --git a/session.c b/session.c index 7994dd60b..78e7c5f50 100644 --- a/session.c +++ b/session.c @@ -1530,24 +1530,6 @@ do_setusercontext(struct passwd *pw) } # endif /* USE_LIBIAF */ #endif -#ifdef HAVE_SETPCRED - /* - * If we have a chroot directory, we set all creds except real - * uid which we will need for chroot. If we don't have a - * chroot directory, we don't override anything. - */ - { - char **creds = NULL, *chroot_creds[] = - { "REAL_USER=root", NULL }; - - if (options.chroot_directory != NULL && - strcasecmp(options.chroot_directory, "none") != 0) - creds = chroot_creds; - - if (setpcred(pw->pw_name, creds) == -1) - fatal("Failed to set process credentials"); - } -#endif /* HAVE_SETPCRED */ platform_setusercontext_post_groups(pw); -- cgit v1.2.3 From 44a97be0cc3ede56663b94548806465d2b090461 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Nov 2010 12:45:18 +1100 Subject: - (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c. --- ChangeLog | 1 + platform.c | 6 +++++- session.c | 3 --- 3 files changed, 6 insertions(+), 4 deletions(-) (limited to 'platform.c') diff --git a/ChangeLog b/ChangeLog index cf6e00f6b..002c88148 100644 --- a/ChangeLog +++ b/ChangeLog @@ -28,6 +28,7 @@ after the user's groups are established and move the selinux calls into it. - (dtucker) [platform.c session.c] Move the AIX setpcred+chroot hack into platform.c + - (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c. 20101025 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with diff --git a/platform.c b/platform.c index 1604f8b59..20b478343 100644 --- a/platform.c +++ b/platform.c @@ -1,4 +1,4 @@ -/* $Id: platform.c,v 1.6 2010/11/05 01:41:13 dtucker Exp $ */ +/* $Id: platform.c,v 1.7 2010/11/05 01:45:18 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -74,6 +74,10 @@ platform_setusercontext(struct passwd *pw) if (getuid() == 0 || geteuid() == 0) solaris_set_default_project(pw); #endif + +#if defined(HAVE_LOGIN_CAP) && defined (__bsdi__) + setpgid(0, 0); +# endif } /* diff --git a/session.c b/session.c index 78e7c5f50..0775d78d2 100644 --- a/session.c +++ b/session.c @@ -1476,9 +1476,6 @@ do_setusercontext(struct passwd *pw) #endif /* HAVE_CYGWIN */ { #ifdef HAVE_LOGIN_CAP -# ifdef __bsdi__ - setpgid(0, 0); -# endif # ifdef USE_PAM if (options.use_pam) { do_pam_setcred(use_privsep); -- cgit v1.2.3 From fd4d8aa2cbe0acad520ab168656759cb46054c03 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Nov 2010 12:50:41 +1100 Subject: - (dtucker) [platform.c] Only call setpgrp on BSDI if running as root to retain previous behavior. --- ChangeLog | 2 ++ platform.c | 5 +++-- 2 files changed, 5 insertions(+), 2 deletions(-) (limited to 'platform.c') diff --git a/ChangeLog b/ChangeLog index 002c88148..3f415d7dc 100644 --- a/ChangeLog +++ b/ChangeLog @@ -29,6 +29,8 @@ - (dtucker) [platform.c session.c] Move the AIX setpcred+chroot hack into platform.c - (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c. + - (dtucker) [platform.c] Only call setpgrp on BSDI if running as root to + retain previous behavior. 20101025 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with diff --git a/platform.c b/platform.c index 20b478343..570f130ae 100644 --- a/platform.c +++ b/platform.c @@ -1,4 +1,4 @@ -/* $Id: platform.c,v 1.7 2010/11/05 01:45:18 dtucker Exp $ */ +/* $Id: platform.c,v 1.8 2010/11/05 01:50:41 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -76,7 +76,8 @@ platform_setusercontext(struct passwd *pw) #endif #if defined(HAVE_LOGIN_CAP) && defined (__bsdi__) - setpgid(0, 0); + if (getuid() == 0 || geteuid() == 0) + setpgid(0, 0); # endif } -- cgit v1.2.3 From 728d8371a1dc1b615284ece94b0085897b4c0b51 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Nov 2010 13:00:05 +1100 Subject: - (dtucker) [platform.c session.c] Move the PAM credential establishment for the LOGIN_CAP case into platform.c. --- ChangeLog | 2 ++ platform.c | 16 +++++++++++++++- session.c | 5 ----- 3 files changed, 17 insertions(+), 6 deletions(-) (limited to 'platform.c') diff --git a/ChangeLog b/ChangeLog index 3f415d7dc..909b9fc59 100644 --- a/ChangeLog +++ b/ChangeLog @@ -31,6 +31,8 @@ - (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c. - (dtucker) [platform.c] Only call setpgrp on BSDI if running as root to retain previous behavior. + - (dtucker) [platform.c session.c] Move the PAM credential establishment for + the LOGIN_CAP case into platform.c. 20101025 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with diff --git a/platform.c b/platform.c index 570f130ae..0335eaae6 100644 --- a/platform.c +++ b/platform.c @@ -1,4 +1,4 @@ -/* $Id: platform.c,v 1.8 2010/11/05 01:50:41 dtucker Exp $ */ +/* $Id: platform.c,v 1.9 2010/11/05 02:00:05 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -21,6 +21,8 @@ #include "openbsd-compat/openbsd-compat.h" +extern int use_privsep; + void platform_pre_listen(void) { @@ -79,6 +81,18 @@ platform_setusercontext(struct passwd *pw) if (getuid() == 0 || geteuid() == 0) setpgid(0, 0); # endif + +#if defined(HAVE_LOGIN_CAP) && defined(USE_PAM) + /* + * If we have both LOGIN_CAP and PAM, we want to establish creds + * before calling setusercontext (in session.c:do_setusercontext). + */ + if (getuid() == 0 || geteuid() == 0) { + if (options.use_pam) { + do_pam_setcred(use_privsep); + } + } +# endif /* USE_PAM */ } /* diff --git a/session.c b/session.c index 0775d78d2..a2d8bec8b 100644 --- a/session.c +++ b/session.c @@ -1476,11 +1476,6 @@ do_setusercontext(struct passwd *pw) #endif /* HAVE_CYGWIN */ { #ifdef HAVE_LOGIN_CAP -# ifdef USE_PAM - if (options.use_pam) { - do_pam_setcred(use_privsep); - } -# endif /* USE_PAM */ if (setusercontext(lc, pw, pw->pw_uid, (LOGIN_SETALL & ~(LOGIN_SETPATH|LOGIN_SETUSER))) < 0) { perror("unable to set user context"); -- cgit v1.2.3 From 7a8afe3186bd2007da3a2fce4276e5b96ed877f6 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Nov 2010 13:07:24 +1100 Subject: - (dtucker) platform.c session.c] Move the USE_LIBIAF fragment into platform.c --- ChangeLog | 2 ++ platform.c | 8 +++++++- session.c | 5 ----- 3 files changed, 9 insertions(+), 6 deletions(-) (limited to 'platform.c') diff --git a/ChangeLog b/ChangeLog index 909b9fc59..6595f6768 100644 --- a/ChangeLog +++ b/ChangeLog @@ -33,6 +33,8 @@ retain previous behavior. - (dtucker) [platform.c session.c] Move the PAM credential establishment for the LOGIN_CAP case into platform.c. + - (dtucker) platform.c session.c] Move the USE_LIBIAF fragment into + platform.c 20101025 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with diff --git a/platform.c b/platform.c index 0335eaae6..910e39713 100644 --- a/platform.c +++ b/platform.c @@ -1,4 +1,4 @@ -/* $Id: platform.c,v 1.9 2010/11/05 02:00:05 dtucker Exp $ */ +/* $Id: platform.c,v 1.10 2010/11/05 02:07:25 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -102,6 +102,12 @@ platform_setusercontext(struct passwd *pw) void platform_setusercontext_post_groups(struct passwd *pw) { +#if !defined(HAVE_LOGIN_CAP) && defined(USE_LIBIAF) + if (set_id(pw->pw_name) != 0) { + exit(1); + } +# endif /* USE_LIBIAF */ + #ifdef HAVE_SETPCRED /* * If we have a chroot directory, we set all creds except real diff --git a/session.c b/session.c index a2d8bec8b..6ef07c407 100644 --- a/session.c +++ b/session.c @@ -1516,11 +1516,6 @@ do_setusercontext(struct passwd *pw) # ifdef _AIX aix_usrinfo(pw); # endif /* _AIX */ -# ifdef USE_LIBIAF - if (set_id(pw->pw_name) != 0) { - exit(1); - } -# endif /* USE_LIBIAF */ #endif platform_setusercontext_post_groups(pw); -- cgit v1.2.3 From 676b912e780499e9f59e8add7859a014cb2db07d Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Nov 2010 13:11:04 +1100 Subject: - (dtucker) platform.c session.c] Move aix_usrinfo frament into platform.c. --- ChangeLog | 1 + platform.c | 6 +++++- session.c | 3 --- 3 files changed, 6 insertions(+), 4 deletions(-) (limited to 'platform.c') diff --git a/ChangeLog b/ChangeLog index 6595f6768..a6380346b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -35,6 +35,7 @@ the LOGIN_CAP case into platform.c. - (dtucker) platform.c session.c] Move the USE_LIBIAF fragment into platform.c + - (dtucker) platform.c session.c] Move aix_usrinfo frament into platform.c. 20101025 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with diff --git a/platform.c b/platform.c index 910e39713..97439b574 100644 --- a/platform.c +++ b/platform.c @@ -1,4 +1,4 @@ -/* $Id: platform.c,v 1.10 2010/11/05 02:07:25 dtucker Exp $ */ +/* $Id: platform.c,v 1.11 2010/11/05 02:11:04 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -102,6 +102,10 @@ platform_setusercontext(struct passwd *pw) void platform_setusercontext_post_groups(struct passwd *pw) { +#ifdef _AIX + aix_usrinfo(pw); +#endif /* _AIX */ + #if !defined(HAVE_LOGIN_CAP) && defined(USE_LIBIAF) if (set_id(pw->pw_name) != 0) { exit(1); diff --git a/session.c b/session.c index 6ef07c407..fc712ad93 100644 --- a/session.c +++ b/session.c @@ -1513,9 +1513,6 @@ do_setusercontext(struct passwd *pw) # if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) irix_setusercontext(pw); # endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */ -# ifdef _AIX - aix_usrinfo(pw); -# endif /* _AIX */ #endif platform_setusercontext_post_groups(pw); -- cgit v1.2.3 From 0b2ee6452c6c6e0c37dc10072ec4cf711e8dde89 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Nov 2010 13:29:25 +1100 Subject: - (dtucker) [platform.c session.c] Move irix setusercontext fragment into platform.c. --- ChangeLog | 4 +++- platform.c | 7 ++++++- session.c | 3 --- 3 files changed, 9 insertions(+), 5 deletions(-) (limited to 'platform.c') diff --git a/ChangeLog b/ChangeLog index a6380346b..c82f56b87 100644 --- a/ChangeLog +++ b/ChangeLog @@ -35,7 +35,9 @@ the LOGIN_CAP case into platform.c. - (dtucker) platform.c session.c] Move the USE_LIBIAF fragment into platform.c - - (dtucker) platform.c session.c] Move aix_usrinfo frament into platform.c. + - (dtucker) [platform.c session.c] Move aix_usrinfo frament into platform.c. + - (dtucker) [platform.c session.c] Move irix setusercontext fragment into + platform.c. 20101025 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with diff --git a/platform.c b/platform.c index 97439b574..c8163f901 100644 --- a/platform.c +++ b/platform.c @@ -1,4 +1,4 @@ -/* $Id: platform.c,v 1.11 2010/11/05 02:11:04 dtucker Exp $ */ +/* $Id: platform.c,v 1.12 2010/11/05 02:29:25 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -102,6 +102,11 @@ platform_setusercontext(struct passwd *pw) void platform_setusercontext_post_groups(struct passwd *pw) { +#if !defined(HAVE_LOGIN_CAP) && (defined(WITH_IRIX_PROJECT) || \ + defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY)) + irix_setusercontext(pw); +#endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */ + #ifdef _AIX aix_usrinfo(pw); #endif /* _AIX */ diff --git a/session.c b/session.c index fc712ad93..002cfd844 100644 --- a/session.c +++ b/session.c @@ -1510,9 +1510,6 @@ do_setusercontext(struct passwd *pw) do_pam_setcred(use_privsep); } # endif /* USE_PAM */ -# if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) - irix_setusercontext(pw); -# endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */ #endif platform_setusercontext_post_groups(pw); -- cgit v1.2.3 From cc12418e18242ce1f61d7035da4956274ba13a96 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Nov 2010 13:32:52 +1100 Subject: - (dtucker) [platform.c session.c] Move PAM credential establishment for the non-LOGIN_CAP case into platform.c. --- ChangeLog | 2 ++ platform.c | 13 ++++++++++++- session.c | 10 ---------- 3 files changed, 14 insertions(+), 11 deletions(-) (limited to 'platform.c') diff --git a/ChangeLog b/ChangeLog index c82f56b87..cc6e09ad5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -38,6 +38,8 @@ - (dtucker) [platform.c session.c] Move aix_usrinfo frament into platform.c. - (dtucker) [platform.c session.c] Move irix setusercontext fragment into platform.c. + - (dtucker) [platform.c session.c] Move PAM credential establishment for the + non-LOGIN_CAP case into platform.c. 20101025 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with diff --git a/platform.c b/platform.c index c8163f901..b4fb88e5f 100644 --- a/platform.c +++ b/platform.c @@ -1,4 +1,4 @@ -/* $Id: platform.c,v 1.12 2010/11/05 02:29:25 dtucker Exp $ */ +/* $Id: platform.c,v 1.13 2010/11/05 02:32:53 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -102,6 +102,17 @@ platform_setusercontext(struct passwd *pw) void platform_setusercontext_post_groups(struct passwd *pw) { +#if !defined(HAVE_LOGIN_CAP) && defined(USE_PAM) + /* + * PAM credentials may take the form of supplementary groups. + * These will have been wiped by the above initgroups() call. + * Reestablish them here. + */ + if (options.use_pam) { + do_pam_setcred(use_privsep); + } +#endif /* USE_PAM */ + #if !defined(HAVE_LOGIN_CAP) && (defined(WITH_IRIX_PROJECT) || \ defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY)) irix_setusercontext(pw); diff --git a/session.c b/session.c index 002cfd844..f1f26ef69 100644 --- a/session.c +++ b/session.c @@ -1500,16 +1500,6 @@ do_setusercontext(struct passwd *pw) exit(1); } endgrent(); -# ifdef USE_PAM - /* - * PAM credentials may take the form of supplementary groups. - * These will have been wiped by the above initgroups() call. - * Reestablish them here. - */ - if (options.use_pam) { - do_pam_setcred(use_privsep); - } -# endif /* USE_PAM */ #endif platform_setusercontext_post_groups(pw); -- cgit v1.2.3 From b12fe272a0e850175417aa56e6efef8f08250977 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Nov 2010 14:47:01 +1100 Subject: - (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case check into platform.c --- ChangeLog | 2 ++ platform.c | 18 +++++++++++++++++- platform.h | 3 ++- session.c | 5 +---- 4 files changed, 22 insertions(+), 6 deletions(-) (limited to 'platform.c') diff --git a/ChangeLog b/ChangeLog index cc6e09ad5..65e0f9e3e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -40,6 +40,8 @@ platform.c. - (dtucker) [platform.c session.c] Move PAM credential establishment for the non-LOGIN_CAP case into platform.c. + - (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case + check into platform.c 20101025 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with diff --git a/platform.c b/platform.c index b4fb88e5f..f2cf11f56 100644 --- a/platform.c +++ b/platform.c @@ -1,4 +1,4 @@ -/* $Id: platform.c,v 1.13 2010/11/05 02:32:53 dtucker Exp $ */ +/* $Id: platform.c,v 1.14 2010/11/05 03:47:01 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -17,6 +17,10 @@ */ #include "config.h" + +#include +#include + #include "platform.h" #include "openbsd-compat/openbsd-compat.h" @@ -59,6 +63,18 @@ platform_post_fork_child(void) #endif } +/* return 1 if we are running with privilege to swap UIDs, 0 otherwise */ +int +platform_privileged_uidswap(void) +{ +#ifdef HAVE_CYGWIN + /* uid 0 is not special on Cygwin so always try */ + return 1; +#else + return (getuid() == 0 || geteuid() == 0); +#endif +} + /* * This gets called before switching UIDs, and is called even when sshd is * not running as root. diff --git a/platform.h b/platform.h index be66d55c6..944d2c340 100644 --- a/platform.h +++ b/platform.h @@ -1,4 +1,4 @@ -/* $Id: platform.h,v 1.6 2010/11/05 01:36:15 dtucker Exp $ */ +/* $Id: platform.h,v 1.7 2010/11/05 03:47:01 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -24,6 +24,7 @@ void platform_pre_listen(void); void platform_pre_fork(void); void platform_post_fork_parent(pid_t child_pid); void platform_post_fork_child(void); +int platform_privileged_uidswap(void); void platform_setusercontext(struct passwd *); void platform_setusercontext_post_groups(struct passwd *); char *platform_get_krb5_client(const char *); diff --git a/session.c b/session.c index f1f26ef69..58e681282 100644 --- a/session.c +++ b/session.c @@ -1471,10 +1471,7 @@ do_setusercontext(struct passwd *pw) platform_setusercontext(pw); -#ifndef HAVE_CYGWIN - if (getuid() == 0 || geteuid() == 0) -#endif /* HAVE_CYGWIN */ - { + if (platform_privileged_uidswap()) { #ifdef HAVE_LOGIN_CAP if (setusercontext(lc, pw, pw->pw_uid, (LOGIN_SETALL & ~(LOGIN_SETPATH|LOGIN_SETUSER))) < 0) { -- cgit v1.2.3 From 9283d8cbc594419712f09258540253b899d2afd9 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 5 Nov 2010 18:56:08 +1100 Subject: - (dtucker) [platform.c] Need servconf.h and extern options. --- ChangeLog | 1 + platform.c | 8 +++++++- 2 files changed, 8 insertions(+), 1 deletion(-) (limited to 'platform.c') diff --git a/ChangeLog b/ChangeLog index b4211302a..f8e9a9aec 100644 --- a/ChangeLog +++ b/ChangeLog @@ -50,6 +50,7 @@ - (dtucker) [regress/kextype.sh] Make sha256 test depend on ECC. This is not strictly correct since while ECC requires sha256 the reverse is not true however it does prevent spurious test failures. + - (dtucker) [platform.c] Need servconf.h and extern options. 20101025 - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with diff --git a/platform.c b/platform.c index f2cf11f56..0d5b4f1bc 100644 --- a/platform.c +++ b/platform.c @@ -1,4 +1,4 @@ -/* $Id: platform.c,v 1.14 2010/11/05 03:47:01 dtucker Exp $ */ +/* $Id: platform.c,v 1.15 2010/11/05 07:56:08 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -19,13 +19,19 @@ #include "config.h" #include + +#include #include +#include "log.h" +#include "buffer.h" +#include "servconf.h" #include "platform.h" #include "openbsd-compat/openbsd-compat.h" extern int use_privsep; +extern ServerOptions options; void platform_pre_listen(void) -- cgit v1.2.3 From d1ece6e4a274df0447ad278f729c6f32b8e4a5e5 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 7 Nov 2010 18:05:54 +1100 Subject: - (dtucker) [platform.c] includes.h instead of defines.h so that we get the correct typedefs. --- ChangeLog | 4 ++++ platform.c | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) (limited to 'platform.c') diff --git a/ChangeLog b/ChangeLog index f8e9a9aec..d02a2dabf 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20101107 + - (dtucker) [platform.c] includes.h instead of defines.h so that we get + the correct typedefs. + 20101105 - (djm) [loginrec.c loginrec.h] Use correct uid_t/pid_t types instead of int. Should fix bz#1817 cleanly; ok dtucker@ diff --git a/platform.c b/platform.c index 0d5b4f1bc..f57c2eab3 100644 --- a/platform.c +++ b/platform.c @@ -1,4 +1,4 @@ -/* $Id: platform.c,v 1.15 2010/11/05 07:56:08 dtucker Exp $ */ +/* $Id: platform.c,v 1.16 2010/11/07 07:05:54 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -16,7 +16,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -#include "config.h" +#include "includes.h" #include -- cgit v1.2.3 From d995712383c043c4f9d8ca52363e6e1df128dc72 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 24 Nov 2010 10:09:13 +1100 Subject: - (dtucker) [platform.c session.c] Move the getluid call out of session.c and into the platform-specific code Only affects SCO, tested by and ok tim@. --- ChangeLog | 4 ++++ platform.c | 10 +++++++++- session.c | 6 ------ 3 files changed, 13 insertions(+), 7 deletions(-) (limited to 'platform.c') diff --git a/ChangeLog b/ChangeLog index bb8332f43..62c9c6666 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20101124 + - (dtucker) [platform.c session.c] Move the getluid call out of session.c and + into the platform-specific code Only affects SCO, tested by and ok tim@. + 20101122 - (dtucker) Bug #1840: fix warning when configuring --with-ssl-engine, patch from vapier at gentoo org. diff --git a/platform.c b/platform.c index f57c2eab3..60b87a6ae 100644 --- a/platform.c +++ b/platform.c @@ -1,4 +1,4 @@ -/* $Id: platform.c,v 1.16 2010/11/07 07:05:54 dtucker Exp $ */ +/* $Id: platform.c,v 1.17 2010/11/23 23:09:13 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -115,6 +115,14 @@ platform_setusercontext(struct passwd *pw) } } # endif /* USE_PAM */ + +#if !defined(HAVE_LOGIN_CAP) && defined(HAVE_GETLUID) && defined(HAVE_SETLUID) + if (getuid() == 0 || geteuid() == 0) { + /* Sets login uid for accounting */ + if (getluid() == -1 && setluid(pw->pw_uid) == -1) + error("setluid: %s", strerror(errno)); + } +#endif } /* diff --git a/session.c b/session.c index 8c6022bf6..3758f0fd1 100644 --- a/session.c +++ b/session.c @@ -1481,12 +1481,6 @@ do_setusercontext(struct passwd *pw) exit(1); } #else -# if defined(HAVE_GETLUID) && defined(HAVE_SETLUID) - /* Sets login uid for accounting */ - if (getluid() == -1 && setluid(pw->pw_uid) == -1) - error("setluid: %s", strerror(errno)); -# endif /* defined(HAVE_GETLUID) && defined(HAVE_SETLUID) */ - if (setlogin(pw->pw_name) < 0) error("setlogin failed: %s", strerror(errno)); if (setgid(pw->pw_gid) < 0) { -- cgit v1.2.3 From 81ad4b1fc0f3d2004a0e0004607ebd9a3664034b Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 11 Jan 2011 17:02:23 +1100 Subject: - (djm) [platform.c] Some missing includes that show up under -Werror --- ChangeLog | 1 + platform.c | 6 +++++- 2 files changed, 6 insertions(+), 1 deletion(-) (limited to 'platform.c') diff --git a/ChangeLog b/ChangeLog index 3e931f394..5ddc26a6a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,7 @@ 20110111 - (tim) [regress/host-expand.sh] Fix for building outside of read only source tree. + - (djm) [platform.c] Some missing includes that show up under -Werror 20110109 - (djm) [Makefile.in] list ssh_host_ecdsa key in PATHSUBS; spotted by diff --git a/platform.c b/platform.c index 60b87a6ae..a455472b3 100644 --- a/platform.c +++ b/platform.c @@ -1,4 +1,4 @@ -/* $Id: platform.c,v 1.17 2010/11/23 23:09:13 dtucker Exp $ */ +/* $Id: platform.c,v 1.18 2011/01/11 06:02:25 djm Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -26,6 +26,10 @@ #include "log.h" #include "buffer.h" #include "servconf.h" +#include "key.h" +#include "hostfile.h" +#include "auth.h" +#include "auth-pam.h" #include "platform.h" #include "openbsd-compat/openbsd-compat.h" -- cgit v1.2.3