diff options
| author | cperciva <cperciva@FreeBSD.org> | 2006-03-22 16:00:42 +0000 |
|---|---|---|
| committer | cperciva <cperciva@FreeBSD.org> | 2006-03-22 16:00:42 +0000 |
| commit | e66460b8942afc349793d018627b403bbd4eaad0 (patch) | |
| tree | 505281ed70ef5587153603a305cee43608da2925 /contrib | |
| parent | d663b33f930b54b91e851c202bd44ddd3e110361 (diff) | |
| download | FreeBSD-src-e66460b8942afc349793d018627b403bbd4eaad0.zip FreeBSD-src-e66460b8942afc349793d018627b403bbd4eaad0.tar.gz | |
Add missing code needed for the detection of IPSec packet replays. [1]
Correctly identify the user running opiepasswd(1) when the login name
differs from the account name. [2]
Security: FreeBSD-SA-06:11.ipsec [1]
Security: FreeBSD-SA-06:12.opie [2]
Diffstat (limited to 'contrib')
| -rw-r--r-- | contrib/opie/opiepasswd.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/contrib/opie/opiepasswd.c b/contrib/opie/opiepasswd.c index 2e2358a..cd4ff01 100644 --- a/contrib/opie/opiepasswd.c +++ b/contrib/opie/opiepasswd.c @@ -118,11 +118,18 @@ int main FUNCTION((argc, argv), int argc AND char *argv[]) struct opie opie; int rval, n = 499, i, mode = MODE_DEFAULT, force = 0; char seed[OPIE_SEED_MAX+1]; + char *username; + uid_t ruid; struct passwd *pp; memset(seed, 0, sizeof(seed)); - if (!(pp = getpwnam(getlogin()))) { + ruid = getuid(); + username = getlogin(); + pp = getpwnam(username); + if (username == NULL || pp == NULL || pp->pw_uid != ruid) + pp = getpwuid(ruid); + if (pp == NULL) { fprintf(stderr, "Who are you?"); return 1; } |
