diff options
author | ache <ache@FreeBSD.org> | 2002-08-05 16:06:35 +0000 |
---|---|---|
committer | ache <ache@FreeBSD.org> | 2002-08-05 16:06:35 +0000 |
commit | 15b8a9068669dc682704d7aca5b32cf459d442a7 (patch) | |
tree | a6f3fbe33c13d7b392c99eb143d69bcff876fed3 /crypto | |
parent | 3b4ccdf949664999eafce53dda236d9e9d6b40e0 (diff) | |
download | FreeBSD-src-15b8a9068669dc682704d7aca5b32cf459d442a7.zip FreeBSD-src-15b8a9068669dc682704d7aca5b32cf459d442a7.tar.gz |
Do login cap calls _before_ descriptors are hardly closed because close may
invalidate login cap descriptor.
Reviewed by: des
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/openssh/session.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/crypto/openssh/session.c b/crypto/openssh/session.c index 95831d3..ad00f29 100644 --- a/crypto/openssh/session.c +++ b/crypto/openssh/session.c @@ -1288,6 +1288,9 @@ do_child(Session *s, const char *command) const char *shell, *shell0, *hostname = NULL; struct passwd *pw = s->pw; u_int i; +#ifdef HAVE_LOGIN_CAP + int lc_requirehome; +#endif /* remove hostkey from the child's memory */ destroy_sensitive_data(); @@ -1346,6 +1349,10 @@ do_child(Session *s, const char *command) /* XXX better use close-on-exec? -markus */ channel_close_all(); +#ifdef HAVE_LOGIN_CAP + lc_requirehome = login_getcapbool(lc, "requirehome", 0); + login_close(lc); +#endif /* * Close any extra file descriptors. Note that there may still be * descriptors left by system functions. They will be closed later. @@ -1384,7 +1391,7 @@ do_child(Session *s, const char *command) fprintf(stderr, "Could not chdir to home directory %s: %s\n", pw->pw_dir, strerror(errno)); #ifdef HAVE_LOGIN_CAP - if (login_getcapbool(lc, "requirehome", 0)) + if (lc_requirehome) exit(1); #endif } |