diff options
| -rw-r--r-- | crypto/openssh/channels.c | 23 | ||||
| -rw-r--r-- | crypto/openssh/channels.h | 1 | ||||
| -rw-r--r-- | crypto/openssh/session.c | 44 | ||||
| -rw-r--r-- | crypto/openssh/version.h | 2 |
4 files changed, 45 insertions, 25 deletions
diff --git a/crypto/openssh/channels.c b/crypto/openssh/channels.c index 9671ed3..38bec00 100644 --- a/crypto/openssh/channels.c +++ b/crypto/openssh/channels.c @@ -1613,7 +1613,7 @@ channel_stop_listening() switch (channels[i].type) { case SSH_CHANNEL_AUTH_SOCKET: close(channels[i].sock); - unlink(channels[i].path); + /* auth_sock_cleanup_proc deletes the socket */ channel_free(i); break; case SSH_CHANNEL_PORT_LISTENER: @@ -2525,10 +2525,17 @@ auth_get_socket_name() /* removes the agent forwarding socket */ void -cleanup_socket(void) +auth_sock_cleanup_proc(void *_pw) { - unlink(channel_forwarded_auth_socket_name); - rmdir(channel_forwarded_auth_socket_dir); + struct passwd *pw = _pw; + + if (channel_forwarded_auth_socket_name) { + temporarily_use_uid(pw); + unlink(channel_forwarded_auth_socket_name); + rmdir(channel_forwarded_auth_socket_dir); + channel_forwarded_auth_socket_name = NULL; + restore_uid(); + } } /* @@ -2567,11 +2574,9 @@ auth_input_request_forwarding(struct passwd * pw) snprintf(channel_forwarded_auth_socket_name, MAX_SOCKET_NAME, "%s/agent.%d", channel_forwarded_auth_socket_dir, (int) getpid()); - if (atexit(cleanup_socket) < 0) { - int saved = errno; - cleanup_socket(); - packet_disconnect("socket: %.100s", strerror(saved)); - } + /* delete agent socket on fatal() */ + fatal_add_cleanup(auth_sock_cleanup_proc, pw); + /* Create the socket. */ sock = socket(AF_UNIX, SOCK_STREAM, 0); if (sock < 0) diff --git a/crypto/openssh/channels.h b/crypto/openssh/channels.h index 0085199..16ddde5 100644 --- a/crypto/openssh/channels.h +++ b/crypto/openssh/channels.h @@ -304,6 +304,7 @@ int auth_input_request_forwarding(struct passwd * pw); void auth_input_open_request(int type, int plen, void *ctxt); /* XXX */ +void auth_sock_cleanup_proc(void *pw); int channel_connect_to(const char *host, u_short host_port); int channel_connect_by_listen_adress(u_short listen_port); int x11_connect_display(void); diff --git a/crypto/openssh/session.c b/crypto/openssh/session.c index 47cfd3e..fc8aa65 100644 --- a/crypto/openssh/session.c +++ b/crypto/openssh/session.c @@ -33,7 +33,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: session.c,v 1.74 2001/04/17 19:34:25 markus Exp $"); +RCSID("$OpenBSD: session.c,v 1.80 2001/06/04 21:59:43 markus Exp $"); RCSID("$FreeBSD$"); #include "ssh.h" @@ -108,6 +108,7 @@ void do_login(Session *s, const char *command); void do_child(Session *s, const char *command); void do_motd(void); int check_quietlogin(Session *s, const char *command); +void xauthfile_cleanup_proc(void *pw); void do_authenticated1(Authctxt *authctxt); void do_authenticated2(Authctxt *authctxt); @@ -167,18 +168,26 @@ do_authenticated(Authctxt *authctxt) do_authenticated2(authctxt); else do_authenticated1(authctxt); + + /* remote user's local Xauthority file and agent socket */ + if (xauthfile) + xauthfile_cleanup_proc(authctxt->pw); + if (auth_get_socket_name()) + auth_sock_cleanup_proc(authctxt->pw); } /* * Remove local Xauthority file. */ void -xauthfile_cleanup_proc(void *ignore) +xauthfile_cleanup_proc(void *_pw) { - debug("xauthfile_cleanup_proc called"); + struct passwd *pw = _pw; + char *p; + debug("xauthfile_cleanup_proc called"); if (xauthfile != NULL) { - char *p; + temporarily_use_uid(pw); unlink(xauthfile); p = strrchr(xauthfile, '/'); if (p != NULL) { @@ -187,6 +196,7 @@ xauthfile_cleanup_proc(void *ignore) } xfree(xauthfile); xauthfile = NULL; + restore_uid(); } } @@ -225,6 +235,7 @@ do_authenticated1(Authctxt *authctxt) int success, type, fd, n_bytes, plen, screen_flag, have_pty = 0; int compression_level = 0, enable_compression_after_reply = 0; u_int proto_len, data_len, dlen; + struct stat st; s = session_new(); s->pw = authctxt->pw; @@ -307,7 +318,8 @@ do_authenticated1(Authctxt *authctxt) packet_send_debug("X11 forwarding disabled in server configuration file."); break; } - if (!options.xauth_location) { + if (!options.xauth_location || + (stat(options.xauth_location, &st) == -1)) { packet_send_debug("No xauth program; cannot forward with spoofing."); break; } @@ -361,7 +373,7 @@ do_authenticated1(Authctxt *authctxt) if (fd >= 0) close(fd); restore_uid(); - fatal_add_cleanup(xauthfile_cleanup_proc, NULL); + fatal_add_cleanup(xauthfile_cleanup_proc, s->pw); success = 1; break; @@ -415,9 +427,6 @@ do_authenticated1(Authctxt *authctxt) if (command != NULL) xfree(command); - /* Cleanup user's local Xauthority file. */ - if (xauthfile) - xauthfile_cleanup_proc(NULL); return; default: @@ -1321,10 +1330,11 @@ do_child(Session *s, const char *command) if (!options.use_login) { /* ignore _PATH_SSH_USER_RC for subsystems */ if (!s->is_subsystem && (stat(_PATH_SSH_USER_RC, &st) >= 0)) { + snprintf(cmd, sizeof cmd, "%s -c '%s %s'", + shell, _PATH_BSHELL, _PATH_SSH_USER_RC); if (debug_flag) - fprintf(stderr, "Running %s %s\n", _PATH_BSHELL, - _PATH_SSH_USER_RC); - f = popen(_PATH_BSHELL " " _PATH_SSH_USER_RC, "w"); + fprintf(stderr, "Running %s\n", cmd); + f = popen(cmd, "w"); if (f) { if (do_xauth) fprintf(f, "%s %s\n", s->auth_proto, @@ -1645,6 +1655,7 @@ int session_x11_req(Session *s) { int fd; + struct stat st; if (no_x11_forwarding_flag) { debug("X11 forwarding disabled in user configuration file."); return 0; @@ -1653,6 +1664,11 @@ session_x11_req(Session *s) debug("X11 forwarding disabled in server configuration file."); return 0; } + if (!options.xauth_location || + (stat(options.xauth_location, &st) == -1)) { + packet_send_debug("No xauth program; cannot forward with spoofing."); + return 0; + } if (xauthfile != NULL) { debug("X11 fwd already started."); return 0; @@ -1693,7 +1709,7 @@ session_x11_req(Session *s) if (fd >= 0) close(fd); restore_uid(); - fatal_add_cleanup(xauthfile_cleanup_proc, s); + fatal_add_cleanup(xauthfile_cleanup_proc, s->pw); return 1; } @@ -1989,6 +2005,4 @@ do_authenticated2(Authctxt *authctxt) { server_loop2(); - if (xauthfile) - xauthfile_cleanup_proc(NULL); } diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h index 39df4f9..78193d4 100644 --- a/crypto/openssh/version.h +++ b/crypto/openssh/version.h @@ -5,7 +5,7 @@ #define SSH_VERSION (ssh_version_get()) #define SSH_VERSION_BASE "OpenSSH_2.9" -#define SSH_VERSION_ADDENDUM "green@FreeBSD.org 20010503" +#define SSH_VERSION_ADDENDUM "green@FreeBSD.org 20010608" const char *ssh_version_get(void); void ssh_version_set_addendum(const char *add); |
