summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--crypto/openssh/channels.c23
-rw-r--r--crypto/openssh/channels.h1
-rw-r--r--crypto/openssh/session.c44
-rw-r--r--crypto/openssh/version.h2
4 files changed, 45 insertions, 25 deletions
diff --git a/crypto/openssh/channels.c b/crypto/openssh/channels.c
index 9671ed3..38bec00 100644
--- a/crypto/openssh/channels.c
+++ b/crypto/openssh/channels.c
@@ -1613,7 +1613,7 @@ channel_stop_listening()
switch (channels[i].type) {
case SSH_CHANNEL_AUTH_SOCKET:
close(channels[i].sock);
- unlink(channels[i].path);
+ /* auth_sock_cleanup_proc deletes the socket */
channel_free(i);
break;
case SSH_CHANNEL_PORT_LISTENER:
@@ -2525,10 +2525,17 @@ auth_get_socket_name()
/* removes the agent forwarding socket */
void
-cleanup_socket(void)
+auth_sock_cleanup_proc(void *_pw)
{
- unlink(channel_forwarded_auth_socket_name);
- rmdir(channel_forwarded_auth_socket_dir);
+ struct passwd *pw = _pw;
+
+ if (channel_forwarded_auth_socket_name) {
+ temporarily_use_uid(pw);
+ unlink(channel_forwarded_auth_socket_name);
+ rmdir(channel_forwarded_auth_socket_dir);
+ channel_forwarded_auth_socket_name = NULL;
+ restore_uid();
+ }
}
/*
@@ -2567,11 +2574,9 @@ auth_input_request_forwarding(struct passwd * pw)
snprintf(channel_forwarded_auth_socket_name, MAX_SOCKET_NAME, "%s/agent.%d",
channel_forwarded_auth_socket_dir, (int) getpid());
- if (atexit(cleanup_socket) < 0) {
- int saved = errno;
- cleanup_socket();
- packet_disconnect("socket: %.100s", strerror(saved));
- }
+ /* delete agent socket on fatal() */
+ fatal_add_cleanup(auth_sock_cleanup_proc, pw);
+
/* Create the socket. */
sock = socket(AF_UNIX, SOCK_STREAM, 0);
if (sock < 0)
diff --git a/crypto/openssh/channels.h b/crypto/openssh/channels.h
index 0085199..16ddde5 100644
--- a/crypto/openssh/channels.h
+++ b/crypto/openssh/channels.h
@@ -304,6 +304,7 @@ int auth_input_request_forwarding(struct passwd * pw);
void auth_input_open_request(int type, int plen, void *ctxt);
/* XXX */
+void auth_sock_cleanup_proc(void *pw);
int channel_connect_to(const char *host, u_short host_port);
int channel_connect_by_listen_adress(u_short listen_port);
int x11_connect_display(void);
diff --git a/crypto/openssh/session.c b/crypto/openssh/session.c
index 47cfd3e..fc8aa65 100644
--- a/crypto/openssh/session.c
+++ b/crypto/openssh/session.c
@@ -33,7 +33,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.74 2001/04/17 19:34:25 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.80 2001/06/04 21:59:43 markus Exp $");
RCSID("$FreeBSD$");
#include "ssh.h"
@@ -108,6 +108,7 @@ void do_login(Session *s, const char *command);
void do_child(Session *s, const char *command);
void do_motd(void);
int check_quietlogin(Session *s, const char *command);
+void xauthfile_cleanup_proc(void *pw);
void do_authenticated1(Authctxt *authctxt);
void do_authenticated2(Authctxt *authctxt);
@@ -167,18 +168,26 @@ do_authenticated(Authctxt *authctxt)
do_authenticated2(authctxt);
else
do_authenticated1(authctxt);
+
+ /* remote user's local Xauthority file and agent socket */
+ if (xauthfile)
+ xauthfile_cleanup_proc(authctxt->pw);
+ if (auth_get_socket_name())
+ auth_sock_cleanup_proc(authctxt->pw);
}
/*
* Remove local Xauthority file.
*/
void
-xauthfile_cleanup_proc(void *ignore)
+xauthfile_cleanup_proc(void *_pw)
{
- debug("xauthfile_cleanup_proc called");
+ struct passwd *pw = _pw;
+ char *p;
+ debug("xauthfile_cleanup_proc called");
if (xauthfile != NULL) {
- char *p;
+ temporarily_use_uid(pw);
unlink(xauthfile);
p = strrchr(xauthfile, '/');
if (p != NULL) {
@@ -187,6 +196,7 @@ xauthfile_cleanup_proc(void *ignore)
}
xfree(xauthfile);
xauthfile = NULL;
+ restore_uid();
}
}
@@ -225,6 +235,7 @@ do_authenticated1(Authctxt *authctxt)
int success, type, fd, n_bytes, plen, screen_flag, have_pty = 0;
int compression_level = 0, enable_compression_after_reply = 0;
u_int proto_len, data_len, dlen;
+ struct stat st;
s = session_new();
s->pw = authctxt->pw;
@@ -307,7 +318,8 @@ do_authenticated1(Authctxt *authctxt)
packet_send_debug("X11 forwarding disabled in server configuration file.");
break;
}
- if (!options.xauth_location) {
+ if (!options.xauth_location ||
+ (stat(options.xauth_location, &st) == -1)) {
packet_send_debug("No xauth program; cannot forward with spoofing.");
break;
}
@@ -361,7 +373,7 @@ do_authenticated1(Authctxt *authctxt)
if (fd >= 0)
close(fd);
restore_uid();
- fatal_add_cleanup(xauthfile_cleanup_proc, NULL);
+ fatal_add_cleanup(xauthfile_cleanup_proc, s->pw);
success = 1;
break;
@@ -415,9 +427,6 @@ do_authenticated1(Authctxt *authctxt)
if (command != NULL)
xfree(command);
- /* Cleanup user's local Xauthority file. */
- if (xauthfile)
- xauthfile_cleanup_proc(NULL);
return;
default:
@@ -1321,10 +1330,11 @@ do_child(Session *s, const char *command)
if (!options.use_login) {
/* ignore _PATH_SSH_USER_RC for subsystems */
if (!s->is_subsystem && (stat(_PATH_SSH_USER_RC, &st) >= 0)) {
+ snprintf(cmd, sizeof cmd, "%s -c '%s %s'",
+ shell, _PATH_BSHELL, _PATH_SSH_USER_RC);
if (debug_flag)
- fprintf(stderr, "Running %s %s\n", _PATH_BSHELL,
- _PATH_SSH_USER_RC);
- f = popen(_PATH_BSHELL " " _PATH_SSH_USER_RC, "w");
+ fprintf(stderr, "Running %s\n", cmd);
+ f = popen(cmd, "w");
if (f) {
if (do_xauth)
fprintf(f, "%s %s\n", s->auth_proto,
@@ -1645,6 +1655,7 @@ int
session_x11_req(Session *s)
{
int fd;
+ struct stat st;
if (no_x11_forwarding_flag) {
debug("X11 forwarding disabled in user configuration file.");
return 0;
@@ -1653,6 +1664,11 @@ session_x11_req(Session *s)
debug("X11 forwarding disabled in server configuration file.");
return 0;
}
+ if (!options.xauth_location ||
+ (stat(options.xauth_location, &st) == -1)) {
+ packet_send_debug("No xauth program; cannot forward with spoofing.");
+ return 0;
+ }
if (xauthfile != NULL) {
debug("X11 fwd already started.");
return 0;
@@ -1693,7 +1709,7 @@ session_x11_req(Session *s)
if (fd >= 0)
close(fd);
restore_uid();
- fatal_add_cleanup(xauthfile_cleanup_proc, s);
+ fatal_add_cleanup(xauthfile_cleanup_proc, s->pw);
return 1;
}
@@ -1989,6 +2005,4 @@ do_authenticated2(Authctxt *authctxt)
{
server_loop2();
- if (xauthfile)
- xauthfile_cleanup_proc(NULL);
}
diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h
index 39df4f9..78193d4 100644
--- a/crypto/openssh/version.h
+++ b/crypto/openssh/version.h
@@ -5,7 +5,7 @@
#define SSH_VERSION (ssh_version_get())
#define SSH_VERSION_BASE "OpenSSH_2.9"
-#define SSH_VERSION_ADDENDUM "green@FreeBSD.org 20010503"
+#define SSH_VERSION_ADDENDUM "green@FreeBSD.org 20010608"
const char *ssh_version_get(void);
void ssh_version_set_addendum(const char *add);
OpenPOWER on IntegriCloud