summaryrefslogtreecommitdiff
path: root/auth.c
diff options
context:
space:
mode:
authorderaadt@openbsd.org <deraadt@openbsd.org>2019-06-28 13:35:04 +0000
committerDamien Miller <djm@mindrot.org>2019-07-05 11:10:39 +1000
commit4d28fa78abce2890e136281950633fae2066cc29 (patch)
tree33226ec64ced661bb7e40005e30744b68fa59a80 /auth.c
parente8c974043c1648eab0ad67a7ba6a3e444fe79d2d (diff)
upstream: When system calls indicate an error they return -1, not
some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future. OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
Diffstat (limited to 'auth.c')
-rw-r--r--auth.c16
1 files changed, 8 insertions, 8 deletions
diff --git a/auth.c b/auth.c
index 8696f258..b41d39cd 100644
--- a/auth.c
+++ b/auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.c,v 1.138 2019/01/19 21:41:18 djm Exp $ */
+/* $OpenBSD: auth.c,v 1.139 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -167,7 +167,7 @@ allowed_user(struct ssh *ssh, struct passwd * pw)
char *shell = xstrdup((pw->pw_shell[0] == '\0') ?
_PATH_BSHELL : pw->pw_shell); /* empty = /bin/sh */
- if (stat(shell, &st) != 0) {
+ if (stat(shell, &st) == -1) {
logit("User %.100s not allowed because shell %.100s "
"does not exist", pw->pw_name, shell);
free(shell);
@@ -517,7 +517,7 @@ auth_openfile(const char *file, struct passwd *pw, int strict_modes,
return NULL;
}
- if (fstat(fd, &st) < 0) {
+ if (fstat(fd, &st) == -1) {
close(fd);
return NULL;
}
@@ -746,7 +746,7 @@ remote_hostname(struct ssh *ssh)
fromlen = sizeof(from);
memset(&from, 0, sizeof(from));
if (getpeername(ssh_packet_get_connection_in(ssh),
- (struct sockaddr *)&from, &fromlen) < 0) {
+ (struct sockaddr *)&from, &fromlen) == -1) {
debug("getpeername failed: %.100s", strerror(errno));
return strdup(ntop);
}
@@ -884,7 +884,7 @@ subprocess(const char *tag, struct passwd *pw, const char *command,
return 0;
}
temporarily_use_uid(pw);
- if (stat(av[0], &st) < 0) {
+ if (stat(av[0], &st) == -1) {
error("Could not stat %s \"%s\": %s", tag,
av[0], strerror(errno));
restore_uid();
@@ -896,7 +896,7 @@ subprocess(const char *tag, struct passwd *pw, const char *command,
return 0;
}
/* Prepare to keep the child's stdout if requested */
- if (pipe(p) != 0) {
+ if (pipe(p) == -1) {
error("%s: pipe: %s", tag, strerror(errno));
restore_uid();
return 0;
@@ -946,12 +946,12 @@ subprocess(const char *tag, struct passwd *pw, const char *command,
closefrom(STDERR_FILENO + 1);
/* Don't use permanently_set_uid() here to avoid fatal() */
- if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) != 0) {
+ if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) {
error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid,
strerror(errno));
_exit(1);
}
- if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) != 0) {
+ if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1) {
error("%s: setresuid %u: %s", tag, (u_int)pw->pw_uid,
strerror(errno));
_exit(1);