diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2002-06-11 16:37:51 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2002-06-11 16:37:51 +0000 |
| commit | f9c4884c8effe6dd78ab3ed4e42ed69c4a8652d0 (patch) | |
| tree | bf92c1c3374176a70d0a2dd9ea23d97e13d5ee57 /sshconnect.c | |
| parent | 8bb6f36c8fab33f7ca59b9c56e11d54caf36f965 (diff) | |
- markus@cvs.openbsd.org 2002/06/11 04:14:26
[ssh.c sshconnect.c sshconnect.h]
no longer use uidswap.[ch] from the ssh client
run less code with euid==0 if ssh is installed setuid root
just switch the euid, don't switch the complete set of groups
(this is only needed by sshd). ok provos@
Diffstat (limited to 'sshconnect.c')
| -rw-r--r-- | sshconnect.c | 47 |
1 files changed, 16 insertions, 31 deletions
diff --git a/sshconnect.c b/sshconnect.c index 651e3fcf..3a93a4fb 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect.c,v 1.123 2002/06/09 22:17:21 itojun Exp $"); +RCSID("$OpenBSD: sshconnect.c,v 1.124 2002/06/11 04:14:26 markus Exp $"); #include <openssl/bn.h> @@ -36,8 +36,11 @@ RCSID("$OpenBSD: sshconnect.c,v 1.123 2002/06/09 22:17:21 itojun Exp $"); char *client_version_string = NULL; char *server_version_string = NULL; +/* import */ extern Options options; extern char *__progname; +extern uid_t original_real_uid; +extern uid_t original_effective_uid; #ifndef INET6_ADDRSTRLEN /* for non IPv6 machines */ #define INET6_ADDRSTRLEN 46 @@ -58,8 +61,7 @@ sockaddr_ntop(struct sockaddr *sa, socklen_t salen) * Connect to the given ssh server using a proxy command. */ static int -ssh_proxy_connect(const char *host, u_short port, struct passwd *pw, - const char *proxy_command) +ssh_proxy_connect(const char *host, u_short port, const char *proxy_command) { Buffer command; const char *cp; @@ -109,7 +111,8 @@ ssh_proxy_connect(const char *host, u_short port, struct passwd *pw, char *argv[10]; /* Child. Permanently give up superuser privileges. */ - permanently_set_uid(pw); + seteuid(original_real_uid); + setuid(original_real_uid); /* Redirect stdin and stdout. */ close(pin[1]); @@ -159,7 +162,7 @@ ssh_proxy_connect(const char *host, u_short port, struct passwd *pw, * Creates a (possibly privileged) socket for use as the ssh connection. */ static int -ssh_create_socket(struct passwd *pw, int privileged, int family) +ssh_create_socket(int privileged, int family) { int sock, gaierr; struct addrinfo hints, *res; @@ -170,22 +173,18 @@ ssh_create_socket(struct passwd *pw, int privileged, int family) */ if (privileged) { int p = IPPORT_RESERVED - 1; + PRIV_START; sock = rresvport_af(&p, family); + PRIV_END; if (sock < 0) error("rresvport: af=%d %.100s", family, strerror(errno)); else debug("Allocated local port %d.", p); return sock; } - /* - * Just create an ordinary socket on arbitrary port. We use - * the user's uid to create the socket. - */ - temporarily_use_uid(pw); sock = socket(family, SOCK_STREAM, 0); if (sock < 0) error("socket: %.100s", strerror(errno)); - restore_uid(); /* Bind the socket to an alternative local IP address */ if (options.bind_address == NULL) @@ -215,9 +214,9 @@ ssh_create_socket(struct passwd *pw, int privileged, int family) /* * Opens a TCP/IP connection to the remote server on the given host. * The address of the remote host will be returned in hostaddr. - * If port is 0, the default port will be used. If anonymous is zero, + * If port is 0, the default port will be used. If needpriv is true, * a privileged port will be allocated to make the connection. - * This requires super-user privileges if anonymous is false. + * This requires super-user privileges if needpriv is true. * Connection_attempts specifies the maximum number of tries (one per * second). If proxy_command is non-NULL, it specifies the command (with %h * and %p substituted for host and port, respectively) to use to contact @@ -232,7 +231,7 @@ ssh_create_socket(struct passwd *pw, int privileged, int family) int ssh_connect(const char *host, struct sockaddr_storage * hostaddr, u_short port, int family, int connection_attempts, - int anonymous, struct passwd *pw, const char *proxy_command) + int needpriv, const char *proxy_command) { int gaierr; int on = 1; @@ -248,8 +247,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, */ int full_failure = 1; - debug("ssh_connect: getuid %u geteuid %u anon %d", - (u_int) getuid(), (u_int) geteuid(), anonymous); + debug("ssh_connect: needpriv %d", needpriv); /* Get default port if port has not been set. */ if (port == 0) { @@ -261,7 +259,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, } /* If a proxy command is given, connect using it. */ if (proxy_command != NULL) - return ssh_proxy_connect(host, port, pw, proxy_command); + return ssh_proxy_connect(host, port, proxy_command); /* No proxy command. */ @@ -297,26 +295,14 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, host, ntop, strport); /* Create a socket for connecting. */ - sock = ssh_create_socket(pw, -#ifdef HAVE_CYGWIN - !anonymous, -#else - !anonymous && geteuid() == 0, -#endif - ai->ai_family); + sock = ssh_create_socket(needpriv, ai->ai_family); if (sock < 0) /* Any error is already output */ continue; - /* Connect to the host. We use the user's uid in the - * hope that it will help with tcp_wrappers showing - * the remote uid as root. - */ - temporarily_use_uid(pw); if (connect(sock, ai->ai_addr, ai->ai_addrlen) >= 0) { /* Successful connection. */ memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen); - restore_uid(); break; } else { if (errno == ECONNREFUSED) @@ -324,7 +310,6 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, log("ssh: connect to address %s port %s: %s", sockaddr_ntop(ai->ai_addr, ai->ai_addrlen), strport, strerror(errno)); - restore_uid(); /* * Close the failed socket; there appear to * be some problems when reusing a socket for |