Mercurial > dropbear
annotate svr-agentfwd.c @ 1659:d32bcb5c557d
Add Ed25519 support (#91)
* Add support for Ed25519 as a public key type
Ed25519 is a elliptic curve signature scheme that offers
better security than ECDSA and DSA and good performance. It may be
used for both user and host keys.
OpenSSH key import and fuzzer are not supported yet.
Initially inspired by Peter Szabo.
* Add curve25519 and ed25519 fuzzers
* Add import and export of Ed25519 keys
| author | Vladislav Grishenko <themiron@users.noreply.github.com> |
|---|---|
| date | Wed, 11 Mar 2020 21:09:45 +0500 |
| parents | 592a18dac250 |
| children | a7cc3332d8ab |
| rev | line source |
|---|---|
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 /* |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 * Dropbear - a SSH2 server |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 * Copyright (c) 2002,2003 Matt Johnston |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 * All rights reserved. |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
6 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 * Permission is hereby granted, free of charge, to any person obtaining a copy |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 * of this software and associated documentation files (the "Software"), to deal |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 * in the Software without restriction, including without limitation the rights |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 * copies of the Software, and to permit persons to whom the Software is |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 * furnished to do so, subject to the following conditions: |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
13 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 * The above copyright notice and this permission notice shall be included in |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 * all copies or substantial portions of the Software. |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
16 * |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
23 * SOFTWARE. */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
24 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
25 /* This file (agentfwd.c) handles authentication agent forwarding, for OpenSSH |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
26 * style agents. */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
27 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
28 #include "includes.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
29 |
|
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1037
diff
changeset
|
30 #if DROPBEAR_SVR_AGENTFWD |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
31 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
32 #include "agentfwd.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
33 #include "session.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
34 #include "ssh.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
35 #include "dbutil.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
36 #include "chansession.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
37 #include "channel.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
38 #include "packet.h" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
39 #include "buffer.h" |
|
858
220f55d540ae
rename random.h to dbrandom.h since some OSes have a system random.h
Matt Johnston <matt@ucc.asn.au>
parents:
617
diff
changeset
|
40 #include "dbrandom.h" |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
41 #include "listener.h" |
|
475
52a644e7b8e1
* Patch from Frédéric Moulins adding options to authorized_keys.
Matt Johnston <matt@ucc.asn.au>
parents:
464
diff
changeset
|
42 #include "auth.h" |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
43 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
44 #define AGENTDIRPREFIX "/tmp/dropbear-" |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
45 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
46 static int send_msg_channel_open_agent(int fd); |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
47 static int bindagent(int fd, struct ChanSess * chansess); |
|
1460
58a74cb829b8
Pointer parameter could be declared as pointing to const (callback)
Francois Perrad <francois.perrad@gadz.org>
parents:
1459
diff
changeset
|
48 static void agentaccept(const struct Listener * listener, int sock); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
49 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
50 /* Handles client requests to start agent forwarding, sets up listening socket. |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
51 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ |
| 560 | 52 int svr_agentreq(struct ChanSess * chansess) { |
|
617
81def6b732c7
Clean up fd on failure. Found by Klocwork
Matt Johnston <matt@ucc.asn.au>
parents:
604
diff
changeset
|
53 int fd = -1; |
| 560 | 54 |
|
475
52a644e7b8e1
* Patch from Frédéric Moulins adding options to authorized_keys.
Matt Johnston <matt@ucc.asn.au>
parents:
464
diff
changeset
|
55 if (!svr_pubkey_allows_agentfwd()) { |
|
52a644e7b8e1
* Patch from Frédéric Moulins adding options to authorized_keys.
Matt Johnston <matt@ucc.asn.au>
parents:
464
diff
changeset
|
56 return DROPBEAR_FAILURE; |
|
52a644e7b8e1
* Patch from Frédéric Moulins adding options to authorized_keys.
Matt Johnston <matt@ucc.asn.au>
parents:
464
diff
changeset
|
57 } |
|
52a644e7b8e1
* Patch from Frédéric Moulins adding options to authorized_keys.
Matt Johnston <matt@ucc.asn.au>
parents:
464
diff
changeset
|
58 |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
59 if (chansess->agentlistener != NULL) { |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
60 return DROPBEAR_FAILURE; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
61 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
62 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
63 /* create listening socket */ |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
64 fd = socket(PF_UNIX, SOCK_STREAM, 0); |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
65 if (fd < 0) { |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
66 goto fail; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
67 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
68 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
69 /* create the unix socket dir and file */ |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
70 if (bindagent(fd, chansess) == DROPBEAR_FAILURE) { |
|
70
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
62
diff
changeset
|
71 goto fail; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
72 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
73 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
74 /* listen */ |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
75 if (listen(fd, 20) < 0) { |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
76 goto fail; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
77 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
78 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
79 /* set non-blocking */ |
|
109
2e9d1f29c50f
merge of 50be59810e462f9f44f55e421227d6aa0b31982b
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
80 setnonblocking(fd); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
81 |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
82 /* pass if off to listener */ |
| 62 | 83 chansess->agentlistener = new_listener( &fd, 1, 0, chansess, |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
84 agentaccept, NULL); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
85 |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
86 if (chansess->agentlistener == NULL) { |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
87 goto fail; |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
88 } |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
89 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
90 return DROPBEAR_SUCCESS; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
91 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
92 fail: |
|
617
81def6b732c7
Clean up fd on failure. Found by Klocwork
Matt Johnston <matt@ucc.asn.au>
parents:
604
diff
changeset
|
93 m_close(fd); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
94 /* cleanup */ |
| 560 | 95 svr_agentcleanup(chansess); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
96 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
97 return DROPBEAR_FAILURE; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
98 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
99 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
100 /* accepts a connection on the forwarded socket and opens a new channel for it |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
101 * back to the client */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
102 /* returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ |
|
1460
58a74cb829b8
Pointer parameter could be declared as pointing to const (callback)
Francois Perrad <francois.perrad@gadz.org>
parents:
1459
diff
changeset
|
103 static void agentaccept(const struct Listener *UNUSED(listener), int sock) { |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
104 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
105 int fd; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
106 |
| 62 | 107 fd = accept(sock, NULL, NULL); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
108 if (fd < 0) { |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
109
diff
changeset
|
109 TRACE(("accept failed")) |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
110 return; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
111 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
112 |
|
13
db2c8e6fb284
Fixed stupid agentfwd error (using the listening FD, not the accepted on. gah)
Matt Johnston <matt@ucc.asn.au>
parents:
11
diff
changeset
|
113 if (send_msg_channel_open_agent(fd) != DROPBEAR_SUCCESS) { |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
114 close(fd); |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
115 } |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
116 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
117 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
118 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
119 /* set up the environment variable pointing to the socket. This is called |
|
1037
7c899f24a85b
Some minor typo fixes, found by codespell.
Thorsten Horstmann <thorsten.horstmann@web.de>
parents:
858
diff
changeset
|
120 * just before command/shell execution, after dropping privileges */ |
|
1459
06d52bcb8094
Pointer parameter could be declared as pointing to const
Francois Perrad <francois.perrad@gadz.org>
parents:
1295
diff
changeset
|
121 void svr_agentset(const struct ChanSess * chansess) { |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
122 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
123 char *path = NULL; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
124 int len; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
125 |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
126 if (chansess->agentlistener == NULL) { |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
127 return; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
128 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
129 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
130 /* 2 for "/" and "\0" */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
131 len = strlen(chansess->agentdir) + strlen(chansess->agentfile) + 2; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
132 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
133 path = m_malloc(len); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
134 snprintf(path, len, "%s/%s", chansess->agentdir, chansess->agentfile); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
135 addnewvar("SSH_AUTH_SOCK", path); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
136 m_free(path); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
137 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
138 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
139 /* close the socket, remove the socket-file */ |
| 560 | 140 void svr_agentcleanup(struct ChanSess * chansess) { |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
141 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
142 char *path = NULL; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
143 uid_t uid; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
144 gid_t gid; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
145 int len; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
146 |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
147 if (chansess->agentlistener != NULL) { |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
148 remove_listener(chansess->agentlistener); |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
149 chansess->agentlistener = NULL; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
150 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
151 |
|
70
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
62
diff
changeset
|
152 if (chansess->agentfile != NULL && chansess->agentdir != NULL) { |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
153 |
|
1633
592a18dac250
Support servers without multiple user support (#76)
Patrick Stewart <patstew@gmail.com>
parents:
1631
diff
changeset
|
154 #if DROPBEAR_SVR_MULTIUSER |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
155 /* Remove the dir as the user. That way they can't cause problems except |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
156 * for themselves */ |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
157 uid = getuid(); |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
158 gid = getgid(); |
|
464
4317be8b7cf9
Make a copy of passwd fields since getpwnam()'s retval isn't safe to keep
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
159 if ((setegid(ses.authstate.pw_gid)) < 0 || |
|
4317be8b7cf9
Make a copy of passwd fields since getpwnam()'s retval isn't safe to keep
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
160 (seteuid(ses.authstate.pw_uid)) < 0) { |
|
594
a98a2138364a
Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents:
560
diff
changeset
|
161 dropbear_exit("Failed to set euid"); |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
162 } |
|
1633
592a18dac250
Support servers without multiple user support (#76)
Patrick Stewart <patstew@gmail.com>
parents:
1631
diff
changeset
|
163 #endif |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
164 |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
165 /* 2 for "/" and "\0" */ |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
166 len = strlen(chansess->agentdir) + strlen(chansess->agentfile) + 2; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
167 |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
168 path = m_malloc(len); |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
169 snprintf(path, len, "%s/%s", chansess->agentdir, chansess->agentfile); |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
170 unlink(path); |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
171 m_free(path); |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
172 |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
173 rmdir(chansess->agentdir); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
174 |
|
1633
592a18dac250
Support servers without multiple user support (#76)
Patrick Stewart <patstew@gmail.com>
parents:
1631
diff
changeset
|
175 #if DROPBEAR_SVR_MULTIUSER |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
176 if ((seteuid(uid)) < 0 || |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
177 (setegid(gid)) < 0) { |
|
594
a98a2138364a
Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents:
560
diff
changeset
|
178 dropbear_exit("Failed to revert euid"); |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
179 } |
|
1633
592a18dac250
Support servers without multiple user support (#76)
Patrick Stewart <patstew@gmail.com>
parents:
1631
diff
changeset
|
180 #endif |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
181 |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
182 m_free(chansess->agentfile); |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
183 m_free(chansess->agentdir); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
184 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
185 |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
186 } |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
187 |
|
225
ca7e76d981d9
- progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
188 static const struct ChanType chan_svr_agent = { |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
189 0, /* sepfds */ |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
190 "[email protected]", |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
191 NULL, |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
192 NULL, |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
193 NULL, |
|
1625
79eef94ccea9
Split ChanType closehandler() and cleanup() so that dbclient doesn't
Matt Johnston <matt@ucc.asn.au>
parents:
1460
diff
changeset
|
194 NULL, |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
195 NULL |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
196 }; |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
197 |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
198 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
199 /* helper for accepting an agent request */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
200 static int send_msg_channel_open_agent(int fd) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
201 |
|
225
ca7e76d981d9
- progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
202 if (send_msg_channel_open_init(fd, &chan_svr_agent) == DROPBEAR_SUCCESS) { |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
203 encrypt_packet(); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
204 return DROPBEAR_SUCCESS; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
205 } else { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
206 return DROPBEAR_FAILURE; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
207 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
208 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
209 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
210 /* helper for creating the agent socket-file |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
211 returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
212 static int bindagent(int fd, struct ChanSess * chansess) { |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
213 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
214 struct sockaddr_un addr; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
215 unsigned int prefix; |
|
1631
292f79307600
fix some gcc warnings (#73)
François Perrad <francois.perrad@gadz.org>
parents:
1625
diff
changeset
|
216 char path[(sizeof(addr.sun_path)-1)/2], sockfile[(sizeof(addr.sun_path)-1)/2]; |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
217 mode_t mode; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
218 int i; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
219 uid_t uid; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
220 gid_t gid; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
221 int ret = DROPBEAR_FAILURE; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
222 |
|
1633
592a18dac250
Support servers without multiple user support (#76)
Patrick Stewart <patstew@gmail.com>
parents:
1631
diff
changeset
|
223 #if DROPBEAR_SVR_MULTIUSER |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
224 /* drop to user privs to make the dir/file */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
225 uid = getuid(); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
226 gid = getgid(); |
|
464
4317be8b7cf9
Make a copy of passwd fields since getpwnam()'s retval isn't safe to keep
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
227 if ((setegid(ses.authstate.pw_gid)) < 0 || |
|
4317be8b7cf9
Make a copy of passwd fields since getpwnam()'s retval isn't safe to keep
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
228 (seteuid(ses.authstate.pw_uid)) < 0) { |
|
594
a98a2138364a
Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents:
560
diff
changeset
|
229 dropbear_exit("Failed to set euid"); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
230 } |
|
1633
592a18dac250
Support servers without multiple user support (#76)
Patrick Stewart <patstew@gmail.com>
parents:
1631
diff
changeset
|
231 #endif |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
232 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
233 memset((void*)&addr, 0x0, sizeof(addr)); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
234 addr.sun_family = AF_UNIX; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
235 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
236 mode = S_IRWXU; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
237 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
238 for (i = 0; i < 20; i++) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
239 genrandom((unsigned char*)&prefix, sizeof(prefix)); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
240 /* we want 32 bits (8 hex digits) - "/tmp/dropbear-f19c62c0" */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
241 snprintf(path, sizeof(path), AGENTDIRPREFIX "%.8x", prefix); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
242 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
243 if (mkdir(path, mode) == 0) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
244 goto bindsocket; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
245 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
246 if (errno != EEXIST) { |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
247 break; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
248 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
249 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
250 /* couldn't make a dir */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
251 goto out; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
252 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
253 bindsocket: |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
254 /* Format is "/tmp/dropbear-0246dead/auth-d00f7654-23". |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
255 * The "23" is the file desc, the random data is to avoid collisions |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
256 * between subsequent user processes reusing socket fds (odds are now |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
257 * 1/(2^64) */ |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
258 genrandom((unsigned char*)&prefix, sizeof(prefix)); |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
259 snprintf(sockfile, sizeof(sockfile), "auth-%.8x-%d", prefix, fd); |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
260 |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
261 snprintf(addr.sun_path, sizeof(addr.sun_path), "%s/%s", path, sockfile); |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
262 |
|
11
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
263 if (bind(fd, (struct sockaddr*)&addr, sizeof(addr)) == 0) { |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
264 chansess->agentdir = m_strdup(path); |
|
f76c9389e9e0
Mostly done with the listener changeover
Matt Johnston <matt@ucc.asn.au>
parents:
5
diff
changeset
|
265 chansess->agentfile = m_strdup(sockfile); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
266 ret = DROPBEAR_SUCCESS; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
267 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
268 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
269 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
270 out: |
|
1633
592a18dac250
Support servers without multiple user support (#76)
Patrick Stewart <patstew@gmail.com>
parents:
1631
diff
changeset
|
271 #if DROPBEAR_SVR_MULTIUSER |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
272 if ((seteuid(uid)) < 0 || |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
273 (setegid(gid)) < 0) { |
|
594
a98a2138364a
Improve capitalisation for all logged strings
Matt Johnston <matt@ucc.asn.au>
parents:
560
diff
changeset
|
274 dropbear_exit("Failed to revert euid"); |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
275 } |
|
1633
592a18dac250
Support servers without multiple user support (#76)
Patrick Stewart <patstew@gmail.com>
parents:
1631
diff
changeset
|
276 #endif |
|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
277 return ret; |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
278 } |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
279 |
|
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
280 #endif |