Mercurial > dropbear

comparison svr-agentfwd.c @ 1633:592a18dac250

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Support servers without multiple user support (#76)
author Patrick Stewart <patstew@gmail.com>
date Wed, 20 Mar 2019 14:44:49 +0000
parents 292f79307600
children a7cc3332d8ab
comparison
equal deleted inserted replaced
1632:c4bf28ccab97 1633:592a18dac250
149 chansess->agentlistener = NULL; 149 chansess->agentlistener = NULL;
150 } 150 }
151 151
152 if (chansess->agentfile != NULL && chansess->agentdir != NULL) { 152 if (chansess->agentfile != NULL && chansess->agentdir != NULL) {
153 153
154 #if DROPBEAR_SVR_MULTIUSER
154 /* Remove the dir as the user. That way they can't cause problems except 155 /* Remove the dir as the user. That way they can't cause problems except
155 * for themselves */ 156 * for themselves */
156 uid = getuid(); 157 uid = getuid();
157 gid = getgid(); 158 gid = getgid();
158 if ((setegid(ses.authstate.pw_gid)) < 0 || 159 if ((setegid(ses.authstate.pw_gid)) < 0 ||
159 (seteuid(ses.authstate.pw_uid)) < 0) { 160 (seteuid(ses.authstate.pw_uid)) < 0) {
160 dropbear_exit("Failed to set euid"); 161 dropbear_exit("Failed to set euid");
161 } 162 }
163 #endif
162 164
163 /* 2 for "/" and "\0" */ 165 /* 2 for "/" and "\0" */
164 len = strlen(chansess->agentdir) + strlen(chansess->agentfile) + 2; 166 len = strlen(chansess->agentdir) + strlen(chansess->agentfile) + 2;
165 167
166 path = m_malloc(len); 168 path = m_malloc(len);
168 unlink(path); 170 unlink(path);
169 m_free(path); 171 m_free(path);
170 172
171 rmdir(chansess->agentdir); 173 rmdir(chansess->agentdir);
172 174
175 #if DROPBEAR_SVR_MULTIUSER
173 if ((seteuid(uid)) < 0 || 176 if ((seteuid(uid)) < 0 ||
174 (setegid(gid)) < 0) { 177 (setegid(gid)) < 0) {
175 dropbear_exit("Failed to revert euid"); 178 dropbear_exit("Failed to revert euid");
176 } 179 }
180 #endif
177 181
178 m_free(chansess->agentfile); 182 m_free(chansess->agentfile);
179 m_free(chansess->agentdir); 183 m_free(chansess->agentdir);
180 } 184 }
181 185
214 int i; 218 int i;
215 uid_t uid; 219 uid_t uid;
216 gid_t gid; 220 gid_t gid;
217 int ret = DROPBEAR_FAILURE; 221 int ret = DROPBEAR_FAILURE;
218 222
223 #if DROPBEAR_SVR_MULTIUSER
219 /* drop to user privs to make the dir/file */ 224 /* drop to user privs to make the dir/file */
220 uid = getuid(); 225 uid = getuid();
221 gid = getgid(); 226 gid = getgid();
222 if ((setegid(ses.authstate.pw_gid)) < 0 || 227 if ((setegid(ses.authstate.pw_gid)) < 0 ||
223 (seteuid(ses.authstate.pw_uid)) < 0) { 228 (seteuid(ses.authstate.pw_uid)) < 0) {
224 dropbear_exit("Failed to set euid"); 229 dropbear_exit("Failed to set euid");
225 } 230 }
231 #endif
226 232
227 memset((void*)&addr, 0x0, sizeof(addr)); 233 memset((void*)&addr, 0x0, sizeof(addr));
228 addr.sun_family = AF_UNIX; 234 addr.sun_family = AF_UNIX;
229 235
230 mode = S_IRWXU; 236 mode = S_IRWXU;
260 ret = DROPBEAR_SUCCESS; 266 ret = DROPBEAR_SUCCESS;
261 } 267 }
262 268
263 269
264 out: 270 out:
271 #if DROPBEAR_SVR_MULTIUSER
265 if ((seteuid(uid)) < 0 || 272 if ((seteuid(uid)) < 0 ||
266 (setegid(gid)) < 0) { 273 (setegid(gid)) < 0) {
267 dropbear_exit("Failed to revert euid"); 274 dropbear_exit("Failed to revert euid");
268 } 275 }
276 #endif
269 return ret; 277 return ret;
270 } 278 }
271 279
272 #endif 280 #endif