From 7ebb635d812d68772ce3fb0b64d798c54fbfab71 Mon Sep 17 00:00:00 2001 From: Ben Lindstrom Date: Fri, 22 Mar 2002 03:04:08 +0000 Subject: [PATCH] - markus@cvs.openbsd.org 2002/03/19 14:27:39 [auth.c auth1.c auth2.c] make getpwnamallow() allways call pwcopy() --- ChangeLog | 5 ++++- auth.c | 5 +++-- auth1.c | 22 ++++++---------------- auth2.c | 10 ++-------- 4 files changed, 15 insertions(+), 27 deletions(-) diff --git a/ChangeLog b/ChangeLog index bbc811fe9..43bdf3c48 100644 --- a/ChangeLog +++ b/ChangeLog @@ -94,6 +94,9 @@ sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c sshconnect2.c sshd.c ttymodes.c] KNF whitespace + - markus@cvs.openbsd.org 2002/03/19 14:27:39 + [auth.c auth1.c auth2.c] + make getpwnamallow() allways call pwcopy() 20020317 - (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is wanted, @@ -7940,4 +7943,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1951 2002/03/22 02:54:23 mouring Exp $ +$Id: ChangeLog,v 1.1952 2002/03/22 03:04:08 mouring Exp $ diff --git a/auth.c b/auth.c index d521eae28..f368faf21 100644 --- a/auth.c +++ b/auth.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth.c,v 1.39 2002/03/19 10:49:35 markus Exp $"); +RCSID("$OpenBSD: auth.c,v 1.40 2002/03/19 14:27:39 markus Exp $"); #ifdef HAVE_LOGIN_H #include @@ -48,6 +48,7 @@ RCSID("$OpenBSD: auth.c,v 1.39 2002/03/19 10:49:35 markus Exp $"); #include "bufaux.h" #include "uidswap.h" #include "tildexpand.h" +#include "misc.h" /* import */ extern ServerOptions options; @@ -469,5 +470,5 @@ getpwnamallow(const char *user) auth_close(as); #endif #endif - return (pw); + return (pwcopy(pw)); } diff --git a/auth1.c b/auth1.c index ca288958e..8553bfa2f 100644 --- a/auth1.c +++ b/auth1.c @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth1.c,v 1.38 2002/03/18 17:50:31 provos Exp $"); +RCSID("$OpenBSD: auth1.c,v 1.39 2002/03/19 14:27:39 markus Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -24,7 +24,6 @@ RCSID("$OpenBSD: auth1.c,v 1.38 2002/03/18 17:50:31 provos Exp $"); #include "auth.h" #include "channels.h" #include "session.h" -#include "misc.h" #include "uidswap.h" #include "monitor_wrap.h" @@ -359,7 +358,6 @@ Authctxt * do_authentication(void) { Authctxt *authctxt; - struct passwd *pw = NULL, *pwent; u_int ulen; char *p, *user, *style = NULL; @@ -382,21 +380,12 @@ do_authentication(void) authctxt->style = style; /* Verify that the user is a valid user. */ - pwent = PRIVSEP(getpwnamallow(user)); - if (pwent) { + if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL) authctxt->valid = 1; - pw = pwcopy(pwent); - } else { + else debug("do_authentication: illegal user %s", user); - pw = NULL; - } - /* Free memory */ - if (use_privsep && pwent != NULL) - pwfree(pwent); - authctxt->pw = pw; - - setproctitle("%s%s", pw ? user : "unknown", + setproctitle("%s%s", authctxt->pw ? user : "unknown", use_privsep ? " [net]" : ""); #ifdef USE_PAM @@ -408,7 +397,8 @@ do_authentication(void) * the server. (Unless you are running Windows) */ #ifndef HAVE_CYGWIN - if (!use_privsep && getuid() != 0 && pw && pw->pw_uid != getuid()) + if (!use_privsep && getuid() != 0 && authctxt->pw && + authctxt->pw->pw_uid != getuid()) packet_disconnect("Cannot change user when server not running as root."); #endif diff --git a/auth2.c b/auth2.c index 9bfcde5c1..98e1eda1a 100644 --- a/auth2.c +++ b/auth2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2.c,v 1.88 2002/03/18 17:50:31 provos Exp $"); +RCSID("$OpenBSD: auth2.c,v 1.89 2002/03/19 14:27:39 markus Exp $"); #include @@ -47,7 +47,6 @@ RCSID("$OpenBSD: auth2.c,v 1.88 2002/03/18 17:50:31 provos Exp $"); #include "pathnames.h" #include "uidswap.h" #include "auth-options.h" -#include "misc.h" #include "hostfile.h" #include "canohost.h" #include "match.h" @@ -200,16 +199,11 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) start_pam("NOUSER"); #endif } - /* Free memory */ - if (use_privsep && pw != NULL) - pwfree(pw); - - setproctitle("%s%s", pw ? user : "unknown", + setproctitle("%s%s", authctxt->pw ? user : "unknown", use_privsep ? " [net]" : ""); authctxt->user = xstrdup(user); authctxt->service = xstrdup(service); authctxt->style = style ? xstrdup(style) : NULL; - if (use_privsep) mm_inform_authserv(service, style); } else if (strcmp(user, authctxt->user) != 0 ||