| @@ -1,97 +1,92 @@ | | | @@ -1,97 +1,92 @@ |
1 | $NetBSD: patch-ao,v 1.10 2008/04/03 07:59:08 tonnerre Exp $ | | 1 | $NetBSD: patch-ao,v 1.11 2008/04/08 06:36:47 taca Exp $ |
| | | 2 | |
| | | 3 | One more replacing 0 with ROOTUID is handled by using SUBST framework |
| | | 4 | because patch can't handle it when hpn-patch option is enabled. |
| | | 5 | So, don't simply update this file with mkpatch command. |
2 | | | 6 | |
3 | --- session.c.orig 2007-08-16 13:28:04.000000000 +0000 | | 7 | --- session.c.orig 2007-08-16 13:28:04.000000000 +0000 |
4 | +++ session.c | | 8 | +++ session.c |
5 | @@ -347,7 +347,7 @@ do_authenticated1(Authctxt *authctxt) | | | |
6 | break; | | | |
7 | } | | | |
8 | debug("Received TCP/IP port forwarding request."); | | | |
9 | - if (channel_input_port_forward_request(s->pw->pw_uid == 0, | | | |
10 | + if (channel_input_port_forward_request(s->pw->pw_uid == ROOTUID, | | | |
11 | options.gateway_ports) < 0) { | | | |
12 | debug("Port forwarding failed."); | | | |
13 | break; | | | |
14 | @@ -954,7 +954,7 @@ read_etc_default_login(char ***env, u_in | | 9 | @@ -954,7 +954,7 @@ read_etc_default_login(char ***env, u_in |
15 | if (tmpenv == NULL) | | 10 | if (tmpenv == NULL) |
16 | return; | | 11 | return; |
17 | | | 12 | |
18 | - if (uid == 0) | | 13 | - if (uid == 0) |
19 | + if (uid == ROOTUID) | | 14 | + if (uid == ROOTUID) |
20 | var = child_get_env(tmpenv, "SUPATH"); | | 15 | var = child_get_env(tmpenv, "SUPATH"); |
21 | else | | 16 | else |
22 | var = child_get_env(tmpenv, "PATH"); | | 17 | var = child_get_env(tmpenv, "PATH"); |
23 | @@ -1063,7 +1063,7 @@ do_setup_env(Session *s, const char *she | | 18 | @@ -1063,7 +1063,7 @@ do_setup_env(Session *s, const char *she |
24 | # endif /* HAVE_ETC_DEFAULT_LOGIN */ | | 19 | # endif /* HAVE_ETC_DEFAULT_LOGIN */ |
25 | if (path == NULL || *path == '\0') { | | 20 | if (path == NULL || *path == '\0') { |
26 | child_set_env(&env, &envsize, "PATH", | | 21 | child_set_env(&env, &envsize, "PATH", |
27 | - s->pw->pw_uid == 0 ? | | 22 | - s->pw->pw_uid == 0 ? |
28 | + s->pw->pw_uid == ROOTUID ? | | 23 | + s->pw->pw_uid == ROOTUID ? |
29 | SUPERUSER_PATH : _PATH_STDPATH); | | 24 | SUPERUSER_PATH : _PATH_STDPATH); |
30 | } | | 25 | } |
31 | # endif /* HAVE_CYGWIN */ | | 26 | # endif /* HAVE_CYGWIN */ |
32 | @@ -1177,6 +1177,18 @@ do_setup_env(Session *s, const char *she | | 27 | @@ -1177,6 +1177,18 @@ do_setup_env(Session *s, const char *she |
33 | strcmp(pw->pw_dir, "/") ? pw->pw_dir : ""); | | 28 | strcmp(pw->pw_dir, "/") ? pw->pw_dir : ""); |
34 | read_environment_file(&env, &envsize, buf); | | 29 | read_environment_file(&env, &envsize, buf); |
35 | } | | 30 | } |
36 | + | | 31 | + |
37 | +#ifdef HAVE_INTERIX | | 32 | +#ifdef HAVE_INTERIX |
38 | + { | | 33 | + { |
39 | + /* copy standard Windows environment, then apply changes */ | | 34 | + /* copy standard Windows environment, then apply changes */ |
40 | + env_t *winenv = env_login(pw); | | 35 | + env_t *winenv = env_login(pw); |
41 | + env_putarray(winenv, env, ENV_OVERRIDE); | | 36 | + env_putarray(winenv, env, ENV_OVERRIDE); |
42 | + | | 37 | + |
43 | + /* swap over to altered environment as a traditional array */ | | 38 | + /* swap over to altered environment as a traditional array */ |
44 | + env = env_array(winenv); | | 39 | + env = env_array(winenv); |
45 | + } | | 40 | + } |
46 | +#endif | | 41 | +#endif |
47 | + | | 42 | + |
48 | if (debug_flag) { | | 43 | if (debug_flag) { |
49 | /* dump the environment */ | | 44 | /* dump the environment */ |
50 | fprintf(stderr, "Environment:\n"); | | 45 | fprintf(stderr, "Environment:\n"); |
51 | @@ -1201,8 +1213,9 @@ do_rc_files(Session *s, const char *shel | | 46 | @@ -1201,8 +1213,9 @@ do_rc_files(Session *s, const char *shel |
52 | do_xauth = | | 47 | do_xauth = |
53 | s->display != NULL && s->auth_proto != NULL && s->auth_data != NULL; | | 48 | s->display != NULL && s->auth_proto != NULL && s->auth_data != NULL; |
54 | | | 49 | |
55 | - /* ignore _PATH_SSH_USER_RC for subsystems */ | | 50 | - /* ignore _PATH_SSH_USER_RC for subsystems */ |
56 | - if (!s->is_subsystem && (stat(_PATH_SSH_USER_RC, &st) >= 0)) { | | 51 | - if (!s->is_subsystem && (stat(_PATH_SSH_USER_RC, &st) >= 0)) { |
57 | + /* ignore _PATH_SSH_USER_RC for subsystems and admin forced commands */ | | 52 | + /* ignore _PATH_SSH_USER_RC for subsystems and admin forced commands */ |
58 | + if (!s->is_subsystem && options.adm_forced_command == NULL && | | 53 | + if (!s->is_subsystem && options.adm_forced_command == NULL && |
59 | + (stat(_PATH_SSH_USER_RC, &st) >= 0)) { | | 54 | + (stat(_PATH_SSH_USER_RC, &st) >= 0)) { |
60 | snprintf(cmd, sizeof cmd, "%s -c '%s %s'", | | 55 | snprintf(cmd, sizeof cmd, "%s -c '%s %s'", |
61 | shell, _PATH_BSHELL, _PATH_SSH_USER_RC); | | 56 | shell, _PATH_BSHELL, _PATH_SSH_USER_RC); |
62 | if (debug_flag) | | 57 | if (debug_flag) |
63 | @@ -1287,9 +1300,9 @@ do_nologin(struct passwd *pw) | | 58 | @@ -1287,9 +1300,9 @@ do_nologin(struct passwd *pw) |
64 | void | | 59 | void |
65 | do_setusercontext(struct passwd *pw) | | 60 | do_setusercontext(struct passwd *pw) |
66 | { | | 61 | { |
67 | -#ifndef HAVE_CYGWIN | | 62 | -#ifndef HAVE_CYGWIN |
68 | +#if !defined(HAVE_CYGWIN) && !defined(HAVE_INTERIX) | | 63 | +#if !defined(HAVE_CYGWIN) && !defined(HAVE_INTERIX) |
69 | if (getuid() == 0 || geteuid() == 0) | | 64 | if (getuid() == 0 || geteuid() == 0) |
70 | -#endif /* HAVE_CYGWIN */ | | 65 | -#endif /* HAVE_CYGWIN */ |
71 | +#endif /* !HAVE_CYGWIN && !HAVE_INTERIX */ | | 66 | +#endif /* !HAVE_CYGWIN && !HAVE_INTERIX */ |
72 | { | | 67 | { |
73 | | | 68 | |
74 | #ifdef HAVE_SETPCRED | | 69 | #ifdef HAVE_SETPCRED |
75 | @@ -1331,11 +1344,13 @@ do_setusercontext(struct passwd *pw) | | 70 | @@ -1331,11 +1344,13 @@ do_setusercontext(struct passwd *pw) |
76 | perror("setgid"); | | 71 | perror("setgid"); |
77 | exit(1); | | 72 | exit(1); |
78 | } | | 73 | } |
79 | +# if !defined(HAVE_INTERIX) | | 74 | +# if !defined(HAVE_INTERIX) |
80 | /* Initialize the group list. */ | | 75 | /* Initialize the group list. */ |
81 | if (initgroups(pw->pw_name, pw->pw_gid) < 0) { | | 76 | if (initgroups(pw->pw_name, pw->pw_gid) < 0) { |
82 | perror("initgroups"); | | 77 | perror("initgroups"); |
83 | exit(1); | | 78 | exit(1); |
84 | } | | 79 | } |
85 | +# endif /* !HAVE_INTERIX */ | | 80 | +# endif /* !HAVE_INTERIX */ |
86 | endgrent(); | | 81 | endgrent(); |
87 | #ifdef GSSAPI | | 82 | #ifdef GSSAPI |
88 | if (options.gss_authentication) { | | 83 | if (options.gss_authentication) { |
89 | @@ -2086,7 +2101,7 @@ session_pty_cleanup2(Session *s) | | 84 | @@ -2086,7 +2101,7 @@ session_pty_cleanup2(Session *s) |
90 | record_logout(s->pid, s->tty, s->pw->pw_name); | | 85 | record_logout(s->pid, s->tty, s->pw->pw_name); |
91 | | | 86 | |
92 | /* Release the pseudo-tty. */ | | 87 | /* Release the pseudo-tty. */ |
93 | - if (getuid() == 0) | | 88 | - if (getuid() == 0) |
94 | + if (getuid() == ROOTUID) | | 89 | + if (getuid() == ROOTUID) |
95 | pty_release(s->tty); | | 90 | pty_release(s->tty); |
96 | | | 91 | |
97 | /* | | 92 | /* |