- (bal) auth1.c minor resync while looking at the code.

[openssh.git] / uidswap.c

diff --git a/uidswap.c b/uidswap.c
index b35cb5b849c044a92c2039d6f99a6a4fe33866b9..86c61a4b0182b0563036d08a99e9976799607f87 100644 (file)
--- a/uidswap.c
+++ b/uidswap.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: uidswap.c,v 1.21 2002/05/28 17:28:02 stevesk Exp $");
+RCSID("$OpenBSD: uidswap.c,v 1.23 2002/07/15 17:15:31 stevesk Exp $");
 
 #include "log.h"
 #include "uidswap.h"
@@ -52,8 +52,9 @@ temporarily_use_uid(struct passwd *pw)
 #ifdef SAVED_IDS_WORK_WITH_SETEUID
        saved_euid = geteuid();
        saved_egid = getegid();
-       debug("temporarily_use_uid: %u/%u (e=%u)",
-           (u_int)pw->pw_uid, (u_int)pw->pw_gid, (u_int)saved_euid);
+       debug("temporarily_use_uid: %u/%u (e=%u/%u)",
+           (u_int)pw->pw_uid, (u_int)pw->pw_gid,
+           (u_int)saved_euid, (u_int)saved_egid);
        if (saved_euid != 0) {
                privileged = 0;
                return;
@@ -80,11 +81,9 @@ temporarily_use_uid(struct passwd *pw)
                if (user_groupslen < 0)
                        fatal("getgroups: %.100s", strerror(errno));
        }
-#ifndef HAVE_CYGWIN
        /* Set the effective uid to the given (unprivileged) uid. */
        if (setgroups(user_groupslen, user_groups) < 0)
                fatal("setgroups: %.100s", strerror(errno));
-#endif /* !HAVE_CYGWIN */
 #ifndef SAVED_IDS_WORK_WITH_SETEUID
        /* Propagate the privileged gid to all of our gids. */
        if (setgid(getegid()) < 0)
@@ -107,14 +106,16 @@ temporarily_use_uid(struct passwd *pw)
 void
 restore_uid(void)
 {
-       debug("restore_uid");
        /* it's a no-op unless privileged */
-       if (!privileged)
+       if (!privileged) {
+               debug("restore_uid: (unprivileged)");
                return;
+       }
        if (!temporarily_use_uid_effective)
                fatal("restore_uid: temporarily_use_uid not effective");
 
 #ifdef SAVED_IDS_WORK_WITH_SETEUID
+       debug("restore_uid: %u/%u", (u_int)saved_euid, (u_int)saved_egid);
        /* Set the effective uid back to the saved privileged uid. */
        if (seteuid(saved_euid) < 0)
                fatal("seteuid %u: %.100s", (u_int)saved_euid, strerror(errno));
@@ -130,10 +131,8 @@ restore_uid(void)
        setgid(getgid());
 #endif /* SAVED_IDS_WORK_WITH_SETEUID */
 
-#ifndef HAVE_CYGWIN
        if (setgroups(saved_egroupslen, saved_egroups) < 0)
                fatal("setgroups: %.100s", strerror(errno));
-#endif /* !HAVE_CYGWIN */
        temporarily_use_uid_effective = 0;
 }
 
@@ -146,6 +145,8 @@ permanently_set_uid(struct passwd *pw)
 {
        if (temporarily_use_uid_effective)
                fatal("permanently_set_uid: temporarily_use_uid effective");
+       debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid,
+           (u_int)pw->pw_gid);
        if (setgid(pw->pw_gid) < 0)
                fatal("setgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno));
        if (setuid(pw->pw_uid) < 0)