#include "includes.h"
#include "openbsd-compat/fake-queue.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.101 2002/08/22 19:27:53 stevesk Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.103 2002/09/10 20:24:47 markus Exp $");
#include <openssl/evp.h>
#include <openssl/md5.h>
static void
close_socket(SocketEntry *e)
{
- shutdown(e->fd, SHUT_RDWR);
close(e->fd);
e->fd = -1;
e->type = AUTH_UNUSED;
char buf[1024];
int len, sock;
u_int i;
+ uid_t euid;
+ gid_t egid;
for (i = 0; i < sockets_alloc; i++)
switch (sockets[i].type) {
strerror(errno));
break;
}
+ if (getpeereid(sock, &euid, &egid) < 0) {
+ error("getpeereid %d failed: %s",
+ sock, strerror(errno));
+ close(sock);
+ break;
+ }
+ if (getuid() != euid) {
+ error("uid mismatch: "
+ "peer euid %d != uid %d",
+ (int) euid, (int) getuid());
+ close(sock);
+ break;
+ }
new_socket(AUTH_CONNECTION, sock);
}
break;