X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/7a9c7a0baf3a3ffd69fe5ed6ed9be2b35c23de92..aacab402991cf3ce8991ada093d5f3058f4170af:/readpass.c

diff --git a/readpass.c b/readpass.c
index c2bacdcd..bd144c2e 100644
--- a/readpass.c
+++ b/readpass.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: readpass.c,v 1.47 2006/08/03 03:34:42 deraadt Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -23,13 +24,27 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: readpass.c,v 1.31 2004/10/29 22:53:56 djm Exp $");
+
+#include <sys/types.h>
+#include <sys/wait.h>
+
+#include <errno.h>
+#include <fcntl.h>
+#ifdef HAVE_PATHS_H
+# include <paths.h>
+#endif
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
 
 #include "xmalloc.h"
 #include "misc.h"
 #include "pathnames.h"
 #include "log.h"
 #include "ssh.h"
+#include "uidswap.h"
 
 static char *
 ssh_askpass(char *askpass, const char *msg)
@@ -53,8 +68,7 @@ ssh_askpass(char *askpass, const char *msg)
 		return NULL;
 	}
 	if (pid == 0) {
-		seteuid(getuid());
-		setuid(getuid());
+		permanently_drop_suid(getuid());
 		close(p[0]);
 		if (dup2(p[1], STDOUT_FILENO) < 0)
 			fatal("ssh_askpass: dup2: %s", strerror(errno));
@@ -106,15 +120,20 @@ read_passphrase(const char *prompt, int flags)
 	if (flags & RP_USE_ASKPASS)
 		use_askpass = 1;
 	else if (flags & RP_ALLOW_STDIN) {
-		if (!isatty(STDIN_FILENO))
+		if (!isatty(STDIN_FILENO)) {
+			debug("read_passphrase: stdin is not a tty");
 			use_askpass = 1;
+		}
 	} else {
 		rppflags |= RPP_REQUIRE_TTY;
 		ttyfd = open(_PATH_TTY, O_RDWR);
 		if (ttyfd >= 0)
 			close(ttyfd);
-		else
+		else {
+			debug("read_passphrase: can't open %s: %s", _PATH_TTY,
+			    strerror(errno));
 			use_askpass = 1;
+		}
 	}
 
 	if ((flags & RP_USE_ASKPASS) && getenv("DISPLAY") == NULL)