- provos@cvs.openbsd.org 2001/06/25 17:54:47

     [auth.c auth.h auth-rsa.c]
     terminate secure_filename checking after checking homedir.  that way
     it works on AFS.  okay markus@

diff --git a/ChangeLog b/ChangeLog
index 74755d407d62a47d95ab16b596a1f73fbd372f2a..1369d1cdddf4399334a79e4e17cea29d496923f5 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -9,6 +9,10 @@
      [ssh-keygen.1]
      sshd(8) will never read the private keys, but ssh(1) does; 
      hugh@mimosa.com
+   - provos@cvs.openbsd.org 2001/06/25 17:54:47
+     [auth.c auth.h auth-rsa.c]
+     terminate secure_filename checking after checking homedir.  that way 
+     it
 
 20010629
  - (bal) Removed net_aton() since we don't use it any more

diff --git a/auth-rsa.c b/auth-rsa.c
index 899daae3b78944427004ff951df33a44cd8cdb1d..ec8f6ce2188f43ac013bdb4fe340722d2f29c8ce 100644 (file)
--- a/auth-rsa.c
+++ b/auth-rsa.c
@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth-rsa.c,v 1.42 2001/06/22 21:55:48 markus Exp $");
+RCSID("$OpenBSD: auth-rsa.c,v 1.43 2001/06/25 17:54:47 provos Exp $");
 
 #include <openssl/rsa.h>
 #include <openssl/md5.h>
@@ -159,7 +159,7 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
                return 0;
        }
        if (options.strict_modes &&
-           secure_filename(f, file, pw->pw_uid, line, sizeof(line)) != 0) {
+           secure_filename(f, file, pw, line, sizeof(line)) != 0) {
                xfree(file);
                fclose(f);
                log("Authentication refused: %s", line);

diff --git a/auth.c b/auth.c
index 9abcdde1dda615178d4e9aac51765096c789c584..892bb261a15e7c0d47fc602c93ab816cd1787959 100644 (file)
--- a/auth.c
+++ b/auth.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth.c,v 1.24 2001/06/23 00:20:57 markus Exp $");
+RCSID("$OpenBSD: auth.c,v 1.25 2001/06/25 17:54:48 provos Exp $");
 
 #ifdef HAVE_LOGIN_H
 #include <login.h>
@@ -351,12 +351,17 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,
  * Returns 0 on success and -1 on failure
  */
 int
-secure_filename(FILE *f, const char *file, uid_t uid, char *err, size_t errlen)
+secure_filename(FILE *f, const char *file, struct passwd *pw,
+    char *err, size_t errlen)
 {
+       uid_t uid = pw->pw_uid;
+       char homedir[MAXPATHLEN];
        char buf[MAXPATHLEN];
        char *cp;
        struct stat st;
 
+       strlcpy(homedir, dirname(pw->pw_dir), sizeof(homedir));
+
        if (realpath(file, buf) == NULL) {
                snprintf(err, errlen, "realpath %s failed: %s", file,
                    strerror(errno));
@@ -372,6 +377,8 @@ secure_filename(FILE *f, const char *file, uid_t uid, char *err, size_t errlen)
                return -1;
        }
 
+       debug3("secure_filename: terminating check at '%s'", homedir);
+
        /* for each component of the canonical path, walking upwards */
        for (;;) {
                if ((cp = dirname(buf)) == NULL) {
@@ -380,6 +387,10 @@ secure_filename(FILE *f, const char *file, uid_t uid, char *err, size_t errlen)
                }
                strlcpy(buf, cp, sizeof(buf));
 
+               /* If are passed the homedir then we can stop */
+               if (strcmp(buf, homedir) == 0)
+                       break;
+
                debug3("secure_filename: checking '%s'", buf);
                if (stat(buf, &st) < 0 ||
                    (st.st_uid != 0 && st.st_uid != uid) ||

diff --git a/auth.h b/auth.h
index b9585d3af466d0b876d25a06171f374742fa71cd..415967c2c6952283bd82866dce9ad18960d3b7dc 100644 (file)
--- a/auth.h
+++ b/auth.h
@@ -21,7 +21,7 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
- * $OpenBSD: auth.h,v 1.18 2001/06/23 00:20:58 markus Exp $
+ * $OpenBSD: auth.h,v 1.19 2001/06/25 17:54:49 provos Exp $
  */
 #ifndef AUTH_H
 #define AUTH_H
@@ -168,7 +168,8 @@ char        *authorized_keys_file2(struct passwd *pw);
 
 /* check a file and the path to it */
 int
-secure_filename(FILE *f, const char *file, uid_t u, char *err, size_t errlen);
+secure_filename(FILE *f, const char *file, struct passwd *pw,
+    char *err, size_t errlen);
 
 /* helper for hostbased auth */
 HostStatus