diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2001-07-04 03:40:39 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-07-04 03:40:39 +0000 |
commit | 248c0784bfcadea9bed9dd9b919b7e4633b4f86a (patch) | |
tree | c2df8825fc6057aec6289b99ce8180d5a89511aa /auth.c | |
parent | bda98b0091bb96ece12b6f54e7fa93cd832da772 (diff) |
- provos@cvs.openbsd.org 2001/06/25 17:54:47
[auth.c auth.h auth-rsa.c]
terminate secure_filename checking after checking homedir. that way
it works on AFS. okay markus@
Diffstat (limited to 'auth.c')
-rw-r--r-- | auth.c | 15 |
1 files changed, 13 insertions, 2 deletions
@@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth.c,v 1.24 2001/06/23 00:20:57 markus Exp $"); +RCSID("$OpenBSD: auth.c,v 1.25 2001/06/25 17:54:48 provos Exp $"); #ifdef HAVE_LOGIN_H #include <login.h> @@ -351,12 +351,17 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host, * Returns 0 on success and -1 on failure */ int -secure_filename(FILE *f, const char *file, uid_t uid, char *err, size_t errlen) +secure_filename(FILE *f, const char *file, struct passwd *pw, + char *err, size_t errlen) { + uid_t uid = pw->pw_uid; + char homedir[MAXPATHLEN]; char buf[MAXPATHLEN]; char *cp; struct stat st; + strlcpy(homedir, dirname(pw->pw_dir), sizeof(homedir)); + if (realpath(file, buf) == NULL) { snprintf(err, errlen, "realpath %s failed: %s", file, strerror(errno)); @@ -372,6 +377,8 @@ secure_filename(FILE *f, const char *file, uid_t uid, char *err, size_t errlen) return -1; } + debug3("secure_filename: terminating check at '%s'", homedir); + /* for each component of the canonical path, walking upwards */ for (;;) { if ((cp = dirname(buf)) == NULL) { @@ -380,6 +387,10 @@ secure_filename(FILE *f, const char *file, uid_t uid, char *err, size_t errlen) } strlcpy(buf, cp, sizeof(buf)); + /* If are passed the homedir then we can stop */ + if (strcmp(buf, homedir) == 0) + break; + debug3("secure_filename: checking '%s'", buf); if (stat(buf, &st) < 0 || (st.st_uid != 0 && st.st_uid != uid) || |