diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2018-06-01 03:33:53 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2018-06-01 13:35:59 +1000 |
| commit | 9c935dd9bf05628826ad2495d3e8bdf3d3271c21 (patch) | |
| tree | 35ccf63e51d3daf2fa927b843d813295e41e96e6 /auth2-pubkey.c | |
| parent | d8748b91d1d6c108c0c260ed41fa55f37b9ef34b (diff) | |
upstream: make UID available as a %-expansion everywhere that the
username is available currently. In the client this is via %i, in the server
%U (since %i was already used in the client in some places for this, but used
for something different in the server); bz#2870, ok dtucker@
OpenBSD-Commit-ID: c7e912b0213713316cb55db194b3a6415b3d4b95
Diffstat (limited to 'auth2-pubkey.c')
| -rw-r--r-- | auth2-pubkey.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 8024b1d6..5603f5ef 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.77 2018/03/03 03:15:51 djm Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.78 2018/06/01 03:33:53 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -387,7 +387,7 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw, pid_t pid; char *tmp, *username = NULL, *command = NULL, **av = NULL; char *ca_fp = NULL, *key_fp = NULL, *catext = NULL, *keytext = NULL; - char serial_s[16]; + char serial_s[16], uidstr[32]; void (*osigchld)(int); if (authoptsp != NULL) @@ -447,8 +447,11 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw, } snprintf(serial_s, sizeof(serial_s), "%llu", (unsigned long long)cert->serial); + snprintf(uidstr, sizeof(uidstr), "%llu", + (unsigned long long)user_pw->pw_uid); for (i = 1; i < ac; i++) { tmp = percent_expand(av[i], + "U", uidstr, "u", user_pw->pw_name, "h", user_pw->pw_dir, "t", sshkey_ssh_name(key), @@ -852,7 +855,7 @@ user_key_command_allowed2(struct ssh *ssh, struct passwd *user_pw, int i, uid_swapped = 0, ac = 0; pid_t pid; char *username = NULL, *key_fp = NULL, *keytext = NULL; - char *tmp, *command = NULL, **av = NULL; + char uidstr[32], *tmp, *command = NULL, **av = NULL; void (*osigchld)(int); if (authoptsp != NULL) @@ -902,8 +905,11 @@ user_key_command_allowed2(struct ssh *ssh, struct passwd *user_pw, command); goto out; } + snprintf(uidstr, sizeof(uidstr), "%llu", + (unsigned long long)user_pw->pw_uid); for (i = 1; i < ac; i++) { tmp = percent_expand(av[i], + "U", uidstr, "u", user_pw->pw_name, "h", user_pw->pw_dir, "t", sshkey_ssh_name(key), |