From fa72ddac73e3549cf5d399fae31bfb5a293ed0cc Mon Sep 17 00:00:00 2001
From: Kevin Steves <stevesk@pobox.com>
Date: Fri, 15 Dec 2000 18:39:12 +0000
Subject:  - (stevesk) OpenBSD CVS updates:    - markus@cvs.openbsd.org
 2000/12/13 16:26:53      [ssh-keyscan.c]      fatal already adds \n; from
 stevesk@pobox.com    - markus@cvs.openbsd.org 2000/12/13 16:25:44     
 [ssh-agent.c]      remove redundant spaces; from stevesk@pobox.com    -
 ho@cvs.openbsd.org 2000/12/12 15:50:21      [pty.c]      When failing to set
 tty owner and mode on a read-only filesystem, don't      abort if the tty
 already has correct owner and reasonably sane modes.      Example; permit
 'root' to login to a firewall with read-only root fs.      (markus@ ok)    -
 deraadt@cvs.openbsd.org 2000/12/13 06:36:05      [pty.c]      KNF

---
 ChangeLog     | 22 ++++++++++++++++++++--
 pty.c         | 42 ++++++++++++++++++++++++++++++++++--------
 ssh-agent.c   |  6 +++---
 ssh-keyscan.c | 14 +++++++-------
 4 files changed, 64 insertions(+), 20 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 3252d421..201aa428 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,7 +1,25 @@
+20001215
+ - (stevesk) OpenBSD CVS updates:
+   - markus@cvs.openbsd.org 2000/12/13 16:26:53
+     [ssh-keyscan.c]
+     fatal already adds \n; from stevesk@pobox.com
+   - markus@cvs.openbsd.org 2000/12/13 16:25:44
+     [ssh-agent.c]
+     remove redundant spaces; from stevesk@pobox.com
+   - ho@cvs.openbsd.org 2000/12/12 15:50:21
+     [pty.c]
+     When failing to set tty owner and mode on a read-only filesystem, don't
+     abort if the tty already has correct owner and reasonably sane modes.
+     Example; permit 'root' to login to a firewall with read-only root fs.
+     (markus@ ok)
+   - deraadt@cvs.openbsd.org 2000/12/13 06:36:05
+     [pty.c]
+     KNF
+
 20001213
  - (djm) Make sure we reset the SIGPIPE disposition after we fork. Report
    from Andreas M. Kirchwitz <amk@krell.zikzak.de>
- - (stevesk) OpenSSH CVS update:
+ - (stevesk) OpenBSD CVS update:
    - markus@cvs.openbsd.org 2000/12/12 15:30:02
      [ssh-keyscan.c ssh.c sshd.c]
      consistently use __progname; from stevesk@pobox.com	
@@ -62,7 +80,7 @@
      tweak comment to reflect real location of pid file; ok provos@
  - (stevesk) Import <sys/queue.h> from OpenBSD for systems that don't
    have it (used in ssh-keyscan).
- - (stevesk) OpenSSH CVS update:
+ - (stevesk) OpenBSD CVS update:
    - markus@cvs.openbsd.org 2000/12/06 19:57:48
      [ssh-keyscan.c]
      err(3) -> internal error(), from stevesk@sweden.hp.com
diff --git a/pty.c b/pty.c
index 40bfd529..d05cb89a 100644
--- a/pty.c
+++ b/pty.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: pty.c,v 1.16 2000/09/07 21:13:37 markus Exp $");
+RCSID("$OpenBSD: pty.c,v 1.18 2000/12/13 06:36:05 deraadt Exp $");
 
 #ifdef HAVE_UTIL_H
 # include <util.h>
@@ -291,6 +291,7 @@ pty_setowner(struct passwd *pw, const char *ttyname)
 	struct group *grp;
 	gid_t gid;
 	mode_t mode;
+	struct stat st;
 
 	/* Determine the group to make the owner of the tty. */
 	grp = getgrnam("tty");
@@ -302,11 +303,36 @@ pty_setowner(struct passwd *pw, const char *ttyname)
 		mode = S_IRUSR | S_IWUSR | S_IWGRP | S_IWOTH;
 	}
 
-	/* Change ownership of the tty. */
-	if (chown(ttyname, pw->pw_uid, gid) < 0)
-		fatal("chown(%.100s, %d, %d) failed: %.100s",
-		    ttyname, pw->pw_uid, gid, strerror(errno));
-	if (chmod(ttyname, mode) < 0)
-		fatal("chmod(%.100s, 0%o) failed: %.100s",
-		    ttyname, mode, strerror(errno));
+	/*
+	 * Change owner and mode of the tty as required.
+	 * Warn but continue if filesystem is read-only and the uids match.
+	 */
+	if (stat(ttyname, &st))
+		fatal("stat(%.100s) failed: %.100s", ttyname,
+		    strerror(errno));
+
+	if (st.st_uid != pw->pw_uid || st.st_gid != gid) {
+		if (chown(ttyname, pw->pw_uid, gid) < 0) {
+			if (errno == EROFS && st.st_uid == pw->pw_uid)
+				error("chown(%.100s, %d, %d) failed: %.100s",
+				      ttyname, pw->pw_uid, gid, 
+				      strerror(errno));
+			else
+				fatal("chown(%.100s, %d, %d) failed: %.100s",
+				      ttyname, pw->pw_uid, gid, 
+				      strerror(errno));
+		}
+	}
+
+	if ((st.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO)) != mode) {
+		if (chmod(ttyname, mode) < 0) {
+			if (errno == EROFS &&
+			    (st.st_mode & (S_IRGRP | S_IROTH)) == 0)
+				error("chmod(%.100s, 0%o) failed: %.100s",
+				      ttyname, mode, strerror(errno));
+			else
+				fatal("chmod(%.100s, 0%o) failed: %.100s",
+				      ttyname, mode, strerror(errno));
+		}
+	}
 }
diff --git a/ssh-agent.c b/ssh-agent.c
index b98d9550..c5e4447c 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ssh-agent.c,v 1.42 2000/12/09 14:06:54 markus Exp $	*/
+/*	$OpenBSD: ssh-agent.c,v 1.43 2000/12/13 23:25:44 markus Exp $	*/
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -37,7 +37,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.42 2000/12/09 14:06:54 markus Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.43 2000/12/13 23:25:44 markus Exp $");
 
 #include "ssh.h"
 #include "rsa.h"
@@ -242,7 +242,7 @@ process_sign_request2(SocketEntry *e)
 	int ok = -1;
 
 	datafellows = 0;
-	
+
 	blob = buffer_get_string(&e->input, &blen);
 	data = buffer_get_string(&e->input, &dlen);
 
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index 13f9673b..60341c9e 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -329,9 +329,9 @@ conalloc(char *iname, char *oname)
 	} while ((s = tcpconnect(name)) < 0);
 
 	if (s >= maxfd)
-		fatal("conalloc: fdno %d too high\n", s);
+		fatal("conalloc: fdno %d too high", s);
 	if (fdcon[s].c_status)
-		fatal("conalloc: attempt to reuse fdno %d\n", s);
+		fatal("conalloc: attempt to reuse fdno %d", s);
 
 	fdcon[s].c_fd = s;
 	fdcon[s].c_status = CS_CON;
@@ -355,7 +355,7 @@ confree(int s)
 {
 	close(s);
 	if (s >= maxfd || fdcon[s].c_status == CS_UNUSED)
-		fatal("confree: attempt to free bad fdno %d\n", s);
+		fatal("confree: attempt to free bad fdno %d", s);
 	free(fdcon[s].c_namebase);
 	free(fdcon[s].c_output_name);
 	if (fdcon[s].c_status == CS_KEYS)
@@ -455,7 +455,7 @@ conread(int s)
 			return;
 			break;
 		default:
-			fatal("conread: invalid status %d\n", c->c_status);
+			fatal("conread: invalid status %d", c->c_status);
 			break;
 		}
 
@@ -548,7 +548,7 @@ nexthost(int argc, char **argv)
 static void
 usage(void)
 {
-	fatal("usage: %s [-t timeout] { [--] host | -f file } ...\n", __progname);
+	fatal("usage: %s [-t timeout] { [--] host | -f file } ...", __progname);
 	return;
 }
 
@@ -580,11 +580,11 @@ main(int argc, char **argv)
 
 	maxfd = fdlim_get(1);
 	if (maxfd < 0)
-		fatal("%s: fdlim_get: bad value\n", __progname);
+		fatal("%s: fdlim_get: bad value", __progname);
 	if (maxfd > MAXMAXFD)
 		maxfd = MAXMAXFD;
 	if (maxcon <= 0)
-		fatal("%s: not enough file descriptors\n", __progname);
+		fatal("%s: not enough file descriptors", __progname);
 	if (maxfd > fdlim_get(0))
 		fdlim_set(maxfd);
 	fdcon = xmalloc(maxfd * sizeof(con));
-- 
cgit v1.2.3