diff options
| author | tb <tb@cvs.openbsd.org> | 2016-02-21 22:53:41 +0000 |
|---|---|---|
| committer | tb <tb@cvs.openbsd.org> | 2016-02-21 22:53:41 +0000 |
| commit | acc5eca97ee988302cf3e73db82db90aa7ace8a8 (patch) | |
| tree | 9c44527e636d506c9eda9221b68d8430e3a7d5e3 | |
| parent | 5e73a7beb3213240974117896b61c61a8bcb3664 (diff) | |
Fix skeyinit -E by hoisting argument parsing and the call to enable_db()
above the calls to pledge(): /etc/skey wants to have its sticky bit.
ok deraadt@
| -rw-r--r-- | usr.bin/skeyinit/skeyinit.c | 40 |
1 files changed, 20 insertions, 20 deletions
diff --git a/usr.bin/skeyinit/skeyinit.c b/usr.bin/skeyinit/skeyinit.c index 70e2517d3a0..10a0ae15c8d 100644 --- a/usr.bin/skeyinit/skeyinit.c +++ b/usr.bin/skeyinit/skeyinit.c @@ -1,4 +1,4 @@ -/* $OpenBSD: skeyinit.c,v 1.68 2015/11/29 19:10:44 deraadt Exp $ */ +/* $OpenBSD: skeyinit.c,v 1.69 2016/02/21 22:53:40 tb Exp $ */ /* OpenBSD S/Key (skeyinit.c) * @@ -55,29 +55,10 @@ main(int argc, char **argv) struct skey skey; struct passwd *pp; - if (pledge("stdio rpath wpath cpath fattr flock tty proc exec getpw", - NULL) == -1) - err(1, "pledge"); - n = rmkey = hexmode = enable = 0; defaultsetup = 1; ht = auth_type = NULL; - /* Build up a default seed based on the hostname and some randomness */ - if (gethostname(hostname, sizeof(hostname)) < 0) - err(1, "gethostname"); - for (i = 0, p = seed; hostname[i] && i < SKEY_NAMELEN; i++) { - if (isalnum((unsigned char)hostname[i])) - *p++ = tolower((unsigned char)hostname[i]); - } - for (i = 0; i < 5; i++) - *p++ = arc4random_uniform(10) + '0'; - *p = '\0'; - - if ((pp = getpwuid(getuid())) == NULL) - err(1, "no user with uid %u", getuid()); - (void)strlcpy(me, pp->pw_name, sizeof me); - for (i = 1; i < argc && argv[i][0] == '-' && strcmp(argv[i], "--");) { if (argv[i][2] == '\0') { /* Single character switch */ @@ -136,6 +117,25 @@ main(int argc, char **argv) exit(0); } + if (pledge("stdio rpath wpath cpath fattr flock tty proc exec getpw", + NULL) == -1) + err(1, "pledge"); + + /* Build up a default seed based on the hostname and some randomness */ + if (gethostname(hostname, sizeof(hostname)) < 0) + err(1, "gethostname"); + for (i = 0, p = seed; hostname[i] && i < SKEY_NAMELEN; i++) { + if (isalnum((unsigned char)hostname[i])) + *p++ = tolower((unsigned char)hostname[i]); + } + for (i = 0; i < 5; i++) + *p++ = arc4random_uniform(10) + '0'; + *p = '\0'; + + if ((pp = getpwuid(getuid())) == NULL) + err(1, "no user with uid %u", getuid()); + (void)strlcpy(me, pp->pw_name, sizeof me); + /* Check for optional user string. */ if (argc == 1) { if ((pp = getpwnam(argv[0])) == NULL) { |