diff options
author | Henning Brauer <henning@cvs.openbsd.org> | 2004-05-13 17:14:56 +0000 |
---|---|---|
committer | Henning Brauer <henning@cvs.openbsd.org> | 2004-05-13 17:14:56 +0000 |
commit | 2125db2d855a542bbe0dcdf2ad4f173f365b6e1a (patch) | |
tree | d4b9985705767f8d89b797b2220f2cad2c1af13a /usr.sbin | |
parent | 6190a591a847fe888db6d21343087e12069c3c3e (diff) |
as the authpf manpage describes, the connecting user's shell can be
overloaded via login.conf. When verifying that the user's login shell is
indeed authpf it is not sufficient to look at (struct passwd)->pw_shell,
we also have to use login_getclass etc to check wether the shell gets
overloaded.
ok millert@ beck@
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/authpf/authpf.c | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/usr.sbin/authpf/authpf.c b/usr.sbin/authpf/authpf.c index 9b6517054fa..43dba0592e6 100644 --- a/usr.sbin/authpf/authpf.c +++ b/usr.sbin/authpf/authpf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authpf.c,v 1.80 2004/04/28 05:06:13 cedric Exp $ */ +/* $OpenBSD: authpf.c,v 1.81 2004/05/13 17:14:55 henning Exp $ */ /* * Copyright (C) 1998 - 2002 Bob Beck (beck@openbsd.org). @@ -39,6 +39,7 @@ #include <err.h> #include <errno.h> +#include <login_cap.h> #include <pwd.h> #include <signal.h> #include <stdio.h> @@ -92,6 +93,8 @@ main(int argc, char *argv[]) struct passwd *pw; char *cp; uid_t uid; + char *shell; + login_cap_t *lc; config = fopen(PATH_CONFFILE, "r"); @@ -130,16 +133,31 @@ main(int argc, char *argv[]) uid = getuid(); pw = getpwuid(uid); + endpwent(); if (pw == NULL) { syslog(LOG_ERR, "cannot find user for uid %u", uid); goto die; } - if (strcmp(pw->pw_shell, PATH_AUTHPF_SHELL)) { + + if ((lc = login_getclass(pw->pw_class)) != NULL) + shell = login_getcapstr(lc, "shell", pw->pw_shell, + pw->pw_shell); + else + shell = pw->pw_shell; + + login_close(lc); + + if (strcmp(shell, PATH_AUTHPF_SHELL)) { syslog(LOG_ERR, "wrong shell for user %s, uid %u", pw->pw_name, pw->pw_uid); + if (shell != pw->pw_shell) + free(shell); goto die; } + if (shell != pw->pw_shell) + free(shell); + /* * Paranoia, but this data _does_ come from outside authpf, and * truncation would be bad. |