summaryrefslogtreecommitdiff
path: root/usr.sbin
diff options
context:
space:
mode:
authorHenning Brauer <henning@cvs.openbsd.org>2004-05-13 17:14:56 +0000
committerHenning Brauer <henning@cvs.openbsd.org>2004-05-13 17:14:56 +0000
commit2125db2d855a542bbe0dcdf2ad4f173f365b6e1a (patch)
treed4b9985705767f8d89b797b2220f2cad2c1af13a /usr.sbin
parent6190a591a847fe888db6d21343087e12069c3c3e (diff)
as the authpf manpage describes, the connecting user's shell can be
overloaded via login.conf. When verifying that the user's login shell is indeed authpf it is not sufficient to look at (struct passwd)->pw_shell, we also have to use login_getclass etc to check wether the shell gets overloaded. ok millert@ beck@
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/authpf/authpf.c22
1 files changed, 20 insertions, 2 deletions
diff --git a/usr.sbin/authpf/authpf.c b/usr.sbin/authpf/authpf.c
index 9b6517054fa..43dba0592e6 100644
--- a/usr.sbin/authpf/authpf.c
+++ b/usr.sbin/authpf/authpf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authpf.c,v 1.80 2004/04/28 05:06:13 cedric Exp $ */
+/* $OpenBSD: authpf.c,v 1.81 2004/05/13 17:14:55 henning Exp $ */
/*
* Copyright (C) 1998 - 2002 Bob Beck (beck@openbsd.org).
@@ -39,6 +39,7 @@
#include <err.h>
#include <errno.h>
+#include <login_cap.h>
#include <pwd.h>
#include <signal.h>
#include <stdio.h>
@@ -92,6 +93,8 @@ main(int argc, char *argv[])
struct passwd *pw;
char *cp;
uid_t uid;
+ char *shell;
+ login_cap_t *lc;
config = fopen(PATH_CONFFILE, "r");
@@ -130,16 +133,31 @@ main(int argc, char *argv[])
uid = getuid();
pw = getpwuid(uid);
+ endpwent();
if (pw == NULL) {
syslog(LOG_ERR, "cannot find user for uid %u", uid);
goto die;
}
- if (strcmp(pw->pw_shell, PATH_AUTHPF_SHELL)) {
+
+ if ((lc = login_getclass(pw->pw_class)) != NULL)
+ shell = login_getcapstr(lc, "shell", pw->pw_shell,
+ pw->pw_shell);
+ else
+ shell = pw->pw_shell;
+
+ login_close(lc);
+
+ if (strcmp(shell, PATH_AUTHPF_SHELL)) {
syslog(LOG_ERR, "wrong shell for user %s, uid %u",
pw->pw_name, pw->pw_uid);
+ if (shell != pw->pw_shell)
+ free(shell);
goto die;
}
+ if (shell != pw->pw_shell)
+ free(shell);
+
/*
* Paranoia, but this data _does_ come from outside authpf, and
* truncation would be bad.