summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--usr.bin/login/klogin.c34
-rw-r--r--usr.bin/su/su.c27
2 files changed, 49 insertions, 12 deletions
diff --git a/usr.bin/login/klogin.c b/usr.bin/login/klogin.c
index 4f902b2e701..af273532e01 100644
--- a/usr.bin/login/klogin.c
+++ b/usr.bin/login/klogin.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: klogin.c,v 1.10 2000/07/17 16:43:14 millert Exp $ */
+/* $OpenBSD: klogin.c,v 1.11 2000/12/02 22:44:36 hin Exp $ */
/* $NetBSD: klogin.c,v 1.7 1996/05/21 22:07:04 mrg Exp $ */
/*-
@@ -38,7 +38,7 @@
#if 0
static char sccsid[] = "@(#)klogin.c 8.3 (Berkeley) 4/2/94";
#endif
-static char rcsid[] = "$OpenBSD: klogin.c,v 1.10 2000/07/17 16:43:14 millert Exp $";
+static char rcsid[] = "$OpenBSD: klogin.c,v 1.11 2000/12/02 22:44:36 hin Exp $";
#endif /* not lint */
#ifdef KERBEROS
@@ -80,7 +80,7 @@ klogin(pw, instance, localhost, password)
struct passwd *pw;
char *instance, *localhost, *password;
{
- int kerror;
+ int kerror, fd;
AUTH_DAT authdata;
KTEXT_ST ticket;
struct hostent *hp;
@@ -97,6 +97,15 @@ klogin(pw, instance, localhost, password)
}
#endif
+ /* If no srvtab file exists, fail immediatly. This will make
+ * login _much_ quicker on systems with sporadical contact with
+ * the outside world.
+ * We should really change the semantics for enabling kerberos.
+ */
+ if((fd = open(KEYFILE, O_RDONLY, 0)) < 0)
+ return 1;
+ close(fd);
+
/*
* Root logins don't use Kerberos (or at least shouldn't be
* sending kerberos passwords around in cleartext), so don't
@@ -119,8 +128,8 @@ klogin(pw, instance, localhost, password)
*/
if (strcmp(instance, "root") != 0)
- snprintf(tkt_location, sizeof(tkt_location), "%s%d.%s",
- TKT_ROOT, pw->pw_uid, tty);
+ snprintf(tkt_location, sizeof(tkt_location), "%s%d",
+ TKT_ROOT, pw->pw_uid);
else
snprintf(tkt_location, sizeof(tkt_location), "%s_root_%d.%s",
TKT_ROOT, pw->pw_uid, tty);
@@ -155,8 +164,19 @@ klogin(pw, instance, localhost, password)
return (1);
}
- if (chown(TKT_FILE, pw->pw_uid, pw->pw_gid) < 0)
- syslog(LOG_ERR, "chown tkfile (%s): %m", TKT_FILE);
+ /*
+ * Set the owner of the ticket file to root but bail if someone
+ * has nefariously swapped a link in place of the file.
+ */
+ fd = open(TKT_FILE, O_RDWR|O_NOFOLLOW, 0);
+ if (fd == -1) {
+ syslog(LOG_ERR, "unable to open ticket file: %m");
+ dest_tkt();
+ return (1);
+ }
+ if (fchown(fd, pw->pw_uid, pw->pw_gid) < 0)
+ syslog(LOG_ERR, "fchown tkfile (%s): %m", TKT_FILE);
+ close(fd);
(void)strlcpy(savehost, krb_get_phost(localhost), sizeof(savehost));
diff --git a/usr.bin/su/su.c b/usr.bin/su/su.c
index 0a0f67e7604..c1cf55defaa 100644
--- a/usr.bin/su/su.c
+++ b/usr.bin/su/su.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: su.c,v 1.34 2000/09/15 07:13:50 deraadt Exp $ */
+/* $OpenBSD: su.c,v 1.35 2000/12/02 22:44:49 hin Exp $ */
/*
* Copyright (c) 1988 The Regents of the University of California.
@@ -41,7 +41,7 @@ char copyright[] =
#ifndef lint
/*static char sccsid[] = "from: @(#)su.c 5.26 (Berkeley) 7/6/91";*/
-static char rcsid[] = "$OpenBSD: su.c,v 1.34 2000/09/15 07:13:50 deraadt Exp $";
+static char rcsid[] = "$OpenBSD: su.c,v 1.35 2000/12/02 22:44:49 hin Exp $";
#endif /* not lint */
#include <sys/param.h>
@@ -59,6 +59,7 @@ static char rcsid[] = "$OpenBSD: su.c,v 1.34 2000/09/15 07:13:50 deraadt Exp $";
#include <string.h>
#include <syslog.h>
#include <unistd.h>
+#include <fcntl.h>
#ifdef SKEY
#include <skey.h>
@@ -358,11 +359,16 @@ kerberos(username, user, uid)
KTEXT_ST ticket;
AUTH_DAT authdata;
struct hostent *hp;
- int kerno;
+ int kerno, fd;
in_addr_t faddr;
char hostname[MAXHOSTNAMELEN], savehost[MAXHOSTNAMELEN];
char *ontty(), *krb_get_phost();
+ /* Don't bother with Kerberos if there is no srvtab file */
+ if ((fd = open(KEYFILE, O_RDONLY, 0)) < 0)
+ return (1);
+ close(fd);
+
if (koktologin(username, lrealm, user) && !uid) {
(void)fprintf(stderr, "kerberos su: not in %s's ACL.\n", user);
return (1);
@@ -407,11 +413,22 @@ kerberos(username, user, uid)
return (1);
}
- if (chown(krbtkfile, uid, -1) < 0) {
- warn("chown");
+ /*
+ * Set the owner of the ticket file to root but bail if someone
+ * has nefariously swapped a link in place of the file.
+ */
+ fd = open(krbtkfile, O_RDWR|O_NOFOLLOW, 0);
+ if (fd == -1) {
+ warn("unable to open ticket file");
+ (void)unlink(krbtkfile);
+ return (1);
+ }
+ if (fchown(fd, uid, -1) < 0) {
+ warn("fchown");
(void)unlink(krbtkfile);
return (1);
}
+ close(fd);
(void)setpriority(PRIO_PROCESS, 0, -2);