- markus@cvs.openbsd.org 2002/09/10 20:24:47
[ssh-agent.c]
check the euid of the connecting process with getpeereid(2);
ok provos deraadt stevesk
diff --git a/ChangeLog b/ChangeLog
index 8b1d287..5ee6617 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -11,6 +11,10 @@
- markus@cvs.openbsd.org 2002/09/09 14:54:15
[channels.c kex.h key.c monitor.c monitor_wrap.c radix.c uuencode.c]
signed vs unsigned from -pedantic; ok henning@
+ - markus@cvs.openbsd.org 2002/09/10 20:24:47
+ [ssh-agent.c]
+ check the euid of the connecting process with getpeereid(2);
+ ok provos deraadt stevesk
20020911
- (djm) Sync openbsd-compat with OpenBSD -current
@@ -1631,4 +1635,4 @@
- (stevesk) entropy.c: typo in debug message
- (djm) ssh-keygen -i needs seeded RNG; report from markus@
-$Id: ChangeLog,v 1.2454 2002/09/11 23:49:15 djm Exp $
+$Id: ChangeLog,v 1.2455 2002/09/11 23:51:10 djm Exp $
diff --git a/ssh-agent.c b/ssh-agent.c
index 0bfef4d..312f226 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -35,7 +35,7 @@
#include "includes.h"
#include "openbsd-compat/fake-queue.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.102 2002/08/22 20:57:19 stevesk Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.103 2002/09/10 20:24:47 markus Exp $");
#include <openssl/evp.h>
#include <openssl/md5.h>
@@ -810,6 +810,8 @@
char buf[1024];
int len, sock;
u_int i;
+ uid_t euid;
+ gid_t egid;
for (i = 0; i < sockets_alloc; i++)
switch (sockets[i].type) {
@@ -825,6 +827,19 @@
strerror(errno));
break;
}
+ if (getpeereid(sock, &euid, &egid) < 0) {
+ error("getpeereid %d failed: %s",
+ sock, strerror(errno));
+ close(sock);
+ break;
+ }
+ if (getuid() != euid) {
+ error("uid mismatch: "
+ "peer euid %d != uid %d",
+ (int) euid, (int) getuid());
+ close(sock);
+ break;
+ }
new_socket(AUTH_CONNECTION, sock);
}
break;