Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / d0d1099b3b8a766480ce6df215631bf0af6e6bcd^! / . / auth2-pubkey.c
commitd0d1099b3b8a766480ce6df215631bf0af6e6bcd[log] [tgz]
authorDamien Miller <djm@mindrot.org>Sun Nov 04 22:23:14 2012 +1100
committerDamien Miller <djm@mindrot.org>Sun Nov 04 22:23:14 2012 +1100
treee29b37b3e3a9e8e14e78ddc5eb15005fe201717f
parentf33580eed055472b9e5ca05f4826b05e9eacc651 [diff] [blame]
   - djm@cvs.openbsd.org 2012/11/04 10:38:43
     [auth2-pubkey.c sshd.c sshd_config.5]
     Remove default of AuthorizedCommandUser. Administrators are now expected
     to explicitly specify a user. feedback and ok markus@

diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index ec8f75d..6a62170 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.31 2012/10/30 21:29:54 djm Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.32 2012/11/04 10:38:43 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -462,24 +462,28 @@
 	struct stat st;
 	int status, devnull, p[2], i;
 	pid_t pid;
-	char errmsg[512];
+	char *username, errmsg[512];
 
 	if (options.authorized_keys_command == NULL ||
 	    options.authorized_keys_command[0] != '/')
 		return 0;
 
-	/* If no user specified to run commands the default to target user */
-	if (options.authorized_keys_command_user == NULL)
-		pw = user_pw;
-	else {
-		pw = getpwnam(options.authorized_keys_command_user);
-		if (pw == NULL) {
-			error("AuthorizedKeyCommandUser \"%s\" not found: %s",
-			    options.authorized_keys_command, strerror(errno));
-			return 0;
-		}
+	if (options.authorized_keys_command_user == NULL) {
+		error("No user for AuthorizedKeysCommand specified, skipping");
+		return 0;
 	}
 
+	username = percent_expand(options.authorized_keys_command_user,
+	    "u", user_pw->pw_name, (char *)NULL);
+	pw = getpwnam(username);
+	if (pw == NULL) {
+		error("AuthorizedKeyCommandUser \"%s\" not found: %s",
+		    options.authorized_keys_command, strerror(errno));
+		free(username);
+		return 0;
+	}
+	free(username);
+
 	temporarily_use_uid(pw);
 
 	if (stat(options.authorized_keys_command, &st) < 0) {
@@ -517,6 +521,7 @@
 		for (i = 0; i < NSIG; i++)
 			signal(i, SIG_DFL);
 
+		closefrom(STDERR_FILENO + 1);
 		/* Don't use permanently_set_uid() here to avoid fatal() */
 		if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) != 0) {
 			error("setresgid %u: %s", (u_int)pw->pw_gid,
@@ -541,7 +546,6 @@
 			error("%s: dup2: %s", __func__, strerror(errno));
 			_exit(1);
 		}
-		closefrom(STDERR_FILENO + 1);
 
 		execl(options.authorized_keys_command,
 		    options.authorized_keys_command, pw->pw_name, NULL);