Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / d3a185709dfb8588ae7cacc079312d1fcc450e9c^! / . / channels.c
commitd3a185709dfb8588ae7cacc079312d1fcc450e9c[log] [tgz]
authorDamien Miller <djm@mindrot.org>Wed Jun 07 19:55:44 2000 +1000
committerDamien Miller <djm@mindrot.org>Wed Jun 07 19:55:44 2000 +1000
tree8e9798d35f76171481f034720767e507e6bbd6f9
parente37bfc19f7263b838896ae403e55aa703a06b69a [diff] [blame]
 - (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III
   <tibbs@math.uh.edu>
 - (djm) OpenBSD CVS updates:
  - todd@cvs.openbsd.org
    [sshconnect2.c]
    teach protocol v2 to count login failures properly and also enable an
    explanation of why the password prompt comes up again like v1; this is NOT
    crypto
  - markus@cvs.openbsd.org
    [readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8]
    xauth_location support; pr 1234
    [readconf.c sshconnect2.c]
    typo, unused
    [session.c]
    allow use_login only for login sessions, otherwise remote commands are
    execed with uid==0
    [sshd.8]
    document UseLogin better
    [version.h]
    OpenSSH 2.1.1
    [auth-rsa.c]
    fix match_hostname() logic for auth-rsa: deny access if we have a
    negative match or no match at all
    [channels.c hostfile.c match.c]
    don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via
    kris@FreeBSD.org

diff --git a/channels.c b/channels.c
index f26b3a6..bfa025a 100644
--- a/channels.c
+++ b/channels.c

@@ -17,7 +17,7 @@
  */
 
 #include "includes.h"
-RCSID("$Id: channels.c,v 1.31 2000/05/17 12:34:23 damien Exp $");
+RCSID("$Id: channels.c,v 1.32 2000/06/07 09:55:44 djm Exp $");
 
 #include "ssh.h"
 #include "packet.h"
@@ -2113,11 +2113,11 @@
 }
 
 /*
- * This if called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server.
+ * This is called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server.
  * This starts forwarding authentication requests.
  */
 
-void
+int
 auth_input_request_forwarding(struct passwd * pw)
 {
 	int sock, newch;
@@ -2135,8 +2135,16 @@
 	strlcpy(channel_forwarded_auth_socket_dir, "/tmp/ssh-XXXXXXXX", MAX_SOCKET_NAME);
 
 	/* Create private directory for socket */
-	if (mkdtemp(channel_forwarded_auth_socket_dir) == NULL)
-		packet_disconnect("mkdtemp: %.100s", strerror(errno));
+	if (mkdtemp(channel_forwarded_auth_socket_dir) == NULL) {
+		packet_send_debug("Agent forwarding disabled: mkdtemp() failed: %.100s",
+		    strerror(errno));
+		restore_uid();
+		xfree(channel_forwarded_auth_socket_name);
+		xfree(channel_forwarded_auth_socket_dir);
+		channel_forwarded_auth_socket_name = NULL;
+		channel_forwarded_auth_socket_dir = NULL;
+		return 0;
+	}
 	snprintf(channel_forwarded_auth_socket_name, MAX_SOCKET_NAME, "%s/agent.%d",
 		 channel_forwarded_auth_socket_dir, (int) getpid());
 
@@ -2171,6 +2179,7 @@
 				 xstrdup("auth socket"));
 	strlcpy(channels[newch].path, channel_forwarded_auth_socket_name,
 	    sizeof(channels[newch].path));
+	return 1;
 }
 
 /* This is called to process an SSH_SMSG_AGENT_OPEN message. */