Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssh/patches/031-per_session_xauthfile.patch
author Jan Parcel <jan.parcel@oracle.com>
Mon, 25 Jan 2016 10:57:40 -0800
branchs11u3-sru
changeset 5324 5683175b6e99
child 5613 27ea636da8ce
permissions -rw-r--r--
PSARC/2015/395 OpenSSH 7.1p1 PSARC 2014/390 OpenSSH GSSKEY 21696247 upgrade OpenSSH to 7.1p1 22031540 problem in UTILITY/OPENSSH 22022180 problem in UTILITY/OPENSSH 22048638 problem in UTILITY/OPENSSH 19775805 OpenSSH contains a redundant call to do_pam_setcred() 21379157 OpenSSH shouldn't call setproject(3PROJECT) when configured to use PAM 20919294 upgrade OpenSSH to 6.8p1 19130869 migrate the Xforwarding bug fix (15350344) from SunSSH to OpenSSH 21861322 OpenSSH client hangs on broken pipe 22018764 remove cast128-cbc from OpenSSH 21919790 add GSSKeyEx as an alias to GSSAPIKeyExchange in OpenSSH 19941148 GSS-API Key Exchange for OpenSSH 21643415 OpenSSH should use AI_ADDRCONFIG per bug 19827438 20370803 OpenSSH patch number collision 20711463 OpenSSH wants to be able to login to a role too 22389801 OpenSSH: remove cast from ssh(1), sshd(8), ssh_config(5) and sshd_config(5) 22582153 openssh system/linker should be added to core REQ
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
5324
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
     1
 
#
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
     2
 
# This patch is to fix a X11 connection failure when a user's home directory
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
     3
 
# is read-only.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
     4
 
#
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
     5
 
# We have contributed back this fix to the OpenSSH upstream community. For
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
     6
 
# more information, see https://bugzilla.mindrot.org/show_bug.cgi?id=2440
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
     7
 
# In the future, if this fix is accepted by the upsteam in a later release, we
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
     8
 
# will remove this patch when we upgrade to that release.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
     9
 
#
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    10
 
--- orig/session.c	Thu Jul 30 10:35:15 2015
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    11
 
+++ new/session.c	Tue Aug  4 11:29:22 2015
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    12
 
@@ -62,6 +62,10 @@
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    13
 
 #include <unistd.h>
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    14
 
 #include <limits.h>
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    15
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    16
 
+#ifdef PER_SESSION_XAUTHFILE
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    17
 
+#include <libgen.h>
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    18
 
+#endif
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    19
 
+
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    20
 
 #include "openbsd-compat/sys-queue.h"
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    21
 
 #include "xmalloc.h"
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    22
 
 #include "ssh.h"
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    23
 
@@ -132,6 +136,11 @@
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    24
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    25
 
 static int session_pty_req(Session *);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    26
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    27
 
+#ifdef PER_SESSION_XAUTHFILE
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    28
 
+void   session_xauthfile_cleanup(Session *);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    29
 
+void   cleanup_all_session_xauthfile();
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    30
 
+#endif
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    31
 
+
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    32
 
 /* import */
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    33
 
 extern ServerOptions options;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    34
 
 extern char *__progname;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    35
 
@@ -1218,6 +1227,11 @@
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    36
 
 	if (getenv("TZ"))
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    37
 
 		child_set_env(&env, &envsize, "TZ", getenv("TZ"));
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    38
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    39
 
+#ifdef PER_SESSION_XAUTHFILE
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    40
 
+        if (s->auth_file != NULL)
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    41
 
+                child_set_env(&env, &envsize, "XAUTHORITY", s->auth_file);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    42
 
+#endif
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    43
 
+
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    44
 
 	/* Set custom environment options from RSA authentication. */
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    45
 
 	if (!options.use_login) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    46
 
 		while (custom_environment) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    47
 
@@ -2170,6 +2184,11 @@
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    48
 
 {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    49
 
 	int success;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    50
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    51
 
+#ifdef PER_SESSION_XAUTHFILE
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    52
 
+	int fd;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    53
 
+        char xauthdir[] = "/tmp/ssh-xauth-XXXXXX";
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    54
 
+#endif
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    55
 
+
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    56
 
 	if (s->auth_proto != NULL || s->auth_data != NULL) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    57
 
 		error("session_x11_req: session %d: "
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    58
 
 		    "x11 forwarding already active", s->self);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    59
 
@@ -2188,6 +2207,48 @@
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    60
 
 		s->auth_proto = NULL;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    61
 
 		s->auth_data = NULL;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    62
 
 	}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    63
 
+
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    64
 
+#ifdef PER_SESSION_XAUTHFILE
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    65
 
+	/*
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    66
 
+	 * Create per session X authority file in the /tmp directory.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    67
 
+	 *
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    68
 
+	 * If mkdtemp() or open() fails then s->auth_file remains NULL which
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    69
 
+	 * means that we won't set XAUTHORITY variable in child's environment
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    70
 
+	 * and xauth(1) will use the default location for the authority file.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    71
 
+	 */
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    72
 
+	if (mkdtemp(xauthdir) != NULL) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    73
 
+		s->auth_file = xmalloc(MAXPATHLEN);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    74
 
+		snprintf(s->auth_file, MAXPATHLEN, "%s/xauthfile",
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    75
 
+		    xauthdir);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    76
 
+		/*
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    77
 
+		 * we don't want that "creating new authority file" message to
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    78
 
+                 * be printed by xauth(1) so we must create that file
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    79
 
+		 * beforehand.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    80
 
+		 */
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    81
 
+		if ((fd = open(s->auth_file, O_CREAT | O_EXCL | O_RDONLY,
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    82
 
+		    S_IRUSR | S_IWUSR)) == -1) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    83
 
+			error("failed to create the temporary X authority "
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    84
 
+			    "file %s: %.100s; will use the default one",
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    85
 
+			    s->auth_file, strerror(errno));
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    86
 
+			free(s->auth_file);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    87
 
+			s->auth_file = NULL;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    88
 
+			if (rmdir(xauthdir) == -1) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    89
 
+				error("cannot remove xauth directory "
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    90
 
+				    "%s: %.100s", xauthdir, strerror(errno));
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    91
 
+			}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    92
 
+		} else {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    93
 
+			close(fd);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    94
 
+			debug("temporary X authority file %s created",
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    95
 
+			    s->auth_file);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    96
 
+                        debug("session number = %d", s->self);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    97
 
+		}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    98
 
+	}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    99
 
+	else {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   100
 
+		error("failed to create a directory for the temporary X "
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   101
 
+		    "authority file: %.100s; will use the default xauth file",
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   102
 
+		    strerror(errno));
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   103
 
+	}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   104
 
+#endif
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   105
 
 	return success;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   106
 
 }
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   107
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   108
 
@@ -2378,6 +2439,50 @@
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   109
 
 	PRIVSEP(session_pty_cleanup2(s));
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   110
 
 }
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   111
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   112
 
+#ifdef PER_SESSION_XAUTHFILE
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   113
 
+/*
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   114
 
+ * We use a different temporary X authority file per session so we should
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   115
 
+ * remove those files when cleanup_exit() is called.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   116
 
+ */
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   117
 
+void
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   118
 
+session_xauthfile_cleanup(Session *s)
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   119
 
+{
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   120
 
+	if (s == NULL || s->auth_file == NULL) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   121
 
+		return;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   122
 
+	}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   123
 
+
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   124
 
+	debug("session_xauthfile_cleanup: session %d removing %s", s->self,
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   125
 
+	    s->auth_file);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   126
 
+
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   127
 
+	if (unlink(s->auth_file) == -1) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   128
 
+		error("session_xauthfile_cleanup: cannot remove xauth file: "
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   129
 
+		    "%.100s", strerror(errno));
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   130
 
+		return;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   131
 
+	}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   132
 
+
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   133
 
+	/* dirname() will modify s->auth_file but that's ok */
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   134
 
+	if (rmdir(dirname(s->auth_file)) == -1) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   135
 
+		error("session_xauthfile_cleanup: "
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   136
 
+		    "cannot remove xauth directory: %.100s", strerror(errno));
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   137
 
+		return;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   138
 
+	}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   139
 
+	free(s->auth_file);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   140
 
+	s->auth_file = NULL;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   141
 
+}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   142
 
+
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   143
 
+/*
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   144
 
+ * This is called by do_cleanup() when cleanup_exit() is called.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   145
 
+ */
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   146
 
+void
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   147
 
+cleanup_all_session_xauthfile()
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   148
 
+{
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   149
 
+	int i;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   150
 
+	for (i = 0; i < sessions_nalloc; i++) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   151
 
+                session_xauthfile_cleanup(&sessions[i]);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   152
 
+	}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   153
 
+}
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   154
 
+#endif
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   155
 
+
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   156
 
 static char *
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   157
 
 sig2name(int sig)
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   158
 
 {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   159
 
@@ -2512,6 +2617,9 @@
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   160
 
 	free(s->auth_display);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   161
 
 	free(s->auth_data);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   162
 
 	free(s->auth_proto);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   163
 
+#ifdef PER_SESSION_XAUTHFILE
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   164
 
+	session_xauthfile_cleanup(s);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   165
 
+#endif
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   166
 
 	free(s->subsys);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   167
 
 	if (s->env != NULL) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   168
 
 		for (i = 0; i < s->num_env; i++) {
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   169
 
@@ -2763,6 +2871,10 @@
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   170
 
 	/* remove agent socket */
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   171
 
 	auth_sock_cleanup_proc(authctxt->pw);
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   172
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   173
 
+#ifdef PER_SESSION_XAUTHFILE
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   174
 
+	cleanup_all_session_xauthfile();
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   175
 
+#endif
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   176
 
+
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   177
 
 	/*
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   178
 
 	 * Cleanup ptys/utmp only if privsep is disabled,
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   179
 
 	 * or if running in monitor.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   180
 
--- orig/session.h	Thu Jul 30 10:35:12 2015
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   181
 
+++ new/session.h	Tue Aug  4 11:30:04 2015
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   182
 
@@ -49,6 +49,9 @@
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   183
 
 	char	*auth_display;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   184
 
 	char	*auth_proto;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   185
 
 	char	*auth_data;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   186
 
+#ifdef PER_SESSION_XAUTHFILE
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   187
 
+	char    *auth_file;	/* xauth(1) authority file */
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   188
 
+#endif
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   189
 
 	int	single_connection;
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   190
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
   191
 
 	/* proto 2 */
upstream/oracle/userland-gate