Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssh/patches/019-no_uid_restoration_test.patch
changeset 5819 c5f05bd2a9bc
parent 5818 5f0e7a0f17c2
child 5820 cef0da89f9ee 
--- a/components/openssh/patches/019-no_uid_restoration_test.patch	Wed Apr 20 13:13:57 2016 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,70 +0,0 @@
-#
-# OpenSSH verifies, that changing [ug]id back to 0 fails, after it
-# was set to the values of the user logging in.
-# On Solaris, if that user was given PRIV_PROC_SETUID privilege,
-# set[gu]id(0) succeeds. But in this case this is not an error in
-# dropping privilege, such user is supposed to be able to do that.
-#
-# This fix removes this check entirely. Skipping the check only in
-# case PRIV_PROC_SETUID is asserted in the effective set was considered
-# but decided against. The check is redundant, because inability to
-# restore uid=0 can be inferred from successful run of setreuid(uid, uid).
-#
-# The fix is implemented by replacing an OS-related HAVE_CYGWIN guard
-# with a functional NO_UID_RESTORATION_TEST and by defining the new
-# symbol in the component Makefile.
-#
-# This patch was submitted upstream:
-#
-# https://bugzilla.mindrot.org/show_bug.cgi?id=2299
-#
-# See the above URL for details on if/when it might be accepted.
-#
-diff -ur old/uidswap.c new/uidswap.c
---- old/uidswap.c	2014-01-18 01:43:50.000000000 -0800
-+++ new/uidswap.c	2014-09-04 06:26:32.965065384 -0700
-@@ -134,7 +134,7 @@
- void
- permanently_drop_suid(uid_t uid)
- {
--#ifndef HAVE_CYGWIN
-+#ifndef NO_UID_RESTORATION_TEST
- 	uid_t old_uid = getuid();
- #endif
- 
-@@ -142,7 +142,7 @@
- 	if (setresuid(uid, uid, uid) < 0)
- 		fatal("setresuid %u: %.100s", (u_int)uid, strerror(errno));
- 
--#ifndef HAVE_CYGWIN
-+#ifndef NO_UID_RESTORATION_TEST
- 	/* Try restoration of UID if changed (test clearing of saved uid) */
- 	if (old_uid != uid &&
- 	    (setuid(old_uid) != -1 || seteuid(old_uid) != -1))
-@@ -199,7 +199,7 @@
- void
- permanently_set_uid(struct passwd *pw)
- {
--#ifndef HAVE_CYGWIN
-+#ifndef NO_UID_RESTORATION_TEST
- 	uid_t old_uid = getuid();
- 	gid_t old_gid = getgid();
- #endif
-@@ -227,7 +227,7 @@
- 	if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) < 0)
- 		fatal("setresuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno));
- 
--#ifndef HAVE_CYGWIN
-+#ifndef NO_UID_RESTORATION_TEST
- 	/* Try restoration of GID if changed (test clearing of saved gid) */
- 	if (old_gid != pw->pw_gid && pw->pw_uid != 0 &&
- 	    (setgid(old_gid) != -1 || setegid(old_gid) != -1))
-@@ -241,7 +241,7 @@
- 		    (u_int)pw->pw_gid);
- 	}
- 
--#ifndef HAVE_CYGWIN
-+#ifndef NO_UID_RESTORATION_TEST
- 	/* Try restoration of UID if changed (test clearing of saved uid) */
- 	if (old_uid != pw->pw_uid &&
- 	    (setuid(old_uid) != -1 || seteuid(old_uid) != -1))
upstream/oracle/userland-gate