secure/usr.sbin/sshd/session.c.patch

   1 $DragonFly: src/secure/usr.sbin/sshd/Attic/session.c.patch,v 1.2 2006/09/28 18:42:50 corecode Exp $
   2 --- session.c   2006-09-01 07:38:37.000000000 +0200
   3 +++ session.c   2006-09-28 20:03:43.000000000 +0200
   4 @@ -776,6 +776,24 @@
   5  {
   6         FILE *f;
   7         char buf[256];
   8 +#ifdef HAVE_LOGIN_CAP
   9 +       const char *fname;
  10 +#endif
  11 +
  12 +#ifdef HAVE_LOGIN_CAP
  13 +       fname = login_getcapstr(lc, "copyright", NULL, NULL);
  14 +       if (fname != NULL && (f = fopen(fname, "r")) != NULL) {
  15 +               while (fgets(buf, sizeof(buf), f) != NULL)
  16 +                       fputs(buf, stdout);
  17 +                       fclose(f);
  18 +       } else
  19 +#endif /* HAVE_LOGIN_CAP */
  20 +               (void)printf("%s\n\t%s %s\n",
  21 +       "Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994",
  22 +       "The Regents of the University of California. ",
  23 +       "All rights reserved.");
  24 +
  25 +       (void)printf("\n");
  26
  27         if (options.print_motd) {
  28  #ifdef HAVE_LOGIN_CAP
  29 @@ -1004,6 +1022,9 @@
  30         struct passwd *pw = s->pw;
  31  #ifndef HAVE_LOGIN_CAP
  32         char *path = NULL;
  33 +#else
  34 +       extern char **environ;
  35 +       char **senv, **var;
  36  #endif
  37
  38         /* Initialize the environment. */
  39 @@ -1025,6 +1046,9 @@
  40         }
  41  #endif
  42
  43 +       if (getenv("TZ"))
  44 +               child_set_env(&env, &envsize, "TZ", getenv("TZ"));
  45 +
  46  #ifdef GSSAPI
  47         /* Allow any GSSAPI methods that we've used to alter
  48          * the childs environment as they see fit
  49 @@ -1044,11 +1068,22 @@
  50                 child_set_env(&env, &envsize, "LOGIN", pw->pw_name);
  51  #endif
  52                 child_set_env(&env, &envsize, "HOME", pw->pw_dir);
  53 +               snprintf(buf, sizeof buf, "%.200s/%.50s",
  54 +                        _PATH_MAILDIR, pw->pw_name);
  55 +               child_set_env(&env, &envsize, "MAIL", buf);
  56  #ifdef HAVE_LOGIN_CAP
  57 -               if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH) < 0)
  58 -                       child_set_env(&env, &envsize, "PATH", _PATH_STDPATH);
  59 -               else
  60 -                       child_set_env(&env, &envsize, "PATH", getenv("PATH"));
  61 +               child_set_env(&env, &envsize, "PATH", _PATH_STDPATH);
  62 +               child_set_env(&env, &envsize, "TERM", "su");
  63 +               senv = environ;
  64 +               environ = xmalloc(sizeof(char *));
  65 +               *environ = NULL;
  66 +               (void) setusercontext(lc, pw, pw->pw_uid,
  67 +                   LOGIN_SETENV|LOGIN_SETPATH);
  68 +               copy_environment(environ, &env, &envsize);
  69 +               for (var = environ; *var != NULL; ++var)
  70 +                       xfree(*var);
  71 +               xfree(environ);
  72 +               environ = senv;
  73  #else /* HAVE_LOGIN_CAP */
  74  # ifndef HAVE_CYGWIN
  75                 /*
  76 @@ -1069,15 +1104,9 @@
  77  # endif /* HAVE_CYGWIN */
  78  #endif /* HAVE_LOGIN_CAP */
  79
  80 -               snprintf(buf, sizeof buf, "%.200s/%.50s",
  81 -                        _PATH_MAILDIR, pw->pw_name);
  82 -               child_set_env(&env, &envsize, "MAIL", buf);
  83 -
  84                 /* Normal systems set SHELL by default. */
  85                 child_set_env(&env, &envsize, "SHELL", shell);
  86         }
  87 -       if (getenv("TZ"))
  88 -               child_set_env(&env, &envsize, "TZ", getenv("TZ"));
  89
  90         /* Set custom environment options from RSA authentication. */
  91         if (!options.use_login) {
  92 @@ -1314,7 +1343,7 @@
  93                 }
  94  # endif /* USE_PAM */
  95                 if (setusercontext(lc, pw, pw->pw_uid,
  96 -                   (LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) {
  97 +                   (LOGIN_SETALL & ~(LOGIN_SETENV|LOGIN_SETPATH))) < 0) {
  98                         perror("unable to set user context");
  99                         exit(1);
 100                 }
 101 @@ -1472,6 +1501,9 @@
 102         char *argv[10];
 103         const char *shell, *shell0, *hostname = NULL;
 104         struct passwd *pw = s->pw;
 105 +#ifdef HAVE_LOGIN_CAP
 106 +       int lc_requirehome;
 107 +#endif
 108
 109         /* remove hostkey from the child's memory */
 110         destroy_sensitive_data();
 111 @@ -1559,6 +1591,10 @@
 112          */
 113         environ = env;
 114
 115 +#ifdef HAVE_LOGIN_CAP
 116 +       lc_requirehome = login_getcapbool(lc, "requirehome", 0);
 117 +       login_close(lc);
 118 +#endif
 119  #if defined(KRB5) && defined(USE_AFS)
 120         /*
 121          * At this point, we check to see if AFS is active and if we have
 122 @@ -1590,7 +1626,7 @@
 123                 fprintf(stderr, "Could not chdir to home directory %s: %s\n",
 124                     pw->pw_dir, strerror(errno));
 125  #ifdef HAVE_LOGIN_CAP
 126 -               if (login_getcapbool(lc, "requirehome", 0))
 127 +               if (lc_requirehome)
 128                         exit(1);
 129  #endif
 130         }