Attachment 1077 Details for Bug 1159 – User-dependent IdentityFile

[patch] User-dependent IdentityFile

openssh-bsd-IdentityFile.patch (text/plain), 3.14 KB, created by John Bowman on 2006-02-22 16:42:47 AEDT

(hide)

Description:

Filename:

MIME Type:

Creator: John Bowman

Created: 2006-02-22 16:42:47 AEDT

Size: 3.14 KB

patch

obsolete

>diff -ru ssh/ssh-keygen/Makefile sshJ/ssh-keygen/Makefile
>--- ssh/ssh-keygen/Makefile	2003-07-28 03:49:56.000000000 -0600
>+++ sshJ/ssh-keygen/Makefile	2006-02-21 15:53:35.000000000 -0700
>@@ -10,7 +10,7 @@
> BINDIR=	/usr/bin
> MAN=	ssh-keygen.1
> 
>-SRCS=	ssh-keygen.c moduli.c
>+SRCS=	ssh-keygen.c readconf.c moduli.c
> 
> .include <bsd.prog.mk>
> 
>diff -ru ssh/ssh-keygen.c sshJ/ssh-keygen.c
>--- ssh/ssh-keygen.c	2005-11-28 19:04:55.000000000 -0700
>+++ sshJ/ssh-keygen.c	2006-02-21 15:52:36.000000000 -0700
>@@ -26,6 +26,8 @@
> #include "bufaux.h"
> #include "pathnames.h"
> #include "log.h"
>+#include "ssh.h"
>+#include "readconf.h"
> #include "misc.h"
> #include "match.h"
> #include "hostfile.h"
>@@ -95,6 +97,13 @@
> int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *);
> int prime_test(FILE *, FILE *, u_int32_t, u_int32_t);
> 
>+/*
>+ * General data structure for command line options and options configurable
>+ * in configuration files.  See readconf.h.
>+ */
>+Options options;
>+uid_t original_real_uid;
>+
> static void
> ask_filename(struct passwd *pw, const char *prompt)
> {
>@@ -120,7 +129,29 @@
> 			break;
> 		}
> 
>-	snprintf(identity_file, sizeof(identity_file), "%s/%s", pw->pw_dir, name);
>+	
>+	if(options.num_identity_files > 0) {
>+	  char *file=NULL;
>+	  char *p=strrchr(name,'/');
>+	  if(p) file = p+1;
>+
>+	  name = tilde_expand_filename(options.identity_files[0],
>+				       original_real_uid);
>+	  name = percent_expand(name, "h", pw->pw_dir,	
>+				      "u", pw->pw_name, (char *)NULL);
>+	  p=strrchr(name,'/');
>+	  if(p) *p=0;
>+	    
>+	  if(file && *file) {
>+	    snprintf(identity_file, sizeof(identity_file), "%s/%s", name,file);
>+	  }
>+	  else {
>+	    snprintf(identity_file, sizeof(identity_file), "%s", name);
>+	  }
>+	} else {
>+	  snprintf(identity_file, sizeof(identity_file), "%s/%s", pw->pw_dir,
>+		   name);
>+	}
> 	fprintf(stderr, "%s (%s): ", prompt, identity_file);
> 	if (fgets(buf, sizeof(buf), stdin) == NULL)
> 		exit(1);
>@@ -1015,6 +1046,7 @@
> 	int log_level = SYSLOG_LEVEL_INFO;
> 	BIGNUM *start = NULL;
> 	FILE *f;
>+ 	char buf[256];
> 	const char *errstr;
> 
> 	extern int optind;
>@@ -1037,6 +1069,13 @@
> 		exit(1);
> 	}
> 
>+ 	snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir,
>+ 		 _PATH_SSH_USER_CONFFILE);
>+ 	(void)read_config_file(buf, hostname, &options, 1);
>+ 
>+ 	/* Read systemwide configuration file after user config. */
>+ 	(void)read_config_file(_PATH_HOST_CONFIG_FILE, hostname, &options, 0);
>+ 		
> 	while ((opt = getopt(ac, av,
> 	    "degiqpclBHvxXyF:b:f:t:U:D:P:N:C:r:g:R:T:G:M:S:a:W:")) != -1) {
> 		switch (opt) {
>diff -ru ssh/ssh.c sshJ/ssh.c
>--- ssh/ssh.c	2005-12-19 21:41:07.000000000 -0700
>+++ sshJ/ssh.c	2006-02-21 15:52:36.000000000 -0700
>@@ -1185,9 +1185,14 @@
> 		xfree(keys);
> 	}
> #endif /* SMARTCARD */
>+	struct passwd *pw;
>+	pw=getpwuid(original_real_uid);
>+	if (!pw) fatal("Unknown user id: %d", original_real_uid);
> 	for (; i < options.num_identity_files; i++) {
> 		filename = tilde_expand_filename(options.identity_files[i],
> 		    original_real_uid);
>+		filename = percent_expand(filename, "h", pw->pw_dir,	
>+					  "u", pw->pw_name, (char *)NULL);
> 		public = key_load_public(filename, NULL);
> 		debug("identity file %s type %d", filename,
> 		    public ? public->type : -1);

Flags:

djm: ok-

Actions: View | Diff

Attachments on bug 1159: 1076 | 1077 | 1083 | 1097