Attachment #1179 for bug #1223

Lines 579-590 Link Here

(-)openssh-4.3p2.orig/misc.c (-3 / +6 lines)
579	return -1;	579	return -1;
580	}	580	}
581		581
		582	#if defined(SSH_TUN_LINUX)
582	int	583	int
583	tun_open(int tun, int mode)	584	tun_open(int tun, int mode, uid_t uid)
584	{	585	{
585	#if defined(CUSTOM_SYS_TUN_OPEN)	586	return (sys_tun_open(tun, mode, uid));
586	return (sys_tun_open(tun, mode));
587	#elif defined(SSH_TUN_OPENBSD)	587	#elif defined(SSH_TUN_OPENBSD)
		588	int
		589	tun_open(int tun, int mode)
		590	{
588	struct ifreq ifr;	591	struct ifreq ifr;
589	char name[100];	592	char name[100];
590	int fd = -1, sock;	593	int fd = -1, sock;

Lines 55-61 Link Here

(-)openssh-4.3p2.orig/misc.h (-1 / +5 lines)
55	int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));	55	int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
56	int read_keyfile_line(FILE , const char , char , size_t, u_long );	56	int read_keyfile_line(FILE , const char , char , size_t, u_long );
57		57
58	int tun_open(int, int);	58	#if defined(SSH_TUN_LINUX)
		59	int tun_open(int, int, uid_t);
		60	#else
		61	int tun_open(int, int);
		62	#endif
59		63
60	/* Common definitions for ssh tunnel device forwarding */	64	/* Common definitions for ssh tunnel device forwarding */
61	#define SSH_TUNMODE_NO 0x00	65	#define SSH_TUNMODE_NO 0x00

Lines 39-45 Link Here

(-)openssh-4.3p2.orig/openbsd-compat/port-tun.c (-1 / +7 lines)
39	#include <linux/if_tun.h>	39	#include <linux/if_tun.h>
40		40
41	int	41	int
42	sys_tun_open(int tun, int mode)	42	sys_tun_open(int tun, int mode, uid_t uid)
43	{	43	{
44	struct ifreq ifr;	44	struct ifreq ifr;
45	int fd = -1;	45	int fd = -1;
Lines 77-82 Link Here
77	goto failed;	77	goto failed;
78	}	78	}
79		79
		80	if (ioctl(fd, TUNSETOWNER, uid) == -1) {
		81	debug("%s: failed to set tunnel owner (uid %d): %s", __func__,
		82	uid, strerror(errno));
		83	goto failed;
		84	}
		85
80	if (tun == SSH_TUNID_ANY)	86	if (tun == SSH_TUNID_ANY)
81	debug("%s: tunnel mode %d fd %d", __func__, mode, fd);	87	debug("%s: tunnel mode %d fd %d", __func__, mode, fd);
82	else	88	else

Lines 19-25 Link Here

(-)openssh-4.3p2.orig/openbsd-compat/port-tun.h (-1 / +4 lines)
19		19
20	#include "channels.h"	20	#include "channels.h"
21		21
22	#if defined(SSH_TUN_LINUX) \|\| defined(SSH_TUN_FREEBSD)	22	#if defined(SSH_TUN_LINUX)
		23	# define CUSTOM_SYS_TUN_OPEN
		24	int sys_tun_open(int, int, uid_t);
		25	#elif defined(SSH_TUN_FREEBSD)
23	# define CUSTOM_SYS_TUN_OPEN	26	# define CUSTOM_SYS_TUN_OPEN
24	int sys_tun_open(int, int);	27	int sys_tun_open(int, int);
25	#endif	28	#endif

Lines 941-947 Link Here

(-)openssh-4.3p2.orig/serverloop.c (-1 / +5 lines)
941	goto done;	941	goto done;
942	tun = forced_tun_device;	942	tun = forced_tun_device;
943	}	943	}
944	sock = tun_open(tun, mode);	944	#if defined(SSH_TUN_LINUX)
		945	sock = tun_open(tun, mode, the_authctxt->pw->pw_uid);
		946	#else
		947	sock = tun_open(tun, mode);
		948	#endif
945	if (sock < 0)	949	if (sock < 0)
946	goto done;	950	goto done;
947	c = channel_new("tun", SSH_CHANNEL_OPEN, sock, sock, -1,	951	c = channel_new("tun", SSH_CHANNEL_OPEN, sock, sock, -1,

Lines 1073-1080 Link Here

(-)openssh-4.3p2.orig/ssh.c (+5 lines)
1073	int fd;	1073	int fd;
1074		1074
1075	debug("Requesting tun.");	1075	debug("Requesting tun.");
		1076	#if defined(SSH_TUN_LINUX)
		1077	if ((fd = tun_open(options.tun_local,
		1078	options.tun_open, original_real_uid)) >= 0) {
		1079	#else
1076	if ((fd = tun_open(options.tun_local,	1080	if ((fd = tun_open(options.tun_local,
1077	options.tun_open)) >= 0) {	1081	options.tun_open)) >= 0) {
		1082	#endif
1078	c = channel_new("tun", SSH_CHANNEL_OPENING, fd, fd, -1,	1083	c = channel_new("tun", SSH_CHANNEL_OPENING, fd, fd, -1,
1079	CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT,	1084	CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT,
1080	0, "tun", 1);	1085	0, "tun", 1);

Return to bug 1223