Attachment #1199 for bug #1223




}

int
tun_open(int tun, int mode, uid_t uid)
{
#if defined(CUSTOM_SYS_TUN_OPEN)
	return (sys_tun_open(tun, mode, uid));
#elif defined(SSH_TUN_OPENBSD)
	struct ifreq ifr;
	char name[100];

	if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
		goto failed;

   /* Set interface owner */
   /* XXX: This is most definitely wrong and is considered a stub :) */
   if (ioctl(fd, TUNSETOWNER, uid) == -1) 
      goto failed;

	/* Bring interface up */
	ifr.ifr_flags |= IFF_UP;
	if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)

Lines 48-54 Link Here

(-)openssh-4.4p1.orig/misc.h (-1 / +1 lines)
48	__attribute__((format(printf, 3, 4)));	48	__attribute__((format(printf, 3, 4)));
49	void freeargs(arglist *);	49	void freeargs(arglist *);
50		50
51	int tun_open(int, int);	51	int tun_open(int, int, uid_t);
52		52
53	/* Common definitions for ssh tunnel device forwarding */	53	/* Common definitions for ssh tunnel device forwarding */
54	#define SSH_TUNMODE_NO 0x00	54	#define SSH_TUNMODE_NO 0x00

Lines 54-60 Link Here

(-)openssh-4.4p1.orig/openbsd-compat/port-tun.c (-1 / +7 lines)
54	#include <linux/if_tun.h>	54	#include <linux/if_tun.h>
55		55
56	int	56	int
57	sys_tun_open(int tun, int mode)	57	sys_tun_open(int tun, int mode, uid_t uid)
58	{	58	{
59	struct ifreq ifr;	59	struct ifreq ifr;
60	int fd = -1;	60	int fd = -1;
Lines 92-97 Link Here
92	goto failed;	92	goto failed;
93	}	93	}
94		94
		95	if (ioctl(fd, TUNSETOWNER, uid) == -1) {
		96	debug("%s: failed to set tunnel owner (uid %d): %s", __func__,
		97	uid, strerror(errno));
		98	goto failed;
		99	}
		100
95	if (tun == SSH_TUNID_ANY)	101	if (tun == SSH_TUNID_ANY)
96	debug("%s: tunnel mode %d fd %d", __func__, mode, fd);	102	debug("%s: tunnel mode %d fd %d", __func__, mode, fd);
97	else	103	else

Lines 21-27 Link Here

(-)openssh-4.4p1.orig/openbsd-compat/port-tun.h (-1 / +1 lines)
21		21
22	#if defined(SSH_TUN_LINUX) \|\| defined(SSH_TUN_FREEBSD)	22	#if defined(SSH_TUN_LINUX) \|\| defined(SSH_TUN_FREEBSD)
23	# define CUSTOM_SYS_TUN_OPEN	23	# define CUSTOM_SYS_TUN_OPEN
24	int sys_tun_open(int, int);	24	int sys_tun_open(int, int, uid_t);
25	#endif	25	#endif
26		26
27	#if defined(SSH_TUN_COMPAT_AF) \|\| defined(SSH_TUN_PREPEND_AF)	27	#if defined(SSH_TUN_COMPAT_AF) \|\| defined(SSH_TUN_PREPEND_AF)

Lines 977-983 Link Here

(-)openssh-4.4p1.orig/serverloop.c (-1 / +1 lines)
977	goto done;	977	goto done;
978	tun = forced_tun_device;	978	tun = forced_tun_device;
979	}	979	}
980	sock = tun_open(tun, mode);	980	sock = tun_open(tun, mode, the_authctxt->pw->pw_uid);
981	if (sock < 0)	981	if (sock < 0)
982	goto done;	982	goto done;
983	c = channel_new("tun", SSH_CHANNEL_OPEN, sock, sock, -1,	983	c = channel_new("tun", SSH_CHANNEL_OPEN, sock, sock, -1,

Lines 1121-1127 Link Here

(-)openssh-4.4p1.orig/ssh.c (-1 / +1 lines)
1121		1121
1122	debug("Requesting tun.");	1122	debug("Requesting tun.");
1123	if ((fd = tun_open(options.tun_local,	1123	if ((fd = tun_open(options.tun_local,
1124	options.tun_open)) >= 0) {	1124	options.tun_open, original_real_uid)) >= 0) {
1125	c = channel_new("tun", SSH_CHANNEL_OPENING, fd, fd, -1,	1125	c = channel_new("tun", SSH_CHANNEL_OPENING, fd, fd, -1,
1126	CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT,	1126	CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT,
1127	0, "tun", 1);	1127	0, "tun", 1);

Return to bug 1223

Lines 631-640 Link Here

(-)openssh-4.4p1.orig/misc.c (-2 / +7 lines)
631	}	631	}
632		632
633	int	633	int
634	tun_open(int tun, int mode)	634	tun_open(int tun, int mode, uid_t uid)
635	{	635	{
636	#if defined(CUSTOM_SYS_TUN_OPEN)	636	#if defined(CUSTOM_SYS_TUN_OPEN)
637	return (sys_tun_open(tun, mode));	637	return (sys_tun_open(tun, mode, uid));
638	#elif defined(SSH_TUN_OPENBSD)	638	#elif defined(SSH_TUN_OPENBSD)
639	struct ifreq ifr;	639	struct ifreq ifr;
640	char name[100];	640	char name[100];
Lines 679-684 Link Here
679	if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)	679	if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
680	goto failed;	680	goto failed;
681		681
		682	/* Set interface owner */
		683	/* XXX: This is most definitely wrong and is considered a stub :) */
		684	if (ioctl(fd, TUNSETOWNER, uid) == -1)
		685	goto failed;
		686
682	/* Bring interface up */	687	/* Bring interface up */
683	ifr.ifr_flags \|= IFF_UP;	688	ifr.ifr_flags \|= IFF_UP;
684	if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)	689	if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)