Attachment #1315 for bug #1223




}

int
tun_open(int tun, int mode, uid_t uid)
{
#if defined(CUSTOM_SYS_TUN_OPEN)
	return (sys_tun_open(tun, mode, uid));
#elif defined(SSH_TUN_OPENBSD)
	struct ifreq ifr;
	char name[100];

	if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
		goto failed;

   /* Set interface owner */
   /* XXX: This is most definitely wrong and is considered a stub :) */
   if (ioctl(fd, TUNSETOWNER, uid) == -1) 
      goto failed;

	/* Bring interface up */
	ifr.ifr_flags |= IFF_UP;
	if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)

Lines 48-54 Link Here

(-)openssh-4.6p1.orig/misc.h (-1 / +1 lines)
48	__attribute__((format(printf, 3, 4)));	48	__attribute__((format(printf, 3, 4)));
49	void freeargs(arglist *);	49	void freeargs(arglist *);
50		50
51	int tun_open(int, int);	51	int tun_open(int, int, uid_t);
52		52
53	/* Common definitions for ssh tunnel device forwarding */	53	/* Common definitions for ssh tunnel device forwarding */
54	#define SSH_TUNMODE_NO 0x00	54	#define SSH_TUNMODE_NO 0x00

Lines 54-60 Link Here

(-)openssh-4.6p1.orig/openbsd-compat/port-tun.c (-1 / +7 lines)
54	#include <linux/if_tun.h>	54	#include <linux/if_tun.h>
55		55
56	int	56	int
57	sys_tun_open(int tun, int mode)	57	sys_tun_open(int tun, int mode, uid_t uid)
58	{	58	{
59	struct ifreq ifr;	59	struct ifreq ifr;
60	int fd = -1;	60	int fd = -1;
Lines 92-97 Link Here
92	goto failed;	92	goto failed;
93	}	93	}
94		94
		95	if (ioctl(fd, TUNSETOWNER, uid) == -1) {
		96	debug("%s: failed to set tunnel owner (uid %d): %s", __func__,
		97	uid, strerror(errno));
		98	goto failed;
		99	}
		100
95	if (tun == SSH_TUNID_ANY)	101	if (tun == SSH_TUNID_ANY)
96	debug("%s: tunnel mode %d fd %d", __func__, mode, fd);	102	debug("%s: tunnel mode %d fd %d", __func__, mode, fd);
97	else	103	else

Lines 21-27 Link Here

(-)openssh-4.6p1.orig/openbsd-compat/port-tun.h (-1 / +1 lines)
21		21
22	#if defined(SSH_TUN_LINUX) \|\| defined(SSH_TUN_FREEBSD)	22	#if defined(SSH_TUN_LINUX) \|\| defined(SSH_TUN_FREEBSD)
23	# define CUSTOM_SYS_TUN_OPEN	23	# define CUSTOM_SYS_TUN_OPEN
24	int sys_tun_open(int, int);	24	int sys_tun_open(int, int, uid_t);
25	#endif	25	#endif
26		26
27	#if defined(SSH_TUN_COMPAT_AF) \|\| defined(SSH_TUN_PREPEND_AF)	27	#if defined(SSH_TUN_COMPAT_AF) \|\| defined(SSH_TUN_PREPEND_AF)

Lines 991-997 Link Here

(-)openssh-4.6p1.orig/serverloop.c (-1 / +1 lines)
991	goto done;	991	goto done;
992	tun = forced_tun_device;	992	tun = forced_tun_device;
993	}	993	}
994	sock = tun_open(tun, mode);	994	sock = tun_open(tun, mode, the_authctxt->pw->pw_uid);
995	if (sock < 0)	995	if (sock < 0)
996	goto done;	996	goto done;
997	c = channel_new("tun", SSH_CHANNEL_OPEN, sock, sock, -1,	997	c = channel_new("tun", SSH_CHANNEL_OPEN, sock, sock, -1,

Lines 1121-1127 Link Here

(-)openssh-4.6p1.orig/ssh.c (-1 / +1 lines)
1121		1121
1122	debug("Requesting tun.");	1122	debug("Requesting tun.");
1123	if ((fd = tun_open(options.tun_local,	1123	if ((fd = tun_open(options.tun_local,
1124	options.tun_open)) >= 0) {	1124	options.tun_open, original_real_uid)) >= 0) {
1125	c = channel_new("tun", SSH_CHANNEL_OPENING, fd, fd, -1,	1125	c = channel_new("tun", SSH_CHANNEL_OPENING, fd, fd, -1,
1126	CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT,	1126	CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT,
1127	0, "tun", 1);	1127	0, "tun", 1);

Return to bug 1223

Lines 633-642 Link Here

(-)openssh-4.6p1.orig/misc.c (-2 / +7 lines)
633	}	633	}
634		634
635	int	635	int
636	tun_open(int tun, int mode)	636	tun_open(int tun, int mode, uid_t uid)
637	{	637	{
638	#if defined(CUSTOM_SYS_TUN_OPEN)	638	#if defined(CUSTOM_SYS_TUN_OPEN)
639	return (sys_tun_open(tun, mode));	639	return (sys_tun_open(tun, mode, uid));
640	#elif defined(SSH_TUN_OPENBSD)	640	#elif defined(SSH_TUN_OPENBSD)
641	struct ifreq ifr;	641	struct ifreq ifr;
642	char name[100];	642	char name[100];
Lines 681-686 Link Here
681	if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)	681	if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
682	goto failed;	682	goto failed;
683		683
		684	/* Set interface owner */
		685	/* XXX: This is most definitely wrong and is considered a stub :) */
		686	if (ioctl(fd, TUNSETOWNER, uid) == -1)
		687	goto failed;
		688
684	/* Bring interface up */	689	/* Bring interface up */
685	ifr.ifr_flags \|= IFF_UP;	690	ifr.ifr_flags \|= IFF_UP;
686	if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)	691	if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)