Bugzilla – Attachment 3402 Details for
Bug 3156
Prevent ~/.ssh creation
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
create ~/.ssh on demand
ssh-maybe-create-.ssh-dir.patch (text/plain), 2.64 KB, created by
Darren Tucker
on 2020-05-29 16:39:30 AEST
(
hide
)
Description:
create ~/.ssh on demand
Filename:
MIME Type:
Creator:
Darren Tucker
Created:
2020-05-29 16:39:30 AEST
Size:
2.64 KB
patch
obsolete
>Index: hostfile.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/hostfile.c,v >retrieving revision 1.80 >diff -u -p -r1.80 hostfile.c >--- hostfile.c 13 May 2020 09:52:41 -0000 1.80 >+++ hostfile.c 29 May 2020 06:35:42 -0000 >@@ -55,6 +55,7 @@ > #include "hostfile.h" > #include "log.h" > #include "misc.h" >+#include "pathnames.h" > #include "ssherr.h" > #include "digest.h" > #include "hmac.h" >@@ -448,6 +449,31 @@ write_host_entry(FILE *f, const char *ho > } > > /* >+ * Create user ~/.ssh directory if it doesn't exist and we want to write to it. >+ */ >+static void >+create_user_ssh_dir(const char *filename) >+{ >+ char *dirname = NULL, *p; >+ size_t len; >+ struct stat st; >+ >+ if ((p = strrchr(filename, '/')) == NULL) >+ goto done; >+ len = p - filename; >+ dirname = tilde_expand_filename("~/" _PATH_SSH_USER_DIR, getuid()); >+ if (strlen(dirname) > len || strncmp(filename, dirname, len) != 0 || >+ stat(dirname, &st) == 0) >+ goto done; /* path not in ~/.ssh or directory exists */ >+ debug3("%s: creating directory %s", __func__, dirname); >+ if (mkdir(dirname, 0700) == -1) >+ error("Could not create directory '%.200s' (%s).", >+ dirname, strerror(errno)); >+ done: >+ free(dirname); >+} >+ >+/* > * Appends an entry to the host file. Returns false if the entry could not > * be appended. > */ >@@ -460,6 +486,7 @@ add_host_to_hostfile(const char *filenam > > if (key == NULL) > return 1; /* XXX ? */ >+ create_user_ssh_dir(filename); > f = fopen(filename, "a"); > if (!f) > return 0; >Index: ssh.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/ssh.c,v >retrieving revision 1.528 >diff -u -p -r1.528 ssh.c >--- ssh.c 29 May 2020 04:25:40 -0000 1.528 >+++ ssh.c 29 May 2020 06:35:42 -0000 >@@ -629,7 +629,7 @@ main(int ac, char **av) > struct ssh *ssh = NULL; > int i, r, opt, exit_status, use_syslog, direct, timeout_ms; > int was_addr, config_test = 0, opt_terminated = 0, want_final_pass = 0; >- char *p, *cp, *line, *argv0, buf[PATH_MAX], *logfile; >+ char *p, *cp, *line, *argv0, *logfile; > char cname[NI_MAXHOST]; > struct stat st; > struct passwd *pw; >@@ -1549,16 +1549,6 @@ main(int ac, char **av) > L_CERT(_PATH_HOST_XMSS_KEY_FILE, 8); > L_PUBKEY(_PATH_HOST_XMSS_KEY_FILE, 9); > } >- } >- >- /* Create ~/.ssh * directory if it doesn't already exist. */ >- if (config == NULL) { >- r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir, >- strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR); >- if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) == -1) >- if (mkdir(buf, 0700) == -1) >- error("Could not create directory '%.200s'.", >- buf); > } > > /* load options.identity_files */
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3402">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 3156
: 3402