| [1] | 1 | # scripts.mit.edu krb5 kuserok patch |
|---|
| 2 | # Copyright (C) 2006 Tim Abbott <tabbott@mit.edu> |
|---|
| 3 | # |
|---|
| 4 | # This program is free software; you can redistribute it and/or |
|---|
| 5 | # modify it under the terms of the GNU General Public License |
|---|
| 6 | # as published by the Free Software Foundation; either version 2 |
|---|
| 7 | # of the License, or (at your option) any later version. |
|---|
| 8 | # |
|---|
| 9 | # This program is distributed in the hope that it will be useful, |
|---|
| 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|---|
| 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|---|
| 12 | # GNU General Public License for more details. |
|---|
| 13 | # |
|---|
| 14 | # You should have received a copy of the GNU General Public License |
|---|
| 15 | # along with this program; if not, write to the Free Software |
|---|
| 16 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA |
|---|
| 17 | # |
|---|
| 18 | # See /COPYRIGHT in this repository for more information. |
|---|
| 19 | # |
|---|
| [1069] | 20 | --- krb5-1.6.3/src/lib/krb5/os/kuserok.c.old 2009-04-08 06:17:06.000000000 -0400 |
|---|
| 21 | +++ krb5-1.6.3/src/lib/krb5/os/kuserok.c 2009-04-08 06:17:18.000000000 -0400 |
|---|
| [1] | 22 | @@ -31,6 +31,7 @@ |
|---|
| 23 | #if !defined(_WIN32) /* Not yet for Windows */ |
|---|
| 24 | #include <stdio.h> |
|---|
| 25 | #include <pwd.h> |
|---|
| 26 | +#include <sys/wait.h> |
|---|
| 27 | |
|---|
| 28 | #if defined(_AIX) && defined(_IBMR2) |
|---|
| 29 | #include <sys/access.h> |
|---|
| [1069] | 30 | @@ -71,7 +72,6 @@ |
|---|
| [1] | 31 | { |
|---|
| 32 | struct stat sbuf; |
|---|
| 33 | struct passwd *pwd; |
|---|
| 34 | - char pbuf[MAXPATHLEN]; |
|---|
| 35 | krb5_boolean isok = FALSE; |
|---|
| 36 | FILE *fp; |
|---|
| 37 | char kuser[MAX_USERNAME]; |
|---|
| [1693] | 38 | @@ -79,71 +79,35 @@ |
|---|
| [1] | 39 | char linebuf[BUFSIZ]; |
|---|
| 40 | char *newline; |
|---|
| 41 | int gobble; |
|---|
| 42 | + int pid, status; |
|---|
| 43 | |
|---|
| 44 | /* no account => no access */ |
|---|
| 45 | char pwbuf[BUFSIZ]; |
|---|
| 46 | struct passwd pwx; |
|---|
| 47 | if (k5_getpwnam_r(luser, &pwx, pwbuf, sizeof(pwbuf), &pwd) != 0) |
|---|
| 48 | return(FALSE); |
|---|
| 49 | - (void) strncpy(pbuf, pwd->pw_dir, sizeof(pbuf) - 1); |
|---|
| 50 | - pbuf[sizeof(pbuf) - 1] = '\0'; |
|---|
| 51 | - (void) strncat(pbuf, "/.k5login", sizeof(pbuf) - 1 - strlen(pbuf)); |
|---|
| 52 | - |
|---|
| 53 | - if (access(pbuf, F_OK)) { /* not accessible */ |
|---|
| 54 | - /* |
|---|
| 55 | - * if he's trying to log in as himself, and there is no .k5login file, |
|---|
| 56 | - * let him. To find out, call |
|---|
| 57 | - * krb5_aname_to_localname to convert the principal to a name |
|---|
| 58 | - * which we can string compare. |
|---|
| 59 | - */ |
|---|
| 60 | - if (!(krb5_aname_to_localname(context, principal, |
|---|
| 61 | - sizeof(kuser), kuser)) |
|---|
| 62 | - && (strcmp(kuser, luser) == 0)) { |
|---|
| 63 | - return(TRUE); |
|---|
| 64 | - } |
|---|
| 65 | - } |
|---|
| 66 | if (krb5_unparse_name(context, principal, &princname)) |
|---|
| 67 | return(FALSE); /* no hope of matching */ |
|---|
| 68 | |
|---|
| 69 | - /* open ~/.k5login */ |
|---|
| 70 | - if ((fp = fopen(pbuf, "r")) == NULL) { |
|---|
| 71 | - free(princname); |
|---|
| 72 | - return(FALSE); |
|---|
| 73 | - } |
|---|
| [1693] | 74 | - set_cloexec_file(fp); |
|---|
| [1] | 75 | - /* |
|---|
| 76 | - * For security reasons, the .k5login file must be owned either by |
|---|
| 77 | - * the user himself, or by root. Otherwise, don't grant access. |
|---|
| 78 | - */ |
|---|
| 79 | - if (fstat(fileno(fp), &sbuf)) { |
|---|
| 80 | - fclose(fp); |
|---|
| 81 | - free(princname); |
|---|
| 82 | - return(FALSE); |
|---|
| [1069] | 83 | + if ((pid = fork()) == -1) { |
|---|
| 84 | + free(princname); |
|---|
| 85 | + return(FALSE); |
|---|
| 86 | } |
|---|
| [35] | 87 | - if (sbuf.st_uid != pwd->pw_uid && !FILE_OWNER_OK(sbuf.st_uid)) { |
|---|
| [1] | 88 | - fclose(fp); |
|---|
| 89 | - free(princname); |
|---|
| 90 | - return(FALSE); |
|---|
| [1069] | 91 | + if (pid == 0) { |
|---|
| 92 | + char *args[4]; |
|---|
| 93 | +#define ADMOF_PATH "/usr/local/sbin/ssh-admof" |
|---|
| 94 | + args[0] = ADMOF_PATH; |
|---|
| 95 | + args[1] = (char *) luser; |
|---|
| 96 | + args[2] = princname; |
|---|
| 97 | + args[3] = NULL; |
|---|
| 98 | + execv(ADMOF_PATH, args); |
|---|
| 99 | + exit(1); |
|---|
| 100 | } |
|---|
| [1] | 101 | - |
|---|
| 102 | - /* check each line */ |
|---|
| 103 | - while (!isok && (fgets(linebuf, BUFSIZ, fp) != NULL)) { |
|---|
| 104 | - /* null-terminate the input string */ |
|---|
| 105 | - linebuf[BUFSIZ-1] = '\0'; |
|---|
| 106 | - newline = NULL; |
|---|
| 107 | - /* nuke the newline if it exists */ |
|---|
| 108 | - if ((newline = strchr(linebuf, '\n'))) |
|---|
| 109 | - *newline = '\0'; |
|---|
| 110 | - if (!strcmp(linebuf, princname)) { |
|---|
| 111 | - isok = TRUE; |
|---|
| 112 | - continue; |
|---|
| 113 | - } |
|---|
| 114 | - /* clean up the rest of the line if necessary */ |
|---|
| 115 | - if (!newline) |
|---|
| 116 | - while (((gobble = getc(fp)) != EOF) && gobble != '\n'); |
|---|
| 117 | + if (waitpid(pid, &status, 0) > 0 && WIFEXITED(status) && WEXITSTATUS(status) == 33) { |
|---|
| 118 | + isok=TRUE; |
|---|
| [1069] | 119 | } |
|---|
| [1] | 120 | + |
|---|
| 121 | free(princname); |
|---|
| 122 | - fclose(fp); |
|---|
| 123 | return(isok); |
|---|
| 124 | } |
|---|
| 125 | |
|---|
