Accept username from `kx'
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@973 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
@@ -86,11 +86,11 @@ recv_conn (int sock, des_cblock *key, des_key_schedule schedule,
|
|||||||
int status;
|
int status;
|
||||||
KTEXT_ST ticket;
|
KTEXT_ST ticket;
|
||||||
AUTH_DAT auth;
|
AUTH_DAT auth;
|
||||||
|
char user[ANAME_SZ + 1];
|
||||||
char instance[INST_SZ + 1];
|
char instance[INST_SZ + 1];
|
||||||
struct sockaddr_in thisaddr, thataddr;
|
struct sockaddr_in thisaddr, thataddr;
|
||||||
int addrlen;
|
int addrlen;
|
||||||
char version[KRB_SENDAUTH_VLEN];
|
char version[KRB_SENDAUTH_VLEN];
|
||||||
char *username;
|
|
||||||
u_char ok = 0;
|
u_char ok = 0;
|
||||||
struct passwd *passwd;
|
struct passwd *passwd;
|
||||||
|
|
||||||
@@ -113,13 +113,13 @@ recv_conn (int sock, des_cblock *key, des_key_schedule schedule,
|
|||||||
strncmp(version, KXVERSION, KRB_SENDAUTH_VLEN) != 0) {
|
strncmp(version, KXVERSION, KRB_SENDAUTH_VLEN) != 0) {
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
passwd = k_getpwnam (auth.pname);
|
if (krb_net_read (sock, user, sizeof(user)) != sizeof(user))
|
||||||
|
return 1;
|
||||||
|
passwd = k_getpwnam (user);
|
||||||
if (passwd == NULL)
|
if (passwd == NULL)
|
||||||
return fatal (sock, "Cannot find uid");
|
return fatal (sock, "Cannot find uid");
|
||||||
username = strdup (passwd->pw_name);
|
if (kuserok(&auth, user) != 0)
|
||||||
if (kuserok(&auth, username) != 0)
|
|
||||||
return fatal (sock, "Permission denied");
|
return fatal (sock, "Permission denied");
|
||||||
free (username);
|
|
||||||
if (setgid (passwd->pw_gid) ||
|
if (setgid (passwd->pw_gid) ||
|
||||||
initgroups(passwd->pw_name, passwd->pw_gid) ||
|
initgroups(passwd->pw_name, passwd->pw_gid) ||
|
||||||
setuid(passwd->pw_uid)) {
|
setuid(passwd->pw_uid)) {
|
||||||
|
|||||||
Reference in New Issue
Block a user