=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/rdistd/server.c,v retrieving revision 1.44 retrieving revision 1.45 diff -c -r1.44 -r1.45 *** src/usr.bin/rdistd/server.c 2018/09/09 13:53:11 1.44 --- src/usr.bin/rdistd/server.c 2018/09/21 19:13:49 1.45 *************** *** 1,4 **** ! /* $OpenBSD: server.c,v 1.44 2018/09/09 13:53:11 millert Exp $ */ /* * Copyright (c) 1983 Regents of the University of California. --- 1,4 ---- ! /* $OpenBSD: server.c,v 1.45 2018/09/21 19:13:49 millert Exp $ */ /* * Copyright (c) 1983 Regents of the University of California. *************** *** 177,183 **** static int fchog(int fd, char *file, char *owner, char *group, int mode) { - static struct group *gr = NULL; int i; struct stat st; uid_t uid; --- 177,182 ---- *************** *** 189,197 **** if (*owner == ':') { uid = (uid_t) atoi(owner + 1); } else if (strcmp(owner, locuser) != 0) { ! struct passwd *pw; ! ! if ((pw = getpwnam(owner)) == NULL) { if (mode != -1 && IS_ON(mode, S_ISUID)) { message(MT_NOTICE, "%s: unknown login name \"%s\", clearing setuid", --- 188,194 ---- if (*owner == ':') { uid = (uid_t) atoi(owner + 1); } else if (strcmp(owner, locuser) != 0) { ! if (uid_from_user(owner, &uid) == -1) { if (mode != -1 && IS_ON(mode, S_ISUID)) { message(MT_NOTICE, "%s: unknown login name \"%s\", clearing setuid", *************** *** 202,209 **** message(MT_NOTICE, "%s: unknown login name \"%s\"", target, owner); ! } else ! uid = pw->pw_uid; } else { uid = userid; primegid = groupid; --- 199,205 ---- message(MT_NOTICE, "%s: unknown login name \"%s\"", target, owner); ! } } else { uid = userid; primegid = groupid; *************** *** 213,220 **** goto ok; } } else { /* not root, setuid only if user==owner */ - struct passwd *lupw; - if (mode != -1) { if (IS_ON(mode, S_ISUID) && strcmp(locuser, owner) != 0) --- 209,214 ---- *************** *** 222,256 **** if (mode) mode &= ~S_ISVTX; /* and strip sticky too */ } ! ! if ((lupw = getpwnam(locuser)) != NULL) ! primegid = lupw->pw_gid; } gid = (gid_t)-1; ! if (gr == NULL || strcmp(group, gr->gr_name) != 0) { ! if ((*group == ':' && ! (getgrgid(gid = atoi(group + 1)) == NULL)) ! || ((gr = (struct group *)getgrnam(group)) == NULL)) { ! if (mode != -1 && IS_ON(mode, S_ISGID)) { ! message(MT_NOTICE, ! "%s: unknown group \"%s\", clearing setgid", ! target, group); ! mode &= ~S_ISGID; ! } else ! message(MT_NOTICE, ! "%s: unknown group \"%s\"", ! target, group); } else ! gid = gr->gr_gid; ! } else ! gid = gr->gr_gid; if (userid && gid != (gid_t)-1 && gid != primegid) { ! if (gr) ! for (i = 0; gr->gr_mem[i] != NULL; i++) ! if (strcmp(locuser, gr->gr_mem[i]) == 0) ! goto ok; if (mode != -1 && IS_ON(mode, S_ISGID)) { message(MT_NOTICE, "%s: user %s not in group %s, clearing setgid", --- 216,244 ---- if (mode) mode &= ~S_ISVTX; /* and strip sticky too */ } ! primegid = groupid; } gid = (gid_t)-1; ! if (*group == ':') { ! gid = (gid_t) atoi(group + 1); ! } else if (gid_from_group(group, &gid) == -1) { ! if (mode != -1 && IS_ON(mode, S_ISGID)) { ! message(MT_NOTICE, ! "%s: unknown group \"%s\", clearing setgid", ! target, group); ! mode &= ~S_ISGID; } else ! message(MT_NOTICE, ! "%s: unknown group \"%s\"", ! target, group); ! } if (userid && gid != (gid_t)-1 && gid != primegid) { ! for (i = 0; i < gidsetlen; i++) { ! if (gid == gidset[i]) ! goto ok; ! } if (mode != -1 && IS_ON(mode, S_ISGID)) { message(MT_NOTICE, "%s: user %s not in group %s, clearing setgid",