src/usr.bin/ssh/auth.c - diff

Return to auth.c CVS log

Up to [local] / src / usr.bin / ssh

version 1.24, 2001/06/23 00:20:57

version 1.25, 2001/06/25 17:54:48

Line 299

* Returns 0 on success and -1 on failure

int

secure_filename(FILE *f, const char *file, uid_t uid, char *err, size_t errlen)

secure_filename(FILE *f, const char *file, struct passwd *pw,

char *err, size_t errlen)

{

uid_t uid = pw->pw_uid;

char homedir[MAXPATHLEN];

char buf[MAXPATHLEN];

char *cp;

struct stat st;

strlcpy(homedir, dirname(pw->pw_dir), sizeof(homedir));

if (realpath(file, buf) == NULL) {

snprintf(err, errlen, "realpath %s failed: %s", file,

strerror(errno));

Line 320

Line 325

return -1;

}

debug3("secure_filename: terminating check at '%s'", homedir);

/* for each component of the canonical path, walking upwards */

for (;;) {

if ((cp = dirname(buf)) == NULL) {

Line 327

Line 334

return -1;

}

strlcpy(buf, cp, sizeof(buf));

/* If are passed the homedir then we can stop */

if (strcmp(buf, homedir) == 0)

break;

debug3("secure_filename: checking '%s'", buf);

if (stat(buf, &st) < 0 ||