===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/channels.c,v
retrieving revision 1.72.2.4
retrieving revision 1.72.2.5
diff -u -r1.72.2.4 -r1.72.2.5
--- src/usr.bin/ssh/channels.c	2001/05/07 21:09:27	1.72.2.4
+++ src/usr.bin/ssh/channels.c	2001/06/12 22:47:33	1.72.2.5
@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.72.2.4 2001/05/07 21:09:27 jason Exp $");
+RCSID("$OpenBSD: channels.c,v 1.72.2.5 2001/06/12 22:47:33 miod Exp $");
 
 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
@@ -2524,10 +2524,17 @@
 /* removes the agent forwarding socket */
 
 void
-cleanup_socket(void)
+auth_sock_cleanup_proc(void *_pw)
 {
-	unlink(channel_forwarded_auth_socket_name);
-	rmdir(channel_forwarded_auth_socket_dir);
+	struct passwd *pw = _pw;
+
+	if (channel_forwarded_auth_socket_name) {
+		temporarily_use_uid(pw);
+		unlink(channel_forwarded_auth_socket_name);
+		rmdir(channel_forwarded_auth_socket_dir);
+		channel_forwarded_auth_socket_name = NULL;
+		restore_uid();
+	}
 }
 
 /*
@@ -2566,11 +2573,9 @@
 	snprintf(channel_forwarded_auth_socket_name, MAX_SOCKET_NAME, "%s/agent.%d",
 		 channel_forwarded_auth_socket_dir, (int) getpid());
 
-	if (atexit(cleanup_socket) < 0) {
-		int saved = errno;
-		cleanup_socket();
-		packet_disconnect("socket: %.100s", strerror(saved));
-	}
+	/* delete agent socket on fatal() */
+	fatal_add_cleanup(auth_sock_cleanup_proc, pw);
+
 	/* Create the socket. */
 	sock = socket(AF_UNIX, SOCK_STREAM, 0);
 	if (sock < 0)