version 1.300, 2018/07/11 18:53:29 |
version 1.301, 2018/07/18 11:34:04 |
|
|
#include "ssh.h" |
#include "ssh.h" |
#include "sshbuf.h" |
#include "sshbuf.h" |
#include "packet.h" |
#include "packet.h" |
#include "uidswap.h" |
|
#include "compat.h" |
#include "compat.h" |
#include "sshkey.h" |
#include "sshkey.h" |
#include "sshconnect.h" |
#include "sshconnect.h" |
|
|
if ((pid = fork()) == 0) { |
if ((pid = fork()) == 0) { |
char *argv[10]; |
char *argv[10]; |
|
|
/* Child. Permanently give up superuser privileges. */ |
|
permanently_drop_suid(original_real_uid); |
|
|
|
close(sp[1]); |
close(sp[1]); |
/* Redirect stdin and stdout. */ |
/* Redirect stdin and stdout. */ |
if (sp[0] != 0) { |
if (sp[0] != 0) { |
|
|
if ((pid = fork()) == 0) { |
if ((pid = fork()) == 0) { |
char *argv[10]; |
char *argv[10]; |
|
|
/* Child. Permanently give up superuser privileges. */ |
|
permanently_drop_suid(original_real_uid); |
|
|
|
/* Redirect stdin and stdout. */ |
/* Redirect stdin and stdout. */ |
close(pin[1]); |
close(pin[1]); |
if (pin[0] != 0) { |
if (pin[0] != 0) { |
|
|
static int |
static int |
ssh_create_socket(int privileged, struct addrinfo *ai) |
ssh_create_socket(int privileged, struct addrinfo *ai) |
{ |
{ |
int sock, r, oerrno; |
int sock, r; |
struct sockaddr_storage bindaddr; |
struct sockaddr_storage bindaddr; |
socklen_t bindaddrlen = 0; |
socklen_t bindaddrlen = 0; |
struct addrinfo hints, *res = NULL; |
struct addrinfo hints, *res = NULL; |
|
|
ssh_gai_strerror(r)); |
ssh_gai_strerror(r)); |
goto fail; |
goto fail; |
} |
} |
/* |
if (bind(sock, (struct sockaddr *)&bindaddr, bindaddrlen) != 0) { |
* If we are running as root and want to connect to a privileged |
|
* port, bind our own socket to a privileged port. |
|
*/ |
|
if (privileged) { |
|
PRIV_START; |
|
r = bindresvport_sa(sock, |
|
bindaddrlen == 0 ? NULL : (struct sockaddr *)&bindaddr); |
|
oerrno = errno; |
|
PRIV_END; |
|
if (r < 0) { |
|
error("bindresvport_sa %s: %s", ntop, |
|
strerror(oerrno)); |
|
goto fail; |
|
} |
|
} else if (bind(sock, (struct sockaddr *)&bindaddr, bindaddrlen) != 0) { |
|
error("bind %s: %s", ntop, strerror(errno)); |
error("bind %s: %s", ntop, strerror(errno)); |
goto fail; |
goto fail; |
} |
} |