=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/uidswap.c,v retrieving revision 1.20.2.2 retrieving revision 1.21 diff -u -r1.20.2.2 -r1.21 --- src/usr.bin/ssh/uidswap.c 2002/10/11 14:51:53 1.20.2.2 +++ src/usr.bin/ssh/uidswap.c 2002/05/28 17:28:02 1.21 @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: uidswap.c,v 1.20.2.2 2002/10/11 14:51:53 miod Exp $"); +RCSID("$OpenBSD: uidswap.c,v 1.21 2002/05/28 17:28:02 stevesk Exp $"); #include "log.h" #include "uidswap.h" @@ -46,16 +46,15 @@ { /* Save the current euid, and egroups. */ saved_euid = geteuid(); - saved_egid = getegid(); - debug("temporarily_use_uid: %u/%u (e=%u/%u)", - (u_int)pw->pw_uid, (u_int)pw->pw_gid, - (u_int)saved_euid, (u_int)saved_egid); + debug("temporarily_use_uid: %u/%u (e=%u)", + (u_int)pw->pw_uid, (u_int)pw->pw_gid, (u_int)saved_euid); if (saved_euid != 0) { privileged = 0; return; } privileged = 1; temporarily_use_uid_effective = 1; + saved_egid = getegid(); saved_egroupslen = getgroups(NGROUPS_MAX, saved_egroups); if (saved_egroupslen < 0) fatal("getgroups: %.100s", strerror(errno)); @@ -86,14 +85,12 @@ void restore_uid(void) { + debug("restore_uid"); /* it's a no-op unless privileged */ - if (!privileged) { - debug("restore_uid: (unprivileged)"); + if (!privileged) return; - } if (!temporarily_use_uid_effective) fatal("restore_uid: temporarily_use_uid not effective"); - debug("restore_uid: %u/%u", (u_int)saved_euid, (u_int)saved_egid); /* Set the effective uid back to the saved privileged uid. */ if (seteuid(saved_euid) < 0) fatal("seteuid %u: %.100s", (u_int)saved_euid, strerror(errno)); @@ -112,9 +109,7 @@ permanently_set_uid(struct passwd *pw) { if (temporarily_use_uid_effective) - fatal("permanently_set_uid: temporarily_use_uid effective"); - debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid, - (u_int)pw->pw_gid); + fatal("restore_uid: temporarily_use_uid effective"); if (setgid(pw->pw_gid) < 0) fatal("setgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno)); if (setuid(pw->pw_uid) < 0)