===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/uidswap.c,v
retrieving revision 1.24
retrieving revision 1.24.10.1
diff -u -r1.24 -r1.24.10.1
--- src/usr.bin/ssh/uidswap.c	2003/05/29 16:58:45	1.24
+++ src/usr.bin/ssh/uidswap.c	2006/10/06 03:19:33	1.24.10.1
@@ -1,3 +1,4 @@
+/* $OpenBSD: uidswap.c,v 1.24.10.1 2006/10/06 03:19:33 brad Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -11,8 +12,12 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-#include "includes.h"
-RCSID("$OpenBSD: uidswap.c,v 1.24 2003/05/29 16:58:45 deraadt Exp $");
+#include <sys/param.h>
+#include <errno.h>
+#include <pwd.h>
+#include <string.h>
+#include <unistd.h>
+#include <stdarg.h>
 
 #include "log.h"
 #include "uidswap.h"
@@ -115,12 +120,16 @@
 		fatal("permanently_set_uid: temporarily_use_uid effective");
 	debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid,
 	    (u_int)pw->pw_gid);
-	if (setegid(pw->pw_gid) < 0)
-		fatal("setegid %u: %.100s", (u_int)pw->pw_gid, strerror(errno));
-	if (setgid(pw->pw_gid) < 0)
-		fatal("setgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno));
-	if (seteuid(pw->pw_uid) < 0)
-		fatal("seteuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno));
-	if (setuid(pw->pw_uid) < 0)
-		fatal("setuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno));
+	if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) != 0)
+		fatal("setresgid %u: %s", (u_int)pw->pw_gid, strerror(errno));
+	if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) != 0)
+		fatal("setresuid %u: %s", (u_int)pw->pw_uid, strerror(errno));
+}
+
+void
+permanently_drop_suid(uid_t uid)
+{
+	debug("permanently_drop_suid: %u", (u_int)uid);
+	if (setresuid(uid, uid, uid) != 0)
+		fatal("setresuid %u: %s", (u_int)uid, strerror(errno));
 }