-/* $OpenBSD: su.c,v 1.20 1997/02/11 18:26:32 millert Exp $ */
+/* $OpenBSD: su.c,v 1.21 1997/02/18 20:07:56 tholo Exp $ */
/*
* Copyright (c) 1988 The Regents of the University of California.
#ifndef lint
/*static char sccsid[] = "from: @(#)su.c 5.26 (Berkeley) 7/6/91";*/
-static char rcsid[] = "$OpenBSD: su.c,v 1.20 1997/02/11 18:26:32 millert Exp $";
+static char rcsid[] = "$OpenBSD: su.c,v 1.21 1997/02/18 20:07:56 tholo Exp $";
#endif /* not lint */
#include <sys/param.h>
#include <kerberosIV/des.h>
#include <kerberosIV/krb.h>
#include <netdb.h>
-#include <fcntl.h>
-#include <sys/stat.h>
#define ARGSTR "-Kflm"
-void kdestroy __P((void));
-void dofork __P((void));
-
int use_kerberos = 1;
-char krbtkfile[MAXPATHLEN];
#else
#define ARGSTR "-flm"
#endif
char *ontty __P((void));
int chshell __P((char *));
-#ifdef KERBEROS
-void
-dofork()
-{
- pid_t child;
-
- if (!(child = fork()))
- return; /* Child process */
-
- /* Setup stuff? This would be things we could do in parallel with login */
- (void) chdir("/"); /* Let's not keep the fs busy... */
-
- /* If we're the parent, watch the child until it dies */
- while (wait(0) != child)
- ;
-
- /* Run kdestroy to destroy tickets */
- kdestroy();
-
- /* Leave */
- exit(0);
-}
-#endif
-
int
main(argc, argv)
int argc;
if (ruid) {
#ifdef KERBEROS
- if (use_kerberos == 0 ||
- (use_kerberos = !kerberos(username, user, pwd->pw_uid)) == 0)
+ if (!use_kerberos || kerberos(username, user, pwd->pw_uid))
#endif
{
/* only allow those in group zero to su to root. */
if (iscsh == UNSET)
iscsh = strcmp(avshell, "csh") ? NO : YES;
-#if defined(KERBEROS) || defined(KERBEROS5)
- /* Fork so that we can call kdestroy */
- if (use_kerberos)
- dofork();
-#endif
-
/* set permissions */
if (setegid(pwd->pw_gid) < 0)
err(1, "setegid");
register char *p;
int kerno;
u_long faddr;
- char lrealm[REALM_SZ];
+ char lrealm[REALM_SZ], krbtkfile[MAXPATHLEN];
char hostname[MAXHOSTNAMELEN], savehost[MAXHOSTNAMELEN];
char *ontty(), *krb_get_phost();
return (kuserok(kdata, toname));
}
-
-void
-kdestroy()
-{
- char *file = krbtkfile;
- int i, fd;
- extern int errno;
- struct stat statb;
- char buf[BUFSIZ];
-#ifdef TKT_SHMEM
- char shmidname[MAXPATHLEN];
-#endif /* TKT_SHMEM */
-
- if (use_kerberos == 0)
- return;
-
- errno = 0;
- if (lstat(file, &statb) < 0)
- goto out;
-
- if (!(statb.st_mode & S_IFREG)
-#ifdef notdef
- || statb.st_mode & 077
-#endif
- )
- goto out;
-
- if ((fd = open(file, O_RDWR, 0)) < 0)
- goto out;
-
- bzero(buf, BUFSIZ);
-
- for (i = 0; i < statb.st_size; i += BUFSIZ)
- if (write(fd, buf, BUFSIZ) != BUFSIZ) {
- (void) fsync(fd);
- (void) close(fd);
- goto out;
- }
-
- (void) fsync(fd);
- (void) close(fd);
-
- (void) unlink(file);
-
-out:
- if (errno != 0) return;
-#ifdef TKT_SHMEM
- /*
- * handle the shared memory case
- */
- (void) strcpy(shmidname, file);
- (void) strcat(shmidname, ".shm");
- if (krb_shm_dest(shmidname) != KSUCCESS)
- return;
-#endif /* TKT_SHMEM */
- return;
-}
#endif
projects / openbsd / commitdiff