[packages/openssh.git] / openssh-chroot.patch

diff -uNr openssh-3.7p1/session.c openssh-3.7p1-chroot/session.c
--- openssh-3.7p1/session.c	Mon Sep 15 21:52:19 2003
+++ openssh-3.7p1-chroot/session.c	Tue Sep 16 14:23:34 2003
@@ -62,6 +62,8 @@
 #include "ssh-gss.h"
 #endif
 
+#define CHROOT
+
 /* func */
 
 Session *session_new(void);
@@ -1227,6 +1229,12 @@
 void
 do_setusercontext(struct passwd *pw)
 {
+
+#ifdef CHROOT
+	char *user_dir;
+	char *new_root;
+#endif /* CHROOT */
+
 #ifndef HAVE_CYGWIN
 	if (getuid() == 0 || geteuid() == 0)
 #endif /* HAVE_CYGWIN */
@@ -1264,6 +1272,27 @@
 			exit(1);
 		}
 		endgrent();
+
+#ifdef CHROOT
+		user_dir = xstrdup(pw->pw_dir);
+		new_root = user_dir + 1;
+
+		while((new_root = strchr(new_root, '.')) != NULL) {
+			new_root--;
+			if(strncmp(new_root, "/./", 3) == 0) {
+				*new_root = '\0';
+				new_root += 2;
+
+				if(chroot(user_dir) != 0)
+					fatal("Couldn't chroot to user directory % s", user_dir);
+					pw->pw_dir = new_root;
+					break;
+				}
+				new_root += 2;
+		}
+#endif /* CHROOT */
+
+
 # ifdef USE_PAM
 		/*
 		 * PAM credentials may take the form of supplementary groups.
Commit	Line	Data
e5aad4e5	1	diff -uNr openssh-3.7p1/session.c openssh-3.7p1-chroot/session.c
	2	--- openssh-3.7p1/session.c Mon Sep 15 21:52:19 2003
	3	+++ openssh-3.7p1-chroot/session.c Tue Sep 16 14:23:34 2003
	4	@@ -62,6 +62,8 @@
	5	#include "ssh-gss.h"
	6	#endif
	7
	8	+#define CHROOT
	9	+
	10	/* func */
	11
	12	Session *session_new(void);
	13	@@ -1227,6 +1229,12 @@
	14	void
	15	do_setusercontext(struct passwd *pw)
	16	{
	17	+
	18	+#ifdef CHROOT
	19	+ char *user_dir;
	20	+ char *new_root;
	21	+#endif /* CHROOT */
	22	+
	23	#ifndef HAVE_CYGWIN
	24	if (getuid() == 0 \|\| geteuid() == 0)
	25	#endif /* HAVE_CYGWIN */
	26	@@ -1264,6 +1272,27 @@
	27	exit(1);
	28	}
	29	endgrent();
	30	+
	31	+#ifdef CHROOT
	32	+ user_dir = xstrdup(pw->pw_dir);
	33	+ new_root = user_dir + 1;
	34	+
	35	+ while((new_root = strchr(new_root, '.')) != NULL) {
	36	+ new_root--;
	37	+ if(strncmp(new_root, "/./", 3) == 0) {
	38	+ *new_root = '\0';
	39	+ new_root += 2;
	40	+
	41	+ if(chroot(user_dir) != 0)
	42	+ fatal("Couldn't chroot to user directory % s", user_dir);
	43	+ pw->pw_dir = new_root;
	44	+ break;
	45	+ }
	46	+ new_root += 2;
	47	+ }
	48	+#endif /* CHROOT */
	49	+
	50	+
	51	# ifdef USE_PAM
	52	/*
	53	* PAM credentials may take the form of supplementary groups.