|
@@ -1,79 +0,0 @@
|
|
|
---- openssh-3.0.2p1/session.c.orig Sat Dec 1 18:37:08 2001
|
|
|
|
|
-+++ openssh-3.0.2p1/session.c Thu Dec 20 14:35:11 2001
|
|
|
|
|
-@@ -1038,6 +1038,10 @@
|
|
|
|
|
- struct stat st;
|
|
|
|
|
- char *argv[10];
|
|
|
|
|
- int do_xauth;
|
|
|
|
|
-+#ifdef HAVE_CHROOT
|
|
|
|
|
-+ char *user_dir;
|
|
|
|
|
-+ char *new_root;
|
|
|
|
|
-+#endif /* HAVE_CHROOT */
|
|
|
|
|
- #ifdef WITH_IRIX_PROJECT
|
|
|
|
|
- prid_t projid;
|
|
|
|
|
- #endif /* WITH_IRIX_PROJECT */
|
|
|
|
|
-@@ -1111,6 +1115,24 @@
|
|
|
|
|
-
|
|
|
|
|
- if (setlogin(pw->pw_name) < 0)
|
|
|
|
|
- error("setlogin failed: %s", strerror(errno));
|
|
|
|
|
-+#ifdef HAVE_CHROOT
|
|
|
|
|
-+ user_dir = xstrdup(pw->pw_dir);
|
|
|
|
|
-+ new_root = user_dir + 1;
|
|
|
|
|
-+ while((new_root = strchr(new_root, '.')) != NULL) {
|
|
|
|
|
-+ new_root--;
|
|
|
|
|
-+ if(strncmp(new_root, "/./", 3) == 0) {
|
|
|
|
|
-+ *new_root = '\0';
|
|
|
|
|
-+ new_root += 2;
|
|
|
|
|
-+
|
|
|
|
|
-+ if(chroot(user_dir) != 0)
|
|
|
|
|
-+ fatal("Couldn't chroot to user directory %s", user_dir);
|
|
|
|
|
-+
|
|
|
|
|
-+ pw->pw_dir = new_root;
|
|
|
|
|
-+ break;
|
|
|
|
|
-+ }
|
|
|
|
|
-+ new_root += 2;
|
|
|
|
|
-+ }
|
|
|
|
|
-+#endif /* HAVE_CHROOT */
|
|
|
|
|
- if (setgid(pw->pw_gid) < 0) {
|
|
|
|
|
- perror("setgid");
|
|
|
|
|
- exit(1);
|
|
|
|
|
---- openssh-3.0.2p1/configure.ac.orig Thu Dec 20 14:25:33 2001
|
|
|
|
|
-+++ openssh-3.0.2p1/configure.ac Thu Dec 20 14:28:58 2001
|
|
|
|
|
-@@ -1721,6 +1721,18 @@
|
|
|
|
|
- ]
|
|
|
|
|
- )
|
|
|
|
|
-
|
|
|
|
|
-+# Check whether to enable chroot support
|
|
|
|
|
-+CHROOT_MSG="no"
|
|
|
|
|
-+AC_ARG_WITH(chroot,
|
|
|
|
|
-+ [ --with-chroot Enable use of chroot home directories],
|
|
|
|
|
-+ [
|
|
|
|
|
-+ if test "x$withval" != "xno" ; then
|
|
|
|
|
-+ AC_DEFINE(HAVE_CHROOT)
|
|
|
|
|
-+ MD5_MSG="yes"
|
|
|
|
|
-+ fi
|
|
|
|
|
-+ ]
|
|
|
|
|
-+)
|
|
|
|
|
-+
|
|
|
|
|
- # Whether to disable shadow password support
|
|
|
|
|
- AC_ARG_WITH(shadow,
|
|
|
|
|
- [ --without-shadow Disable shadow password support],
|
|
|
|
|
-@@ -2207,6 +2219,7 @@
|
|
|
|
|
- echo " S/KEY support: $SKEY_MSG"
|
|
|
|
|
- echo " TCP Wrappers support: $TCPW_MSG"
|
|
|
|
|
- echo " MD5 password support: $MD5_MSG"
|
|
|
|
|
-+echo " chroot support: $CHROOT_MSG"
|
|
|
|
|
- echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
|
|
|
|
|
- echo " Use IPv4 by default hack: $IPV4_HACK_MSG"
|
|
|
|
|
- echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
|
|
|
|
|
---- openssh-3.0.2p1/config.h.in.orig Thu Dec 20 14:43:20 2001
|
|
|
|
|
-+++ openssh-3.0.2p1/config.h.in Thu Dec 20 14:44:08 2001
|
|
|
|
|
-@@ -780,6 +780,9 @@
|
|
|
|
|
- /* Define if you have the `__b64_ntop' function. */
|
|
|
|
|
- #undef HAVE___B64_NTOP
|
|
|
|
|
-
|
|
|
|
|
-+/* Define if you want the chroot capability */
|
|
|
|
|
-+#undef HAVE_CHROOT
|
|
|
|
|
-+
|
|
|
|
|
- /* The size of a `char', as computed by sizeof. */
|
|
|
|
|
- #undef SIZEOF_CHAR
|
|
|
|
|
-
|
|
|
Christoph Schug