From c1398b876e5c358840a8489c08017227df809888 Mon Sep 17 00:00:00 2001 From: "Jan F. Chadima" Date: Tue, 23 Jun 2009 17:59:23 +0000 Subject: [PATCH] repair broken ls in chroot %%h --- openssh-5.2p1-homechroot.patch | 60 +++++++++++++++++++++++++++++++--- openssh.spec | 5 ++- 2 files changed, 59 insertions(+), 6 deletions(-) diff --git a/openssh-5.2p1-homechroot.patch b/openssh-5.2p1-homechroot.patch index 227c394..1ac7145 100644 --- a/openssh-5.2p1-homechroot.patch +++ b/openssh-5.2p1-homechroot.patch @@ -1,6 +1,16 @@ ---- openssh-5.2p1/session.c 2009-03-20 18:08:11.263662384 +0100 -+++ openssh-5.2p1/session.c 2009-03-20 18:26:29.925498409 +0100 -@@ -1408,6 +1408,7 @@ +diff -up openssh-5.2p1/session.c.homechroot openssh-5.2p1/session.c +--- openssh-5.2p1/session.c.homechroot 2009-06-23 11:33:36.052163641 +0200 ++++ openssh-5.2p1/session.c 2009-06-23 11:33:36.372159228 +0200 +@@ -1398,6 +1398,8 @@ do_nologin(struct passwd *pw) + } + } + ++int chroot_no_tree = 0; ++ + /* + * Chroot into a directory after checking it for safety: all path components + * must be root-owned directories with strict permissions. +@@ -1408,6 +1410,7 @@ safely_chroot(const char *path, uid_t ui const char *cp; char component[MAXPATHLEN]; struct stat st; @@ -8,7 +18,7 @@ if (*path != '/') fatal("chroot path does not begin at root"); -@@ -1419,7 +1420,7 @@ +@@ -1419,7 +1422,7 @@ safely_chroot(const char *path, uid_t ui * root-owned directory with strict permissions. */ for (cp = path; cp != NULL;) { @@ -17,7 +27,7 @@ strlcpy(component, path, sizeof(component)); else { cp++; -@@ -1432,7 +1433,7 @@ +@@ -1432,13 +1435,15 @@ safely_chroot(const char *path, uid_t ui if (stat(component, &st) != 0) fatal("%s: stat(\"%s\"): %s", __func__, component, strerror(errno)); @@ -26,3 +36,43 @@ fatal("bad ownership or modes for chroot " "directory %s\"%s\"", cp == NULL ? "" : "component ", component); + if (!S_ISDIR(st.st_mode)) + fatal("chroot path %s\"%s\" is not a directory", + cp == NULL ? "" : "component ", component); ++ if (st.st_uid != uid) ++ ++chroot_no_tree; + + } + +diff -up openssh-5.2p1/sftp-server.c.homechroot openssh-5.2p1/sftp-server.c +--- openssh-5.2p1/sftp-server.c.homechroot 2008-07-04 06:10:19.000000000 +0200 ++++ openssh-5.2p1/sftp-server.c 2009-06-23 11:33:36.374154561 +0200 +@@ -887,6 +887,7 @@ process_opendir(void) + static void + process_readdir(void) + { ++ extern int chroot_no_tree; + DIR *dirp; + struct dirent *dp; + char *path; +@@ -920,7 +921,7 @@ process_readdir(void) + continue; + stat_to_attrib(&st, &(stats[count].attrib)); + stats[count].name = xstrdup(dp->d_name); +- stats[count].long_name = ls_file(dp->d_name, &st, 0); ++ stats[count].long_name = ls_file(dp->d_name, &st, chroot_no_tree); + count++; + /* send up to 100 entries in one message */ + /* XXX check packet size instead */ +diff -up openssh-5.2p1/sftp-server-main.c.homechroot openssh-5.2p1/sftp-server-main.c +--- openssh-5.2p1/sftp-server-main.c.homechroot 2009-02-21 22:47:02.000000000 +0100 ++++ openssh-5.2p1/sftp-server-main.c 2009-06-23 11:33:36.378159051 +0200 +@@ -27,6 +27,8 @@ + #include "sftp.h" + #include "misc.h" + ++int chroot_no_tree = 0; ++ + void + cleanup_exit(int i) + { diff --git a/openssh.spec b/openssh.spec index 8a76bee..70cf293 100644 --- a/openssh.spec +++ b/openssh.spec @@ -63,7 +63,7 @@ Summary: An open source implementation of SSH protocol versions 1 and 2 Name: openssh Version: 5.2p1 -Release: 8%{?dist}%{?rescue_rel} +Release: 9%{?dist}%{?rescue_rel} URL: http://www.openssh.com/portable.html #Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz #Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.asc @@ -466,6 +466,9 @@ fi %endif %changelog +* Tue Jun 23 2009 Jan F. Chadima - 5.2p1-9 +- repair broken ls in chroot %%h + * Fri Jun 12 2009 Jan F. Chadima - 5.2p1-8 - add XMODIFIERS to exported environment