diff --git a/ChangeLog b/ChangeLog index 4f4c8434a..ad7d46573 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20011223 + - (bal) Removed contrib/chroot.diff and noted in contrib/README that it + was not being maintained. + 20011222 - (djm) Ignore fix & patchlevel in OpenSSL version check. Patch from solar@openwall.com @@ -7096,4 +7100,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1706 2001/12/23 14:41:47 djm Exp $ +$Id: ChangeLog,v 1.1707 2001/12/24 02:59:19 mouring Exp $ diff --git a/contrib/README b/contrib/README index d25545710..648bb2f3a 100644 --- a/contrib/README +++ b/contrib/README @@ -11,11 +11,10 @@ or http proxy which supports the CONNECT method (eg. Squid). In this directory ----------------- -chroot.diff: +chroot.diff: -Ricardo Cerqueira's patch to enable chrooting using the -wu-ftpd style magic home directories (containing '/./'). More details in -the head of the patch itself. +Due to the fact the patch is never in sync with the rest of the tree. It was +removed. ssh-copy-id: diff --git a/contrib/chroot.diff b/contrib/chroot.diff deleted file mode 100644 index d2a42d85b..000000000 --- a/contrib/chroot.diff +++ /dev/null @@ -1,61 +0,0 @@ -From: Ricardo Cerqueira - -A patch to cause sshd to chroot when it encounters the magic token -'/./' in a users home directory. The directory portion before the -token is the directory to chroot() to, the portion after the -token is the user's home directory relative to the new root. - -Index: session.c -=================================================================== -RCS file: /var/cvs/openssh/session.c,v -retrieving revision 1.4 -diff -u -r1.4 session.c ---- session.c 2000/04/16 02:31:51 1.4 -+++ session.c 2000/04/16 02:47:55 -@@ -27,6 +27,8 @@ - #include "ssh2.h" - #include "auth.h" - -+#define CHROOT -+ - /* types */ - - #define TTYSZ 64 -@@ -783,6 +785,10 @@ - extern char **environ; - struct stat st; - char *argv[10]; -+#ifdef CHROOT -+ char *user_dir; -+ char *new_root; -+#endif /* CHROOT */ - - #ifndef USE_PAM /* pam_nologin handles this */ - f = fopen("/etc/nologin", "r"); -@@ -799,6 +805,26 @@ - /* Set login name in the kernel. */ - if (setlogin(pw->pw_name) < 0) - error("setlogin failed: %s", strerror(errno)); -+ -+#ifdef CHROOT -+ user_dir = xstrdup(pw->pw_dir); -+ new_root = user_dir + 1; -+ -+ while((new_root = strchr(new_root, '.')) != NULL) { -+ new_root--; -+ if(strncmp(new_root, "/./", 3) == 0) { -+ *new_root = '\0'; -+ new_root += 2; -+ -+ if(chroot(user_dir) != 0) -+ fatal("Couldn't chroot to user directory %s", user_dir); -+ -+ pw->pw_dir = new_root; -+ break; -+ } -+ new_root += 2; -+ } -+#endif /* CHROOT */ - - /* Set uid, gid, and groups. */ - /* Login(1) does this as well, and it needs uid 0 for the "-h"