- markus@cvs.openbsd.org 2002/09/10 20:24:47

[ssh-agent.c]
     check the euid of the connecting process with getpeereid(2);
     ok provos deraadt stevesk

ChangeLog

@@ -11,6 +11,10 @@
    - markus@cvs.openbsd.org 2002/09/09 14:54:15
      [channels.c kex.h key.c monitor.c monitor_wrap.c radix.c uuencode.c]
      signed vs unsigned from -pedantic; ok henning@
+   - markus@cvs.openbsd.org 2002/09/10 20:24:47
+     [ssh-agent.c]
+     check the euid of the connecting process with getpeereid(2); 
+     ok provos deraadt stevesk
 
 20020911
  - (djm) Sync openbsd-compat with OpenBSD -current
@@ -1631,4 +1635,4 @@
  - (stevesk) entropy.c: typo in debug message
  - (djm) ssh-keygen -i needs seeded RNG; report from markus@
 
-$Id: ChangeLog,v 1.2454 2002/09/11 23:49:15 djm Exp $
+$Id: ChangeLog,v 1.2455 2002/09/11 23:51:10 djm Exp $

ssh-agent.c

@@ -35,7 +35,7 @@
 
 #include "includes.h"
 #include "openbsd-compat/fake-queue.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.102 2002/08/22 20:57:19 stevesk Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.103 2002/09/10 20:24:47 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/md5.h>
@@ -810,6 +810,8 @@ after_select(fd_set *readset, fd_set *writeset)
 	char buf[1024];
 	int len, sock;
 	u_int i;
+	uid_t euid;
+	gid_t egid;
 
 	for (i = 0; i < sockets_alloc; i++)
 		switch (sockets[i].type) {
@@ -825,6 +827,19 @@ after_select(fd_set *readset, fd_set *writeset)
 					    strerror(errno));
 					break;
 				}
+				if (getpeereid(sock, &euid, &egid) < 0) {
+					error("getpeereid %d failed: %s",
+					    sock, strerror(errno));
+					close(sock);
+					break;
+				}
+				if (getuid() != euid) {
+					error("uid mismatch: "
+					    "peer euid %d != uid %d",
+					    (int) euid, (int) getuid());
+					close(sock);
+					break;
+				}
 				new_socket(AUTH_CONNECTION, sock);
 			}
 			break;