upstream: perform removal of agent-forwarding directory in forward

setup error path with user's privileged. This is a no-op as this code always runs with user privilege now that we no longer support running sshd with privilege separation disabled, but as long as the privsep skeleton is there we should follow the rules. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit bz#2969 with patch from Erik Sjölund OpenBSD-Commit-ID: 2b708401a5a8d6133c865d7698d9852210dca846
author: djm@openbsd.org <djm@openbsd.org> 2019-02-22 03:37:11 +0000
committer: Damien Miller <djm@mindrot.org> 2019-02-22 14:38:38 +1100
commit: 625b62634c33eaef4b80d07529954fe5c6435fe5 (patch)
tree: d56d73250825d4a23061a8fb8b01d1201a13df75
parent: d9ecfaba0b2f1887d20e4368230632e709ca83be (diff)
download: openssh-git-625b62634c33eaef4b80d07529954fe5c6435fe5.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/session.c b/session.c
index 96167548..48cfaafb 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.314 2019/02/10 11:10:57 djm Exp $ */
+/* $OpenBSD: session.c,v 1.315 2019/02/22 03:37:11 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -233,7 +233,9 @@ auth_input_request_forwarding(struct ssh *ssh, struct passwd * pw)
  authsock_err:
 	free(auth_sock_name);
 	if (auth_sock_dir != NULL) {
+		temporarily_use_uid(pw);
 		rmdir(auth_sock_dir);
+		restore_uid();
 		free(auth_sock_dir);
 	}
 	if (sock != -1)
author	djm@openbsd.org <djm@openbsd.org>	2019-02-22 03:37:11 +0000
committer	Damien Miller <djm@mindrot.org>	2019-02-22 14:38:38 +1100
commit	625b62634c33eaef4b80d07529954fe5c6435fe5 (patch)
tree	d56d73250825d4a23061a8fb8b01d1201a13df75
parent	d9ecfaba0b2f1887d20e4368230632e709ca83be (diff)
download	openssh-git-625b62634c33eaef4b80d07529954fe5c6435fe5.tar.gz