diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2020-12-22 00:12:22 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2020-12-22 15:43:59 +1100 |
| commit | a34e14a5a0071de2036826a00197ce38c8b4ba8b (patch) | |
| tree | fecbedec82ee4132e34ec64e173c301f9598bed2 /misc.h | |
| parent | 649205fe388b56acb3481a1b2461f6b5b7c6efa6 (diff) | |
| download | openssh-git-a34e14a5a0071de2036826a00197ce38c8b4ba8b.tar.gz | |
upstream: move subprocess() from auth.c to misc.c
make privilege dropping optional but allow it via callbacks (to avoid
need to link uidswap.c everywhere)
add some other flags (keep environment, disable strict path safety check)
that make this more useful for client-side use.
feedback & ok markus@
OpenBSD-Commit-ID: a80ea9fdcc156f1a18e9c166122c759fae1637bf
Diffstat (limited to 'misc.h')
| -rw-r--r-- | misc.h | 12 |
1 files changed, 11 insertions, 1 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.90 2020/11/27 00:49:58 djm Exp $ */ +/* $OpenBSD: misc.h,v 1.91 2020/12/22 00:12:22 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -99,6 +99,16 @@ void sock_set_v6only(int); struct passwd *pwcopy(struct passwd *); const char *ssh_gai_strerror(int); +typedef void privdrop_fn(struct passwd *); +typedef void privrestore_fn(void); +#define SSH_SUBPROCESS_STDOUT_DISCARD (1) /* Discard stdout */ +#define SSH_SUBPROCESS_STDOUT_CAPTURE (1<<1) /* Redirect stdout */ +#define SSH_SUBPROCESS_STDERR_DISCARD (1<<2) /* Discard stderr */ +#define SSH_SUBPROCESS_UNSAFE_PATH (1<<3) /* Don't check for safe cmd */ +#define SSH_SUBPROCESS_PRESERVE_ENV (1<<4) /* Keep parent environment */ +pid_t subprocess(const char *, const char *, int, char **, FILE **, u_int, + struct passwd *, privdrop_fn *, privrestore_fn *); + typedef struct arglist arglist; struct arglist { char **list; |