diff --git a/sys/src/cmd/cpu.c b/sys/src/cmd/cpu.c index d38d71740..985325022 100644 --- a/sys/src/cmd/cpu.c +++ b/sys/src/cmd/cpu.c @@ -457,6 +457,19 @@ readln(char *buf, int n) return p-buf; } +/* + * chown network connection + */ +static void +setnetuser(int fd, char *user) +{ + Dir nd; + nulldir(&nd); + nd.mode = 0660; + nd.uid = user; + dirfwstat(fd, &nd); +} + /* * user level challenge/response */ @@ -517,6 +530,7 @@ netkeysrvauth(int fd, char *user) writestr(fd, "", "challenge", 1); if(auth_chuid(ai, 0) < 0) fatal("newns: %r"); + setnetuser(fd, ai->cuid); auth_freeAI(ai); return fd; } @@ -628,6 +642,7 @@ srvp9auth(int fd, char *user) return -1; if(auth_chuid(ai, nil) < 0) fatal("newns: %r"); + setnetuser(fd, ai->cuid); snprint(user, MaxStr, "%s", ai->cuid); fd = sslsetup(fd, ai->secret, ai->nsecret, 0); auth_freeAI(ai); diff --git a/sys/src/cmd/exportfs/exportfs.c b/sys/src/cmd/exportfs/exportfs.c index 7fac15ba3..275151a6c 100644 --- a/sys/src/cmd/exportfs/exportfs.c +++ b/sys/src/cmd/exportfs/exportfs.c @@ -187,6 +187,13 @@ main(int argc, char **argv) fatal("exportfs by none disallowed"); if(auth_chuid(ai, nsfile) < 0) fatal("auth_chuid: %r"); + else { /* chown network connection */ + Dir nd; + nulldir(&nd); + nd.mode = 0660; + nd.uid = ai->cuid; + dirfwstat(0, &nd); + } putenv("service", "exportfs"); } diff --git a/sys/src/cmd/ip/cifsd/smb.c b/sys/src/cmd/ip/cifsd/smb.c index 912925e00..d0917ddca 100644 --- a/sys/src/cmd/ip/cifsd/smb.c +++ b/sys/src/cmd/ip/cifsd/smb.c @@ -122,6 +122,13 @@ smbsessionsetupandx(Req *r, uchar *h, uchar *p, uchar *e) } if(auth_chuid(ai, nil) < 0) logit("auth_chuid: %r"); + else { /* chown network connection */ + Dir nd; + nulldir(&nd); + nd.mode = 0660; + nd.uid = ai->cuid; + dirfwstat(0, &nd); + } auth_freeAI(ai); auth_freechal(smbcs); smbcs = nil; diff --git a/sys/src/cmd/ip/ftpd.c b/sys/src/cmd/ip/ftpd.c index 1aa395b89..df91065bb 100644 --- a/sys/src/cmd/ip/ftpd.c +++ b/sys/src/cmd/ip/ftpd.c @@ -606,6 +606,7 @@ passcmd(char *response) { char namefile[128]; AuthInfo *ai; + Dir nd; if(response == nil) response = ""; @@ -632,9 +633,17 @@ passcmd(char *response) ch->nresp = strlen(response); ai = auth_response(ch); if(ai == nil || auth_chuid(ai, nil) < 0) { + auth_freeAI(ai); slowdown(); return reply("530 Not logged in: %r"); } + /* chown network connection */ + nulldir(&nd); + nd.mode = 0660; + nd.uid = ai->cuid; + dirfwstat(0, &nd); + + auth_freeAI(ai); auth_freechal(ch); ch = nil; diff --git a/sys/src/cmd/ip/rexexec.c b/sys/src/cmd/ip/rexexec.c index f04ea3c87..ab2b85f50 100644 --- a/sys/src/cmd/ip/rexexec.c +++ b/sys/src/cmd/ip/rexexec.c @@ -12,6 +12,7 @@ main(int argc, char **argv) char buf[8192]; int n, nn; AuthInfo *ai; + Dir nd; ARGBEGIN{ }ARGEND; @@ -24,6 +25,14 @@ main(int argc, char **argv) if(auth_chuid(ai, nil) < 0) sysfatal("auth_chuid: %r"); + /* chown network connection */ + nulldir(&nd); + nd.mode = 0660; + nd.uid = ai->cuid; + dirfwstat(0, &nd); + + auth_freeAI(ai); + n = 0; do { nn = read(0, buf+n, 1); diff --git a/sys/src/cmd/ip/telnetd.c b/sys/src/cmd/ip/telnetd.c index cf5483a93..62d708b21 100644 --- a/sys/src/cmd/ip/telnetd.c +++ b/sys/src/cmd/ip/telnetd.c @@ -245,6 +245,7 @@ challuser(char *user) char response[64]; Chalstate *ch; AuthInfo *ai; + Dir nd; if(strcmp(user, "none") == 0){ if(nonone) @@ -260,13 +261,20 @@ challuser(char *user) ch->nresp = strlen(response); ai = auth_response(ch); auth_freechal(ch); - if(ai == nil){ + if(ai == nil || auth_chuid(ai, nil) < 0){ rerrstr(response, sizeof response); print("!%s\n", response); + + auth_freeAI(ai); return -1; } - if(auth_chuid(ai, nil) < 0) - return -1; + /* chown network connection */ + nulldir(&nd); + nd.mode = 0660; + nd.uid = ai->cuid; + dirfwstat(0, &nd); + + auth_freeAI(ai); return 0; } /* diff --git a/sys/src/cmd/tlssrv.c b/sys/src/cmd/tlssrv.c index 274b5c6c5..cd94e03c0 100644 --- a/sys/src/cmd/tlssrv.c +++ b/sys/src/cmd/tlssrv.c @@ -84,9 +84,18 @@ main(int argc, char *argv[]) if(ai == nil) sysfatal("auth_proxy: %r"); - if(auth == 1) - if(auth_chuid(ai, nil) < 0) - sysfatal("auth_chuid: %r"); + if(auth == 1){ + Dir nd; + + if(auth_chuid(ai, nil) < 0) + sysfatal("auth_chuid: %r"); + + /* chown network connection */ + nulldir(&nd); + nd.mode = 0660; + nd.uid = ai->cuid; + dirfwstat(0, &nd); + } conn->pskID = "p9secret"; conn->psk = ai->secret; diff --git a/sys/src/cmd/upas/imap4d/auth.c b/sys/src/cmd/upas/imap4d/auth.c index 748174f52..27174ddfb 100644 --- a/sys/src/cmd/upas/imap4d/auth.c +++ b/sys/src/cmd/upas/imap4d/auth.c @@ -63,9 +63,15 @@ setupuser(AuthInfo *ai) if(ai){ strecpy(username, username + sizeof username, ai->cuid); - - if(auth_chuid(ai, nil) == -1) + if(auth_chuid(ai, nil) < 0) bye("user auth failed: %r"); + else { /* chown network connection */ + Dir nd; + nulldir(&nd); + nd.mode = 0660; + nd.uid = ai->cuid; + dirfwstat(Bfildes(&bin), &nd); + } auth_freeAI(ai); }else strecpy(username, username + sizeof username, getuser()); diff --git a/sys/src/cmd/upas/pop3/pop3.c b/sys/src/cmd/upas/pop3/pop3.c index 55f9d1b84..d26a407ee 100644 --- a/sys/src/cmd/upas/pop3/pop3.c +++ b/sys/src/cmd/upas/pop3/pop3.c @@ -768,6 +768,12 @@ dologin(char *response) if(auth_chuid(ai, nil) < 0){ senderr("chuid failed: %r; server exiting"); exits(nil); + } else { /* chown network connection */ + Dir nd; + nulldir(&nd); + nd.mode = 0660; + nd.uid = ai->cuid; + dirfwstat(Bfildes(&in), &nd); } auth_freeAI(ai); auth_freechal(chs);