=================================================================== RCS file: /cvs2/dgamelaunch-openbsd/dgamelaunch.c,v retrieving revision 1.1 retrieving revision 1.5 diff -u -p -r1.1 -r1.5 --- dgamelaunch-openbsd/dgamelaunch.c 2021/03/09 14:36:01 1.1 +++ dgamelaunch-openbsd/dgamelaunch.c 2021/03/25 21:01:26 1.5 @@ -1,5 +1,6 @@ /* dgamelaunch.c * + * (c)2021 Rubén Llorente * (c)2001-4 M. Drew Streib * also parts (c) 2003-4 Joshua Kwan , * Brett Carrington , @@ -70,6 +71,8 @@ # include #elif defined(__NetBSD__) # include +#elif defined(__OpenBSD__) +# include #elif defined(__APPLE__) # include #else @@ -1554,7 +1557,13 @@ changepw (int dowrite) } free(me->password); +#if defined(__OpenBSD__) + me->password = (char *) malloc((_PASSWORD_LEN+1)*sizeof(char)); + if ( crypt_newhash(buf, "blowfish,12", me->password, _PASSWORD_LEN) != 0) + graceful_exit(300); +#else me->password = strdup (crypt (buf, buf)); +#endif if (dowrite) writefile (0); @@ -2051,6 +2060,11 @@ newuser () int passwordgood (char *cpw) { +#if defined(__OpenBSD__) + if ( crypt_checkpass(cpw, me->password) == 0) + return 1; + return 0; +#else char *crypted; assert (me != NULL); @@ -2063,6 +2077,7 @@ passwordgood (char *cpw) return 1; return 0; +#endif } /* ************************************************************* */ @@ -2850,6 +2865,8 @@ main (int argc, char** argv) graceful_exit (3); } + + /* shed privs. this is done immediately after chroot. */ if (setgroups (1, &globalconfig.shed_gid) == -1) { @@ -2868,6 +2885,16 @@ main (int argc, char** argv) perror ("setuid"); graceful_exit (6); } + +#ifdef __OpenBSD__ + if ( pledge("stdio rpath wpath cpath fattr flock " + "tty proc exec ps", NULL )==-1 ) + { + perror("pledge"); + graceful_exit (301); + } +#endif + } if (globalconfig.locale) {