Imported Upstream version 3.1.0

[debian/amanda] / common-src / ssh-security.c

diff --git a/common-src/ssh-security.c b/common-src/ssh-security.c
index 45a55e40d7d2684d299714d8354a33cabf1510da..19d60692792725905a82e3e4465555201db8fa1c 100644 (file)
--- a/common-src/ssh-security.c
+++ b/common-src/ssh-security.c
@@ -37,11 +37,9 @@
 #include "util.h"
 #include "event.h"
 #include "packet.h"
-#include "queue.h"
 #include "security.h"
 #include "security-util.h"
 #include "stream.h"
-#include "version.h"
 
 /*
  * Number of seconds ssh has to start up
@@ -106,6 +104,7 @@ ssh_connect(
     void *             arg,
     void *             datap)
 {
+    int result;
     struct sec_handle *rh;
     char *amandad_path=NULL, *client_username=NULL, *ssh_keys=NULL;
 
@@ -121,10 +120,13 @@ ssh_connect(
     rh->ev_timeout = NULL;
     rh->rc = NULL;
 
+    /* get the canonical hostname */
     rh->hostname = NULL;
-    if (resolve_hostname(hostname, 0, NULL, &rh->hostname) || rh->hostname == NULL) {
+    if ((result = resolve_hostname(hostname, 0, NULL, &rh->hostname)) != 0
+        || rh->hostname == NULL) {
        security_seterror(&rh->sech,
-           _("%s: ssh could not resolve hostname"), hostname);
+           _("ssh_security could not find canonical name for '%s': %s"),
+           hostname, gai_strerror(result));
        (*fn)(arg, &rh->sech, S_ERROR);
        return;
     }
@@ -221,11 +223,13 @@ runssh(
        return (0);
     }
 
+    /* drop root privs for good */
+    set_root_privs(-1);
+
     safe_fd(-1, 0);
 
     if(!xamandad_path || strlen(xamandad_path) <= 1) 
-       xamandad_path = vstralloc(amlibexecdir, "/", "amandad",
-                                versionsuffix(), NULL);
+       xamandad_path = vstralloc(amlibexecdir, "/", "amandad", NULL);
     if(!xclient_username || strlen(xclient_username) <= 1)
        xclient_username = CLIENT_LOGIN;
     if(!ssh_keys || strlen(ssh_keys) <= 1) {