upstream: perform removal of agent-forwarding directory in forward

setup error path with user's privileged. This is a no-op as this code always
runs with user privilege now that we no longer support running sshd with
privilege separation disabled, but as long as the privsep skeleton is there
we should follow the rules.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

bz#2969 with patch from Erik Sjölund

OpenBSD-Commit-ID: 2b708401a5a8d6133c865d7698d9852210dca846

diff --git a/session.c b/session.c
index 96167548a48c9a92717b3204464c29b10ce511bc..48cfaafbfbdc87518b05c6e9dae43ab35a329bb7 100644 (file)
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.314 2019/02/10 11:10:57 djm Exp $ */
+/* $OpenBSD: session.c,v 1.315 2019/02/22 03:37:11 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -233,7 +233,9 @@ auth_input_request_forwarding(struct ssh *ssh, struct passwd * pw)
  authsock_err:
        free(auth_sock_name);
        if (auth_sock_dir != NULL) {
+               temporarily_use_uid(pw);
                rmdir(auth_sock_dir);
+               restore_uid();
                free(auth_sock_dir);
        }
        if (sock != -1)