diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2001-06-09 01:29:12 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-06-09 01:29:12 +0000 |
| commit | 768176b24038a28b8e2e7709b153f6633348efc9 (patch) | |
| tree | 3240ba26b4b6a58a15f3a13cd3c3deef58451b0e | |
| parent | ec46e0b5fd2299f7f1449240894fa36d1745587e (diff) | |
- markus@cvs.openbsd.org 2001/06/04 23:16:16
[session.c]
merge ssh1/2 x11-fwd setup, create listener after tmp-dir
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | session.c | 159 |
2 files changed, 68 insertions, 96 deletions
| @@ -43,6 +43,9 @@ | |||
| 43 | [clientloop.c serverloop.c sshd.c] | 43 | [clientloop.c serverloop.c sshd.c] |
| 44 | set flags in the signal handlers, do real work in the main loop, | 44 | set flags in the signal handlers, do real work in the main loop, |
| 45 | ok provos@ | 45 | ok provos@ |
| 46 | - markus@cvs.openbsd.org 2001/06/04 23:16:16 | ||
| 47 | [session.c] | ||
| 48 | merge ssh1/2 x11-fwd setup, create listener after tmp-dir | ||
| 46 | 49 | ||
| 47 | 20010606 | 50 | 20010606 |
| 48 | - OpenBSD CVS Sync | 51 | - OpenBSD CVS Sync |
| @@ -5554,4 +5557,4 @@ | |||
| 5554 | - Wrote replacements for strlcpy and mkdtemp | 5557 | - Wrote replacements for strlcpy and mkdtemp |
| 5555 | - Released 1.0pre1 | 5558 | - Released 1.0pre1 |
| 5556 | 5559 | ||
| 5557 | $Id: ChangeLog,v 1.1259 2001/06/09 01:27:31 mouring Exp $ | 5560 | $Id: ChangeLog,v 1.1260 2001/06/09 01:29:12 mouring Exp $ |
| @@ -33,7 +33,7 @@ | |||
| 33 | */ | 33 | */ |
| 34 | 34 | ||
| 35 | #include "includes.h" | 35 | #include "includes.h" |
| 36 | RCSID("$OpenBSD: session.c,v 1.80 2001/06/04 21:59:43 markus Exp $"); | 36 | RCSID("$OpenBSD: session.c,v 1.81 2001/06/04 23:16:16 markus Exp $"); |
| 37 | 37 | ||
| 38 | #include "ssh.h" | 38 | #include "ssh.h" |
| 39 | #include "ssh1.h" | 39 | #include "ssh1.h" |
| @@ -123,6 +123,7 @@ Session *session_new(void); | |||
| 123 | void session_set_fds(Session *s, int fdin, int fdout, int fderr); | 123 | void session_set_fds(Session *s, int fdin, int fdout, int fderr); |
| 124 | void session_pty_cleanup(Session *s); | 124 | void session_pty_cleanup(Session *s); |
| 125 | void session_proctitle(Session *s); | 125 | void session_proctitle(Session *s); |
| 126 | int session_setup_x11fwd(Session *s); | ||
| 126 | void do_exec_pty(Session *s, const char *command); | 127 | void do_exec_pty(Session *s, const char *command); |
| 127 | void do_exec_no_pty(Session *s, const char *command); | 128 | void do_exec_no_pty(Session *s, const char *command); |
| 128 | void do_login(Session *s, const char *command); | 129 | void do_login(Session *s, const char *command); |
| @@ -261,10 +262,9 @@ do_authenticated1(Authctxt *authctxt) | |||
| 261 | { | 262 | { |
| 262 | Session *s; | 263 | Session *s; |
| 263 | char *command; | 264 | char *command; |
| 264 | int success, type, fd, n_bytes, plen, screen_flag, have_pty = 0; | 265 | int success, type, n_bytes, plen, screen_flag, have_pty = 0; |
| 265 | int compression_level = 0, enable_compression_after_reply = 0; | 266 | int compression_level = 0, enable_compression_after_reply = 0; |
| 266 | u_int proto_len, data_len, dlen; | 267 | u_int proto_len, data_len, dlen; |
| 267 | struct stat st; | ||
| 268 | 268 | ||
| 269 | s = session_new(); | 269 | s = session_new(); |
| 270 | s->pw = authctxt->pw; | 270 | s->pw = authctxt->pw; |
| @@ -343,23 +343,6 @@ do_authenticated1(Authctxt *authctxt) | |||
| 343 | break; | 343 | break; |
| 344 | 344 | ||
| 345 | case SSH_CMSG_X11_REQUEST_FORWARDING: | 345 | case SSH_CMSG_X11_REQUEST_FORWARDING: |
| 346 | if (!options.x11_forwarding) { | ||
| 347 | packet_send_debug("X11 forwarding disabled in server configuration file."); | ||
| 348 | break; | ||
| 349 | } | ||
| 350 | if (!options.xauth_location || | ||
| 351 | (stat(options.xauth_location, &st) == -1)) { | ||
| 352 | packet_send_debug("No xauth program; cannot forward with spoofing."); | ||
| 353 | break; | ||
| 354 | } | ||
| 355 | if (no_x11_forwarding_flag) { | ||
| 356 | packet_send_debug("X11 forwarding not permitted for this authentication."); | ||
| 357 | break; | ||
| 358 | } | ||
| 359 | debug("Received request for X11 forwarding with auth spoofing."); | ||
| 360 | if (s->display != NULL) | ||
| 361 | packet_disconnect("Protocol error: X11 display already set."); | ||
| 362 | |||
| 363 | s->auth_proto = packet_get_string(&proto_len); | 346 | s->auth_proto = packet_get_string(&proto_len); |
| 364 | s->auth_data = packet_get_string(&data_len); | 347 | s->auth_data = packet_get_string(&data_len); |
| 365 | 348 | ||
| @@ -371,39 +354,16 @@ do_authenticated1(Authctxt *authctxt) | |||
| 371 | if (!screen_flag) | 354 | if (!screen_flag) |
| 372 | debug2("Buggy client: " | 355 | debug2("Buggy client: " |
| 373 | "X11 screen flag missing"); | 356 | "X11 screen flag missing"); |
| 374 | packet_integrity_check(plen, | ||
| 375 | 4 + proto_len + 4 + data_len + 4, type); | ||
| 376 | s->screen = packet_get_int(); | 357 | s->screen = packet_get_int(); |
| 377 | } else { | 358 | } else { |
| 378 | packet_integrity_check(plen, | ||
| 379 | 4 + proto_len + 4 + data_len, type); | ||
| 380 | s->screen = 0; | 359 | s->screen = 0; |
| 381 | } | 360 | } |
| 382 | s->display = x11_create_display_inet(s->screen, options.x11_display_offset); | 361 | packet_done(); |
| 383 | 362 | success = session_setup_x11fwd(s); | |
| 384 | if (s->display == NULL) | 363 | if (!success) { |
| 385 | break; | 364 | xfree(s->auth_proto); |
| 386 | 365 | xfree(s->auth_data); | |
| 387 | /* Setup to always have a local .Xauthority. */ | ||
| 388 | xauthfile = xmalloc(MAXPATHLEN); | ||
| 389 | strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN); | ||
| 390 | temporarily_use_uid(s->pw); | ||
| 391 | if (mkdtemp(xauthfile) == NULL) { | ||
| 392 | restore_uid(); | ||
| 393 | error("private X11 dir: mkdtemp %s failed: %s", | ||
| 394 | xauthfile, strerror(errno)); | ||
| 395 | xfree(xauthfile); | ||
| 396 | xauthfile = NULL; | ||
| 397 | /* XXXX remove listening channels */ | ||
| 398 | break; | ||
| 399 | } | 366 | } |
| 400 | strlcat(xauthfile, "/cookies", MAXPATHLEN); | ||
| 401 | fd = open(xauthfile, O_RDWR|O_CREAT|O_EXCL, 0600); | ||
| 402 | if (fd >= 0) | ||
| 403 | close(fd); | ||
| 404 | restore_uid(); | ||
| 405 | fatal_add_cleanup(xauthfile_cleanup_proc, s->pw); | ||
| 406 | success = 1; | ||
| 407 | break; | 367 | break; |
| 408 | 368 | ||
| 409 | case SSH_CMSG_AGENT_REQUEST_FORWARDING: | 369 | case SSH_CMSG_AGENT_REQUEST_FORWARDING: |
| @@ -1759,29 +1719,7 @@ session_subsystem_req(Session *s) | |||
| 1759 | int | 1719 | int |
| 1760 | session_x11_req(Session *s) | 1720 | session_x11_req(Session *s) |
| 1761 | { | 1721 | { |
| 1762 | int fd; | 1722 | int success; |
| 1763 | struct stat st; | ||
| 1764 | if (no_x11_forwarding_flag) { | ||
| 1765 | debug("X11 forwarding disabled in user configuration file."); | ||
| 1766 | return 0; | ||
| 1767 | } | ||
| 1768 | if (!options.x11_forwarding) { | ||
| 1769 | debug("X11 forwarding disabled in server configuration file."); | ||
| 1770 | return 0; | ||
| 1771 | } | ||
| 1772 | if (!options.xauth_location || | ||
| 1773 | (stat(options.xauth_location, &st) == -1)) { | ||
| 1774 | packet_send_debug("No xauth program; cannot forward with spoofing."); | ||
| 1775 | return 0; | ||
| 1776 | } | ||
| 1777 | if (xauthfile != NULL) { | ||
| 1778 | debug("X11 fwd already started."); | ||
| 1779 | return 0; | ||
| 1780 | } | ||
| 1781 | |||
| 1782 | debug("Received request for X11 forwarding with auth spoofing."); | ||
| 1783 | if (s->display != NULL) | ||
| 1784 | packet_disconnect("Protocol error: X11 display already set."); | ||
| 1785 | 1723 | ||
| 1786 | s->single_connection = packet_get_char(); | 1724 | s->single_connection = packet_get_char(); |
| 1787 | s->auth_proto = packet_get_string(NULL); | 1725 | s->auth_proto = packet_get_string(NULL); |
| @@ -1789,33 +1727,12 @@ session_x11_req(Session *s) | |||
| 1789 | s->screen = packet_get_int(); | 1727 | s->screen = packet_get_int(); |
| 1790 | packet_done(); | 1728 | packet_done(); |
| 1791 | 1729 | ||
| 1792 | s->display = x11_create_display_inet(s->screen, options.x11_display_offset); | 1730 | success = session_setup_x11fwd(s); |
| 1793 | if (s->display == NULL) { | 1731 | if (!success) { |
| 1794 | xfree(s->auth_proto); | 1732 | xfree(s->auth_proto); |
| 1795 | xfree(s->auth_data); | 1733 | xfree(s->auth_data); |
| 1796 | return 0; | ||
| 1797 | } | 1734 | } |
| 1798 | xauthfile = xmalloc(MAXPATHLEN); | 1735 | return success; |
| 1799 | strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN); | ||
| 1800 | temporarily_use_uid(s->pw); | ||
| 1801 | if (mkdtemp(xauthfile) == NULL) { | ||
| 1802 | restore_uid(); | ||
| 1803 | error("private X11 dir: mkdtemp %s failed: %s", | ||
| 1804 | xauthfile, strerror(errno)); | ||
| 1805 | xfree(xauthfile); | ||
| 1806 | xauthfile = NULL; | ||
| 1807 | xfree(s->auth_proto); | ||
| 1808 | xfree(s->auth_data); | ||
| 1809 | /* XXXX remove listening channels */ | ||
| 1810 | return 0; | ||
| 1811 | } | ||
| 1812 | strlcat(xauthfile, "/cookies", MAXPATHLEN); | ||
| 1813 | fd = open(xauthfile, O_RDWR|O_CREAT|O_EXCL, 0600); | ||
| 1814 | if (fd >= 0) | ||
| 1815 | close(fd); | ||
| 1816 | restore_uid(); | ||
| 1817 | fatal_add_cleanup(xauthfile_cleanup_proc, s->pw); | ||
| 1818 | return 1; | ||
| 1819 | } | 1736 | } |
| 1820 | 1737 | ||
| 1821 | int | 1738 | int |
| @@ -2033,6 +1950,10 @@ session_free(Session *s) | |||
| 2033 | void | 1950 | void |
| 2034 | session_close(Session *s) | 1951 | session_close(Session *s) |
| 2035 | { | 1952 | { |
| 1953 | if (s->display) { | ||
| 1954 | xauthfile_cleanup_proc(s->pw); | ||
| 1955 | fatal_remove_cleanup(xauthfile_cleanup_proc, s->pw); | ||
| 1956 | } | ||
| 2036 | session_pty_cleanup(s); | 1957 | session_pty_cleanup(s); |
| 2037 | session_free(s); | 1958 | session_free(s); |
| 2038 | session_proctitle(s); | 1959 | session_proctitle(s); |
| @@ -2107,6 +2028,54 @@ session_proctitle(Session *s) | |||
| 2107 | setproctitle("%s@%s", s->pw->pw_name, session_tty_list()); | 2028 | setproctitle("%s@%s", s->pw->pw_name, session_tty_list()); |
| 2108 | } | 2029 | } |
| 2109 | 2030 | ||
| 2031 | int | ||
| 2032 | session_setup_x11fwd(Session *s) | ||
| 2033 | { | ||
| 2034 | int fd; | ||
| 2035 | struct stat st; | ||
| 2036 | |||
| 2037 | if (no_x11_forwarding_flag) { | ||
| 2038 | packet_send_debug("X11 forwarding disabled in user configuration file."); | ||
| 2039 | return 0; | ||
| 2040 | } | ||
| 2041 | if (!options.x11_forwarding) { | ||
| 2042 | debug("X11 forwarding disabled in server configuration file."); | ||
| 2043 | return 0; | ||
| 2044 | } | ||
| 2045 | if (!options.xauth_location || | ||
| 2046 | (stat(options.xauth_location, &st) == -1)) { | ||
| 2047 | packet_send_debug("No xauth program; cannot forward with spoofing."); | ||
| 2048 | return 0; | ||
| 2049 | } | ||
| 2050 | if (s->display != NULL) { | ||
| 2051 | debug("X11 display already set."); | ||
| 2052 | return 0; | ||
| 2053 | } | ||
| 2054 | xauthfile = xmalloc(MAXPATHLEN); | ||
| 2055 | strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN); | ||
| 2056 | temporarily_use_uid(s->pw); | ||
| 2057 | if (mkdtemp(xauthfile) == NULL) { | ||
| 2058 | restore_uid(); | ||
| 2059 | error("private X11 dir: mkdtemp %s failed: %s", | ||
| 2060 | xauthfile, strerror(errno)); | ||
| 2061 | xfree(xauthfile); | ||
| 2062 | xauthfile = NULL; | ||
| 2063 | return 0; | ||
| 2064 | } | ||
| 2065 | strlcat(xauthfile, "/cookies", MAXPATHLEN); | ||
| 2066 | fd = open(xauthfile, O_RDWR|O_CREAT|O_EXCL, 0600); | ||
| 2067 | if (fd >= 0) | ||
| 2068 | close(fd); | ||
| 2069 | restore_uid(); | ||
| 2070 | s->display = x11_create_display_inet(s->screen, options.x11_display_offset); | ||
| 2071 | if (s->display == NULL) { | ||
| 2072 | xauthfile_cleanup_proc(s->pw); | ||
| 2073 | return 0; | ||
| 2074 | } | ||
| 2075 | fatal_add_cleanup(xauthfile_cleanup_proc, s->pw); | ||
| 2076 | return 1; | ||
| 2077 | } | ||
| 2078 | |||
| 2110 | void | 2079 | void |
| 2111 | do_authenticated2(Authctxt *authctxt) | 2080 | do_authenticated2(Authctxt *authctxt) |
| 2112 | { | 2081 | { |