- markus@cvs.openbsd.org 2001/03/21 11:43:45

[auth1.c auth2.c session.c session.h] merge common ssh v1/2 code
author: Ben Lindstrom <mouring@eviladmin.org> 2001-03-22 02:02:12 +0000
committer: Ben Lindstrom <mouring@eviladmin.org> 2001-03-22 02:02:12 +0000
commit: b31783d5470d42f77a08acfe6513a0b209ffec1c (patch)
tree: aa2c8c7e957564f22ecd0e16680d1de0ba9e06da
parent: fc9b07de19f8ccd94e4543ddba58e0de3748804c (diff)
5 files changed, 53 insertions, 62 deletions
diff --git a/ChangeLog b/ChangeLog
index 2f793840f..af3e609ce 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -13,6 +13,9 @@
   - markus@cvs.openbsd.org 2001/03/20 19:21:21
     [session.c]
     remove unused arg
+   - markus@cvs.openbsd.org 2001/03/21 11:43:45
+     [auth1.c auth2.c session.c session.h]
+     merge common ssh v1/2 code
 20010321
 - (djm) Fix ttyname breakage for AIX and Tru64. Patch from Steve 
@@ -4672,4 +4675,4 @@
 - Wrote replacements for strlcpy and mkdtemp
 - Released 1.0pre1
-$Id: ChangeLog,v 1.1004 2001/03/22 01:27:23 mouring Exp $
+$Id: ChangeLog,v 1.1005 2001/03/22 02:02:12 mouring Exp $
diff --git a/auth1.c b/auth1.c
index 1ce1cc44b..3427e4476 100644
--- a/auth1.c
+++ b/auth1.c
@@ -10,7 +10,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth1.c,v 1.20 2001/03/20 18:57:04 markus Exp $");
+RCSID("$OpenBSD: auth1.c,v 1.21 2001/03/21 11:43:44 markus Exp $");
 #include "xmalloc.h"
 #include "rsa.h"
@@ -434,5 +434,5 @@ do_authentication()
        xfree(authctxt);
        /* Perform session preparation. */
-        do_authenticated(pw);
+        do_authenticated(authctxt);
 }
diff --git a/auth2.c b/auth2.c
index 4f9b8496e..2042d1bb7 100644
--- a/auth2.c
+++ b/auth2.c
@@ -23,7 +23,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.47 2001/03/20 18:57:04 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.48 2001/03/21 11:43:44 markus Exp $");
 #include <openssl/evp.h>
@@ -120,7 +120,7 @@ do_authentication2()
        dispatch_init(&protocol_error);
        dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request);
        dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt);
-        do_authenticated2(authctxt);
+        do_authenticated(authctxt);
 }
 void
diff --git a/session.c b/session.c
index 800f21127..757ea90da 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.64 2001/03/20 19:35:29 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.65 2001/03/21 11:43:44 markus Exp $");
 #include "ssh.h"
 #include "ssh1.h"
@@ -129,6 +129,9 @@ void	do_exec_no_pty(Session *s, const char *command);
 void    do_login(Session *s, const char *command);
 void    do_child(Session *s, const char *command);
+void    do_authenticated1(Authctxt *authctxt);
+void    do_authenticated2(Authctxt *authctxt);
 /* import */
 extern ServerOptions options;
 extern char *__progname;
@@ -157,6 +160,34 @@ char *aixloginmsg;
 static login_cap_t *lc;
 #endif
+void
+do_authenticated(Authctxt *authctxt)
+{
+        /*
+         * Cancel the alarm we set to limit the time taken for
+         * authentication.
+         */
+        alarm(0);
+        if (startup_pipe != -1) {
+                close(startup_pipe);
+                startup_pipe = -1;
+        }
+#if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD)
+        if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) {
+                error("unable to get login class");
+                return;
+        }
+#endif
+        /* setup the channel layer */
+        if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
+                channel_permit_all_opens();
+        if (compat20)
+                do_authenticated2(authctxt);
+        else
+                do_authenticated1(authctxt);
+}
 /*
 * Remove local Xauthority file.
 */
@@ -206,47 +237,23 @@ pty_cleanup_proc(void *session)
 * are requested, etc.
 */
 void
-do_authenticated(struct passwd * pw)
+do_authenticated1(Authctxt *authctxt)
 {
        Session *s;
-        int type, fd;
-        int compression_level = 0, enable_compression_after_reply = 0;
-        int have_pty = 0;
        char *command;
-        int n_bytes;
+        int success, type, fd, n_bytes, plen, screen_flag, have_pty = 0;
-        int plen;
+        int compression_level = 0, enable_compression_after_reply = 0;
        u_int proto_len, data_len, dlen;
-        int screen_flag;
-        /*
-         * Cancel the alarm we set to limit the time taken for
-         * authentication.
-         */
-        alarm(0);
-        if (startup_pipe != -1) {
-                close(startup_pipe);
-                startup_pipe = -1;
-        }
-        if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
-                channel_permit_all_opens();
        s = session_new();
-        s->pw = pw;
+        s->pw = authctxt->pw;
-#if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD)
-        if ((lc = login_getclass(pw->pw_class)) == NULL) {
-                error("unable to get login class");
-                return;
-        }
-#endif
        /*
         * We stay in this loop until the client requests to execute a shell
         * or a command.
         */
        for (;;) {
-                int success = 0;
+                success = 0;
                /* Get a packet from the client. */
                type = packet_read(&plen);
@@ -283,7 +290,7 @@ do_authenticated(struct passwd * pw)
                                break;
                        }
                        fatal_add_cleanup(pty_cleanup_proc, (void *)s);
-                        pty_setowner(pw, s->tty);
+                        pty_setowner(s->pw, s->tty);
                        /* Get TERM from the packet.  Note that the value may be of arbitrary length. */
                        s->term = packet_get_string(&dlen);
@@ -358,7 +365,7 @@ do_authenticated(struct passwd * pw)
                        /* Setup to always have a local .Xauthority. */
                        xauthfile = xmalloc(MAXPATHLEN);
                        strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
-                        temporarily_use_uid(pw->pw_uid);
+                        temporarily_use_uid(s->pw->pw_uid);
                        if (mkdtemp(xauthfile) == NULL) {
                                restore_uid();
                                error("private X11 dir: mkdtemp %s failed: %s",
@@ -383,7 +390,7 @@ do_authenticated(struct passwd * pw)
                                break;
                        }
                        debug("Received authentication agent forwarding request.");
-                        success = auth_input_request_forwarding(pw);
+                        success = auth_input_request_forwarding(s->pw);
                        break;
                case SSH_CMSG_PORT_FORWARD_REQUEST:
@@ -396,7 +403,7 @@ do_authenticated(struct passwd * pw)
                                break;
                        }
                        debug("Received TCP/IP port forwarding request.");
-                        channel_input_port_forward_request(pw->pw_uid == 0, options.gateway_ports);
+                        channel_input_port_forward_request(s->pw->pw_uid == 0, options.gateway_ports);
                        success = 1;
                        break;
@@ -597,7 +604,7 @@ do_exec_pty(Session *s, const char *command)
        ttyfd = s->ttyfd;
 #if defined(USE_PAM)
-        do_pam_session(pw->pw_name, s->tty);
+        do_pam_session(s->pw->pw_name, s->tty);
        do_pam_setcred();
 #endif
@@ -2022,23 +2029,7 @@ session_proctitle(Session *s)
 void
 do_authenticated2(Authctxt *authctxt)
 {
-        /*
-         * Cancel the alarm we set to limit the time taken for
-         * authentication.
-         */
-        alarm(0);
-        if (startup_pipe != -1) {
-                close(startup_pipe);
-                startup_pipe = -1;
-        }
-        if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
-                channel_permit_all_opens();
-#if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD)
-        if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) {
-                error("unable to get login class");
-                return;
-        }
-#endif
        server_loop2();
        if (xauthfile)
                xauthfile_cleanup_proc(NULL);
diff --git a/session.h b/session.h
index 133e9233f..842e9412a 100644
--- a/session.h
+++ b/session.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: session.h,v 1.5 2001/01/29 01:58:18 niklas Exp $      */
+/*      $OpenBSD: session.h,v 1.6 2001/03/21 11:43:45 markus Exp $      */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -26,11 +26,8 @@
 #ifndef SESSION_H
 #define SESSION_H
-/* SSH1 */
+void    do_authenticated(Authctxt *ac);
-void    do_authenticated(struct passwd * pw);
-/* SSH2 */
-void    do_authenticated2(Authctxt *ac);
 int     session_open(int id);
 void    session_input_channel_req(int id, void *arg);
 void    session_close_by_pid(pid_t pid, int status);
author	Ben Lindstrom <mouring@eviladmin.org>	2001-03-22 02:02:12 +0000
committer	Ben Lindstrom <mouring@eviladmin.org>	2001-03-22 02:02:12 +0000
commit	b31783d5470d42f77a08acfe6513a0b209ffec1c (patch)
tree	aa2c8c7e957564f22ecd0e16680d1de0ba9e06da
parent	fc9b07de19f8ccd94e4543ddba58e0de3748804c (diff)

diff --git a/ChangeLog b/ChangeLog index 2f793840f..af3e609ce 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -13,6 +13,9 @@
13	- markus@cvs.openbsd.org 2001/03/20 19:21:21	13	- markus@cvs.openbsd.org 2001/03/20 19:21:21
14	[session.c]	14	[session.c]
15	remove unused arg	15	remove unused arg
		16	- markus@cvs.openbsd.org 2001/03/21 11:43:45
		17	[auth1.c auth2.c session.c session.h]
		18	merge common ssh v1/2 code
16		19
17	20010321	20	20010321
18	- (djm) Fix ttyname breakage for AIX and Tru64. Patch from Steve	21	- (djm) Fix ttyname breakage for AIX and Tru64. Patch from Steve
@@ -4672,4 +4675,4 @@
4672	- Wrote replacements for strlcpy and mkdtemp	4675	- Wrote replacements for strlcpy and mkdtemp
4673	- Released 1.0pre1	4676	- Released 1.0pre1
4674		4677
4675	$Id: ChangeLog,v 1.1004 2001/03/22 01:27:23 mouring Exp $	4678	$Id: ChangeLog,v 1.1005 2001/03/22 02:02:12 mouring Exp $


diff --git a/auth1.c b/auth1.c index 1ce1cc44b..3427e4476 100644 --- a/auth1.c +++ b/auth1.c
@@ -10,7 +10,7 @@
10	*/	10	*/
11		11
12	#include "includes.h"	12	#include "includes.h"
13	RCSID("$OpenBSD: auth1.c,v 1.20 2001/03/20 18:57:04 markus Exp $");	13	RCSID("$OpenBSD: auth1.c,v 1.21 2001/03/21 11:43:44 markus Exp $");
14		14
15	#include "xmalloc.h"	15	#include "xmalloc.h"
16	#include "rsa.h"	16	#include "rsa.h"
@@ -434,5 +434,5 @@ do_authentication()
434	xfree(authctxt);	434	xfree(authctxt);
435		435
436	/* Perform session preparation. */	436	/* Perform session preparation. */
437	do_authenticated(pw);	437	do_authenticated(authctxt);
438	}	438	}


diff --git a/auth2.c b/auth2.c index 4f9b8496e..2042d1bb7 100644 --- a/auth2.c +++ b/auth2.c
@@ -23,7 +23,7 @@
23	*/	23	*/
24		24
25	#include "includes.h"	25	#include "includes.h"
26	RCSID("$OpenBSD: auth2.c,v 1.47 2001/03/20 18:57:04 markus Exp $");	26	RCSID("$OpenBSD: auth2.c,v 1.48 2001/03/21 11:43:44 markus Exp $");
27		27
28	#include <openssl/evp.h>	28	#include <openssl/evp.h>
29		29
@@ -120,7 +120,7 @@ do_authentication2()
120	dispatch_init(&protocol_error);	120	dispatch_init(&protocol_error);
121	dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request);	121	dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request);
122	dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt);	122	dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt);
123	do_authenticated2(authctxt);	123	do_authenticated(authctxt);
124	}	124	}
125		125
126	void	126	void


diff --git a/session.c b/session.c index 800f21127..757ea90da 100644 --- a/session.c +++ b/session.c
@@ -33,7 +33,7 @@
33	*/	33	*/
34		34
35	#include "includes.h"	35	#include "includes.h"
36	RCSID("$OpenBSD: session.c,v 1.64 2001/03/20 19:35:29 markus Exp $");	36	RCSID("$OpenBSD: session.c,v 1.65 2001/03/21 11:43:44 markus Exp $");
37		37
38	#include "ssh.h"	38	#include "ssh.h"
39	#include "ssh1.h"	39	#include "ssh1.h"
@@ -129,6 +129,9 @@ void do_exec_no_pty(Session s, const char command);
129	void do_login(Session s, const char command);	129	void do_login(Session s, const char command);
130	void do_child(Session s, const char command);	130	void do_child(Session s, const char command);
131		131
		132	void do_authenticated1(Authctxt *authctxt);
		133	void do_authenticated2(Authctxt *authctxt);
		134
132	/* import */	135	/* import */
133	extern ServerOptions options;	136	extern ServerOptions options;
134	extern char *__progname;	137	extern char *__progname;
@@ -157,6 +160,34 @@ char *aixloginmsg;
157	static login_cap_t *lc;	160	static login_cap_t *lc;
158	#endif	161	#endif
159		162
		163	void
		164	do_authenticated(Authctxt *authctxt)
		165	{
		166	/*
		167	* Cancel the alarm we set to limit the time taken for
		168	* authentication.
		169	*/
		170	alarm(0);
		171	if (startup_pipe != -1) {
		172	close(startup_pipe);
		173	startup_pipe = -1;
		174	}
		175	#if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD)
		176	if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) {
		177	error("unable to get login class");
		178	return;
		179	}
		180	#endif
		181	/* setup the channel layer */
		182	if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
		183	channel_permit_all_opens();
		184
		185	if (compat20)
		186	do_authenticated2(authctxt);
		187	else
		188	do_authenticated1(authctxt);
		189	}
		190
160	/*	191	/*
161	* Remove local Xauthority file.	192	* Remove local Xauthority file.
162	*/	193	*/
@@ -206,47 +237,23 @@ pty_cleanup_proc(void *session)
206	* are requested, etc.	237	* are requested, etc.
207	*/	238	*/
208	void	239	void
209	do_authenticated(struct passwd * pw)	240	do_authenticated1(Authctxt *authctxt)
210	{	241	{
211	Session *s;	242	Session *s;
212	int type, fd;
213	int compression_level = 0, enable_compression_after_reply = 0;
214	int have_pty = 0;
215	char *command;	243	char *command;
216	int n_bytes;	244	int success, type, fd, n_bytes, plen, screen_flag, have_pty = 0;
217	int plen;	245	int compression_level = 0, enable_compression_after_reply = 0;
218	u_int proto_len, data_len, dlen;	246	u_int proto_len, data_len, dlen;
219	int screen_flag;
220
221	/*
222	* Cancel the alarm we set to limit the time taken for
223	* authentication.
224	*/
225	alarm(0);
226	if (startup_pipe != -1) {
227	close(startup_pipe);
228	startup_pipe = -1;
229	}
230
231	if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
232	channel_permit_all_opens();
233		247
234	s = session_new();	248	s = session_new();
235	s->pw = pw;	249	s->pw = authctxt->pw;
236
237	#if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD)
238	if ((lc = login_getclass(pw->pw_class)) == NULL) {
239	error("unable to get login class");
240	return;
241	}
242	#endif
243		250
244	/*	251	/*
245	* We stay in this loop until the client requests to execute a shell	252	* We stay in this loop until the client requests to execute a shell
246	* or a command.	253	* or a command.
247	*/	254	*/
248	for (;;) {	255	for (;;) {
249	int success = 0;	256	success = 0;
250		257
251	/* Get a packet from the client. */	258	/* Get a packet from the client. */
252	type = packet_read(&plen);	259	type = packet_read(&plen);
@@ -283,7 +290,7 @@ do_authenticated(struct passwd * pw)
283	break;	290	break;
284	}	291	}
285	fatal_add_cleanup(pty_cleanup_proc, (void *)s);	292	fatal_add_cleanup(pty_cleanup_proc, (void *)s);
286	pty_setowner(pw, s->tty);	293	pty_setowner(s->pw, s->tty);
287		294
288	/* Get TERM from the packet. Note that the value may be of arbitrary length. */	295	/* Get TERM from the packet. Note that the value may be of arbitrary length. */
289	s->term = packet_get_string(&dlen);	296	s->term = packet_get_string(&dlen);
@@ -358,7 +365,7 @@ do_authenticated(struct passwd * pw)
358	/* Setup to always have a local .Xauthority. */	365	/* Setup to always have a local .Xauthority. */
359	xauthfile = xmalloc(MAXPATHLEN);	366	xauthfile = xmalloc(MAXPATHLEN);
360	strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);	367	strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
361	temporarily_use_uid(pw->pw_uid);	368	temporarily_use_uid(s->pw->pw_uid);
362	if (mkdtemp(xauthfile) == NULL) {	369	if (mkdtemp(xauthfile) == NULL) {
363	restore_uid();	370	restore_uid();
364	error("private X11 dir: mkdtemp %s failed: %s",	371	error("private X11 dir: mkdtemp %s failed: %s",
@@ -383,7 +390,7 @@ do_authenticated(struct passwd * pw)
383	break;	390	break;
384	}	391	}
385	debug("Received authentication agent forwarding request.");	392	debug("Received authentication agent forwarding request.");
386	success = auth_input_request_forwarding(pw);	393	success = auth_input_request_forwarding(s->pw);
387	break;	394	break;
388		395
389	case SSH_CMSG_PORT_FORWARD_REQUEST:	396	case SSH_CMSG_PORT_FORWARD_REQUEST:
@@ -396,7 +403,7 @@ do_authenticated(struct passwd * pw)
396	break;	403	break;
397	}	404	}
398	debug("Received TCP/IP port forwarding request.");	405	debug("Received TCP/IP port forwarding request.");
399	channel_input_port_forward_request(pw->pw_uid == 0, options.gateway_ports);	406	channel_input_port_forward_request(s->pw->pw_uid == 0, options.gateway_ports);
400	success = 1;	407	success = 1;
401	break;	408	break;
402		409
@@ -597,7 +604,7 @@ do_exec_pty(Session s, const char command)
597	ttyfd = s->ttyfd;	604	ttyfd = s->ttyfd;
598		605
599	#if defined(USE_PAM)	606	#if defined(USE_PAM)
600	do_pam_session(pw->pw_name, s->tty);	607	do_pam_session(s->pw->pw_name, s->tty);
601	do_pam_setcred();	608	do_pam_setcred();
602	#endif	609	#endif
603		610
@@ -2022,23 +2029,7 @@ session_proctitle(Session *s)
2022	void	2029	void
2023	do_authenticated2(Authctxt *authctxt)	2030	do_authenticated2(Authctxt *authctxt)
2024	{	2031	{
2025	/*	2032
2026	* Cancel the alarm we set to limit the time taken for
2027	* authentication.
2028	*/
2029	alarm(0);
2030	if (startup_pipe != -1) {
2031	close(startup_pipe);
2032	startup_pipe = -1;
2033	}
2034	if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
2035	channel_permit_all_opens();
2036	#if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD)
2037	if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) {
2038	error("unable to get login class");
2039	return;
2040	}
2041	#endif
2042	server_loop2();	2033	server_loop2();
2043	if (xauthfile)	2034	if (xauthfile)
2044	xauthfile_cleanup_proc(NULL);	2035	xauthfile_cleanup_proc(NULL);


diff --git a/session.h b/session.h index 133e9233f..842e9412a 100644 --- a/session.h +++ b/session.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: session.h,v 1.5 2001/01/29 01:58:18 niklas Exp $ */	1	/* $OpenBSD: session.h,v 1.6 2001/03/21 11:43:45 markus Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 2000 Markus Friedl. All rights reserved.	4	* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -26,11 +26,8 @@
26	#ifndef SESSION_H	26	#ifndef SESSION_H
27	#define SESSION_H	27	#define SESSION_H
28		28
29	/* SSH1 */	29	void do_authenticated(Authctxt *ac);
30	void do_authenticated(struct passwd * pw);
31		30
32	/* SSH2 */
33	void do_authenticated2(Authctxt *ac);
34	int session_open(int id);	31	int session_open(int id);
35	void session_input_channel_req(int id, void *arg);	32	void session_input_channel_req(int id, void *arg);
36	void session_close_by_pid(pid_t pid, int status);	33	void session_close_by_pid(pid_t pid, int status);