summaryrefslogtreecommitdiff
path: root/session.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2009-12-29 21:32:03 +0000
committerColin Watson <cjwatson@debian.org>2009-12-29 21:32:03 +0000
commit04942aa41fa94ec6f2c3ce1d348f600f31bb7c78 (patch)
treeaf8e928bd79d3f2d0219bb5b2c78b573ec31d94c /session.c
parent9ad7b718d42e43f3a285fcbc8f91193931fce324 (diff)
parent16704d57999d987fb8d9ba53379841a79f016d67 (diff)
import openssh-4.2p1-gsskex-20050926-2.patch
Diffstat (limited to 'session.c')
-rw-r--r--session.c136
1 files changed, 123 insertions, 13 deletions
diff --git a/session.c b/session.c
index b32c9e2ca..db8722f47 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
33 */ 33 */
34 34
35#include "includes.h" 35#include "includes.h"
36RCSID("$OpenBSD: session.c,v 1.181 2004/12/23 17:35:48 markus Exp $"); 36RCSID("$OpenBSD: session.c,v 1.186 2005/07/25 11:59:40 markus Exp $");
37 37
38#include "ssh.h" 38#include "ssh.h"
39#include "ssh1.h" 39#include "ssh1.h"
@@ -56,6 +56,7 @@ RCSID("$OpenBSD: session.c,v 1.181 2004/12/23 17:35:48 markus Exp $");
56#include "serverloop.h" 56#include "serverloop.h"
57#include "canohost.h" 57#include "canohost.h"
58#include "session.h" 58#include "session.h"
59#include "kex.h"
59#include "monitor_wrap.h" 60#include "monitor_wrap.h"
60 61
61#if defined(KRB5) && defined(USE_AFS) 62#if defined(KRB5) && defined(USE_AFS)
@@ -196,11 +197,11 @@ auth_input_request_forwarding(struct passwd * pw)
196static void 197static void
197display_loginmsg(void) 198display_loginmsg(void)
198{ 199{
199 if (buffer_len(&loginmsg) > 0) { 200 if (buffer_len(&loginmsg) > 0) {
200 buffer_append(&loginmsg, "\0", 1); 201 buffer_append(&loginmsg, "\0", 1);
201 printf("%s", (char *)buffer_ptr(&loginmsg)); 202 printf("%s", (char *)buffer_ptr(&loginmsg));
202 buffer_clear(&loginmsg); 203 buffer_clear(&loginmsg);
203 } 204 }
204} 205}
205 206
206void 207void
@@ -272,7 +273,7 @@ do_authenticated1(Authctxt *authctxt)
272 compression_level); 273 compression_level);
273 break; 274 break;
274 } 275 }
275 if (!options.compression) { 276 if (options.compression == COMP_NONE) {
276 debug2("compression disabled"); 277 debug2("compression disabled");
277 break; 278 break;
278 } 279 }
@@ -946,7 +947,8 @@ read_etc_default_login(char ***env, u_int *envsize, uid_t uid)
946} 947}
947#endif /* HAVE_ETC_DEFAULT_LOGIN */ 948#endif /* HAVE_ETC_DEFAULT_LOGIN */
948 949
949void copy_environment(char **source, char ***env, u_int *envsize) 950void
951copy_environment(char **source, char ***env, u_int *envsize)
950{ 952{
951 char *var_name, *var_val; 953 char *var_name, *var_val;
952 int i; 954 int i;
@@ -1332,6 +1334,11 @@ do_setusercontext(struct passwd *pw)
1332# ifdef _AIX 1334# ifdef _AIX
1333 aix_usrinfo(pw); 1335 aix_usrinfo(pw);
1334# endif /* _AIX */ 1336# endif /* _AIX */
1337#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF)
1338 if (set_id(pw->pw_name) != 0) {
1339 exit(1);
1340 }
1341#endif /* HAVE_LIBIAF && !BROKEN_LIBIAF */
1335 /* Permanently switch to the desired uid. */ 1342 /* Permanently switch to the desired uid. */
1336 permanently_set_uid(pw); 1343 permanently_set_uid(pw);
1337#endif 1344#endif
@@ -1477,7 +1484,8 @@ do_child(Session *s, const char *command)
1477 } 1484 }
1478 1485
1479#ifdef USE_PAM 1486#ifdef USE_PAM
1480 if (options.use_pam && !is_pam_session_open()) { 1487 if (options.use_pam && !options.use_login && !is_pam_session_open()) {
1488 debug3("PAM session not opened, exiting");
1481 display_loginmsg(); 1489 display_loginmsg();
1482 exit(254); 1490 exit(254);
1483 } 1491 }
@@ -1528,7 +1536,7 @@ do_child(Session *s, const char *command)
1528 */ 1536 */
1529 1537
1530 if (options.kerberos_get_afs_token && k_hasafs() && 1538 if (options.kerberos_get_afs_token && k_hasafs() &&
1531 (s->authctxt->krb5_ctx != NULL)) { 1539 (s->authctxt->krb5_ctx != NULL)) {
1532 char cell[64]; 1540 char cell[64];
1533 1541
1534 debug("Getting AFS token"); 1542 debug("Getting AFS token");
@@ -1632,6 +1640,7 @@ session_new(void)
1632 s->ttyfd = -1; 1640 s->ttyfd = -1;
1633 s->used = 1; 1641 s->used = 1;
1634 s->self = i; 1642 s->self = i;
1643 s->x11_chanids = NULL;
1635 debug("session_new: session %d", i); 1644 debug("session_new: session %d", i);
1636 return s; 1645 return s;
1637 } 1646 }
@@ -1705,6 +1714,29 @@ session_by_channel(int id)
1705} 1714}
1706 1715
1707static Session * 1716static Session *
1717session_by_x11_channel(int id)
1718{
1719 int i, j;
1720
1721 for (i = 0; i < MAX_SESSIONS; i++) {
1722 Session *s = &sessions[i];
1723
1724 if (s->x11_chanids == NULL || !s->used)
1725 continue;
1726 for (j = 0; s->x11_chanids[j] != -1; j++) {
1727 if (s->x11_chanids[j] == id) {
1728 debug("session_by_x11_channel: session %d "
1729 "channel %d", s->self, id);
1730 return s;
1731 }
1732 }
1733 }
1734 debug("session_by_x11_channel: unknown channel %d", id);
1735 session_dump();
1736 return NULL;
1737}
1738
1739static Session *
1708session_by_pid(pid_t pid) 1740session_by_pid(pid_t pid)
1709{ 1741{
1710 int i; 1742 int i;
@@ -1799,7 +1831,7 @@ session_subsystem_req(Session *s)
1799 u_int len; 1831 u_int len;
1800 int success = 0; 1832 int success = 0;
1801 char *cmd, *subsys = packet_get_string(&len); 1833 char *cmd, *subsys = packet_get_string(&len);
1802 int i; 1834 u_int i;
1803 1835
1804 packet_check_eom(); 1836 packet_check_eom();
1805 logit("subsystem request for %.100s", subsys); 1837 logit("subsystem request for %.100s", subsys);
@@ -1833,6 +1865,11 @@ session_x11_req(Session *s)
1833{ 1865{
1834 int success; 1866 int success;
1835 1867
1868 if (s->auth_proto != NULL || s->auth_data != NULL) {
1869 error("session_x11_req: session %d: "
1870 "x11 fowarding already active", s->self);
1871 return 0;
1872 }
1836 s->single_connection = packet_get_char(); 1873 s->single_connection = packet_get_char();
1837 s->auth_proto = packet_get_string(NULL); 1874 s->auth_proto = packet_get_string(NULL);
1838 s->auth_data = packet_get_string(NULL); 1875 s->auth_data = packet_get_string(NULL);
@@ -2058,9 +2095,66 @@ sig2name(int sig)
2058} 2095}
2059 2096
2060static void 2097static void
2098session_close_x11(int id)
2099{
2100 Channel *c;
2101
2102 if ((c = channel_lookup(id)) == NULL) {
2103 debug("session_close_x11: x11 channel %d missing", id);
2104 } else {
2105 /* Detach X11 listener */
2106 debug("session_close_x11: detach x11 channel %d", id);
2107 channel_cancel_cleanup(id);
2108 if (c->ostate != CHAN_OUTPUT_CLOSED)
2109 chan_mark_dead(c);
2110 }
2111}
2112
2113static void
2114session_close_single_x11(int id, void *arg)
2115{
2116 Session *s;
2117 u_int i;
2118
2119 debug3("session_close_single_x11: channel %d", id);
2120 channel_cancel_cleanup(id);
2121 if ((s = session_by_x11_channel(id)) == NULL)
2122 fatal("session_close_single_x11: no x11 channel %d", id);
2123 for (i = 0; s->x11_chanids[i] != -1; i++) {
2124 debug("session_close_single_x11: session %d: "
2125 "closing channel %d", s->self, s->x11_chanids[i]);
2126 /*
2127 * The channel "id" is already closing, but make sure we
2128 * close all of its siblings.
2129 */
2130 if (s->x11_chanids[i] != id)
2131 session_close_x11(s->x11_chanids[i]);
2132 }
2133 xfree(s->x11_chanids);
2134 s->x11_chanids = NULL;
2135 if (s->display) {
2136 xfree(s->display);
2137 s->display = NULL;
2138 }
2139 if (s->auth_proto) {
2140 xfree(s->auth_proto);
2141 s->auth_proto = NULL;
2142 }
2143 if (s->auth_data) {
2144 xfree(s->auth_data);
2145 s->auth_data = NULL;
2146 }
2147 if (s->auth_display) {
2148 xfree(s->auth_display);
2149 s->auth_display = NULL;
2150 }
2151}
2152
2153static void
2061session_exit_message(Session *s, int status) 2154session_exit_message(Session *s, int status)
2062{ 2155{
2063 Channel *c; 2156 Channel *c;
2157 u_int i;
2064 2158
2065 if ((c = channel_lookup(s->chanid)) == NULL) 2159 if ((c = channel_lookup(s->chanid)) == NULL)
2066 fatal("session_exit_message: session %d: no channel %d", 2160 fatal("session_exit_message: session %d: no channel %d",
@@ -2100,12 +2194,20 @@ session_exit_message(Session *s, int status)
2100 if (c->ostate != CHAN_OUTPUT_CLOSED) 2194 if (c->ostate != CHAN_OUTPUT_CLOSED)
2101 chan_write_failed(c); 2195 chan_write_failed(c);
2102 s->chanid = -1; 2196 s->chanid = -1;
2197
2198 /* Close any X11 listeners associated with this session */
2199 if (s->x11_chanids != NULL) {
2200 for (i = 0; s->x11_chanids[i] != -1; i++) {
2201 session_close_x11(s->x11_chanids[i]);
2202 s->x11_chanids[i] = -1;
2203 }
2204 }
2103} 2205}
2104 2206
2105void 2207void
2106session_close(Session *s) 2208session_close(Session *s)
2107{ 2209{
2108 int i; 2210 u_int i;
2109 2211
2110 debug("session_close: session %d pid %ld", s->self, (long)s->pid); 2212 debug("session_close: session %d pid %ld", s->self, (long)s->pid);
2111 if (s->ttyfd != -1) 2213 if (s->ttyfd != -1)
@@ -2114,6 +2216,8 @@ session_close(Session *s)
2114 xfree(s->term); 2216 xfree(s->term);
2115 if (s->display) 2217 if (s->display)
2116 xfree(s->display); 2218 xfree(s->display);
2219 if (s->x11_chanids)
2220 xfree(s->x11_chanids);
2117 if (s->auth_display) 2221 if (s->auth_display)
2118 xfree(s->auth_display); 2222 xfree(s->auth_display);
2119 if (s->auth_data) 2223 if (s->auth_data)
@@ -2152,6 +2256,7 @@ void
2152session_close_by_channel(int id, void *arg) 2256session_close_by_channel(int id, void *arg)
2153{ 2257{
2154 Session *s = session_by_channel(id); 2258 Session *s = session_by_channel(id);
2259
2155 if (s == NULL) { 2260 if (s == NULL) {
2156 debug("session_close_by_channel: no session for id %d", id); 2261 debug("session_close_by_channel: no session for id %d", id);
2157 return; 2262 return;
@@ -2232,6 +2337,7 @@ session_setup_x11fwd(Session *s)
2232 struct stat st; 2337 struct stat st;
2233 char display[512], auth_display[512]; 2338 char display[512], auth_display[512];
2234 char hostname[MAXHOSTNAMELEN]; 2339 char hostname[MAXHOSTNAMELEN];
2340 u_int i;
2235 2341
2236 if (no_x11_forwarding_flag) { 2342 if (no_x11_forwarding_flag) {
2237 packet_send_debug("X11 forwarding disabled in user configuration file."); 2343 packet_send_debug("X11 forwarding disabled in user configuration file.");
@@ -2257,10 +2363,14 @@ session_setup_x11fwd(Session *s)
2257 } 2363 }
2258 if (x11_create_display_inet(options.x11_display_offset, 2364 if (x11_create_display_inet(options.x11_display_offset,
2259 options.x11_use_localhost, s->single_connection, 2365 options.x11_use_localhost, s->single_connection,
2260 &s->display_number) == -1) { 2366 &s->display_number, &s->x11_chanids) == -1) {
2261 debug("x11_create_display_inet failed."); 2367 debug("x11_create_display_inet failed.");
2262 return 0; 2368 return 0;
2263 } 2369 }
2370 for (i = 0; s->x11_chanids[i] != -1; i++) {
2371 channel_register_cleanup(s->x11_chanids[i],
2372 session_close_single_x11);
2373 }
2264 2374
2265 /* Set up a suitable value for the DISPLAY variable. */ 2375 /* Set up a suitable value for the DISPLAY variable. */
2266 if (gethostname(hostname, sizeof(hostname)) < 0) 2376 if (gethostname(hostname, sizeof(hostname)) < 0)