diff options
author | djm@openbsd.org <djm@openbsd.org> | 2017-09-12 06:32:07 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-09-12 17:37:02 +1000 |
commit | dbee4119b502e3f8b6cd3282c69c537fd01d8e16 (patch) | |
tree | b8a3263a79e0920e8d08f188654f1ccb7c254406 /session.c | |
parent | abd59663df37a42152e37980113ccaa405b9a282 (diff) |
upstream commit
refactor channels.c
Move static state to a "struct ssh_channels" that is allocated at
runtime and tracked as a member of struct ssh.
Explicitly pass "struct ssh" to all channels functions.
Replace use of the legacy packet APIs in channels.c.
Rework sshd_config PermitOpen handling: previously the configuration
parser would call directly into the channels layer. After the refactor
this is not possible, as the channels structures are allocated at
connection time and aren't available when the configuration is parsed.
The server config parser now tracks PermitOpen itself and explicitly
configures the channels code later.
ok markus@
Upstream-ID: 11828f161656b965cc306576422613614bea2d8f
Diffstat (limited to 'session.c')
-rw-r--r-- | session.c | 223 |
1 files changed, 108 insertions, 115 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: session.c,v 1.291 2017/08/18 05:36:45 djm Exp $ */ | 1 | /* $OpenBSD: session.c,v 1.292 2017/09/12 06:32:07 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
4 | * All rights reserved | 4 | * All rights reserved |
@@ -113,24 +113,24 @@ | |||
113 | /* func */ | 113 | /* func */ |
114 | 114 | ||
115 | Session *session_new(void); | 115 | Session *session_new(void); |
116 | void session_set_fds(Session *, int, int, int, int, int); | 116 | void session_set_fds(struct ssh *, Session *, int, int, int, int, int); |
117 | void session_pty_cleanup(Session *); | 117 | void session_pty_cleanup(Session *); |
118 | void session_proctitle(Session *); | 118 | void session_proctitle(Session *); |
119 | int session_setup_x11fwd(Session *); | 119 | int session_setup_x11fwd(struct ssh *, Session *); |
120 | int do_exec_pty(Session *, const char *); | 120 | int do_exec_pty(struct ssh *, Session *, const char *); |
121 | int do_exec_no_pty(Session *, const char *); | 121 | int do_exec_no_pty(struct ssh *, Session *, const char *); |
122 | int do_exec(Session *, const char *); | 122 | int do_exec(struct ssh *, Session *, const char *); |
123 | void do_login(Session *, const char *); | 123 | void do_login(struct ssh *, Session *, const char *); |
124 | void do_child(struct ssh *, Session *, const char *); | ||
124 | #ifdef LOGIN_NEEDS_UTMPX | 125 | #ifdef LOGIN_NEEDS_UTMPX |
125 | static void do_pre_login(Session *s); | 126 | static void do_pre_login(Session *s); |
126 | #endif | 127 | #endif |
127 | void do_child(Session *, const char *); | ||
128 | void do_motd(void); | 128 | void do_motd(void); |
129 | int check_quietlogin(Session *, const char *); | 129 | int check_quietlogin(Session *, const char *); |
130 | 130 | ||
131 | static void do_authenticated2(Authctxt *); | 131 | static void do_authenticated2(struct ssh *, Authctxt *); |
132 | 132 | ||
133 | static int session_pty_req(Session *); | 133 | static int session_pty_req(struct ssh *, Session *); |
134 | 134 | ||
135 | /* import */ | 135 | /* import */ |
136 | extern ServerOptions options; | 136 | extern ServerOptions options; |
@@ -183,7 +183,7 @@ auth_sock_cleanup_proc(struct passwd *pw) | |||
183 | } | 183 | } |
184 | 184 | ||
185 | static int | 185 | static int |
186 | auth_input_request_forwarding(struct passwd * pw) | 186 | auth_input_request_forwarding(struct ssh *ssh, struct passwd * pw) |
187 | { | 187 | { |
188 | Channel *nc; | 188 | Channel *nc; |
189 | int sock = -1; | 189 | int sock = -1; |
@@ -223,7 +223,7 @@ auth_input_request_forwarding(struct passwd * pw) | |||
223 | goto authsock_err; | 223 | goto authsock_err; |
224 | 224 | ||
225 | /* Allocate a channel for the authentication agent socket. */ | 225 | /* Allocate a channel for the authentication agent socket. */ |
226 | nc = channel_new("auth socket", | 226 | nc = channel_new(ssh, "auth socket", |
227 | SSH_CHANNEL_AUTH_SOCKET, sock, sock, -1, | 227 | SSH_CHANNEL_AUTH_SOCKET, sock, sock, -1, |
228 | CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, | 228 | CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, |
229 | 0, "auth socket", 1); | 229 | 0, "auth socket", 1); |
@@ -288,7 +288,7 @@ prepare_auth_info_file(struct passwd *pw, struct sshbuf *info) | |||
288 | } | 288 | } |
289 | 289 | ||
290 | void | 290 | void |
291 | do_authenticated(Authctxt *authctxt) | 291 | do_authenticated(struct ssh *ssh, Authctxt *authctxt) |
292 | { | 292 | { |
293 | setproctitle("%s", authctxt->pw->pw_name); | 293 | setproctitle("%s", authctxt->pw->pw_name); |
294 | 294 | ||
@@ -296,17 +296,17 @@ do_authenticated(Authctxt *authctxt) | |||
296 | /* XXX - streamlocal? */ | 296 | /* XXX - streamlocal? */ |
297 | if (no_port_forwarding_flag || options.disable_forwarding || | 297 | if (no_port_forwarding_flag || options.disable_forwarding || |
298 | (options.allow_tcp_forwarding & FORWARD_LOCAL) == 0) | 298 | (options.allow_tcp_forwarding & FORWARD_LOCAL) == 0) |
299 | channel_disable_adm_local_opens(); | 299 | channel_disable_adm_local_opens(ssh); |
300 | else | 300 | else |
301 | channel_permit_all_opens(); | 301 | channel_permit_all_opens(ssh); |
302 | 302 | ||
303 | auth_debug_send(); | 303 | auth_debug_send(); |
304 | 304 | ||
305 | prepare_auth_info_file(authctxt->pw, authctxt->session_info); | 305 | prepare_auth_info_file(authctxt->pw, authctxt->session_info); |
306 | 306 | ||
307 | do_authenticated2(authctxt); | 307 | do_authenticated2(ssh, authctxt); |
308 | 308 | ||
309 | do_cleanup(authctxt); | 309 | do_cleanup(ssh, authctxt); |
310 | } | 310 | } |
311 | 311 | ||
312 | /* Check untrusted xauth strings for metacharacters */ | 312 | /* Check untrusted xauth strings for metacharacters */ |
@@ -331,7 +331,7 @@ xauth_valid_string(const char *s) | |||
331 | * setting up file descriptors and such. | 331 | * setting up file descriptors and such. |
332 | */ | 332 | */ |
333 | int | 333 | int |
334 | do_exec_no_pty(Session *s, const char *command) | 334 | do_exec_no_pty(struct ssh *ssh, Session *s, const char *command) |
335 | { | 335 | { |
336 | pid_t pid; | 336 | pid_t pid; |
337 | 337 | ||
@@ -456,7 +456,7 @@ do_exec_no_pty(Session *s, const char *command) | |||
456 | #endif | 456 | #endif |
457 | 457 | ||
458 | /* Do processing for the child (exec command etc). */ | 458 | /* Do processing for the child (exec command etc). */ |
459 | do_child(s, command); | 459 | do_child(ssh, s, command); |
460 | /* NOTREACHED */ | 460 | /* NOTREACHED */ |
461 | default: | 461 | default: |
462 | break; | 462 | break; |
@@ -487,7 +487,7 @@ do_exec_no_pty(Session *s, const char *command) | |||
487 | close(pout[1]); | 487 | close(pout[1]); |
488 | close(perr[1]); | 488 | close(perr[1]); |
489 | 489 | ||
490 | session_set_fds(s, pin[1], pout[0], perr[0], | 490 | session_set_fds(ssh, s, pin[1], pout[0], perr[0], |
491 | s->is_subsystem, 0); | 491 | s->is_subsystem, 0); |
492 | #else | 492 | #else |
493 | /* We are the parent. Close the child sides of the socket pairs. */ | 493 | /* We are the parent. Close the child sides of the socket pairs. */ |
@@ -511,7 +511,7 @@ do_exec_no_pty(Session *s, const char *command) | |||
511 | * lastlog, and other such operations. | 511 | * lastlog, and other such operations. |
512 | */ | 512 | */ |
513 | int | 513 | int |
514 | do_exec_pty(Session *s, const char *command) | 514 | do_exec_pty(struct ssh *ssh, Session *s, const char *command) |
515 | { | 515 | { |
516 | int fdout, ptyfd, ttyfd, ptymaster; | 516 | int fdout, ptyfd, ttyfd, ptymaster; |
517 | pid_t pid; | 517 | pid_t pid; |
@@ -580,13 +580,13 @@ do_exec_pty(Session *s, const char *command) | |||
580 | cray_init_job(s->pw); /* set up cray jid and tmpdir */ | 580 | cray_init_job(s->pw); /* set up cray jid and tmpdir */ |
581 | #endif /* _UNICOS */ | 581 | #endif /* _UNICOS */ |
582 | #ifndef HAVE_OSF_SIA | 582 | #ifndef HAVE_OSF_SIA |
583 | do_login(s, command); | 583 | do_login(ssh, s, command); |
584 | #endif | 584 | #endif |
585 | /* | 585 | /* |
586 | * Do common processing for the child, such as execing | 586 | * Do common processing for the child, such as execing |
587 | * the command. | 587 | * the command. |
588 | */ | 588 | */ |
589 | do_child(s, command); | 589 | do_child(ssh, s, command); |
590 | /* NOTREACHED */ | 590 | /* NOTREACHED */ |
591 | default: | 591 | default: |
592 | break; | 592 | break; |
@@ -608,7 +608,7 @@ do_exec_pty(Session *s, const char *command) | |||
608 | s->ptymaster = ptymaster; | 608 | s->ptymaster = ptymaster; |
609 | packet_set_interactive(1, | 609 | packet_set_interactive(1, |
610 | options.ip_qos_interactive, options.ip_qos_bulk); | 610 | options.ip_qos_interactive, options.ip_qos_bulk); |
611 | session_set_fds(s, ptyfd, fdout, -1, 1, 1); | 611 | session_set_fds(ssh, s, ptyfd, fdout, -1, 1, 1); |
612 | return 0; | 612 | return 0; |
613 | } | 613 | } |
614 | 614 | ||
@@ -646,9 +646,8 @@ do_pre_login(Session *s) | |||
646 | * to be forced, execute that instead. | 646 | * to be forced, execute that instead. |
647 | */ | 647 | */ |
648 | int | 648 | int |
649 | do_exec(Session *s, const char *command) | 649 | do_exec(struct ssh *ssh, Session *s, const char *command) |
650 | { | 650 | { |
651 | struct ssh *ssh = active_state; /* XXX */ | ||
652 | int ret; | 651 | int ret; |
653 | const char *forced = NULL, *tty = NULL; | 652 | const char *forced = NULL, *tty = NULL; |
654 | char session_type[1024]; | 653 | char session_type[1024]; |
@@ -707,9 +706,9 @@ do_exec(Session *s, const char *command) | |||
707 | } | 706 | } |
708 | #endif | 707 | #endif |
709 | if (s->ttyfd != -1) | 708 | if (s->ttyfd != -1) |
710 | ret = do_exec_pty(s, command); | 709 | ret = do_exec_pty(ssh, s, command); |
711 | else | 710 | else |
712 | ret = do_exec_no_pty(s, command); | 711 | ret = do_exec_no_pty(ssh, s, command); |
713 | 712 | ||
714 | original_command = NULL; | 713 | original_command = NULL; |
715 | 714 | ||
@@ -725,9 +724,8 @@ do_exec(Session *s, const char *command) | |||
725 | 724 | ||
726 | /* administrative, login(1)-like work */ | 725 | /* administrative, login(1)-like work */ |
727 | void | 726 | void |
728 | do_login(Session *s, const char *command) | 727 | do_login(struct ssh *ssh, Session *s, const char *command) |
729 | { | 728 | { |
730 | struct ssh *ssh = active_state; /* XXX */ | ||
731 | socklen_t fromlen; | 729 | socklen_t fromlen; |
732 | struct sockaddr_storage from; | 730 | struct sockaddr_storage from; |
733 | struct passwd * pw = s->pw; | 731 | struct passwd * pw = s->pw; |
@@ -960,9 +958,8 @@ copy_environment(char **source, char ***env, u_int *envsize) | |||
960 | } | 958 | } |
961 | 959 | ||
962 | static char ** | 960 | static char ** |
963 | do_setup_env(Session *s, const char *shell) | 961 | do_setup_env(struct ssh *ssh, Session *s, const char *shell) |
964 | { | 962 | { |
965 | struct ssh *ssh = active_state; /* XXX */ | ||
966 | char buf[256]; | 963 | char buf[256]; |
967 | u_int i, envsize; | 964 | u_int i, envsize; |
968 | char **env, *laddr; | 965 | char **env, *laddr; |
@@ -1421,7 +1418,7 @@ do_pwchange(Session *s) | |||
1421 | } | 1418 | } |
1422 | 1419 | ||
1423 | static void | 1420 | static void |
1424 | child_close_fds(void) | 1421 | child_close_fds(struct ssh *ssh) |
1425 | { | 1422 | { |
1426 | extern int auth_sock; | 1423 | extern int auth_sock; |
1427 | 1424 | ||
@@ -1441,7 +1438,7 @@ child_close_fds(void) | |||
1441 | * open in the parent. | 1438 | * open in the parent. |
1442 | */ | 1439 | */ |
1443 | /* XXX better use close-on-exec? -markus */ | 1440 | /* XXX better use close-on-exec? -markus */ |
1444 | channel_close_all(); | 1441 | channel_close_all(ssh); |
1445 | 1442 | ||
1446 | /* | 1443 | /* |
1447 | * Close any extra file descriptors. Note that there may still be | 1444 | * Close any extra file descriptors. Note that there may still be |
@@ -1465,7 +1462,7 @@ child_close_fds(void) | |||
1465 | */ | 1462 | */ |
1466 | #define ARGV_MAX 10 | 1463 | #define ARGV_MAX 10 |
1467 | void | 1464 | void |
1468 | do_child(Session *s, const char *command) | 1465 | do_child(struct ssh *ssh, Session *s, const char *command) |
1469 | { | 1466 | { |
1470 | extern char **environ; | 1467 | extern char **environ; |
1471 | char **env; | 1468 | char **env; |
@@ -1481,7 +1478,7 @@ do_child(Session *s, const char *command) | |||
1481 | /* Force a password change */ | 1478 | /* Force a password change */ |
1482 | if (s->authctxt->force_pwchange) { | 1479 | if (s->authctxt->force_pwchange) { |
1483 | do_setusercontext(pw); | 1480 | do_setusercontext(pw); |
1484 | child_close_fds(); | 1481 | child_close_fds(ssh); |
1485 | do_pwchange(s); | 1482 | do_pwchange(s); |
1486 | exit(1); | 1483 | exit(1); |
1487 | } | 1484 | } |
@@ -1530,7 +1527,7 @@ do_child(Session *s, const char *command) | |||
1530 | * Make sure $SHELL points to the shell from the password file, | 1527 | * Make sure $SHELL points to the shell from the password file, |
1531 | * even if shell is overridden from login.conf | 1528 | * even if shell is overridden from login.conf |
1532 | */ | 1529 | */ |
1533 | env = do_setup_env(s, shell); | 1530 | env = do_setup_env(ssh, s, shell); |
1534 | 1531 | ||
1535 | #ifdef HAVE_LOGIN_CAP | 1532 | #ifdef HAVE_LOGIN_CAP |
1536 | shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell); | 1533 | shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell); |
@@ -1543,7 +1540,7 @@ do_child(Session *s, const char *command) | |||
1543 | * closed before building the environment, as we call | 1540 | * closed before building the environment, as we call |
1544 | * ssh_remote_ipaddr there. | 1541 | * ssh_remote_ipaddr there. |
1545 | */ | 1542 | */ |
1546 | child_close_fds(); | 1543 | child_close_fds(ssh); |
1547 | 1544 | ||
1548 | /* | 1545 | /* |
1549 | * Must take new environment into use so that .ssh/rc, | 1546 | * Must take new environment into use so that .ssh/rc, |
@@ -1840,7 +1837,7 @@ session_by_pid(pid_t pid) | |||
1840 | } | 1837 | } |
1841 | 1838 | ||
1842 | static int | 1839 | static int |
1843 | session_window_change_req(Session *s) | 1840 | session_window_change_req(struct ssh *ssh, Session *s) |
1844 | { | 1841 | { |
1845 | s->col = packet_get_int(); | 1842 | s->col = packet_get_int(); |
1846 | s->row = packet_get_int(); | 1843 | s->row = packet_get_int(); |
@@ -1852,7 +1849,7 @@ session_window_change_req(Session *s) | |||
1852 | } | 1849 | } |
1853 | 1850 | ||
1854 | static int | 1851 | static int |
1855 | session_pty_req(Session *s) | 1852 | session_pty_req(struct ssh *ssh, Session *s) |
1856 | { | 1853 | { |
1857 | u_int len; | 1854 | u_int len; |
1858 | int n_bytes; | 1855 | int n_bytes; |
@@ -1905,7 +1902,7 @@ session_pty_req(Session *s) | |||
1905 | } | 1902 | } |
1906 | 1903 | ||
1907 | static int | 1904 | static int |
1908 | session_subsystem_req(Session *s) | 1905 | session_subsystem_req(struct ssh *ssh, Session *s) |
1909 | { | 1906 | { |
1910 | struct stat st; | 1907 | struct stat st; |
1911 | u_int len; | 1908 | u_int len; |
@@ -1932,7 +1929,7 @@ session_subsystem_req(Session *s) | |||
1932 | s->is_subsystem = SUBSYSTEM_EXT; | 1929 | s->is_subsystem = SUBSYSTEM_EXT; |
1933 | debug("subsystem: exec() %s", cmd); | 1930 | debug("subsystem: exec() %s", cmd); |
1934 | } | 1931 | } |
1935 | success = do_exec(s, cmd) == 0; | 1932 | success = do_exec(ssh, s, cmd) == 0; |
1936 | break; | 1933 | break; |
1937 | } | 1934 | } |
1938 | } | 1935 | } |
@@ -1945,7 +1942,7 @@ session_subsystem_req(Session *s) | |||
1945 | } | 1942 | } |
1946 | 1943 | ||
1947 | static int | 1944 | static int |
1948 | session_x11_req(Session *s) | 1945 | session_x11_req(struct ssh *ssh, Session *s) |
1949 | { | 1946 | { |
1950 | int success; | 1947 | int success; |
1951 | 1948 | ||
@@ -1962,7 +1959,7 @@ session_x11_req(Session *s) | |||
1962 | 1959 | ||
1963 | if (xauth_valid_string(s->auth_proto) && | 1960 | if (xauth_valid_string(s->auth_proto) && |
1964 | xauth_valid_string(s->auth_data)) | 1961 | xauth_valid_string(s->auth_data)) |
1965 | success = session_setup_x11fwd(s); | 1962 | success = session_setup_x11fwd(ssh, s); |
1966 | else { | 1963 | else { |
1967 | success = 0; | 1964 | success = 0; |
1968 | error("Invalid X11 forwarding data"); | 1965 | error("Invalid X11 forwarding data"); |
@@ -1977,26 +1974,26 @@ session_x11_req(Session *s) | |||
1977 | } | 1974 | } |
1978 | 1975 | ||
1979 | static int | 1976 | static int |
1980 | session_shell_req(Session *s) | 1977 | session_shell_req(struct ssh *ssh, Session *s) |
1981 | { | 1978 | { |
1982 | packet_check_eom(); | 1979 | packet_check_eom(); |
1983 | return do_exec(s, NULL) == 0; | 1980 | return do_exec(ssh, s, NULL) == 0; |
1984 | } | 1981 | } |
1985 | 1982 | ||
1986 | static int | 1983 | static int |
1987 | session_exec_req(Session *s) | 1984 | session_exec_req(struct ssh *ssh, Session *s) |
1988 | { | 1985 | { |
1989 | u_int len, success; | 1986 | u_int len, success; |
1990 | 1987 | ||
1991 | char *command = packet_get_string(&len); | 1988 | char *command = packet_get_string(&len); |
1992 | packet_check_eom(); | 1989 | packet_check_eom(); |
1993 | success = do_exec(s, command) == 0; | 1990 | success = do_exec(ssh, s, command) == 0; |
1994 | free(command); | 1991 | free(command); |
1995 | return success; | 1992 | return success; |
1996 | } | 1993 | } |
1997 | 1994 | ||
1998 | static int | 1995 | static int |
1999 | session_break_req(Session *s) | 1996 | session_break_req(struct ssh *ssh, Session *s) |
2000 | { | 1997 | { |
2001 | 1998 | ||
2002 | packet_get_int(); /* ignored */ | 1999 | packet_get_int(); /* ignored */ |
@@ -2008,7 +2005,7 @@ session_break_req(Session *s) | |||
2008 | } | 2005 | } |
2009 | 2006 | ||
2010 | static int | 2007 | static int |
2011 | session_env_req(Session *s) | 2008 | session_env_req(struct ssh *ssh, Session *s) |
2012 | { | 2009 | { |
2013 | char *name, *val; | 2010 | char *name, *val; |
2014 | u_int name_len, val_len, i; | 2011 | u_int name_len, val_len, i; |
@@ -2043,7 +2040,7 @@ session_env_req(Session *s) | |||
2043 | } | 2040 | } |
2044 | 2041 | ||
2045 | static int | 2042 | static int |
2046 | session_auth_agent_req(Session *s) | 2043 | session_auth_agent_req(struct ssh *ssh, Session *s) |
2047 | { | 2044 | { |
2048 | static int called = 0; | 2045 | static int called = 0; |
2049 | packet_check_eom(); | 2046 | packet_check_eom(); |
@@ -2055,22 +2052,21 @@ session_auth_agent_req(Session *s) | |||
2055 | return 0; | 2052 | return 0; |
2056 | } else { | 2053 | } else { |
2057 | called = 1; | 2054 | called = 1; |
2058 | return auth_input_request_forwarding(s->pw); | 2055 | return auth_input_request_forwarding(ssh, s->pw); |
2059 | } | 2056 | } |
2060 | } | 2057 | } |
2061 | 2058 | ||
2062 | int | 2059 | int |
2063 | session_input_channel_req(Channel *c, const char *rtype) | 2060 | session_input_channel_req(struct ssh *ssh, Channel *c, const char *rtype) |
2064 | { | 2061 | { |
2065 | int success = 0; | 2062 | int success = 0; |
2066 | Session *s; | 2063 | Session *s; |
2067 | 2064 | ||
2068 | if ((s = session_by_channel(c->self)) == NULL) { | 2065 | if ((s = session_by_channel(c->self)) == NULL) { |
2069 | logit("session_input_channel_req: no session %d req %.100s", | 2066 | logit("%s: no session %d req %.100s", __func__, c->self, rtype); |
2070 | c->self, rtype); | ||
2071 | return 0; | 2067 | return 0; |
2072 | } | 2068 | } |
2073 | debug("session_input_channel_req: session %d req %s", s->self, rtype); | 2069 | debug("%s: session %d req %s", __func__, s->self, rtype); |
2074 | 2070 | ||
2075 | /* | 2071 | /* |
2076 | * a session is in LARVAL state until a shell, a command | 2072 | * a session is in LARVAL state until a shell, a command |
@@ -2078,33 +2074,33 @@ session_input_channel_req(Channel *c, const char *rtype) | |||
2078 | */ | 2074 | */ |
2079 | if (c->type == SSH_CHANNEL_LARVAL) { | 2075 | if (c->type == SSH_CHANNEL_LARVAL) { |
2080 | if (strcmp(rtype, "shell") == 0) { | 2076 | if (strcmp(rtype, "shell") == 0) { |
2081 | success = session_shell_req(s); | 2077 | success = session_shell_req(ssh, s); |
2082 | } else if (strcmp(rtype, "exec") == 0) { | 2078 | } else if (strcmp(rtype, "exec") == 0) { |
2083 | success = session_exec_req(s); | 2079 | success = session_exec_req(ssh, s); |
2084 | } else if (strcmp(rtype, "pty-req") == 0) { | 2080 | } else if (strcmp(rtype, "pty-req") == 0) { |
2085 | success = session_pty_req(s); | 2081 | success = session_pty_req(ssh, s); |
2086 | } else if (strcmp(rtype, "x11-req") == 0) { | 2082 | } else if (strcmp(rtype, "x11-req") == 0) { |
2087 | success = session_x11_req(s); | 2083 | success = session_x11_req(ssh, s); |
2088 | } else if (strcmp(rtype, "auth-agent-req@openssh.com") == 0) { | 2084 | } else if (strcmp(rtype, "auth-agent-req@openssh.com") == 0) { |
2089 | success = session_auth_agent_req(s); | 2085 | success = session_auth_agent_req(ssh, s); |
2090 | } else if (strcmp(rtype, "subsystem") == 0) { | 2086 | } else if (strcmp(rtype, "subsystem") == 0) { |
2091 | success = session_subsystem_req(s); | 2087 | success = session_subsystem_req(ssh, s); |
2092 | } else if (strcmp(rtype, "env") == 0) { | 2088 | } else if (strcmp(rtype, "env") == 0) { |
2093 | success = session_env_req(s); | 2089 | success = session_env_req(ssh, s); |
2094 | } | 2090 | } |
2095 | } | 2091 | } |
2096 | if (strcmp(rtype, "window-change") == 0) { | 2092 | if (strcmp(rtype, "window-change") == 0) { |
2097 | success = session_window_change_req(s); | 2093 | success = session_window_change_req(ssh, s); |
2098 | } else if (strcmp(rtype, "break") == 0) { | 2094 | } else if (strcmp(rtype, "break") == 0) { |
2099 | success = session_break_req(s); | 2095 | success = session_break_req(ssh, s); |
2100 | } | 2096 | } |
2101 | 2097 | ||
2102 | return success; | 2098 | return success; |
2103 | } | 2099 | } |
2104 | 2100 | ||
2105 | void | 2101 | void |
2106 | session_set_fds(Session *s, int fdin, int fdout, int fderr, int ignore_fderr, | 2102 | session_set_fds(struct ssh *ssh, Session *s, |
2107 | int is_tty) | 2103 | int fdin, int fdout, int fderr, int ignore_fderr, int is_tty) |
2108 | { | 2104 | { |
2109 | /* | 2105 | /* |
2110 | * now that have a child and a pipe to the child, | 2106 | * now that have a child and a pipe to the child, |
@@ -2112,7 +2108,7 @@ session_set_fds(Session *s, int fdin, int fdout, int fderr, int ignore_fderr, | |||
2112 | */ | 2108 | */ |
2113 | if (s->chanid == -1) | 2109 | if (s->chanid == -1) |
2114 | fatal("no channel for session %d", s->self); | 2110 | fatal("no channel for session %d", s->self); |
2115 | channel_set_fds(s->chanid, | 2111 | channel_set_fds(ssh, s->chanid, |
2116 | fdout, fdin, fderr, | 2112 | fdout, fdin, fderr, |
2117 | ignore_fderr ? CHAN_EXTENDED_IGNORE : CHAN_EXTENDED_READ, | 2113 | ignore_fderr ? CHAN_EXTENDED_IGNORE : CHAN_EXTENDED_READ, |
2118 | 1, is_tty, CHAN_SES_WINDOW_DEFAULT); | 2114 | 1, is_tty, CHAN_SES_WINDOW_DEFAULT); |
@@ -2183,40 +2179,40 @@ sig2name(int sig) | |||
2183 | } | 2179 | } |
2184 | 2180 | ||
2185 | static void | 2181 | static void |
2186 | session_close_x11(int id) | 2182 | session_close_x11(struct ssh *ssh, int id) |
2187 | { | 2183 | { |
2188 | Channel *c; | 2184 | Channel *c; |
2189 | 2185 | ||
2190 | if ((c = channel_by_id(id)) == NULL) { | 2186 | if ((c = channel_by_id(ssh, id)) == NULL) { |
2191 | debug("session_close_x11: x11 channel %d missing", id); | 2187 | debug("%s: x11 channel %d missing", __func__, id); |
2192 | } else { | 2188 | } else { |
2193 | /* Detach X11 listener */ | 2189 | /* Detach X11 listener */ |
2194 | debug("session_close_x11: detach x11 channel %d", id); | 2190 | debug("%s: detach x11 channel %d", __func__, id); |
2195 | channel_cancel_cleanup(id); | 2191 | channel_cancel_cleanup(ssh, id); |
2196 | if (c->ostate != CHAN_OUTPUT_CLOSED) | 2192 | if (c->ostate != CHAN_OUTPUT_CLOSED) |
2197 | chan_mark_dead(c); | 2193 | chan_mark_dead(ssh, c); |
2198 | } | 2194 | } |
2199 | } | 2195 | } |
2200 | 2196 | ||
2201 | static void | 2197 | static void |
2202 | session_close_single_x11(int id, void *arg) | 2198 | session_close_single_x11(struct ssh *ssh, int id, void *arg) |
2203 | { | 2199 | { |
2204 | Session *s; | 2200 | Session *s; |
2205 | u_int i; | 2201 | u_int i; |
2206 | 2202 | ||
2207 | debug3("session_close_single_x11: channel %d", id); | 2203 | debug3("%s: channel %d", __func__, id); |
2208 | channel_cancel_cleanup(id); | 2204 | channel_cancel_cleanup(ssh, id); |
2209 | if ((s = session_by_x11_channel(id)) == NULL) | 2205 | if ((s = session_by_x11_channel(id)) == NULL) |
2210 | fatal("session_close_single_x11: no x11 channel %d", id); | 2206 | fatal("%s: no x11 channel %d", __func__, id); |
2211 | for (i = 0; s->x11_chanids[i] != -1; i++) { | 2207 | for (i = 0; s->x11_chanids[i] != -1; i++) { |
2212 | debug("session_close_single_x11: session %d: " | 2208 | debug("%s: session %d: closing channel %d", |
2213 | "closing channel %d", s->self, s->x11_chanids[i]); | 2209 | __func__, s->self, s->x11_chanids[i]); |
2214 | /* | 2210 | /* |
2215 | * The channel "id" is already closing, but make sure we | 2211 | * The channel "id" is already closing, but make sure we |
2216 | * close all of its siblings. | 2212 | * close all of its siblings. |
2217 | */ | 2213 | */ |
2218 | if (s->x11_chanids[i] != id) | 2214 | if (s->x11_chanids[i] != id) |
2219 | session_close_x11(s->x11_chanids[i]); | 2215 | session_close_x11(ssh, s->x11_chanids[i]); |
2220 | } | 2216 | } |
2221 | free(s->x11_chanids); | 2217 | free(s->x11_chanids); |
2222 | s->x11_chanids = NULL; | 2218 | s->x11_chanids = NULL; |
@@ -2231,22 +2227,22 @@ session_close_single_x11(int id, void *arg) | |||
2231 | } | 2227 | } |
2232 | 2228 | ||
2233 | static void | 2229 | static void |
2234 | session_exit_message(Session *s, int status) | 2230 | session_exit_message(struct ssh *ssh, Session *s, int status) |
2235 | { | 2231 | { |
2236 | Channel *c; | 2232 | Channel *c; |
2237 | 2233 | ||
2238 | if ((c = channel_lookup(s->chanid)) == NULL) | 2234 | if ((c = channel_lookup(ssh, s->chanid)) == NULL) |
2239 | fatal("session_exit_message: session %d: no channel %d", | 2235 | fatal("%s: session %d: no channel %d", |
2240 | s->self, s->chanid); | 2236 | __func__, s->self, s->chanid); |
2241 | debug("session_exit_message: session %d channel %d pid %ld", | 2237 | debug("%s: session %d channel %d pid %ld", |
2242 | s->self, s->chanid, (long)s->pid); | 2238 | __func__, s->self, s->chanid, (long)s->pid); |
2243 | 2239 | ||
2244 | if (WIFEXITED(status)) { | 2240 | if (WIFEXITED(status)) { |
2245 | channel_request_start(s->chanid, "exit-status", 0); | 2241 | channel_request_start(ssh, s->chanid, "exit-status", 0); |
2246 | packet_put_int(WEXITSTATUS(status)); | 2242 | packet_put_int(WEXITSTATUS(status)); |
2247 | packet_send(); | 2243 | packet_send(); |
2248 | } else if (WIFSIGNALED(status)) { | 2244 | } else if (WIFSIGNALED(status)) { |
2249 | channel_request_start(s->chanid, "exit-signal", 0); | 2245 | channel_request_start(ssh, s->chanid, "exit-signal", 0); |
2250 | packet_put_cstring(sig2name(WTERMSIG(status))); | 2246 | packet_put_cstring(sig2name(WTERMSIG(status))); |
2251 | #ifdef WCOREDUMP | 2247 | #ifdef WCOREDUMP |
2252 | packet_put_char(WCOREDUMP(status)? 1 : 0); | 2248 | packet_put_char(WCOREDUMP(status)? 1 : 0); |
@@ -2262,14 +2258,14 @@ session_exit_message(Session *s, int status) | |||
2262 | } | 2258 | } |
2263 | 2259 | ||
2264 | /* disconnect channel */ | 2260 | /* disconnect channel */ |
2265 | debug("session_exit_message: release channel %d", s->chanid); | 2261 | debug("%s: release channel %d", __func__, s->chanid); |
2266 | 2262 | ||
2267 | /* | 2263 | /* |
2268 | * Adjust cleanup callback attachment to send close messages when | 2264 | * Adjust cleanup callback attachment to send close messages when |
2269 | * the channel gets EOF. The session will be then be closed | 2265 | * the channel gets EOF. The session will be then be closed |
2270 | * by session_close_by_channel when the childs close their fds. | 2266 | * by session_close_by_channel when the childs close their fds. |
2271 | */ | 2267 | */ |
2272 | channel_register_cleanup(c->self, session_close_by_channel, 1); | 2268 | channel_register_cleanup(ssh, c->self, session_close_by_channel, 1); |
2273 | 2269 | ||
2274 | /* | 2270 | /* |
2275 | * emulate a write failure with 'chan_write_failed', nobody will be | 2271 | * emulate a write failure with 'chan_write_failed', nobody will be |
@@ -2278,13 +2274,12 @@ session_exit_message(Session *s, int status) | |||
2278 | * be some more data waiting in the pipe. | 2274 | * be some more data waiting in the pipe. |
2279 | */ | 2275 | */ |
2280 | if (c->ostate != CHAN_OUTPUT_CLOSED) | 2276 | if (c->ostate != CHAN_OUTPUT_CLOSED) |
2281 | chan_write_failed(c); | 2277 | chan_write_failed(ssh, c); |
2282 | } | 2278 | } |
2283 | 2279 | ||
2284 | void | 2280 | void |
2285 | session_close(Session *s) | 2281 | session_close(struct ssh *ssh, Session *s) |
2286 | { | 2282 | { |
2287 | struct ssh *ssh = active_state; /* XXX */ | ||
2288 | u_int i; | 2283 | u_int i; |
2289 | 2284 | ||
2290 | verbose("Close session: user %s from %.200s port %d id %d", | 2285 | verbose("Close session: user %s from %.200s port %d id %d", |
@@ -2314,16 +2309,15 @@ session_close(Session *s) | |||
2314 | } | 2309 | } |
2315 | 2310 | ||
2316 | void | 2311 | void |
2317 | session_close_by_pid(pid_t pid, int status) | 2312 | session_close_by_pid(struct ssh *ssh, pid_t pid, int status) |
2318 | { | 2313 | { |
2319 | Session *s = session_by_pid(pid); | 2314 | Session *s = session_by_pid(pid); |
2320 | if (s == NULL) { | 2315 | if (s == NULL) { |
2321 | debug("session_close_by_pid: no session for pid %ld", | 2316 | debug("%s: no session for pid %ld", __func__, (long)pid); |
2322 | (long)pid); | ||
2323 | return; | 2317 | return; |
2324 | } | 2318 | } |
2325 | if (s->chanid != -1) | 2319 | if (s->chanid != -1) |
2326 | session_exit_message(s, status); | 2320 | session_exit_message(ssh, s, status); |
2327 | if (s->ttyfd != -1) | 2321 | if (s->ttyfd != -1) |
2328 | session_pty_cleanup(s); | 2322 | session_pty_cleanup(s); |
2329 | s->pid = 0; | 2323 | s->pid = 0; |
@@ -2334,19 +2328,18 @@ session_close_by_pid(pid_t pid, int status) | |||
2334 | * the session 'child' itself dies | 2328 | * the session 'child' itself dies |
2335 | */ | 2329 | */ |
2336 | void | 2330 | void |
2337 | session_close_by_channel(int id, void *arg) | 2331 | session_close_by_channel(struct ssh *ssh, int id, void *arg) |
2338 | { | 2332 | { |
2339 | Session *s = session_by_channel(id); | 2333 | Session *s = session_by_channel(id); |
2340 | u_int i; | 2334 | u_int i; |
2341 | 2335 | ||
2342 | if (s == NULL) { | 2336 | if (s == NULL) { |
2343 | debug("session_close_by_channel: no session for id %d", id); | 2337 | debug("%s: no session for id %d", __func__, id); |
2344 | return; | 2338 | return; |
2345 | } | 2339 | } |
2346 | debug("session_close_by_channel: channel %d child %ld", | 2340 | debug("%s: channel %d child %ld", __func__, id, (long)s->pid); |
2347 | id, (long)s->pid); | ||
2348 | if (s->pid != 0) { | 2341 | if (s->pid != 0) { |
2349 | debug("session_close_by_channel: channel %d: has child", id); | 2342 | debug("%s: channel %d: has child", __func__, id); |
2350 | /* | 2343 | /* |
2351 | * delay detach of session, but release pty, since | 2344 | * delay detach of session, but release pty, since |
2352 | * the fd's to the child are already closed | 2345 | * the fd's to the child are already closed |
@@ -2356,22 +2349,22 @@ session_close_by_channel(int id, void *arg) | |||
2356 | return; | 2349 | return; |
2357 | } | 2350 | } |
2358 | /* detach by removing callback */ | 2351 | /* detach by removing callback */ |
2359 | channel_cancel_cleanup(s->chanid); | 2352 | channel_cancel_cleanup(ssh, s->chanid); |
2360 | 2353 | ||
2361 | /* Close any X11 listeners associated with this session */ | 2354 | /* Close any X11 listeners associated with this session */ |
2362 | if (s->x11_chanids != NULL) { | 2355 | if (s->x11_chanids != NULL) { |
2363 | for (i = 0; s->x11_chanids[i] != -1; i++) { | 2356 | for (i = 0; s->x11_chanids[i] != -1; i++) { |
2364 | session_close_x11(s->x11_chanids[i]); | 2357 | session_close_x11(ssh, s->x11_chanids[i]); |
2365 | s->x11_chanids[i] = -1; | 2358 | s->x11_chanids[i] = -1; |
2366 | } | 2359 | } |
2367 | } | 2360 | } |
2368 | 2361 | ||
2369 | s->chanid = -1; | 2362 | s->chanid = -1; |
2370 | session_close(s); | 2363 | session_close(ssh, s); |
2371 | } | 2364 | } |
2372 | 2365 | ||
2373 | void | 2366 | void |
2374 | session_destroy_all(void (*closefunc)(Session *)) | 2367 | session_destroy_all(struct ssh *ssh, void (*closefunc)(Session *)) |
2375 | { | 2368 | { |
2376 | int i; | 2369 | int i; |
2377 | for (i = 0; i < sessions_nalloc; i++) { | 2370 | for (i = 0; i < sessions_nalloc; i++) { |
@@ -2380,7 +2373,7 @@ session_destroy_all(void (*closefunc)(Session *)) | |||
2380 | if (closefunc != NULL) | 2373 | if (closefunc != NULL) |
2381 | closefunc(s); | 2374 | closefunc(s); |
2382 | else | 2375 | else |
2383 | session_close(s); | 2376 | session_close(ssh, s); |
2384 | } | 2377 | } |
2385 | } | 2378 | } |
2386 | } | 2379 | } |
@@ -2423,7 +2416,7 @@ session_proctitle(Session *s) | |||
2423 | } | 2416 | } |
2424 | 2417 | ||
2425 | int | 2418 | int |
2426 | session_setup_x11fwd(Session *s) | 2419 | session_setup_x11fwd(struct ssh *ssh, Session *s) |
2427 | { | 2420 | { |
2428 | struct stat st; | 2421 | struct stat st; |
2429 | char display[512], auth_display[512]; | 2422 | char display[512], auth_display[512]; |
@@ -2447,14 +2440,14 @@ session_setup_x11fwd(Session *s) | |||
2447 | debug("X11 display already set."); | 2440 | debug("X11 display already set."); |
2448 | return 0; | 2441 | return 0; |
2449 | } | 2442 | } |
2450 | if (x11_create_display_inet(options.x11_display_offset, | 2443 | if (x11_create_display_inet(ssh, options.x11_display_offset, |
2451 | options.x11_use_localhost, s->single_connection, | 2444 | options.x11_use_localhost, s->single_connection, |
2452 | &s->display_number, &s->x11_chanids) == -1) { | 2445 | &s->display_number, &s->x11_chanids) == -1) { |
2453 | debug("x11_create_display_inet failed."); | 2446 | debug("x11_create_display_inet failed."); |
2454 | return 0; | 2447 | return 0; |
2455 | } | 2448 | } |
2456 | for (i = 0; s->x11_chanids[i] != -1; i++) { | 2449 | for (i = 0; s->x11_chanids[i] != -1; i++) { |
2457 | channel_register_cleanup(s->x11_chanids[i], | 2450 | channel_register_cleanup(ssh, s->x11_chanids[i], |
2458 | session_close_single_x11, 0); | 2451 | session_close_single_x11, 0); |
2459 | } | 2452 | } |
2460 | 2453 | ||
@@ -2499,13 +2492,13 @@ session_setup_x11fwd(Session *s) | |||
2499 | } | 2492 | } |
2500 | 2493 | ||
2501 | static void | 2494 | static void |
2502 | do_authenticated2(Authctxt *authctxt) | 2495 | do_authenticated2(struct ssh *ssh, Authctxt *authctxt) |
2503 | { | 2496 | { |
2504 | server_loop2(authctxt); | 2497 | server_loop2(ssh, authctxt); |
2505 | } | 2498 | } |
2506 | 2499 | ||
2507 | void | 2500 | void |
2508 | do_cleanup(Authctxt *authctxt) | 2501 | do_cleanup(struct ssh *ssh, Authctxt *authctxt) |
2509 | { | 2502 | { |
2510 | static int called = 0; | 2503 | static int called = 0; |
2511 | 2504 | ||
@@ -2561,7 +2554,7 @@ do_cleanup(Authctxt *authctxt) | |||
2561 | * or if running in monitor. | 2554 | * or if running in monitor. |
2562 | */ | 2555 | */ |
2563 | if (!use_privsep || mm_is_monitor()) | 2556 | if (!use_privsep || mm_is_monitor()) |
2564 | session_destroy_all(session_pty_cleanup2); | 2557 | session_destroy_all(ssh, session_pty_cleanup2); |
2565 | } | 2558 | } |
2566 | 2559 | ||
2567 | /* Return a name for the remote host that fits inside utmp_size */ | 2560 | /* Return a name for the remote host that fits inside utmp_size */ |