diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-02-10 11:10:57 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-02-10 22:24:24 +1100 |
commit | 318e4f8548a4f5c0c913f61e27d4fc21ffb1eaae (patch) | |
tree | 4f2324c361506ae212dfdac61d6a798beb442a35 /session.c | |
parent | 2ff2e19653b8c0798b8b8eff209651bdb1be2761 (diff) |
upstream: syslog when connection is dropped for attempting to run a
command when ForceCommand=internal-sftp is in effect; bz2960; ok dtucker@
OpenBSD-Commit-ID: 8c87fa66d7fc6c0fffa3a3c28e8ab5e8dde234b8
Diffstat (limited to 'session.c')
-rw-r--r-- | session.c | 9 |
1 files changed, 6 insertions, 3 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: session.c,v 1.313 2019/02/05 11:35:56 dtucker Exp $ */ | 1 | /* $OpenBSD: session.c,v 1.314 2019/02/10 11:10:57 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
4 | * All rights reserved | 4 | * All rights reserved |
@@ -1510,12 +1510,13 @@ void | |||
1510 | do_child(struct ssh *ssh, Session *s, const char *command) | 1510 | do_child(struct ssh *ssh, Session *s, const char *command) |
1511 | { | 1511 | { |
1512 | extern char **environ; | 1512 | extern char **environ; |
1513 | char **env; | 1513 | char **env, *argv[ARGV_MAX], remote_id[512]; |
1514 | char *argv[ARGV_MAX]; | ||
1515 | const char *shell, *shell0; | 1514 | const char *shell, *shell0; |
1516 | struct passwd *pw = s->pw; | 1515 | struct passwd *pw = s->pw; |
1517 | int r = 0; | 1516 | int r = 0; |
1518 | 1517 | ||
1518 | sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id)); | ||
1519 | |||
1519 | /* remove hostkey from the child's memory */ | 1520 | /* remove hostkey from the child's memory */ |
1520 | destroy_sensitive_data(); | 1521 | destroy_sensitive_data(); |
1521 | ssh_packet_clear_keys(ssh); | 1522 | ssh_packet_clear_keys(ssh); |
@@ -1638,6 +1639,8 @@ do_child(struct ssh *ssh, Session *s, const char *command) | |||
1638 | signal(SIGPIPE, SIG_DFL); | 1639 | signal(SIGPIPE, SIG_DFL); |
1639 | 1640 | ||
1640 | if (s->is_subsystem == SUBSYSTEM_INT_SFTP_ERROR) { | 1641 | if (s->is_subsystem == SUBSYSTEM_INT_SFTP_ERROR) { |
1642 | error("Connection from %s: refusing non-sftp session", | ||
1643 | remote_id); | ||
1641 | printf("This service allows sftp connections only.\n"); | 1644 | printf("This service allows sftp connections only.\n"); |
1642 | fflush(NULL); | 1645 | fflush(NULL); |
1643 | exit(1); | 1646 | exit(1); |