- markus@cvs.openbsd.org 2001/06/04 23:16:16

[session.c] merge ssh1/2 x11-fwd setup, create listener after tmp-dir
author: Ben Lindstrom <mouring@eviladmin.org> 2001-06-09 01:29:12 +0000
committer: Ben Lindstrom <mouring@eviladmin.org> 2001-06-09 01:29:12 +0000
commit: 768176b24038a28b8e2e7709b153f6633348efc9 (patch)
tree: 3240ba26b4b6a58a15f3a13cd3c3deef58451b0e /session.c
parent: ec46e0b5fd2299f7f1449240894fa36d1745587e (diff)
1 files changed, 64 insertions, 95 deletions
diff --git a/session.c b/session.c
index c65c7e663..cedd8ad6f 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.80 2001/06/04 21:59:43 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.81 2001/06/04 23:16:16 markus Exp $");
 #include "ssh.h"
 #include "ssh1.h"
@@ -123,6 +123,7 @@ Session *session_new(void);
 void    session_set_fds(Session *s, int fdin, int fdout, int fderr);
 void    session_pty_cleanup(Session *s);
 void    session_proctitle(Session *s);
+int     session_setup_x11fwd(Session *s);
 void    do_exec_pty(Session *s, const char *command);
 void    do_exec_no_pty(Session *s, const char *command);
 void    do_login(Session *s, const char *command);
@@ -261,10 +262,9 @@ do_authenticated1(Authctxt *authctxt)
 {
        Session *s;
        char *command;
-        int success, type, fd, n_bytes, plen, screen_flag, have_pty = 0;
+        int success, type, n_bytes, plen, screen_flag, have_pty = 0;
        int compression_level = 0, enable_compression_after_reply = 0;
        u_int proto_len, data_len, dlen;
-        struct stat st;
        s = session_new();
        s->pw = authctxt->pw;
@@ -343,23 +343,6 @@ do_authenticated1(Authctxt *authctxt)
                        break;
                case SSH_CMSG_X11_REQUEST_FORWARDING:
-                        if (!options.x11_forwarding) {
-                                packet_send_debug("X11 forwarding disabled in server configuration file.");
-                                break;
-                        }
-                        if (!options.xauth_location ||
-                            (stat(options.xauth_location, &st) == -1)) {
-                                packet_send_debug("No xauth program; cannot forward with spoofing.");
-                                break;
-                        }
-                        if (no_x11_forwarding_flag) {
-                                packet_send_debug("X11 forwarding not permitted for this authentication.");
-                                break;
-                        }
-                        debug("Received request for X11 forwarding with auth spoofing.");
-                        if (s->display != NULL)
-                                packet_disconnect("Protocol error: X11 display already set.");
                        s->auth_proto = packet_get_string(&proto_len);
                        s->auth_data = packet_get_string(&data_len);
@@ -371,39 +354,16 @@ do_authenticated1(Authctxt *authctxt)
                                if (!screen_flag)
                                        debug2("Buggy client: "
                                            "X11 screen flag missing");
-                                packet_integrity_check(plen,
-                                    4 + proto_len + 4 + data_len + 4, type);
                                s->screen = packet_get_int();
                        } else {
-                                packet_integrity_check(plen,
-                                    4 + proto_len + 4 + data_len, type);
                                s->screen = 0;
                        }
-                        s->display = x11_create_display_inet(s->screen, options.x11_display_offset);
+                        packet_done();
+                        success = session_setup_x11fwd(s);
-                        if (s->display == NULL)
+                        if (!success) {
-                                break;
+                                xfree(s->auth_proto);
+                                xfree(s->auth_data);
-                        /* Setup to always have a local .Xauthority. */
-                        xauthfile = xmalloc(MAXPATHLEN);
-                        strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
-                        temporarily_use_uid(s->pw);
-                        if (mkdtemp(xauthfile) == NULL) {
-                                restore_uid();
-                                error("private X11 dir: mkdtemp %s failed: %s",
-                                    xauthfile, strerror(errno));
-                                xfree(xauthfile);
-                                xauthfile = NULL;
-                                /* XXXX remove listening channels */
-                                break;
                        }
-                        strlcat(xauthfile, "/cookies", MAXPATHLEN);
-                        fd = open(xauthfile, O_RDWR|O_CREAT|O_EXCL, 0600);
-                        if (fd >= 0)
-                                close(fd);
-                        restore_uid();
-                        fatal_add_cleanup(xauthfile_cleanup_proc, s->pw);
-                        success = 1;
                        break;
                case SSH_CMSG_AGENT_REQUEST_FORWARDING:
@@ -1759,29 +1719,7 @@ session_subsystem_req(Session *s)
 int
 session_x11_req(Session *s)
 {
-        int fd;
+        int success;
-        struct stat st;
-        if (no_x11_forwarding_flag) {
-                debug("X11 forwarding disabled in user configuration file.");
-                return 0;
-        }
-        if (!options.x11_forwarding) {
-                debug("X11 forwarding disabled in server configuration file.");
-                return 0;
-        }
-        if (!options.xauth_location ||
-            (stat(options.xauth_location, &st) == -1)) {
-                packet_send_debug("No xauth program; cannot forward with spoofing.");
-                return 0;
-        }
-        if (xauthfile != NULL) {
-                debug("X11 fwd already started.");
-                return 0;
-        }
-        debug("Received request for X11 forwarding with auth spoofing.");
-        if (s->display != NULL)
-                packet_disconnect("Protocol error: X11 display already set.");
        s->single_connection = packet_get_char();
        s->auth_proto = packet_get_string(NULL);
@@ -1789,33 +1727,12 @@ session_x11_req(Session *s)
        s->screen = packet_get_int();
        packet_done();
-        s->display = x11_create_display_inet(s->screen, options.x11_display_offset);
+        success = session_setup_x11fwd(s);
-        if (s->display == NULL) {
+        if (!success) {
                xfree(s->auth_proto);
                xfree(s->auth_data);
-                return 0;
        }
-        xauthfile = xmalloc(MAXPATHLEN);
+        return success;
-        strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
-        temporarily_use_uid(s->pw);
-        if (mkdtemp(xauthfile) == NULL) {
-                restore_uid();
-                error("private X11 dir: mkdtemp %s failed: %s",
-                    xauthfile, strerror(errno));
-                xfree(xauthfile);
-                xauthfile = NULL;
-                xfree(s->auth_proto);
-                xfree(s->auth_data);
-                /* XXXX remove listening channels */
-                return 0;
-        }
-        strlcat(xauthfile, "/cookies", MAXPATHLEN);
-        fd = open(xauthfile, O_RDWR|O_CREAT|O_EXCL, 0600);
-        if (fd >= 0)
-                close(fd);
-        restore_uid();
-        fatal_add_cleanup(xauthfile_cleanup_proc, s->pw);
-        return 1;
 }
 int
@@ -2033,6 +1950,10 @@ session_free(Session *s)
 void
 session_close(Session *s)
 {
+        if (s->display) {
+                xauthfile_cleanup_proc(s->pw);
+                fatal_remove_cleanup(xauthfile_cleanup_proc, s->pw);
+        }
        session_pty_cleanup(s);
        session_free(s);
        session_proctitle(s);
@@ -2107,6 +2028,54 @@ session_proctitle(Session *s)
                setproctitle("%s@%s", s->pw->pw_name, session_tty_list());
 }
+int
+session_setup_x11fwd(Session *s)
+{
+        int fd;
+        struct stat st;
+        if (no_x11_forwarding_flag) {
+                packet_send_debug("X11 forwarding disabled in user configuration file.");
+                return 0;
+        }
+        if (!options.x11_forwarding) {
+                debug("X11 forwarding disabled in server configuration file.");
+                return 0;
+        }
+        if (!options.xauth_location ||
+            (stat(options.xauth_location, &st) == -1)) {
+                packet_send_debug("No xauth program; cannot forward with spoofing.");
+                return 0;
+        }
+        if (s->display != NULL) {
+                debug("X11 display already set.");
+                return 0;
+        }
+        xauthfile = xmalloc(MAXPATHLEN);
+        strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
+        temporarily_use_uid(s->pw);
+        if (mkdtemp(xauthfile) == NULL) {
+                restore_uid();
+                error("private X11 dir: mkdtemp %s failed: %s",
+                    xauthfile, strerror(errno));
+                xfree(xauthfile);
+                xauthfile = NULL;
+                return 0;
+        }
+        strlcat(xauthfile, "/cookies", MAXPATHLEN);
+        fd = open(xauthfile, O_RDWR|O_CREAT|O_EXCL, 0600);
+        if (fd >= 0)
+                close(fd);
+        restore_uid();
+        s->display = x11_create_display_inet(s->screen, options.x11_display_offset);
+        if (s->display == NULL) {
+                xauthfile_cleanup_proc(s->pw);
+                return 0;
+        }
+        fatal_add_cleanup(xauthfile_cleanup_proc, s->pw);
+        return 1;
+}
 void
 do_authenticated2(Authctxt *authctxt)
 {
author	Ben Lindstrom <mouring@eviladmin.org>	2001-06-09 01:29:12 +0000
committer	Ben Lindstrom <mouring@eviladmin.org>	2001-06-09 01:29:12 +0000
commit	768176b24038a28b8e2e7709b153f6633348efc9 (patch)
tree	3240ba26b4b6a58a15f3a13cd3c3deef58451b0e /session.c
parent	ec46e0b5fd2299f7f1449240894fa36d1745587e (diff)

diff --git a/session.c b/session.c index c65c7e663..cedd8ad6f 100644 --- a/session.c +++ b/session.c
@@ -33,7 +33,7 @@
33	*/	33	*/
34		34
35	#include "includes.h"	35	#include "includes.h"
36	RCSID("$OpenBSD: session.c,v 1.80 2001/06/04 21:59:43 markus Exp $");	36	RCSID("$OpenBSD: session.c,v 1.81 2001/06/04 23:16:16 markus Exp $");
37		37
38	#include "ssh.h"	38	#include "ssh.h"
39	#include "ssh1.h"	39	#include "ssh1.h"
@@ -123,6 +123,7 @@ Session *session_new(void);
123	void session_set_fds(Session *s, int fdin, int fdout, int fderr);	123	void session_set_fds(Session *s, int fdin, int fdout, int fderr);
124	void session_pty_cleanup(Session *s);	124	void session_pty_cleanup(Session *s);
125	void session_proctitle(Session *s);	125	void session_proctitle(Session *s);
		126	int session_setup_x11fwd(Session *s);
126	void do_exec_pty(Session s, const char command);	127	void do_exec_pty(Session s, const char command);
127	void do_exec_no_pty(Session s, const char command);	128	void do_exec_no_pty(Session s, const char command);
128	void do_login(Session s, const char command);	129	void do_login(Session s, const char command);
@@ -261,10 +262,9 @@ do_authenticated1(Authctxt *authctxt)
261	{	262	{
262	Session *s;	263	Session *s;
263	char *command;	264	char *command;
264	int success, type, fd, n_bytes, plen, screen_flag, have_pty = 0;	265	int success, type, n_bytes, plen, screen_flag, have_pty = 0;
265	int compression_level = 0, enable_compression_after_reply = 0;	266	int compression_level = 0, enable_compression_after_reply = 0;
266	u_int proto_len, data_len, dlen;	267	u_int proto_len, data_len, dlen;
267	struct stat st;
268		268
269	s = session_new();	269	s = session_new();
270	s->pw = authctxt->pw;	270	s->pw = authctxt->pw;
@@ -343,23 +343,6 @@ do_authenticated1(Authctxt *authctxt)
343	break;	343	break;
344		344
345	case SSH_CMSG_X11_REQUEST_FORWARDING:	345	case SSH_CMSG_X11_REQUEST_FORWARDING:
346	if (!options.x11_forwarding) {
347	packet_send_debug("X11 forwarding disabled in server configuration file.");
348	break;
349	}
350	if (!options.xauth_location \|\|
351	(stat(options.xauth_location, &st) == -1)) {
352	packet_send_debug("No xauth program; cannot forward with spoofing.");
353	break;
354	}
355	if (no_x11_forwarding_flag) {
356	packet_send_debug("X11 forwarding not permitted for this authentication.");
357	break;
358	}
359	debug("Received request for X11 forwarding with auth spoofing.");
360	if (s->display != NULL)
361	packet_disconnect("Protocol error: X11 display already set.");
362
363	s->auth_proto = packet_get_string(&proto_len);	346	s->auth_proto = packet_get_string(&proto_len);
364	s->auth_data = packet_get_string(&data_len);	347	s->auth_data = packet_get_string(&data_len);
365		348
@@ -371,39 +354,16 @@ do_authenticated1(Authctxt *authctxt)
371	if (!screen_flag)	354	if (!screen_flag)
372	debug2("Buggy client: "	355	debug2("Buggy client: "
373	"X11 screen flag missing");	356	"X11 screen flag missing");
374	packet_integrity_check(plen,
375	4 + proto_len + 4 + data_len + 4, type);
376	s->screen = packet_get_int();	357	s->screen = packet_get_int();
377	} else {	358	} else {
378	packet_integrity_check(plen,
379	4 + proto_len + 4 + data_len, type);
380	s->screen = 0;	359	s->screen = 0;
381	}	360	}
382	s->display = x11_create_display_inet(s->screen, options.x11_display_offset);	361	packet_done();
383		362	success = session_setup_x11fwd(s);
384	if (s->display == NULL)	363	if (!success) {
385	break;	364	xfree(s->auth_proto);
386		365	xfree(s->auth_data);
387	/* Setup to always have a local .Xauthority. */
388	xauthfile = xmalloc(MAXPATHLEN);
389	strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
390	temporarily_use_uid(s->pw);
391	if (mkdtemp(xauthfile) == NULL) {
392	restore_uid();
393	error("private X11 dir: mkdtemp %s failed: %s",
394	xauthfile, strerror(errno));
395	xfree(xauthfile);
396	xauthfile = NULL;
397	/* XXXX remove listening channels */
398	break;
399	}	366	}
400	strlcat(xauthfile, "/cookies", MAXPATHLEN);
401	fd = open(xauthfile, O_RDWR\|O_CREAT\|O_EXCL, 0600);
402	if (fd >= 0)
403	close(fd);
404	restore_uid();
405	fatal_add_cleanup(xauthfile_cleanup_proc, s->pw);
406	success = 1;
407	break;	367	break;
408		368
409	case SSH_CMSG_AGENT_REQUEST_FORWARDING:	369	case SSH_CMSG_AGENT_REQUEST_FORWARDING:
@@ -1759,29 +1719,7 @@ session_subsystem_req(Session *s)
1759	int	1719	int
1760	session_x11_req(Session *s)	1720	session_x11_req(Session *s)
1761	{	1721	{
1762	int fd;	1722	int success;
1763	struct stat st;
1764	if (no_x11_forwarding_flag) {
1765	debug("X11 forwarding disabled in user configuration file.");
1766	return 0;
1767	}
1768	if (!options.x11_forwarding) {
1769	debug("X11 forwarding disabled in server configuration file.");
1770	return 0;
1771	}
1772	if (!options.xauth_location \|\|
1773	(stat(options.xauth_location, &st) == -1)) {
1774	packet_send_debug("No xauth program; cannot forward with spoofing.");
1775	return 0;
1776	}
1777	if (xauthfile != NULL) {
1778	debug("X11 fwd already started.");
1779	return 0;
1780	}
1781
1782	debug("Received request for X11 forwarding with auth spoofing.");
1783	if (s->display != NULL)
1784	packet_disconnect("Protocol error: X11 display already set.");
1785		1723
1786	s->single_connection = packet_get_char();	1724	s->single_connection = packet_get_char();
1787	s->auth_proto = packet_get_string(NULL);	1725	s->auth_proto = packet_get_string(NULL);
@@ -1789,33 +1727,12 @@ session_x11_req(Session *s)
1789	s->screen = packet_get_int();	1727	s->screen = packet_get_int();
1790	packet_done();	1728	packet_done();
1791		1729
1792	s->display = x11_create_display_inet(s->screen, options.x11_display_offset);	1730	success = session_setup_x11fwd(s);
1793	if (s->display == NULL) {	1731	if (!success) {
1794	xfree(s->auth_proto);	1732	xfree(s->auth_proto);
1795	xfree(s->auth_data);	1733	xfree(s->auth_data);
1796	return 0;
1797	}	1734	}
1798	xauthfile = xmalloc(MAXPATHLEN);	1735	return success;
1799	strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
1800	temporarily_use_uid(s->pw);
1801	if (mkdtemp(xauthfile) == NULL) {
1802	restore_uid();
1803	error("private X11 dir: mkdtemp %s failed: %s",
1804	xauthfile, strerror(errno));
1805	xfree(xauthfile);
1806	xauthfile = NULL;
1807	xfree(s->auth_proto);
1808	xfree(s->auth_data);
1809	/* XXXX remove listening channels */
1810	return 0;
1811	}
1812	strlcat(xauthfile, "/cookies", MAXPATHLEN);
1813	fd = open(xauthfile, O_RDWR\|O_CREAT\|O_EXCL, 0600);
1814	if (fd >= 0)
1815	close(fd);
1816	restore_uid();
1817	fatal_add_cleanup(xauthfile_cleanup_proc, s->pw);
1818	return 1;
1819	}	1736	}
1820		1737
1821	int	1738	int
@@ -2033,6 +1950,10 @@ session_free(Session *s)
2033	void	1950	void
2034	session_close(Session *s)	1951	session_close(Session *s)
2035	{	1952	{
		1953	if (s->display) {
		1954	xauthfile_cleanup_proc(s->pw);
		1955	fatal_remove_cleanup(xauthfile_cleanup_proc, s->pw);
		1956	}
2036	session_pty_cleanup(s);	1957	session_pty_cleanup(s);
2037	session_free(s);	1958	session_free(s);
2038	session_proctitle(s);	1959	session_proctitle(s);
@@ -2107,6 +2028,54 @@ session_proctitle(Session *s)
2107	setproctitle("%s@%s", s->pw->pw_name, session_tty_list());	2028	setproctitle("%s@%s", s->pw->pw_name, session_tty_list());
2108	}	2029	}
2109		2030
		2031	int
		2032	session_setup_x11fwd(Session *s)
		2033	{
		2034	int fd;
		2035	struct stat st;
		2036
		2037	if (no_x11_forwarding_flag) {
		2038	packet_send_debug("X11 forwarding disabled in user configuration file.");
		2039	return 0;
		2040	}
		2041	if (!options.x11_forwarding) {
		2042	debug("X11 forwarding disabled in server configuration file.");
		2043	return 0;
		2044	}
		2045	if (!options.xauth_location \|\|
		2046	(stat(options.xauth_location, &st) == -1)) {
		2047	packet_send_debug("No xauth program; cannot forward with spoofing.");
		2048	return 0;
		2049	}
		2050	if (s->display != NULL) {
		2051	debug("X11 display already set.");
		2052	return 0;
		2053	}
		2054	xauthfile = xmalloc(MAXPATHLEN);
		2055	strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
		2056	temporarily_use_uid(s->pw);
		2057	if (mkdtemp(xauthfile) == NULL) {
		2058	restore_uid();
		2059	error("private X11 dir: mkdtemp %s failed: %s",
		2060	xauthfile, strerror(errno));
		2061	xfree(xauthfile);
		2062	xauthfile = NULL;
		2063	return 0;
		2064	}
		2065	strlcat(xauthfile, "/cookies", MAXPATHLEN);
		2066	fd = open(xauthfile, O_RDWR\|O_CREAT\|O_EXCL, 0600);
		2067	if (fd >= 0)
		2068	close(fd);
		2069	restore_uid();
		2070	s->display = x11_create_display_inet(s->screen, options.x11_display_offset);
		2071	if (s->display == NULL) {
		2072	xauthfile_cleanup_proc(s->pw);
		2073	return 0;
		2074	}
		2075	fatal_add_cleanup(xauthfile_cleanup_proc, s->pw);
		2076	return 1;
		2077	}
		2078
2110	void	2079	void
2111	do_authenticated2(Authctxt *authctxt)	2080	do_authenticated2(Authctxt *authctxt)
2112	{	2081	{