summaryrefslogtreecommitdiff
path: root/session.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2003-09-01 18:42:19 +0000
committerColin Watson <cjwatson@debian.org>2003-09-01 18:42:19 +0000
commit8d6b7f4c46de3feb66f704ab483e51ea1a3bb0e1 (patch)
tree41fe3dd71501bbec5b0393f1536c925eaee180e9 /session.c
parentf045c69060bfdd5cf8759a5f29d7008d02e4de5b (diff)
parent58bfa257481a1c6938ada9bbd38801cc45633fb0 (diff)
Debian release 3.6p1-1.
Diffstat (limited to 'session.c')
-rw-r--r--session.c61
1 files changed, 45 insertions, 16 deletions
diff --git a/session.c b/session.c
index 9074525a4..c75fea966 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
33 */ 33 */
34 34
35#include "includes.h" 35#include "includes.h"
36RCSID("$OpenBSD: session.c,v 1.150 2002/09/16 19:55:33 stevesk Exp $"); 36RCSID("$OpenBSD: session.c,v 1.154 2003/03/05 22:33:43 markus Exp $");
37 37
38#include "ssh.h" 38#include "ssh.h"
39#include "ssh1.h" 39#include "ssh1.h"
@@ -201,6 +201,8 @@ auth_input_request_forwarding(struct passwd * pw)
201void 201void
202do_authenticated(Authctxt *authctxt) 202do_authenticated(Authctxt *authctxt)
203{ 203{
204 setproctitle("%s", authctxt->pw->pw_name);
205
204 /* 206 /*
205 * Cancel the alarm we set to limit the time taken for 207 * Cancel the alarm we set to limit the time taken for
206 * authentication. 208 * authentication.
@@ -689,7 +691,7 @@ do_pre_login(Session *s)
689 691
690 record_utmp_only(pid, s->tty, s->pw->pw_name, 692 record_utmp_only(pid, s->tty, s->pw->pw_name,
691 get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping), 693 get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping),
692 (struct sockaddr *)&from); 694 (struct sockaddr *)&from, fromlen);
693} 695}
694#endif 696#endif
695 697
@@ -730,8 +732,8 @@ do_login(Session *s, const char *command)
730 * the address be 0.0.0.0. 732 * the address be 0.0.0.0.
731 */ 733 */
732 memset(&from, 0, sizeof(from)); 734 memset(&from, 0, sizeof(from));
735 fromlen = sizeof(from);
733 if (packet_connection_is_on_socket()) { 736 if (packet_connection_is_on_socket()) {
734 fromlen = sizeof(from);
735 if (getpeername(packet_get_connection_in(), 737 if (getpeername(packet_get_connection_in(),
736 (struct sockaddr *) & from, &fromlen) < 0) { 738 (struct sockaddr *) & from, &fromlen) < 0) {
737 debug("getpeername: %.100s", strerror(errno)); 739 debug("getpeername: %.100s", strerror(errno));
@@ -949,7 +951,7 @@ do_setup_env(Session *s, const char *shell)
949{ 951{
950 char buf[256]; 952 char buf[256];
951 u_int i, envsize; 953 u_int i, envsize;
952 char **env; 954 char **env, *laddr;
953 struct passwd *pw = s->pw; 955 struct passwd *pw = s->pw;
954 956
955 /* Initialize the environment. */ 957 /* Initialize the environment. */
@@ -969,6 +971,9 @@ do_setup_env(Session *s, const char *shell)
969 /* Set basic environment. */ 971 /* Set basic environment. */
970 child_set_env(&env, &envsize, "USER", pw->pw_name); 972 child_set_env(&env, &envsize, "USER", pw->pw_name);
971 child_set_env(&env, &envsize, "LOGNAME", pw->pw_name); 973 child_set_env(&env, &envsize, "LOGNAME", pw->pw_name);
974#ifdef _AIX
975 child_set_env(&env, &envsize, "LOGIN", pw->pw_name);
976#endif
972 child_set_env(&env, &envsize, "HOME", pw->pw_dir); 977 child_set_env(&env, &envsize, "HOME", pw->pw_dir);
973#ifdef HAVE_LOGIN_CAP 978#ifdef HAVE_LOGIN_CAP
974 if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH) < 0) 979 if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH) < 0)
@@ -1025,9 +1030,10 @@ do_setup_env(Session *s, const char *shell)
1025 get_remote_ipaddr(), get_remote_port(), get_local_port()); 1030 get_remote_ipaddr(), get_remote_port(), get_local_port());
1026 child_set_env(&env, &envsize, "SSH_CLIENT", buf); 1031 child_set_env(&env, &envsize, "SSH_CLIENT", buf);
1027 1032
1033 laddr = get_local_ipaddr(packet_get_connection_in());
1028 snprintf(buf, sizeof buf, "%.50s %d %.50s %d", 1034 snprintf(buf, sizeof buf, "%.50s %d %.50s %d",
1029 get_remote_ipaddr(), get_remote_port(), 1035 get_remote_ipaddr(), get_remote_port(), laddr, get_local_port());
1030 get_local_ipaddr(packet_get_connection_in()), get_local_port()); 1036 xfree(laddr);
1031 child_set_env(&env, &envsize, "SSH_CONNECTION", buf); 1037 child_set_env(&env, &envsize, "SSH_CONNECTION", buf);
1032 1038
1033 if (s->ttyfd != -1) 1039 if (s->ttyfd != -1)
@@ -1146,8 +1152,10 @@ do_rc_files(Session *s, const char *shell)
1146 /* Add authority data to .Xauthority if appropriate. */ 1152 /* Add authority data to .Xauthority if appropriate. */
1147 if (debug_flag) { 1153 if (debug_flag) {
1148 fprintf(stderr, 1154 fprintf(stderr,
1149 "Running %.500s add " 1155 "Running %.500s remove %.100s\n",
1150 "%.100s %.100s %.100s\n", 1156 options.xauth_location, s->auth_display);
1157 fprintf(stderr,
1158 "%.500s add %.100s %.100s %.100s\n",
1151 options.xauth_location, s->auth_display, 1159 options.xauth_location, s->auth_display,
1152 s->auth_proto, s->auth_data); 1160 s->auth_proto, s->auth_data);
1153 } 1161 }
@@ -1155,6 +1163,8 @@ do_rc_files(Session *s, const char *shell)
1155 options.xauth_location); 1163 options.xauth_location);
1156 f = popen(cmd, "w"); 1164 f = popen(cmd, "w");
1157 if (f) { 1165 if (f) {
1166 fprintf(f, "remove %s\n",
1167 s->auth_display);
1158 fprintf(f, "add %s %s %s\n", 1168 fprintf(f, "add %s %s %s\n",
1159 s->auth_display, s->auth_proto, 1169 s->auth_display, s->auth_proto,
1160 s->auth_data); 1170 s->auth_data);
@@ -1187,6 +1197,7 @@ do_nologin(struct passwd *pw)
1187 while (fgets(buf, sizeof(buf), f)) 1197 while (fgets(buf, sizeof(buf), f))
1188 fputs(buf, stderr); 1198 fputs(buf, stderr);
1189 fclose(f); 1199 fclose(f);
1200 fflush(NULL);
1190 exit(254); 1201 exit(254);
1191 } 1202 }
1192} 1203}
@@ -1195,11 +1206,11 @@ do_nologin(struct passwd *pw)
1195void 1206void
1196do_setusercontext(struct passwd *pw) 1207do_setusercontext(struct passwd *pw)
1197{ 1208{
1198#ifdef HAVE_CYGWIN 1209#ifndef HAVE_CYGWIN
1199 if (is_winnt) { 1210 if (getuid() == 0 || geteuid() == 0)
1200#else /* HAVE_CYGWIN */
1201 if (getuid() == 0 || geteuid() == 0) {
1202#endif /* HAVE_CYGWIN */ 1211#endif /* HAVE_CYGWIN */
1212 {
1213
1203#ifdef HAVE_SETPCRED 1214#ifdef HAVE_SETPCRED
1204 setpcred(pw->pw_name); 1215 setpcred(pw->pw_name);
1205#endif /* HAVE_SETPCRED */ 1216#endif /* HAVE_SETPCRED */
@@ -1249,6 +1260,10 @@ do_setusercontext(struct passwd *pw)
1249 permanently_set_uid(pw); 1260 permanently_set_uid(pw);
1250#endif 1261#endif
1251 } 1262 }
1263
1264#ifdef HAVE_CYGWIN
1265 if (is_winnt)
1266#endif
1252 if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) 1267 if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid)
1253 fatal("Failed to set uids to %u.", (u_int) pw->pw_uid); 1268 fatal("Failed to set uids to %u.", (u_int) pw->pw_uid);
1254} 1269}
@@ -1306,7 +1321,7 @@ do_child(Session *s, const char *command)
1306 */ 1321 */
1307 if (!options.use_login) { 1322 if (!options.use_login) {
1308#ifdef HAVE_OSF_SIA 1323#ifdef HAVE_OSF_SIA
1309 session_setup_sia(pw->pw_name, s->ttyfd == -1 ? NULL : s->tty); 1324 session_setup_sia(pw, s->ttyfd == -1 ? NULL : s->tty);
1310 if (!check_quietlogin(s, command)) 1325 if (!check_quietlogin(s, command))
1311 do_motd(); 1326 do_motd();
1312#else /* HAVE_OSF_SIA */ 1327#else /* HAVE_OSF_SIA */
@@ -1320,12 +1335,17 @@ do_child(Session *s, const char *command)
1320 * legal, and means /bin/sh. 1335 * legal, and means /bin/sh.
1321 */ 1336 */
1322 shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; 1337 shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell;
1338
1339 /*
1340 * Make sure $SHELL points to the shell from the password file,
1341 * even if shell is overridden from login.conf
1342 */
1343 env = do_setup_env(s, shell);
1344
1323#ifdef HAVE_LOGIN_CAP 1345#ifdef HAVE_LOGIN_CAP
1324 shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell); 1346 shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell);
1325#endif 1347#endif
1326 1348
1327 env = do_setup_env(s, shell);
1328
1329 /* we have to stash the hostname before we close our socket. */ 1349 /* we have to stash the hostname before we close our socket. */
1330 if (options.use_login) 1350 if (options.use_login)
1331 hostname = get_remote_name_or_ip(utmp_len, 1351 hostname = get_remote_name_or_ip(utmp_len,
@@ -1989,13 +2009,22 @@ session_tty_list(void)
1989{ 2009{
1990 static char buf[1024]; 2010 static char buf[1024];
1991 int i; 2011 int i;
2012 char *cp;
2013
1992 buf[0] = '\0'; 2014 buf[0] = '\0';
1993 for (i = 0; i < MAX_SESSIONS; i++) { 2015 for (i = 0; i < MAX_SESSIONS; i++) {
1994 Session *s = &sessions[i]; 2016 Session *s = &sessions[i];
1995 if (s->used && s->ttyfd != -1) { 2017 if (s->used && s->ttyfd != -1) {
2018
2019 if (strncmp(s->tty, "/dev/", 5) != 0) {
2020 cp = strrchr(s->tty, '/');
2021 cp = (cp == NULL) ? s->tty : cp + 1;
2022 } else
2023 cp = s->tty + 5;
2024
1996 if (buf[0] != '\0') 2025 if (buf[0] != '\0')
1997 strlcat(buf, ",", sizeof buf); 2026 strlcat(buf, ",", sizeof buf);
1998 strlcat(buf, strrchr(s->tty, '/') + 1, sizeof buf); 2027 strlcat(buf, cp, sizeof buf);
1999 } 2028 }
2000 } 2029 }
2001 if (buf[0] == '\0') 2030 if (buf[0] == '\0')