Merge 4.2p1 to the trunk.

author: Colin Watson <cjwatson@debian.org> 2005-09-14 12:45:47 +0000
committer: Colin Watson <cjwatson@debian.org> 2005-09-14 12:45:47 +0000
commit: 9b71add4cecf753c45f5fbd6ff0913bc95b3e95d (patch)
tree: d4ea8fdb30c7949c6433f5277c39548ea579d4dc /session.c
parent: ed07bcbea56007ab5b218ddf3aa6a7d4e21966e0 (diff)
parent: 16704d57999d987fb8d9ba53379841a79f016d67 (diff)
1 files changed, 121 insertions, 12 deletions
diff --git a/session.c b/session.c
index bdfcb26f9..fb719d42a 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.181 2004/12/23 17:35:48 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.186 2005/07/25 11:59:40 markus Exp $");
 #include "ssh.h"
 #include "ssh1.h"
@@ -56,6 +56,7 @@ RCSID("$OpenBSD: session.c,v 1.181 2004/12/23 17:35:48 markus Exp $");
 #include "serverloop.h"
 #include "canohost.h"
 #include "session.h"
+#include "kex.h"
 #include "monitor_wrap.h"
 #include "selinux.h"
@@ -198,11 +199,11 @@ auth_input_request_forwarding(struct passwd * pw)
 static void
 display_loginmsg(void)
 {
-        if (buffer_len(&loginmsg) > 0) {
+        if (buffer_len(&loginmsg) > 0) {
-                buffer_append(&loginmsg, "\0", 1);
+                buffer_append(&loginmsg, "\0", 1);
-                printf("%s", (char *)buffer_ptr(&loginmsg));
+                printf("%s", (char *)buffer_ptr(&loginmsg));
-                buffer_clear(&loginmsg);
+                buffer_clear(&loginmsg);
-        }
+        }
 }
 void
@@ -274,7 +275,7 @@ do_authenticated1(Authctxt *authctxt)
                                    compression_level);
                                break;
                        }
-                        if (!options.compression) {
+                        if (options.compression == COMP_NONE) {
                                debug2("compression disabled");
                                break;
                        }
@@ -948,7 +949,8 @@ read_etc_default_login(char ***env, u_int *envsize, uid_t uid)
 }
 #endif /* HAVE_ETC_DEFAULT_LOGIN */
-void copy_environment(char **source, char ***env, u_int *envsize)
+void
+copy_environment(char **source, char ***env, u_int *envsize)
 {
        char *var_name, *var_val;
        int i;
@@ -1334,6 +1336,11 @@ do_setusercontext(struct passwd *pw)
 # ifdef _AIX
                aix_usrinfo(pw);
 # endif /* _AIX */
+#if defined(HAVE_LIBIAF)  &&  !defined(BROKEN_LIBIAF)
+                if (set_id(pw->pw_name) != 0) {
+                        exit(1);
+                }
+#endif /* HAVE_LIBIAF  && !BROKEN_LIBIAF */
                /* Permanently switch to the desired uid. */
                permanently_set_uid(pw);
 #endif
@@ -1533,7 +1540,7 @@ do_child(Session *s, const char *command)
         */
        if (options.kerberos_get_afs_token && k_hasafs() &&
-             (s->authctxt->krb5_ctx != NULL)) {
+            (s->authctxt->krb5_ctx != NULL)) {
                char cell[64];
                debug("Getting AFS token");
@@ -1637,6 +1644,7 @@ session_new(void)
                        s->ttyfd = -1;
                        s->used = 1;
                        s->self = i;
+                        s->x11_chanids = NULL;
                        debug("session_new: session %d", i);
                        return s;
                }
@@ -1710,6 +1718,29 @@ session_by_channel(int id)
 }
 static Session *
+session_by_x11_channel(int id)
+{
+        int i, j;
+        for (i = 0; i < MAX_SESSIONS; i++) {
+                Session *s = &sessions[i];
+                if (s->x11_chanids == NULL || !s->used)
+                        continue;
+                for (j = 0; s->x11_chanids[j] != -1; j++) {
+                        if (s->x11_chanids[j] == id) {
+                                debug("session_by_x11_channel: session %d "
+                                    "channel %d", s->self, id);
+                                return s;
+                        }
+                }
+        }
+        debug("session_by_x11_channel: unknown channel %d", id);
+        session_dump();
+        return NULL;
+}
+static Session *
 session_by_pid(pid_t pid)
 {
        int i;
@@ -1804,7 +1835,7 @@ session_subsystem_req(Session *s)
        u_int len;
        int success = 0;
        char *cmd, *subsys = packet_get_string(&len);
-        int i;
+        u_int i;
        packet_check_eom();
        logit("subsystem request for %.100s", subsys);
@@ -1838,6 +1869,11 @@ session_x11_req(Session *s)
 {
        int success;
+        if (s->auth_proto != NULL || s->auth_data != NULL) {
+                error("session_x11_req: session %d: "
+                    "x11 fowarding already active", s->self);
+                return 0;
+        }
        s->single_connection = packet_get_char();
        s->auth_proto = packet_get_string(NULL);
        s->auth_data = packet_get_string(NULL);
@@ -2063,9 +2099,66 @@ sig2name(int sig)
 }
 static void
+session_close_x11(int id)
+{
+        Channel *c;
+        if ((c = channel_lookup(id)) == NULL) {
+                debug("session_close_x11: x11 channel %d missing", id);
+        } else {
+                /* Detach X11 listener */
+                debug("session_close_x11: detach x11 channel %d", id);
+                channel_cancel_cleanup(id);
+                if (c->ostate != CHAN_OUTPUT_CLOSED)
+                        chan_mark_dead(c);
+        }
+}
+static void
+session_close_single_x11(int id, void *arg)
+{
+        Session *s;
+        u_int i;
+        debug3("session_close_single_x11: channel %d", id);
+        channel_cancel_cleanup(id);
+        if ((s  = session_by_x11_channel(id)) == NULL)
+                fatal("session_close_single_x11: no x11 channel %d", id);
+        for (i = 0; s->x11_chanids[i] != -1; i++) {
+                debug("session_close_single_x11: session %d: "
+                    "closing channel %d", s->self, s->x11_chanids[i]);
+                /*
+                 * The channel "id" is already closing, but make sure we
+                 * close all of its siblings.
+                 */
+                if (s->x11_chanids[i] != id)
+                        session_close_x11(s->x11_chanids[i]);
+        }
+        xfree(s->x11_chanids);
+        s->x11_chanids = NULL;
+        if (s->display) {
+                xfree(s->display);
+                s->display = NULL;
+        }
+        if (s->auth_proto) {
+                xfree(s->auth_proto);
+                s->auth_proto = NULL;
+        }
+        if (s->auth_data) {
+                xfree(s->auth_data);
+                s->auth_data = NULL;
+        }
+        if (s->auth_display) {
+                xfree(s->auth_display);
+                s->auth_display = NULL;
+        }
+}
+static void
 session_exit_message(Session *s, int status)
 {
        Channel *c;
+        u_int i;
        if ((c = channel_lookup(s->chanid)) == NULL)
                fatal("session_exit_message: session %d: no channel %d",
@@ -2105,12 +2198,20 @@ session_exit_message(Session *s, int status)
        if (c->ostate != CHAN_OUTPUT_CLOSED)
                chan_write_failed(c);
        s->chanid = -1;
+        /* Close any X11 listeners associated with this session */
+        if (s->x11_chanids != NULL) {
+                for (i = 0; s->x11_chanids[i] != -1; i++) {
+                        session_close_x11(s->x11_chanids[i]);
+                        s->x11_chanids[i] = -1;
+                }
+        }
 }
 void
 session_close(Session *s)
 {
-        int i;
+        u_int i;
        debug("session_close: session %d pid %ld", s->self, (long)s->pid);
        if (s->ttyfd != -1)
@@ -2119,6 +2220,8 @@ session_close(Session *s)
                xfree(s->term);
        if (s->display)
                xfree(s->display);
+        if (s->x11_chanids)
+                xfree(s->x11_chanids);
        if (s->auth_display)
                xfree(s->auth_display);
        if (s->auth_data)
@@ -2157,6 +2260,7 @@ void
 session_close_by_channel(int id, void *arg)
 {
        Session *s = session_by_channel(id);
        if (s == NULL) {
                debug("session_close_by_channel: no session for id %d", id);
                return;
@@ -2237,6 +2341,7 @@ session_setup_x11fwd(Session *s)
        struct stat st;
        char display[512], auth_display[512];
        char hostname[MAXHOSTNAMELEN];
+        u_int i;
        if (no_x11_forwarding_flag) {
                packet_send_debug("X11 forwarding disabled in user configuration file.");
@@ -2262,10 +2367,14 @@ session_setup_x11fwd(Session *s)
        }
        if (x11_create_display_inet(options.x11_display_offset,
            options.x11_use_localhost, s->single_connection,
-            &s->display_number) == -1) {
+            &s->display_number, &s->x11_chanids) == -1) {
                debug("x11_create_display_inet failed.");
                return 0;
        }
+        for (i = 0; s->x11_chanids[i] != -1; i++) {
+                channel_register_cleanup(s->x11_chanids[i],
+                    session_close_single_x11);
+        }
        /* Set up a suitable value for the DISPLAY variable. */
        if (gethostname(hostname, sizeof(hostname)) < 0)
author	Colin Watson <cjwatson@debian.org>	2005-09-14 12:45:47 +0000
committer	Colin Watson <cjwatson@debian.org>	2005-09-14 12:45:47 +0000
commit	9b71add4cecf753c45f5fbd6ff0913bc95b3e95d (patch)
tree	d4ea8fdb30c7949c6433f5277c39548ea579d4dc /session.c
parent	ed07bcbea56007ab5b218ddf3aa6a7d4e21966e0 (diff)
parent	16704d57999d987fb8d9ba53379841a79f016d67 (diff)