summaryrefslogtreecommitdiff
path: root/session.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2000-04-30 10:00:53 +1000
committerDamien Miller <djm@mindrot.org>2000-04-30 10:00:53 +1000
commitbd483e76909905f28d1604125f70c7cf8271f66e (patch)
tree4363a925d1f530b444c5726601ecf9efc684c218 /session.c
parentc998f9eb7cfb3bfef8c78b0a47bdb6db29a871e8 (diff)
- More OpenBSD updates:
[session.c] - don't call chan_write_failed() if we are not writing [auth-rsa.c auth1.c authfd.c hostfile.c ssh-agent.c] - keysize warnings error() -> log()
Diffstat (limited to 'session.c')
-rw-r--r--session.c91
1 files changed, 84 insertions, 7 deletions
diff --git a/session.c b/session.c
index d5c53f11f..de39d8844 100644
--- a/session.c
+++ b/session.c
@@ -34,6 +34,7 @@ typedef struct Session Session;
34struct Session { 34struct Session {
35 int used; 35 int used;
36 int self; 36 int self;
37 int extended;
37 struct passwd *pw; 38 struct passwd *pw;
38 pid_t pid; 39 pid_t pid;
39 /* tty */ 40 /* tty */
@@ -46,6 +47,7 @@ struct Session {
46 int screen; 47 int screen;
47 char *auth_proto; 48 char *auth_proto;
48 char *auth_data; 49 char *auth_data;
50 int single_connection;
49 /* proto 2 */ 51 /* proto 2 */
50 int chanid; 52 int chanid;
51}; 53};
@@ -170,6 +172,7 @@ do_authenticated(struct passwd * pw)
170 channel_permit_all_opens(); 172 channel_permit_all_opens();
171 173
172 s = session_new(); 174 s = session_new();
175 s->pw = pw;
173 176
174 /* 177 /*
175 * We stay in this loop until the client requests to execute a shell 178 * We stay in this loop until the client requests to execute a shell
@@ -279,6 +282,7 @@ do_authenticated(struct passwd * pw)
279 xauthfile, strerror(errno)); 282 xauthfile, strerror(errno));
280 xfree(xauthfile); 283 xfree(xauthfile);
281 xauthfile = NULL; 284 xauthfile = NULL;
285 /* XXXX remove listening channels */
282 break; 286 break;
283 } 287 }
284 strlcat(xauthfile, "/cookies", MAXPATHLEN); 288 strlcat(xauthfile, "/cookies", MAXPATHLEN);
@@ -462,7 +466,7 @@ do_exec_no_pty(Session *s, const char *command, struct passwd * pw)
462 close(perr[1]); 466 close(perr[1]);
463 467
464 if (compat20) { 468 if (compat20) {
465 session_set_fds(s, pin[1], pout[0], perr[0]); 469 session_set_fds(s, pin[1], pout[0], s->extended ? perr[0] : -1);
466 } else { 470 } else {
467 /* Enter the interactive session. */ 471 /* Enter the interactive session. */
468 server_loop(pid, pin[1], pout[0], perr[0]); 472 server_loop(pid, pin[1], pout[0], perr[0]);
@@ -478,7 +482,7 @@ do_exec_no_pty(Session *s, const char *command, struct passwd * pw)
478 * handle the case that fdin and fdout are the same. 482 * handle the case that fdin and fdout are the same.
479 */ 483 */
480 if (compat20) { 484 if (compat20) {
481 session_set_fds(s, inout[1], inout[1], err[1]); 485 session_set_fds(s, inout[1], inout[1], s->extended ? err[1] : -1);
482 } else { 486 } else {
483 server_loop(pid, inout[1], inout[1], err[1]); 487 server_loop(pid, inout[1], inout[1], err[1]);
484 /* server_loop has closed inout[1] and err[1]. */ 488 /* server_loop has closed inout[1] and err[1]. */
@@ -1119,6 +1123,7 @@ session_new(void)
1119 Session *s = &sessions[i]; 1123 Session *s = &sessions[i];
1120 if (! s->used) { 1124 if (! s->used) {
1121 s->pid = 0; 1125 s->pid = 0;
1126 s->extended = 0;
1122 s->chanid = -1; 1127 s->chanid = -1;
1123 s->ptyfd = -1; 1128 s->ptyfd = -1;
1124 s->ttyfd = -1; 1129 s->ttyfd = -1;
@@ -1129,6 +1134,7 @@ session_new(void)
1129 s->auth_data = NULL; 1134 s->auth_data = NULL;
1130 s->auth_proto = NULL; 1135 s->auth_proto = NULL;
1131 s->used = 1; 1136 s->used = 1;
1137 s->pw = NULL;
1132 debug("session_new: session %d", i); 1138 debug("session_new: session %d", i);
1133 return s; 1139 return s;
1134 } 1140 }
@@ -1160,12 +1166,11 @@ session_open(int chanid)
1160 error("no more sessions"); 1166 error("no more sessions");
1161 return 0; 1167 return 0;
1162 } 1168 }
1163 debug("session_open: session %d: link with channel %d", s->self, chanid);
1164 s->chanid = chanid;
1165 s->pw = auth_get_user(); 1169 s->pw = auth_get_user();
1166 if (s->pw == NULL) 1170 if (s->pw == NULL)
1167 fatal("no user for session %i channel %d", 1171 fatal("no user for session %i", s->self);
1168 s->self, s->chanid); 1172 debug("session_open: session %d: link with channel %d", s->self, chanid);
1173 s->chanid = chanid;
1169 return 1; 1174 return 1;
1170} 1175}
1171 1176
@@ -1257,6 +1262,69 @@ session_pty_req(Session *s)
1257 return 1; 1262 return 1;
1258} 1263}
1259 1264
1265int
1266session_subsystem_req(Session *s)
1267{
1268 unsigned int len;
1269 int success = 0;
1270 char *subsys = packet_get_string(&len);
1271
1272 packet_done();
1273 log("subsystem request for %s", subsys);
1274
1275 xfree(subsys);
1276 return success;
1277}
1278
1279int
1280session_x11_req(Session *s)
1281{
1282 if (!options.x11_forwarding) {
1283 debug("X11 forwarding disabled in server configuration file.");
1284 return 0;
1285 }
1286 if (xauthfile != NULL) {
1287 debug("X11 fwd already started.");
1288 return 0;
1289 }
1290
1291 debug("Received request for X11 forwarding with auth spoofing.");
1292 if (s->display != NULL)
1293 packet_disconnect("Protocol error: X11 display already set.");
1294
1295 s->single_connection = packet_get_char();
1296 s->auth_proto = packet_get_string(NULL);
1297 s->auth_data = packet_get_string(NULL);
1298 s->screen = packet_get_int();
1299 packet_done();
1300
1301 s->display = x11_create_display_inet(s->screen, options.x11_display_offset);
1302 if (s->display == NULL) {
1303 xfree(s->auth_proto);
1304 xfree(s->auth_data);
1305 return 0;
1306 }
1307 xauthfile = xmalloc(MAXPATHLEN);
1308 strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
1309 temporarily_use_uid(s->pw->pw_uid);
1310 if (mkdtemp(xauthfile) == NULL) {
1311 restore_uid();
1312 error("private X11 dir: mkdtemp %s failed: %s",
1313 xauthfile, strerror(errno));
1314 xfree(xauthfile);
1315 xauthfile = NULL;
1316 xfree(s->auth_proto);
1317 xfree(s->auth_data);
1318 /* XXXX remove listening channels */
1319 return 0;
1320 }
1321 strlcat(xauthfile, "/cookies", MAXPATHLEN);
1322 open(xauthfile, O_RDWR|O_CREAT|O_EXCL, 0600);
1323 restore_uid();
1324 fatal_add_cleanup(xauthfile_cleanup_proc, s);
1325 return 1;
1326}
1327
1260void 1328void
1261session_input_channel_req(int id, void *arg) 1329session_input_channel_req(int id, void *arg)
1262{ 1330{
@@ -1294,6 +1362,8 @@ session_input_channel_req(int id, void *arg)
1294 } else if (strcmp(rtype, "exec") == 0) { 1362 } else if (strcmp(rtype, "exec") == 0) {
1295 char *command = packet_get_string(&len); 1363 char *command = packet_get_string(&len);
1296 packet_done(); 1364 packet_done();
1365 s->extended = 1;
1366 s->extended = 1;
1297 if (s->ttyfd == -1) 1367 if (s->ttyfd == -1)
1298 do_exec_no_pty(s, command, s->pw); 1368 do_exec_no_pty(s, command, s->pw);
1299 else 1369 else
@@ -1302,6 +1372,10 @@ session_input_channel_req(int id, void *arg)
1302 success = 1; 1372 success = 1;
1303 } else if (strcmp(rtype, "pty-req") == 0) { 1373 } else if (strcmp(rtype, "pty-req") == 0) {
1304 success = session_pty_req(s); 1374 success = session_pty_req(s);
1375 } else if (strcmp(rtype, "x11-req") == 0) {
1376 success = session_x11_req(s);
1377 } else if (strcmp(rtype, "subsystem") == 0) {
1378 success = session_subsystem_req(s);
1305 } 1379 }
1306 } 1380 }
1307 if (strcmp(rtype, "window-change") == 0) { 1381 if (strcmp(rtype, "window-change") == 0) {
@@ -1399,7 +1473,8 @@ session_exit_message(Session *s, int status)
1399 * Note that we must not call 'chan_read_failed', since there could 1473 * Note that we must not call 'chan_read_failed', since there could
1400 * be some more data waiting in the pipe. 1474 * be some more data waiting in the pipe.
1401 */ 1475 */
1402 chan_write_failed(c); 1476 if (c->ostate != CHAN_OUTPUT_CLOSED)
1477 chan_write_failed(c);
1403 s->chanid = -1; 1478 s->chanid = -1;
1404} 1479}
1405 1480
@@ -1475,4 +1550,6 @@ do_authenticated2(void)
1475 */ 1550 */
1476 alarm(0); 1551 alarm(0);
1477 server_loop2(); 1552 server_loop2();
1553 if (xauthfile)
1554 xauthfile_cleanup_proc(NULL);
1478} 1555}
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-08 08:25:31 +0000