diff options
| author | Damien Miller <djm@mindrot.org> | 2000-06-18 14:50:44 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2000-06-18 14:50:44 +1000 |
| commit | f6d9e2218998559cb67aad55d3f4a0bf53600c41 (patch) | |
| tree | 87ea430020c66c697e065c164951b3f74b730b76 /session.c | |
| parent | 7b22d65034ac280e0b4eaa857c71b17ee3ad7d99 (diff) | |
- OpenBSD CVS updates:
- deraadt@cvs.openbsd.org 2000/06/17 09:58:46
[channels.c]
everyone says "nix it" (remove protocol 2 debugging message)
- markus@cvs.openbsd.org 2000/06/17 13:24:34
[sshconnect.c]
allow extended server banners
- markus@cvs.openbsd.org 2000/06/17 14:30:10
[sshconnect.c]
missing atomicio, typo
- jakob@cvs.openbsd.org 2000/06/17 16:52:34
[servconf.c servconf.h session.c sshd.8 sshd_config]
add support for ssh v2 subsystems. ok markus@.
- deraadt@cvs.openbsd.org 2000/06/17 18:57:48
[readconf.c servconf.c]
include = in WHITESPACE; markus ok
- markus@cvs.openbsd.org 2000/06/17 19:09:10
[auth2.c]
implement bug compatibility with ssh-2.0.13 pubkey, server side
- markus@cvs.openbsd.org 2000/06/17 21:00:28
[compat.c]
initial support for ssh.com's 2.2.0
- markus@cvs.openbsd.org 2000/06/17 21:16:09
[scp.c]
typo
- markus@cvs.openbsd.org 2000/06/17 22:05:02
[auth-rsa.c auth2.c serverloop.c session.c auth-options.c auth-options.h]
split auth-rsa option parsing into auth-options
add options support to authorized_keys2
- markus@cvs.openbsd.org 2000/06/17 22:42:54
[session.c]
typo
Diffstat (limited to 'session.c')
| -rw-r--r-- | session.c | 86 |
1 files changed, 57 insertions, 29 deletions
| @@ -8,7 +8,7 @@ | |||
| 8 | */ | 8 | */ |
| 9 | 9 | ||
| 10 | #include "includes.h" | 10 | #include "includes.h" |
| 11 | RCSID("$OpenBSD: session.c,v 1.17 2000/06/05 19:53:40 markus Exp $"); | 11 | RCSID("$OpenBSD: session.c,v 1.20 2000/06/18 04:42:54 markus Exp $"); |
| 12 | 12 | ||
| 13 | #include "xmalloc.h" | 13 | #include "xmalloc.h" |
| 14 | #include "ssh.h" | 14 | #include "ssh.h" |
| @@ -26,6 +26,7 @@ RCSID("$OpenBSD: session.c,v 1.17 2000/06/05 19:53:40 markus Exp $"); | |||
| 26 | #include "bufaux.h" | 26 | #include "bufaux.h" |
| 27 | #include "ssh2.h" | 27 | #include "ssh2.h" |
| 28 | #include "auth.h" | 28 | #include "auth.h" |
| 29 | #include "auth-options.h" | ||
| 29 | 30 | ||
| 30 | /* types */ | 31 | /* types */ |
| 31 | 32 | ||
| @@ -88,18 +89,6 @@ Session sessions[MAX_SESSIONS]; | |||
| 88 | char *aixloginmsg; | 89 | char *aixloginmsg; |
| 89 | #endif /* WITH_AIXAUTHENTICATE */ | 90 | #endif /* WITH_AIXAUTHENTICATE */ |
| 90 | 91 | ||
| 91 | /* Flags set in auth-rsa from authorized_keys flags. These are set in auth-rsa.c. */ | ||
| 92 | int no_port_forwarding_flag = 0; | ||
| 93 | int no_agent_forwarding_flag = 0; | ||
| 94 | int no_x11_forwarding_flag = 0; | ||
| 95 | int no_pty_flag = 0; | ||
| 96 | |||
| 97 | /* RSA authentication "command=" option. */ | ||
| 98 | char *forced_command = NULL; | ||
| 99 | |||
| 100 | /* RSA authentication "environment=" options. */ | ||
| 101 | struct envstring *custom_environment = NULL; | ||
| 102 | |||
| 103 | /* | 92 | /* |
| 104 | * Remove local Xauthority file. | 93 | * Remove local Xauthority file. |
| 105 | */ | 94 | */ |
| @@ -1260,6 +1249,8 @@ session_pty_req(Session *s) | |||
| 1260 | unsigned int len; | 1249 | unsigned int len; |
| 1261 | char *term_modes; /* encoded terminal modes */ | 1250 | char *term_modes; /* encoded terminal modes */ |
| 1262 | 1251 | ||
| 1252 | if (no_pty_flag) | ||
| 1253 | return 0; | ||
| 1263 | if (s->ttyfd != -1) | 1254 | if (s->ttyfd != -1) |
| 1264 | return 0; | 1255 | return 0; |
| 1265 | s->term = packet_get_string(&len); | 1256 | s->term = packet_get_string(&len); |
| @@ -1307,10 +1298,22 @@ session_subsystem_req(Session *s) | |||
| 1307 | unsigned int len; | 1298 | unsigned int len; |
| 1308 | int success = 0; | 1299 | int success = 0; |
| 1309 | char *subsys = packet_get_string(&len); | 1300 | char *subsys = packet_get_string(&len); |
| 1301 | int i; | ||
| 1310 | 1302 | ||
| 1311 | packet_done(); | 1303 | packet_done(); |
| 1312 | log("subsystem request for %s", subsys); | 1304 | log("subsystem request for %s", subsys); |
| 1313 | 1305 | ||
| 1306 | for (i = 0; i < options.num_subsystems; i++) { | ||
| 1307 | if(strcmp(subsys, options.subsystem_name[i]) == 0) { | ||
| 1308 | debug("subsystem: exec() %s", options.subsystem_command[i]); | ||
| 1309 | do_exec_no_pty(s, options.subsystem_command[i], s->pw); | ||
| 1310 | success = 1; | ||
| 1311 | } | ||
| 1312 | } | ||
| 1313 | |||
| 1314 | if (!success) | ||
| 1315 | log("subsystem request for %s failed, subsystem not found", subsys); | ||
| 1316 | |||
| 1314 | xfree(subsys); | 1317 | xfree(subsys); |
| 1315 | return success; | 1318 | return success; |
| 1316 | } | 1319 | } |
| @@ -1318,6 +1321,10 @@ session_subsystem_req(Session *s) | |||
| 1318 | int | 1321 | int |
| 1319 | session_x11_req(Session *s) | 1322 | session_x11_req(Session *s) |
| 1320 | { | 1323 | { |
| 1324 | if (!no_port_forwarding_flag) { | ||
| 1325 | debug("X11 forwarding disabled in user configuration file."); | ||
| 1326 | return 0; | ||
| 1327 | } | ||
| 1321 | if (!options.x11_forwarding) { | 1328 | if (!options.x11_forwarding) { |
| 1322 | debug("X11 forwarding disabled in server configuration file."); | 1329 | debug("X11 forwarding disabled in server configuration file."); |
| 1323 | return 0; | 1330 | return 0; |
| @@ -1364,6 +1371,41 @@ session_x11_req(Session *s) | |||
| 1364 | return 1; | 1371 | return 1; |
| 1365 | } | 1372 | } |
| 1366 | 1373 | ||
| 1374 | int | ||
| 1375 | session_shell_req(Session *s) | ||
| 1376 | { | ||
| 1377 | /* if forced_command == NULL, the shell is execed */ | ||
| 1378 | char *shell = forced_command; | ||
| 1379 | packet_done(); | ||
| 1380 | s->extended = 1; | ||
| 1381 | if (s->ttyfd == -1) | ||
| 1382 | do_exec_no_pty(s, shell, s->pw); | ||
| 1383 | else | ||
| 1384 | do_exec_pty(s, shell, s->pw); | ||
| 1385 | return 1; | ||
| 1386 | } | ||
| 1387 | |||
| 1388 | int | ||
| 1389 | session_exec_req(Session *s) | ||
| 1390 | { | ||
| 1391 | unsigned int len; | ||
| 1392 | char *command = packet_get_string(&len); | ||
| 1393 | packet_done(); | ||
| 1394 | if (forced_command) { | ||
| 1395 | xfree(command); | ||
| 1396 | command = forced_command; | ||
| 1397 | debug("Forced command '%.500s'", forced_command); | ||
| 1398 | } | ||
| 1399 | s->extended = 1; | ||
| 1400 | if (s->ttyfd == -1) | ||
| 1401 | do_exec_no_pty(s, command, s->pw); | ||
| 1402 | else | ||
| 1403 | do_exec_pty(s, command, s->pw); | ||
| 1404 | if (forced_command == NULL) | ||
| 1405 | xfree(command); | ||
| 1406 | return 1; | ||
| 1407 | } | ||
| 1408 | |||
| 1367 | void | 1409 | void |
| 1368 | session_input_channel_req(int id, void *arg) | 1410 | session_input_channel_req(int id, void *arg) |
| 1369 | { | 1411 | { |
| @@ -1393,23 +1435,9 @@ session_input_channel_req(int id, void *arg) | |||
| 1393 | */ | 1435 | */ |
| 1394 | if (c->type == SSH_CHANNEL_LARVAL) { | 1436 | if (c->type == SSH_CHANNEL_LARVAL) { |
| 1395 | if (strcmp(rtype, "shell") == 0) { | 1437 | if (strcmp(rtype, "shell") == 0) { |
| 1396 | packet_done(); | 1438 | success = session_shell_req(s); |
| 1397 | s->extended = 1; | ||
| 1398 | if (s->ttyfd == -1) | ||
| 1399 | do_exec_no_pty(s, NULL, s->pw); | ||
| 1400 | else | ||
| 1401 | do_exec_pty(s, NULL, s->pw); | ||
| 1402 | success = 1; | ||
| 1403 | } else if (strcmp(rtype, "exec") == 0) { | 1439 | } else if (strcmp(rtype, "exec") == 0) { |
| 1404 | char *command = packet_get_string(&len); | 1440 | success = session_exec_req(s); |
| 1405 | packet_done(); | ||
| 1406 | s->extended = 1; | ||
| 1407 | if (s->ttyfd == -1) | ||
| 1408 | do_exec_no_pty(s, command, s->pw); | ||
| 1409 | else | ||
| 1410 | do_exec_pty(s, command, s->pw); | ||
| 1411 | xfree(command); | ||
| 1412 | success = 1; | ||
| 1413 | } else if (strcmp(rtype, "pty-req") == 0) { | 1441 | } else if (strcmp(rtype, "pty-req") == 0) { |
| 1414 | success = session_pty_req(s); | 1442 | success = session_pty_req(s); |
| 1415 | } else if (strcmp(rtype, "x11-req") == 0) { | 1443 | } else if (strcmp(rtype, "x11-req") == 0) { |