diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | auth1.c | 4 | ||||
-rw-r--r-- | auth2.c | 4 | ||||
-rw-r--r-- | session.c | 95 | ||||
-rw-r--r-- | session.h | 7 |
5 files changed, 53 insertions, 62 deletions
@@ -13,6 +13,9 @@ | |||
13 | - markus@cvs.openbsd.org 2001/03/20 19:21:21 | 13 | - markus@cvs.openbsd.org 2001/03/20 19:21:21 |
14 | [session.c] | 14 | [session.c] |
15 | remove unused arg | 15 | remove unused arg |
16 | - markus@cvs.openbsd.org 2001/03/21 11:43:45 | ||
17 | [auth1.c auth2.c session.c session.h] | ||
18 | merge common ssh v1/2 code | ||
16 | 19 | ||
17 | 20010321 | 20 | 20010321 |
18 | - (djm) Fix ttyname breakage for AIX and Tru64. Patch from Steve | 21 | - (djm) Fix ttyname breakage for AIX and Tru64. Patch from Steve |
@@ -4672,4 +4675,4 @@ | |||
4672 | - Wrote replacements for strlcpy and mkdtemp | 4675 | - Wrote replacements for strlcpy and mkdtemp |
4673 | - Released 1.0pre1 | 4676 | - Released 1.0pre1 |
4674 | 4677 | ||
4675 | $Id: ChangeLog,v 1.1004 2001/03/22 01:27:23 mouring Exp $ | 4678 | $Id: ChangeLog,v 1.1005 2001/03/22 02:02:12 mouring Exp $ |
@@ -10,7 +10,7 @@ | |||
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include "includes.h" | 12 | #include "includes.h" |
13 | RCSID("$OpenBSD: auth1.c,v 1.20 2001/03/20 18:57:04 markus Exp $"); | 13 | RCSID("$OpenBSD: auth1.c,v 1.21 2001/03/21 11:43:44 markus Exp $"); |
14 | 14 | ||
15 | #include "xmalloc.h" | 15 | #include "xmalloc.h" |
16 | #include "rsa.h" | 16 | #include "rsa.h" |
@@ -434,5 +434,5 @@ do_authentication() | |||
434 | xfree(authctxt); | 434 | xfree(authctxt); |
435 | 435 | ||
436 | /* Perform session preparation. */ | 436 | /* Perform session preparation. */ |
437 | do_authenticated(pw); | 437 | do_authenticated(authctxt); |
438 | } | 438 | } |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth2.c,v 1.47 2001/03/20 18:57:04 markus Exp $"); | 26 | RCSID("$OpenBSD: auth2.c,v 1.48 2001/03/21 11:43:44 markus Exp $"); |
27 | 27 | ||
28 | #include <openssl/evp.h> | 28 | #include <openssl/evp.h> |
29 | 29 | ||
@@ -120,7 +120,7 @@ do_authentication2() | |||
120 | dispatch_init(&protocol_error); | 120 | dispatch_init(&protocol_error); |
121 | dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request); | 121 | dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request); |
122 | dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt); | 122 | dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt); |
123 | do_authenticated2(authctxt); | 123 | do_authenticated(authctxt); |
124 | } | 124 | } |
125 | 125 | ||
126 | void | 126 | void |
@@ -33,7 +33,7 @@ | |||
33 | */ | 33 | */ |
34 | 34 | ||
35 | #include "includes.h" | 35 | #include "includes.h" |
36 | RCSID("$OpenBSD: session.c,v 1.64 2001/03/20 19:35:29 markus Exp $"); | 36 | RCSID("$OpenBSD: session.c,v 1.65 2001/03/21 11:43:44 markus Exp $"); |
37 | 37 | ||
38 | #include "ssh.h" | 38 | #include "ssh.h" |
39 | #include "ssh1.h" | 39 | #include "ssh1.h" |
@@ -129,6 +129,9 @@ void do_exec_no_pty(Session *s, const char *command); | |||
129 | void do_login(Session *s, const char *command); | 129 | void do_login(Session *s, const char *command); |
130 | void do_child(Session *s, const char *command); | 130 | void do_child(Session *s, const char *command); |
131 | 131 | ||
132 | void do_authenticated1(Authctxt *authctxt); | ||
133 | void do_authenticated2(Authctxt *authctxt); | ||
134 | |||
132 | /* import */ | 135 | /* import */ |
133 | extern ServerOptions options; | 136 | extern ServerOptions options; |
134 | extern char *__progname; | 137 | extern char *__progname; |
@@ -157,6 +160,34 @@ char *aixloginmsg; | |||
157 | static login_cap_t *lc; | 160 | static login_cap_t *lc; |
158 | #endif | 161 | #endif |
159 | 162 | ||
163 | void | ||
164 | do_authenticated(Authctxt *authctxt) | ||
165 | { | ||
166 | /* | ||
167 | * Cancel the alarm we set to limit the time taken for | ||
168 | * authentication. | ||
169 | */ | ||
170 | alarm(0); | ||
171 | if (startup_pipe != -1) { | ||
172 | close(startup_pipe); | ||
173 | startup_pipe = -1; | ||
174 | } | ||
175 | #if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD) | ||
176 | if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) { | ||
177 | error("unable to get login class"); | ||
178 | return; | ||
179 | } | ||
180 | #endif | ||
181 | /* setup the channel layer */ | ||
182 | if (!no_port_forwarding_flag && options.allow_tcp_forwarding) | ||
183 | channel_permit_all_opens(); | ||
184 | |||
185 | if (compat20) | ||
186 | do_authenticated2(authctxt); | ||
187 | else | ||
188 | do_authenticated1(authctxt); | ||
189 | } | ||
190 | |||
160 | /* | 191 | /* |
161 | * Remove local Xauthority file. | 192 | * Remove local Xauthority file. |
162 | */ | 193 | */ |
@@ -206,47 +237,23 @@ pty_cleanup_proc(void *session) | |||
206 | * are requested, etc. | 237 | * are requested, etc. |
207 | */ | 238 | */ |
208 | void | 239 | void |
209 | do_authenticated(struct passwd * pw) | 240 | do_authenticated1(Authctxt *authctxt) |
210 | { | 241 | { |
211 | Session *s; | 242 | Session *s; |
212 | int type, fd; | ||
213 | int compression_level = 0, enable_compression_after_reply = 0; | ||
214 | int have_pty = 0; | ||
215 | char *command; | 243 | char *command; |
216 | int n_bytes; | 244 | int success, type, fd, n_bytes, plen, screen_flag, have_pty = 0; |
217 | int plen; | 245 | int compression_level = 0, enable_compression_after_reply = 0; |
218 | u_int proto_len, data_len, dlen; | 246 | u_int proto_len, data_len, dlen; |
219 | int screen_flag; | ||
220 | |||
221 | /* | ||
222 | * Cancel the alarm we set to limit the time taken for | ||
223 | * authentication. | ||
224 | */ | ||
225 | alarm(0); | ||
226 | if (startup_pipe != -1) { | ||
227 | close(startup_pipe); | ||
228 | startup_pipe = -1; | ||
229 | } | ||
230 | |||
231 | if (!no_port_forwarding_flag && options.allow_tcp_forwarding) | ||
232 | channel_permit_all_opens(); | ||
233 | 247 | ||
234 | s = session_new(); | 248 | s = session_new(); |
235 | s->pw = pw; | 249 | s->pw = authctxt->pw; |
236 | |||
237 | #if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD) | ||
238 | if ((lc = login_getclass(pw->pw_class)) == NULL) { | ||
239 | error("unable to get login class"); | ||
240 | return; | ||
241 | } | ||
242 | #endif | ||
243 | 250 | ||
244 | /* | 251 | /* |
245 | * We stay in this loop until the client requests to execute a shell | 252 | * We stay in this loop until the client requests to execute a shell |
246 | * or a command. | 253 | * or a command. |
247 | */ | 254 | */ |
248 | for (;;) { | 255 | for (;;) { |
249 | int success = 0; | 256 | success = 0; |
250 | 257 | ||
251 | /* Get a packet from the client. */ | 258 | /* Get a packet from the client. */ |
252 | type = packet_read(&plen); | 259 | type = packet_read(&plen); |
@@ -283,7 +290,7 @@ do_authenticated(struct passwd * pw) | |||
283 | break; | 290 | break; |
284 | } | 291 | } |
285 | fatal_add_cleanup(pty_cleanup_proc, (void *)s); | 292 | fatal_add_cleanup(pty_cleanup_proc, (void *)s); |
286 | pty_setowner(pw, s->tty); | 293 | pty_setowner(s->pw, s->tty); |
287 | 294 | ||
288 | /* Get TERM from the packet. Note that the value may be of arbitrary length. */ | 295 | /* Get TERM from the packet. Note that the value may be of arbitrary length. */ |
289 | s->term = packet_get_string(&dlen); | 296 | s->term = packet_get_string(&dlen); |
@@ -358,7 +365,7 @@ do_authenticated(struct passwd * pw) | |||
358 | /* Setup to always have a local .Xauthority. */ | 365 | /* Setup to always have a local .Xauthority. */ |
359 | xauthfile = xmalloc(MAXPATHLEN); | 366 | xauthfile = xmalloc(MAXPATHLEN); |
360 | strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN); | 367 | strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN); |
361 | temporarily_use_uid(pw->pw_uid); | 368 | temporarily_use_uid(s->pw->pw_uid); |
362 | if (mkdtemp(xauthfile) == NULL) { | 369 | if (mkdtemp(xauthfile) == NULL) { |
363 | restore_uid(); | 370 | restore_uid(); |
364 | error("private X11 dir: mkdtemp %s failed: %s", | 371 | error("private X11 dir: mkdtemp %s failed: %s", |
@@ -383,7 +390,7 @@ do_authenticated(struct passwd * pw) | |||
383 | break; | 390 | break; |
384 | } | 391 | } |
385 | debug("Received authentication agent forwarding request."); | 392 | debug("Received authentication agent forwarding request."); |
386 | success = auth_input_request_forwarding(pw); | 393 | success = auth_input_request_forwarding(s->pw); |
387 | break; | 394 | break; |
388 | 395 | ||
389 | case SSH_CMSG_PORT_FORWARD_REQUEST: | 396 | case SSH_CMSG_PORT_FORWARD_REQUEST: |
@@ -396,7 +403,7 @@ do_authenticated(struct passwd * pw) | |||
396 | break; | 403 | break; |
397 | } | 404 | } |
398 | debug("Received TCP/IP port forwarding request."); | 405 | debug("Received TCP/IP port forwarding request."); |
399 | channel_input_port_forward_request(pw->pw_uid == 0, options.gateway_ports); | 406 | channel_input_port_forward_request(s->pw->pw_uid == 0, options.gateway_ports); |
400 | success = 1; | 407 | success = 1; |
401 | break; | 408 | break; |
402 | 409 | ||
@@ -597,7 +604,7 @@ do_exec_pty(Session *s, const char *command) | |||
597 | ttyfd = s->ttyfd; | 604 | ttyfd = s->ttyfd; |
598 | 605 | ||
599 | #if defined(USE_PAM) | 606 | #if defined(USE_PAM) |
600 | do_pam_session(pw->pw_name, s->tty); | 607 | do_pam_session(s->pw->pw_name, s->tty); |
601 | do_pam_setcred(); | 608 | do_pam_setcred(); |
602 | #endif | 609 | #endif |
603 | 610 | ||
@@ -2022,23 +2029,7 @@ session_proctitle(Session *s) | |||
2022 | void | 2029 | void |
2023 | do_authenticated2(Authctxt *authctxt) | 2030 | do_authenticated2(Authctxt *authctxt) |
2024 | { | 2031 | { |
2025 | /* | 2032 | |
2026 | * Cancel the alarm we set to limit the time taken for | ||
2027 | * authentication. | ||
2028 | */ | ||
2029 | alarm(0); | ||
2030 | if (startup_pipe != -1) { | ||
2031 | close(startup_pipe); | ||
2032 | startup_pipe = -1; | ||
2033 | } | ||
2034 | if (!no_port_forwarding_flag && options.allow_tcp_forwarding) | ||
2035 | channel_permit_all_opens(); | ||
2036 | #if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD) | ||
2037 | if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) { | ||
2038 | error("unable to get login class"); | ||
2039 | return; | ||
2040 | } | ||
2041 | #endif | ||
2042 | server_loop2(); | 2033 | server_loop2(); |
2043 | if (xauthfile) | 2034 | if (xauthfile) |
2044 | xauthfile_cleanup_proc(NULL); | 2035 | xauthfile_cleanup_proc(NULL); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: session.h,v 1.5 2001/01/29 01:58:18 niklas Exp $ */ | 1 | /* $OpenBSD: session.h,v 1.6 2001/03/21 11:43:45 markus Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
@@ -26,11 +26,8 @@ | |||
26 | #ifndef SESSION_H | 26 | #ifndef SESSION_H |
27 | #define SESSION_H | 27 | #define SESSION_H |
28 | 28 | ||
29 | /* SSH1 */ | 29 | void do_authenticated(Authctxt *ac); |
30 | void do_authenticated(struct passwd * pw); | ||
31 | 30 | ||
32 | /* SSH2 */ | ||
33 | void do_authenticated2(Authctxt *ac); | ||
34 | int session_open(int id); | 31 | int session_open(int id); |
35 | void session_input_channel_req(int id, void *arg); | 32 | void session_input_channel_req(int id, void *arg); |
36 | void session_close_by_pid(pid_t pid, int status); | 33 | void session_close_by_pid(pid_t pid, int status); |