diff options
Diffstat (limited to 'session.c')
| -rw-r--r-- | session.c | 37 |
1 files changed, 33 insertions, 4 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: session.c,v 1.224 2007/09/11 15:47:17 gilles Exp $ */ | 1 | /* $OpenBSD: session.c,v 1.225 2008/02/04 21:53:00 markus Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| 4 | * All rights reserved | 4 | * All rights reserved |
| @@ -87,6 +87,7 @@ | |||
| 87 | #include "session.h" | 87 | #include "session.h" |
| 88 | #include "kex.h" | 88 | #include "kex.h" |
| 89 | #include "monitor_wrap.h" | 89 | #include "monitor_wrap.h" |
| 90 | #include "sftp.h" | ||
| 90 | 91 | ||
| 91 | #if defined(KRB5) && defined(USE_AFS) | 92 | #if defined(KRB5) && defined(USE_AFS) |
| 92 | #include <kafs.h> | 93 | #include <kafs.h> |
| @@ -132,6 +133,10 @@ const char *original_command = NULL; | |||
| 132 | #define MAX_SESSIONS 10 | 133 | #define MAX_SESSIONS 10 |
| 133 | Session sessions[MAX_SESSIONS]; | 134 | Session sessions[MAX_SESSIONS]; |
| 134 | 135 | ||
| 136 | #define SUBSYSTEM_NONE 0 | ||
| 137 | #define SUBSYSTEM_EXT 1 | ||
| 138 | #define SUBSYSTEM_INT_SFTP 2 | ||
| 139 | |||
| 135 | #ifdef HAVE_LOGIN_CAP | 140 | #ifdef HAVE_LOGIN_CAP |
| 136 | login_cap_t *lc; | 141 | login_cap_t *lc; |
| 137 | #endif | 142 | #endif |
| @@ -683,10 +688,14 @@ do_exec(Session *s, const char *command) | |||
| 683 | if (options.adm_forced_command) { | 688 | if (options.adm_forced_command) { |
| 684 | original_command = command; | 689 | original_command = command; |
| 685 | command = options.adm_forced_command; | 690 | command = options.adm_forced_command; |
| 691 | if (s->is_subsystem) | ||
| 692 | s->is_subsystem = SUBSYSTEM_EXT; | ||
| 686 | debug("Forced command (config) '%.900s'", command); | 693 | debug("Forced command (config) '%.900s'", command); |
| 687 | } else if (forced_command) { | 694 | } else if (forced_command) { |
| 688 | original_command = command; | 695 | original_command = command; |
| 689 | command = forced_command; | 696 | command = forced_command; |
| 697 | if (s->is_subsystem) | ||
| 698 | s->is_subsystem = SUBSYSTEM_EXT; | ||
| 690 | debug("Forced command (key option) '%.900s'", command); | 699 | debug("Forced command (key option) '%.900s'", command); |
| 691 | } | 700 | } |
| 692 | 701 | ||
| @@ -1465,12 +1474,13 @@ child_close_fds(void) | |||
| 1465 | * environment, closing extra file descriptors, setting the user and group | 1474 | * environment, closing extra file descriptors, setting the user and group |
| 1466 | * ids, and executing the command or shell. | 1475 | * ids, and executing the command or shell. |
| 1467 | */ | 1476 | */ |
| 1477 | #define ARGV_MAX 10 | ||
| 1468 | void | 1478 | void |
| 1469 | do_child(Session *s, const char *command) | 1479 | do_child(Session *s, const char *command) |
| 1470 | { | 1480 | { |
| 1471 | extern char **environ; | 1481 | extern char **environ; |
| 1472 | char **env; | 1482 | char **env; |
| 1473 | char *argv[10]; | 1483 | char *argv[ARGV_MAX]; |
| 1474 | const char *shell, *shell0, *hostname = NULL; | 1484 | const char *shell, *shell0, *hostname = NULL; |
| 1475 | struct passwd *pw = s->pw; | 1485 | struct passwd *pw = s->pw; |
| 1476 | 1486 | ||
| @@ -1602,6 +1612,22 @@ do_child(Session *s, const char *command) | |||
| 1602 | /* restore SIGPIPE for child */ | 1612 | /* restore SIGPIPE for child */ |
| 1603 | signal(SIGPIPE, SIG_DFL); | 1613 | signal(SIGPIPE, SIG_DFL); |
| 1604 | 1614 | ||
| 1615 | if (s->is_subsystem == SUBSYSTEM_INT_SFTP) { | ||
| 1616 | extern int optind, optreset; | ||
| 1617 | int i; | ||
| 1618 | char *p, *args; | ||
| 1619 | |||
| 1620 | setproctitle("%s@internal-sftp-server", s->pw->pw_name); | ||
| 1621 | args = strdup(command ? command : "sftp-server"); | ||
| 1622 | for (i = 0, (p = strtok(args, " ")); p; (p = strtok(NULL, " "))) | ||
| 1623 | if (i < ARGV_MAX - 1) | ||
| 1624 | argv[i++] = p; | ||
| 1625 | argv[i] = NULL; | ||
| 1626 | optind = optreset = 1; | ||
| 1627 | __progname = argv[0]; | ||
| 1628 | exit(sftp_server_main(i, argv)); | ||
| 1629 | } | ||
| 1630 | |||
| 1605 | if (options.use_login) { | 1631 | if (options.use_login) { |
| 1606 | launch_login(pw, hostname); | 1632 | launch_login(pw, hostname); |
| 1607 | /* NEVERREACHED */ | 1633 | /* NEVERREACHED */ |
| @@ -1874,13 +1900,16 @@ session_subsystem_req(Session *s) | |||
| 1874 | if (strcmp(subsys, options.subsystem_name[i]) == 0) { | 1900 | if (strcmp(subsys, options.subsystem_name[i]) == 0) { |
| 1875 | prog = options.subsystem_command[i]; | 1901 | prog = options.subsystem_command[i]; |
| 1876 | cmd = options.subsystem_args[i]; | 1902 | cmd = options.subsystem_args[i]; |
| 1877 | if (stat(prog, &st) < 0) { | 1903 | if (!strcmp("internal-sftp", prog)) { |
| 1904 | s->is_subsystem = SUBSYSTEM_INT_SFTP; | ||
| 1905 | } else if (stat(prog, &st) < 0) { | ||
| 1878 | error("subsystem: cannot stat %s: %s", prog, | 1906 | error("subsystem: cannot stat %s: %s", prog, |
| 1879 | strerror(errno)); | 1907 | strerror(errno)); |
| 1880 | break; | 1908 | break; |
| 1909 | } else { | ||
| 1910 | s->is_subsystem = SUBSYSTEM_EXT; | ||
| 1881 | } | 1911 | } |
| 1882 | debug("subsystem: exec() %s", cmd); | 1912 | debug("subsystem: exec() %s", cmd); |
| 1883 | s->is_subsystem = 1; | ||
| 1884 | do_exec(s, cmd); | 1913 | do_exec(s, cmd); |
| 1885 | success = 1; | 1914 | success = 1; |
| 1886 | break; | 1915 | break; |