diff options
Diffstat (limited to 'session.c')
-rw-r--r-- | session.c | 31 |
1 files changed, 29 insertions, 2 deletions
@@ -33,7 +33,7 @@ | |||
33 | */ | 33 | */ |
34 | 34 | ||
35 | #include "includes.h" | 35 | #include "includes.h" |
36 | RCSID("$OpenBSD: session.c,v 1.160 2003/08/13 08:33:02 markus Exp $"); | 36 | RCSID("$OpenBSD: session.c,v 1.161 2003/08/22 10:56:09 markus Exp $"); |
37 | 37 | ||
38 | #include "ssh.h" | 38 | #include "ssh.h" |
39 | #include "ssh1.h" | 39 | #include "ssh1.h" |
@@ -58,6 +58,10 @@ RCSID("$OpenBSD: session.c,v 1.160 2003/08/13 08:33:02 markus Exp $"); | |||
58 | #include "session.h" | 58 | #include "session.h" |
59 | #include "monitor_wrap.h" | 59 | #include "monitor_wrap.h" |
60 | 60 | ||
61 | #ifdef GSSAPI | ||
62 | #include "ssh-gss.h" | ||
63 | #endif | ||
64 | |||
61 | /* func */ | 65 | /* func */ |
62 | 66 | ||
63 | Session *session_new(void); | 67 | Session *session_new(void); |
@@ -424,6 +428,12 @@ do_exec_no_pty(Session *s, const char *command) | |||
424 | } | 428 | } |
425 | #endif /* USE_PAM */ | 429 | #endif /* USE_PAM */ |
426 | 430 | ||
431 | #ifdef GSSAPI | ||
432 | temporarily_use_uid(s->pw); | ||
433 | ssh_gssapi_storecreds(); | ||
434 | restore_uid(); | ||
435 | #endif | ||
436 | |||
427 | /* Fork the child. */ | 437 | /* Fork the child. */ |
428 | if ((pid = fork()) == 0) { | 438 | if ((pid = fork()) == 0) { |
429 | fatal_remove_all_cleanups(); | 439 | fatal_remove_all_cleanups(); |
@@ -550,6 +560,12 @@ do_exec_pty(Session *s, const char *command) | |||
550 | } | 560 | } |
551 | #endif | 561 | #endif |
552 | 562 | ||
563 | #ifdef GSSAPI | ||
564 | temporarily_use_uid(s->pw); | ||
565 | ssh_gssapi_storecreds(); | ||
566 | restore_uid(); | ||
567 | #endif | ||
568 | |||
553 | /* Fork the child. */ | 569 | /* Fork the child. */ |
554 | if ((pid = fork()) == 0) { | 570 | if ((pid = fork()) == 0) { |
555 | fatal_remove_all_cleanups(); | 571 | fatal_remove_all_cleanups(); |
@@ -807,7 +823,7 @@ check_quietlogin(Session *s, const char *command) | |||
807 | * Sets the value of the given variable in the environment. If the variable | 823 | * Sets the value of the given variable in the environment. If the variable |
808 | * already exists, its value is overriden. | 824 | * already exists, its value is overriden. |
809 | */ | 825 | */ |
810 | static void | 826 | void |
811 | child_set_env(char ***envp, u_int *envsizep, const char *name, | 827 | child_set_env(char ***envp, u_int *envsizep, const char *name, |
812 | const char *value) | 828 | const char *value) |
813 | { | 829 | { |
@@ -934,6 +950,13 @@ do_setup_env(Session *s, const char *shell) | |||
934 | copy_environment(environ, &env, &envsize); | 950 | copy_environment(environ, &env, &envsize); |
935 | #endif | 951 | #endif |
936 | 952 | ||
953 | #ifdef GSSAPI | ||
954 | /* Allow any GSSAPI methods that we've used to alter | ||
955 | * the childs environment as they see fit | ||
956 | */ | ||
957 | ssh_gssapi_do_child(&env, &envsize); | ||
958 | #endif | ||
959 | |||
937 | if (!options.use_login) { | 960 | if (!options.use_login) { |
938 | /* Set basic environment. */ | 961 | /* Set basic environment. */ |
939 | child_set_env(&env, &envsize, "USER", pw->pw_name); | 962 | child_set_env(&env, &envsize, "USER", pw->pw_name); |
@@ -2088,4 +2111,8 @@ static void | |||
2088 | do_authenticated2(Authctxt *authctxt) | 2111 | do_authenticated2(Authctxt *authctxt) |
2089 | { | 2112 | { |
2090 | server_loop2(authctxt); | 2113 | server_loop2(authctxt); |
2114 | #if defined(GSSAPI) | ||
2115 | if (options.gss_cleanup_creds) | ||
2116 | ssh_gssapi_cleanup_creds(NULL); | ||
2117 | #endif | ||
2091 | } | 2118 | } |