diff options
Diffstat (limited to 'session.c')
| -rw-r--r-- | session.c | 61 |
1 files changed, 45 insertions, 16 deletions
| @@ -33,7 +33,7 @@ | |||
| 33 | */ | 33 | */ |
| 34 | 34 | ||
| 35 | #include "includes.h" | 35 | #include "includes.h" |
| 36 | RCSID("$OpenBSD: session.c,v 1.150 2002/09/16 19:55:33 stevesk Exp $"); | 36 | RCSID("$OpenBSD: session.c,v 1.154 2003/03/05 22:33:43 markus Exp $"); |
| 37 | 37 | ||
| 38 | #include "ssh.h" | 38 | #include "ssh.h" |
| 39 | #include "ssh1.h" | 39 | #include "ssh1.h" |
| @@ -201,6 +201,8 @@ auth_input_request_forwarding(struct passwd * pw) | |||
| 201 | void | 201 | void |
| 202 | do_authenticated(Authctxt *authctxt) | 202 | do_authenticated(Authctxt *authctxt) |
| 203 | { | 203 | { |
| 204 | setproctitle("%s", authctxt->pw->pw_name); | ||
| 205 | |||
| 204 | /* | 206 | /* |
| 205 | * Cancel the alarm we set to limit the time taken for | 207 | * Cancel the alarm we set to limit the time taken for |
| 206 | * authentication. | 208 | * authentication. |
| @@ -689,7 +691,7 @@ do_pre_login(Session *s) | |||
| 689 | 691 | ||
| 690 | record_utmp_only(pid, s->tty, s->pw->pw_name, | 692 | record_utmp_only(pid, s->tty, s->pw->pw_name, |
| 691 | get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping), | 693 | get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping), |
| 692 | (struct sockaddr *)&from); | 694 | (struct sockaddr *)&from, fromlen); |
| 693 | } | 695 | } |
| 694 | #endif | 696 | #endif |
| 695 | 697 | ||
| @@ -730,8 +732,8 @@ do_login(Session *s, const char *command) | |||
| 730 | * the address be 0.0.0.0. | 732 | * the address be 0.0.0.0. |
| 731 | */ | 733 | */ |
| 732 | memset(&from, 0, sizeof(from)); | 734 | memset(&from, 0, sizeof(from)); |
| 735 | fromlen = sizeof(from); | ||
| 733 | if (packet_connection_is_on_socket()) { | 736 | if (packet_connection_is_on_socket()) { |
| 734 | fromlen = sizeof(from); | ||
| 735 | if (getpeername(packet_get_connection_in(), | 737 | if (getpeername(packet_get_connection_in(), |
| 736 | (struct sockaddr *) & from, &fromlen) < 0) { | 738 | (struct sockaddr *) & from, &fromlen) < 0) { |
| 737 | debug("getpeername: %.100s", strerror(errno)); | 739 | debug("getpeername: %.100s", strerror(errno)); |
| @@ -949,7 +951,7 @@ do_setup_env(Session *s, const char *shell) | |||
| 949 | { | 951 | { |
| 950 | char buf[256]; | 952 | char buf[256]; |
| 951 | u_int i, envsize; | 953 | u_int i, envsize; |
| 952 | char **env; | 954 | char **env, *laddr; |
| 953 | struct passwd *pw = s->pw; | 955 | struct passwd *pw = s->pw; |
| 954 | 956 | ||
| 955 | /* Initialize the environment. */ | 957 | /* Initialize the environment. */ |
| @@ -969,6 +971,9 @@ do_setup_env(Session *s, const char *shell) | |||
| 969 | /* Set basic environment. */ | 971 | /* Set basic environment. */ |
| 970 | child_set_env(&env, &envsize, "USER", pw->pw_name); | 972 | child_set_env(&env, &envsize, "USER", pw->pw_name); |
| 971 | child_set_env(&env, &envsize, "LOGNAME", pw->pw_name); | 973 | child_set_env(&env, &envsize, "LOGNAME", pw->pw_name); |
| 974 | #ifdef _AIX | ||
| 975 | child_set_env(&env, &envsize, "LOGIN", pw->pw_name); | ||
| 976 | #endif | ||
| 972 | child_set_env(&env, &envsize, "HOME", pw->pw_dir); | 977 | child_set_env(&env, &envsize, "HOME", pw->pw_dir); |
| 973 | #ifdef HAVE_LOGIN_CAP | 978 | #ifdef HAVE_LOGIN_CAP |
| 974 | if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH) < 0) | 979 | if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH) < 0) |
| @@ -1025,9 +1030,10 @@ do_setup_env(Session *s, const char *shell) | |||
| 1025 | get_remote_ipaddr(), get_remote_port(), get_local_port()); | 1030 | get_remote_ipaddr(), get_remote_port(), get_local_port()); |
| 1026 | child_set_env(&env, &envsize, "SSH_CLIENT", buf); | 1031 | child_set_env(&env, &envsize, "SSH_CLIENT", buf); |
| 1027 | 1032 | ||
| 1033 | laddr = get_local_ipaddr(packet_get_connection_in()); | ||
| 1028 | snprintf(buf, sizeof buf, "%.50s %d %.50s %d", | 1034 | snprintf(buf, sizeof buf, "%.50s %d %.50s %d", |
| 1029 | get_remote_ipaddr(), get_remote_port(), | 1035 | get_remote_ipaddr(), get_remote_port(), laddr, get_local_port()); |
| 1030 | get_local_ipaddr(packet_get_connection_in()), get_local_port()); | 1036 | xfree(laddr); |
| 1031 | child_set_env(&env, &envsize, "SSH_CONNECTION", buf); | 1037 | child_set_env(&env, &envsize, "SSH_CONNECTION", buf); |
| 1032 | 1038 | ||
| 1033 | if (s->ttyfd != -1) | 1039 | if (s->ttyfd != -1) |
| @@ -1146,8 +1152,10 @@ do_rc_files(Session *s, const char *shell) | |||
| 1146 | /* Add authority data to .Xauthority if appropriate. */ | 1152 | /* Add authority data to .Xauthority if appropriate. */ |
| 1147 | if (debug_flag) { | 1153 | if (debug_flag) { |
| 1148 | fprintf(stderr, | 1154 | fprintf(stderr, |
| 1149 | "Running %.500s add " | 1155 | "Running %.500s remove %.100s\n", |
| 1150 | "%.100s %.100s %.100s\n", | 1156 | options.xauth_location, s->auth_display); |
| 1157 | fprintf(stderr, | ||
| 1158 | "%.500s add %.100s %.100s %.100s\n", | ||
| 1151 | options.xauth_location, s->auth_display, | 1159 | options.xauth_location, s->auth_display, |
| 1152 | s->auth_proto, s->auth_data); | 1160 | s->auth_proto, s->auth_data); |
| 1153 | } | 1161 | } |
| @@ -1155,6 +1163,8 @@ do_rc_files(Session *s, const char *shell) | |||
| 1155 | options.xauth_location); | 1163 | options.xauth_location); |
| 1156 | f = popen(cmd, "w"); | 1164 | f = popen(cmd, "w"); |
| 1157 | if (f) { | 1165 | if (f) { |
| 1166 | fprintf(f, "remove %s\n", | ||
| 1167 | s->auth_display); | ||
| 1158 | fprintf(f, "add %s %s %s\n", | 1168 | fprintf(f, "add %s %s %s\n", |
| 1159 | s->auth_display, s->auth_proto, | 1169 | s->auth_display, s->auth_proto, |
| 1160 | s->auth_data); | 1170 | s->auth_data); |
| @@ -1187,6 +1197,7 @@ do_nologin(struct passwd *pw) | |||
| 1187 | while (fgets(buf, sizeof(buf), f)) | 1197 | while (fgets(buf, sizeof(buf), f)) |
| 1188 | fputs(buf, stderr); | 1198 | fputs(buf, stderr); |
| 1189 | fclose(f); | 1199 | fclose(f); |
| 1200 | fflush(NULL); | ||
| 1190 | exit(254); | 1201 | exit(254); |
| 1191 | } | 1202 | } |
| 1192 | } | 1203 | } |
| @@ -1195,11 +1206,11 @@ do_nologin(struct passwd *pw) | |||
| 1195 | void | 1206 | void |
| 1196 | do_setusercontext(struct passwd *pw) | 1207 | do_setusercontext(struct passwd *pw) |
| 1197 | { | 1208 | { |
| 1198 | #ifdef HAVE_CYGWIN | 1209 | #ifndef HAVE_CYGWIN |
| 1199 | if (is_winnt) { | 1210 | if (getuid() == 0 || geteuid() == 0) |
| 1200 | #else /* HAVE_CYGWIN */ | ||
| 1201 | if (getuid() == 0 || geteuid() == 0) { | ||
| 1202 | #endif /* HAVE_CYGWIN */ | 1211 | #endif /* HAVE_CYGWIN */ |
| 1212 | { | ||
| 1213 | |||
| 1203 | #ifdef HAVE_SETPCRED | 1214 | #ifdef HAVE_SETPCRED |
| 1204 | setpcred(pw->pw_name); | 1215 | setpcred(pw->pw_name); |
| 1205 | #endif /* HAVE_SETPCRED */ | 1216 | #endif /* HAVE_SETPCRED */ |
| @@ -1249,6 +1260,10 @@ do_setusercontext(struct passwd *pw) | |||
| 1249 | permanently_set_uid(pw); | 1260 | permanently_set_uid(pw); |
| 1250 | #endif | 1261 | #endif |
| 1251 | } | 1262 | } |
| 1263 | |||
| 1264 | #ifdef HAVE_CYGWIN | ||
| 1265 | if (is_winnt) | ||
| 1266 | #endif | ||
| 1252 | if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) | 1267 | if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) |
| 1253 | fatal("Failed to set uids to %u.", (u_int) pw->pw_uid); | 1268 | fatal("Failed to set uids to %u.", (u_int) pw->pw_uid); |
| 1254 | } | 1269 | } |
| @@ -1306,7 +1321,7 @@ do_child(Session *s, const char *command) | |||
| 1306 | */ | 1321 | */ |
| 1307 | if (!options.use_login) { | 1322 | if (!options.use_login) { |
| 1308 | #ifdef HAVE_OSF_SIA | 1323 | #ifdef HAVE_OSF_SIA |
| 1309 | session_setup_sia(pw->pw_name, s->ttyfd == -1 ? NULL : s->tty); | 1324 | session_setup_sia(pw, s->ttyfd == -1 ? NULL : s->tty); |
| 1310 | if (!check_quietlogin(s, command)) | 1325 | if (!check_quietlogin(s, command)) |
| 1311 | do_motd(); | 1326 | do_motd(); |
| 1312 | #else /* HAVE_OSF_SIA */ | 1327 | #else /* HAVE_OSF_SIA */ |
| @@ -1320,12 +1335,17 @@ do_child(Session *s, const char *command) | |||
| 1320 | * legal, and means /bin/sh. | 1335 | * legal, and means /bin/sh. |
| 1321 | */ | 1336 | */ |
| 1322 | shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; | 1337 | shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; |
| 1338 | |||
| 1339 | /* | ||
| 1340 | * Make sure $SHELL points to the shell from the password file, | ||
| 1341 | * even if shell is overridden from login.conf | ||
| 1342 | */ | ||
| 1343 | env = do_setup_env(s, shell); | ||
| 1344 | |||
| 1323 | #ifdef HAVE_LOGIN_CAP | 1345 | #ifdef HAVE_LOGIN_CAP |
| 1324 | shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell); | 1346 | shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell); |
| 1325 | #endif | 1347 | #endif |
| 1326 | 1348 | ||
| 1327 | env = do_setup_env(s, shell); | ||
| 1328 | |||
| 1329 | /* we have to stash the hostname before we close our socket. */ | 1349 | /* we have to stash the hostname before we close our socket. */ |
| 1330 | if (options.use_login) | 1350 | if (options.use_login) |
| 1331 | hostname = get_remote_name_or_ip(utmp_len, | 1351 | hostname = get_remote_name_or_ip(utmp_len, |
| @@ -1989,13 +2009,22 @@ session_tty_list(void) | |||
| 1989 | { | 2009 | { |
| 1990 | static char buf[1024]; | 2010 | static char buf[1024]; |
| 1991 | int i; | 2011 | int i; |
| 2012 | char *cp; | ||
| 2013 | |||
| 1992 | buf[0] = '\0'; | 2014 | buf[0] = '\0'; |
| 1993 | for (i = 0; i < MAX_SESSIONS; i++) { | 2015 | for (i = 0; i < MAX_SESSIONS; i++) { |
| 1994 | Session *s = &sessions[i]; | 2016 | Session *s = &sessions[i]; |
| 1995 | if (s->used && s->ttyfd != -1) { | 2017 | if (s->used && s->ttyfd != -1) { |
| 2018 | |||
| 2019 | if (strncmp(s->tty, "/dev/", 5) != 0) { | ||
| 2020 | cp = strrchr(s->tty, '/'); | ||
| 2021 | cp = (cp == NULL) ? s->tty : cp + 1; | ||
| 2022 | } else | ||
| 2023 | cp = s->tty + 5; | ||
| 2024 | |||
| 1996 | if (buf[0] != '\0') | 2025 | if (buf[0] != '\0') |
| 1997 | strlcat(buf, ",", sizeof buf); | 2026 | strlcat(buf, ",", sizeof buf); |
| 1998 | strlcat(buf, strrchr(s->tty, '/') + 1, sizeof buf); | 2027 | strlcat(buf, cp, sizeof buf); |
| 1999 | } | 2028 | } |
| 2000 | } | 2029 | } |
| 2001 | if (buf[0] == '\0') | 2030 | if (buf[0] == '\0') |