summaryrefslogtreecommitdiff
path: root/session.c
diff options
context:
space:
mode:
Diffstat (limited to 'session.c')
-rw-r--r--session.c393
1 files changed, 74 insertions, 319 deletions
diff --git a/session.c b/session.c
index 6dfcf842f..ea3871eb8 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: session.c,v 1.282 2016/03/10 11:47:57 djm Exp $ */ 1/* $OpenBSD: session.c,v 1.286 2016/11/30 03:00:05 djm Exp $ */
2/* 2/*
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved 4 * All rights reserved
@@ -66,7 +66,6 @@
66#include "openbsd-compat/sys-queue.h" 66#include "openbsd-compat/sys-queue.h"
67#include "xmalloc.h" 67#include "xmalloc.h"
68#include "ssh.h" 68#include "ssh.h"
69#include "ssh1.h"
70#include "ssh2.h" 69#include "ssh2.h"
71#include "sshpty.h" 70#include "sshpty.h"
72#include "packet.h" 71#include "packet.h"
@@ -128,7 +127,6 @@ void do_child(Session *, const char *);
128void do_motd(void); 127void do_motd(void);
129int check_quietlogin(Session *, const char *); 128int check_quietlogin(Session *, const char *);
130 129
131static void do_authenticated1(Authctxt *);
132static void do_authenticated2(Authctxt *); 130static void do_authenticated2(Authctxt *);
133 131
134static int session_pty_req(Session *); 132static int session_pty_req(Session *);
@@ -259,7 +257,7 @@ do_authenticated(Authctxt *authctxt)
259 257
260 /* setup the channel layer */ 258 /* setup the channel layer */
261 /* XXX - streamlocal? */ 259 /* XXX - streamlocal? */
262 if (no_port_forwarding_flag || 260 if (no_port_forwarding_flag || options.disable_forwarding ||
263 (options.allow_tcp_forwarding & FORWARD_LOCAL) == 0) 261 (options.allow_tcp_forwarding & FORWARD_LOCAL) == 0)
264 channel_disable_adm_local_opens(); 262 channel_disable_adm_local_opens();
265 else 263 else
@@ -267,11 +265,7 @@ do_authenticated(Authctxt *authctxt)
267 265
268 auth_debug_send(); 266 auth_debug_send();
269 267
270 if (compat20) 268 do_authenticated2(authctxt);
271 do_authenticated2(authctxt);
272 else
273 do_authenticated1(authctxt);
274
275 do_cleanup(authctxt); 269 do_cleanup(authctxt);
276} 270}
277 271
@@ -290,164 +284,6 @@ xauth_valid_string(const char *s)
290 return 1; 284 return 1;
291} 285}
292 286
293/*
294 * Prepares for an interactive session. This is called after the user has
295 * been successfully authenticated. During this message exchange, pseudo
296 * terminals are allocated, X11, TCP/IP, and authentication agent forwardings
297 * are requested, etc.
298 */
299static void
300do_authenticated1(Authctxt *authctxt)
301{
302 Session *s;
303 char *command;
304 int success, type, screen_flag;
305 int enable_compression_after_reply = 0;
306 u_int proto_len, data_len, dlen, compression_level = 0;
307
308 s = session_new();
309 if (s == NULL) {
310 error("no more sessions");
311 return;
312 }
313 s->authctxt = authctxt;
314 s->pw = authctxt->pw;
315
316 /*
317 * We stay in this loop until the client requests to execute a shell
318 * or a command.
319 */
320 for (;;) {
321 success = 0;
322
323 /* Get a packet from the client. */
324 type = packet_read();
325
326 /* Process the packet. */
327 switch (type) {
328 case SSH_CMSG_REQUEST_COMPRESSION:
329 compression_level = packet_get_int();
330 packet_check_eom();
331 if (compression_level < 1 || compression_level > 9) {
332 packet_send_debug("Received invalid compression level %d.",
333 compression_level);
334 break;
335 }
336 if (options.compression == COMP_NONE) {
337 debug2("compression disabled");
338 break;
339 }
340 /* Enable compression after we have responded with SUCCESS. */
341 enable_compression_after_reply = 1;
342 success = 1;
343 break;
344
345 case SSH_CMSG_REQUEST_PTY:
346 success = session_pty_req(s);
347 break;
348
349 case SSH_CMSG_X11_REQUEST_FORWARDING:
350 s->auth_proto = packet_get_string(&proto_len);
351 s->auth_data = packet_get_string(&data_len);
352
353 screen_flag = packet_get_protocol_flags() &
354 SSH_PROTOFLAG_SCREEN_NUMBER;
355 debug2("SSH_PROTOFLAG_SCREEN_NUMBER: %d", screen_flag);
356
357 if (packet_remaining() == 4) {
358 if (!screen_flag)
359 debug2("Buggy client: "
360 "X11 screen flag missing");
361 s->screen = packet_get_int();
362 } else {
363 s->screen = 0;
364 }
365 packet_check_eom();
366 if (xauth_valid_string(s->auth_proto) &&
367 xauth_valid_string(s->auth_data))
368 success = session_setup_x11fwd(s);
369 else {
370 success = 0;
371 error("Invalid X11 forwarding data");
372 }
373 if (!success) {
374 free(s->auth_proto);
375 free(s->auth_data);
376 s->auth_proto = NULL;
377 s->auth_data = NULL;
378 }
379 break;
380
381 case SSH_CMSG_AGENT_REQUEST_FORWARDING:
382 if (!options.allow_agent_forwarding ||
383 no_agent_forwarding_flag || compat13) {
384 debug("Authentication agent forwarding not permitted for this authentication.");
385 break;
386 }
387 debug("Received authentication agent forwarding request.");
388 success = auth_input_request_forwarding(s->pw);
389 break;
390
391 case SSH_CMSG_PORT_FORWARD_REQUEST:
392 if (no_port_forwarding_flag) {
393 debug("Port forwarding not permitted for this authentication.");
394 break;
395 }
396 if (!(options.allow_tcp_forwarding & FORWARD_REMOTE)) {
397 debug("Port forwarding not permitted.");
398 break;
399 }
400 debug("Received TCP/IP port forwarding request.");
401 if (channel_input_port_forward_request(s->pw->pw_uid == 0,
402 &options.fwd_opts) < 0) {
403 debug("Port forwarding failed.");
404 break;
405 }
406 success = 1;
407 break;
408
409 case SSH_CMSG_MAX_PACKET_SIZE:
410 if (packet_set_maxsize(packet_get_int()) > 0)
411 success = 1;
412 break;
413
414 case SSH_CMSG_EXEC_SHELL:
415 case SSH_CMSG_EXEC_CMD:
416 if (type == SSH_CMSG_EXEC_CMD) {
417 command = packet_get_string(&dlen);
418 debug("Exec command '%.500s'", command);
419 if (do_exec(s, command) != 0)
420 packet_disconnect(
421 "command execution failed");
422 free(command);
423 } else {
424 if (do_exec(s, NULL) != 0)
425 packet_disconnect(
426 "shell execution failed");
427 }
428 packet_check_eom();
429 session_close(s);
430 return;
431
432 default:
433 /*
434 * Any unknown messages in this phase are ignored,
435 * and a failure message is returned.
436 */
437 logit("Unknown packet type received after authentication: %d", type);
438 }
439 packet_start(success ? SSH_SMSG_SUCCESS : SSH_SMSG_FAILURE);
440 packet_send();
441 packet_write_wait();
442
443 /* Enable compression now that we have replied if appropriate. */
444 if (enable_compression_after_reply) {
445 enable_compression_after_reply = 0;
446 packet_start_compression(compression_level);
447 }
448 }
449}
450
451#define USE_PIPES 1 287#define USE_PIPES 1
452/* 288/*
453 * This is called to fork and execute a command when we have no tty. This 289 * This is called to fork and execute a command when we have no tty. This
@@ -615,14 +451,8 @@ do_exec_no_pty(Session *s, const char *command)
615 close(pout[1]); 451 close(pout[1]);
616 close(perr[1]); 452 close(perr[1]);
617 453
618 if (compat20) { 454 session_set_fds(s, pin[1], pout[0], perr[0],
619 session_set_fds(s, pin[1], pout[0], perr[0], 455 s->is_subsystem, 0);
620 s->is_subsystem, 0);
621 } else {
622 /* Enter the interactive session. */
623 server_loop(pid, pin[1], pout[0], perr[0]);
624 /* server_loop has closed pin[1], pout[0], and perr[0]. */
625 }
626#else 456#else
627 /* We are the parent. Close the child sides of the socket pairs. */ 457 /* We are the parent. Close the child sides of the socket pairs. */
628 close(inout[0]); 458 close(inout[0]);
@@ -632,13 +462,8 @@ do_exec_no_pty(Session *s, const char *command)
632 * Enter the interactive session. Note: server_loop must be able to 462 * Enter the interactive session. Note: server_loop must be able to
633 * handle the case that fdin and fdout are the same. 463 * handle the case that fdin and fdout are the same.
634 */ 464 */
635 if (compat20) { 465 session_set_fds(s, inout[1], inout[1], err[1],
636 session_set_fds(s, inout[1], inout[1], err[1], 466 s->is_subsystem, 0);
637 s->is_subsystem, 0);
638 } else {
639 server_loop(pid, inout[1], inout[1], err[1]);
640 /* server_loop has closed inout[1] and err[1]. */
641 }
642#endif 467#endif
643 return 0; 468 return 0;
644} 469}
@@ -718,17 +543,11 @@ do_exec_pty(Session *s, const char *command)
718 close(ttyfd); 543 close(ttyfd);
719 544
720 /* record login, etc. similar to login(1) */ 545 /* record login, etc. similar to login(1) */
721#ifndef HAVE_OSF_SIA
722 if (!(options.use_login && command == NULL)) {
723#ifdef _UNICOS 546#ifdef _UNICOS
724 cray_init_job(s->pw); /* set up cray jid and tmpdir */ 547 cray_init_job(s->pw); /* set up cray jid and tmpdir */
725#endif /* _UNICOS */ 548#endif /* _UNICOS */
726 do_login(s, command); 549#ifndef HAVE_OSF_SIA
727 } 550 do_login(s, command);
728# ifdef LOGIN_NEEDS_UTMPX
729 else
730 do_pre_login(s);
731# endif
732#endif 551#endif
733 /* 552 /*
734 * Do common processing for the child, such as execing 553 * Do common processing for the child, such as execing
@@ -756,12 +575,7 @@ do_exec_pty(Session *s, const char *command)
756 s->ptymaster = ptymaster; 575 s->ptymaster = ptymaster;
757 packet_set_interactive(1, 576 packet_set_interactive(1,
758 options.ip_qos_interactive, options.ip_qos_bulk); 577 options.ip_qos_interactive, options.ip_qos_bulk);
759 if (compat20) { 578 session_set_fds(s, ptyfd, fdout, -1, 1, 1);
760 session_set_fds(s, ptyfd, fdout, -1, 1, 1);
761 } else {
762 server_loop(pid, ptyfd, fdout, -1);
763 /* server_loop _has_ closed ptyfd and fdout. */
764 }
765 return 0; 579 return 0;
766} 580}
767 581
@@ -1199,69 +1013,63 @@ do_setup_env(Session *s, const char *shell)
1199 ssh_gssapi_do_child(&env, &envsize); 1013 ssh_gssapi_do_child(&env, &envsize);
1200#endif 1014#endif
1201 1015
1202 if (!options.use_login) { 1016 /* Set basic environment. */
1203 /* Set basic environment. */ 1017 for (i = 0; i < s->num_env; i++)
1204 for (i = 0; i < s->num_env; i++) 1018 child_set_env(&env, &envsize, s->env[i].name, s->env[i].val);
1205 child_set_env(&env, &envsize, s->env[i].name,
1206 s->env[i].val);
1207 1019
1208 child_set_env(&env, &envsize, "USER", pw->pw_name); 1020 child_set_env(&env, &envsize, "USER", pw->pw_name);
1209 child_set_env(&env, &envsize, "LOGNAME", pw->pw_name); 1021 child_set_env(&env, &envsize, "LOGNAME", pw->pw_name);
1210#ifdef _AIX 1022#ifdef _AIX
1211 child_set_env(&env, &envsize, "LOGIN", pw->pw_name); 1023 child_set_env(&env, &envsize, "LOGIN", pw->pw_name);
1212#endif 1024#endif
1213 child_set_env(&env, &envsize, "HOME", pw->pw_dir); 1025 child_set_env(&env, &envsize, "HOME", pw->pw_dir);
1214#ifdef HAVE_LOGIN_CAP 1026#ifdef HAVE_LOGIN_CAP
1215 if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH) < 0) 1027 if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH) < 0)
1216 child_set_env(&env, &envsize, "PATH", _PATH_STDPATH); 1028 child_set_env(&env, &envsize, "PATH", _PATH_STDPATH);
1217 else 1029 else
1218 child_set_env(&env, &envsize, "PATH", getenv("PATH")); 1030 child_set_env(&env, &envsize, "PATH", getenv("PATH"));
1219#else /* HAVE_LOGIN_CAP */ 1031#else /* HAVE_LOGIN_CAP */
1220# ifndef HAVE_CYGWIN 1032# ifndef HAVE_CYGWIN
1221 /* 1033 /*
1222 * There's no standard path on Windows. The path contains 1034 * There's no standard path on Windows. The path contains
1223 * important components pointing to the system directories, 1035 * important components pointing to the system directories,
1224 * needed for loading shared libraries. So the path better 1036 * needed for loading shared libraries. So the path better
1225 * remains intact here. 1037 * remains intact here.
1226 */ 1038 */
1227# ifdef HAVE_ETC_DEFAULT_LOGIN 1039# ifdef HAVE_ETC_DEFAULT_LOGIN
1228 read_etc_default_login(&env, &envsize, pw->pw_uid); 1040 read_etc_default_login(&env, &envsize, pw->pw_uid);
1229 path = child_get_env(env, "PATH"); 1041 path = child_get_env(env, "PATH");
1230# endif /* HAVE_ETC_DEFAULT_LOGIN */ 1042# endif /* HAVE_ETC_DEFAULT_LOGIN */
1231 if (path == NULL || *path == '\0') { 1043 if (path == NULL || *path == '\0') {
1232 child_set_env(&env, &envsize, "PATH", 1044 child_set_env(&env, &envsize, "PATH",
1233 s->pw->pw_uid == 0 ? 1045 s->pw->pw_uid == 0 ? SUPERUSER_PATH : _PATH_STDPATH);
1234 SUPERUSER_PATH : _PATH_STDPATH); 1046 }
1235 }
1236# endif /* HAVE_CYGWIN */ 1047# endif /* HAVE_CYGWIN */
1237#endif /* HAVE_LOGIN_CAP */ 1048#endif /* HAVE_LOGIN_CAP */
1238 1049
1239 snprintf(buf, sizeof buf, "%.200s/%.50s", 1050 snprintf(buf, sizeof buf, "%.200s/%.50s", _PATH_MAILDIR, pw->pw_name);
1240 _PATH_MAILDIR, pw->pw_name); 1051 child_set_env(&env, &envsize, "MAIL", buf);
1241 child_set_env(&env, &envsize, "MAIL", buf); 1052
1053 /* Normal systems set SHELL by default. */
1054 child_set_env(&env, &envsize, "SHELL", shell);
1242 1055
1243 /* Normal systems set SHELL by default. */
1244 child_set_env(&env, &envsize, "SHELL", shell);
1245 }
1246 if (getenv("TZ")) 1056 if (getenv("TZ"))
1247 child_set_env(&env, &envsize, "TZ", getenv("TZ")); 1057 child_set_env(&env, &envsize, "TZ", getenv("TZ"));
1248 1058
1249 /* Set custom environment options from RSA authentication. */ 1059 /* Set custom environment options from RSA authentication. */
1250 if (!options.use_login) { 1060 while (custom_environment) {
1251 while (custom_environment) { 1061 struct envstring *ce = custom_environment;
1252 struct envstring *ce = custom_environment; 1062 char *str = ce->s;
1253 char *str = ce->s; 1063
1254 1064 for (i = 0; str[i] != '=' && str[i]; i++)
1255 for (i = 0; str[i] != '=' && str[i]; i++) 1065 ;
1256 ; 1066 if (str[i] == '=') {
1257 if (str[i] == '=') { 1067 str[i] = 0;
1258 str[i] = 0; 1068 child_set_env(&env, &envsize, str, str + i + 1);
1259 child_set_env(&env, &envsize, str, str + i + 1);
1260 }
1261 custom_environment = ce->next;
1262 free(ce->s);
1263 free(ce);
1264 } 1069 }
1070 custom_environment = ce->next;
1071 free(ce->s);
1072 free(ce);
1265 } 1073 }
1266 1074
1267 /* SSH_CLIENT deprecated */ 1075 /* SSH_CLIENT deprecated */
@@ -1323,7 +1131,7 @@ do_setup_env(Session *s, const char *shell)
1323 * Pull in any environment variables that may have 1131 * Pull in any environment variables that may have
1324 * been set by PAM. 1132 * been set by PAM.
1325 */ 1133 */
1326 if (options.use_pam && !options.use_login) { 1134 if (options.use_pam) {
1327 char **p; 1135 char **p;
1328 1136
1329 p = fetch_pam_child_environment(); 1137 p = fetch_pam_child_environment();
@@ -1341,7 +1149,7 @@ do_setup_env(Session *s, const char *shell)
1341 auth_sock_name); 1149 auth_sock_name);
1342 1150
1343 /* read $HOME/.ssh/environment. */ 1151 /* read $HOME/.ssh/environment. */
1344 if (options.permit_user_env && !options.use_login) { 1152 if (options.permit_user_env) {
1345 snprintf(buf, sizeof buf, "%.200s/.ssh/environment", 1153 snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
1346 strcmp(pw->pw_dir, "/") ? pw->pw_dir : ""); 1154 strcmp(pw->pw_dir, "/") ? pw->pw_dir : "");
1347 read_environment_file(&env, &envsize, buf); 1155 read_environment_file(&env, &envsize, buf);
@@ -1623,27 +1431,6 @@ do_pwchange(Session *s)
1623} 1431}
1624 1432
1625static void 1433static void
1626launch_login(struct passwd *pw, const char *hostname)
1627{
1628 /* Launch login(1). */
1629
1630 execl(LOGIN_PROGRAM, "login", "-h", hostname,
1631#ifdef xxxLOGIN_NEEDS_TERM
1632 (s->term ? s->term : "unknown"),
1633#endif /* LOGIN_NEEDS_TERM */
1634#ifdef LOGIN_NO_ENDOPT
1635 "-p", "-f", pw->pw_name, (char *)NULL);
1636#else
1637 "-p", "-f", "--", pw->pw_name, (char *)NULL);
1638#endif
1639
1640 /* Login couldn't be executed, die. */
1641
1642 perror("login");
1643 exit(1);
1644}
1645
1646static void
1647child_close_fds(void) 1434child_close_fds(void)
1648{ 1435{
1649 extern int auth_sock; 1436 extern int auth_sock;
@@ -1690,11 +1477,10 @@ child_close_fds(void)
1690void 1477void
1691do_child(Session *s, const char *command) 1478do_child(Session *s, const char *command)
1692{ 1479{
1693 struct ssh *ssh = active_state; /* XXX */
1694 extern char **environ; 1480 extern char **environ;
1695 char **env; 1481 char **env;
1696 char *argv[ARGV_MAX]; 1482 char *argv[ARGV_MAX];
1697 const char *shell, *shell0, *hostname = NULL; 1483 const char *shell, *shell0;
1698 struct passwd *pw = s->pw; 1484 struct passwd *pw = s->pw;
1699 int r = 0; 1485 int r = 0;
1700 1486
@@ -1709,10 +1495,6 @@ do_child(Session *s, const char *command)
1709 exit(1); 1495 exit(1);
1710 } 1496 }
1711 1497
1712 /* login(1) is only called if we execute the login shell */
1713 if (options.use_login && command != NULL)
1714 options.use_login = 0;
1715
1716#ifdef _UNICOS 1498#ifdef _UNICOS
1717 cray_setup(pw->pw_uid, pw->pw_name, command); 1499 cray_setup(pw->pw_uid, pw->pw_name, command);
1718#endif /* _UNICOS */ 1500#endif /* _UNICOS */
@@ -1721,28 +1503,26 @@ do_child(Session *s, const char *command)
1721 * Login(1) does this as well, and it needs uid 0 for the "-h" 1503 * Login(1) does this as well, and it needs uid 0 for the "-h"
1722 * switch, so we let login(1) to this for us. 1504 * switch, so we let login(1) to this for us.
1723 */ 1505 */
1724 if (!options.use_login) {
1725#ifdef HAVE_OSF_SIA 1506#ifdef HAVE_OSF_SIA
1726 session_setup_sia(pw, s->ttyfd == -1 ? NULL : s->tty); 1507 session_setup_sia(pw, s->ttyfd == -1 ? NULL : s->tty);
1727 if (!check_quietlogin(s, command)) 1508 if (!check_quietlogin(s, command))
1728 do_motd(); 1509 do_motd();
1729#else /* HAVE_OSF_SIA */ 1510#else /* HAVE_OSF_SIA */
1730 /* When PAM is enabled we rely on it to do the nologin check */ 1511 /* When PAM is enabled we rely on it to do the nologin check */
1731 if (!options.use_pam) 1512 if (!options.use_pam)
1732 do_nologin(pw); 1513 do_nologin(pw);
1733 do_setusercontext(pw, s->authctxt->role); 1514 do_setusercontext(pw, s->authctxt->role);
1734 /* 1515 /*
1735 * PAM session modules in do_setusercontext may have 1516 * PAM session modules in do_setusercontext may have
1736 * generated messages, so if this in an interactive 1517 * generated messages, so if this in an interactive
1737 * login then display them too. 1518 * login then display them too.
1738 */ 1519 */
1739 if (!check_quietlogin(s, command)) 1520 if (!check_quietlogin(s, command))
1740 display_loginmsg(); 1521 display_loginmsg();
1741#endif /* HAVE_OSF_SIA */ 1522#endif /* HAVE_OSF_SIA */
1742 }
1743 1523
1744#ifdef USE_PAM 1524#ifdef USE_PAM
1745 if (options.use_pam && !options.use_login && !is_pam_session_open()) { 1525 if (options.use_pam && !is_pam_session_open()) {
1746 debug3("PAM session not opened, exiting"); 1526 debug3("PAM session not opened, exiting");
1747 display_loginmsg(); 1527 display_loginmsg();
1748 exit(254); 1528 exit(254);
@@ -1765,10 +1545,6 @@ do_child(Session *s, const char *command)
1765 shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell); 1545 shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell);
1766#endif 1546#endif
1767 1547
1768 /* we have to stash the hostname before we close our socket. */
1769 if (options.use_login)
1770 hostname = session_get_remote_name_or_ip(ssh, utmp_len,
1771 options.use_dns);
1772 /* 1548 /*
1773 * Close the connection descriptors; note that this is the child, and 1549 * Close the connection descriptors; note that this is the child, and
1774 * the server will still have the socket open, and it is important 1550 * the server will still have the socket open, and it is important
@@ -1827,8 +1603,7 @@ do_child(Session *s, const char *command)
1827 1603
1828 closefrom(STDERR_FILENO + 1); 1604 closefrom(STDERR_FILENO + 1);
1829 1605
1830 if (!options.use_login) 1606 do_rc_files(s, shell);
1831 do_rc_files(s, shell);
1832 1607
1833 /* restore SIGPIPE for child */ 1608 /* restore SIGPIPE for child */
1834 signal(SIGPIPE, SIG_DFL); 1609 signal(SIGPIPE, SIG_DFL);
@@ -1858,11 +1633,6 @@ do_child(Session *s, const char *command)
1858 1633
1859 fflush(NULL); 1634 fflush(NULL);
1860 1635
1861 if (options.use_login) {
1862 launch_login(pw, hostname);
1863 /* NEVERREACHED */
1864 }
1865
1866 /* Get the last component of the shell name. */ 1636 /* Get the last component of the shell name. */
1867 if ((shell0 = strrchr(shell, '/')) != NULL) 1637 if ((shell0 = strrchr(shell, '/')) != NULL)
1868 shell0++; 1638 shell0++;
@@ -2106,14 +1876,8 @@ session_pty_req(Session *s)
2106 } 1876 }
2107 1877
2108 s->term = packet_get_string(&len); 1878 s->term = packet_get_string(&len);
2109 1879 s->col = packet_get_int();
2110 if (compat20) { 1880 s->row = packet_get_int();
2111 s->col = packet_get_int();
2112 s->row = packet_get_int();
2113 } else {
2114 s->row = packet_get_int();
2115 s->col = packet_get_int();
2116 }
2117 s->xpixel = packet_get_int(); 1881 s->xpixel = packet_get_int();
2118 s->ypixel = packet_get_int(); 1882 s->ypixel = packet_get_int();
2119 1883
@@ -2135,9 +1899,7 @@ session_pty_req(Session *s)
2135 } 1899 }
2136 debug("session_pty_req: session %d alloc %s", s->self, s->tty); 1900 debug("session_pty_req: session %d alloc %s", s->self, s->tty);
2137 1901
2138 /* for SSH1 the tty modes length is not given */ 1902 n_bytes = packet_remaining();
2139 if (!compat20)
2140 n_bytes = packet_remaining();
2141 tty_parse_modes(s->ttyfd, &n_bytes); 1903 tty_parse_modes(s->ttyfd, &n_bytes);
2142 1904
2143 if (!use_privsep) 1905 if (!use_privsep)
@@ -2353,8 +2115,6 @@ void
2353session_set_fds(Session *s, int fdin, int fdout, int fderr, int ignore_fderr, 2115session_set_fds(Session *s, int fdin, int fdout, int fderr, int ignore_fderr,
2354 int is_tty) 2116 int is_tty)
2355{ 2117{
2356 if (!compat20)
2357 fatal("session_set_fds: called for proto != 2.0");
2358 /* 2118 /*
2359 * now that have a child and a pipe to the child, 2119 * now that have a child and a pipe to the child,
2360 * we can activate our channel and register the fd's 2120 * we can activate our channel and register the fd's
@@ -2692,11 +2452,6 @@ session_setup_x11fwd(Session *s)
2692 packet_send_debug("No xauth program; cannot forward with spoofing."); 2452 packet_send_debug("No xauth program; cannot forward with spoofing.");
2693 return 0; 2453 return 0;
2694 } 2454 }
2695 if (options.use_login) {
2696 packet_send_debug("X11 forwarding disabled; "
2697 "not compatible with UseLogin=yes.");
2698 return 0;
2699 }
2700 if (s->display != NULL) { 2455 if (s->display != NULL) {
2701 debug("X11 display already set."); 2456 debug("X11 display already set.");
2702 return 0; 2457 return 0;
@@ -2794,7 +2549,7 @@ do_cleanup(Authctxt *authctxt)
2794#endif 2549#endif
2795 2550
2796#ifdef GSSAPI 2551#ifdef GSSAPI
2797 if (compat20 && options.gss_cleanup_creds) 2552 if (options.gss_cleanup_creds)
2798 ssh_gssapi_cleanup_creds(); 2553 ssh_gssapi_cleanup_creds();
2799#endif 2554#endif
2800 2555
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-28 05:18:26 +0000