diff options
Diffstat (limited to 'session.c')
-rw-r--r-- | session.c | 46 |
1 files changed, 25 insertions, 21 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: session.c,v 1.252 2010/03/07 11:57:13 dtucker Exp $ */ | 1 | /* $OpenBSD: session.c,v 1.256 2010/06/25 07:20:04 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
4 | * All rights reserved | 4 | * All rights reserved |
@@ -47,6 +47,7 @@ | |||
47 | #include <arpa/inet.h> | 47 | #include <arpa/inet.h> |
48 | 48 | ||
49 | #include <errno.h> | 49 | #include <errno.h> |
50 | #include <fcntl.h> | ||
50 | #include <grp.h> | 51 | #include <grp.h> |
51 | #ifdef HAVE_PATHS_H | 52 | #ifdef HAVE_PATHS_H |
52 | #include <paths.h> | 53 | #include <paths.h> |
@@ -104,7 +105,7 @@ | |||
104 | /* func */ | 105 | /* func */ |
105 | 106 | ||
106 | Session *session_new(void); | 107 | Session *session_new(void); |
107 | void session_set_fds(Session *, int, int, int, int); | 108 | void session_set_fds(Session *, int, int, int, int, int); |
108 | void session_pty_cleanup(Session *); | 109 | void session_pty_cleanup(Session *); |
109 | void session_proctitle(Session *); | 110 | void session_proctitle(Session *); |
110 | int session_setup_x11fwd(Session *); | 111 | int session_setup_x11fwd(Session *); |
@@ -447,6 +448,9 @@ do_exec_no_pty(Session *s, const char *command) | |||
447 | #ifdef USE_PIPES | 448 | #ifdef USE_PIPES |
448 | int pin[2], pout[2], perr[2]; | 449 | int pin[2], pout[2], perr[2]; |
449 | 450 | ||
451 | if (s == NULL) | ||
452 | fatal("do_exec_no_pty: no session"); | ||
453 | |||
450 | /* Allocate pipes for communicating with the program. */ | 454 | /* Allocate pipes for communicating with the program. */ |
451 | if (pipe(pin) < 0) { | 455 | if (pipe(pin) < 0) { |
452 | error("%s: pipe in: %.100s", __func__, strerror(errno)); | 456 | error("%s: pipe in: %.100s", __func__, strerror(errno)); |
@@ -459,7 +463,8 @@ do_exec_no_pty(Session *s, const char *command) | |||
459 | return -1; | 463 | return -1; |
460 | } | 464 | } |
461 | if (pipe(perr) < 0) { | 465 | if (pipe(perr) < 0) { |
462 | error("%s: pipe err: %.100s", __func__, strerror(errno)); | 466 | error("%s: pipe err: %.100s", __func__, |
467 | strerror(errno)); | ||
463 | close(pin[0]); | 468 | close(pin[0]); |
464 | close(pin[1]); | 469 | close(pin[1]); |
465 | close(pout[0]); | 470 | close(pout[0]); |
@@ -469,22 +474,23 @@ do_exec_no_pty(Session *s, const char *command) | |||
469 | #else | 474 | #else |
470 | int inout[2], err[2]; | 475 | int inout[2], err[2]; |
471 | 476 | ||
477 | if (s == NULL) | ||
478 | fatal("do_exec_no_pty: no session"); | ||
479 | |||
472 | /* Uses socket pairs to communicate with the program. */ | 480 | /* Uses socket pairs to communicate with the program. */ |
473 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, inout) < 0) { | 481 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, inout) < 0) { |
474 | error("%s: socketpair #1: %.100s", __func__, strerror(errno)); | 482 | error("%s: socketpair #1: %.100s", __func__, strerror(errno)); |
475 | return -1; | 483 | return -1; |
476 | } | 484 | } |
477 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, err) < 0) { | 485 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, err) < 0) { |
478 | error("%s: socketpair #2: %.100s", __func__, strerror(errno)); | 486 | error("%s: socketpair #2: %.100s", __func__, |
487 | strerror(errno)); | ||
479 | close(inout[0]); | 488 | close(inout[0]); |
480 | close(inout[1]); | 489 | close(inout[1]); |
481 | return -1; | 490 | return -1; |
482 | } | 491 | } |
483 | #endif | 492 | #endif |
484 | 493 | ||
485 | if (s == NULL) | ||
486 | fatal("do_exec_no_pty: no session"); | ||
487 | |||
488 | session_proctitle(s); | 494 | session_proctitle(s); |
489 | 495 | ||
490 | /* Fork the child. */ | 496 | /* Fork the child. */ |
@@ -595,11 +601,8 @@ do_exec_no_pty(Session *s, const char *command) | |||
595 | close(perr[1]); | 601 | close(perr[1]); |
596 | 602 | ||
597 | if (compat20) { | 603 | if (compat20) { |
598 | if (s->is_subsystem) { | 604 | session_set_fds(s, pin[1], pout[0], perr[0], |
599 | close(perr[0]); | 605 | s->is_subsystem, 0); |
600 | perr[0] = -1; | ||
601 | } | ||
602 | session_set_fds(s, pin[1], pout[0], perr[0], 0); | ||
603 | } else { | 606 | } else { |
604 | /* Enter the interactive session. */ | 607 | /* Enter the interactive session. */ |
605 | server_loop(pid, pin[1], pout[0], perr[0]); | 608 | server_loop(pid, pin[1], pout[0], perr[0]); |
@@ -615,10 +618,8 @@ do_exec_no_pty(Session *s, const char *command) | |||
615 | * handle the case that fdin and fdout are the same. | 618 | * handle the case that fdin and fdout are the same. |
616 | */ | 619 | */ |
617 | if (compat20) { | 620 | if (compat20) { |
618 | session_set_fds(s, inout[1], inout[1], | 621 | session_set_fds(s, inout[1], inout[1], err[1], |
619 | s->is_subsystem ? -1 : err[1], 0); | 622 | s->is_subsystem, 0); |
620 | if (s->is_subsystem) | ||
621 | close(err[1]); | ||
622 | } else { | 623 | } else { |
623 | server_loop(pid, inout[1], inout[1], err[1]); | 624 | server_loop(pid, inout[1], inout[1], err[1]); |
624 | /* server_loop has closed inout[1] and err[1]. */ | 625 | /* server_loop has closed inout[1] and err[1]. */ |
@@ -740,7 +741,7 @@ do_exec_pty(Session *s, const char *command) | |||
740 | s->ptymaster = ptymaster; | 741 | s->ptymaster = ptymaster; |
741 | packet_set_interactive(1); | 742 | packet_set_interactive(1); |
742 | if (compat20) { | 743 | if (compat20) { |
743 | session_set_fds(s, ptyfd, fdout, -1, 1); | 744 | session_set_fds(s, ptyfd, fdout, -1, 1, 1); |
744 | } else { | 745 | } else { |
745 | server_loop(pid, ptyfd, fdout, -1); | 746 | server_loop(pid, ptyfd, fdout, -1); |
746 | /* server_loop _has_ closed ptyfd and fdout. */ | 747 | /* server_loop _has_ closed ptyfd and fdout. */ |
@@ -1792,7 +1793,8 @@ do_child(Session *s, const char *command) | |||
1792 | #ifdef HAVE_LOGIN_CAP | 1793 | #ifdef HAVE_LOGIN_CAP |
1793 | r = login_getcapbool(lc, "requirehome", 0); | 1794 | r = login_getcapbool(lc, "requirehome", 0); |
1794 | #endif | 1795 | #endif |
1795 | if (r || options.chroot_directory == NULL) | 1796 | if (r || options.chroot_directory == NULL || |
1797 | strcasecmp(options.chroot_directory, "none") == 0) | ||
1796 | fprintf(stderr, "Could not chdir to home " | 1798 | fprintf(stderr, "Could not chdir to home " |
1797 | "directory %s: %s\n", pw->pw_dir, | 1799 | "directory %s: %s\n", pw->pw_dir, |
1798 | strerror(errno)); | 1800 | strerror(errno)); |
@@ -2137,7 +2139,8 @@ session_subsystem_req(Session *s) | |||
2137 | u_int i; | 2139 | u_int i; |
2138 | 2140 | ||
2139 | packet_check_eom(); | 2141 | packet_check_eom(); |
2140 | logit("subsystem request for %.100s", subsys); | 2142 | logit("subsystem request for %.100s by user %s", subsys, |
2143 | s->pw->pw_name); | ||
2141 | 2144 | ||
2142 | for (i = 0; i < options.num_subsystems; i++) { | 2145 | for (i = 0; i < options.num_subsystems; i++) { |
2143 | if (strcmp(subsys, options.subsystem_name[i]) == 0) { | 2146 | if (strcmp(subsys, options.subsystem_name[i]) == 0) { |
@@ -2319,7 +2322,8 @@ session_input_channel_req(Channel *c, const char *rtype) | |||
2319 | } | 2322 | } |
2320 | 2323 | ||
2321 | void | 2324 | void |
2322 | session_set_fds(Session *s, int fdin, int fdout, int fderr, int is_tty) | 2325 | session_set_fds(Session *s, int fdin, int fdout, int fderr, int ignore_fderr, |
2326 | int is_tty) | ||
2323 | { | 2327 | { |
2324 | if (!compat20) | 2328 | if (!compat20) |
2325 | fatal("session_set_fds: called for proto != 2.0"); | 2329 | fatal("session_set_fds: called for proto != 2.0"); |
@@ -2331,7 +2335,7 @@ session_set_fds(Session *s, int fdin, int fdout, int fderr, int is_tty) | |||
2331 | fatal("no channel for session %d", s->self); | 2335 | fatal("no channel for session %d", s->self); |
2332 | channel_set_fds(s->chanid, | 2336 | channel_set_fds(s->chanid, |
2333 | fdout, fdin, fderr, | 2337 | fdout, fdin, fderr, |
2334 | fderr == -1 ? CHAN_EXTENDED_IGNORE : CHAN_EXTENDED_READ, | 2338 | ignore_fderr ? CHAN_EXTENDED_IGNORE : CHAN_EXTENDED_READ, |
2335 | 1, is_tty, CHAN_SES_WINDOW_DEFAULT); | 2339 | 1, is_tty, CHAN_SES_WINDOW_DEFAULT); |
2336 | } | 2340 | } |
2337 | 2341 | ||