1 | /* |
---|
2 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
---|
3 | * All rights reserved |
---|
4 | * |
---|
5 | * As far as I am concerned, the code I have written for this software |
---|
6 | * can be used freely for any purpose. Any derived versions of this |
---|
7 | * software must be clearly marked as such, and if the derived work is |
---|
8 | * incompatible with the protocol description in the RFC file, it must be |
---|
9 | * called by a name other than "ssh" or "Secure Shell". |
---|
10 | * |
---|
11 | * SSH2 support by Markus Friedl. |
---|
12 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
---|
13 | * |
---|
14 | * Redistribution and use in source and binary forms, with or without |
---|
15 | * modification, are permitted provided that the following conditions |
---|
16 | * are met: |
---|
17 | * 1. Redistributions of source code must retain the above copyright |
---|
18 | * notice, this list of conditions and the following disclaimer. |
---|
19 | * 2. Redistributions in binary form must reproduce the above copyright |
---|
20 | * notice, this list of conditions and the following disclaimer in the |
---|
21 | * documentation and/or other materials provided with the distribution. |
---|
22 | * |
---|
23 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
---|
24 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
---|
25 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
---|
26 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
---|
27 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
---|
28 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
---|
29 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
---|
30 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
---|
31 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
---|
32 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
---|
33 | */ |
---|
34 | |
---|
35 | #include "includes.h" |
---|
36 | RCSID("$OpenBSD: session.c,v 1.150 2002/09/16 19:55:33 stevesk Exp $"); |
---|
37 | |
---|
38 | #include "ssh.h" |
---|
39 | #include "ssh1.h" |
---|
40 | #include "ssh2.h" |
---|
41 | #include "xmalloc.h" |
---|
42 | #include "sshpty.h" |
---|
43 | #include "packet.h" |
---|
44 | #include "buffer.h" |
---|
45 | #include "mpaux.h" |
---|
46 | #include "uidswap.h" |
---|
47 | #include "compat.h" |
---|
48 | #include "channels.h" |
---|
49 | #include "bufaux.h" |
---|
50 | #include "auth.h" |
---|
51 | #include "auth-options.h" |
---|
52 | #include "pathnames.h" |
---|
53 | #include "log.h" |
---|
54 | #include "servconf.h" |
---|
55 | #include "sshlogin.h" |
---|
56 | #include "serverloop.h" |
---|
57 | #include "canohost.h" |
---|
58 | #include "session.h" |
---|
59 | #include "monitor_wrap.h" |
---|
60 | |
---|
61 | #ifdef GSSAPI |
---|
62 | #include "ssh-gss.h" |
---|
63 | #endif |
---|
64 | |
---|
65 | #ifdef HAVE_CYGWIN |
---|
66 | #include <windows.h> |
---|
67 | #include <sys/cygwin.h> |
---|
68 | #define is_winnt (GetVersion() < 0x80000000) |
---|
69 | #endif |
---|
70 | |
---|
71 | #include <al.h> |
---|
72 | extern int setpag(), ktc_ForgetAllTokens(); |
---|
73 | void try_afscall(int (*func)(void)); |
---|
74 | void krb_cleanup(void); |
---|
75 | static void pwfree(struct passwd *); |
---|
76 | int *session_warnings = NULL; |
---|
77 | extern int is_local_acct; |
---|
78 | |
---|
79 | #ifdef KRB5 |
---|
80 | #include <krb5.h> |
---|
81 | #ifndef HEIMDAL |
---|
82 | #define krb5_get_err_text(context,code) error_message(code) |
---|
83 | #endif /* !HEIMDAL */ |
---|
84 | #endif |
---|
85 | |
---|
86 | /* func */ |
---|
87 | |
---|
88 | Session *session_new(void); |
---|
89 | void session_set_fds(Session *, int, int, int); |
---|
90 | void session_pty_cleanup(void *); |
---|
91 | void session_proctitle(Session *); |
---|
92 | int session_setup_x11fwd(Session *); |
---|
93 | void do_exec_pty(Session *, const char *); |
---|
94 | void do_exec_no_pty(Session *, const char *); |
---|
95 | void do_exec(Session *, const char *); |
---|
96 | void do_login(Session *, const char *); |
---|
97 | #ifdef LOGIN_NEEDS_UTMPX |
---|
98 | static void do_pre_login(Session *s); |
---|
99 | #endif |
---|
100 | void do_child(Session *, const char *); |
---|
101 | void do_motd(void); |
---|
102 | int check_quietlogin(Session *, const char *); |
---|
103 | |
---|
104 | static void do_authenticated1(Authctxt *); |
---|
105 | static void do_authenticated2(Authctxt *); |
---|
106 | |
---|
107 | static int session_pty_req(Session *); |
---|
108 | |
---|
109 | /* import */ |
---|
110 | extern ServerOptions options; |
---|
111 | extern char *__progname; |
---|
112 | extern int log_stderr; |
---|
113 | extern int debug_flag; |
---|
114 | extern u_int utmp_len; |
---|
115 | extern int startup_pipe; |
---|
116 | extern void destroy_sensitive_data(void); |
---|
117 | |
---|
118 | /* original command from peer. */ |
---|
119 | const char *original_command = NULL; |
---|
120 | |
---|
121 | /* data */ |
---|
122 | #define MAX_SESSIONS 10 |
---|
123 | Session sessions[MAX_SESSIONS]; |
---|
124 | |
---|
125 | #ifdef WITH_AIXAUTHENTICATE |
---|
126 | char *aixloginmsg; |
---|
127 | #endif /* WITH_AIXAUTHENTICATE */ |
---|
128 | |
---|
129 | #ifdef HAVE_LOGIN_CAP |
---|
130 | login_cap_t *lc; |
---|
131 | #endif |
---|
132 | |
---|
133 | /* Name and directory of socket for authentication agent forwarding. */ |
---|
134 | static char *auth_sock_name = NULL; |
---|
135 | static char *auth_sock_dir = NULL; |
---|
136 | |
---|
137 | /* removes the agent forwarding socket */ |
---|
138 | |
---|
139 | static void |
---|
140 | auth_sock_cleanup_proc(void *_pw) |
---|
141 | { |
---|
142 | struct passwd *pw = _pw; |
---|
143 | |
---|
144 | if (auth_sock_name != NULL) { |
---|
145 | temporarily_use_uid(pw); |
---|
146 | unlink(auth_sock_name); |
---|
147 | rmdir(auth_sock_dir); |
---|
148 | auth_sock_name = NULL; |
---|
149 | restore_uid(); |
---|
150 | } |
---|
151 | } |
---|
152 | |
---|
153 | static int |
---|
154 | auth_input_request_forwarding(struct passwd * pw) |
---|
155 | { |
---|
156 | Channel *nc; |
---|
157 | int sock; |
---|
158 | struct sockaddr_un sunaddr; |
---|
159 | |
---|
160 | if (auth_sock_name != NULL) { |
---|
161 | error("authentication forwarding requested twice."); |
---|
162 | return 0; |
---|
163 | } |
---|
164 | |
---|
165 | /* Temporarily drop privileged uid for mkdir/bind. */ |
---|
166 | temporarily_use_uid(pw); |
---|
167 | |
---|
168 | /* Allocate a buffer for the socket name, and format the name. */ |
---|
169 | auth_sock_name = xmalloc(MAXPATHLEN); |
---|
170 | auth_sock_dir = xmalloc(MAXPATHLEN); |
---|
171 | strlcpy(auth_sock_dir, "/tmp/ssh-XXXXXXXX", MAXPATHLEN); |
---|
172 | |
---|
173 | /* Create private directory for socket */ |
---|
174 | if (mkdtemp(auth_sock_dir) == NULL) { |
---|
175 | packet_send_debug("Agent forwarding disabled: " |
---|
176 | "mkdtemp() failed: %.100s", strerror(errno)); |
---|
177 | restore_uid(); |
---|
178 | xfree(auth_sock_name); |
---|
179 | xfree(auth_sock_dir); |
---|
180 | auth_sock_name = NULL; |
---|
181 | auth_sock_dir = NULL; |
---|
182 | return 0; |
---|
183 | } |
---|
184 | snprintf(auth_sock_name, MAXPATHLEN, "%s/agent.%ld", |
---|
185 | auth_sock_dir, (long) getpid()); |
---|
186 | |
---|
187 | /* delete agent socket on fatal() */ |
---|
188 | fatal_add_cleanup(auth_sock_cleanup_proc, pw); |
---|
189 | |
---|
190 | /* Create the socket. */ |
---|
191 | sock = socket(AF_UNIX, SOCK_STREAM, 0); |
---|
192 | if (sock < 0) |
---|
193 | packet_disconnect("socket: %.100s", strerror(errno)); |
---|
194 | |
---|
195 | /* Bind it to the name. */ |
---|
196 | memset(&sunaddr, 0, sizeof(sunaddr)); |
---|
197 | sunaddr.sun_family = AF_UNIX; |
---|
198 | strlcpy(sunaddr.sun_path, auth_sock_name, sizeof(sunaddr.sun_path)); |
---|
199 | |
---|
200 | if (bind(sock, (struct sockaddr *) & sunaddr, sizeof(sunaddr)) < 0) |
---|
201 | packet_disconnect("bind: %.100s", strerror(errno)); |
---|
202 | |
---|
203 | /* Restore the privileged uid. */ |
---|
204 | restore_uid(); |
---|
205 | |
---|
206 | /* Start listening on the socket. */ |
---|
207 | if (listen(sock, 5) < 0) |
---|
208 | packet_disconnect("listen: %.100s", strerror(errno)); |
---|
209 | |
---|
210 | /* Allocate a channel for the authentication agent socket. */ |
---|
211 | nc = channel_new("auth socket", |
---|
212 | SSH_CHANNEL_AUTH_SOCKET, sock, sock, -1, |
---|
213 | CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, |
---|
214 | 0, xstrdup("auth socket"), 1); |
---|
215 | strlcpy(nc->path, auth_sock_name, sizeof(nc->path)); |
---|
216 | return 1; |
---|
217 | } |
---|
218 | |
---|
219 | |
---|
220 | void |
---|
221 | do_authenticated(Authctxt *authctxt) |
---|
222 | { |
---|
223 | /* |
---|
224 | * Cancel the alarm we set to limit the time taken for |
---|
225 | * authentication. |
---|
226 | */ |
---|
227 | alarm(0); |
---|
228 | if (startup_pipe != -1) { |
---|
229 | close(startup_pipe); |
---|
230 | startup_pipe = -1; |
---|
231 | } |
---|
232 | |
---|
233 | if (authctxt->pw->pw_uid == 0) |
---|
234 | syslog(LOG_NOTICE, "ROOT LOGIN as '%s' from %s", |
---|
235 | authctxt->pw->pw_name, |
---|
236 | get_canonical_hostname(options.verify_reverse_mapping)); |
---|
237 | |
---|
238 | /* setup the channel layer */ |
---|
239 | if (!no_port_forwarding_flag && options.allow_tcp_forwarding) |
---|
240 | channel_permit_all_opens(); |
---|
241 | |
---|
242 | if (compat20) |
---|
243 | do_authenticated2(authctxt); |
---|
244 | else |
---|
245 | do_authenticated1(authctxt); |
---|
246 | |
---|
247 | /* remove agent socket */ |
---|
248 | if (auth_sock_name != NULL) |
---|
249 | auth_sock_cleanup_proc(authctxt->pw); |
---|
250 | #ifdef KRB4 |
---|
251 | if (options.kerberos_ticket_cleanup) |
---|
252 | krb4_cleanup_proc(authctxt); |
---|
253 | #endif |
---|
254 | #ifdef KRB5 |
---|
255 | if (options.kerberos_ticket_cleanup) |
---|
256 | krb5_cleanup_proc(authctxt); |
---|
257 | #endif |
---|
258 | } |
---|
259 | |
---|
260 | /* |
---|
261 | * Prepares for an interactive session. This is called after the user has |
---|
262 | * been successfully authenticated. During this message exchange, pseudo |
---|
263 | * terminals are allocated, X11, TCP/IP, and authentication agent forwardings |
---|
264 | * are requested, etc. |
---|
265 | */ |
---|
266 | static void |
---|
267 | do_authenticated1(Authctxt *authctxt) |
---|
268 | { |
---|
269 | Session *s; |
---|
270 | char *command; |
---|
271 | int success, type, screen_flag; |
---|
272 | int enable_compression_after_reply = 0; |
---|
273 | u_int proto_len, data_len, dlen, compression_level = 0; |
---|
274 | |
---|
275 | s = session_new(); |
---|
276 | s->authctxt = authctxt; |
---|
277 | s->pw = authctxt->pw; |
---|
278 | |
---|
279 | /* |
---|
280 | * We stay in this loop until the client requests to execute a shell |
---|
281 | * or a command. |
---|
282 | */ |
---|
283 | for (;;) { |
---|
284 | success = 0; |
---|
285 | |
---|
286 | /* Get a packet from the client. */ |
---|
287 | type = packet_read(); |
---|
288 | |
---|
289 | /* Process the packet. */ |
---|
290 | switch (type) { |
---|
291 | case SSH_CMSG_REQUEST_COMPRESSION: |
---|
292 | compression_level = packet_get_int(); |
---|
293 | packet_check_eom(); |
---|
294 | if (compression_level < 1 || compression_level > 9) { |
---|
295 | packet_send_debug("Received illegal compression level %d.", |
---|
296 | compression_level); |
---|
297 | break; |
---|
298 | } |
---|
299 | if (!options.compression) { |
---|
300 | debug2("compression disabled"); |
---|
301 | break; |
---|
302 | } |
---|
303 | /* Enable compression after we have responded with SUCCESS. */ |
---|
304 | enable_compression_after_reply = 1; |
---|
305 | success = 1; |
---|
306 | break; |
---|
307 | |
---|
308 | case SSH_CMSG_REQUEST_PTY: |
---|
309 | success = session_pty_req(s); |
---|
310 | break; |
---|
311 | |
---|
312 | case SSH_CMSG_X11_REQUEST_FORWARDING: |
---|
313 | s->auth_proto = packet_get_string(&proto_len); |
---|
314 | s->auth_data = packet_get_string(&data_len); |
---|
315 | |
---|
316 | screen_flag = packet_get_protocol_flags() & |
---|
317 | SSH_PROTOFLAG_SCREEN_NUMBER; |
---|
318 | debug2("SSH_PROTOFLAG_SCREEN_NUMBER: %d", screen_flag); |
---|
319 | |
---|
320 | if (packet_remaining() == 4) { |
---|
321 | if (!screen_flag) |
---|
322 | debug2("Buggy client: " |
---|
323 | "X11 screen flag missing"); |
---|
324 | s->screen = packet_get_int(); |
---|
325 | } else { |
---|
326 | s->screen = 0; |
---|
327 | } |
---|
328 | packet_check_eom(); |
---|
329 | success = session_setup_x11fwd(s); |
---|
330 | if (!success) { |
---|
331 | xfree(s->auth_proto); |
---|
332 | xfree(s->auth_data); |
---|
333 | s->auth_proto = NULL; |
---|
334 | s->auth_data = NULL; |
---|
335 | } |
---|
336 | break; |
---|
337 | |
---|
338 | case SSH_CMSG_AGENT_REQUEST_FORWARDING: |
---|
339 | if (no_agent_forwarding_flag || compat13) { |
---|
340 | debug("Authentication agent forwarding not permitted for this authentication."); |
---|
341 | break; |
---|
342 | } |
---|
343 | debug("Received authentication agent forwarding request."); |
---|
344 | success = auth_input_request_forwarding(s->pw); |
---|
345 | break; |
---|
346 | |
---|
347 | case SSH_CMSG_PORT_FORWARD_REQUEST: |
---|
348 | if (no_port_forwarding_flag) { |
---|
349 | debug("Port forwarding not permitted for this authentication."); |
---|
350 | break; |
---|
351 | } |
---|
352 | if (!options.allow_tcp_forwarding) { |
---|
353 | debug("Port forwarding not permitted."); |
---|
354 | break; |
---|
355 | } |
---|
356 | debug("Received TCP/IP port forwarding request."); |
---|
357 | channel_input_port_forward_request(s->pw->pw_uid == 0, options.gateway_ports); |
---|
358 | success = 1; |
---|
359 | break; |
---|
360 | |
---|
361 | case SSH_CMSG_MAX_PACKET_SIZE: |
---|
362 | if (packet_set_maxsize(packet_get_int()) > 0) |
---|
363 | success = 1; |
---|
364 | break; |
---|
365 | |
---|
366 | #if defined(AFS) || defined(KRB5) |
---|
367 | case SSH_CMSG_HAVE_KERBEROS_TGT: |
---|
368 | success = |
---|
369 | do_auth1_kerberos_tgt_pass(s->authctxt, type); |
---|
370 | break; |
---|
371 | #endif /* AFS || KRB5 */ |
---|
372 | |
---|
373 | #ifdef AFS |
---|
374 | case SSH_CMSG_HAVE_AFS_TOKEN: |
---|
375 | if (!options.afs_token_passing || !k_hasafs()) { |
---|
376 | verbose("AFS token passing disabled."); |
---|
377 | } else { |
---|
378 | /* Accept AFS token. */ |
---|
379 | char *token = packet_get_string(&dlen); |
---|
380 | packet_check_eom(); |
---|
381 | |
---|
382 | if (auth_afs_token(s->authctxt, token)) |
---|
383 | success = 1; |
---|
384 | else |
---|
385 | verbose("AFS token refused for %.100s", |
---|
386 | s->authctxt->user); |
---|
387 | xfree(token); |
---|
388 | } |
---|
389 | break; |
---|
390 | #endif /* AFS */ |
---|
391 | |
---|
392 | case SSH_CMSG_EXEC_SHELL: |
---|
393 | case SSH_CMSG_EXEC_CMD: |
---|
394 | if (type == SSH_CMSG_EXEC_CMD) { |
---|
395 | command = packet_get_string(&dlen); |
---|
396 | debug("Exec command '%.500s'", command); |
---|
397 | do_exec(s, command); |
---|
398 | xfree(command); |
---|
399 | } else { |
---|
400 | do_exec(s, NULL); |
---|
401 | } |
---|
402 | packet_check_eom(); |
---|
403 | session_close(s); |
---|
404 | return; |
---|
405 | |
---|
406 | default: |
---|
407 | /* |
---|
408 | * Any unknown messages in this phase are ignored, |
---|
409 | * and a failure message is returned. |
---|
410 | */ |
---|
411 | log("Unknown packet type received after authentication: %d", type); |
---|
412 | } |
---|
413 | packet_start(success ? SSH_SMSG_SUCCESS : SSH_SMSG_FAILURE); |
---|
414 | packet_send(); |
---|
415 | packet_write_wait(); |
---|
416 | |
---|
417 | /* Enable compression now that we have replied if appropriate. */ |
---|
418 | if (enable_compression_after_reply) { |
---|
419 | enable_compression_after_reply = 0; |
---|
420 | packet_start_compression(compression_level); |
---|
421 | } |
---|
422 | } |
---|
423 | } |
---|
424 | |
---|
425 | /* |
---|
426 | * This is called from both do_authenticated1(), for the normal case, |
---|
427 | * and also from do_authloop(), for compatibility with ssh.com. |
---|
428 | */ |
---|
429 | |
---|
430 | int do_auth1_kerberos_tgt_pass(Authctxt *authctxt, int type) |
---|
431 | { |
---|
432 | int success; |
---|
433 | u_int dlen; |
---|
434 | |
---|
435 | #if defined(AFS) || defined(KRB5) |
---|
436 | if (!options.kerberos_tgt_passing) { |
---|
437 | verbose("Kerberos TGT passing disabled."); |
---|
438 | } else { |
---|
439 | char *kdata = packet_get_string(&dlen); |
---|
440 | packet_check_eom(); |
---|
441 | |
---|
442 | /* XXX - 0x41, see creds_to_radix version */ |
---|
443 | if (kdata[0] != 0x41) { |
---|
444 | #ifdef KRB5 |
---|
445 | krb5_data tgt; |
---|
446 | tgt.data = kdata; |
---|
447 | tgt.length = dlen; |
---|
448 | |
---|
449 | if (auth_krb5_tgt(authctxt, &tgt)) |
---|
450 | success = 1; |
---|
451 | else |
---|
452 | verbose("Kerberos v5 TGT refused for %.100s", |
---|
453 | authctxt->user); |
---|
454 | #endif /* KRB5 */ |
---|
455 | } else { |
---|
456 | #ifdef AFS |
---|
457 | if (auth_krb4_tgt(authctxt, kdata)) |
---|
458 | success = 1; |
---|
459 | else |
---|
460 | verbose("Kerberos v4 TGT refused for %.100s", |
---|
461 | authctxt->user); |
---|
462 | #endif /* AFS */ |
---|
463 | } |
---|
464 | xfree(kdata); |
---|
465 | } |
---|
466 | #endif /* AFS || KRB5 */ |
---|
467 | return success; |
---|
468 | } |
---|
469 | |
---|
470 | /* |
---|
471 | * This is called to fork and execute a command when we have no tty. This |
---|
472 | * will call do_child from the child, and server_loop from the parent after |
---|
473 | * setting up file descriptors and such. |
---|
474 | */ |
---|
475 | void |
---|
476 | do_exec_no_pty(Session *s, const char *command) |
---|
477 | { |
---|
478 | pid_t pid; |
---|
479 | |
---|
480 | #ifdef USE_PIPES |
---|
481 | int pin[2], pout[2], perr[2]; |
---|
482 | /* Allocate pipes for communicating with the program. */ |
---|
483 | if (pipe(pin) < 0 || pipe(pout) < 0 || pipe(perr) < 0) |
---|
484 | packet_disconnect("Could not create pipes: %.100s", |
---|
485 | strerror(errno)); |
---|
486 | #else /* USE_PIPES */ |
---|
487 | int inout[2], err[2]; |
---|
488 | /* Uses socket pairs to communicate with the program. */ |
---|
489 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, inout) < 0 || |
---|
490 | socketpair(AF_UNIX, SOCK_STREAM, 0, err) < 0) |
---|
491 | packet_disconnect("Could not create socket pairs: %.100s", |
---|
492 | strerror(errno)); |
---|
493 | #endif /* USE_PIPES */ |
---|
494 | if (s == NULL) |
---|
495 | fatal("do_exec_no_pty: no session"); |
---|
496 | |
---|
497 | session_proctitle(s); |
---|
498 | |
---|
499 | #if defined(USE_PAM) |
---|
500 | do_pam_session(s->pw->pw_name, NULL); |
---|
501 | do_pam_setcred(1); |
---|
502 | if (is_pam_password_change_required()) |
---|
503 | packet_disconnect("Password change required but no " |
---|
504 | "TTY available"); |
---|
505 | #endif /* USE_PAM */ |
---|
506 | |
---|
507 | /* Fork the child. */ |
---|
508 | if ((pid = fork()) == 0) { |
---|
509 | fatal_remove_all_cleanups(); |
---|
510 | |
---|
511 | /* Child. Reinitialize the log since the pid has changed. */ |
---|
512 | log_init(__progname, options.log_level, options.log_facility, log_stderr); |
---|
513 | |
---|
514 | /* |
---|
515 | * Create a new session and process group since the 4.4BSD |
---|
516 | * setlogin() affects the entire process group. |
---|
517 | */ |
---|
518 | if (setsid() < 0) |
---|
519 | error("setsid failed: %.100s", strerror(errno)); |
---|
520 | |
---|
521 | #ifdef USE_PIPES |
---|
522 | /* |
---|
523 | * Redirect stdin. We close the parent side of the socket |
---|
524 | * pair, and make the child side the standard input. |
---|
525 | */ |
---|
526 | close(pin[1]); |
---|
527 | if (dup2(pin[0], 0) < 0) |
---|
528 | perror("dup2 stdin"); |
---|
529 | close(pin[0]); |
---|
530 | |
---|
531 | /* Redirect stdout. */ |
---|
532 | close(pout[0]); |
---|
533 | if (dup2(pout[1], 1) < 0) |
---|
534 | perror("dup2 stdout"); |
---|
535 | close(pout[1]); |
---|
536 | |
---|
537 | /* Redirect stderr. */ |
---|
538 | close(perr[0]); |
---|
539 | if (dup2(perr[1], 2) < 0) |
---|
540 | perror("dup2 stderr"); |
---|
541 | close(perr[1]); |
---|
542 | #else /* USE_PIPES */ |
---|
543 | /* |
---|
544 | * Redirect stdin, stdout, and stderr. Stdin and stdout will |
---|
545 | * use the same socket, as some programs (particularly rdist) |
---|
546 | * seem to depend on it. |
---|
547 | */ |
---|
548 | close(inout[1]); |
---|
549 | close(err[1]); |
---|
550 | if (dup2(inout[0], 0) < 0) /* stdin */ |
---|
551 | perror("dup2 stdin"); |
---|
552 | if (dup2(inout[0], 1) < 0) /* stdout. Note: same socket as stdin. */ |
---|
553 | perror("dup2 stdout"); |
---|
554 | if (dup2(err[0], 2) < 0) /* stderr */ |
---|
555 | perror("dup2 stderr"); |
---|
556 | #endif /* USE_PIPES */ |
---|
557 | |
---|
558 | #ifdef _UNICOS |
---|
559 | cray_init_job(s->pw); /* set up cray jid and tmpdir */ |
---|
560 | #endif |
---|
561 | |
---|
562 | /* Do processing for the child (exec command etc). */ |
---|
563 | do_child(s, command); |
---|
564 | /* NOTREACHED */ |
---|
565 | } |
---|
566 | #ifdef _UNICOS |
---|
567 | signal(WJSIGNAL, cray_job_termination_handler); |
---|
568 | #endif /* _UNICOS */ |
---|
569 | #ifdef HAVE_CYGWIN |
---|
570 | if (is_winnt) |
---|
571 | cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); |
---|
572 | #endif |
---|
573 | if (pid < 0) |
---|
574 | packet_disconnect("fork failed: %.100s", strerror(errno)); |
---|
575 | s->pid = pid; |
---|
576 | /* Set interactive/non-interactive mode. */ |
---|
577 | packet_set_interactive(s->display != NULL); |
---|
578 | #ifdef USE_PIPES |
---|
579 | /* We are the parent. Close the child sides of the pipes. */ |
---|
580 | close(pin[0]); |
---|
581 | close(pout[1]); |
---|
582 | close(perr[1]); |
---|
583 | |
---|
584 | if (compat20) { |
---|
585 | session_set_fds(s, pin[1], pout[0], s->is_subsystem ? -1 : perr[0]); |
---|
586 | } else { |
---|
587 | /* Enter the interactive session. */ |
---|
588 | server_loop(pid, pin[1], pout[0], perr[0]); |
---|
589 | /* server_loop has closed pin[1], pout[0], and perr[0]. */ |
---|
590 | } |
---|
591 | #else /* USE_PIPES */ |
---|
592 | /* We are the parent. Close the child sides of the socket pairs. */ |
---|
593 | close(inout[0]); |
---|
594 | close(err[0]); |
---|
595 | |
---|
596 | /* |
---|
597 | * Enter the interactive session. Note: server_loop must be able to |
---|
598 | * handle the case that fdin and fdout are the same. |
---|
599 | */ |
---|
600 | if (compat20) { |
---|
601 | session_set_fds(s, inout[1], inout[1], s->is_subsystem ? -1 : err[1]); |
---|
602 | } else { |
---|
603 | server_loop(pid, inout[1], inout[1], err[1]); |
---|
604 | /* server_loop has closed inout[1] and err[1]. */ |
---|
605 | } |
---|
606 | #endif /* USE_PIPES */ |
---|
607 | } |
---|
608 | |
---|
609 | /* |
---|
610 | * This is called to fork and execute a command when we have a tty. This |
---|
611 | * will call do_child from the child, and server_loop from the parent after |
---|
612 | * setting up file descriptors, controlling tty, updating wtmp, utmp, |
---|
613 | * lastlog, and other such operations. |
---|
614 | */ |
---|
615 | void |
---|
616 | do_exec_pty(Session *s, const char *command) |
---|
617 | { |
---|
618 | int fdout, ptyfd, ttyfd, ptymaster; |
---|
619 | pid_t pid; |
---|
620 | |
---|
621 | if (s == NULL) |
---|
622 | fatal("do_exec_pty: no session"); |
---|
623 | ptyfd = s->ptyfd; |
---|
624 | ttyfd = s->ttyfd; |
---|
625 | |
---|
626 | #if defined(USE_PAM) |
---|
627 | do_pam_session(s->pw->pw_name, s->tty); |
---|
628 | do_pam_setcred(1); |
---|
629 | #endif |
---|
630 | |
---|
631 | /* Fork the child. */ |
---|
632 | if ((pid = fork()) == 0) { |
---|
633 | fatal_remove_all_cleanups(); |
---|
634 | |
---|
635 | /* Child. Reinitialize the log because the pid has changed. */ |
---|
636 | log_init(__progname, options.log_level, options.log_facility, log_stderr); |
---|
637 | /* Close the master side of the pseudo tty. */ |
---|
638 | close(ptyfd); |
---|
639 | |
---|
640 | /* Make the pseudo tty our controlling tty. */ |
---|
641 | pty_make_controlling_tty(&ttyfd, s->tty); |
---|
642 | |
---|
643 | /* Redirect stdin/stdout/stderr from the pseudo tty. */ |
---|
644 | if (dup2(ttyfd, 0) < 0) |
---|
645 | error("dup2 stdin: %s", strerror(errno)); |
---|
646 | if (dup2(ttyfd, 1) < 0) |
---|
647 | error("dup2 stdout: %s", strerror(errno)); |
---|
648 | if (dup2(ttyfd, 2) < 0) |
---|
649 | error("dup2 stderr: %s", strerror(errno)); |
---|
650 | |
---|
651 | /* Close the extra descriptor for the pseudo tty. */ |
---|
652 | close(ttyfd); |
---|
653 | |
---|
654 | /* record login, etc. similar to login(1) */ |
---|
655 | #ifndef HAVE_OSF_SIA |
---|
656 | if (!(options.use_login && command == NULL)) { |
---|
657 | #ifdef _UNICOS |
---|
658 | cray_init_job(s->pw); /* set up cray jid and tmpdir */ |
---|
659 | #endif /* _UNICOS */ |
---|
660 | do_login(s, command); |
---|
661 | } |
---|
662 | # ifdef LOGIN_NEEDS_UTMPX |
---|
663 | else |
---|
664 | do_pre_login(s); |
---|
665 | # endif |
---|
666 | #endif |
---|
667 | |
---|
668 | /* Do common processing for the child, such as execing the command. */ |
---|
669 | do_child(s, command); |
---|
670 | /* NOTREACHED */ |
---|
671 | } |
---|
672 | #ifdef _UNICOS |
---|
673 | signal(WJSIGNAL, cray_job_termination_handler); |
---|
674 | #endif /* _UNICOS */ |
---|
675 | #ifdef HAVE_CYGWIN |
---|
676 | if (is_winnt) |
---|
677 | cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); |
---|
678 | #endif |
---|
679 | if (pid < 0) |
---|
680 | packet_disconnect("fork failed: %.100s", strerror(errno)); |
---|
681 | s->pid = pid; |
---|
682 | |
---|
683 | /* Parent. Close the slave side of the pseudo tty. */ |
---|
684 | close(ttyfd); |
---|
685 | |
---|
686 | /* |
---|
687 | * Create another descriptor of the pty master side for use as the |
---|
688 | * standard input. We could use the original descriptor, but this |
---|
689 | * simplifies code in server_loop. The descriptor is bidirectional. |
---|
690 | */ |
---|
691 | fdout = dup(ptyfd); |
---|
692 | if (fdout < 0) |
---|
693 | packet_disconnect("dup #1 failed: %.100s", strerror(errno)); |
---|
694 | |
---|
695 | /* we keep a reference to the pty master */ |
---|
696 | ptymaster = dup(ptyfd); |
---|
697 | if (ptymaster < 0) |
---|
698 | packet_disconnect("dup #2 failed: %.100s", strerror(errno)); |
---|
699 | s->ptymaster = ptymaster; |
---|
700 | |
---|
701 | /* Enter interactive session. */ |
---|
702 | packet_set_interactive(1); |
---|
703 | if (compat20) { |
---|
704 | session_set_fds(s, ptyfd, fdout, -1); |
---|
705 | } else { |
---|
706 | server_loop(pid, ptyfd, fdout, -1); |
---|
707 | /* server_loop _has_ closed ptyfd and fdout. */ |
---|
708 | } |
---|
709 | } |
---|
710 | |
---|
711 | #ifdef LOGIN_NEEDS_UTMPX |
---|
712 | static void |
---|
713 | do_pre_login(Session *s) |
---|
714 | { |
---|
715 | socklen_t fromlen; |
---|
716 | struct sockaddr_storage from; |
---|
717 | pid_t pid = getpid(); |
---|
718 | |
---|
719 | /* |
---|
720 | * Get IP address of client. If the connection is not a socket, let |
---|
721 | * the address be 0.0.0.0. |
---|
722 | */ |
---|
723 | memset(&from, 0, sizeof(from)); |
---|
724 | fromlen = sizeof(from); |
---|
725 | if (packet_connection_is_on_socket()) { |
---|
726 | if (getpeername(packet_get_connection_in(), |
---|
727 | (struct sockaddr *) & from, &fromlen) < 0) { |
---|
728 | debug("getpeername: %.100s", strerror(errno)); |
---|
729 | fatal_cleanup(); |
---|
730 | } |
---|
731 | } |
---|
732 | |
---|
733 | record_utmp_only(pid, s->tty, s->pw->pw_name, |
---|
734 | get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping), |
---|
735 | (struct sockaddr *)&from); |
---|
736 | } |
---|
737 | #endif |
---|
738 | |
---|
739 | /* |
---|
740 | * This is called to fork and execute a command. If another command is |
---|
741 | * to be forced, execute that instead. |
---|
742 | */ |
---|
743 | void |
---|
744 | do_exec(Session *s, const char *command) |
---|
745 | { |
---|
746 | int status; |
---|
747 | char *filetext, *errmem; |
---|
748 | const char *err; |
---|
749 | int havecred = 0; |
---|
750 | |
---|
751 | #if defined(GSSAPI) |
---|
752 | temporarily_use_uid(s->pw); |
---|
753 | ssh_gssapi_storecreds(s->authctxt); |
---|
754 | restore_uid(); |
---|
755 | #endif |
---|
756 | |
---|
757 | #if KRB5 |
---|
758 | if (s->authctxt->krb5_ticket_file) |
---|
759 | { |
---|
760 | havecred = 1; |
---|
761 | if (options.kerberos524 && s->authctxt->krb5_user) |
---|
762 | { |
---|
763 | status = do_krb524_conversion(s->authctxt); |
---|
764 | if (status) |
---|
765 | debug("krb524 failed: %s", |
---|
766 | krb5_get_err_text(s->authctxt->krb5_ctx, status)); |
---|
767 | } |
---|
768 | } |
---|
769 | |
---|
770 | #endif |
---|
771 | try_afscall(setpag); |
---|
772 | atexit(krb_cleanup); |
---|
773 | |
---|
774 | if (!is_local_acct) |
---|
775 | { |
---|
776 | struct passwd *pw; |
---|
777 | |
---|
778 | status = al_acct_create(s->authctxt->user, getpid(), havecred, 1, |
---|
779 | &session_warnings); |
---|
780 | if (status != AL_SUCCESS && status != AL_WARNINGS) |
---|
781 | packet_disconnect("%s\n", al_strerror(status, &errmem)); |
---|
782 | /* |
---|
783 | * Look up the passwd entry again, as al_acct_create() |
---|
784 | * may have modified it. |
---|
785 | */ |
---|
786 | pw = getpwnam(s->authctxt->user); |
---|
787 | if (pw == NULL) |
---|
788 | packet_disconnect("Cannot get password entry\n"); |
---|
789 | pwfree(s->authctxt->pw); |
---|
790 | s->authctxt->pw = pwcopy(pw); |
---|
791 | s->pw = s->authctxt->pw; |
---|
792 | } |
---|
793 | |
---|
794 | if (forced_command) { |
---|
795 | original_command = command; |
---|
796 | command = forced_command; |
---|
797 | debug("Forced command '%.900s'", command); |
---|
798 | } |
---|
799 | |
---|
800 | if (s->ttyfd != -1) |
---|
801 | do_exec_pty(s, command); |
---|
802 | else |
---|
803 | do_exec_no_pty(s, command); |
---|
804 | |
---|
805 | original_command = NULL; |
---|
806 | } |
---|
807 | |
---|
808 | |
---|
809 | /* administrative, login(1)-like work */ |
---|
810 | void |
---|
811 | do_login(Session *s, const char *command) |
---|
812 | { |
---|
813 | char *time_string; |
---|
814 | socklen_t fromlen; |
---|
815 | struct sockaddr_storage from; |
---|
816 | struct passwd * pw = s->pw; |
---|
817 | pid_t pid = getpid(); |
---|
818 | |
---|
819 | /* |
---|
820 | * Get IP address of client. If the connection is not a socket, let |
---|
821 | * the address be 0.0.0.0. |
---|
822 | */ |
---|
823 | memset(&from, 0, sizeof(from)); |
---|
824 | if (packet_connection_is_on_socket()) { |
---|
825 | fromlen = sizeof(from); |
---|
826 | if (getpeername(packet_get_connection_in(), |
---|
827 | (struct sockaddr *) & from, &fromlen) < 0) { |
---|
828 | debug("getpeername: %.100s", strerror(errno)); |
---|
829 | fatal_cleanup(); |
---|
830 | } |
---|
831 | } |
---|
832 | |
---|
833 | /* Record that there was a login on that tty from the remote host. */ |
---|
834 | if (!use_privsep) |
---|
835 | record_login(pid, s->tty, pw->pw_name, pw->pw_uid, |
---|
836 | get_remote_name_or_ip(utmp_len, |
---|
837 | options.verify_reverse_mapping), |
---|
838 | (struct sockaddr *)&from, fromlen); |
---|
839 | |
---|
840 | #ifdef USE_PAM |
---|
841 | /* |
---|
842 | * If password change is needed, do it now. |
---|
843 | * This needs to occur before the ~/.hushlogin check. |
---|
844 | */ |
---|
845 | if (is_pam_password_change_required()) { |
---|
846 | print_pam_messages(); |
---|
847 | do_pam_chauthtok(); |
---|
848 | } |
---|
849 | #endif |
---|
850 | |
---|
851 | if (check_quietlogin(s, command)) |
---|
852 | return; |
---|
853 | |
---|
854 | #ifdef USE_PAM |
---|
855 | if (!is_pam_password_change_required()) |
---|
856 | print_pam_messages(); |
---|
857 | #endif /* USE_PAM */ |
---|
858 | #ifdef WITH_AIXAUTHENTICATE |
---|
859 | if (aixloginmsg && *aixloginmsg) |
---|
860 | printf("%s\n", aixloginmsg); |
---|
861 | #endif /* WITH_AIXAUTHENTICATE */ |
---|
862 | |
---|
863 | #ifndef NO_SSH_LASTLOG |
---|
864 | if (options.print_lastlog && s->last_login_time != 0) { |
---|
865 | time_string = ctime(&s->last_login_time); |
---|
866 | if (strchr(time_string, '\n')) |
---|
867 | *strchr(time_string, '\n') = 0; |
---|
868 | if (strcmp(s->hostname, "") == 0) |
---|
869 | printf("Last login: %s\r\n", time_string); |
---|
870 | else |
---|
871 | printf("Last login: %s from %s\r\n", time_string, |
---|
872 | s->hostname); |
---|
873 | } |
---|
874 | #endif /* NO_SSH_LASTLOG */ |
---|
875 | |
---|
876 | do_motd(); |
---|
877 | } |
---|
878 | |
---|
879 | /* |
---|
880 | * Display the message of the day. |
---|
881 | */ |
---|
882 | void |
---|
883 | do_motd(void) |
---|
884 | { |
---|
885 | FILE *f; |
---|
886 | char buf[256]; |
---|
887 | |
---|
888 | if (options.print_motd) { |
---|
889 | #ifdef HAVE_LOGIN_CAP |
---|
890 | f = fopen(login_getcapstr(lc, "welcome", "/etc/motd", |
---|
891 | "/etc/motd"), "r"); |
---|
892 | #else |
---|
893 | f = fopen("/etc/motd", "r"); |
---|
894 | #endif |
---|
895 | if (f) { |
---|
896 | while (fgets(buf, sizeof(buf), f)) |
---|
897 | fputs(buf, stdout); |
---|
898 | fclose(f); |
---|
899 | } |
---|
900 | } |
---|
901 | } |
---|
902 | |
---|
903 | |
---|
904 | /* |
---|
905 | * Check for quiet login, either .hushlogin or command given. |
---|
906 | */ |
---|
907 | int |
---|
908 | check_quietlogin(Session *s, const char *command) |
---|
909 | { |
---|
910 | char buf[256]; |
---|
911 | struct passwd *pw = s->pw; |
---|
912 | struct stat st; |
---|
913 | |
---|
914 | /* Return 1 if .hushlogin exists or a command given. */ |
---|
915 | if (command != NULL) |
---|
916 | return 1; |
---|
917 | snprintf(buf, sizeof(buf), "%.200s/.hushlogin", pw->pw_dir); |
---|
918 | #ifdef HAVE_LOGIN_CAP |
---|
919 | if (login_getcapbool(lc, "hushlogin", 0) || stat(buf, &st) >= 0) |
---|
920 | return 1; |
---|
921 | #else |
---|
922 | if (stat(buf, &st) >= 0) |
---|
923 | return 1; |
---|
924 | #endif |
---|
925 | return 0; |
---|
926 | } |
---|
927 | |
---|
928 | /* |
---|
929 | * Sets the value of the given variable in the environment. If the variable |
---|
930 | * already exists, its value is overriden. |
---|
931 | */ |
---|
932 | void |
---|
933 | child_set_env(char ***envp, u_int *envsizep, const char *name, |
---|
934 | const char *value) |
---|
935 | { |
---|
936 | u_int i, namelen; |
---|
937 | char **env; |
---|
938 | |
---|
939 | /* |
---|
940 | * Find the slot where the value should be stored. If the variable |
---|
941 | * already exists, we reuse the slot; otherwise we append a new slot |
---|
942 | * at the end of the array, expanding if necessary. |
---|
943 | */ |
---|
944 | env = *envp; |
---|
945 | namelen = strlen(name); |
---|
946 | for (i = 0; env[i]; i++) |
---|
947 | if (strncmp(env[i], name, namelen) == 0 && env[i][namelen] == '=') |
---|
948 | break; |
---|
949 | if (env[i]) { |
---|
950 | /* Reuse the slot. */ |
---|
951 | xfree(env[i]); |
---|
952 | } else { |
---|
953 | /* New variable. Expand if necessary. */ |
---|
954 | if (i >= (*envsizep) - 1) { |
---|
955 | if (*envsizep >= 1000) |
---|
956 | fatal("child_set_env: too many env vars," |
---|
957 | " skipping: %.100s", name); |
---|
958 | (*envsizep) += 50; |
---|
959 | env = (*envp) = xrealloc(env, (*envsizep) * sizeof(char *)); |
---|
960 | } |
---|
961 | /* Need to set the NULL pointer at end of array beyond the new slot. */ |
---|
962 | env[i + 1] = NULL; |
---|
963 | } |
---|
964 | |
---|
965 | /* Allocate space and format the variable in the appropriate slot. */ |
---|
966 | env[i] = xmalloc(strlen(name) + 1 + strlen(value) + 1); |
---|
967 | snprintf(env[i], strlen(name) + 1 + strlen(value) + 1, "%s=%s", name, value); |
---|
968 | } |
---|
969 | |
---|
970 | /* |
---|
971 | * Reads environment variables from the given file and adds/overrides them |
---|
972 | * into the environment. If the file does not exist, this does nothing. |
---|
973 | * Otherwise, it must consist of empty lines, comments (line starts with '#') |
---|
974 | * and assignments of the form name=value. No other forms are allowed. |
---|
975 | */ |
---|
976 | static void |
---|
977 | read_environment_file(char ***env, u_int *envsize, |
---|
978 | const char *filename) |
---|
979 | { |
---|
980 | FILE *f; |
---|
981 | char buf[4096]; |
---|
982 | char *cp, *value; |
---|
983 | u_int lineno = 0; |
---|
984 | |
---|
985 | f = fopen(filename, "r"); |
---|
986 | if (!f) |
---|
987 | return; |
---|
988 | |
---|
989 | while (fgets(buf, sizeof(buf), f)) { |
---|
990 | if (++lineno > 1000) |
---|
991 | fatal("Too many lines in environment file %s", filename); |
---|
992 | for (cp = buf; *cp == ' ' || *cp == '\t'; cp++) |
---|
993 | ; |
---|
994 | if (!*cp || *cp == '#' || *cp == '\n') |
---|
995 | continue; |
---|
996 | if (strchr(cp, '\n')) |
---|
997 | *strchr(cp, '\n') = '\0'; |
---|
998 | value = strchr(cp, '='); |
---|
999 | if (value == NULL) { |
---|
1000 | fprintf(stderr, "Bad line %u in %.100s\n", lineno, |
---|
1001 | filename); |
---|
1002 | continue; |
---|
1003 | } |
---|
1004 | /* |
---|
1005 | * Replace the equals sign by nul, and advance value to |
---|
1006 | * the value string. |
---|
1007 | */ |
---|
1008 | *value = '\0'; |
---|
1009 | value++; |
---|
1010 | child_set_env(env, envsize, cp, value); |
---|
1011 | } |
---|
1012 | fclose(f); |
---|
1013 | } |
---|
1014 | |
---|
1015 | void copy_environment(char **source, char ***env, u_int *envsize) |
---|
1016 | { |
---|
1017 | char *var_name, *var_val; |
---|
1018 | int i; |
---|
1019 | |
---|
1020 | if (source == NULL) |
---|
1021 | return; |
---|
1022 | |
---|
1023 | for(i = 0; source[i] != NULL; i++) { |
---|
1024 | var_name = xstrdup(source[i]); |
---|
1025 | if ((var_val = strstr(var_name, "=")) == NULL) { |
---|
1026 | xfree(var_name); |
---|
1027 | continue; |
---|
1028 | } |
---|
1029 | *var_val++ = '\0'; |
---|
1030 | |
---|
1031 | debug3("Copy environment: %s=%s", var_name, var_val); |
---|
1032 | child_set_env(env, envsize, var_name, var_val); |
---|
1033 | |
---|
1034 | xfree(var_name); |
---|
1035 | } |
---|
1036 | } |
---|
1037 | |
---|
1038 | static char ** |
---|
1039 | do_setup_env(Session *s, const char *shell) |
---|
1040 | { |
---|
1041 | char buf[256]; |
---|
1042 | u_int i, envsize; |
---|
1043 | char **env, *cp; |
---|
1044 | struct passwd *pw = s->pw; |
---|
1045 | |
---|
1046 | /* Initialize the environment. */ |
---|
1047 | envsize = 100; |
---|
1048 | env = xmalloc(envsize * sizeof(char *)); |
---|
1049 | env[0] = NULL; |
---|
1050 | |
---|
1051 | /* Print any leftover libAL warnings */ |
---|
1052 | if (session_warnings) |
---|
1053 | { |
---|
1054 | int i; |
---|
1055 | char *errmem; |
---|
1056 | |
---|
1057 | for (i = 0; session_warnings[i]; i++) |
---|
1058 | { |
---|
1059 | fprintf(stderr, "Warning: %s\n", |
---|
1060 | al_strerror(session_warnings[i], &errmem)); |
---|
1061 | al_free_errmem(errmem); |
---|
1062 | } |
---|
1063 | free(session_warnings); |
---|
1064 | } |
---|
1065 | |
---|
1066 | #ifdef HAVE_CYGWIN |
---|
1067 | /* |
---|
1068 | * The Windows environment contains some setting which are |
---|
1069 | * important for a running system. They must not be dropped. |
---|
1070 | */ |
---|
1071 | copy_environment(environ, &env, &envsize); |
---|
1072 | #endif |
---|
1073 | |
---|
1074 | #ifdef GSSAPI |
---|
1075 | /* Allow any GSSAPI methods that we've used to alter |
---|
1076 | * the childs environment as they see fit |
---|
1077 | */ |
---|
1078 | ssh_gssapi_do_child(&env,&envsize); |
---|
1079 | #endif |
---|
1080 | |
---|
1081 | if (!options.use_login) { |
---|
1082 | /* Set basic environment. */ |
---|
1083 | child_set_env(&env, &envsize, "USER", pw->pw_name); |
---|
1084 | child_set_env(&env, &envsize, "LOGNAME", pw->pw_name); |
---|
1085 | child_set_env(&env, &envsize, "HOME", pw->pw_dir); |
---|
1086 | #ifdef HAVE_LOGIN_CAP |
---|
1087 | if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH) < 0) |
---|
1088 | child_set_env(&env, &envsize, "PATH", _PATH_STDPATH); |
---|
1089 | else |
---|
1090 | child_set_env(&env, &envsize, "PATH", getenv("PATH")); |
---|
1091 | #else /* HAVE_LOGIN_CAP */ |
---|
1092 | # ifndef HAVE_CYGWIN |
---|
1093 | /* |
---|
1094 | * There's no standard path on Windows. The path contains |
---|
1095 | * important components pointing to the system directories, |
---|
1096 | * needed for loading shared libraries. So the path better |
---|
1097 | * remains intact here. |
---|
1098 | */ |
---|
1099 | # ifdef SUPERUSER_PATH |
---|
1100 | child_set_env(&env, &envsize, "PATH", |
---|
1101 | s->pw->pw_uid == 0 ? SUPERUSER_PATH : _PATH_STDPATH); |
---|
1102 | # else |
---|
1103 | child_set_env(&env, &envsize, "PATH", _PATH_STDPATH); |
---|
1104 | # endif /* SUPERUSER_PATH */ |
---|
1105 | # endif /* HAVE_CYGWIN */ |
---|
1106 | #endif /* HAVE_LOGIN_CAP */ |
---|
1107 | |
---|
1108 | snprintf(buf, sizeof buf, "%.200s/%.50s", |
---|
1109 | _PATH_MAILDIR, pw->pw_name); |
---|
1110 | child_set_env(&env, &envsize, "MAIL", buf); |
---|
1111 | |
---|
1112 | /* Normal systems set SHELL by default. */ |
---|
1113 | child_set_env(&env, &envsize, "SHELL", shell); |
---|
1114 | } |
---|
1115 | if (getenv("TZ")) |
---|
1116 | child_set_env(&env, &envsize, "TZ", getenv("TZ")); |
---|
1117 | |
---|
1118 | /* Set custom environment options from RSA authentication. */ |
---|
1119 | if (!options.use_login) { |
---|
1120 | while (custom_environment) { |
---|
1121 | struct envstring *ce = custom_environment; |
---|
1122 | char *str = ce->s; |
---|
1123 | |
---|
1124 | for (i = 0; str[i] != '=' && str[i]; i++) |
---|
1125 | ; |
---|
1126 | if (str[i] == '=') { |
---|
1127 | str[i] = 0; |
---|
1128 | child_set_env(&env, &envsize, str, str + i + 1); |
---|
1129 | } |
---|
1130 | custom_environment = ce->next; |
---|
1131 | xfree(ce->s); |
---|
1132 | xfree(ce); |
---|
1133 | } |
---|
1134 | } |
---|
1135 | |
---|
1136 | /* SSH_CLIENT deprecated */ |
---|
1137 | snprintf(buf, sizeof buf, "%.50s %d %d", |
---|
1138 | get_remote_ipaddr(), get_remote_port(), get_local_port()); |
---|
1139 | child_set_env(&env, &envsize, "SSH_CLIENT", buf); |
---|
1140 | |
---|
1141 | snprintf(buf, sizeof buf, "%.50s %d %.50s %d", |
---|
1142 | get_remote_ipaddr(), get_remote_port(), |
---|
1143 | get_local_ipaddr(packet_get_connection_in()), get_local_port()); |
---|
1144 | child_set_env(&env, &envsize, "SSH_CONNECTION", buf); |
---|
1145 | |
---|
1146 | if (s->ttyfd != -1) |
---|
1147 | child_set_env(&env, &envsize, "SSH_TTY", s->tty); |
---|
1148 | if (s->term) |
---|
1149 | child_set_env(&env, &envsize, "TERM", s->term); |
---|
1150 | if (s->display) |
---|
1151 | child_set_env(&env, &envsize, "DISPLAY", s->display); |
---|
1152 | if (original_command) |
---|
1153 | child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND", |
---|
1154 | original_command); |
---|
1155 | |
---|
1156 | #ifdef _UNICOS |
---|
1157 | if (cray_tmpdir[0] != '\0') |
---|
1158 | child_set_env(&env, &envsize, "TMPDIR", cray_tmpdir); |
---|
1159 | #endif /* _UNICOS */ |
---|
1160 | |
---|
1161 | #ifdef _AIX |
---|
1162 | { |
---|
1163 | if ((cp = getenv("AUTHSTATE")) != NULL) |
---|
1164 | child_set_env(&env, &envsize, "AUTHSTATE", cp); |
---|
1165 | if ((cp = getenv("KRB5CCNAME")) != NULL) |
---|
1166 | child_set_env(&env, &envsize, "KRB5CCNAME", cp); |
---|
1167 | read_environment_file(&env, &envsize, "/etc/environment"); |
---|
1168 | } |
---|
1169 | #endif |
---|
1170 | #ifdef KRB4 |
---|
1171 | if (s->authctxt->krb4_ticket_file) |
---|
1172 | child_set_env(&env, &envsize, "KRBTKFILE", |
---|
1173 | s->authctxt->krb4_ticket_file); |
---|
1174 | #endif |
---|
1175 | #ifdef KRB5 |
---|
1176 | if (s->authctxt->krb5_ticket_file) |
---|
1177 | child_set_env(&env, &envsize, "KRB5CCNAME", |
---|
1178 | s->authctxt->krb5_ticket_file); |
---|
1179 | /* |
---|
1180 | * XXX something bad might happen if you did Krb4 at the same time... |
---|
1181 | */ |
---|
1182 | if ((cp = getenv("KRBTKFILE")) != NULL) |
---|
1183 | child_set_env(&env, &envsize, "KRBTKFILE", cp); |
---|
1184 | #endif |
---|
1185 | #ifdef USE_PAM |
---|
1186 | /* |
---|
1187 | * Pull in any environment variables that may have |
---|
1188 | * been set by PAM. |
---|
1189 | */ |
---|
1190 | { |
---|
1191 | char **p; |
---|
1192 | |
---|
1193 | p = fetch_pam_environment(); |
---|
1194 | copy_environment(p, &env, &envsize); |
---|
1195 | free_pam_environment(p); |
---|
1196 | } |
---|
1197 | #endif /* USE_PAM */ |
---|
1198 | |
---|
1199 | if (auth_sock_name != NULL) |
---|
1200 | child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME, |
---|
1201 | auth_sock_name); |
---|
1202 | |
---|
1203 | { /* more hacks */ |
---|
1204 | sprintf(buf, "/tmp/xauth-%s-%d", s->authctxt->user, |
---|
1205 | (int)getpid()); |
---|
1206 | if (mkdir(buf, S_IRWXU) == -1) |
---|
1207 | { |
---|
1208 | /* XXX */ |
---|
1209 | fprintf(stderr, "Could not create xauth directory %s: %s\n" |
---|
1210 | "Disabling X forwarding.\n", buf, strerror(errno)); |
---|
1211 | } |
---|
1212 | else |
---|
1213 | { |
---|
1214 | strcat(buf, "/Xauthority"); |
---|
1215 | child_set_env(&env, &envsize, "XAUTHORITY", buf); |
---|
1216 | } |
---|
1217 | } |
---|
1218 | |
---|
1219 | |
---|
1220 | /* read $HOME/.ssh/environment. */ |
---|
1221 | if (options.permit_user_env && !options.use_login) { |
---|
1222 | snprintf(buf, sizeof buf, "%.200s/.ssh/environment", |
---|
1223 | strcmp(pw->pw_dir, "/") ? pw->pw_dir : ""); |
---|
1224 | read_environment_file(&env, &envsize, buf); |
---|
1225 | } |
---|
1226 | if (debug_flag) { |
---|
1227 | /* dump the environment */ |
---|
1228 | fprintf(stderr, "Environment:\n"); |
---|
1229 | for (i = 0; env[i]; i++) |
---|
1230 | fprintf(stderr, " %.300s\n", env[i]); |
---|
1231 | } |
---|
1232 | return env; |
---|
1233 | } |
---|
1234 | |
---|
1235 | /* |
---|
1236 | * Run $HOME/.ssh/rc, /etc/ssh/sshrc, or xauth (whichever is found |
---|
1237 | * first in this order). |
---|
1238 | */ |
---|
1239 | static void |
---|
1240 | do_rc_files(Session *s, const char *shell) |
---|
1241 | { |
---|
1242 | FILE *f = NULL; |
---|
1243 | char cmd[1024]; |
---|
1244 | int do_xauth; |
---|
1245 | struct stat st; |
---|
1246 | |
---|
1247 | do_xauth = |
---|
1248 | s->display != NULL && s->auth_proto != NULL && s->auth_data != NULL; |
---|
1249 | |
---|
1250 | /* ignore _PATH_SSH_USER_RC for subsystems */ |
---|
1251 | if (!s->is_subsystem && (stat(_PATH_SSH_USER_RC, &st) >= 0)) { |
---|
1252 | snprintf(cmd, sizeof cmd, "%s -c '%s %s'", |
---|
1253 | shell, _PATH_BSHELL, _PATH_SSH_USER_RC); |
---|
1254 | if (debug_flag) |
---|
1255 | fprintf(stderr, "Running %s\n", cmd); |
---|
1256 | f = popen(cmd, "w"); |
---|
1257 | if (f) { |
---|
1258 | if (do_xauth) |
---|
1259 | fprintf(f, "%s %s\n", s->auth_proto, |
---|
1260 | s->auth_data); |
---|
1261 | pclose(f); |
---|
1262 | } else |
---|
1263 | fprintf(stderr, "Could not run %s\n", |
---|
1264 | _PATH_SSH_USER_RC); |
---|
1265 | } else if (stat(_PATH_SSH_SYSTEM_RC, &st) >= 0) { |
---|
1266 | if (debug_flag) |
---|
1267 | fprintf(stderr, "Running %s %s\n", _PATH_BSHELL, |
---|
1268 | _PATH_SSH_SYSTEM_RC); |
---|
1269 | f = popen(_PATH_BSHELL " " _PATH_SSH_SYSTEM_RC, "w"); |
---|
1270 | if (f) { |
---|
1271 | if (do_xauth) |
---|
1272 | fprintf(f, "%s %s\n", s->auth_proto, |
---|
1273 | s->auth_data); |
---|
1274 | pclose(f); |
---|
1275 | } else |
---|
1276 | fprintf(stderr, "Could not run %s\n", |
---|
1277 | _PATH_SSH_SYSTEM_RC); |
---|
1278 | } else if (do_xauth && options.xauth_location != NULL) { |
---|
1279 | /* Add authority data to .Xauthority if appropriate. */ |
---|
1280 | if (debug_flag) { |
---|
1281 | fprintf(stderr, |
---|
1282 | "Running %.500s add " |
---|
1283 | "%.100s %.100s %.100s\n", |
---|
1284 | options.xauth_location, s->auth_display, |
---|
1285 | s->auth_proto, s->auth_data); |
---|
1286 | } |
---|
1287 | snprintf(cmd, sizeof cmd, "%s -q -", |
---|
1288 | options.xauth_location); |
---|
1289 | f = popen(cmd, "w"); |
---|
1290 | if (f) { |
---|
1291 | fprintf(f, "add %s %s %s\n", |
---|
1292 | s->auth_display, s->auth_proto, |
---|
1293 | s->auth_data); |
---|
1294 | pclose(f); |
---|
1295 | } else { |
---|
1296 | fprintf(stderr, "Could not run %s\n", |
---|
1297 | cmd); |
---|
1298 | } |
---|
1299 | } |
---|
1300 | } |
---|
1301 | |
---|
1302 | static void |
---|
1303 | do_nologin(struct passwd *pw) |
---|
1304 | { |
---|
1305 | FILE *f = NULL; |
---|
1306 | char buf[1024]; |
---|
1307 | |
---|
1308 | #ifdef HAVE_LOGIN_CAP |
---|
1309 | if (!login_getcapbool(lc, "ignorenologin", 0) && pw->pw_uid) |
---|
1310 | f = fopen(login_getcapstr(lc, "nologin", _PATH_NOLOGIN, |
---|
1311 | _PATH_NOLOGIN), "r"); |
---|
1312 | #else |
---|
1313 | if (pw->pw_uid) |
---|
1314 | f = fopen(_PATH_NOLOGIN, "r"); |
---|
1315 | #endif |
---|
1316 | if (f) { |
---|
1317 | /* /etc/nologin exists. Print its contents and exit. */ |
---|
1318 | log("User %.100s not allowed because %s exists", |
---|
1319 | pw->pw_name, _PATH_NOLOGIN); |
---|
1320 | while (fgets(buf, sizeof(buf), f)) |
---|
1321 | fputs(buf, stderr); |
---|
1322 | fclose(f); |
---|
1323 | exit(254); |
---|
1324 | } |
---|
1325 | } |
---|
1326 | |
---|
1327 | /* Set login name, uid, gid, and groups. */ |
---|
1328 | void |
---|
1329 | do_setusercontext(struct passwd *pw) |
---|
1330 | { |
---|
1331 | #ifdef HAVE_CYGWIN |
---|
1332 | if (is_winnt) { |
---|
1333 | #else /* HAVE_CYGWIN */ |
---|
1334 | if (getuid() == 0 || geteuid() == 0) { |
---|
1335 | #endif /* HAVE_CYGWIN */ |
---|
1336 | #ifdef HAVE_SETPCRED |
---|
1337 | setpcred(pw->pw_name); |
---|
1338 | #endif /* HAVE_SETPCRED */ |
---|
1339 | #ifdef HAVE_LOGIN_CAP |
---|
1340 | # ifdef __bsdi__ |
---|
1341 | setpgid(0, 0); |
---|
1342 | # endif |
---|
1343 | if (setusercontext(lc, pw, pw->pw_uid, |
---|
1344 | (LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) { |
---|
1345 | perror("unable to set user context"); |
---|
1346 | exit(1); |
---|
1347 | } |
---|
1348 | #else |
---|
1349 | # if defined(HAVE_GETLUID) && defined(HAVE_SETLUID) |
---|
1350 | /* Sets login uid for accounting */ |
---|
1351 | if (getluid() == -1 && setluid(pw->pw_uid) == -1) |
---|
1352 | error("setluid: %s", strerror(errno)); |
---|
1353 | # endif /* defined(HAVE_GETLUID) && defined(HAVE_SETLUID) */ |
---|
1354 | |
---|
1355 | if (setlogin(pw->pw_name) < 0) |
---|
1356 | error("setlogin failed: %s", strerror(errno)); |
---|
1357 | if (setgid(pw->pw_gid) < 0) { |
---|
1358 | perror("setgid"); |
---|
1359 | exit(1); |
---|
1360 | } |
---|
1361 | /* Initialize the group list. */ |
---|
1362 | if (initgroups(pw->pw_name, pw->pw_gid) < 0) { |
---|
1363 | perror("initgroups"); |
---|
1364 | exit(1); |
---|
1365 | } |
---|
1366 | endgrent(); |
---|
1367 | # ifdef USE_PAM |
---|
1368 | /* |
---|
1369 | * PAM credentials may take the form of supplementary groups. |
---|
1370 | * These will have been wiped by the above initgroups() call. |
---|
1371 | * Reestablish them here. |
---|
1372 | */ |
---|
1373 | do_pam_setcred(0); |
---|
1374 | # endif /* USE_PAM */ |
---|
1375 | # if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) |
---|
1376 | irix_setusercontext(pw); |
---|
1377 | # endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */ |
---|
1378 | # ifdef _AIX |
---|
1379 | aix_usrinfo(pw); |
---|
1380 | # endif /* _AIX */ |
---|
1381 | /* Permanently switch to the desired uid. */ |
---|
1382 | permanently_set_uid(pw); |
---|
1383 | #endif |
---|
1384 | } |
---|
1385 | if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) |
---|
1386 | fatal("Failed to set uids to %u.", (u_int) pw->pw_uid); |
---|
1387 | } |
---|
1388 | |
---|
1389 | static void |
---|
1390 | launch_login(struct passwd *pw, const char *hostname) |
---|
1391 | { |
---|
1392 | /* Launch login(1). */ |
---|
1393 | |
---|
1394 | execl(LOGIN_PROGRAM, "login", "-h", hostname, |
---|
1395 | #ifdef xxxLOGIN_NEEDS_TERM |
---|
1396 | (s->term ? s->term : "unknown"), |
---|
1397 | #endif /* LOGIN_NEEDS_TERM */ |
---|
1398 | #ifdef LOGIN_NO_ENDOPT |
---|
1399 | "-p", "-f", pw->pw_name, (char *)NULL); |
---|
1400 | #else |
---|
1401 | "-p", "-f", "--", pw->pw_name, (char *)NULL); |
---|
1402 | #endif |
---|
1403 | |
---|
1404 | /* Login couldn't be executed, die. */ |
---|
1405 | |
---|
1406 | perror("login"); |
---|
1407 | exit(1); |
---|
1408 | } |
---|
1409 | |
---|
1410 | /* |
---|
1411 | * Performs common processing for the child, such as setting up the |
---|
1412 | * environment, closing extra file descriptors, setting the user and group |
---|
1413 | * ids, and executing the command or shell. |
---|
1414 | */ |
---|
1415 | void |
---|
1416 | do_child(Session *s, const char *command) |
---|
1417 | { |
---|
1418 | extern char **environ; |
---|
1419 | char **env; |
---|
1420 | char *argv[10]; |
---|
1421 | const char *shell, *shell0, *hostname = NULL; |
---|
1422 | struct passwd *pw = s->pw; |
---|
1423 | u_int i; |
---|
1424 | |
---|
1425 | /* remove hostkey from the child's memory */ |
---|
1426 | destroy_sensitive_data(); |
---|
1427 | |
---|
1428 | /* login(1) is only called if we execute the login shell */ |
---|
1429 | if (options.use_login && command != NULL) |
---|
1430 | options.use_login = 0; |
---|
1431 | |
---|
1432 | #ifdef _UNICOS |
---|
1433 | cray_setup(pw->pw_uid, pw->pw_name, command); |
---|
1434 | #endif /* _UNICOS */ |
---|
1435 | |
---|
1436 | /* |
---|
1437 | * Login(1) does this as well, and it needs uid 0 for the "-h" |
---|
1438 | * switch, so we let login(1) to this for us. |
---|
1439 | */ |
---|
1440 | if (!options.use_login) { |
---|
1441 | #ifdef HAVE_OSF_SIA |
---|
1442 | session_setup_sia(pw->pw_name, s->ttyfd == -1 ? NULL : s->tty); |
---|
1443 | if (!check_quietlogin(s, command)) |
---|
1444 | do_motd(); |
---|
1445 | #else /* HAVE_OSF_SIA */ |
---|
1446 | do_nologin(pw); |
---|
1447 | do_setusercontext(pw); |
---|
1448 | #endif /* HAVE_OSF_SIA */ |
---|
1449 | } |
---|
1450 | |
---|
1451 | /* |
---|
1452 | * Get the shell from the password data. An empty shell field is |
---|
1453 | * legal, and means /bin/sh. |
---|
1454 | */ |
---|
1455 | shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; |
---|
1456 | #ifdef HAVE_LOGIN_CAP |
---|
1457 | shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell); |
---|
1458 | #endif |
---|
1459 | |
---|
1460 | env = do_setup_env(s, shell); |
---|
1461 | |
---|
1462 | /* we have to stash the hostname before we close our socket. */ |
---|
1463 | if (options.use_login) |
---|
1464 | hostname = get_remote_name_or_ip(utmp_len, |
---|
1465 | options.verify_reverse_mapping); |
---|
1466 | /* |
---|
1467 | * Close the connection descriptors; note that this is the child, and |
---|
1468 | * the server will still have the socket open, and it is important |
---|
1469 | * that we do not shutdown it. Note that the descriptors cannot be |
---|
1470 | * closed before building the environment, as we call |
---|
1471 | * get_remote_ipaddr there. |
---|
1472 | */ |
---|
1473 | if (packet_get_connection_in() == packet_get_connection_out()) |
---|
1474 | close(packet_get_connection_in()); |
---|
1475 | else { |
---|
1476 | close(packet_get_connection_in()); |
---|
1477 | close(packet_get_connection_out()); |
---|
1478 | } |
---|
1479 | /* |
---|
1480 | * Close all descriptors related to channels. They will still remain |
---|
1481 | * open in the parent. |
---|
1482 | */ |
---|
1483 | /* XXX better use close-on-exec? -markus */ |
---|
1484 | channel_close_all(); |
---|
1485 | |
---|
1486 | /* |
---|
1487 | * Close any extra file descriptors. Note that there may still be |
---|
1488 | * descriptors left by system functions. They will be closed later. |
---|
1489 | */ |
---|
1490 | endpwent(); |
---|
1491 | |
---|
1492 | /* |
---|
1493 | * Close any extra open file descriptors so that we don\'t have them |
---|
1494 | * hanging around in clients. Note that we want to do this after |
---|
1495 | * initgroups, because at least on Solaris 2.3 it leaves file |
---|
1496 | * descriptors open. |
---|
1497 | */ |
---|
1498 | for (i = 3; i < 64; i++) |
---|
1499 | close(i); |
---|
1500 | |
---|
1501 | /* |
---|
1502 | * Must take new environment into use so that .ssh/rc, |
---|
1503 | * /etc/ssh/sshrc and xauth are run in the proper environment. |
---|
1504 | */ |
---|
1505 | environ = env; |
---|
1506 | |
---|
1507 | #ifdef AFS |
---|
1508 | /* Try to get AFS tokens for the local cell. */ |
---|
1509 | if (k_hasafs()) { |
---|
1510 | char cell[64]; |
---|
1511 | |
---|
1512 | if (k_afs_cell_of_file(pw->pw_dir, cell, sizeof(cell)) == 0) |
---|
1513 | krb_afslog(cell, 0); |
---|
1514 | |
---|
1515 | krb_afslog(0, 0); |
---|
1516 | } |
---|
1517 | #endif /* AFS */ |
---|
1518 | |
---|
1519 | /* Change current directory to the user\'s home directory. */ |
---|
1520 | if (chdir(pw->pw_dir) < 0) { |
---|
1521 | fprintf(stderr, "Could not chdir to home directory %s: %s\n", |
---|
1522 | pw->pw_dir, strerror(errno)); |
---|
1523 | #ifdef HAVE_LOGIN_CAP |
---|
1524 | if (login_getcapbool(lc, "requirehome", 0)) |
---|
1525 | exit(1); |
---|
1526 | #endif |
---|
1527 | } |
---|
1528 | |
---|
1529 | if (!options.use_login) |
---|
1530 | do_rc_files(s, shell); |
---|
1531 | |
---|
1532 | /* restore SIGPIPE for child */ |
---|
1533 | signal(SIGPIPE, SIG_DFL); |
---|
1534 | |
---|
1535 | if (options.use_login) { |
---|
1536 | launch_login(pw, hostname); |
---|
1537 | /* NEVERREACHED */ |
---|
1538 | } |
---|
1539 | |
---|
1540 | /* Get the last component of the shell name. */ |
---|
1541 | if ((shell0 = strrchr(shell, '/')) != NULL) |
---|
1542 | shell0++; |
---|
1543 | else |
---|
1544 | shell0 = shell; |
---|
1545 | |
---|
1546 | /* |
---|
1547 | * If we have no command, execute the shell. In this case, the shell |
---|
1548 | * name to be passed in argv[0] is preceded by '-' to indicate that |
---|
1549 | * this is a login shell. |
---|
1550 | */ |
---|
1551 | if (!command) { |
---|
1552 | char argv0[256]; |
---|
1553 | |
---|
1554 | /* Start the shell. Set initial character to '-'. */ |
---|
1555 | argv0[0] = '-'; |
---|
1556 | |
---|
1557 | if (strlcpy(argv0 + 1, shell0, sizeof(argv0) - 1) |
---|
1558 | >= sizeof(argv0) - 1) { |
---|
1559 | errno = EINVAL; |
---|
1560 | perror(shell); |
---|
1561 | exit(1); |
---|
1562 | } |
---|
1563 | |
---|
1564 | /* Execute the shell. */ |
---|
1565 | argv[0] = argv0; |
---|
1566 | argv[1] = NULL; |
---|
1567 | execve(shell, argv, env); |
---|
1568 | |
---|
1569 | /* Executing the shell failed. */ |
---|
1570 | perror(shell); |
---|
1571 | exit(1); |
---|
1572 | } |
---|
1573 | /* |
---|
1574 | * Execute the command using the user's shell. This uses the -c |
---|
1575 | * option to execute the command. |
---|
1576 | */ |
---|
1577 | argv[0] = (char *) shell0; |
---|
1578 | argv[1] = "-c"; |
---|
1579 | argv[2] = (char *) command; |
---|
1580 | argv[3] = NULL; |
---|
1581 | execve(shell, argv, env); |
---|
1582 | perror(shell); |
---|
1583 | exit(1); |
---|
1584 | } |
---|
1585 | |
---|
1586 | Session * |
---|
1587 | session_new(void) |
---|
1588 | { |
---|
1589 | int i; |
---|
1590 | static int did_init = 0; |
---|
1591 | if (!did_init) { |
---|
1592 | debug("session_new: init"); |
---|
1593 | for (i = 0; i < MAX_SESSIONS; i++) { |
---|
1594 | sessions[i].used = 0; |
---|
1595 | } |
---|
1596 | did_init = 1; |
---|
1597 | } |
---|
1598 | for (i = 0; i < MAX_SESSIONS; i++) { |
---|
1599 | Session *s = &sessions[i]; |
---|
1600 | if (! s->used) { |
---|
1601 | memset(s, 0, sizeof(*s)); |
---|
1602 | s->chanid = -1; |
---|
1603 | s->ptyfd = -1; |
---|
1604 | s->ttyfd = -1; |
---|
1605 | s->used = 1; |
---|
1606 | s->self = i; |
---|
1607 | debug("session_new: session %d", i); |
---|
1608 | return s; |
---|
1609 | } |
---|
1610 | } |
---|
1611 | return NULL; |
---|
1612 | } |
---|
1613 | |
---|
1614 | static void |
---|
1615 | session_dump(void) |
---|
1616 | { |
---|
1617 | int i; |
---|
1618 | for (i = 0; i < MAX_SESSIONS; i++) { |
---|
1619 | Session *s = &sessions[i]; |
---|
1620 | debug("dump: used %d session %d %p channel %d pid %ld", |
---|
1621 | s->used, |
---|
1622 | s->self, |
---|
1623 | s, |
---|
1624 | s->chanid, |
---|
1625 | (long)s->pid); |
---|
1626 | } |
---|
1627 | } |
---|
1628 | |
---|
1629 | int |
---|
1630 | session_open(Authctxt *authctxt, int chanid) |
---|
1631 | { |
---|
1632 | Session *s = session_new(); |
---|
1633 | debug("session_open: channel %d", chanid); |
---|
1634 | if (s == NULL) { |
---|
1635 | error("no more sessions"); |
---|
1636 | return 0; |
---|
1637 | } |
---|
1638 | s->authctxt = authctxt; |
---|
1639 | s->pw = authctxt->pw; |
---|
1640 | if (s->pw == NULL) |
---|
1641 | fatal("no user for session %d", s->self); |
---|
1642 | debug("session_open: session %d: link with channel %d", s->self, chanid); |
---|
1643 | s->chanid = chanid; |
---|
1644 | return 1; |
---|
1645 | } |
---|
1646 | |
---|
1647 | Session * |
---|
1648 | session_by_tty(char *tty) |
---|
1649 | { |
---|
1650 | int i; |
---|
1651 | for (i = 0; i < MAX_SESSIONS; i++) { |
---|
1652 | Session *s = &sessions[i]; |
---|
1653 | if (s->used && s->ttyfd != -1 && strcmp(s->tty, tty) == 0) { |
---|
1654 | debug("session_by_tty: session %d tty %s", i, tty); |
---|
1655 | return s; |
---|
1656 | } |
---|
1657 | } |
---|
1658 | debug("session_by_tty: unknown tty %.100s", tty); |
---|
1659 | session_dump(); |
---|
1660 | return NULL; |
---|
1661 | } |
---|
1662 | |
---|
1663 | static Session * |
---|
1664 | session_by_channel(int id) |
---|
1665 | { |
---|
1666 | int i; |
---|
1667 | for (i = 0; i < MAX_SESSIONS; i++) { |
---|
1668 | Session *s = &sessions[i]; |
---|
1669 | if (s->used && s->chanid == id) { |
---|
1670 | debug("session_by_channel: session %d channel %d", i, id); |
---|
1671 | return s; |
---|
1672 | } |
---|
1673 | } |
---|
1674 | debug("session_by_channel: unknown channel %d", id); |
---|
1675 | session_dump(); |
---|
1676 | return NULL; |
---|
1677 | } |
---|
1678 | |
---|
1679 | static Session * |
---|
1680 | session_by_pid(pid_t pid) |
---|
1681 | { |
---|
1682 | int i; |
---|
1683 | debug("session_by_pid: pid %ld", (long)pid); |
---|
1684 | for (i = 0; i < MAX_SESSIONS; i++) { |
---|
1685 | Session *s = &sessions[i]; |
---|
1686 | if (s->used && s->pid == pid) |
---|
1687 | return s; |
---|
1688 | } |
---|
1689 | error("session_by_pid: unknown pid %ld", (long)pid); |
---|
1690 | session_dump(); |
---|
1691 | return NULL; |
---|
1692 | } |
---|
1693 | |
---|
1694 | static int |
---|
1695 | session_window_change_req(Session *s) |
---|
1696 | { |
---|
1697 | s->col = packet_get_int(); |
---|
1698 | s->row = packet_get_int(); |
---|
1699 | s->xpixel = packet_get_int(); |
---|
1700 | s->ypixel = packet_get_int(); |
---|
1701 | packet_check_eom(); |
---|
1702 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); |
---|
1703 | return 1; |
---|
1704 | } |
---|
1705 | |
---|
1706 | static int |
---|
1707 | session_pty_req(Session *s) |
---|
1708 | { |
---|
1709 | u_int len; |
---|
1710 | int n_bytes; |
---|
1711 | |
---|
1712 | if (no_pty_flag) { |
---|
1713 | debug("Allocating a pty not permitted for this authentication."); |
---|
1714 | return 0; |
---|
1715 | } |
---|
1716 | if (s->ttyfd != -1) { |
---|
1717 | packet_disconnect("Protocol error: you already have a pty."); |
---|
1718 | return 0; |
---|
1719 | } |
---|
1720 | /* Get the time and hostname when the user last logged in. */ |
---|
1721 | if (options.print_lastlog) { |
---|
1722 | s->hostname[0] = '\0'; |
---|
1723 | s->last_login_time = get_last_login_time(s->pw->pw_uid, |
---|
1724 | s->pw->pw_name, s->hostname, sizeof(s->hostname)); |
---|
1725 | } |
---|
1726 | |
---|
1727 | s->term = packet_get_string(&len); |
---|
1728 | |
---|
1729 | if (compat20) { |
---|
1730 | s->col = packet_get_int(); |
---|
1731 | s->row = packet_get_int(); |
---|
1732 | } else { |
---|
1733 | s->row = packet_get_int(); |
---|
1734 | s->col = packet_get_int(); |
---|
1735 | } |
---|
1736 | s->xpixel = packet_get_int(); |
---|
1737 | s->ypixel = packet_get_int(); |
---|
1738 | |
---|
1739 | if (strcmp(s->term, "") == 0) { |
---|
1740 | xfree(s->term); |
---|
1741 | s->term = NULL; |
---|
1742 | } |
---|
1743 | |
---|
1744 | /* Allocate a pty and open it. */ |
---|
1745 | debug("Allocating pty."); |
---|
1746 | if (!PRIVSEP(pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty)))) { |
---|
1747 | if (s->term) |
---|
1748 | xfree(s->term); |
---|
1749 | s->term = NULL; |
---|
1750 | s->ptyfd = -1; |
---|
1751 | s->ttyfd = -1; |
---|
1752 | error("session_pty_req: session %d alloc failed", s->self); |
---|
1753 | return 0; |
---|
1754 | } |
---|
1755 | debug("session_pty_req: session %d alloc %s", s->self, s->tty); |
---|
1756 | |
---|
1757 | /* for SSH1 the tty modes length is not given */ |
---|
1758 | if (!compat20) |
---|
1759 | n_bytes = packet_remaining(); |
---|
1760 | tty_parse_modes(s->ttyfd, &n_bytes); |
---|
1761 | |
---|
1762 | /* |
---|
1763 | * Add a cleanup function to clear the utmp entry and record logout |
---|
1764 | * time in case we call fatal() (e.g., the connection gets closed). |
---|
1765 | */ |
---|
1766 | fatal_add_cleanup(session_pty_cleanup, (void *)s); |
---|
1767 | if (!use_privsep) |
---|
1768 | pty_setowner(s->pw, s->tty); |
---|
1769 | |
---|
1770 | /* Set window size from the packet. */ |
---|
1771 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); |
---|
1772 | |
---|
1773 | packet_check_eom(); |
---|
1774 | session_proctitle(s); |
---|
1775 | return 1; |
---|
1776 | } |
---|
1777 | |
---|
1778 | static int |
---|
1779 | session_subsystem_req(Session *s) |
---|
1780 | { |
---|
1781 | struct stat st; |
---|
1782 | u_int len; |
---|
1783 | int success = 0; |
---|
1784 | char *cmd, *subsys = packet_get_string(&len); |
---|
1785 | int i; |
---|
1786 | |
---|
1787 | packet_check_eom(); |
---|
1788 | log("subsystem request for %.100s", subsys); |
---|
1789 | |
---|
1790 | for (i = 0; i < options.num_subsystems; i++) { |
---|
1791 | if (strcmp(subsys, options.subsystem_name[i]) == 0) { |
---|
1792 | cmd = options.subsystem_command[i]; |
---|
1793 | if (stat(cmd, &st) < 0) { |
---|
1794 | error("subsystem: cannot stat %s: %s", cmd, |
---|
1795 | strerror(errno)); |
---|
1796 | break; |
---|
1797 | } |
---|
1798 | debug("subsystem: exec() %s", cmd); |
---|
1799 | s->is_subsystem = 1; |
---|
1800 | do_exec(s, cmd); |
---|
1801 | success = 1; |
---|
1802 | break; |
---|
1803 | } |
---|
1804 | } |
---|
1805 | |
---|
1806 | if (!success) |
---|
1807 | log("subsystem request for %.100s failed, subsystem not found", |
---|
1808 | subsys); |
---|
1809 | |
---|
1810 | xfree(subsys); |
---|
1811 | return success; |
---|
1812 | } |
---|
1813 | |
---|
1814 | static int |
---|
1815 | session_x11_req(Session *s) |
---|
1816 | { |
---|
1817 | int success; |
---|
1818 | |
---|
1819 | s->single_connection = packet_get_char(); |
---|
1820 | s->auth_proto = packet_get_string(NULL); |
---|
1821 | s->auth_data = packet_get_string(NULL); |
---|
1822 | s->screen = packet_get_int(); |
---|
1823 | packet_check_eom(); |
---|
1824 | |
---|
1825 | success = session_setup_x11fwd(s); |
---|
1826 | if (!success) { |
---|
1827 | xfree(s->auth_proto); |
---|
1828 | xfree(s->auth_data); |
---|
1829 | s->auth_proto = NULL; |
---|
1830 | s->auth_data = NULL; |
---|
1831 | } |
---|
1832 | return success; |
---|
1833 | } |
---|
1834 | |
---|
1835 | static int |
---|
1836 | session_shell_req(Session *s) |
---|
1837 | { |
---|
1838 | packet_check_eom(); |
---|
1839 | do_exec(s, NULL); |
---|
1840 | return 1; |
---|
1841 | } |
---|
1842 | |
---|
1843 | static int |
---|
1844 | session_exec_req(Session *s) |
---|
1845 | { |
---|
1846 | u_int len; |
---|
1847 | char *command = packet_get_string(&len); |
---|
1848 | packet_check_eom(); |
---|
1849 | do_exec(s, command); |
---|
1850 | xfree(command); |
---|
1851 | return 1; |
---|
1852 | } |
---|
1853 | |
---|
1854 | static int |
---|
1855 | session_auth_agent_req(Session *s) |
---|
1856 | { |
---|
1857 | static int called = 0; |
---|
1858 | packet_check_eom(); |
---|
1859 | if (no_agent_forwarding_flag) { |
---|
1860 | debug("session_auth_agent_req: no_agent_forwarding_flag"); |
---|
1861 | return 0; |
---|
1862 | } |
---|
1863 | if (called) { |
---|
1864 | return 0; |
---|
1865 | } else { |
---|
1866 | called = 1; |
---|
1867 | return auth_input_request_forwarding(s->pw); |
---|
1868 | } |
---|
1869 | } |
---|
1870 | |
---|
1871 | int |
---|
1872 | session_input_channel_req(Channel *c, const char *rtype) |
---|
1873 | { |
---|
1874 | int success = 0; |
---|
1875 | Session *s; |
---|
1876 | |
---|
1877 | if ((s = session_by_channel(c->self)) == NULL) { |
---|
1878 | log("session_input_channel_req: no session %d req %.100s", |
---|
1879 | c->self, rtype); |
---|
1880 | return 0; |
---|
1881 | } |
---|
1882 | debug("session_input_channel_req: session %d req %s", s->self, rtype); |
---|
1883 | |
---|
1884 | /* |
---|
1885 | * a session is in LARVAL state until a shell, a command |
---|
1886 | * or a subsystem is executed |
---|
1887 | */ |
---|
1888 | if (c->type == SSH_CHANNEL_LARVAL) { |
---|
1889 | if (strcmp(rtype, "shell") == 0) { |
---|
1890 | success = session_shell_req(s); |
---|
1891 | } else if (strcmp(rtype, "exec") == 0) { |
---|
1892 | success = session_exec_req(s); |
---|
1893 | } else if (strcmp(rtype, "pty-req") == 0) { |
---|
1894 | success = session_pty_req(s); |
---|
1895 | } else if (strcmp(rtype, "x11-req") == 0) { |
---|
1896 | success = session_x11_req(s); |
---|
1897 | } else if (strcmp(rtype, "auth-agent-req@openssh.com") == 0) { |
---|
1898 | success = session_auth_agent_req(s); |
---|
1899 | } else if (strcmp(rtype, "subsystem") == 0) { |
---|
1900 | success = session_subsystem_req(s); |
---|
1901 | } |
---|
1902 | } |
---|
1903 | if (strcmp(rtype, "window-change") == 0) { |
---|
1904 | success = session_window_change_req(s); |
---|
1905 | } |
---|
1906 | return success; |
---|
1907 | } |
---|
1908 | |
---|
1909 | void |
---|
1910 | session_set_fds(Session *s, int fdin, int fdout, int fderr) |
---|
1911 | { |
---|
1912 | if (!compat20) |
---|
1913 | fatal("session_set_fds: called for proto != 2.0"); |
---|
1914 | /* |
---|
1915 | * now that have a child and a pipe to the child, |
---|
1916 | * we can activate our channel and register the fd's |
---|
1917 | */ |
---|
1918 | if (s->chanid == -1) |
---|
1919 | fatal("no channel for session %d", s->self); |
---|
1920 | channel_set_fds(s->chanid, |
---|
1921 | fdout, fdin, fderr, |
---|
1922 | fderr == -1 ? CHAN_EXTENDED_IGNORE : CHAN_EXTENDED_READ, |
---|
1923 | 1, |
---|
1924 | CHAN_SES_WINDOW_DEFAULT); |
---|
1925 | } |
---|
1926 | |
---|
1927 | /* |
---|
1928 | * Function to perform pty cleanup. Also called if we get aborted abnormally |
---|
1929 | * (e.g., due to a dropped connection). |
---|
1930 | */ |
---|
1931 | void |
---|
1932 | session_pty_cleanup2(void *session) |
---|
1933 | { |
---|
1934 | Session *s = session; |
---|
1935 | |
---|
1936 | if (s == NULL) { |
---|
1937 | error("session_pty_cleanup: no session"); |
---|
1938 | return; |
---|
1939 | } |
---|
1940 | if (s->ttyfd == -1) |
---|
1941 | return; |
---|
1942 | |
---|
1943 | debug("session_pty_cleanup: session %d release %s", s->self, s->tty); |
---|
1944 | |
---|
1945 | /* Record that the user has logged out. */ |
---|
1946 | if (s->pid != 0) |
---|
1947 | record_logout(s->pid, s->tty, s->pw->pw_name); |
---|
1948 | |
---|
1949 | /* Release the pseudo-tty. */ |
---|
1950 | if (getuid() == 0) |
---|
1951 | pty_release(s->tty); |
---|
1952 | |
---|
1953 | /* |
---|
1954 | * Close the server side of the socket pairs. We must do this after |
---|
1955 | * the pty cleanup, so that another process doesn't get this pty |
---|
1956 | * while we're still cleaning up. |
---|
1957 | */ |
---|
1958 | if (close(s->ptymaster) < 0) |
---|
1959 | error("close(s->ptymaster/%d): %s", s->ptymaster, strerror(errno)); |
---|
1960 | |
---|
1961 | /* unlink pty from session */ |
---|
1962 | s->ttyfd = -1; |
---|
1963 | } |
---|
1964 | |
---|
1965 | void |
---|
1966 | session_pty_cleanup(void *session) |
---|
1967 | { |
---|
1968 | PRIVSEP(session_pty_cleanup2(session)); |
---|
1969 | } |
---|
1970 | |
---|
1971 | static char * |
---|
1972 | sig2name(int sig) |
---|
1973 | { |
---|
1974 | #define SSH_SIG(x) if (sig == SIG ## x) return #x |
---|
1975 | SSH_SIG(ABRT); |
---|
1976 | SSH_SIG(ALRM); |
---|
1977 | SSH_SIG(FPE); |
---|
1978 | SSH_SIG(HUP); |
---|
1979 | SSH_SIG(ILL); |
---|
1980 | SSH_SIG(INT); |
---|
1981 | SSH_SIG(KILL); |
---|
1982 | SSH_SIG(PIPE); |
---|
1983 | SSH_SIG(QUIT); |
---|
1984 | SSH_SIG(SEGV); |
---|
1985 | SSH_SIG(TERM); |
---|
1986 | SSH_SIG(USR1); |
---|
1987 | SSH_SIG(USR2); |
---|
1988 | #undef SSH_SIG |
---|
1989 | return "SIG@openssh.com"; |
---|
1990 | } |
---|
1991 | |
---|
1992 | static void |
---|
1993 | session_exit_message(Session *s, int status) |
---|
1994 | { |
---|
1995 | Channel *c; |
---|
1996 | |
---|
1997 | if ((c = channel_lookup(s->chanid)) == NULL) |
---|
1998 | fatal("session_exit_message: session %d: no channel %d", |
---|
1999 | s->self, s->chanid); |
---|
2000 | debug("session_exit_message: session %d channel %d pid %ld", |
---|
2001 | s->self, s->chanid, (long)s->pid); |
---|
2002 | |
---|
2003 | if (WIFEXITED(status)) { |
---|
2004 | channel_request_start(s->chanid, "exit-status", 0); |
---|
2005 | packet_put_int(WEXITSTATUS(status)); |
---|
2006 | packet_send(); |
---|
2007 | } else if (WIFSIGNALED(status)) { |
---|
2008 | channel_request_start(s->chanid, "exit-signal", 0); |
---|
2009 | packet_put_cstring(sig2name(WTERMSIG(status))); |
---|
2010 | #ifdef WCOREDUMP |
---|
2011 | packet_put_char(WCOREDUMP(status)); |
---|
2012 | #else /* WCOREDUMP */ |
---|
2013 | packet_put_char(0); |
---|
2014 | #endif /* WCOREDUMP */ |
---|
2015 | packet_put_cstring(""); |
---|
2016 | packet_put_cstring(""); |
---|
2017 | packet_send(); |
---|
2018 | } else { |
---|
2019 | /* Some weird exit cause. Just exit. */ |
---|
2020 | packet_disconnect("wait returned status %04x.", status); |
---|
2021 | } |
---|
2022 | |
---|
2023 | /* disconnect channel */ |
---|
2024 | debug("session_exit_message: release channel %d", s->chanid); |
---|
2025 | channel_cancel_cleanup(s->chanid); |
---|
2026 | /* |
---|
2027 | * emulate a write failure with 'chan_write_failed', nobody will be |
---|
2028 | * interested in data we write. |
---|
2029 | * Note that we must not call 'chan_read_failed', since there could |
---|
2030 | * be some more data waiting in the pipe. |
---|
2031 | */ |
---|
2032 | if (c->ostate != CHAN_OUTPUT_CLOSED) |
---|
2033 | chan_write_failed(c); |
---|
2034 | s->chanid = -1; |
---|
2035 | } |
---|
2036 | |
---|
2037 | void |
---|
2038 | session_close(Session *s) |
---|
2039 | { |
---|
2040 | debug("session_close: session %d pid %ld", s->self, (long)s->pid); |
---|
2041 | if (s->ttyfd != -1) { |
---|
2042 | fatal_remove_cleanup(session_pty_cleanup, (void *)s); |
---|
2043 | session_pty_cleanup(s); |
---|
2044 | } |
---|
2045 | if (s->term) |
---|
2046 | xfree(s->term); |
---|
2047 | if (s->display) |
---|
2048 | xfree(s->display); |
---|
2049 | if (s->auth_display) |
---|
2050 | xfree(s->auth_display); |
---|
2051 | if (s->auth_data) |
---|
2052 | xfree(s->auth_data); |
---|
2053 | if (s->auth_proto) |
---|
2054 | xfree(s->auth_proto); |
---|
2055 | s->used = 0; |
---|
2056 | session_proctitle(s); |
---|
2057 | } |
---|
2058 | |
---|
2059 | void |
---|
2060 | session_close_by_pid(pid_t pid, int status) |
---|
2061 | { |
---|
2062 | Session *s = session_by_pid(pid); |
---|
2063 | if (s == NULL) { |
---|
2064 | debug("session_close_by_pid: no session for pid %ld", |
---|
2065 | (long)pid); |
---|
2066 | return; |
---|
2067 | } |
---|
2068 | if (s->chanid != -1) |
---|
2069 | session_exit_message(s, status); |
---|
2070 | session_close(s); |
---|
2071 | } |
---|
2072 | |
---|
2073 | /* |
---|
2074 | * this is called when a channel dies before |
---|
2075 | * the session 'child' itself dies |
---|
2076 | */ |
---|
2077 | void |
---|
2078 | session_close_by_channel(int id, void *arg) |
---|
2079 | { |
---|
2080 | Session *s = session_by_channel(id); |
---|
2081 | if (s == NULL) { |
---|
2082 | debug("session_close_by_channel: no session for id %d", id); |
---|
2083 | return; |
---|
2084 | } |
---|
2085 | debug("session_close_by_channel: channel %d child %ld", |
---|
2086 | id, (long)s->pid); |
---|
2087 | if (s->pid != 0) { |
---|
2088 | debug("session_close_by_channel: channel %d: has child", id); |
---|
2089 | /* |
---|
2090 | * delay detach of session, but release pty, since |
---|
2091 | * the fd's to the child are already closed |
---|
2092 | */ |
---|
2093 | if (s->ttyfd != -1) { |
---|
2094 | fatal_remove_cleanup(session_pty_cleanup, (void *)s); |
---|
2095 | session_pty_cleanup(s); |
---|
2096 | } |
---|
2097 | return; |
---|
2098 | } |
---|
2099 | /* detach by removing callback */ |
---|
2100 | channel_cancel_cleanup(s->chanid); |
---|
2101 | s->chanid = -1; |
---|
2102 | session_close(s); |
---|
2103 | } |
---|
2104 | |
---|
2105 | void |
---|
2106 | session_destroy_all(void (*closefunc)(Session *)) |
---|
2107 | { |
---|
2108 | int i; |
---|
2109 | for (i = 0; i < MAX_SESSIONS; i++) { |
---|
2110 | Session *s = &sessions[i]; |
---|
2111 | if (s->used) { |
---|
2112 | if (closefunc != NULL) |
---|
2113 | closefunc(s); |
---|
2114 | else |
---|
2115 | session_close(s); |
---|
2116 | } |
---|
2117 | } |
---|
2118 | } |
---|
2119 | |
---|
2120 | static char * |
---|
2121 | session_tty_list(void) |
---|
2122 | { |
---|
2123 | static char buf[1024]; |
---|
2124 | int i; |
---|
2125 | buf[0] = '\0'; |
---|
2126 | for (i = 0; i < MAX_SESSIONS; i++) { |
---|
2127 | Session *s = &sessions[i]; |
---|
2128 | if (s->used && s->ttyfd != -1) { |
---|
2129 | if (buf[0] != '\0') |
---|
2130 | strlcat(buf, ",", sizeof buf); |
---|
2131 | strlcat(buf, strrchr(s->tty, '/') + 1, sizeof buf); |
---|
2132 | } |
---|
2133 | } |
---|
2134 | if (buf[0] == '\0') |
---|
2135 | strlcpy(buf, "notty", sizeof buf); |
---|
2136 | return buf; |
---|
2137 | } |
---|
2138 | |
---|
2139 | void |
---|
2140 | session_proctitle(Session *s) |
---|
2141 | { |
---|
2142 | if (s->pw == NULL) |
---|
2143 | error("no user for session %d", s->self); |
---|
2144 | else |
---|
2145 | setproctitle("%s@%s", s->pw->pw_name, session_tty_list()); |
---|
2146 | } |
---|
2147 | |
---|
2148 | int |
---|
2149 | session_setup_x11fwd(Session *s) |
---|
2150 | { |
---|
2151 | struct stat st; |
---|
2152 | char display[512], auth_display[512]; |
---|
2153 | char hostname[MAXHOSTNAMELEN]; |
---|
2154 | |
---|
2155 | if (no_x11_forwarding_flag) { |
---|
2156 | packet_send_debug("X11 forwarding disabled in user configuration file."); |
---|
2157 | return 0; |
---|
2158 | } |
---|
2159 | if (!options.x11_forwarding) { |
---|
2160 | debug("X11 forwarding disabled in server configuration file."); |
---|
2161 | return 0; |
---|
2162 | } |
---|
2163 | if (!options.xauth_location || |
---|
2164 | (stat(options.xauth_location, &st) == -1)) { |
---|
2165 | packet_send_debug("No xauth program; cannot forward with spoofing."); |
---|
2166 | return 0; |
---|
2167 | } |
---|
2168 | if (options.use_login) { |
---|
2169 | packet_send_debug("X11 forwarding disabled; " |
---|
2170 | "not compatible with UseLogin=yes."); |
---|
2171 | return 0; |
---|
2172 | } |
---|
2173 | if (s->display != NULL) { |
---|
2174 | debug("X11 display already set."); |
---|
2175 | return 0; |
---|
2176 | } |
---|
2177 | if (x11_create_display_inet(options.x11_display_offset, |
---|
2178 | options.x11_use_localhost, s->single_connection, |
---|
2179 | &s->display_number) == -1) { |
---|
2180 | debug("x11_create_display_inet failed."); |
---|
2181 | return 0; |
---|
2182 | } |
---|
2183 | |
---|
2184 | /* Set up a suitable value for the DISPLAY variable. */ |
---|
2185 | if (gethostname(hostname, sizeof(hostname)) < 0) |
---|
2186 | fatal("gethostname: %.100s", strerror(errno)); |
---|
2187 | /* |
---|
2188 | * auth_display must be used as the displayname when the |
---|
2189 | * authorization entry is added with xauth(1). This will be |
---|
2190 | * different than the DISPLAY string for localhost displays. |
---|
2191 | */ |
---|
2192 | if (options.x11_use_localhost) { |
---|
2193 | snprintf(display, sizeof display, "localhost:%u.%u", |
---|
2194 | s->display_number, s->screen); |
---|
2195 | snprintf(auth_display, sizeof auth_display, "unix:%u.%u", |
---|
2196 | s->display_number, s->screen); |
---|
2197 | s->display = xstrdup(display); |
---|
2198 | s->auth_display = xstrdup(auth_display); |
---|
2199 | } else { |
---|
2200 | #ifdef IPADDR_IN_DISPLAY |
---|
2201 | struct hostent *he; |
---|
2202 | struct in_addr my_addr; |
---|
2203 | |
---|
2204 | he = gethostbyname(hostname); |
---|
2205 | if (he == NULL) { |
---|
2206 | error("Can't get IP address for X11 DISPLAY."); |
---|
2207 | packet_send_debug("Can't get IP address for X11 DISPLAY."); |
---|
2208 | return 0; |
---|
2209 | } |
---|
2210 | memcpy(&my_addr, he->h_addr_list[0], sizeof(struct in_addr)); |
---|
2211 | snprintf(display, sizeof display, "%.50s:%u.%u", inet_ntoa(my_addr), |
---|
2212 | s->display_number, s->screen); |
---|
2213 | #else |
---|
2214 | snprintf(display, sizeof display, "%.400s:%u.%u", hostname, |
---|
2215 | s->display_number, s->screen); |
---|
2216 | #endif |
---|
2217 | s->display = xstrdup(display); |
---|
2218 | s->auth_display = xstrdup(display); |
---|
2219 | } |
---|
2220 | |
---|
2221 | return 1; |
---|
2222 | } |
---|
2223 | |
---|
2224 | static void |
---|
2225 | do_authenticated2(Authctxt *authctxt) |
---|
2226 | { |
---|
2227 | server_loop2(authctxt); |
---|
2228 | #if defined(GSSAPI) |
---|
2229 | ssh_gssapi_cleanup_creds(NULL); |
---|
2230 | #endif |
---|
2231 | } |
---|
2232 | |
---|
2233 | void try_afscall(int (*func)(void)) |
---|
2234 | { |
---|
2235 | #ifdef SIGSYS |
---|
2236 | struct sigaction sa, osa; |
---|
2237 | |
---|
2238 | sigemptyset(&sa.sa_mask); |
---|
2239 | sa.sa_flags = 0; |
---|
2240 | sa.sa_handler = SIG_IGN; |
---|
2241 | sigaction(SIGSYS, &sa, &osa); |
---|
2242 | #endif |
---|
2243 | func(); |
---|
2244 | #ifdef SIGSYS |
---|
2245 | sigaction(SIGSYS, &osa, NULL); |
---|
2246 | #endif |
---|
2247 | } |
---|
2248 | |
---|
2249 | void krb_cleanup(void) |
---|
2250 | { |
---|
2251 | dest_tkt(); |
---|
2252 | try_afscall(ktc_ForgetAllTokens); |
---|
2253 | } |
---|
2254 | |
---|
2255 | /* |
---|
2256 | * Free the memory allocated by pwcopy(). |
---|
2257 | */ |
---|
2258 | static void |
---|
2259 | pwfree(struct passwd *pw) |
---|
2260 | { |
---|
2261 | xfree(pw->pw_name); |
---|
2262 | xfree(pw->pw_passwd); |
---|
2263 | xfree(pw->pw_gecos); |
---|
2264 | #ifdef HAVE_PW_CLASS_IN_PASSWD |
---|
2265 | xfree(pw->pw_class); |
---|
2266 | #endif |
---|
2267 | xfree(pw->pw_dir); |
---|
2268 | xfree(pw->pw_shell); |
---|
2269 | xfree(pw); |
---|
2270 | } |
---|