version 1.57, 2000/05/08 17:42:24 |
version 1.57.2.2, 2000/09/01 18:23:18 |
|
|
*/ |
*/ |
|
|
#include "includes.h" |
#include "includes.h" |
RCSID("$Id$"); |
RCSID("$OpenBSD$"); |
|
|
#include "ssh.h" |
#include "ssh.h" |
#include "packet.h" |
#include "packet.h" |
#include "xmalloc.h" |
#include "xmalloc.h" |
#include "buffer.h" |
#include "buffer.h" |
#include "authfd.h" |
|
#include "uidswap.h" |
#include "uidswap.h" |
#include "readconf.h" |
#include "readconf.h" |
#include "servconf.h" |
#include "servconf.h" |
|
|
|
|
#include "ssh2.h" |
#include "ssh2.h" |
|
|
|
#include <openssl/rsa.h> |
|
#include <openssl/dsa.h> |
|
#include "key.h" |
|
#include "authfd.h" |
|
|
/* Maximum number of fake X11 displays to try. */ |
/* Maximum number of fake X11 displays to try. */ |
#define MAX_DISPLAYS 1000 |
#define MAX_DISPLAYS 1000 |
|
|
|
|
channel_lookup(int id) |
channel_lookup(int id) |
{ |
{ |
Channel *c; |
Channel *c; |
if (id < 0 && id > channels_alloc) { |
if (id < 0 || id > channels_alloc) { |
log("channel_lookup: %d: bad id", id); |
log("channel_lookup: %d: bad id", id); |
return NULL; |
return NULL; |
} |
} |
|
|
return c; |
return c; |
} |
} |
|
|
void |
|
set_nonblock(int fd) |
|
{ |
|
int val; |
|
val = fcntl(fd, F_GETFL, 0); |
|
if (val < 0) { |
|
error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno)); |
|
return; |
|
} |
|
if (val & O_NONBLOCK) |
|
return; |
|
debug("fd %d setting O_NONBLOCK", fd); |
|
val |= O_NONBLOCK; |
|
if (fcntl(fd, F_SETFL, val) == -1) |
|
error("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd, strerror(errno)); |
|
} |
|
|
|
/* |
/* |
* Register filedescriptors for a channel, used when allocating a channel or |
* Register filedescriptors for a channel, used when allocating a channel or |
* when the channel consumer/producer is ready, e.g. shell exec'd |
* when the channel consumer/producer is ready, e.g. shell exec'd |
|
|
c->cb_arg = NULL; |
c->cb_arg = NULL; |
c->cb_event = 0; |
c->cb_event = 0; |
c->dettach_user = NULL; |
c->dettach_user = NULL; |
|
c->input_filter = NULL; |
debug("channel %d: new [%s]", found, remote_name); |
debug("channel %d: new [%s]", found, remote_name); |
return found; |
return found; |
} |
} |
|
|
} |
} |
return -1; |
return -1; |
} |
} |
buffer_append(&c->input, buf, len); |
if(c->input_filter != NULL) { |
|
if (c->input_filter(c, buf, len) == -1) { |
|
debug("filter stops channel %d", c->self); |
|
chan_read_failed(c); |
|
} |
|
} else { |
|
buffer_append(&c->input, buf, len); |
|
} |
} |
} |
return 1; |
return 1; |
} |
} |
|
|
packet_send(); |
packet_send(); |
buffer_consume(&c->input, len); |
buffer_consume(&c->input, len); |
c->remote_window -= len; |
c->remote_window -= len; |
debug("channel %d: send data len %d", c->self, len); |
|
} |
} |
} else if (c->istate == CHAN_INPUT_WAIT_DRAIN) { |
} else if (c->istate == CHAN_INPUT_WAIT_DRAIN) { |
if (compat13) |
if (compat13) |
|
|
} |
} |
|
|
/* |
/* |
* This if called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server. |
* This is called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server. |
* This starts forwarding authentication requests. |
* This starts forwarding authentication requests. |
*/ |
*/ |
|
|
void |
int |
auth_input_request_forwarding(struct passwd * pw) |
auth_input_request_forwarding(struct passwd * pw) |
{ |
{ |
int sock, newch; |
int sock, newch; |
|
|
strlcpy(channel_forwarded_auth_socket_dir, "/tmp/ssh-XXXXXXXX", MAX_SOCKET_NAME); |
strlcpy(channel_forwarded_auth_socket_dir, "/tmp/ssh-XXXXXXXX", MAX_SOCKET_NAME); |
|
|
/* Create private directory for socket */ |
/* Create private directory for socket */ |
if (mkdtemp(channel_forwarded_auth_socket_dir) == NULL) |
if (mkdtemp(channel_forwarded_auth_socket_dir) == NULL) { |
packet_disconnect("mkdtemp: %.100s", strerror(errno)); |
packet_send_debug("Agent forwarding disabled: mkdtemp() failed: %.100s", |
|
strerror(errno)); |
|
restore_uid(); |
|
xfree(channel_forwarded_auth_socket_name); |
|
xfree(channel_forwarded_auth_socket_dir); |
|
channel_forwarded_auth_socket_name = NULL; |
|
channel_forwarded_auth_socket_dir = NULL; |
|
return 0; |
|
} |
snprintf(channel_forwarded_auth_socket_name, MAX_SOCKET_NAME, "%s/agent.%d", |
snprintf(channel_forwarded_auth_socket_name, MAX_SOCKET_NAME, "%s/agent.%d", |
channel_forwarded_auth_socket_dir, (int) getpid()); |
channel_forwarded_auth_socket_dir, (int) getpid()); |
|
|
|
|
xstrdup("auth socket")); |
xstrdup("auth socket")); |
strlcpy(channels[newch].path, channel_forwarded_auth_socket_name, |
strlcpy(channels[newch].path, channel_forwarded_auth_socket_name, |
sizeof(channels[newch].path)); |
sizeof(channels[newch].path)); |
|
return 1; |
} |
} |
|
|
/* This is called to process an SSH_SMSG_AGENT_OPEN message. */ |
/* This is called to process an SSH_SMSG_AGENT_OPEN message. */ |
|
|
return; |
return; |
} |
} |
c->dettach_user = NULL; |
c->dettach_user = NULL; |
|
} |
|
void |
|
channel_register_filter(int id, channel_filter_fn *fn) |
|
{ |
|
Channel *c = channel_lookup(id); |
|
if (c == NULL) { |
|
log("channel_register_filter: %d: bad id", id); |
|
return; |
|
} |
|
c->input_filter = fn; |
} |
} |
|
|
void |
void |