src/usr.bin/ssh/session.c - diff

Return to session.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/session.c between version 1.134 and 1.134.2.1

version 1.134, 2002/03/29 18:59:31

version 1.134.2.1, 2002/06/26 15:30:38

Line 98

login_cap_t *lc;

#endif

/* Name and directory of socket for authentication agent forwarding. */

static char *auth_sock_name = NULL;

static char *auth_sock_dir = NULL;

/* removes the agent forwarding socket */

static void

auth_sock_cleanup_proc(void *_pw)

{

struct passwd *pw = _pw;

if (auth_sock_name != NULL) {

temporarily_use_uid(pw);

unlink(auth_sock_name);

rmdir(auth_sock_dir);

auth_sock_name = NULL;

restore_uid();

}

static int

auth_input_request_forwarding(struct passwd * pw)

{

Channel *nc;

int sock;

struct sockaddr_un sunaddr;

if (auth_sock_name != NULL) {

error("authentication forwarding requested twice.");

return 0;

}

/* Temporarily drop privileged uid for mkdir/bind. */

temporarily_use_uid(pw);

/* Allocate a buffer for the socket name, and format the name. */

auth_sock_name = xmalloc(MAXPATHLEN);

auth_sock_dir = xmalloc(MAXPATHLEN);

strlcpy(auth_sock_dir, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);

/* Create private directory for socket */

if (mkdtemp(auth_sock_dir) == NULL) {

packet_send_debug("Agent forwarding disabled: "

"mkdtemp() failed: %.100s", strerror(errno));

restore_uid();

xfree(auth_sock_name);

xfree(auth_sock_dir);

auth_sock_name = NULL;

auth_sock_dir = NULL;

return 0;

}

snprintf(auth_sock_name, MAXPATHLEN, "%s/agent.%ld",

auth_sock_dir, (long) getpid());

/* delete agent socket on fatal() */

fatal_add_cleanup(auth_sock_cleanup_proc, pw);

/* Create the socket. */

sock = socket(AF_UNIX, SOCK_STREAM, 0);

if (sock < 0)

packet_disconnect("socket: %.100s", strerror(errno));

/* Bind it to the name. */

memset(&sunaddr, 0, sizeof(sunaddr));

sunaddr.sun_family = AF_UNIX;

strlcpy(sunaddr.sun_path, auth_sock_name, sizeof(sunaddr.sun_path));

if (bind(sock, (struct sockaddr *) & sunaddr, sizeof(sunaddr)) < 0)

packet_disconnect("bind: %.100s", strerror(errno));

/* Restore the privileged uid. */

restore_uid();

/* Start listening on the socket. */

if (listen(sock, 5) < 0)

packet_disconnect("listen: %.100s", strerror(errno));

/* Allocate a channel for the authentication agent socket. */

nc = channel_new("auth socket",

SSH_CHANNEL_AUTH_SOCKET, sock, sock, -1,

CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT,

0, xstrdup("auth socket"), 1);

strlcpy(nc->path, auth_sock_name, sizeof(nc->path));

return 1;

}

void

do_authenticated(Authctxt *authctxt)

{

Line 120

Line 207

do_authenticated1(authctxt);

/* remove agent socket */

if (auth_get_socket_name())

if (auth_sock_name != NULL)

auth_sock_cleanup_proc(authctxt->pw);

#ifdef KRB4

if (options.kerberos_ticket_cleanup)

Line 144

Line 231

Session *s;

char *command;

int success, type, screen_flag;

int compression_level = 0, enable_compression_after_reply = 0;

int enable_compression_after_reply = 0;

u_int proto_len, data_len, dlen;

u_int proto_len, data_len, dlen, compression_level = 0;

s = session_new();

s->authctxt = authctxt;

Line 171

Line 258

compression_level);

break;

}

if (!options.compression) {

debug2("compression disabled");

break;

}

/* Enable compression after we have responded with SUCCESS. */

enable_compression_after_reply = 1;

success = 1;

Line 327

Line 418

void

do_exec_no_pty(Session *s, const char *command)

{

int pid;

pid_t pid;

#ifdef USE_PIPES

int pin[2], pout[2], perr[2];

Line 662

Line 753

} else {

/* New variable. Expand if necessary. */

if (i >= (*envsizep) - 1) {

if (*envsizep >= 1000)

fatal("child_set_env: too many env vars,"

" skipping: %.100s", name);

(*envsizep) += 50;

env = (*envp) = xrealloc(env, (*envsizep) * sizeof(char *));

}

Line 687

Line 781

FILE *f;

char buf[4096];

char *cp, *value;

u_int lineno = 0;

f = fopen(filename, "r");

if (!f)

return;

while (fgets(buf, sizeof(buf), f)) {

if (++lineno > 1000)

fatal("Too many lines in environment file %s", filename);

for (cp = buf; *cp == ' ' || *cp == '\t'; cp++)

;

if (!*cp || *cp == '#' || *cp == '\n')

Line 701

Line 798

*strchr(cp, '\n') = '\0';

value = strchr(cp, '=');

if (value == NULL) {

fprintf(stderr, "Bad line in %.100s: %.200s\n", filename, buf);

fprintf(stderr, "Bad line %u in %.100s\n", lineno,

filename);

continue;

}

Line 791

Line 889

child_set_env(&env, &envsize, "KRB5CCNAME",

s->authctxt->krb5_ticket_file);

#endif

if (auth_get_socket_name() != NULL)

if (auth_sock_name != NULL)

child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,

auth_get_socket_name());

auth_sock_name);

/* read $HOME/.ssh/environment. */

if (!options.use_login) {

Line 857

Line 955

/* Add authority data to .Xauthority if appropriate. */

if (debug_flag) {

fprintf(stderr,

"Running %.100s add "

"Running %.500s add "

"%.100s %.100s %.100s\n",

options.xauth_location, s->auth_display,

s->auth_proto, s->auth_data);

Line 1147

Line 1245

int i;

for (i = 0; i < MAX_SESSIONS; i++) {

Session *s = &sessions[i];

debug("dump: used %d session %d %p channel %d pid %d",

debug("dump: used %d session %d %p channel %d pid %ld",

s->used,

s->self,

s->chanid,

s->pid);

(long)s->pid);

}

Line 1210

Line 1308

session_by_pid(pid_t pid)

{

int i;

debug("session_by_pid: pid %d", pid);

debug("session_by_pid: pid %ld", (long)pid);

for (i = 0; i < MAX_SESSIONS; i++) {

Session *s = &sessions[i];

if (s->used && s->pid == pid)

return s;

}

error("session_by_pid: unknown pid %d", pid);

error("session_by_pid: unknown pid %ld", (long)pid);

session_dump();

return NULL;

}

Line 1506

Line 1604

if ((c = channel_lookup(s->chanid)) == NULL)

fatal("session_exit_message: session %d: no channel %d",

s->self, s->chanid);

debug("session_exit_message: session %d channel %d pid %d",

debug("session_exit_message: session %d channel %d pid %ld",

s->self, s->chanid, s->pid);

s->self, s->chanid, (long)s->pid);

if (WIFEXITED(status)) {

channel_request_start(s->chanid, "exit-status", 0);

Line 1542

Line 1640

void

session_close(Session *s)

{

debug("session_close: session %d pid %d", s->self, s->pid);

debug("session_close: session %d pid %ld", s->self, (long)s->pid);

if (s->ttyfd != -1) {

fatal_remove_cleanup(session_pty_cleanup, (void *)s);

session_pty_cleanup(s);

Line 1566

Line 1664

{

Session *s = session_by_pid(pid);

if (s == NULL) {

debug("session_close_by_pid: no session for pid %d", pid);

debug("session_close_by_pid: no session for pid %ld",

(long)pid);

return;

}

if (s->chanid != -1)

Line 1586

Line 1685

debug("session_close_by_channel: no session for id %d", id);

return;

}

debug("session_close_by_channel: channel %d child %d", id, s->pid);

debug("session_close_by_channel: channel %d child %ld",

id, (long)s->pid);

if (s->pid != 0) {

debug("session_close_by_channel: channel %d: has child", id);

Line 1677

Line 1777

debug("X11 display already set.");

return 0;

}

s->display_number = x11_create_display_inet(options.x11_display_offset,

if (x11_create_display_inet(options.x11_display_offset,

options.x11_use_localhost, s->single_connection);

options.x11_use_localhost, s->single_connection,

if (s->display_number == -1) {

&s->display_number) == -1) {

debug("x11_create_display_inet failed.");

return 0;

}

Line 1693

Line 1793

* different than the DISPLAY string for localhost displays.

if (options.x11_use_localhost) {

snprintf(display, sizeof display, "localhost:%d.%d",

snprintf(display, sizeof display, "localhost:%u.%u",

s->display_number, s->screen);

snprintf(auth_display, sizeof auth_display, "unix:%d.%d",

snprintf(auth_display, sizeof auth_display, "unix:%u.%u",

s->display_number, s->screen);

s->display = xstrdup(display);

s->auth_display = xstrdup(auth_display);

} else {

snprintf(display, sizeof display, "%.400s:%d.%d", hostname,

snprintf(display, sizeof display, "%.400s:%u.%u", hostname,

s->display_number, s->screen);

s->display = xstrdup(display);

s->auth_display = xstrdup(display);