| version 1.289, 2017/06/24 05:24:11 |
version 1.290, 2017/06/24 06:34:38 |
|
|
| #endif |
#endif |
| #include "monitor_wrap.h" |
#include "monitor_wrap.h" |
| #include "sftp.h" |
#include "sftp.h" |
| |
#include "atomicio.h" |
| |
|
| #ifdef KRB5 |
#ifdef KRB5 |
| #include <kafs.h> |
#include <kafs.h> |
|
|
| static int is_child = 0; |
static int is_child = 0; |
| static int in_chroot = 0; |
static int in_chroot = 0; |
| |
|
| |
/* File containing userauth info, if ExposeAuthInfo set */ |
| |
static char *auth_info_file = NULL; |
| |
|
| /* Name and directory of socket for authentication agent forwarding. */ |
/* Name and directory of socket for authentication agent forwarding. */ |
| static char *auth_sock_name = NULL; |
static char *auth_sock_name = NULL; |
| static char *auth_sock_dir = NULL; |
static char *auth_sock_dir = NULL; |
|
|
| } |
} |
| } |
} |
| |
|
| |
static void |
| |
prepare_auth_info_file(struct passwd *pw, struct sshbuf *info) |
| |
{ |
| |
int fd = -1, success = 0; |
| |
|
| |
if (!options.expose_userauth_info || info == NULL) |
| |
return; |
| |
|
| |
temporarily_use_uid(pw); |
| |
auth_info_file = xstrdup("/tmp/sshauth.XXXXXXXXXXXXXXX"); |
| |
if ((fd = mkstemp(auth_info_file)) == -1) { |
| |
error("%s: mkstemp: %s", __func__, strerror(errno)); |
| |
goto out; |
| |
} |
| |
if (atomicio(vwrite, fd, sshbuf_mutable_ptr(info), |
| |
sshbuf_len(info)) != sshbuf_len(info)) { |
| |
error("%s: write: %s", __func__, strerror(errno)); |
| |
goto out; |
| |
} |
| |
if (close(fd) != 0) { |
| |
error("%s: close: %s", __func__, strerror(errno)); |
| |
goto out; |
| |
} |
| |
success = 1; |
| |
out: |
| |
if (!success) { |
| |
if (fd != -1) |
| |
close(fd); |
| |
free(auth_info_file); |
| |
auth_info_file = NULL; |
| |
} |
| |
restore_uid(); |
| |
} |
| |
|
| void |
void |
| do_authenticated(Authctxt *authctxt) |
do_authenticated(Authctxt *authctxt) |
| { |
{ |
|
|
| |
|
| auth_debug_send(); |
auth_debug_send(); |
| |
|
| |
prepare_auth_info_file(authctxt->pw, authctxt->session_info); |
| |
|
| do_authenticated2(authctxt); |
do_authenticated2(authctxt); |
| |
|
| do_cleanup(authctxt); |
do_cleanup(authctxt); |
| } |
} |
| |
|
|
|
| free(laddr); |
free(laddr); |
| child_set_env(&env, &envsize, "SSH_CONNECTION", buf); |
child_set_env(&env, &envsize, "SSH_CONNECTION", buf); |
| |
|
| |
if (auth_info_file != NULL) |
| |
child_set_env(&env, &envsize, "SSH_USER_AUTH", auth_info_file); |
| if (s->ttyfd != -1) |
if (s->ttyfd != -1) |
| child_set_env(&env, &envsize, "SSH_TTY", s->tty); |
child_set_env(&env, &envsize, "SSH_TTY", s->tty); |
| if (s->term) |
if (s->term) |
|
|
| |
|
| /* remove agent socket */ |
/* remove agent socket */ |
| auth_sock_cleanup_proc(authctxt->pw); |
auth_sock_cleanup_proc(authctxt->pw); |
| |
|
| |
/* remove userauth info */ |
| |
if (auth_info_file != NULL) { |
| |
temporarily_use_uid(authctxt->pw); |
| |
unlink(auth_info_file); |
| |
restore_uid(); |
| |
free(auth_info_file); |
| |
auth_info_file = NULL; |
| |
} |
| |
|
| /* |
/* |
| * Cleanup ptys/utmp only if privsep is disabled, |
* Cleanup ptys/utmp only if privsep is disabled, |
![[BACK]](/icons/back.gif){kind=icon}
Return to session.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh