version 1.64, 2001/03/20 19:35:29 |
version 1.65, 2001/03/21 11:43:44 |
|
|
void do_login(Session *s, const char *command); |
void do_login(Session *s, const char *command); |
void do_child(Session *s, const char *command); |
void do_child(Session *s, const char *command); |
|
|
|
void do_authenticated1(Authctxt *authctxt); |
|
void do_authenticated2(Authctxt *authctxt); |
|
|
/* import */ |
/* import */ |
extern ServerOptions options; |
extern ServerOptions options; |
extern char *__progname; |
extern char *__progname; |
|
|
static login_cap_t *lc; |
static login_cap_t *lc; |
#endif |
#endif |
|
|
|
void |
|
do_authenticated(Authctxt *authctxt) |
|
{ |
|
/* |
|
* Cancel the alarm we set to limit the time taken for |
|
* authentication. |
|
*/ |
|
alarm(0); |
|
if (startup_pipe != -1) { |
|
close(startup_pipe); |
|
startup_pipe = -1; |
|
} |
|
#ifdef HAVE_LOGIN_CAP |
|
if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) { |
|
error("unable to get login class"); |
|
return; |
|
} |
|
#endif |
|
/* setup the channel layer */ |
|
if (!no_port_forwarding_flag && options.allow_tcp_forwarding) |
|
channel_permit_all_opens(); |
|
|
|
if (compat20) |
|
do_authenticated2(authctxt); |
|
else |
|
do_authenticated1(authctxt); |
|
} |
|
|
/* |
/* |
* Remove local Xauthority file. |
* Remove local Xauthority file. |
*/ |
*/ |
|
|
* are requested, etc. |
* are requested, etc. |
*/ |
*/ |
void |
void |
do_authenticated(struct passwd * pw) |
do_authenticated1(Authctxt *authctxt) |
{ |
{ |
Session *s; |
Session *s; |
int type, fd; |
|
int compression_level = 0, enable_compression_after_reply = 0; |
|
int have_pty = 0; |
|
char *command; |
char *command; |
int n_bytes; |
int success, type, fd, n_bytes, plen, screen_flag, have_pty = 0; |
int plen; |
int compression_level = 0, enable_compression_after_reply = 0; |
u_int proto_len, data_len, dlen; |
u_int proto_len, data_len, dlen; |
int screen_flag; |
|
|
|
/* |
|
* Cancel the alarm we set to limit the time taken for |
|
* authentication. |
|
*/ |
|
alarm(0); |
|
if (startup_pipe != -1) { |
|
close(startup_pipe); |
|
startup_pipe = -1; |
|
} |
|
|
|
s = session_new(); |
s = session_new(); |
s->pw = pw; |
s->pw = authctxt->pw; |
|
|
if (!no_port_forwarding_flag && options.allow_tcp_forwarding) |
|
channel_permit_all_opens(); |
|
|
|
#ifdef HAVE_LOGIN_CAP |
|
if ((lc = login_getclass(pw->pw_class)) == NULL) { |
|
error("unable to get login class"); |
|
return; |
|
} |
|
#endif |
|
|
|
/* |
/* |
* We stay in this loop until the client requests to execute a shell |
* We stay in this loop until the client requests to execute a shell |
* or a command. |
* or a command. |
*/ |
*/ |
for (;;) { |
for (;;) { |
int success = 0; |
success = 0; |
|
|
/* Get a packet from the client. */ |
/* Get a packet from the client. */ |
type = packet_read(&plen); |
type = packet_read(&plen); |
|
|
break; |
break; |
} |
} |
fatal_add_cleanup(pty_cleanup_proc, (void *)s); |
fatal_add_cleanup(pty_cleanup_proc, (void *)s); |
pty_setowner(pw, s->tty); |
pty_setowner(s->pw, s->tty); |
|
|
/* Get TERM from the packet. Note that the value may be of arbitrary length. */ |
/* Get TERM from the packet. Note that the value may be of arbitrary length. */ |
s->term = packet_get_string(&dlen); |
s->term = packet_get_string(&dlen); |
|
|
/* Setup to always have a local .Xauthority. */ |
/* Setup to always have a local .Xauthority. */ |
xauthfile = xmalloc(MAXPATHLEN); |
xauthfile = xmalloc(MAXPATHLEN); |
strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN); |
strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN); |
temporarily_use_uid(pw->pw_uid); |
temporarily_use_uid(s->pw->pw_uid); |
if (mkdtemp(xauthfile) == NULL) { |
if (mkdtemp(xauthfile) == NULL) { |
restore_uid(); |
restore_uid(); |
error("private X11 dir: mkdtemp %s failed: %s", |
error("private X11 dir: mkdtemp %s failed: %s", |
|
|
break; |
break; |
} |
} |
debug("Received authentication agent forwarding request."); |
debug("Received authentication agent forwarding request."); |
success = auth_input_request_forwarding(pw); |
success = auth_input_request_forwarding(s->pw); |
break; |
break; |
|
|
case SSH_CMSG_PORT_FORWARD_REQUEST: |
case SSH_CMSG_PORT_FORWARD_REQUEST: |
|
|
break; |
break; |
} |
} |
debug("Received TCP/IP port forwarding request."); |
debug("Received TCP/IP port forwarding request."); |
channel_input_port_forward_request(pw->pw_uid == 0, options.gateway_ports); |
channel_input_port_forward_request(s->pw->pw_uid == 0, options.gateway_ports); |
success = 1; |
success = 1; |
break; |
break; |
|
|
|
|
void |
void |
do_authenticated2(Authctxt *authctxt) |
do_authenticated2(Authctxt *authctxt) |
{ |
{ |
/* |
|
* Cancel the alarm we set to limit the time taken for |
|
* authentication. |
|
*/ |
|
alarm(0); |
|
if (startup_pipe != -1) { |
|
close(startup_pipe); |
|
startup_pipe = -1; |
|
} |
|
if (!no_port_forwarding_flag && options.allow_tcp_forwarding) |
|
channel_permit_all_opens(); |
|
#ifdef HAVE_LOGIN_CAP |
|
if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) { |
|
error("unable to get login class"); |
|
return; |
|
} |
|
#endif |
|
server_loop2(); |
server_loop2(); |
if (xauthfile) |
if (xauthfile) |
xauthfile_cleanup_proc(NULL); |
xauthfile_cleanup_proc(NULL); |