5 Author: Tatu Ylonen <ylo@cs.hut.fi>
7 Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
10 Created: Fri Mar 17 17:09:28 1995 ylo
12 This program is the ssh daemon. It listens for connections from clients, and
13 performs authentication, executes use commands or shell, and forwards
14 information to/from the application to the user client over an encrypted
15 connection. This can also handle forwarding of X11, TCP/IP, and authentication
38 int allow_severity = LOG_INFO;
39 int deny_severity = LOG_WARNING;
46 /* Local Xauthority file. */
47 static char *xauthfile = NULL;
49 /* Server configuration options. */
50 ServerOptions options;
52 /* Name of the server configuration file. */
53 char *config_file_name = SERVER_CONFIG_FILE;
55 /* Debug mode flag. This can be set on the command line. If debug
56 mode is enabled, extra debugging output will be sent to the system
57 log, the daemon will not go to background, and will exit after processing
58 the first connection. */
61 /* Flag indicating that the daemon is being started from inetd. */
64 /* debug goes to stderr unless inetd_flag is set */
67 /* argv[0] without path. */
70 /* Saved arguments to main(). */
73 /* This is set to the socket that the server is listening; this is used in
74 the SIGHUP signal handler. */
77 /* Flags set in auth-rsa from authorized_keys flags. These are set in
79 int no_port_forwarding_flag = 0;
80 int no_agent_forwarding_flag = 0;
81 int no_x11_forwarding_flag = 0;
83 char *forced_command = NULL; /* RSA authentication "command=" option. */
84 struct envstring *custom_environment = NULL;
85 /* RSA authentication "environment=" options. */
87 /* Session id for the current session. */
88 unsigned char session_id[16];
90 /* Any really sensitive data in the application is contained in this structure.
91 The idea is that this structure could be locked into memory so that the
92 pages do not get written into swap. However, there are some problems.
93 The private key contains BIGNUMs, and we do not (in principle) have
94 access to the internals of them, and locking just the structure is not
95 very useful. Currently, memory locking is not implemented. */
98 /* Private part of server key. */
101 /* Private part of host key. */
105 /* Flag indicating whether the current session key has been used. This flag
106 is set whenever the key is used, and cleared when the key is regenerated. */
109 /* This is set to true when SIGHUP is received. */
110 int received_sighup = 0;
112 /* Public side of the server key. This value is regenerated regularly with
116 /* Prototypes for various functions defined later in this file. */
117 void do_connection(int privileged_port);
118 void do_authentication(char *user, int privileged_port);
119 void eat_packets_and_disconnect(const char *user);
120 void do_authenticated(struct passwd *pw);
121 void do_exec_pty(const char *command, int ptyfd, int ttyfd,
122 const char *ttyname, struct passwd *pw, const char *term,
123 const char *display, const char *auth_proto,
124 const char *auth_data);
125 void do_exec_no_pty(const char *command, struct passwd *pw,
126 const char *display, const char *auth_proto,
127 const char *auth_data);
128 void do_child(const char *command, struct passwd *pw, const char *term,
129 const char *display, const char *auth_proto,
130 const char *auth_data, const char *ttyname);
132 static int pamconv(int num_msg, const struct pam_message **msg,
133 struct pam_response **resp, void *appdata_ptr);
134 void do_pam_account_and_session(const char *username, const char *password,
135 const char *remote_user, const char *remote_host);
136 void pam_cleanup_proc(void *context);
138 static struct pam_conv conv = {
142 struct pam_handle_t *pamh = NULL;
143 const char *pampasswd = NULL;
144 char *pamconv_msg = NULL;
146 static int pamconv(int num_msg, const struct pam_message **msg,
147 struct pam_response **resp, void *appdata_ptr)
150 struct pam_response *reply = NULL;
152 /* PAM will free this later */
153 reply = malloc(num_msg * sizeof(*reply));
157 for(count = 0; count < num_msg; count++)
159 switch (msg[count]->msg_style)
161 case PAM_PROMPT_ECHO_OFF:
162 if (pampasswd == NULL)
167 reply[count].resp_retcode = PAM_SUCCESS;
168 reply[count].resp = xstrdup(pampasswd);
172 reply[count].resp_retcode = PAM_SUCCESS;
173 reply[count].resp = xstrdup("");
175 if (msg[count]->msg == NULL) break;
176 debug("Adding PAM message: %s", msg[count]->msg);
177 if (pamconv_msg == NULL)
179 pamconv_msg = malloc(strlen(msg[count]->msg) + 2);
181 if (pamconv_msg == NULL)
184 strncpy(pamconv_msg, msg[count]->msg, strlen(msg[count]->msg));
185 pamconv_msg[strlen(msg[count]->msg)] = '\n';
186 pamconv_msg[strlen(msg[count]->msg) + 1] = '\0';
189 pamconv_msg = realloc(pamconv_msg, strlen(pamconv_msg) + strlen(msg[count]->msg) + 2);
190 strncat(pamconv_msg, msg[count]->msg, strlen(msg[count]->msg));
191 pamconv_msg[strlen(pamconv_msg)] = '\n';
192 pamconv_msg[strlen(pamconv_msg) + 1] = '\0';
196 case PAM_PROMPT_ECHO_ON:
209 void pam_cleanup_proc(void *context)
215 pam_retval = pam_close_session((pam_handle_t *)pamh, 0);
216 if (pam_retval != PAM_SUCCESS)
218 log("Cannot close PAM session: %.200s",
219 pam_strerror((pam_handle_t *)pamh, pam_retval));
222 pam_retval = pam_end((pam_handle_t *)pamh, pam_retval);
223 if (pam_retval != PAM_SUCCESS)
225 log("Cannot release PAM authentication: %.200s",
226 pam_strerror((pam_handle_t *)pamh, pam_retval));
231 void do_pam_account_and_session(const char *username, const char *password, const char *remote_user, const char *remote_host)
235 if (remote_host != NULL)
237 debug("PAM setting rhost to \"%.200s\"", remote_host);
238 pam_retval = pam_set_item((pam_handle_t *)pamh, PAM_RHOST, remote_host);
239 if (pam_retval != PAM_SUCCESS)
241 log("PAM set rhost failed: %.200s", pam_strerror((pam_handle_t *)pamh, pam_retval));
242 eat_packets_and_disconnect(username);
246 if (remote_user != NULL)
248 debug("PAM setting ruser to \"%.200s\"", remote_user);
249 pam_retval = pam_set_item((pam_handle_t *)pamh, PAM_RUSER, remote_user);
250 if (pam_retval != PAM_SUCCESS)
252 log("PAM set ruser failed: %.200s", pam_strerror((pam_handle_t *)pamh, pam_retval));
253 eat_packets_and_disconnect(username);
257 pam_retval = pam_acct_mgmt((pam_handle_t *)pamh, 0);
258 if (pam_retval != PAM_SUCCESS)
260 log("PAM rejected by account configuration: %.200s", pam_strerror((pam_handle_t *)pamh, pam_retval));
261 eat_packets_and_disconnect(username);
264 pam_retval = pam_open_session((pam_handle_t *)pamh, 0);
265 if (pam_retval != PAM_SUCCESS)
267 log("PAM session setup failed: %.200s", pam_strerror((pam_handle_t *)pamh, pam_retval));
268 eat_packets_and_disconnect(username);
271 #endif /* HAVE_LIBPAM */
273 /* Signal handler for SIGHUP. Sshd execs itself when it receives SIGHUP;
274 the effect is to reread the configuration file (and to regenerate
277 void sighup_handler(int sig)
280 signal(SIGHUP, sighup_handler);
283 /* Called from the main program after receiving SIGHUP. Restarts the
286 void sighup_restart()
288 log("Received SIGHUP; restarting.");
290 execv(saved_argv[0], saved_argv);
291 log("RESTART FAILED: av0='%s', error: %s.", av0, strerror(errno));
295 /* Generic signal handler for terminating signals in the master daemon.
296 These close the listen socket; not closing it seems to cause "Address
297 already in use" problems on some machines, which is inconvenient. */
299 void sigterm_handler(int sig)
301 log("Received signal %d; terminating.", sig);
306 /* SIGCHLD handler. This is called whenever a child dies. This will then
307 reap any zombies left by exited c. */
309 void main_sigchld_handler(int sig)
311 int save_errno = errno;
314 signal(SIGCHLD, main_sigchld_handler);
318 /* Signal handler for the alarm after the login grace period has expired. */
320 void grace_alarm_handler(int sig)
322 /* Close the connection. */
325 /* Log error and exit. */
326 fatal("Timeout before authentication.");
329 /* Signal handler for the key regeneration alarm. Note that this
330 alarm only occurs in the daemon waiting for connections, and it does not
331 do anything with the private key or random state before forking. Thus there
332 should be no concurrency control/asynchronous execution problems. */
334 void key_regeneration_alarm(int sig)
336 int save_errno = errno;
338 /* Check if we should generate a new key. */
341 /* This should really be done in the background. */
342 log("Generating new %d bit RSA key.", options.server_key_bits);
344 if (sensitive_data.private_key != NULL)
345 RSA_free(sensitive_data.private_key);
346 sensitive_data.private_key = RSA_new();
348 if (public_key != NULL)
349 RSA_free(public_key);
350 public_key = RSA_new();
352 rsa_generate_key(sensitive_data.private_key, public_key,
353 options.server_key_bits);
356 log("RSA key generation complete.");
359 /* Reschedule the alarm. */
360 signal(SIGALRM, key_regeneration_alarm);
361 alarm(options.key_regeneration_time);
365 /* Main program for the daemon. */
368 main(int ac, char **av)
372 int opt, aux, sock_in, sock_out, newsock, i, pid, on = 1;
373 int remote_major, remote_minor;
375 struct sockaddr_in sin;
376 char buf[100]; /* Must not be larger than remote_version. */
377 char remote_version[100]; /* Must be at least as big as buf. */
380 struct linger linger;
384 if (strchr(av[0], '/'))
385 av0 = strrchr(av[0], '/') + 1;
389 /* Initialize configuration options to their default values. */
390 initialize_server_options(&options);
392 /* Parse command-line arguments. */
393 while ((opt = getopt(ac, av, "f:p:b:k:h:g:diqQ")) != EOF)
398 config_file_name = optarg;
402 options.log_level = SYSLOG_LEVEL_DEBUG;
411 options.log_level = SYSLOG_LEVEL_QUIET;
414 options.server_key_bits = atoi(optarg);
417 options.port = atoi(optarg);
420 options.login_grace_time = atoi(optarg);
423 options.key_regeneration_time = atoi(optarg);
426 options.host_key_file = optarg;
430 fprintf(stderr, "sshd version %s\n", SSH_VERSION);
431 fprintf(stderr, "Usage: %s [options]\n", av0);
432 fprintf(stderr, "Options:\n");
433 fprintf(stderr, " -f file Configuration file (default %s/sshd_config)\n", ETCDIR);
434 fprintf(stderr, " -d Debugging mode\n");
435 fprintf(stderr, " -i Started from inetd\n");
436 fprintf(stderr, " -q Quiet (no logging)\n");
437 fprintf(stderr, " -p port Listen on the specified port (default: 22)\n");
438 fprintf(stderr, " -k seconds Regenerate server key every this many seconds (default: 3600)\n");
439 fprintf(stderr, " -g seconds Grace period for authentication (default: 300)\n");
440 fprintf(stderr, " -b bits Size of server RSA key (default: 768 bits)\n");
441 fprintf(stderr, " -h file File from which to read host key (default: %s)\n",
447 /* check if RSA support exists */
448 if (rsa_alive() == 0) {
450 printf("sshd: no RSA support in libssl and libcrypto -- exiting. See ssl(8)\n");
451 log("no RSA support in libssl and libcrypto -- exiting. See ssl(8)");
455 /* Read server configuration options from the configuration file. */
456 read_server_config(&options, config_file_name);
458 /* Fill in default values for those options not explicitly set. */
459 fill_default_server_options(&options);
461 /* Check certain values for sanity. */
462 if (options.server_key_bits < 512 ||
463 options.server_key_bits > 32768)
465 fprintf(stderr, "Bad server key size.\n");
468 if (options.port < 1 || options.port > 65535)
470 fprintf(stderr, "Bad port number.\n");
474 /* Check that there are no remaining arguments. */
477 fprintf(stderr, "Extra argument %s.\n", av[optind]);
481 /* Initialize the log (it is reinitialized below in case we forked). */
483 if (debug_flag && !inetd_flag)
486 log_init(av0, options.log_level, options.log_facility, log_stderr);
488 debug("sshd version %.100s", SSH_VERSION);
490 sensitive_data.host_key = RSA_new();
491 /* Load the host key. It must have empty passphrase. */
492 if (!load_private_key(options.host_key_file, "",
493 sensitive_data.host_key, &comment))
496 fprintf(stderr, "Could not load host key: %s: %s\n",
497 options.host_key_file, strerror(errno));
502 log_init(av0, SYSLOG_LEVEL_DEBUG, options.log_facility, log_stderr);
503 error("Could not load host key: %.200s: %.100s",
504 options.host_key_file, strerror(err));
510 /* If not in debugging mode, and not started from inetd, disconnect from
511 the controlling terminal, and fork. The original process exits. */
512 if (!debug_flag && !inetd_flag)
516 #endif /* TIOCNOTTY */
517 if (daemon(0, 0) < 0)
518 fatal("daemon() failed: %.200s", strerror(errno));
520 /* Disconnect from the controlling tty. */
522 fd = open("/dev/tty", O_RDWR|O_NOCTTY);
525 (void)ioctl(fd, TIOCNOTTY, NULL);
528 #endif /* TIOCNOTTY */
531 /* Reinitialize the log (because of the fork above). */
532 log_init(av0, options.log_level, options.log_facility, log_stderr);
534 /* Check that server and host key lengths differ sufficiently. This is
535 necessary to make double encryption work with rsaref. Oh, I hate
536 software patents. I dont know if this can go? Niels */
537 if (options.server_key_bits >
538 BN_num_bits(sensitive_data.host_key->n) - SSH_KEY_BITS_RESERVED &&
539 options.server_key_bits <
540 BN_num_bits(sensitive_data.host_key->n) + SSH_KEY_BITS_RESERVED)
542 options.server_key_bits =
543 BN_num_bits(sensitive_data.host_key->n) + SSH_KEY_BITS_RESERVED;
544 debug("Forcing server key to %d bits to make it differ from host key.",
545 options.server_key_bits);
548 /* Do not display messages to stdout in RSA code. */
551 /* Initialize the random number generator. */
554 /* Chdir to the root directory so that the current disk can be unmounted
558 /* Close connection cleanly after attack. */
559 cipher_attack_detected = packet_disconnect;
561 /* Start listening for a socket, unless started from inetd. */
565 s1 = dup(0); /* Make sure descriptors 0, 1, and 2 are in use. */
569 /* We intentionally do not close the descriptors 0, 1, and 2 as our
570 code for setting the descriptors won\'t work if ttyfd happens to
572 debug("inetd sockets after dupping: %d, %d", sock_in, sock_out);
574 public_key = RSA_new();
575 sensitive_data.private_key = RSA_new();
576 /* Generate an rsa key. */
577 log("Generating %d bit RSA key.", options.server_key_bits);
578 rsa_generate_key(sensitive_data.private_key, public_key,
579 options.server_key_bits);
581 log("RSA key generation complete.");
585 /* Create socket for listening. */
586 listen_sock = socket(AF_INET, SOCK_STREAM, 0);
588 fatal("socket: %.100s", strerror(errno));
590 /* Set socket options. We try to make the port reusable and have it
591 close as fast as possible without waiting in unnecessary wait states
593 setsockopt(listen_sock, SOL_SOCKET, SO_REUSEADDR, (void *)&on,
597 setsockopt(listen_sock, SOL_SOCKET, SO_LINGER, (void *)&linger,
600 /* Initialize the socket address. */
601 memset(&sin, 0, sizeof(sin));
602 sin.sin_family = AF_INET;
603 sin.sin_addr = options.listen_addr;
604 sin.sin_port = htons(options.port);
606 /* Bind the socket to the desired port. */
607 if (bind(listen_sock, (struct sockaddr *)&sin, sizeof(sin)) < 0)
609 error("bind: %.100s", strerror(errno));
610 shutdown(listen_sock, SHUT_RDWR);
612 fatal("Bind to port %d failed.", options.port);
617 /* Record our pid in /etc/sshd_pid to make it easier to kill the
618 correct sshd. We don\'t want to do this before the bind above
619 because the bind will fail if there already is a daemon, and this
620 will overwrite any old pid in the file. */
621 f = fopen(SSH_DAEMON_PID_FILE, "w");
624 fprintf(f, "%u\n", (unsigned int)getpid());
629 /* Start listening on the port. */
630 log("Server listening on port %d.", options.port);
631 if (listen(listen_sock, 5) < 0)
632 fatal("listen: %.100s", strerror(errno));
634 public_key = RSA_new();
635 sensitive_data.private_key = RSA_new();
636 /* Generate an rsa key. */
637 log("Generating %d bit RSA key.", options.server_key_bits);
638 rsa_generate_key(sensitive_data.private_key, public_key,
639 options.server_key_bits);
641 log("RSA key generation complete.");
643 /* Schedule server key regeneration alarm. */
644 signal(SIGALRM, key_regeneration_alarm);
645 alarm(options.key_regeneration_time);
647 /* Arrange to restart on SIGHUP. The handler needs listen_sock. */
648 signal(SIGHUP, sighup_handler);
649 signal(SIGTERM, sigterm_handler);
650 signal(SIGQUIT, sigterm_handler);
652 /* Arrange SIGCHLD to be caught. */
653 signal(SIGCHLD, main_sigchld_handler);
655 /* Stay listening for connections until the system crashes or the
656 daemon is killed with a signal. */
661 /* Wait in accept until there is a connection. */
663 newsock = accept(listen_sock, (struct sockaddr *)&sin, &aux);
670 error("accept: %.100s", strerror(errno));
674 /* Got connection. Fork a child to handle it, unless we are in
678 /* In debugging mode. Close the listening socket, and start
679 processing the connection without forking. */
680 debug("Server will not fork when running in debugging mode.");
689 /* Normal production daemon. Fork, and have the child process
690 the connection. The parent continues listening. */
691 if ((pid = fork()) == 0)
693 /* Child. Close the listening socket, and start using
694 the accepted socket. Reinitialize logging (since our
695 pid has changed). We break out of the loop to handle
700 log_init(av0, options.log_level, options.log_facility, log_stderr);
705 /* Parent. Stay in the loop. */
707 error("fork: %.100s", strerror(errno));
709 debug("Forked child %d.", pid);
711 /* Mark that the key has been used (it was "given" to the child). */
716 /* Close the new socket (the child is now taking care of it). */
721 /* This is the child processing a new connection. */
723 /* Disable the key regeneration alarm. We will not regenerate the key
724 since we are no longer in a position to give it to anyone. We will
725 not restart on SIGHUP since it no longer makes sense. */
727 signal(SIGALRM, SIG_DFL);
728 signal(SIGHUP, SIG_DFL);
729 signal(SIGTERM, SIG_DFL);
730 signal(SIGQUIT, SIG_DFL);
731 signal(SIGCHLD, SIG_DFL);
733 /* Set socket options for the connection. We want the socket to close
734 as fast as possible without waiting for anything. If the connection
735 is not a socket, these will do nothing. */
736 /* setsockopt(sock_in, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)); */
739 setsockopt(sock_in, SOL_SOCKET, SO_LINGER, (void *)&linger, sizeof(linger));
741 /* Register our connection. This turns encryption off because we do not
743 packet_set_connection(sock_in, sock_out);
745 /* Check whether logins are denied from this host. */
748 struct request_info req;
750 request_init(&req, RQ_DAEMON, av0, RQ_FILE, sock_in, NULL);
753 if (!hosts_access(&req)) {
758 log("Connection from %.500s port %d",
759 eval_client(&req), get_remote_port());
762 /* Log the connection. */
763 log("Connection from %.100s port %d",
764 get_remote_ipaddr(), get_remote_port());
767 /* We don\'t want to listen forever unless the other side successfully
768 authenticates itself. So we set up an alarm which is cleared after
769 successful authentication. A limit of zero indicates no limit.
770 Note that we don\'t set the alarm in debugging mode; it is just annoying
771 to have the server exit just when you are about to discover the bug. */
772 signal(SIGALRM, grace_alarm_handler);
774 alarm(options.login_grace_time);
776 /* Send our protocol version identification. */
777 snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n",
778 PROTOCOL_MAJOR, PROTOCOL_MINOR, SSH_VERSION);
779 if (write(sock_out, buf, strlen(buf)) != strlen(buf))
780 fatal("Could not write ident string.");
782 /* Read other side\'s version identification. */
783 for (i = 0; i < sizeof(buf) - 1; i++)
785 if (read(sock_in, &buf[i], 1) != 1)
786 fatal("Did not receive ident string.");
800 buf[sizeof(buf) - 1] = 0;
802 /* Check that the versions match. In future this might accept several
803 versions and set appropriate flags to handle them. */
804 if (sscanf(buf, "SSH-%d.%d-%[^\n]\n", &remote_major, &remote_minor,
805 remote_version) != 3)
807 const char *s = "Protocol mismatch.\n";
808 (void) write(sock_out, s, strlen(s));
811 fatal("Bad protocol version identification: %.100s", buf);
813 debug("Client protocol version %d.%d; client software version %.100s",
814 remote_major, remote_minor, remote_version);
815 if (remote_major != PROTOCOL_MAJOR)
817 const char *s = "Protocol major versions differ.\n";
818 (void) write(sock_out, s, strlen(s));
821 fatal("Protocol major versions differ: %d vs. %d",
822 PROTOCOL_MAJOR, remote_major);
825 /* Check that the client has sufficiently high software version. */
826 if (remote_major == 1 && remote_minor < 3)
827 packet_disconnect("Your ssh version is too old and is no longer supported. Please install a newer version.");
829 if (remote_major == 1 && remote_minor == 3) {
831 if (strcmp(remote_version, "OpenSSH-1.1") != 0) {
832 debug("Agent forwarding disabled, remote version is not compatible.");
833 no_agent_forwarding_flag = 1;
837 packet_set_nonblocking();
839 /* Handle the connection. We pass as argument whether the connection
840 came from a privileged port. */
841 do_connection(get_remote_port() < IPPORT_RESERVED);
844 /* Cleanup user's ticket cache file. */
845 if (options.kerberos_ticket_cleanup)
849 /* Cleanup user's local Xauthority file. */
850 if (xauthfile) unlink(xauthfile);
852 /* The connection has been terminated. */
853 log("Closing connection to %.100s", inet_ntoa(sin.sin_addr));
861 debug("Closing PAM session.");
862 retval = pam_close_session((pam_handle_t *)pamh, 0);
864 debug("Terminating PAM library.");
865 if (pam_end((pam_handle_t *)pamh, retval) != PAM_SUCCESS)
866 log("Cannot release PAM authentication.");
868 fatal_remove_cleanup(&pam_cleanup_proc, NULL);
871 #endif /* HAVE_LIBPAM */
878 /* Process an incoming connection. Protocol version identifiers have already
879 been exchanged. This sends server key and performs the key exchange.
880 Server and host keys will no longer be needed after this functions. */
882 void do_connection(int privileged_port)
885 BIGNUM *session_key_int;
886 unsigned char session_key[SSH_SESSION_KEY_LENGTH];
887 unsigned char check_bytes[8];
889 unsigned int cipher_type, auth_mask, protocol_flags;
893 /* Generate check bytes that the client must send back in the user packet
894 in order for it to be accepted; this is used to defy ip spoofing
895 attacks. Note that this only works against somebody doing IP spoofing
896 from a remote machine; any machine on the local network can still see
897 outgoing packets and catch the random cookie. This only affects
898 rhosts authentication, and this is one of the reasons why it is
899 inherently insecure. */
900 for (i = 0; i < 8; i++) {
903 check_bytes[i] = rand & 0xff;
907 /* Send our public key. We include in the packet 64 bits of random
908 data that must be matched in the reply in order to prevent IP spoofing. */
909 packet_start(SSH_SMSG_PUBLIC_KEY);
910 for (i = 0; i < 8; i++)
911 packet_put_char(check_bytes[i]);
913 /* Store our public server RSA key. */
914 packet_put_int(BN_num_bits(public_key->n));
915 packet_put_bignum(public_key->e);
916 packet_put_bignum(public_key->n);
918 /* Store our public host RSA key. */
919 packet_put_int(BN_num_bits(sensitive_data.host_key->n));
920 packet_put_bignum(sensitive_data.host_key->e);
921 packet_put_bignum(sensitive_data.host_key->n);
923 /* Put protocol flags. */
924 packet_put_int(SSH_PROTOFLAG_HOST_IN_FWD_OPEN);
926 /* Declare which ciphers we support. */
927 packet_put_int(cipher_mask());
929 /* Declare supported authentication types. */
931 if (options.rhosts_authentication)
932 auth_mask |= 1 << SSH_AUTH_RHOSTS;
933 if (options.rhosts_rsa_authentication)
934 auth_mask |= 1 << SSH_AUTH_RHOSTS_RSA;
935 if (options.rsa_authentication)
936 auth_mask |= 1 << SSH_AUTH_RSA;
938 if (options.kerberos_authentication)
939 auth_mask |= 1 << SSH_AUTH_KERBEROS;
942 if (options.kerberos_tgt_passing)
943 auth_mask |= 1 << SSH_PASS_KERBEROS_TGT;
944 if (options.afs_token_passing)
945 auth_mask |= 1 << SSH_PASS_AFS_TOKEN;
947 if (options.password_authentication)
948 auth_mask |= 1 << SSH_AUTH_PASSWORD;
949 packet_put_int(auth_mask);
951 /* Send the packet and wait for it to be sent. */
955 debug("Sent %d bit public key and %d bit host key.",
956 BN_num_bits(public_key->n), BN_num_bits(sensitive_data.host_key->n));
958 /* Read clients reply (cipher type and session key). */
959 packet_read_expect(&plen, SSH_CMSG_SESSION_KEY);
961 /* Get cipher type. */
962 cipher_type = packet_get_char();
964 /* Get check bytes from the packet. These must match those we sent earlier
965 with the public key packet. */
966 for (i = 0; i < 8; i++)
967 if (check_bytes[i] != packet_get_char())
968 packet_disconnect("IP Spoofing check bytes do not match.");
970 debug("Encryption type: %.200s", cipher_name(cipher_type));
972 /* Get the encrypted integer. */
973 session_key_int = BN_new();
974 packet_get_bignum(session_key_int, &slen);
976 /* Get protocol flags. */
977 protocol_flags = packet_get_int();
978 packet_set_protocol_flags(protocol_flags);
980 packet_integrity_check(plen, 1 + 8 + slen + 4, SSH_CMSG_SESSION_KEY);
982 /* Decrypt it using our private server key and private host key (key with
983 larger modulus first). */
984 if (BN_cmp(sensitive_data.private_key->n, sensitive_data.host_key->n) > 0)
986 /* Private key has bigger modulus. */
987 if (BN_num_bits(sensitive_data.private_key->n) <
988 BN_num_bits(sensitive_data.host_key->n) + SSH_KEY_BITS_RESERVED) {
989 fatal("do_connection: private_key %d < host_key %d + SSH_KEY_BITS_RESERVED %d",
990 BN_num_bits(sensitive_data.private_key->n),
991 BN_num_bits(sensitive_data.host_key->n),
992 SSH_KEY_BITS_RESERVED);
995 rsa_private_decrypt(session_key_int, session_key_int,
996 sensitive_data.private_key);
997 rsa_private_decrypt(session_key_int, session_key_int,
998 sensitive_data.host_key);
1002 /* Host key has bigger modulus (or they are equal). */
1003 if (BN_num_bits(sensitive_data.host_key->n) <
1004 BN_num_bits(sensitive_data.private_key->n) + SSH_KEY_BITS_RESERVED) {
1005 fatal("do_connection: host_key %d < private_key %d + SSH_KEY_BITS_RESERVED %d",
1006 BN_num_bits(sensitive_data.host_key->n),
1007 BN_num_bits(sensitive_data.private_key->n),
1008 SSH_KEY_BITS_RESERVED);
1010 rsa_private_decrypt(session_key_int, session_key_int,
1011 sensitive_data.host_key);
1012 rsa_private_decrypt(session_key_int, session_key_int,
1013 sensitive_data.private_key);
1016 /* Compute session id for this session. */
1017 compute_session_id(session_id, check_bytes,
1018 BN_num_bits(sensitive_data.host_key->n),
1019 sensitive_data.host_key->n,
1020 BN_num_bits(sensitive_data.private_key->n),
1021 sensitive_data.private_key->n);
1023 /* Extract session key from the decrypted integer. The key is in the
1024 least significant 256 bits of the integer; the first byte of the
1025 key is in the highest bits. */
1026 BN_mask_bits(session_key_int, sizeof(session_key) * 8);
1027 if (BN_num_bytes(session_key_int) != sizeof(session_key)){
1028 fatal("do_connection: session_key_int %d != sizeof(session_key) %d",
1029 BN_num_bytes(session_key_int), sizeof(session_key));
1031 BN_bn2bin(session_key_int, session_key);
1033 /* Xor the first 16 bytes of the session key with the session id. */
1034 for (i = 0; i < 16; i++)
1035 session_key[i] ^= session_id[i];
1037 /* Destroy the decrypted integer. It is no longer needed. */
1038 BN_clear_free(session_key_int);
1040 /* Set the session key. From this on all communications will be
1042 packet_set_encryption_key(session_key, SSH_SESSION_KEY_LENGTH,
1045 /* Destroy our copy of the session key. It is no longer needed. */
1046 memset(session_key, 0, sizeof(session_key));
1048 debug("Received session key; encryption turned on.");
1050 /* Send an acknowledgement packet. Note that this packet is sent
1052 packet_start(SSH_SMSG_SUCCESS);
1054 packet_write_wait();
1056 /* Get the name of the user that we wish to log in as. */
1057 packet_read_expect(&plen, SSH_CMSG_USER);
1059 /* Get the user name. */
1062 user = packet_get_string(&ulen);
1063 packet_integrity_check(plen, (4 + ulen), SSH_CMSG_USER);
1066 /* Destroy the private and public keys. They will no longer be needed. */
1067 RSA_free(public_key);
1068 RSA_free(sensitive_data.private_key);
1069 RSA_free(sensitive_data.host_key);
1071 setproctitle("%s", user);
1072 /* Do the authentication. */
1073 do_authentication(user, privileged_port);
1076 /* Check if the user is allowed to log in via ssh. If user is listed in
1077 DenyUsers or user's primary group is listed in DenyGroups, false will
1078 be returned. If AllowUsers isn't empty and user isn't listed there, or
1079 if AllowGroups isn't empty and user isn't listed there, false will be
1080 returned. Otherwise true is returned.
1081 XXX This function should also check if user has a valid shell */
1084 allowed_user(struct passwd *pw)
1089 /* Shouldn't be called if pw is NULL, but better safe than sorry... */
1093 /* XXX Should check for valid login shell */
1095 /* Return false if user is listed in DenyUsers */
1096 if (options.num_deny_users > 0)
1100 for (i = 0; i < options.num_deny_users; i++)
1101 if (match_pattern(pw->pw_name, options.deny_users[i]))
1105 /* Return false if AllowUsers isn't empty and user isn't listed there */
1106 if (options.num_allow_users > 0)
1110 for (i = 0; i < options.num_allow_users; i++)
1111 if (match_pattern(pw->pw_name, options.allow_users[i]))
1113 /* i < options.num_allow_users iff we break for loop */
1114 if (i >= options.num_allow_users)
1118 /* Get the primary group name if we need it. Return false if it fails */
1119 if (options.num_deny_groups > 0 || options.num_allow_groups > 0 )
1121 grp = getgrgid(pw->pw_gid);
1125 /* Return false if user's group is listed in DenyGroups */
1126 if (options.num_deny_groups > 0)
1130 for (i = 0; i < options.num_deny_groups; i++)
1131 if (match_pattern(grp->gr_name, options.deny_groups[i]))
1135 /* Return false if AllowGroups isn't empty and user's group isn't
1137 if (options.num_allow_groups > 0)
1141 for (i = 0; i < options.num_allow_groups; i++)
1142 if (match_pattern(grp->gr_name, options.allow_groups[i]))
1144 /* i < options.num_allow_groups iff we break for loop */
1145 if (i >= options.num_allow_groups)
1150 /* We found no reason not to let this user try to log on... */
1154 /* Performs authentication of an incoming connection. Session key has already
1155 been exchanged and encryption is enabled. User is the user name to log
1156 in as (received from the clinet). Privileged_port is true if the
1157 connection comes from a privileged port (used for .rhosts authentication).*/
1159 #define MAX_AUTH_FAILURES 5
1162 do_authentication(char *user, int privileged_port)
1165 int authenticated = 0;
1166 int authentication_failures = 0;
1167 char *password = NULL;
1168 struct passwd *pw, pwcopy;
1169 char *client_user = NULL;
1170 unsigned int client_host_key_bits;
1171 BIGNUM *client_host_key_e, *client_host_key_n;
1174 #endif /* HAVE_LIBPAM */
1177 /* If machine has AFS, set process authentication group. */
1184 /* Verify that the user is a valid user. */
1185 pw = getpwnam(user);
1186 if (!pw || !allowed_user(pw))
1187 eat_packets_and_disconnect(user);
1189 /* Take a copy of the returned structure. */
1190 memset(&pwcopy, 0, sizeof(pwcopy));
1191 pwcopy.pw_name = xstrdup(pw->pw_name);
1192 pwcopy.pw_passwd = xstrdup(pw->pw_passwd);
1193 pwcopy.pw_uid = pw->pw_uid;
1194 pwcopy.pw_gid = pw->pw_gid;
1195 pwcopy.pw_dir = xstrdup(pw->pw_dir);
1196 pwcopy.pw_shell = xstrdup(pw->pw_shell);
1200 debug("Starting up PAM with username \"%.200s\"", pw->pw_name);
1201 pam_retval = pam_start("sshd", pw->pw_name, &conv, (pam_handle_t**)&pamh);
1202 if (pam_retval != PAM_SUCCESS)
1204 log("PAM initialisation failed: %.200s", pam_strerror((pam_handle_t *)pamh, pam_retval));
1205 eat_packets_and_disconnect(user);
1207 fatal_add_cleanup(&pam_cleanup_proc, NULL);
1210 /* If we are not running as root, the user must have the same uid as the
1212 if (getuid() != 0 && pw->pw_uid != getuid())
1213 packet_disconnect("Cannot change user when server not running as root.");
1215 debug("Attempting authentication for %.100s.", user);
1217 /* If the user has no password, accept authentication immediately. */
1218 if (options.password_authentication &&
1220 (!options.kerberos_authentication || options.kerberos_or_local_passwd) &&
1222 auth_password(pw, ""))
1224 /* Authentication with empty password succeeded. */
1225 debug("Login for user %.100s accepted without authentication.", user);
1226 /* authentication_type = SSH_AUTH_PASSWORD; */
1228 /* Success packet will be sent after loop below. */
1232 /* Indicate that authentication is needed. */
1233 packet_start(SSH_SMSG_FAILURE);
1235 packet_write_wait();
1238 /* Loop until the user has been authenticated or the connection is closed. */
1239 while (!authenticated)
1242 /* Get a packet from the client. */
1243 type = packet_read(&plen);
1245 /* Process the packet. */
1250 case SSH_CMSG_HAVE_KERBEROS_TGT:
1251 if (!options.kerberos_tgt_passing)
1253 /* packet_get_all(); */
1254 log("Kerberos tgt passing disabled.");
1258 /* Accept Kerberos tgt. */
1260 char *tgt = packet_get_string(&dlen);
1261 packet_integrity_check(plen, 4 + dlen, type);
1262 if (!auth_kerberos_tgt(pw, tgt))
1263 debug("Kerberos tgt REFUSED for %s", user);
1268 case SSH_CMSG_HAVE_AFS_TOKEN:
1269 if (!options.afs_token_passing || !k_hasafs()) {
1270 /* packet_get_all(); */
1271 log("AFS token passing disabled.");
1275 /* Accept AFS token. */
1277 char *token_string = packet_get_string(&dlen);
1278 packet_integrity_check(plen, 4 + dlen, type);
1279 if (!auth_afs_token(pw, token_string))
1280 debug("AFS token REFUSED for %s", user);
1281 xfree(token_string);
1287 case SSH_CMSG_AUTH_KERBEROS:
1288 if (!options.kerberos_authentication)
1290 /* packet_get_all(); */
1291 log("Kerberos authentication disabled.");
1295 /* Try Kerberos v4 authentication. */
1297 char *tkt_user = NULL;
1298 char *kdata = packet_get_string((unsigned int *)&auth.length);
1299 packet_integrity_check(plen, 4 + auth.length, type);
1301 if (auth.length < MAX_KTXT_LEN)
1302 memcpy(auth.dat, kdata, auth.length);
1305 if (auth_krb4(user, &auth, &tkt_user)) {
1306 /* Client has successfully authenticated to us. */
1307 log("Kerberos authentication accepted %s for account "
1308 "%s from %s", tkt_user, user, get_canonical_hostname());
1309 /* authentication_type = SSH_AUTH_KERBEROS; */
1314 log("Kerberos authentication failed for account "
1315 "%s from %s", user, get_canonical_hostname());
1321 case SSH_CMSG_AUTH_RHOSTS:
1322 if (!options.rhosts_authentication)
1324 log("Rhosts authentication disabled.");
1328 /* Rhosts authentication (also uses /etc/hosts.equiv). */
1329 if (!privileged_port)
1331 log("Rhosts authentication not available for connections from unprivileged port.");
1335 /* Get client user name. Note that we just have to trust the client;
1336 this is one reason why rhosts authentication is insecure.
1337 (Another is IP-spoofing on a local network.) */
1340 client_user = packet_get_string(&dlen);
1341 packet_integrity_check(plen, 4 + dlen, type);
1344 /* Try to authenticate using /etc/hosts.equiv and .rhosts. */
1345 if (auth_rhosts(pw, client_user, options.ignore_rhosts,
1346 options.strict_modes))
1348 /* Authentication accepted. */
1349 log("Rhosts authentication accepted for %.100s, remote %.100s on %.700s.",
1350 user, client_user, get_canonical_hostname());
1354 #endif /* HAVE_LIBPAM */
1357 log("Rhosts authentication failed for %.100s, remote %.100s.",
1361 #endif /* HAVE_LIBPAM */
1364 case SSH_CMSG_AUTH_RHOSTS_RSA:
1365 if (!options.rhosts_rsa_authentication)
1367 log("Rhosts with RSA authentication disabled.");
1371 /* Rhosts authentication (also uses /etc/hosts.equiv) with RSA
1372 host authentication. */
1373 if (!privileged_port)
1375 log("Rhosts authentication not available for connections from unprivileged port.");
1380 int ulen, elen, nlen;
1381 /* Get client user name. Note that we just have to trust
1382 the client; root on the client machine can claim to be
1384 client_user = packet_get_string(&ulen);
1386 /* Get the client host key. */
1387 client_host_key_e = BN_new();
1388 client_host_key_n = BN_new();
1389 client_host_key_bits = packet_get_int();
1390 packet_get_bignum(client_host_key_e, &elen);
1391 packet_get_bignum(client_host_key_n, &nlen);
1393 packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type);
1396 /* Try to authenticate using /etc/hosts.equiv and .rhosts. */
1397 if (auth_rhosts_rsa(pw, client_user,
1398 client_host_key_bits, client_host_key_e,
1399 client_host_key_n, options.ignore_rhosts,
1400 options.strict_modes))
1402 /* Authentication accepted. */
1406 #endif /* HAVE_LIBPAM */
1407 BN_clear_free(client_host_key_e);
1408 BN_clear_free(client_host_key_n);
1411 log("Rhosts authentication failed for %.100s, remote %.100s.",
1415 #endif /* HAVE_LIBPAM */
1416 BN_clear_free(client_host_key_e);
1417 BN_clear_free(client_host_key_n);
1420 case SSH_CMSG_AUTH_RSA:
1421 if (!options.rsa_authentication)
1423 log("RSA authentication disabled.");
1427 /* RSA authentication requested. */
1432 packet_get_bignum(n, &nlen);
1434 packet_integrity_check(plen, nlen, type);
1436 if (auth_rsa(pw, n, options.strict_modes))
1438 /* Successful authentication. */
1440 log("RSA authentication for %.100s accepted.", user);
1445 log("RSA authentication for %.100s failed.", user);
1449 case SSH_CMSG_AUTH_PASSWORD:
1450 if (!options.password_authentication)
1452 log("Password authentication disabled.");
1456 /* Password authentication requested. */
1457 /* Read user password. It is in plain text, but was transmitted
1458 over the encrypted channel so it is not visible to an outside
1462 password = packet_get_string(&passw_len);
1463 packet_integrity_check(plen, 4 + passw_len, type);
1467 pampasswd = password;
1469 pam_retval = pam_authenticate((pam_handle_t *)pamh, 0);
1470 if (pam_retval == PAM_SUCCESS)
1472 log("PAM Password authentication accepted for \"%.100s\"", user);
1477 log("PAM Password authentication for \"%.100s\" failed: %s",
1478 user, pam_strerror((pam_handle_t *)pamh, pam_retval));
1481 #else /* HAVE_LIBPAM */
1482 /* Try authentication with the password. */
1483 if (auth_password(pw, password))
1485 /* Successful authentication. */
1486 /* Clear the password from memory. */
1487 memset(password, 0, strlen(password));
1489 log("Password authentication for %.100s accepted.", user);
1493 log("Password authentication for %.100s failed.", user);
1494 memset(password, 0, strlen(password));
1497 #endif /* HAVE_LIBPAM */
1499 case SSH_CMSG_AUTH_TIS:
1500 /* TIS Authentication is unsupported */
1501 log("TIS authentication disabled.");
1505 /* Any unknown messages will be ignored (and failure returned)
1506 during authentication. */
1507 log("Unknown message during authentication: type %d", type);
1508 break; /* Respond with a failure message. */
1510 /* If successfully authenticated, break out of loop. */
1514 if (++authentication_failures >= MAX_AUTH_FAILURES) {
1515 packet_disconnect("Too many authentication failures for %.100s from %.200s",
1516 pw->pw_name, get_canonical_hostname());
1519 /* Send a message indicating that the authentication attempt failed. */
1520 packet_start(SSH_SMSG_FAILURE);
1522 packet_write_wait();
1525 /* Check if the user is logging in as root and root logins are disallowed. */
1526 if (pw->pw_uid == 0 && !options.permit_root_login)
1529 log("Root login accepted for forced command.");
1531 packet_disconnect("ROOT LOGIN REFUSED FROM %.200s",
1532 get_canonical_hostname());
1536 do_pam_account_and_session(pw->pw_name, password, client_user, get_canonical_hostname());
1539 if (client_user != NULL)
1542 if (password != NULL)
1544 memset(password, 0, strlen(password));
1547 #endif /* HAVE_LIBPAM */
1549 /* The user has been authenticated and accepted. */
1550 packet_start(SSH_SMSG_SUCCESS);
1552 packet_write_wait();
1554 /* Perform session preparation. */
1555 do_authenticated(pw);
1558 /* Read authentication messages, but return only failures until */
1559 /* max auth attempts exceeded, then disconnect */
1560 void eat_packets_and_disconnect(const char *user)
1562 int authentication_failures = 0;
1564 packet_start(SSH_SMSG_FAILURE);
1566 packet_write_wait();
1568 /* Keep reading packets, and always respond with a failure. This is to
1569 avoid disclosing whether such a user really exists. */
1572 /* Read a packet. This will not return if the client disconnects. */
1575 (void) packet_read(&plen);
1577 int type = packet_read(&plen);
1579 char *password, *skeyinfo;
1580 if (options.password_authentication &&
1581 options.skey_authentication == 1 &&
1582 type == SSH_CMSG_AUTH_PASSWORD &&
1583 (password = packet_get_string(&passw_len)) != NULL &&
1585 strncasecmp(password, "s/key", 5) == 0 &&
1586 (skeyinfo = skey_fake_keyinfo(user)) != NULL )
1588 /* Send a fake s/key challenge. */
1589 packet_send_debug(skeyinfo);
1592 if (++authentication_failures >= MAX_AUTH_FAILURES)
1594 packet_disconnect("Too many authentication failures for %.100s from %.200s",
1595 user, get_canonical_hostname());
1597 /* Send failure. This should be indistinguishable from a failed
1599 packet_start(SSH_SMSG_FAILURE);
1601 packet_write_wait();
1607 /* Remove local Xauthority file. */
1609 xauthfile_cleanup_proc(void *ignore)
1611 debug("xauthfile_cleanup_proc called");
1613 if (xauthfile != NULL) {
1620 /* Prepares for an interactive session. This is called after the user has
1621 been successfully authenticated. During this message exchange, pseudo
1622 terminals are allocated, X11, TCP/IP, and authentication agent forwardings
1623 are requested, etc. */
1625 void do_authenticated(struct passwd *pw)
1628 int compression_level = 0, enable_compression_after_reply = 0;
1629 int have_pty = 0, ptyfd = -1, ttyfd = -1, xauthfd = -1;
1630 int row, col, xpixel, ypixel, screen;
1632 char *command, *term = NULL, *display = NULL, *proto = NULL, *data = NULL;
1638 /* Cancel the alarm we set to limit the time taken for authentication. */
1641 /* Inform the channel mechanism that we are the server side and that
1642 the client may request to connect to any port at all. (The user could
1643 do it anyway, and we wouldn\'t know what is permitted except by the
1644 client telling us, so we can equally well trust the client not to request
1646 channel_permit_all_opens();
1648 /* We stay in this loop until the client requests to execute a shell or a
1654 /* Get a packet from the client. */
1655 type = packet_read(&plen);
1657 /* Process the packet. */
1660 case SSH_CMSG_REQUEST_COMPRESSION:
1661 packet_integrity_check(plen, 4, type);
1662 compression_level = packet_get_int();
1663 if (compression_level < 1 || compression_level > 9)
1665 packet_send_debug("Received illegal compression level %d.",
1669 /* Enable compression after we have responded with SUCCESS. */
1670 enable_compression_after_reply = 1;
1673 case SSH_CMSG_REQUEST_PTY:
1676 debug("Allocating a pty not permitted for this authentication.");
1680 packet_disconnect("Protocol error: you already have a pty.");
1682 debug("Allocating pty.");
1684 /* Allocate a pty and open it. */
1685 if (!pty_allocate(&ptyfd, &ttyfd, ttyname))
1687 error("Failed to allocate pty.");
1691 /* Determine the group to make the owner of the tty. */
1692 grp = getgrnam("tty");
1695 tty_gid = grp->gr_gid;
1696 tty_mode = S_IRUSR|S_IWUSR|S_IWGRP;
1700 tty_gid = pw->pw_gid;
1701 tty_mode = S_IRUSR|S_IWUSR|S_IWGRP|S_IWOTH;
1704 /* Change ownership of the tty. */
1705 if (chown(ttyname, pw->pw_uid, tty_gid) < 0)
1706 fatal("chown(%.100s, %d, %d) failed: %.100s",
1707 ttyname, pw->pw_uid, tty_gid, strerror(errno));
1708 if (chmod(ttyname, tty_mode) < 0)
1709 fatal("chmod(%.100s, 0%o) failed: %.100s",
1710 ttyname, tty_mode, strerror(errno));
1712 /* Get TERM from the packet. Note that the value may be of arbitrary
1715 term = packet_get_string(&dlen);
1716 packet_integrity_check(dlen, strlen(term), type);
1717 /* packet_integrity_check(plen, 4 + dlen + 4*4 + n_bytes, type); */
1718 /* Remaining bytes */
1719 n_bytes = plen - (4 + dlen + 4*4);
1721 if (strcmp(term, "") == 0)
1724 /* Get window size from the packet. */
1725 row = packet_get_int();
1726 col = packet_get_int();
1727 xpixel = packet_get_int();
1728 ypixel = packet_get_int();
1729 pty_change_window_size(ptyfd, row, col, xpixel, ypixel);
1731 /* Get tty modes from the packet. */
1732 tty_parse_modes(ttyfd, &n_bytes);
1733 packet_integrity_check(plen, 4 + dlen + 4*4 + n_bytes, type);
1735 /* Indicate that we now have a pty. */
1739 case SSH_CMSG_X11_REQUEST_FORWARDING:
1740 if (!options.x11_forwarding)
1742 packet_send_debug("X11 forwarding disabled in server configuration file.");
1746 if (no_x11_forwarding_flag)
1748 packet_send_debug("X11 forwarding not permitted for this authentication.");
1751 debug("Received request for X11 forwarding with auth spoofing.");
1753 packet_disconnect("Protocol error: X11 display already set.");
1755 int proto_len, data_len;
1756 proto = packet_get_string(&proto_len);
1757 data = packet_get_string(&data_len);
1758 packet_integrity_check(plen, 4+proto_len + 4+data_len + 4, type);
1760 if (packet_get_protocol_flags() & SSH_PROTOFLAG_SCREEN_NUMBER)
1761 screen = packet_get_int();
1764 display = x11_create_display_inet(screen);
1768 /* Setup to always have a local .Xauthority. */
1769 xauthfile = xmalloc(MAXPATHLEN);
1770 snprintf(xauthfile, MAXPATHLEN, "/tmp/XauthXXXXXX");
1772 if ((xauthfd = mkstemp(xauthfile)) != -1) {
1773 fchown(xauthfd, pw->pw_uid, pw->pw_gid);
1775 fatal_add_cleanup(xauthfile_cleanup_proc, NULL);
1782 #else /* XAUTH_PATH */
1783 /* No xauth program; we won't accept forwarding with spoofing. */
1784 packet_send_debug("No xauth program; cannot forward with spoofing.");
1786 #endif /* XAUTH_PATH */
1788 case SSH_CMSG_AGENT_REQUEST_FORWARDING:
1789 if (no_agent_forwarding_flag)
1791 debug("Authentication agent forwarding not permitted for this authentication.");
1794 debug("Received authentication agent forwarding request.");
1795 auth_input_request_forwarding(pw);
1798 case SSH_CMSG_PORT_FORWARD_REQUEST:
1799 if (no_port_forwarding_flag)
1801 debug("Port forwarding not permitted for this authentication.");
1804 debug("Received TCP/IP port forwarding request.");
1805 channel_input_port_forward_request(pw->pw_uid == 0);
1808 case SSH_CMSG_EXEC_SHELL:
1809 /* Set interactive/non-interactive mode. */
1810 packet_set_interactive(have_pty || display != NULL,
1811 options.keepalives);
1813 if (forced_command != NULL)
1814 goto do_forced_command;
1815 debug("Forking shell.");
1816 packet_integrity_check(plen, 0, type);
1818 do_exec_pty(NULL, ptyfd, ttyfd, ttyname, pw, term, display, proto,
1821 do_exec_no_pty(NULL, pw, display, proto, data);
1824 case SSH_CMSG_EXEC_CMD:
1825 /* Set interactive/non-interactive mode. */
1826 packet_set_interactive(have_pty || display != NULL,
1827 options.keepalives);
1829 if (forced_command != NULL)
1830 goto do_forced_command;
1831 /* Get command from the packet. */
1834 command = packet_get_string(&dlen);
1835 debug("Executing command '%.500s'", command);
1836 packet_integrity_check(plen, 4 + dlen, type);
1839 do_exec_pty(command, ptyfd, ttyfd, ttyname, pw, term, display,
1842 do_exec_no_pty(command, pw, display, proto, data);
1846 case SSH_CMSG_MAX_PACKET_SIZE:
1847 debug("The server does not support limiting packet size.");
1851 /* Any unknown messages in this phase are ignored, and a failure
1852 message is returned. */
1853 log("Unknown packet type received after authentication: %d", type);
1857 /* The request was successfully processed. */
1858 packet_start(SSH_SMSG_SUCCESS);
1860 packet_write_wait();
1862 /* Enable compression now that we have replied if appropriate. */
1863 if (enable_compression_after_reply)
1865 enable_compression_after_reply = 0;
1866 packet_start_compression(compression_level);
1872 /* The request failed. */
1873 packet_start(SSH_SMSG_FAILURE);
1875 packet_write_wait();
1879 /* There is a forced command specified for this login. Execute it. */
1880 debug("Executing forced command: %.900s", forced_command);
1882 do_exec_pty(forced_command, ptyfd, ttyfd, ttyname, pw, term, display,
1885 do_exec_no_pty(forced_command, pw, display, proto, data);
1890 /* This is called to fork and execute a command when we have no tty. This
1891 will call do_child from the child, and server_loop from the parent after
1892 setting up file descriptors and such. */
1894 void do_exec_no_pty(const char *command, struct passwd *pw,
1895 const char *display, const char *auth_proto,
1896 const char *auth_data)
1901 int pin[2], pout[2], perr[2];
1902 /* Allocate pipes for communicating with the program. */
1903 if (pipe(pin) < 0 || pipe(pout) < 0 || pipe(perr) < 0)
1904 packet_disconnect("Could not create pipes: %.100s",
1906 #else /* USE_PIPES */
1907 int inout[2], err[2];
1908 /* Uses socket pairs to communicate with the program. */
1909 if (socketpair(AF_UNIX, SOCK_STREAM, 0, inout) < 0 ||
1910 socketpair(AF_UNIX, SOCK_STREAM, 0, err) < 0)
1911 packet_disconnect("Could not create socket pairs: %.100s",
1913 #endif /* USE_PIPES */
1915 setproctitle("%s@notty", pw->pw_name);
1917 /* Fork the child. */
1918 if ((pid = fork()) == 0)
1920 /* Child. Reinitialize the log since the pid has changed. */
1921 log_init(av0, options.log_level, options.log_facility, log_stderr);
1923 /* Create a new session and process group since the 4.4BSD setlogin()
1924 affects the entire process group. */
1926 error("setsid failed: %.100s", strerror(errno));
1929 /* Redirect stdin. We close the parent side of the socket pair,
1930 and make the child side the standard input. */
1932 if (dup2(pin[0], 0) < 0)
1933 perror("dup2 stdin");
1936 /* Redirect stdout. */
1938 if (dup2(pout[1], 1) < 0)
1939 perror("dup2 stdout");
1942 /* Redirect stderr. */
1944 if (dup2(perr[1], 2) < 0)
1945 perror("dup2 stderr");
1947 #else /* USE_PIPES */
1948 /* Redirect stdin, stdout, and stderr. Stdin and stdout will use the
1949 same socket, as some programs (particularly rdist) seem to depend
1953 if (dup2(inout[0], 0) < 0) /* stdin */
1954 perror("dup2 stdin");
1955 if (dup2(inout[0], 1) < 0) /* stdout. Note: same socket as stdin. */
1956 perror("dup2 stdout");
1957 if (dup2(err[0], 2) < 0) /* stderr */
1958 perror("dup2 stderr");
1959 #endif /* USE_PIPES */
1961 /* Do processing for the child (exec command etc). */
1962 do_child(command, pw, NULL, display, auth_proto, auth_data, NULL);
1966 packet_disconnect("fork failed: %.100s", strerror(errno));
1968 /* We are the parent. Close the child sides of the pipes. */
1973 /* Enter the interactive session. */
1974 server_loop(pid, pin[1], pout[0], perr[0]);
1975 /* server_loop has closed pin[1], pout[1], and perr[1]. */
1976 #else /* USE_PIPES */
1977 /* We are the parent. Close the child sides of the socket pairs. */
1981 /* Enter the interactive session. Note: server_loop must be able to handle
1982 the case that fdin and fdout are the same. */
1983 server_loop(pid, inout[1], inout[1], err[1]);
1984 /* server_loop has closed inout[1] and err[1]. */
1985 #endif /* USE_PIPES */
1988 struct pty_cleanup_context
1990 const char *ttyname;
1994 /* Function to perform cleanup if we get aborted abnormally (e.g., due to a
1995 dropped connection). */
1997 void pty_cleanup_proc(void *context)
1999 struct pty_cleanup_context *cu = context;
2001 debug("pty_cleanup_proc called");
2003 /* Record that the user has logged out. */
2004 record_logout(cu->pid, cu->ttyname);
2006 /* Release the pseudo-tty. */
2007 pty_release(cu->ttyname);
2010 /* This is called to fork and execute a command when we have a tty. This
2011 will call do_child from the child, and server_loop from the parent after
2012 setting up file descriptors, controlling tty, updating wtmp, utmp,
2013 lastlog, and other such operations. */
2015 void do_exec_pty(const char *command, int ptyfd, int ttyfd,
2016 const char *ttyname, struct passwd *pw, const char *term,
2017 const char *display, const char *auth_proto,
2018 const char *auth_data)
2021 const char *hostname;
2022 time_t last_login_time;
2023 char buf[100], *time_string;
2028 struct sockaddr_in from;
2030 struct pty_cleanup_context cleanup_context;
2032 /* Get remote host name. */
2033 hostname = get_canonical_hostname();
2035 /* Get the time when the user last logged in. Buf will be set to contain
2036 the hostname the last login was from. */
2037 if(!options.use_login) {
2038 last_login_time = get_last_login_time(pw->pw_uid, pw->pw_name,
2042 setproctitle("%s@%s", pw->pw_name, strrchr(ttyname, '/') + 1);
2044 /* Fork the child. */
2045 if ((pid = fork()) == 0)
2049 /* Child. Reinitialize the log because the pid has changed. */
2050 log_init(av0, options.log_level, options.log_facility, log_stderr);
2052 /* Close the master side of the pseudo tty. */
2055 /* Make the pseudo tty our controlling tty. */
2056 pty_make_controlling_tty(&ttyfd, ttyname);
2058 /* Redirect stdin from the pseudo tty. */
2059 if (dup2(ttyfd, fileno(stdin)) < 0)
2060 error("dup2 stdin failed: %.100s", strerror(errno));
2062 /* Redirect stdout to the pseudo tty. */
2063 if (dup2(ttyfd, fileno(stdout)) < 0)
2064 error("dup2 stdin failed: %.100s", strerror(errno));
2066 /* Redirect stderr to the pseudo tty. */
2067 if (dup2(ttyfd, fileno(stderr)) < 0)
2068 error("dup2 stdin failed: %.100s", strerror(errno));
2070 /* Close the extra descriptor for the pseudo tty. */
2073 /* Get IP address of client. This is needed because we want to record
2074 where the user logged in from. If the connection is not a socket,
2075 let the ip address be 0.0.0.0. */
2076 memset(&from, 0, sizeof(from));
2077 if (packet_get_connection_in() == packet_get_connection_out())
2079 fromlen = sizeof(from);
2080 if (getpeername(packet_get_connection_in(),
2081 (struct sockaddr *)&from, &fromlen) < 0)
2082 fatal("getpeername: %.100s", strerror(errno));
2085 /* Record that there was a login on that terminal. */
2086 record_login(pid, ttyname, pw->pw_name, pw->pw_uid, hostname,
2089 /* Check if .hushlogin exists. */
2090 snprintf(line, sizeof line, "%.200s/.hushlogin", pw->pw_dir);
2091 quiet_login = stat(line, &st) >= 0;
2094 /* output the results of the pamconv() */
2095 if (!quiet_login && pamconv_msg != NULL)
2096 fprintf(stderr, pamconv_msg);
2099 /* If the user has logged in before, display the time of last login.
2100 However, don't display anything extra if a command has been
2101 specified (so that ssh can be used to execute commands on a remote
2102 machine without users knowing they are going to another machine).
2103 Login(1) will do this for us as well, so check if login(1) is used */
2104 if (command == NULL && last_login_time != 0 && !quiet_login &&
2107 /* Convert the date to a string. */
2108 time_string = ctime(&last_login_time);
2109 /* Remove the trailing newline. */
2110 if (strchr(time_string, '\n'))
2111 *strchr(time_string, '\n') = 0;
2112 /* Display the last login time. Host if displayed if known. */
2113 if (strcmp(buf, "") == 0)
2114 printf("Last login: %s\r\n", time_string);
2116 printf("Last login: %s from %s\r\n", time_string, buf);
2119 /* Print /etc/motd unless a command was specified or printing it was
2120 disabled in server options or login(1) will be used. Note that
2121 some machines appear to print it in /etc/profile or similar. */
2122 if (command == NULL && options.print_motd && !quiet_login &&
2125 /* Print /etc/motd if it exists. */
2126 f = fopen("/etc/motd", "r");
2129 while (fgets(line, sizeof(line), f))
2130 fputs(line, stdout);
2135 /* Do common processing for the child, such as execing the command. */
2136 do_child(command, pw, term, display, auth_proto, auth_data, ttyname);
2140 packet_disconnect("fork failed: %.100s", strerror(errno));
2141 /* Parent. Close the slave side of the pseudo tty. */
2144 /* Create another descriptor of the pty master side for use as the standard
2145 input. We could use the original descriptor, but this simplifies code
2146 in server_loop. The descriptor is bidirectional. */
2149 packet_disconnect("dup failed: %.100s", strerror(errno));
2151 /* Add a cleanup function to clear the utmp entry and record logout time
2152 in case we call fatal() (e.g., the connection gets closed). */
2153 cleanup_context.pid = pid;
2154 cleanup_context.ttyname = ttyname;
2155 fatal_add_cleanup(pty_cleanup_proc, (void *)&cleanup_context);
2157 /* Enter interactive session. */
2158 server_loop(pid, ptyfd, fdout, -1);
2159 /* server_loop has not closed ptyfd and fdout. */
2161 /* Cancel the cleanup function. */
2162 fatal_remove_cleanup(pty_cleanup_proc, (void *)&cleanup_context);
2164 /* Record that the user has logged out. */
2165 record_logout(pid, ttyname);
2167 /* Release the pseudo-tty. */
2168 pty_release(ttyname);
2170 /* Close the server side of the socket pairs. We must do this after the
2171 pty cleanup, so that another process doesn't get this pty while we're
2172 still cleaning up. */
2177 /* Sets the value of the given variable in the environment. If the variable
2178 already exists, its value is overriden. */
2180 void child_set_env(char ***envp, unsigned int *envsizep, const char *name,
2183 unsigned int i, namelen;
2186 /* Find the slot where the value should be stored. If the variable already
2187 exists, we reuse the slot; otherwise we append a new slot at the end
2188 of the array, expanding if necessary. */
2190 namelen = strlen(name);
2191 for (i = 0; env[i]; i++)
2192 if (strncmp(env[i], name, namelen) == 0 && env[i][namelen] == '=')
2196 /* Name already exists. Reuse the slot. */
2201 /* New variable. Expand the array if necessary. */
2202 if (i >= (*envsizep) - 1)
2205 env = (*envp) = xrealloc(env, (*envsizep) * sizeof(char *));
2208 /* Need to set the NULL pointer at end of array beyond the new
2213 /* Allocate space and format the variable in the appropriate slot. */
2214 env[i] = xmalloc(strlen(name) + 1 + strlen(value) + 1);
2215 snprintf(env[i], strlen(name) + 1 + strlen(value) + 1, "%s=%s", name, value);
2218 /* Reads environment variables from the given file and adds/overrides them
2219 into the environment. If the file does not exist, this does nothing.
2220 Otherwise, it must consist of empty lines, comments (line starts with '#')
2221 and assignments of the form name=value. No other forms are allowed. */
2223 void read_environment_file(char ***env, unsigned int *envsize,
2224 const char *filename)
2230 /* Open the environment file. */
2231 f = fopen(filename, "r");
2233 return; /* Not found. */
2235 /* Process each line. */
2236 while (fgets(buf, sizeof(buf), f))
2238 /* Skip leading whitespace. */
2239 for (cp = buf; *cp == ' ' || *cp == '\t'; cp++)
2242 /* Ignore empty and comment lines. */
2243 if (!*cp || *cp == '#' || *cp == '\n')
2246 /* Remove newline. */
2247 if (strchr(cp, '\n'))
2248 *strchr(cp, '\n') = '\0';
2250 /* Find the equals sign. Its lack indicates badly formatted line. */
2251 value = strchr(cp, '=');
2254 fprintf(stderr, "Bad line in %.100s: %.200s\n", filename, buf);
2258 /* Replace the equals sign by nul, and advance value to the value
2263 /* Set the value in environment. */
2264 child_set_env(env, envsize, cp, value);
2270 /* Performs common processing for the child, such as setting up the
2271 environment, closing extra file descriptors, setting the user and group
2272 ids, and executing the command or shell. */
2274 void do_child(const char *command, struct passwd *pw, const char *term,
2275 const char *display, const char *auth_proto,
2276 const char *auth_data, const char *ttyname)
2278 const char *shell, *cp = NULL;
2281 unsigned int envsize, i;
2283 extern char **environ;
2287 #ifndef HAVE_LIBPAM /* pam_nologin handles this */
2288 /* Check /etc/nologin. */
2289 f = fopen("/etc/nologin", "r");
2291 { /* /etc/nologin exists. Print its contents and exit. */
2292 while (fgets(buf, sizeof(buf), f))
2295 if (pw->pw_uid != 0)
2300 /* Set uid, gid, and groups. */
2301 /* Login(1) does this as well, and it needs uid 0 for the "-h" switch,
2302 so we let login(1) to this for us. */
2303 if(!options.use_login) {
2304 if (getuid() == 0 || geteuid() == 0)
2306 if (setgid(pw->pw_gid) < 0)
2311 /* Initialize the group list. */
2312 if (initgroups(pw->pw_name, pw->pw_gid) < 0)
2314 perror("initgroups");
2319 /* Permanently switch to the desired uid. */
2320 permanently_set_uid(pw->pw_uid);
2323 if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid)
2324 fatal("Failed to set uids to %d.", (int)pw->pw_uid);
2327 /* Get the shell from the password data. An empty shell field is legal,
2328 and means /bin/sh. */
2329 shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell;
2332 /* Try to get AFS tokens for the local cell. */
2336 if (k_afs_cell_of_file(pw->pw_dir, cell, sizeof(cell)) == 0)
2337 krb_afslog(cell, 0);
2343 /* Initialize the environment. In the first part we allocate space for
2344 all environment variables. */
2346 env = xmalloc(envsize * sizeof(char *));
2349 if(!options.use_login) {
2350 /* Set basic environment. */
2351 child_set_env(&env, &envsize, "USER", pw->pw_name);
2352 child_set_env(&env, &envsize, "LOGNAME", pw->pw_name);
2353 child_set_env(&env, &envsize, "HOME", pw->pw_dir);
2354 child_set_env(&env, &envsize, "PATH", _PATH_STDPATH);
2356 snprintf(buf, sizeof buf, "%.200s/%.50s",
2357 _PATH_MAILDIR, pw->pw_name);
2358 child_set_env(&env, &envsize, "MAIL", buf);
2360 /* Normal systems set SHELL by default. */
2361 child_set_env(&env, &envsize, "SHELL", shell);
2364 /* Let it inherit timezone if we have one. */
2366 child_set_env(&env, &envsize, "TZ", getenv("TZ"));
2368 /* Set custom environment options from RSA authentication. */
2369 while (custom_environment)
2371 struct envstring *ce = custom_environment;
2374 for (i = 0; s[i] != '=' && s[i]; i++)
2379 child_set_env(&env, &envsize, s, s + i + 1);
2381 custom_environment = ce->next;
2386 /* Set SSH_CLIENT. */
2387 snprintf(buf, sizeof buf, "%.50s %d %d",
2388 get_remote_ipaddr(), get_remote_port(), options.port);
2389 child_set_env(&env, &envsize, "SSH_CLIENT", buf);
2391 /* Set SSH_TTY if we have a pty. */
2393 child_set_env(&env, &envsize, "SSH_TTY", ttyname);
2395 /* Set TERM if we have a pty. */
2397 child_set_env(&env, &envsize, "TERM", term);
2399 /* Set DISPLAY if we have one. */
2401 child_set_env(&env, &envsize, "DISPLAY", display);
2405 extern char *ticket;
2408 child_set_env(&env, &envsize, "KRBTKFILE", ticket);
2413 /* Pull in any environment variables that may have been set by PAM. */
2415 char *equal_sign, var_name[256], var_val[256];
2417 char **pam_env = pam_getenvlist((pam_handle_t *)pamh);
2418 for(this_var = 0; pam_env && pam_env[this_var]; this_var++)
2420 if(strlen(pam_env[this_var]) < (sizeof(var_name) - 1))
2421 if((equal_sign = strstr(pam_env[this_var], "=")) != NULL)
2423 memset(var_name, 0, sizeof(var_name));
2424 memset(var_val, 0, sizeof(var_val));
2425 strncpy(var_name, pam_env[this_var],
2426 equal_sign - pam_env[this_var]);
2427 strcpy(var_val, equal_sign + 1);
2428 child_set_env(&env, &envsize, var_name, var_val);
2432 #endif /* HAVE_LIBPAM */
2434 /* Set XAUTHORITY to always be a local file. */
2436 child_set_env(&env, &envsize, "XAUTHORITY", xauthfile);
2438 /* Set variable for forwarded authentication connection, if we have one. */
2439 if (auth_get_socket_name() != NULL)
2440 child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
2441 auth_get_socket_name());
2443 /* Read $HOME/.ssh/environment. */
2444 if(!options.use_login) {
2445 snprintf(buf, sizeof buf, "%.200s/.ssh/environment", pw->pw_dir);
2446 read_environment_file(&env, &envsize, buf);
2449 /* If debugging, dump the environment to stderr. */
2452 fprintf(stderr, "Environment:\n");
2453 for (i = 0; env[i]; i++)
2454 fprintf(stderr, " %.200s\n", env[i]);
2457 /* Close the connection descriptors; note that this is the child, and the
2458 server will still have the socket open, and it is important that we
2459 do not shutdown it. Note that the descriptors cannot be closed before
2460 building the environment, as we call get_remote_ipaddr there. */
2461 if (packet_get_connection_in() == packet_get_connection_out())
2462 close(packet_get_connection_in());
2465 close(packet_get_connection_in());
2466 close(packet_get_connection_out());
2468 /* Close all descriptors related to channels. They will still remain
2469 open in the parent. */
2470 channel_close_all();
2472 /* Close any extra file descriptors. Note that there may still be
2473 descriptors left by system functions. They will be closed later. */
2477 /* Close any extra open file descriptors so that we don\'t have them
2478 hanging around in clients. Note that we want to do this after
2479 initgroups, because at least on Solaris 2.3 it leaves file descriptors
2481 for (i = 3; i < 64; i++)
2484 /* Change current directory to the user\'s home directory. */
2485 if (chdir(pw->pw_dir) < 0)
2486 fprintf(stderr, "Could not chdir to home directory %s: %s\n",
2487 pw->pw_dir, strerror(errno));
2489 /* Must take new environment into use so that .ssh/rc, /etc/sshrc and
2490 xauth are run in the proper environment. */
2493 /* Run $HOME/.ssh/rc, /etc/sshrc, or xauth (whichever is found first
2495 if(!options.use_login) {
2496 if (stat(SSH_USER_RC, &st) >= 0)
2499 fprintf(stderr, "Running /bin/sh %s\n", SSH_USER_RC);
2501 f = popen("/bin/sh " SSH_USER_RC, "w");
2504 if (auth_proto != NULL && auth_data != NULL)
2505 fprintf(f, "%s %s\n", auth_proto, auth_data);
2509 fprintf(stderr, "Could not run %s\n", SSH_USER_RC);
2512 if (stat(SSH_SYSTEM_RC, &st) >= 0)
2515 fprintf(stderr, "Running /bin/sh %s\n", SSH_SYSTEM_RC);
2517 f = popen("/bin/sh " SSH_SYSTEM_RC, "w");
2520 if (auth_proto != NULL && auth_data != NULL)
2521 fprintf(f, "%s %s\n", auth_proto, auth_data);
2525 fprintf(stderr, "Could not run %s\n", SSH_SYSTEM_RC);
2530 /* Add authority data to .Xauthority if appropriate. */
2531 if (auth_proto != NULL && auth_data != NULL)
2534 fprintf(stderr, "Running %.100s add %.100s %.100s %.100s\n",
2535 XAUTH_PATH, display, auth_proto, auth_data);
2537 f = popen(XAUTH_PATH " -q -", "w");
2540 fprintf(f, "add %s %s %s\n", display, auth_proto, auth_data);
2544 fprintf(stderr, "Could not run %s -q -\n", XAUTH_PATH);
2547 #endif /* XAUTH_PATH */
2549 /* Get the last component of the shell name. */
2550 cp = strrchr(shell, '/');
2557 /* If we have no command, execute the shell. In this case, the shell name
2558 to be passed in argv[0] is preceded by '-' to indicate that this is
2562 if(!options.use_login) {
2565 /* Check for mail if we have a tty and it was enabled in server options. */
2566 if (ttyname && options.check_mail) {
2568 struct stat mailstat;
2569 mailbox = getenv("MAIL");
2570 if(mailbox != NULL) {
2571 if(stat(mailbox, &mailstat) != 0 || mailstat.st_size == 0) {
2572 printf("No mail.\n");
2573 } else if(mailstat.st_mtime < mailstat.st_atime) {
2574 printf("You have mail.\n");
2576 printf("You have new mail.\n");
2581 /* Start the shell. Set initial character to '-'. */
2583 strncpy(buf + 1, cp, sizeof(buf) - 1);
2584 buf[sizeof(buf) - 1] = 0;
2585 /* Execute the shell. */
2588 execve(shell, argv, env);
2589 /* Executing the shell failed. */
2594 /* Launch login(1). */
2596 execl(LOGIN_PROGRAM, "login", "-h", get_remote_ipaddr(), "-p", "-f", "--", pw->pw_name, NULL);
2598 /* Login couldn't be executed, die. */
2605 /* Execute the command using the user's shell. This uses the -c option
2606 to execute the command. */
2607 argv[0] = (char *)cp;
2609 argv[2] = (char *)command;
2611 execve(shell, argv, env);