]> andersk Git - openssh.git/blobdiff - session.c
andersk / openssh.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
- (dtucker) [auth-pam.c scard-opensc.c] Tinderbox says auth-pam.c uses
[openssh.git] / session.c
diff --git a/session.c b/session.c
index af2e71992726aa9aea66909a167ca2918a906bbd..2fe511612689501a371f6b5018ad2e136835c922 100644 (file)
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.172 2004/01/30 09:48:57 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.175 2004/05/11 19:01:43 deraadt Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -42,7 +42,7 @@ RCSID("$OpenBSD: session.c,v 1.172 2004/01/30 09:48:57 markus Exp $");
 #include "sshpty.h"
 #include "packet.h"
 #include "buffer.h"
-#include "mpaux.h"
+#include "match.h"
 #include "uidswap.h"
 #include "compat.h"
 #include "channels.h"
@@ -201,6 +201,7 @@ display_loginmsg(void)
                printf("%s\n", (char *)buffer_ptr(&loginmsg));
                buffer_clear(&loginmsg);
        }
+       fflush(stdout);
 }
 
 void
@@ -491,6 +492,13 @@ do_exec_no_pty(Session *s, const char *command)
        close(inout[0]);
        close(err[0]);
 
+       /*
+        * Clear loginmsg, since it's the child's responsibility to display
+        * it to the user, otherwise multiple sessions may accumulate
+        * multiple copies of the login messages.
+        */
+       buffer_clear(&loginmsg);
+
        /*
         * Enter the interactive session.  Note: server_loop must be able to
         * handle the case that fdin and fdout are the same.
@@ -988,6 +996,10 @@ do_setup_env(Session *s, const char *shell)
 
        if (!options.use_login) {
                /* Set basic environment. */
+               for (i = 0; i < s->num_env; i++)
+                       child_set_env(&env, &envsize, s->env[i].name, 
+                           s->env[i].val);
+
                child_set_env(&env, &envsize, "USER", pw->pw_name);
                child_set_env(&env, &envsize, "LOGNAME", pw->pw_name);
 #ifdef _AIX
@@ -1085,9 +1097,9 @@ do_setup_env(Session *s, const char *shell)
        }
 #endif
 #ifdef KRB5
-       if (s->authctxt->krb5_ticket_file)
+       if (s->authctxt->krb5_ccname)
                child_set_env(&env, &envsize, "KRB5CCNAME",
-                   s->authctxt->krb5_ticket_file);
+                   s->authctxt->krb5_ccname);
 #endif
 #ifdef USE_PAM
        /*
@@ -1812,9 +1824,8 @@ session_exec_req(Session *s)
 static int
 session_break_req(Session *s)
 {
-       u_int break_length;
 
-       break_length = packet_get_int();        /* ignored */
+       packet_get_int();       /* ignored */
        packet_check_eom();
 
        if (s->ttyfd == -1 ||
@@ -1823,6 +1834,41 @@ session_break_req(Session *s)
        return 1;
 }
 
+static int
+session_env_req(Session *s)
+{
+       char *name, *val;
+       u_int name_len, val_len, i;
+
+       name = packet_get_string(&name_len);
+       val = packet_get_string(&val_len);
+       packet_check_eom();
+
+       /* Don't set too many environment variables */
+       if (s->num_env > 128) {
+               debug2("Ignoring env request %s: too many env vars", name);
+               goto fail;
+       }
+
+       for (i = 0; i < options.num_accept_env; i++) {
+               if (match_pattern(name, options.accept_env[i])) {
+                       debug2("Setting env %d: %s=%s", s->num_env, name, val);
+                       s->env = xrealloc(s->env, sizeof(*s->env) *
+                           (s->num_env + 1));
+                       s->env[s->num_env].name = name;
+                       s->env[s->num_env].val = val;
+                       s->num_env++;
+                       return (1);
+               }
+       }
+       debug2("Ignoring env request %s: disallowed name", name);
+
+ fail:
+       xfree(name);
+       xfree(val);
+       return (0);
+}
+
 static int
 session_auth_agent_req(Session *s)
 {
@@ -1872,6 +1918,8 @@ session_input_channel_req(Channel *c, const char *rtype)
                        success = session_subsystem_req(s);
                } else if (strcmp(rtype, "break") == 0) {
                        success = session_break_req(s);
+               } else if (strcmp(rtype, "env") == 0) {
+                       success = session_env_req(s);
                }
        }
        if (strcmp(rtype, "window-change") == 0) {
@@ -2009,6 +2057,8 @@ session_exit_message(Session *s, int status)
 void
 session_close(Session *s)
 {
+       int i;
+
        debug("session_close: session %d pid %ld", s->self, (long)s->pid);
        if (s->ttyfd != -1)
                session_pty_cleanup(s);
@@ -2023,6 +2073,12 @@ session_close(Session *s)
        if (s->auth_proto)
                xfree(s->auth_proto);
        s->used = 0;
+       for (i = 0; i < s->num_env; i++) {
+               xfree(s->env[i].name);
+               xfree(s->env[i].val);
+       }
+       if (s->env != NULL)
+               xfree(s->env);
        session_proctitle(s);
 }
 
git-cvsimport mirror of OpenSSH
This page took 0.038403 seconds and 4 git commands to generate.