* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*/
+/*
+ * SSH2 support by Markus Friedl.
+ * Copyright (c) 2000 Markus Friedl. All rights reserved.
+ */
#include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.1 2000/03/28 21:15:45 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.12 2000/05/03 18:03:07 markus Exp $");
#include "xmalloc.h"
#include "ssh.h"
#include "channels.h"
#include "nchan.h"
+#include "bufaux.h"
+#include "ssh2.h"
+#include "auth.h"
+
/* types */
#define TTYSZ 64
struct Session {
int used;
int self;
+ int extended;
struct passwd *pw;
pid_t pid;
/* tty */
int screen;
char *auth_proto;
char *auth_data;
+ int single_connection;
/* proto 2 */
int chanid;
};
Session *session_new(void);
void session_set_fds(Session *s, int fdin, int fdout, int fderr);
void session_pty_cleanup(Session *s);
+void session_proctitle(Session *s);
void do_exec_pty(Session *s, const char *command, struct passwd * pw);
void do_exec_no_pty(Session *s, const char *command, struct passwd * pw);
/* import */
extern ServerOptions options;
+#ifdef HAVE___PROGNAME
extern char *__progname;
+#else /* HAVE___PROGNAME */
+static const char *__progname = "sshd";
+#endif /* HAVE___PROGNAME */
+
extern int log_stderr;
extern int debug_flag;
/* data */
#define MAX_SESSIONS 10
Session sessions[MAX_SESSIONS];
+#ifdef WITH_AIXAUTHENTICATE
+/* AIX's lastlogin message, set in auth1.c */
+char *aixloginmsg;
+#endif /* WITH_AIXAUTHENTICATE */
/* Flags set in auth-rsa from authorized_keys flags. These are set in auth-rsa.c. */
int no_port_forwarding_flag = 0;
* Function to perform cleanup if we get aborted abnormally (e.g., due to a
* dropped connection).
*/
-void
+void
pty_cleanup_proc(void *session)
{
Session *s=session;
* terminals are allocated, X11, TCP/IP, and authentication agent forwardings
* are requested, etc.
*/
-void
+void
do_authenticated(struct passwd * pw)
{
Session *s;
channel_permit_all_opens();
s = session_new();
+ s->pw = pw;
/*
* We stay in this loop until the client requests to execute a shell
tty_parse_modes(s->ttyfd, &n_bytes);
packet_integrity_check(plen, 4 + dlen + 4 * 4 + n_bytes, type);
+ session_proctitle(s);
+
/* Indicate that we now have a pty. */
success = 1;
have_pty = 1;
xauthfile, strerror(errno));
xfree(xauthfile);
xauthfile = NULL;
+ /* XXXX remove listening channels */
break;
}
strlcat(xauthfile, "/cookies", MAXPATHLEN);
break;
}
debug("Received TCP/IP port forwarding request.");
- channel_input_port_forward_request(pw->pw_uid == 0);
+ channel_input_port_forward_request(pw->pw_uid == 0, options.gateway_ports);
success = 1;
break;
* will call do_child from the child, and server_loop from the parent after
* setting up file descriptors and such.
*/
-void
+void
do_exec_no_pty(Session *s, const char *command, struct passwd * pw)
{
int pid;
if (s == NULL)
fatal("do_exec_no_pty: no session");
- setproctitle("%s@notty", pw->pw_name);
+ session_proctitle(s);
#ifdef USE_PAM
do_pam_setcred();
close(pout[1]);
close(perr[1]);
- /* Enter the interactive session. */
- server_loop(pid, pin[1], pout[0], perr[0]);
- /* server_loop has closed pin[1], pout[1], and perr[1]. */
+ if (compat20) {
+ session_set_fds(s, pin[1], pout[0], s->extended ? perr[0] : -1);
+ } else {
+ /* Enter the interactive session. */
+ server_loop(pid, pin[1], pout[0], perr[0]);
+ /* server_loop has closed pin[1], pout[1], and perr[1]. */
+ }
#else /* USE_PIPES */
/* We are the parent. Close the child sides of the socket pairs. */
close(inout[0]);
* Enter the interactive session. Note: server_loop must be able to
* handle the case that fdin and fdout are the same.
*/
- server_loop(pid, inout[1], inout[1], err[1]);
- /* server_loop has closed inout[1] and err[1]. */
+ if (compat20) {
+ session_set_fds(s, inout[1], inout[1], s->extended ? err[1] : -1);
+ } else {
+ server_loop(pid, inout[1], inout[1], err[1]);
+ /* server_loop has closed inout[1] and err[1]. */
+ }
#endif /* USE_PIPES */
}
* setting up file descriptors, controlling tty, updating wtmp, utmp,
* lastlog, and other such operations.
*/
-void
+void
do_exec_pty(Session *s, const char *command, struct passwd * pw)
{
FILE *f;
last_login_time = get_last_login_time(pw->pw_uid, pw->pw_name,
buf, sizeof(buf));
}
- setproctitle("%s@%s", pw->pw_name, strrchr(s->tty, '/') + 1);
#ifdef USE_PAM
do_pam_session(pw->pw_name, s->tty);
/* Close the extra descriptor for the pseudo tty. */
close(ttyfd);
-///XXXX ? move to do_child() ??
+/* XXXX ? move to do_child() ??*/
/*
* Get IP address of client. This is needed because we want
* to record where the user logged in from. If the
fclose(f);
}
}
+#if defined(WITH_AIXAUTHENTICATE)
+ /*
+ * AIX handles the lastlog info differently. Display it here.
+ */
+ if (command == NULL && aixloginmsg && *aixloginmsg &&
+ !quiet_login && !options.use_login) {
+ printf("%s\n", aixloginmsg);
+ }
+#endif
/* Do common processing for the child, such as execing the command. */
do_child(command, pw, s->term, s->display, s->auth_proto, s->auth_data, s->tty);
/* NOTREACHED */
s->ptymaster = ptymaster;
/* Enter interactive session. */
- server_loop(pid, ptyfd, fdout, -1);
- /* server_loop _has_ closed ptyfd and fdout. */
- session_pty_cleanup(s);
+ if (compat20) {
+ session_set_fds(s, ptyfd, fdout, -1);
+ } else {
+ server_loop(pid, ptyfd, fdout, -1);
+ /* server_loop _has_ closed ptyfd and fdout. */
+ session_pty_cleanup(s);
+ }
}
/*
* Sets the value of the given variable in the environment. If the variable
* already exists, its value is overriden.
*/
-void
+void
child_set_env(char ***envp, unsigned int *envsizep, const char *name,
const char *value)
{
* Otherwise, it must consist of empty lines, comments (line starts with '#')
* and assignments of the form name=value. No other forms are allowed.
*/
-void
+void
read_environment_file(char ***env, unsigned int *envsize,
const char *filename)
{
* environment, closing extra file descriptors, setting the user and group
* ids, and executing the command or shell.
*/
-void
+void
do_child(const char *command, struct passwd * pw, const char *term,
const char *display, const char *auth_proto,
const char *auth_data, const char *ttyname)
else {
/* Add authority data to .Xauthority if appropriate. */
if (auth_proto != NULL && auth_data != NULL) {
- if (debug_flag)
+ char *screen = strchr(display, ':');
+ if (debug_flag) {
fprintf(stderr, "Running %.100s add %.100s %.100s %.100s\n",
- XAUTH_PATH, display, auth_proto, auth_data);
-
+ XAUTH_PATH, display, auth_proto, auth_data);
+ if (screen != NULL)
+ fprintf(stderr, "Adding %.*s/unix%s %s %s\n",
+ screen-display, display, screen, auth_proto, auth_data);
+ }
f = popen(XAUTH_PATH " -q -", "w");
if (f) {
fprintf(f, "add %s %s %s\n", display, auth_proto, auth_data);
+ if (screen != NULL)
+ fprintf(f, "add %.*s/unix%s %s %s\n",
+ screen-display, display, screen, auth_proto, auth_data);
pclose(f);
} else
fprintf(stderr, "Could not run %s -q -\n", XAUTH_PATH);
Session *s = &sessions[i];
if (! s->used) {
s->pid = 0;
+ s->extended = 0;
s->chanid = -1;
s->ptyfd = -1;
s->ttyfd = -1;
s->auth_data = NULL;
s->auth_proto = NULL;
s->used = 1;
+ s->pw = NULL;
debug("session_new: session %d", i);
return s;
}
}
}
+int
+session_open(int chanid)
+{
+ Session *s = session_new();
+ debug("session_open: channel %d", chanid);
+ if (s == NULL) {
+ error("no more sessions");
+ return 0;
+ }
+ s->pw = auth_get_user();
+ if (s->pw == NULL)
+ fatal("no user for session %i", s->self);
+ debug("session_open: session %d: link with channel %d", s->self, chanid);
+ s->chanid = chanid;
+ return 1;
+}
+
+Session *
+session_by_channel(int id)
+{
+ int i;
+ for(i = 0; i < MAX_SESSIONS; i++) {
+ Session *s = &sessions[i];
+ if (s->used && s->chanid == id) {
+ debug("session_by_channel: session %d channel %d", i, id);
+ return s;
+ }
+ }
+ debug("session_by_channel: unknown channel %d", id);
+ session_dump();
+ return NULL;
+}
+
+Session *
+session_by_pid(pid_t pid)
+{
+ int i;
+ debug("session_by_pid: pid %d", pid);
+ for(i = 0; i < MAX_SESSIONS; i++) {
+ Session *s = &sessions[i];
+ if (s->used && s->pid == pid)
+ return s;
+ }
+ error("session_by_pid: unknown pid %d", pid);
+ session_dump();
+ return NULL;
+}
+
+int
+session_window_change_req(Session *s)
+{
+ s->col = packet_get_int();
+ s->row = packet_get_int();
+ s->xpixel = packet_get_int();
+ s->ypixel = packet_get_int();
+ packet_done();
+ pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);
+ return 1;
+}
+
+int
+session_pty_req(Session *s)
+{
+ unsigned int len;
+ char *term_modes; /* encoded terminal modes */
+
+ if (s->ttyfd != -1)
+ return 0;
+ s->term = packet_get_string(&len);
+ s->col = packet_get_int();
+ s->row = packet_get_int();
+ s->xpixel = packet_get_int();
+ s->ypixel = packet_get_int();
+ term_modes = packet_get_string(&len);
+ packet_done();
+
+ if (strcmp(s->term, "") == 0) {
+ xfree(s->term);
+ s->term = NULL;
+ }
+ /* Allocate a pty and open it. */
+ if (!pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty))) {
+ xfree(s->term);
+ s->term = NULL;
+ s->ptyfd = -1;
+ s->ttyfd = -1;
+ error("session_pty_req: session %d alloc failed", s->self);
+ xfree(term_modes);
+ return 0;
+ }
+ debug("session_pty_req: session %d alloc %s", s->self, s->tty);
+ /*
+ * Add a cleanup function to clear the utmp entry and record logout
+ * time in case we call fatal() (e.g., the connection gets closed).
+ */
+ fatal_add_cleanup(pty_cleanup_proc, (void *)s);
+ pty_setowner(s->pw, s->tty);
+ /* Get window size from the packet. */
+ pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);
+
+ session_proctitle(s);
+
+ /* XXX parse and set terminal modes */
+ xfree(term_modes);
+ return 1;
+}
+
+int
+session_subsystem_req(Session *s)
+{
+ unsigned int len;
+ int success = 0;
+ char *subsys = packet_get_string(&len);
+
+ packet_done();
+ log("subsystem request for %s", subsys);
+
+ xfree(subsys);
+ return success;
+}
+
+int
+session_x11_req(Session *s)
+{
+ if (!options.x11_forwarding) {
+ debug("X11 forwarding disabled in server configuration file.");
+ return 0;
+ }
+ if (xauthfile != NULL) {
+ debug("X11 fwd already started.");
+ return 0;
+ }
+
+ debug("Received request for X11 forwarding with auth spoofing.");
+ if (s->display != NULL)
+ packet_disconnect("Protocol error: X11 display already set.");
+
+ s->single_connection = packet_get_char();
+ s->auth_proto = packet_get_string(NULL);
+ s->auth_data = packet_get_string(NULL);
+ s->screen = packet_get_int();
+ packet_done();
+
+ s->display = x11_create_display_inet(s->screen, options.x11_display_offset);
+ if (s->display == NULL) {
+ xfree(s->auth_proto);
+ xfree(s->auth_data);
+ return 0;
+ }
+ xauthfile = xmalloc(MAXPATHLEN);
+ strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
+ temporarily_use_uid(s->pw->pw_uid);
+ if (mkdtemp(xauthfile) == NULL) {
+ restore_uid();
+ error("private X11 dir: mkdtemp %s failed: %s",
+ xauthfile, strerror(errno));
+ xfree(xauthfile);
+ xauthfile = NULL;
+ xfree(s->auth_proto);
+ xfree(s->auth_data);
+ /* XXXX remove listening channels */
+ return 0;
+ }
+ strlcat(xauthfile, "/cookies", MAXPATHLEN);
+ open(xauthfile, O_RDWR|O_CREAT|O_EXCL, 0600);
+ restore_uid();
+ fatal_add_cleanup(xauthfile_cleanup_proc, s);
+ return 1;
+}
+
+void
+session_input_channel_req(int id, void *arg)
+{
+ unsigned int len;
+ int reply;
+ int success = 0;
+ char *rtype;
+ Session *s;
+ Channel *c;
+
+ rtype = packet_get_string(&len);
+ reply = packet_get_char();
+
+ s = session_by_channel(id);
+ if (s == NULL)
+ fatal("session_input_channel_req: channel %d: no session", id);
+ c = channel_lookup(id);
+ if (c == NULL)
+ fatal("session_input_channel_req: channel %d: bad channel", id);
+
+ debug("session_input_channel_req: session %d channel %d request %s reply %d",
+ s->self, id, rtype, reply);
+
+ /*
+ * a session is in LARVAL state until a shell
+ * or programm is executed
+ */
+ if (c->type == SSH_CHANNEL_LARVAL) {
+ if (strcmp(rtype, "shell") == 0) {
+ packet_done();
+ s->extended = 1;
+ if (s->ttyfd == -1)
+ do_exec_no_pty(s, NULL, s->pw);
+ else
+ do_exec_pty(s, NULL, s->pw);
+ success = 1;
+ } else if (strcmp(rtype, "exec") == 0) {
+ char *command = packet_get_string(&len);
+ packet_done();
+ s->extended = 1;
+ if (s->ttyfd == -1)
+ do_exec_no_pty(s, command, s->pw);
+ else
+ do_exec_pty(s, command, s->pw);
+ xfree(command);
+ success = 1;
+ } else if (strcmp(rtype, "pty-req") == 0) {
+ success = session_pty_req(s);
+ } else if (strcmp(rtype, "x11-req") == 0) {
+ success = session_x11_req(s);
+ } else if (strcmp(rtype, "subsystem") == 0) {
+ success = session_subsystem_req(s);
+ }
+ }
+ if (strcmp(rtype, "window-change") == 0) {
+ success = session_window_change_req(s);
+ }
+
+ if (reply) {
+ packet_start(success ?
+ SSH2_MSG_CHANNEL_SUCCESS : SSH2_MSG_CHANNEL_FAILURE);
+ packet_put_int(c->remote_id);
+ packet_send();
+ }
+ xfree(rtype);
+}
+
+void
+session_set_fds(Session *s, int fdin, int fdout, int fderr)
+{
+ if (!compat20)
+ fatal("session_set_fds: called for proto != 2.0");
+ /*
+ * now that have a child and a pipe to the child,
+ * we can activate our channel and register the fd's
+ */
+ if (s->chanid == -1)
+ fatal("no channel for session %d", s->self);
+ channel_set_fds(s->chanid,
+ fdout, fdin, fderr,
+ fderr == -1 ? CHAN_EXTENDED_IGNORE : CHAN_EXTENDED_READ);
+}
+
void
session_pty_cleanup(Session *s)
{
if (close(s->ptymaster) < 0)
error("close(s->ptymaster): %s", strerror(errno));
}
+
+void
+session_exit_message(Session *s, int status)
+{
+ Channel *c;
+ if (s == NULL)
+ fatal("session_close: no session");
+ c = channel_lookup(s->chanid);
+ if (c == NULL)
+ fatal("session_close: session %d: no channel %d",
+ s->self, s->chanid);
+ debug("session_exit_message: session %d channel %d pid %d",
+ s->self, s->chanid, s->pid);
+
+ if (WIFEXITED(status)) {
+ channel_request_start(s->chanid,
+ "exit-status", 0);
+ packet_put_int(WEXITSTATUS(status));
+ packet_send();
+ } else if (WIFSIGNALED(status)) {
+ channel_request_start(s->chanid,
+ "exit-signal", 0);
+ packet_put_int(WTERMSIG(status));
+#ifdef WCOREDUMP
+ packet_put_char(WCOREDUMP(status));
+#else /* WCOREDUMP */
+ packet_put_char(0);
+#endif /* WCOREDUMP */
+ packet_put_cstring("");
+ packet_put_cstring("");
+ packet_send();
+ } else {
+ /* Some weird exit cause. Just exit. */
+ packet_disconnect("wait returned status %04x.", status);
+ }
+
+ /* disconnect channel */
+ debug("session_exit_message: release channel %d", s->chanid);
+ channel_cancel_cleanup(s->chanid);
+ /*
+ * emulate a write failure with 'chan_write_failed', nobody will be
+ * interested in data we write.
+ * Note that we must not call 'chan_read_failed', since there could
+ * be some more data waiting in the pipe.
+ */
+ if (c->ostate != CHAN_OUTPUT_CLOSED)
+ chan_write_failed(c);
+ s->chanid = -1;
+}
+
+void
+session_free(Session *s)
+{
+ debug("session_free: session %d pid %d", s->self, s->pid);
+ if (s->term)
+ xfree(s->term);
+ if (s->display)
+ xfree(s->display);
+ if (s->auth_data)
+ xfree(s->auth_data);
+ if (s->auth_proto)
+ xfree(s->auth_proto);
+ s->used = 0;
+}
+
+void
+session_close(Session *s)
+{
+ session_pty_cleanup(s);
+ session_free(s);
+ session_proctitle(s);
+}
+
+void
+session_close_by_pid(pid_t pid, int status)
+{
+ Session *s = session_by_pid(pid);
+ if (s == NULL) {
+ debug("session_close_by_pid: no session for pid %d", s->pid);
+ return;
+ }
+ if (s->chanid != -1)
+ session_exit_message(s, status);
+ session_close(s);
+}
+
+/*
+ * this is called when a channel dies before
+ * the session 'child' itself dies
+ */
+void
+session_close_by_channel(int id, void *arg)
+{
+ Session *s = session_by_channel(id);
+ if (s == NULL) {
+ debug("session_close_by_channel: no session for channel %d", id);
+ return;
+ }
+ /* disconnect channel */
+ channel_cancel_cleanup(s->chanid);
+ s->chanid = -1;
+
+ debug("session_close_by_channel: channel %d kill %d", id, s->pid);
+ if (s->pid == 0) {
+ /* close session immediately */
+ session_close(s);
+ } else {
+ /* notify child, delay session cleanup */
+ if (kill(s->pid, (s->ttyfd == -1) ? SIGTERM : SIGHUP) < 0)
+ error("session_close_by_channel: kill %d: %s",
+ s->pid, strerror(errno));
+ }
+}
+
+char *
+session_tty_list(void)
+{
+ static char buf[1024];
+ int i;
+ buf[0] = '\0';
+ for(i = 0; i < MAX_SESSIONS; i++) {
+ Session *s = &sessions[i];
+ if (s->used && s->ttyfd != -1) {
+ if (buf[0] != '\0')
+ strlcat(buf, ",", sizeof buf);
+ strlcat(buf, strrchr(s->tty, '/') + 1, sizeof buf);
+ }
+ }
+ if (buf[0] == '\0')
+ strlcpy(buf, "notty", sizeof buf);
+ return buf;
+}
+
+void
+session_proctitle(Session *s)
+{
+ if (s->pw == NULL)
+ error("no user for session %d", s->self);
+ else
+ setproctitle("%s@%s", s->pw->pw_name, session_tty_list());
+}
+
+void
+do_authenticated2(void)
+{
+ /*
+ * Cancel the alarm we set to limit the time taken for
+ * authentication.
+ */
+ alarm(0);
+ server_loop2();
+ if (xauthfile)
+ xauthfile_cleanup_proc(NULL);
+}