Mercurial > dropbear
comparison svr-chansession.c @ 1342:8747c2b19152
merge 2017.75
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Thu, 18 May 2017 22:59:38 +0800 |
| parents | 79225928bf59 |
| children | 06d52bcb8094 |
comparison
equal
deleted
inserted
replaced
| 1341:ab35a9ccc2eb | 1342:8747c2b19152 |
|---|---|
| 252 | 252 |
| 253 chansess->exit.exitpid = -1; | 253 chansess->exit.exitpid = -1; |
| 254 | 254 |
| 255 channel->typedata = chansess; | 255 channel->typedata = chansess; |
| 256 | 256 |
| 257 #ifndef DISABLE_X11FWD | 257 #if DROPBEAR_X11FWD |
| 258 chansess->x11listener = NULL; | 258 chansess->x11listener = NULL; |
| 259 chansess->x11authprot = NULL; | 259 chansess->x11authprot = NULL; |
| 260 chansess->x11authcookie = NULL; | 260 chansess->x11authcookie = NULL; |
| 261 #endif | 261 #endif |
| 262 | 262 |
| 263 #ifdef ENABLE_SVR_AGENTFWD | 263 #if DROPBEAR_SVR_AGENTFWD |
| 264 chansess->agentlistener = NULL; | 264 chansess->agentlistener = NULL; |
| 265 chansess->agentfile = NULL; | 265 chansess->agentfile = NULL; |
| 266 chansess->agentdir = NULL; | 266 chansess->agentdir = NULL; |
| 267 #endif | 267 #endif |
| 268 | 268 |
| 299 send_exitsignalstatus(channel); | 299 send_exitsignalstatus(channel); |
| 300 | 300 |
| 301 m_free(chansess->cmd); | 301 m_free(chansess->cmd); |
| 302 m_free(chansess->term); | 302 m_free(chansess->term); |
| 303 | 303 |
| 304 #ifdef ENABLE_SVR_PUBKEY_OPTIONS | 304 #if DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT |
| 305 m_free(chansess->original_command); | 305 m_free(chansess->original_command); |
| 306 #endif | 306 #endif |
| 307 | 307 |
| 308 if (chansess->tty) { | 308 if (chansess->tty) { |
| 309 /* write the utmp/wtmp login record */ | 309 /* write the utmp/wtmp login record */ |
| 313 | 313 |
| 314 pty_release(chansess->tty); | 314 pty_release(chansess->tty); |
| 315 m_free(chansess->tty); | 315 m_free(chansess->tty); |
| 316 } | 316 } |
| 317 | 317 |
| 318 #ifndef DISABLE_X11FWD | 318 #if DROPBEAR_X11FWD |
| 319 x11cleanup(chansess); | 319 x11cleanup(chansess); |
| 320 #endif | 320 #endif |
| 321 | 321 |
| 322 #ifdef ENABLE_SVR_AGENTFWD | 322 #if DROPBEAR_SVR_AGENTFWD |
| 323 svr_agentcleanup(chansess); | 323 svr_agentcleanup(chansess); |
| 324 #endif | 324 #endif |
| 325 | 325 |
| 326 /* clear child pid entries */ | 326 /* clear child pid entries */ |
| 327 for (i = 0; i < svr_ses.childpidsize; i++) { | 327 for (i = 0; i < svr_ses.childpidsize; i++) { |
| 371 ret = sessionpty(chansess); | 371 ret = sessionpty(chansess); |
| 372 } else if (strcmp(type, "exec") == 0) { | 372 } else if (strcmp(type, "exec") == 0) { |
| 373 ret = sessioncommand(channel, chansess, 1, 0); | 373 ret = sessioncommand(channel, chansess, 1, 0); |
| 374 } else if (strcmp(type, "subsystem") == 0) { | 374 } else if (strcmp(type, "subsystem") == 0) { |
| 375 ret = sessioncommand(channel, chansess, 1, 1); | 375 ret = sessioncommand(channel, chansess, 1, 1); |
| 376 #ifndef DISABLE_X11FWD | 376 #if DROPBEAR_X11FWD |
| 377 } else if (strcmp(type, "x11-req") == 0) { | 377 } else if (strcmp(type, "x11-req") == 0) { |
| 378 ret = x11req(chansess); | 378 ret = x11req(chansess); |
| 379 #endif | 379 #endif |
| 380 #ifdef ENABLE_SVR_AGENTFWD | 380 #if DROPBEAR_SVR_AGENTFWD |
| 381 } else if (strcmp(type, "[email protected]") == 0) { | 381 } else if (strcmp(type, "[email protected]") == 0) { |
| 382 ret = svr_agentreq(chansess); | 382 ret = svr_agentreq(chansess); |
| 383 #endif | 383 #endif |
| 384 } else if (strcmp(type, "signal") == 0) { | 384 } else if (strcmp(type, "signal") == 0) { |
| 385 ret = sessionsignal(chansess); | 385 ret = sessionsignal(chansess); |
| 601 | 601 |
| 602 TRACE(("leave sessionpty")) | 602 TRACE(("leave sessionpty")) |
| 603 return DROPBEAR_SUCCESS; | 603 return DROPBEAR_SUCCESS; |
| 604 } | 604 } |
| 605 | 605 |
| 606 #ifndef USE_VFORK | 606 #if !DROPBEAR_VFORK |
| 607 static void make_connection_string(struct ChanSess *chansess) { | 607 static void make_connection_string(struct ChanSess *chansess) { |
| 608 char *local_ip, *local_port, *remote_ip, *remote_port; | 608 char *local_ip, *local_port, *remote_ip, *remote_port; |
| 609 size_t len; | 609 size_t len; |
| 610 get_socket_address(ses.sock_in, &local_ip, &local_port, &remote_ip, &remote_port, 0); | 610 get_socket_address(ses.sock_in, &local_ip, &local_port, &remote_ip, &remote_port, 0); |
| 611 | 611 |
| 632 * noptycommand or ptycommand as appropriate. | 632 * noptycommand or ptycommand as appropriate. |
| 633 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ | 633 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ |
| 634 static int sessioncommand(struct Channel *channel, struct ChanSess *chansess, | 634 static int sessioncommand(struct Channel *channel, struct ChanSess *chansess, |
| 635 int iscmd, int issubsys) { | 635 int iscmd, int issubsys) { |
| 636 | 636 |
| 637 unsigned int cmdlen; | 637 unsigned int cmdlen = 0; |
| 638 int ret; | 638 int ret; |
| 639 | 639 |
| 640 TRACE(("enter sessioncommand")) | 640 TRACE(("enter sessioncommand")) |
| 641 | 641 |
| 642 if (chansess->cmd != NULL) { | 642 if (chansess->cmd != NULL) { |
| 669 return DROPBEAR_FAILURE; | 669 return DROPBEAR_FAILURE; |
| 670 } | 670 } |
| 671 } | 671 } |
| 672 } | 672 } |
| 673 | 673 |
| 674 /* take public key option 'command' into account */ | 674 |
| 675 svr_pubkey_set_forced_command(chansess); | 675 /* take global command into account */ |
| 676 if (svr_opts.forced_command) { | |
| 677 chansess->original_command = chansess->cmd ? : m_strdup(""); | |
| 678 chansess->cmd = m_strdup(svr_opts.forced_command); | |
| 679 } else { | |
| 680 /* take public key option 'command' into account */ | |
| 681 svr_pubkey_set_forced_command(chansess); | |
| 682 } | |
| 683 | |
| 676 | 684 |
| 677 #ifdef LOG_COMMANDS | 685 #ifdef LOG_COMMANDS |
| 678 if (chansess->cmd) { | 686 if (chansess->cmd) { |
| 679 dropbear_log(LOG_INFO, "User %s executing '%s'", | 687 dropbear_log(LOG_INFO, "User %s executing '%s'", |
| 680 ses.authstate.pw_name, chansess->cmd); | 688 ses.authstate.pw_name, chansess->cmd); |
| 684 } | 692 } |
| 685 #endif | 693 #endif |
| 686 | 694 |
| 687 /* uClinux will vfork(), so there'll be a race as | 695 /* uClinux will vfork(), so there'll be a race as |
| 688 connection_string is freed below. */ | 696 connection_string is freed below. */ |
| 689 #ifndef USE_VFORK | 697 #if !DROPBEAR_VFORK |
| 690 make_connection_string(chansess); | 698 make_connection_string(chansess); |
| 691 #endif | 699 #endif |
| 692 | 700 |
| 693 if (chansess->term == NULL) { | 701 if (chansess->term == NULL) { |
| 694 /* no pty */ | 702 /* no pty */ |
| 700 } else { | 708 } else { |
| 701 /* want pty */ | 709 /* want pty */ |
| 702 ret = ptycommand(channel, chansess); | 710 ret = ptycommand(channel, chansess); |
| 703 } | 711 } |
| 704 | 712 |
| 705 #ifndef USE_VFORK | 713 #if !DROPBEAR_VFORK |
| 706 m_free(chansess->connection_string); | 714 m_free(chansess->connection_string); |
| 707 m_free(chansess->client_string); | 715 m_free(chansess->client_string); |
| 708 #endif | 716 #endif |
| 709 | 717 |
| 710 if (ret == DROPBEAR_FAILURE) { | 718 if (ret == DROPBEAR_FAILURE) { |
| 774 if (chansess->master == -1 || chansess->tty == NULL) { | 782 if (chansess->master == -1 || chansess->tty == NULL) { |
| 775 dropbear_log(LOG_WARNING, "No pty was allocated, couldn't execute"); | 783 dropbear_log(LOG_WARNING, "No pty was allocated, couldn't execute"); |
| 776 return DROPBEAR_FAILURE; | 784 return DROPBEAR_FAILURE; |
| 777 } | 785 } |
| 778 | 786 |
| 779 #ifdef USE_VFORK | 787 #if DROPBEAR_VFORK |
| 780 pid = vfork(); | 788 pid = vfork(); |
| 781 #else | 789 #else |
| 782 pid = fork(); | 790 pid = fork(); |
| 783 #endif | 791 #endif |
| 784 if (pid < 0) | 792 if (pid < 0) |
| 894 struct ChanSess *chansess = user_data; | 902 struct ChanSess *chansess = user_data; |
| 895 char *usershell = NULL; | 903 char *usershell = NULL; |
| 896 | 904 |
| 897 /* with uClinux we'll have vfork()ed, so don't want to overwrite the | 905 /* with uClinux we'll have vfork()ed, so don't want to overwrite the |
| 898 * hostkey. can't think of a workaround to clear it */ | 906 * hostkey. can't think of a workaround to clear it */ |
| 899 #ifndef USE_VFORK | 907 #if !DROPBEAR_VFORK |
| 900 /* wipe the hostkey */ | 908 /* wipe the hostkey */ |
| 901 sign_key_free(svr_opts.hostkey); | 909 sign_key_free(svr_opts.hostkey); |
| 902 svr_opts.hostkey = NULL; | 910 svr_opts.hostkey = NULL; |
| 903 | 911 |
| 904 /* overwrite the prng state */ | 912 /* overwrite the prng state */ |
| 963 | 971 |
| 964 if (chansess->client_string) { | 972 if (chansess->client_string) { |
| 965 addnewvar("SSH_CLIENT", chansess->client_string); | 973 addnewvar("SSH_CLIENT", chansess->client_string); |
| 966 } | 974 } |
| 967 | 975 |
| 968 #ifdef ENABLE_SVR_PUBKEY_OPTIONS | 976 #if DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT |
| 969 if (chansess->original_command) { | 977 if (chansess->original_command) { |
| 970 addnewvar("SSH_ORIGINAL_COMMAND", chansess->original_command); | 978 addnewvar("SSH_ORIGINAL_COMMAND", chansess->original_command); |
| 971 } | 979 } |
| 972 #endif | 980 #endif |
| 973 | 981 |
| 974 /* change directory */ | 982 /* change directory */ |
| 975 if (chdir(ses.authstate.pw_dir) < 0) { | 983 if (chdir(ses.authstate.pw_dir) < 0) { |
| 976 dropbear_exit("Error changing directory"); | 984 dropbear_exit("Error changing directory"); |
| 977 } | 985 } |
| 978 | 986 |
| 979 #ifndef DISABLE_X11FWD | 987 #if DROPBEAR_X11FWD |
| 980 /* set up X11 forwarding if enabled */ | 988 /* set up X11 forwarding if enabled */ |
| 981 x11setauth(chansess); | 989 x11setauth(chansess); |
| 982 #endif | 990 #endif |
| 983 #ifdef ENABLE_SVR_AGENTFWD | 991 #if DROPBEAR_SVR_AGENTFWD |
| 984 /* set up agent env variable */ | 992 /* set up agent env variable */ |
| 985 svr_agentset(chansess); | 993 svr_agentset(chansess); |
| 986 #endif | 994 #endif |
| 987 | 995 |
| 988 usershell = m_strdup(get_user_shell()); | 996 usershell = m_strdup(get_user_shell()); |