Mercurial > dropbear
comparison svr-chansession.c @ 1342:8747c2b19152
merge 2017.75
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 18 May 2017 22:59:38 +0800 |
parents | 79225928bf59 |
children | 06d52bcb8094 |
comparison
equal
deleted
inserted
replaced
1341:ab35a9ccc2eb | 1342:8747c2b19152 |
---|---|
252 | 252 |
253 chansess->exit.exitpid = -1; | 253 chansess->exit.exitpid = -1; |
254 | 254 |
255 channel->typedata = chansess; | 255 channel->typedata = chansess; |
256 | 256 |
257 #ifndef DISABLE_X11FWD | 257 #if DROPBEAR_X11FWD |
258 chansess->x11listener = NULL; | 258 chansess->x11listener = NULL; |
259 chansess->x11authprot = NULL; | 259 chansess->x11authprot = NULL; |
260 chansess->x11authcookie = NULL; | 260 chansess->x11authcookie = NULL; |
261 #endif | 261 #endif |
262 | 262 |
263 #ifdef ENABLE_SVR_AGENTFWD | 263 #if DROPBEAR_SVR_AGENTFWD |
264 chansess->agentlistener = NULL; | 264 chansess->agentlistener = NULL; |
265 chansess->agentfile = NULL; | 265 chansess->agentfile = NULL; |
266 chansess->agentdir = NULL; | 266 chansess->agentdir = NULL; |
267 #endif | 267 #endif |
268 | 268 |
299 send_exitsignalstatus(channel); | 299 send_exitsignalstatus(channel); |
300 | 300 |
301 m_free(chansess->cmd); | 301 m_free(chansess->cmd); |
302 m_free(chansess->term); | 302 m_free(chansess->term); |
303 | 303 |
304 #ifdef ENABLE_SVR_PUBKEY_OPTIONS | 304 #if DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT |
305 m_free(chansess->original_command); | 305 m_free(chansess->original_command); |
306 #endif | 306 #endif |
307 | 307 |
308 if (chansess->tty) { | 308 if (chansess->tty) { |
309 /* write the utmp/wtmp login record */ | 309 /* write the utmp/wtmp login record */ |
313 | 313 |
314 pty_release(chansess->tty); | 314 pty_release(chansess->tty); |
315 m_free(chansess->tty); | 315 m_free(chansess->tty); |
316 } | 316 } |
317 | 317 |
318 #ifndef DISABLE_X11FWD | 318 #if DROPBEAR_X11FWD |
319 x11cleanup(chansess); | 319 x11cleanup(chansess); |
320 #endif | 320 #endif |
321 | 321 |
322 #ifdef ENABLE_SVR_AGENTFWD | 322 #if DROPBEAR_SVR_AGENTFWD |
323 svr_agentcleanup(chansess); | 323 svr_agentcleanup(chansess); |
324 #endif | 324 #endif |
325 | 325 |
326 /* clear child pid entries */ | 326 /* clear child pid entries */ |
327 for (i = 0; i < svr_ses.childpidsize; i++) { | 327 for (i = 0; i < svr_ses.childpidsize; i++) { |
371 ret = sessionpty(chansess); | 371 ret = sessionpty(chansess); |
372 } else if (strcmp(type, "exec") == 0) { | 372 } else if (strcmp(type, "exec") == 0) { |
373 ret = sessioncommand(channel, chansess, 1, 0); | 373 ret = sessioncommand(channel, chansess, 1, 0); |
374 } else if (strcmp(type, "subsystem") == 0) { | 374 } else if (strcmp(type, "subsystem") == 0) { |
375 ret = sessioncommand(channel, chansess, 1, 1); | 375 ret = sessioncommand(channel, chansess, 1, 1); |
376 #ifndef DISABLE_X11FWD | 376 #if DROPBEAR_X11FWD |
377 } else if (strcmp(type, "x11-req") == 0) { | 377 } else if (strcmp(type, "x11-req") == 0) { |
378 ret = x11req(chansess); | 378 ret = x11req(chansess); |
379 #endif | 379 #endif |
380 #ifdef ENABLE_SVR_AGENTFWD | 380 #if DROPBEAR_SVR_AGENTFWD |
381 } else if (strcmp(type, "[email protected]") == 0) { | 381 } else if (strcmp(type, "[email protected]") == 0) { |
382 ret = svr_agentreq(chansess); | 382 ret = svr_agentreq(chansess); |
383 #endif | 383 #endif |
384 } else if (strcmp(type, "signal") == 0) { | 384 } else if (strcmp(type, "signal") == 0) { |
385 ret = sessionsignal(chansess); | 385 ret = sessionsignal(chansess); |
601 | 601 |
602 TRACE(("leave sessionpty")) | 602 TRACE(("leave sessionpty")) |
603 return DROPBEAR_SUCCESS; | 603 return DROPBEAR_SUCCESS; |
604 } | 604 } |
605 | 605 |
606 #ifndef USE_VFORK | 606 #if !DROPBEAR_VFORK |
607 static void make_connection_string(struct ChanSess *chansess) { | 607 static void make_connection_string(struct ChanSess *chansess) { |
608 char *local_ip, *local_port, *remote_ip, *remote_port; | 608 char *local_ip, *local_port, *remote_ip, *remote_port; |
609 size_t len; | 609 size_t len; |
610 get_socket_address(ses.sock_in, &local_ip, &local_port, &remote_ip, &remote_port, 0); | 610 get_socket_address(ses.sock_in, &local_ip, &local_port, &remote_ip, &remote_port, 0); |
611 | 611 |
632 * noptycommand or ptycommand as appropriate. | 632 * noptycommand or ptycommand as appropriate. |
633 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ | 633 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ |
634 static int sessioncommand(struct Channel *channel, struct ChanSess *chansess, | 634 static int sessioncommand(struct Channel *channel, struct ChanSess *chansess, |
635 int iscmd, int issubsys) { | 635 int iscmd, int issubsys) { |
636 | 636 |
637 unsigned int cmdlen; | 637 unsigned int cmdlen = 0; |
638 int ret; | 638 int ret; |
639 | 639 |
640 TRACE(("enter sessioncommand")) | 640 TRACE(("enter sessioncommand")) |
641 | 641 |
642 if (chansess->cmd != NULL) { | 642 if (chansess->cmd != NULL) { |
669 return DROPBEAR_FAILURE; | 669 return DROPBEAR_FAILURE; |
670 } | 670 } |
671 } | 671 } |
672 } | 672 } |
673 | 673 |
674 /* take public key option 'command' into account */ | 674 |
675 svr_pubkey_set_forced_command(chansess); | 675 /* take global command into account */ |
676 if (svr_opts.forced_command) { | |
677 chansess->original_command = chansess->cmd ? : m_strdup(""); | |
678 chansess->cmd = m_strdup(svr_opts.forced_command); | |
679 } else { | |
680 /* take public key option 'command' into account */ | |
681 svr_pubkey_set_forced_command(chansess); | |
682 } | |
683 | |
676 | 684 |
677 #ifdef LOG_COMMANDS | 685 #ifdef LOG_COMMANDS |
678 if (chansess->cmd) { | 686 if (chansess->cmd) { |
679 dropbear_log(LOG_INFO, "User %s executing '%s'", | 687 dropbear_log(LOG_INFO, "User %s executing '%s'", |
680 ses.authstate.pw_name, chansess->cmd); | 688 ses.authstate.pw_name, chansess->cmd); |
684 } | 692 } |
685 #endif | 693 #endif |
686 | 694 |
687 /* uClinux will vfork(), so there'll be a race as | 695 /* uClinux will vfork(), so there'll be a race as |
688 connection_string is freed below. */ | 696 connection_string is freed below. */ |
689 #ifndef USE_VFORK | 697 #if !DROPBEAR_VFORK |
690 make_connection_string(chansess); | 698 make_connection_string(chansess); |
691 #endif | 699 #endif |
692 | 700 |
693 if (chansess->term == NULL) { | 701 if (chansess->term == NULL) { |
694 /* no pty */ | 702 /* no pty */ |
700 } else { | 708 } else { |
701 /* want pty */ | 709 /* want pty */ |
702 ret = ptycommand(channel, chansess); | 710 ret = ptycommand(channel, chansess); |
703 } | 711 } |
704 | 712 |
705 #ifndef USE_VFORK | 713 #if !DROPBEAR_VFORK |
706 m_free(chansess->connection_string); | 714 m_free(chansess->connection_string); |
707 m_free(chansess->client_string); | 715 m_free(chansess->client_string); |
708 #endif | 716 #endif |
709 | 717 |
710 if (ret == DROPBEAR_FAILURE) { | 718 if (ret == DROPBEAR_FAILURE) { |
774 if (chansess->master == -1 || chansess->tty == NULL) { | 782 if (chansess->master == -1 || chansess->tty == NULL) { |
775 dropbear_log(LOG_WARNING, "No pty was allocated, couldn't execute"); | 783 dropbear_log(LOG_WARNING, "No pty was allocated, couldn't execute"); |
776 return DROPBEAR_FAILURE; | 784 return DROPBEAR_FAILURE; |
777 } | 785 } |
778 | 786 |
779 #ifdef USE_VFORK | 787 #if DROPBEAR_VFORK |
780 pid = vfork(); | 788 pid = vfork(); |
781 #else | 789 #else |
782 pid = fork(); | 790 pid = fork(); |
783 #endif | 791 #endif |
784 if (pid < 0) | 792 if (pid < 0) |
894 struct ChanSess *chansess = user_data; | 902 struct ChanSess *chansess = user_data; |
895 char *usershell = NULL; | 903 char *usershell = NULL; |
896 | 904 |
897 /* with uClinux we'll have vfork()ed, so don't want to overwrite the | 905 /* with uClinux we'll have vfork()ed, so don't want to overwrite the |
898 * hostkey. can't think of a workaround to clear it */ | 906 * hostkey. can't think of a workaround to clear it */ |
899 #ifndef USE_VFORK | 907 #if !DROPBEAR_VFORK |
900 /* wipe the hostkey */ | 908 /* wipe the hostkey */ |
901 sign_key_free(svr_opts.hostkey); | 909 sign_key_free(svr_opts.hostkey); |
902 svr_opts.hostkey = NULL; | 910 svr_opts.hostkey = NULL; |
903 | 911 |
904 /* overwrite the prng state */ | 912 /* overwrite the prng state */ |
963 | 971 |
964 if (chansess->client_string) { | 972 if (chansess->client_string) { |
965 addnewvar("SSH_CLIENT", chansess->client_string); | 973 addnewvar("SSH_CLIENT", chansess->client_string); |
966 } | 974 } |
967 | 975 |
968 #ifdef ENABLE_SVR_PUBKEY_OPTIONS | 976 #if DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT |
969 if (chansess->original_command) { | 977 if (chansess->original_command) { |
970 addnewvar("SSH_ORIGINAL_COMMAND", chansess->original_command); | 978 addnewvar("SSH_ORIGINAL_COMMAND", chansess->original_command); |
971 } | 979 } |
972 #endif | 980 #endif |
973 | 981 |
974 /* change directory */ | 982 /* change directory */ |
975 if (chdir(ses.authstate.pw_dir) < 0) { | 983 if (chdir(ses.authstate.pw_dir) < 0) { |
976 dropbear_exit("Error changing directory"); | 984 dropbear_exit("Error changing directory"); |
977 } | 985 } |
978 | 986 |
979 #ifndef DISABLE_X11FWD | 987 #if DROPBEAR_X11FWD |
980 /* set up X11 forwarding if enabled */ | 988 /* set up X11 forwarding if enabled */ |
981 x11setauth(chansess); | 989 x11setauth(chansess); |
982 #endif | 990 #endif |
983 #ifdef ENABLE_SVR_AGENTFWD | 991 #if DROPBEAR_SVR_AGENTFWD |
984 /* set up agent env variable */ | 992 /* set up agent env variable */ |
985 svr_agentset(chansess); | 993 svr_agentset(chansess); |
986 #endif | 994 #endif |
987 | 995 |
988 usershell = m_strdup(get_user_shell()); | 996 usershell = m_strdup(get_user_shell()); |