Mercurial > dropbear
diff svr-chansession.c @ 1840:5c13e765ddbd
Only redirect stderr after the session login. That lets errors
get recorded on the server parent side, rather than being sent
over a SSH connection.
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Mon, 18 Oct 2021 23:20:08 +0800 |
parents | 90ac15aeac43 |
children | cba37fe1ddc8 |
line wrap: on
line diff
--- a/svr-chansession.c Mon Oct 18 15:17:14 2021 +0800 +++ b/svr-chansession.c Mon Oct 18 23:20:08 2021 +0800 @@ -841,20 +841,28 @@ pty_make_controlling_tty(&chansess->slave, chansess->tty); if ((dup2(chansess->slave, STDIN_FILENO) < 0) || - (dup2(chansess->slave, STDERR_FILENO) < 0) || (dup2(chansess->slave, STDOUT_FILENO) < 0)) { TRACE(("leave ptycommand: error redirecting filedesc")) return DROPBEAR_FAILURE; } - close(chansess->slave); - /* write the utmp/wtmp login record - must be after changing the - * terminal used for stdout with the dup2 above */ + * terminal used for stdout with the dup2 above, otherwise + * the wtmp login will not be recorded */ li = chansess_login_alloc(chansess); login_login(li); + dropbear_log(LOG_WARNING, "bad thing happened"); login_free_entry(li); + /* Can now dup2 stderr. Messages from login_login() have gone + to the parent stderr */ + if (dup2(chansess->slave, STDERR_FILENO) < 0) { + TRACE(("leave ptycommand: error redirecting filedesc")) + return DROPBEAR_FAILURE; + } + + close(chansess->slave); + #if DO_MOTD if (svr_opts.domotd && !chansess->cmd) { /* don't show the motd if ~/.hushlogin exists */