Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / b31783d5470d42f77a08acfe6513a0b209ffec1c^! / . / session.c
commitb31783d5470d42f77a08acfe6513a0b209ffec1c[log] [tgz]
authorBen Lindstrom <mouring@eviladmin.org>Thu Mar 22 02:02:12 2001 +0000
committerBen Lindstrom <mouring@eviladmin.org>Thu Mar 22 02:02:12 2001 +0000
treeaa2c8c7e957564f22ecd0e16680d1de0ba9e06da
parentfc9b07de19f8ccd94e4543ddba58e0de3748804c [diff] [blame]
   - markus@cvs.openbsd.org 2001/03/21 11:43:45
     [auth1.c auth2.c session.c session.h]
     merge common ssh v1/2 code

diff --git a/session.c b/session.c
index 800f211..757ea90 100644
--- a/session.c
+++ b/session.c

@@ -33,7 +33,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.64 2001/03/20 19:35:29 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.65 2001/03/21 11:43:44 markus Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -129,6 +129,9 @@
 void	do_login(Session *s, const char *command);
 void	do_child(Session *s, const char *command);
 
+void	do_authenticated1(Authctxt *authctxt);
+void	do_authenticated2(Authctxt *authctxt);
+
 /* import */
 extern ServerOptions options;
 extern char *__progname;
@@ -157,6 +160,34 @@
 static login_cap_t *lc;
 #endif
 
+void
+do_authenticated(Authctxt *authctxt)
+{
+	/*
+	 * Cancel the alarm we set to limit the time taken for
+	 * authentication.
+	 */
+	alarm(0);
+	if (startup_pipe != -1) {
+		close(startup_pipe);
+		startup_pipe = -1;
+	}
+#if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD)
+	if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) {
+		error("unable to get login class");
+		return;
+	}
+#endif
+	/* setup the channel layer */
+	if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
+		channel_permit_all_opens();
+
+	if (compat20)
+		do_authenticated2(authctxt);
+	else
+		do_authenticated1(authctxt);
+}
+
 /*
  * Remove local Xauthority file.
  */
@@ -206,47 +237,23 @@
  * are requested, etc.
  */
 void
-do_authenticated(struct passwd * pw)
+do_authenticated1(Authctxt *authctxt)
 {
 	Session *s;
-	int type, fd;
-	int compression_level = 0, enable_compression_after_reply = 0;
-	int have_pty = 0;
 	char *command;
-	int n_bytes;
-	int plen;
+	int success, type, fd, n_bytes, plen, screen_flag, have_pty = 0;
+	int compression_level = 0, enable_compression_after_reply = 0;
 	u_int proto_len, data_len, dlen;
-	int screen_flag;
-
-	/*
-	 * Cancel the alarm we set to limit the time taken for
-	 * authentication.
-	 */
-	alarm(0);
-	if (startup_pipe != -1) {
-		close(startup_pipe);
-		startup_pipe = -1;
-	}
-
-	if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
-		channel_permit_all_opens();
 
 	s = session_new();
-	s->pw = pw;
-
-#if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD)
-	if ((lc = login_getclass(pw->pw_class)) == NULL) {
-		error("unable to get login class");
-		return;
-	}
-#endif
+	s->pw = authctxt->pw;
 
 	/*
 	 * We stay in this loop until the client requests to execute a shell
 	 * or a command.
 	 */
 	for (;;) {
-		int success = 0;
+		success = 0;
 
 		/* Get a packet from the client. */
 		type = packet_read(&plen);
@@ -283,7 +290,7 @@
 				break;
 			}
 			fatal_add_cleanup(pty_cleanup_proc, (void *)s);
-			pty_setowner(pw, s->tty);
+			pty_setowner(s->pw, s->tty);
 
 			/* Get TERM from the packet.  Note that the value may be of arbitrary length. */
 			s->term = packet_get_string(&dlen);
@@ -358,7 +365,7 @@
 			/* Setup to always have a local .Xauthority. */
 			xauthfile = xmalloc(MAXPATHLEN);
 			strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
-			temporarily_use_uid(pw->pw_uid);
+			temporarily_use_uid(s->pw->pw_uid);
 			if (mkdtemp(xauthfile) == NULL) {
 				restore_uid();
 				error("private X11 dir: mkdtemp %s failed: %s",
@@ -383,7 +390,7 @@
 				break;
 			}
 			debug("Received authentication agent forwarding request.");
-			success = auth_input_request_forwarding(pw);
+			success = auth_input_request_forwarding(s->pw);
 			break;
 
 		case SSH_CMSG_PORT_FORWARD_REQUEST:
@@ -396,7 +403,7 @@
 				break;
 			}
 			debug("Received TCP/IP port forwarding request.");
-			channel_input_port_forward_request(pw->pw_uid == 0, options.gateway_ports);
+			channel_input_port_forward_request(s->pw->pw_uid == 0, options.gateway_ports);
 			success = 1;
 			break;
 
@@ -597,7 +604,7 @@
 	ttyfd = s->ttyfd;
 
 #if defined(USE_PAM)
-	do_pam_session(pw->pw_name, s->tty);
+	do_pam_session(s->pw->pw_name, s->tty);
 	do_pam_setcred();
 #endif
 
@@ -2022,23 +2029,7 @@
 void
 do_authenticated2(Authctxt *authctxt)
 {
-	/*
-	 * Cancel the alarm we set to limit the time taken for
-	 * authentication.
-	 */
-	alarm(0);
-	if (startup_pipe != -1) {
-		close(startup_pipe);
-		startup_pipe = -1;
-	}
-	if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
-		channel_permit_all_opens();
-#if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD)
-	if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) {
-		error("unable to get login class");
-		return;
-	}
-#endif
+
 	server_loop2();
 	if (xauthfile)
 		xauthfile_cleanup_proc(NULL);