blob: 4e2471f22671a676e63fb1788b759b75d07880de [file] [log] [blame]
Damien Millerb38eff82000-04-01 11:09:21 +10001/*
2 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
3 * All rights reserved
Damien Millere4340be2000-09-16 13:29:08 +11004 *
5 * As far as I am concerned, the code I have written for this software
6 * can be used freely for any purpose. Any derived versions of this
7 * software must be clearly marked as such, and if the derived work is
8 * incompatible with the protocol description in the RFC file, it must be
9 * called by a name other than "ssh" or "Secure Shell".
10 *
Damien Millerefb4afe2000-04-12 18:45:05 +100011 * SSH2 support by Markus Friedl.
12 * Copyright (c) 2000 Markus Friedl. All rights reserved.
Damien Millere4340be2000-09-16 13:29:08 +110013 *
14 * Redistribution and use in source and binary forms, with or without
15 * modification, are permitted provided that the following conditions
16 * are met:
17 * 1. Redistributions of source code must retain the above copyright
18 * notice, this list of conditions and the following disclaimer.
19 * 2. Redistributions in binary form must reproduce the above copyright
20 * notice, this list of conditions and the following disclaimer in the
21 * documentation and/or other materials provided with the distribution.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
24 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
25 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
26 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
27 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
28 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
29 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
30 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
31 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
32 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Damien Millerefb4afe2000-04-12 18:45:05 +100033 */
Damien Millerb38eff82000-04-01 11:09:21 +100034
35#include "includes.h"
Ben Lindstrom8dcdeb82001-02-16 16:02:14 +000036RCSID("$OpenBSD: session.c,v 1.56 2001/02/16 14:03:43 markus Exp $");
Damien Millerb38eff82000-04-01 11:09:21 +100037
Damien Millerb38eff82000-04-01 11:09:21 +100038#include "ssh.h"
Ben Lindstrom226cfa02001-01-22 05:34:40 +000039#include "ssh1.h"
40#include "ssh2.h"
41#include "xmalloc.h"
Damien Millerb38eff82000-04-01 11:09:21 +100042#include "pty.h"
43#include "packet.h"
44#include "buffer.h"
Damien Millerb38eff82000-04-01 11:09:21 +100045#include "mpaux.h"
Damien Millerb38eff82000-04-01 11:09:21 +100046#include "uidswap.h"
47#include "compat.h"
48#include "channels.h"
49#include "nchan.h"
Damien Millerefb4afe2000-04-12 18:45:05 +100050#include "bufaux.h"
Damien Millerefb4afe2000-04-12 18:45:05 +100051#include "auth.h"
Damien Millerf6d9e222000-06-18 14:50:44 +100052#include "auth-options.h"
Ben Lindstrom226cfa02001-01-22 05:34:40 +000053#include "pathnames.h"
54#include "log.h"
55#include "servconf.h"
56#include "login.h"
57#include "serverloop.h"
58#include "canohost.h"
Ben Lindstrom31ca54a2001-02-09 02:11:24 +000059#include "session.h"
Damien Millerefb4afe2000-04-12 18:45:05 +100060
Damien Miller91606b12000-06-28 08:22:29 +100061#ifdef WITH_IRIX_PROJECT
62#include <proj.h>
63#endif /* WITH_IRIX_PROJECT */
Ben Lindstrom980754c2000-11-12 00:04:24 +000064#ifdef WITH_IRIX_JOBS
65#include <sys/resource.h>
Kevin Stevesef4eea92001-02-05 12:42:17 +000066#endif
Ben Lindstrom49a79c02000-11-17 03:47:20 +000067#ifdef WITH_IRIX_AUDIT
68#include <sat.h>
69#endif /* WITH_IRIX_AUDIT */
Damien Miller91606b12000-06-28 08:22:29 +100070
Damien Miller37023962000-07-11 17:31:38 +100071#if defined(HAVE_USERSEC_H)
72#include <usersec.h>
73#endif
74
Damien Millerbac2d8a2000-09-05 16:13:06 +110075#ifdef HAVE_CYGWIN
76#include <windows.h>
77#include <sys/cygwin.h>
78#define is_winnt (GetVersion() < 0x80000000)
79#endif
80
Damien Millerd17b8d52000-08-09 14:42:28 +100081/* AIX limits */
82#if defined(HAVE_GETUSERATTR) && !defined(S_UFSIZE_HARD) && defined(S_UFSIZE)
Damien Miller0da2eaa2000-08-15 11:32:59 +100083# define S_UFSIZE_HARD S_UFSIZE "_hard"
84# define S_UCPU_HARD S_UCPU "_hard"
85# define S_UDATA_HARD S_UDATA "_hard"
86# define S_USTACK_HARD S_USTACK "_hard"
87# define S_URSS_HARD S_URSS "_hard"
88# define S_UCORE_HARD S_UCORE "_hard"
89# define S_UNOFILE_HARD S_UNOFILE "_hard"
Damien Millerd17b8d52000-08-09 14:42:28 +100090#endif
91
Damien Millerad833b32000-08-23 10:46:23 +100092#ifdef HAVE_LOGIN_CAP
93#include <login_cap.h>
94#endif
95
Damien Millerb38eff82000-04-01 11:09:21 +100096/* types */
97
98#define TTYSZ 64
99typedef struct Session Session;
100struct Session {
101 int used;
102 int self;
Damien Millerbd483e72000-04-30 10:00:53 +1000103 int extended;
Damien Millerb38eff82000-04-01 11:09:21 +1000104 struct passwd *pw;
105 pid_t pid;
106 /* tty */
107 char *term;
108 int ptyfd, ttyfd, ptymaster;
109 int row, col, xpixel, ypixel;
110 char tty[TTYSZ];
111 /* X11 */
112 char *display;
113 int screen;
114 char *auth_proto;
115 char *auth_data;
Damien Millerbd483e72000-04-30 10:00:53 +1000116 int single_connection;
Damien Millerb38eff82000-04-01 11:09:21 +1000117 /* proto 2 */
118 int chanid;
119};
120
121/* func */
122
123Session *session_new(void);
124void session_set_fds(Session *s, int fdin, int fdout, int fderr);
125void session_pty_cleanup(Session *s);
Damien Millere247cc42000-05-07 12:03:14 +1000126void session_proctitle(Session *s);
Damien Millerb38eff82000-04-01 11:09:21 +1000127void do_exec_pty(Session *s, const char *command, struct passwd * pw);
128void do_exec_no_pty(Session *s, const char *command, struct passwd * pw);
Damien Miller69b69aa2000-10-28 14:19:58 +1100129void do_login(Session *s, const char *command);
Damien Millerb38eff82000-04-01 11:09:21 +1000130
131void
132do_child(const char *command, struct passwd * pw, const char *term,
133 const char *display, const char *auth_proto,
134 const char *auth_data, const char *ttyname);
135
136/* import */
137extern ServerOptions options;
138extern char *__progname;
139extern int log_stderr;
140extern int debug_flag;
Ben Lindstrom46c16222000-12-22 01:43:59 +0000141extern u_int utmp_len;
Damien Millerb38eff82000-04-01 11:09:21 +1000142
Damien Miller37023962000-07-11 17:31:38 +1000143extern int startup_pipe;
144
Damien Millerb38eff82000-04-01 11:09:21 +1000145/* Local Xauthority file. */
146static char *xauthfile;
147
Damien Miller7b28dc52000-09-05 13:34:53 +1100148/* original command from peer. */
Kevin Stevesef4eea92001-02-05 12:42:17 +0000149char *original_command = NULL;
Damien Miller7b28dc52000-09-05 13:34:53 +1100150
Damien Millerb38eff82000-04-01 11:09:21 +1000151/* data */
152#define MAX_SESSIONS 10
153Session sessions[MAX_SESSIONS];
Damien Miller15e7d4b2000-09-29 10:57:35 +1100154
Damien Millerd2c208a2000-05-17 22:00:02 +1000155#ifdef WITH_AIXAUTHENTICATE
156/* AIX's lastlogin message, set in auth1.c */
157char *aixloginmsg;
158#endif /* WITH_AIXAUTHENTICATE */
Damien Millerb38eff82000-04-01 11:09:21 +1000159
Damien Millerad833b32000-08-23 10:46:23 +1000160#ifdef HAVE_LOGIN_CAP
161static login_cap_t *lc;
162#endif
163
Damien Millerb38eff82000-04-01 11:09:21 +1000164/*
165 * Remove local Xauthority file.
166 */
167void
168xauthfile_cleanup_proc(void *ignore)
169{
170 debug("xauthfile_cleanup_proc called");
171
172 if (xauthfile != NULL) {
173 char *p;
174 unlink(xauthfile);
175 p = strrchr(xauthfile, '/');
176 if (p != NULL) {
177 *p = '\0';
178 rmdir(xauthfile);
179 }
180 xfree(xauthfile);
181 xauthfile = NULL;
182 }
183}
184
185/*
186 * Function to perform cleanup if we get aborted abnormally (e.g., due to a
187 * dropped connection).
188 */
Damien Miller4af51302000-04-16 11:18:38 +1000189void
Damien Millerb38eff82000-04-01 11:09:21 +1000190pty_cleanup_proc(void *session)
191{
192 Session *s=session;
193 if (s == NULL)
194 fatal("pty_cleanup_proc: no session");
195 debug("pty_cleanup_proc: %s", s->tty);
196
197 if (s->pid != 0) {
198 /* Record that the user has logged out. */
199 record_logout(s->pid, s->tty);
200 }
201
202 /* Release the pseudo-tty. */
203 pty_release(s->tty);
204}
205
206/*
207 * Prepares for an interactive session. This is called after the user has
208 * been successfully authenticated. During this message exchange, pseudo
209 * terminals are allocated, X11, TCP/IP, and authentication agent forwardings
210 * are requested, etc.
211 */
Damien Miller4af51302000-04-16 11:18:38 +1000212void
Damien Millerb38eff82000-04-01 11:09:21 +1000213do_authenticated(struct passwd * pw)
214{
215 Session *s;
Damien Miller7b28dc52000-09-05 13:34:53 +1100216 int type, fd;
Damien Millerb38eff82000-04-01 11:09:21 +1000217 int compression_level = 0, enable_compression_after_reply = 0;
218 int have_pty = 0;
219 char *command;
220 int n_bytes;
221 int plen;
Ben Lindstrom46c16222000-12-22 01:43:59 +0000222 u_int proto_len, data_len, dlen;
Damien Millerb38eff82000-04-01 11:09:21 +1000223
224 /*
225 * Cancel the alarm we set to limit the time taken for
226 * authentication.
227 */
228 alarm(0);
Damien Miller182ee6e2000-07-12 09:45:27 +1000229 if (startup_pipe != -1) {
Damien Miller4d97ba22000-07-11 18:15:50 +1000230 close(startup_pipe);
Damien Miller182ee6e2000-07-12 09:45:27 +1000231 startup_pipe = -1;
232 }
Damien Millerb38eff82000-04-01 11:09:21 +1000233
234 /*
235 * Inform the channel mechanism that we are the server side and that
236 * the client may request to connect to any port at all. (The user
237 * could do it anyway, and we wouldn\'t know what is permitted except
238 * by the client telling us, so we can equally well trust the client
239 * not to request anything bogus.)
240 */
Damien Miller50a41ed2000-10-16 12:14:42 +1100241 if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
Damien Millerb38eff82000-04-01 11:09:21 +1000242 channel_permit_all_opens();
243
244 s = session_new();
Damien Millerbd483e72000-04-30 10:00:53 +1000245 s->pw = pw;
Damien Millerb38eff82000-04-01 11:09:21 +1000246
Kevin Steves48b7cc02000-10-07 13:24:00 +0000247#if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD)
Damien Millerad833b32000-08-23 10:46:23 +1000248 if ((lc = login_getclass(pw->pw_class)) == NULL) {
249 error("unable to get login class");
250 return;
251 }
252#endif
253
Damien Millerb38eff82000-04-01 11:09:21 +1000254 /*
255 * We stay in this loop until the client requests to execute a shell
256 * or a command.
257 */
258 for (;;) {
259 int success = 0;
260
261 /* Get a packet from the client. */
262 type = packet_read(&plen);
263
264 /* Process the packet. */
265 switch (type) {
266 case SSH_CMSG_REQUEST_COMPRESSION:
267 packet_integrity_check(plen, 4, type);
268 compression_level = packet_get_int();
269 if (compression_level < 1 || compression_level > 9) {
270 packet_send_debug("Received illegal compression level %d.",
271 compression_level);
272 break;
273 }
274 /* Enable compression after we have responded with SUCCESS. */
275 enable_compression_after_reply = 1;
276 success = 1;
277 break;
278
279 case SSH_CMSG_REQUEST_PTY:
280 if (no_pty_flag) {
281 debug("Allocating a pty not permitted for this authentication.");
282 break;
283 }
284 if (have_pty)
285 packet_disconnect("Protocol error: you already have a pty.");
286
287 debug("Allocating pty.");
288
289 /* Allocate a pty and open it. */
290 if (!pty_allocate(&s->ptyfd, &s->ttyfd, s->tty,
291 sizeof(s->tty))) {
292 error("Failed to allocate pty.");
293 break;
294 }
295 fatal_add_cleanup(pty_cleanup_proc, (void *)s);
296 pty_setowner(pw, s->tty);
297
298 /* Get TERM from the packet. Note that the value may be of arbitrary length. */
299 s->term = packet_get_string(&dlen);
300 packet_integrity_check(dlen, strlen(s->term), type);
301 /* packet_integrity_check(plen, 4 + dlen + 4*4 + n_bytes, type); */
302 /* Remaining bytes */
303 n_bytes = plen - (4 + dlen + 4 * 4);
304
305 if (strcmp(s->term, "") == 0) {
306 xfree(s->term);
307 s->term = NULL;
308 }
309 /* Get window size from the packet. */
310 s->row = packet_get_int();
311 s->col = packet_get_int();
312 s->xpixel = packet_get_int();
313 s->ypixel = packet_get_int();
314 pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);
315
316 /* Get tty modes from the packet. */
317 tty_parse_modes(s->ttyfd, &n_bytes);
318 packet_integrity_check(plen, 4 + dlen + 4 * 4 + n_bytes, type);
319
Damien Millere247cc42000-05-07 12:03:14 +1000320 session_proctitle(s);
321
Damien Millerb38eff82000-04-01 11:09:21 +1000322 /* Indicate that we now have a pty. */
323 success = 1;
324 have_pty = 1;
325 break;
326
327 case SSH_CMSG_X11_REQUEST_FORWARDING:
328 if (!options.x11_forwarding) {
329 packet_send_debug("X11 forwarding disabled in server configuration file.");
330 break;
331 }
Damien Miller0c043c12000-06-07 21:22:38 +1000332 if (!options.xauth_location) {
333 packet_send_debug("No xauth program; cannot forward with spoofing.");
334 break;
335 }
Damien Millerb38eff82000-04-01 11:09:21 +1000336 if (no_x11_forwarding_flag) {
337 packet_send_debug("X11 forwarding not permitted for this authentication.");
338 break;
339 }
340 debug("Received request for X11 forwarding with auth spoofing.");
341 if (s->display != NULL)
342 packet_disconnect("Protocol error: X11 display already set.");
343
344 s->auth_proto = packet_get_string(&proto_len);
345 s->auth_data = packet_get_string(&data_len);
Damien Millerb38eff82000-04-01 11:09:21 +1000346
Ben Lindstrom8dcdeb82001-02-16 16:02:14 +0000347 if (packet_get_protocol_flags() & SSH_PROTOFLAG_SCREEN_NUMBER) {
348 debug2("SSH_PROTOFLAG_SCREEN_NUMBER == true");
349 packet_integrity_check(plen,
350 4 + proto_len + 4 + data_len + 4, type);
Damien Millerb38eff82000-04-01 11:09:21 +1000351 s->screen = packet_get_int();
Ben Lindstrom8dcdeb82001-02-16 16:02:14 +0000352 } else {
353 debug2("SSH_PROTOFLAG_SCREEN_NUMBER == false");
354 packet_integrity_check(plen,
355 4 + proto_len + 4 + data_len, type);
Damien Millerb38eff82000-04-01 11:09:21 +1000356 s->screen = 0;
Ben Lindstrom8dcdeb82001-02-16 16:02:14 +0000357 }
Damien Millerb38eff82000-04-01 11:09:21 +1000358 s->display = x11_create_display_inet(s->screen, options.x11_display_offset);
359
360 if (s->display == NULL)
361 break;
362
363 /* Setup to always have a local .Xauthority. */
364 xauthfile = xmalloc(MAXPATHLEN);
365 strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
366 temporarily_use_uid(pw->pw_uid);
367 if (mkdtemp(xauthfile) == NULL) {
368 restore_uid();
369 error("private X11 dir: mkdtemp %s failed: %s",
370 xauthfile, strerror(errno));
371 xfree(xauthfile);
372 xauthfile = NULL;
Damien Millerbd483e72000-04-30 10:00:53 +1000373 /* XXXX remove listening channels */
Damien Millerb38eff82000-04-01 11:09:21 +1000374 break;
375 }
376 strlcat(xauthfile, "/cookies", MAXPATHLEN);
Damien Miller7b28dc52000-09-05 13:34:53 +1100377 fd = open(xauthfile, O_RDWR|O_CREAT|O_EXCL, 0600);
378 if (fd >= 0)
379 close(fd);
Damien Millerb38eff82000-04-01 11:09:21 +1000380 restore_uid();
381 fatal_add_cleanup(xauthfile_cleanup_proc, NULL);
382 success = 1;
383 break;
Damien Millerb38eff82000-04-01 11:09:21 +1000384
385 case SSH_CMSG_AGENT_REQUEST_FORWARDING:
386 if (no_agent_forwarding_flag || compat13) {
387 debug("Authentication agent forwarding not permitted for this authentication.");
388 break;
389 }
390 debug("Received authentication agent forwarding request.");
Damien Miller0c043c12000-06-07 21:22:38 +1000391 success = auth_input_request_forwarding(pw);
Damien Millerb38eff82000-04-01 11:09:21 +1000392 break;
393
394 case SSH_CMSG_PORT_FORWARD_REQUEST:
395 if (no_port_forwarding_flag) {
396 debug("Port forwarding not permitted for this authentication.");
397 break;
398 }
Damien Miller50a41ed2000-10-16 12:14:42 +1100399 if (!options.allow_tcp_forwarding) {
400 debug("Port forwarding not permitted.");
401 break;
402 }
Damien Millerb38eff82000-04-01 11:09:21 +1000403 debug("Received TCP/IP port forwarding request.");
Damien Millere247cc42000-05-07 12:03:14 +1000404 channel_input_port_forward_request(pw->pw_uid == 0, options.gateway_ports);
Damien Millerb38eff82000-04-01 11:09:21 +1000405 success = 1;
406 break;
407
408 case SSH_CMSG_MAX_PACKET_SIZE:
409 if (packet_set_maxsize(packet_get_int()) > 0)
410 success = 1;
411 break;
412
413 case SSH_CMSG_EXEC_SHELL:
414 case SSH_CMSG_EXEC_CMD:
Damien Millerb38eff82000-04-01 11:09:21 +1000415 if (type == SSH_CMSG_EXEC_CMD) {
416 command = packet_get_string(&dlen);
417 debug("Exec command '%.500s'", command);
418 packet_integrity_check(plen, 4 + dlen, type);
419 } else {
420 command = NULL;
421 packet_integrity_check(plen, 0, type);
422 }
423 if (forced_command != NULL) {
Damien Miller7b28dc52000-09-05 13:34:53 +1100424 original_command = command;
Damien Millerb38eff82000-04-01 11:09:21 +1000425 command = forced_command;
426 debug("Forced command '%.500s'", forced_command);
427 }
428 if (have_pty)
429 do_exec_pty(s, command, pw);
430 else
431 do_exec_no_pty(s, command, pw);
432
433 if (command != NULL)
434 xfree(command);
435 /* Cleanup user's local Xauthority file. */
436 if (xauthfile)
437 xauthfile_cleanup_proc(NULL);
438 return;
439
440 default:
441 /*
442 * Any unknown messages in this phase are ignored,
443 * and a failure message is returned.
444 */
445 log("Unknown packet type received after authentication: %d", type);
446 }
447 packet_start(success ? SSH_SMSG_SUCCESS : SSH_SMSG_FAILURE);
448 packet_send();
449 packet_write_wait();
450
451 /* Enable compression now that we have replied if appropriate. */
452 if (enable_compression_after_reply) {
453 enable_compression_after_reply = 0;
454 packet_start_compression(compression_level);
455 }
456 }
457}
458
459/*
460 * This is called to fork and execute a command when we have no tty. This
461 * will call do_child from the child, and server_loop from the parent after
462 * setting up file descriptors and such.
463 */
Damien Miller4af51302000-04-16 11:18:38 +1000464void
Damien Millerb38eff82000-04-01 11:09:21 +1000465do_exec_no_pty(Session *s, const char *command, struct passwd * pw)
466{
467 int pid;
468
469#ifdef USE_PIPES
470 int pin[2], pout[2], perr[2];
471 /* Allocate pipes for communicating with the program. */
472 if (pipe(pin) < 0 || pipe(pout) < 0 || pipe(perr) < 0)
473 packet_disconnect("Could not create pipes: %.100s",
474 strerror(errno));
475#else /* USE_PIPES */
476 int inout[2], err[2];
477 /* Uses socket pairs to communicate with the program. */
478 if (socketpair(AF_UNIX, SOCK_STREAM, 0, inout) < 0 ||
479 socketpair(AF_UNIX, SOCK_STREAM, 0, err) < 0)
480 packet_disconnect("Could not create socket pairs: %.100s",
481 strerror(errno));
482#endif /* USE_PIPES */
483 if (s == NULL)
484 fatal("do_exec_no_pty: no session");
485
Damien Millere247cc42000-05-07 12:03:14 +1000486 session_proctitle(s);
Damien Millerb38eff82000-04-01 11:09:21 +1000487
Damien Millerb38eff82000-04-01 11:09:21 +1000488 /* Fork the child. */
489 if ((pid = fork()) == 0) {
490 /* Child. Reinitialize the log since the pid has changed. */
491 log_init(__progname, options.log_level, options.log_facility, log_stderr);
492
Damien Miller152cea22000-12-13 19:21:51 +1100493 signal(SIGPIPE, SIG_DFL);
494
Damien Millerb38eff82000-04-01 11:09:21 +1000495 /*
496 * Create a new session and process group since the 4.4BSD
497 * setlogin() affects the entire process group.
498 */
499 if (setsid() < 0)
500 error("setsid failed: %.100s", strerror(errno));
501
502#ifdef USE_PIPES
503 /*
504 * Redirect stdin. We close the parent side of the socket
505 * pair, and make the child side the standard input.
506 */
507 close(pin[1]);
508 if (dup2(pin[0], 0) < 0)
509 perror("dup2 stdin");
510 close(pin[0]);
511
512 /* Redirect stdout. */
513 close(pout[0]);
514 if (dup2(pout[1], 1) < 0)
515 perror("dup2 stdout");
516 close(pout[1]);
517
518 /* Redirect stderr. */
519 close(perr[0]);
520 if (dup2(perr[1], 2) < 0)
521 perror("dup2 stderr");
522 close(perr[1]);
523#else /* USE_PIPES */
524 /*
525 * Redirect stdin, stdout, and stderr. Stdin and stdout will
526 * use the same socket, as some programs (particularly rdist)
527 * seem to depend on it.
528 */
529 close(inout[1]);
530 close(err[1]);
531 if (dup2(inout[0], 0) < 0) /* stdin */
532 perror("dup2 stdin");
533 if (dup2(inout[0], 1) < 0) /* stdout. Note: same socket as stdin. */
534 perror("dup2 stdout");
535 if (dup2(err[0], 2) < 0) /* stderr */
536 perror("dup2 stderr");
537#endif /* USE_PIPES */
538
539 /* Do processing for the child (exec command etc). */
540 do_child(command, pw, NULL, s->display, s->auth_proto, s->auth_data, NULL);
541 /* NOTREACHED */
542 }
Damien Millerbac2d8a2000-09-05 16:13:06 +1100543#ifdef HAVE_CYGWIN
544 if (is_winnt)
545 cygwin_set_impersonation_token(INVALID_HANDLE_VALUE);
546#endif
Damien Millerb38eff82000-04-01 11:09:21 +1000547 if (pid < 0)
548 packet_disconnect("fork failed: %.100s", strerror(errno));
549 s->pid = pid;
Ben Lindstrombf555ba2001-01-18 02:04:35 +0000550 /* Set interactive/non-interactive mode. */
551 packet_set_interactive(s->display != NULL);
Damien Millerb38eff82000-04-01 11:09:21 +1000552#ifdef USE_PIPES
553 /* We are the parent. Close the child sides of the pipes. */
554 close(pin[0]);
555 close(pout[1]);
556 close(perr[1]);
557
Damien Millerefb4afe2000-04-12 18:45:05 +1000558 if (compat20) {
Damien Millerbd483e72000-04-30 10:00:53 +1000559 session_set_fds(s, pin[1], pout[0], s->extended ? perr[0] : -1);
Damien Millerefb4afe2000-04-12 18:45:05 +1000560 } else {
561 /* Enter the interactive session. */
562 server_loop(pid, pin[1], pout[0], perr[0]);
563 /* server_loop has closed pin[1], pout[1], and perr[1]. */
564 }
Damien Millerb38eff82000-04-01 11:09:21 +1000565#else /* USE_PIPES */
566 /* We are the parent. Close the child sides of the socket pairs. */
567 close(inout[0]);
568 close(err[0]);
569
570 /*
571 * Enter the interactive session. Note: server_loop must be able to
572 * handle the case that fdin and fdout are the same.
573 */
Damien Millerefb4afe2000-04-12 18:45:05 +1000574 if (compat20) {
Damien Millerbd483e72000-04-30 10:00:53 +1000575 session_set_fds(s, inout[1], inout[1], s->extended ? err[1] : -1);
Damien Millerefb4afe2000-04-12 18:45:05 +1000576 } else {
577 server_loop(pid, inout[1], inout[1], err[1]);
578 /* server_loop has closed inout[1] and err[1]. */
579 }
Damien Millerb38eff82000-04-01 11:09:21 +1000580#endif /* USE_PIPES */
581}
582
583/*
584 * This is called to fork and execute a command when we have a tty. This
585 * will call do_child from the child, and server_loop from the parent after
586 * setting up file descriptors, controlling tty, updating wtmp, utmp,
587 * lastlog, and other such operations.
588 */
Damien Miller4af51302000-04-16 11:18:38 +1000589void
Damien Millerb38eff82000-04-01 11:09:21 +1000590do_exec_pty(Session *s, const char *command, struct passwd * pw)
591{
Damien Millerb38eff82000-04-01 11:09:21 +1000592 int fdout, ptyfd, ttyfd, ptymaster;
Damien Millerb38eff82000-04-01 11:09:21 +1000593 pid_t pid;
Damien Millerb38eff82000-04-01 11:09:21 +1000594
595 if (s == NULL)
596 fatal("do_exec_pty: no session");
597 ptyfd = s->ptyfd;
598 ttyfd = s->ttyfd;
599
Damien Millerb38eff82000-04-01 11:09:21 +1000600 /* Fork the child. */
601 if ((pid = fork()) == 0) {
Damien Miller942da032000-08-18 13:59:06 +1000602 /* Child. Reinitialize the log because the pid has changed. */
Damien Millerb38eff82000-04-01 11:09:21 +1000603 log_init(__progname, options.log_level, options.log_facility, log_stderr);
604
Damien Miller152cea22000-12-13 19:21:51 +1100605 signal(SIGPIPE, SIG_DFL);
606
Damien Millerb38eff82000-04-01 11:09:21 +1000607 /* Close the master side of the pseudo tty. */
608 close(ptyfd);
609
610 /* Make the pseudo tty our controlling tty. */
611 pty_make_controlling_tty(&ttyfd, s->tty);
612
613 /* Redirect stdin from the pseudo tty. */
614 if (dup2(ttyfd, fileno(stdin)) < 0)
615 error("dup2 stdin failed: %.100s", strerror(errno));
616
617 /* Redirect stdout to the pseudo tty. */
618 if (dup2(ttyfd, fileno(stdout)) < 0)
619 error("dup2 stdin failed: %.100s", strerror(errno));
620
621 /* Redirect stderr to the pseudo tty. */
622 if (dup2(ttyfd, fileno(stderr)) < 0)
623 error("dup2 stdin failed: %.100s", strerror(errno));
624
625 /* Close the extra descriptor for the pseudo tty. */
626 close(ttyfd);
627
Damien Miller942da032000-08-18 13:59:06 +1000628 /* record login, etc. similar to login(1) */
Damien Miller69b69aa2000-10-28 14:19:58 +1100629 if (!(options.use_login && command == NULL))
630 do_login(s, command);
Damien Millerb38eff82000-04-01 11:09:21 +1000631
Damien Millerb38eff82000-04-01 11:09:21 +1000632 /* Do common processing for the child, such as execing the command. */
Damien Millerb1715dc2000-05-30 13:44:51 +1000633 do_child(command, pw, s->term, s->display, s->auth_proto,
634 s->auth_data, s->tty);
Damien Millerb38eff82000-04-01 11:09:21 +1000635 /* NOTREACHED */
636 }
Damien Millerbac2d8a2000-09-05 16:13:06 +1100637#ifdef HAVE_CYGWIN
638 if (is_winnt)
639 cygwin_set_impersonation_token(INVALID_HANDLE_VALUE);
640#endif
Damien Millerb38eff82000-04-01 11:09:21 +1000641 if (pid < 0)
642 packet_disconnect("fork failed: %.100s", strerror(errno));
643 s->pid = pid;
644
645 /* Parent. Close the slave side of the pseudo tty. */
646 close(ttyfd);
647
648 /*
649 * Create another descriptor of the pty master side for use as the
650 * standard input. We could use the original descriptor, but this
651 * simplifies code in server_loop. The descriptor is bidirectional.
652 */
653 fdout = dup(ptyfd);
654 if (fdout < 0)
655 packet_disconnect("dup #1 failed: %.100s", strerror(errno));
656
657 /* we keep a reference to the pty master */
658 ptymaster = dup(ptyfd);
659 if (ptymaster < 0)
660 packet_disconnect("dup #2 failed: %.100s", strerror(errno));
661 s->ptymaster = ptymaster;
662
663 /* Enter interactive session. */
Ben Lindstrombf555ba2001-01-18 02:04:35 +0000664 packet_set_interactive(1);
Damien Millerefb4afe2000-04-12 18:45:05 +1000665 if (compat20) {
666 session_set_fds(s, ptyfd, fdout, -1);
667 } else {
668 server_loop(pid, ptyfd, fdout, -1);
669 /* server_loop _has_ closed ptyfd and fdout. */
670 session_pty_cleanup(s);
671 }
Damien Millerb38eff82000-04-01 11:09:21 +1000672}
673
Damien Miller942da032000-08-18 13:59:06 +1000674const char *
675get_remote_name_or_ip(void)
676{
677 static const char *remote = "";
678 if (utmp_len > 0)
Damien Miller33804262001-02-04 23:20:18 +1100679 remote = get_canonical_hostname(options.reverse_mapping_check);
Damien Miller942da032000-08-18 13:59:06 +1000680 if (utmp_len == 0 || strlen(remote) > utmp_len)
681 remote = get_remote_ipaddr();
682 return remote;
683}
684
685/* administrative, login(1)-like work */
686void
Damien Miller69b69aa2000-10-28 14:19:58 +1100687do_login(Session *s, const char *command)
Damien Miller942da032000-08-18 13:59:06 +1000688{
689 FILE *f;
690 char *time_string;
691 char buf[256];
Damien Miller7b28dc52000-09-05 13:34:53 +1100692 char hostname[MAXHOSTNAMELEN];
Damien Miller942da032000-08-18 13:59:06 +1000693 socklen_t fromlen;
694 struct sockaddr_storage from;
695 struct stat st;
696 time_t last_login_time;
697 struct passwd * pw = s->pw;
698 pid_t pid = getpid();
699
700 /*
701 * Get IP address of client. If the connection is not a socket, let
702 * the address be 0.0.0.0.
703 */
704 memset(&from, 0, sizeof(from));
705 if (packet_connection_is_on_socket()) {
706 fromlen = sizeof(from);
707 if (getpeername(packet_get_connection_in(),
708 (struct sockaddr *) & from, &fromlen) < 0) {
709 debug("getpeername: %.100s", strerror(errno));
710 fatal_cleanup();
711 }
712 }
713
Damien Miller7b28dc52000-09-05 13:34:53 +1100714 /* Get the time and hostname when the user last logged in. */
Damien Millere4340be2000-09-16 13:29:08 +1100715 hostname[0] = '\0';
716 last_login_time = get_last_login_time(pw->pw_uid, pw->pw_name,
717 hostname, sizeof(hostname));
718
Damien Miller942da032000-08-18 13:59:06 +1000719 /* Record that there was a login on that tty from the remote host. */
720 record_login(pid, s->tty, pw->pw_name, pw->pw_uid,
721 get_remote_name_or_ip(), (struct sockaddr *)&from);
722
Kevin Steves092f2ef2000-10-14 13:36:13 +0000723#ifdef USE_PAM
724 /*
725 * If password change is needed, do it now.
726 * This needs to occur before the ~/.hushlogin check.
727 */
Damien Miller646aa602001-02-15 11:51:32 +1100728 if (is_pam_password_change_required()) {
Kevin Steves092f2ef2000-10-14 13:36:13 +0000729 print_pam_messages();
730 do_pam_chauthtok();
731 }
732#endif
733
Damien Miller69b69aa2000-10-28 14:19:58 +1100734 /* Done if .hushlogin exists or a command given. */
735 if (command != NULL)
736 return;
Damien Miller942da032000-08-18 13:59:06 +1000737 snprintf(buf, sizeof(buf), "%.200s/.hushlogin", pw->pw_dir);
Damien Millerad833b32000-08-23 10:46:23 +1000738#ifdef HAVE_LOGIN_CAP
739 if (login_getcapbool(lc, "hushlogin", 0) || stat(buf, &st) >= 0)
740#else
Damien Miller942da032000-08-18 13:59:06 +1000741 if (stat(buf, &st) >= 0)
Damien Millerad833b32000-08-23 10:46:23 +1000742#endif
Damien Miller942da032000-08-18 13:59:06 +1000743 return;
744
745#ifdef USE_PAM
Damien Miller646aa602001-02-15 11:51:32 +1100746 if (!is_pam_password_change_required())
Kevin Steves092f2ef2000-10-14 13:36:13 +0000747 print_pam_messages();
Damien Miller942da032000-08-18 13:59:06 +1000748#endif /* USE_PAM */
749#ifdef WITH_AIXAUTHENTICATE
750 if (aixloginmsg && *aixloginmsg)
751 printf("%s\n", aixloginmsg);
752#endif /* WITH_AIXAUTHENTICATE */
753
Damien Miller942da032000-08-18 13:59:06 +1000754 if (last_login_time != 0) {
755 time_string = ctime(&last_login_time);
756 if (strchr(time_string, '\n'))
757 *strchr(time_string, '\n') = 0;
Kevin Stevesc368a3c2000-10-14 16:10:06 +0000758 if (strcmp(hostname, "") == 0)
Damien Miller942da032000-08-18 13:59:06 +1000759 printf("Last login: %s\r\n", time_string);
760 else
Damien Millere4340be2000-09-16 13:29:08 +1100761 printf("Last login: %s from %s\r\n", time_string, hostname);
Damien Miller942da032000-08-18 13:59:06 +1000762 }
763 if (options.print_motd) {
Damien Millerad833b32000-08-23 10:46:23 +1000764#ifdef HAVE_LOGIN_CAP
765 f = fopen(login_getcapstr(lc, "welcome", "/etc/motd",
766 "/etc/motd"), "r");
767#else
Damien Miller942da032000-08-18 13:59:06 +1000768 f = fopen("/etc/motd", "r");
Damien Millerad833b32000-08-23 10:46:23 +1000769#endif
Damien Miller942da032000-08-18 13:59:06 +1000770 if (f) {
771 while (fgets(buf, sizeof(buf), f))
772 fputs(buf, stdout);
773 fclose(f);
774 }
775 }
776}
777
Damien Millerb38eff82000-04-01 11:09:21 +1000778/*
779 * Sets the value of the given variable in the environment. If the variable
780 * already exists, its value is overriden.
781 */
Damien Miller4af51302000-04-16 11:18:38 +1000782void
Ben Lindstrom46c16222000-12-22 01:43:59 +0000783child_set_env(char ***envp, u_int *envsizep, const char *name,
Damien Millerb38eff82000-04-01 11:09:21 +1000784 const char *value)
785{
Ben Lindstrom46c16222000-12-22 01:43:59 +0000786 u_int i, namelen;
Damien Millerb38eff82000-04-01 11:09:21 +1000787 char **env;
788
789 /*
790 * Find the slot where the value should be stored. If the variable
791 * already exists, we reuse the slot; otherwise we append a new slot
792 * at the end of the array, expanding if necessary.
793 */
794 env = *envp;
795 namelen = strlen(name);
796 for (i = 0; env[i]; i++)
797 if (strncmp(env[i], name, namelen) == 0 && env[i][namelen] == '=')
798 break;
799 if (env[i]) {
800 /* Reuse the slot. */
801 xfree(env[i]);
802 } else {
803 /* New variable. Expand if necessary. */
804 if (i >= (*envsizep) - 1) {
805 (*envsizep) += 50;
806 env = (*envp) = xrealloc(env, (*envsizep) * sizeof(char *));
807 }
808 /* Need to set the NULL pointer at end of array beyond the new slot. */
809 env[i + 1] = NULL;
810 }
811
812 /* Allocate space and format the variable in the appropriate slot. */
813 env[i] = xmalloc(strlen(name) + 1 + strlen(value) + 1);
814 snprintf(env[i], strlen(name) + 1 + strlen(value) + 1, "%s=%s", name, value);
815}
816
817/*
818 * Reads environment variables from the given file and adds/overrides them
819 * into the environment. If the file does not exist, this does nothing.
820 * Otherwise, it must consist of empty lines, comments (line starts with '#')
821 * and assignments of the form name=value. No other forms are allowed.
822 */
Damien Miller4af51302000-04-16 11:18:38 +1000823void
Ben Lindstrom46c16222000-12-22 01:43:59 +0000824read_environment_file(char ***env, u_int *envsize,
Damien Millerb38eff82000-04-01 11:09:21 +1000825 const char *filename)
826{
827 FILE *f;
828 char buf[4096];
829 char *cp, *value;
830
831 f = fopen(filename, "r");
832 if (!f)
833 return;
834
835 while (fgets(buf, sizeof(buf), f)) {
836 for (cp = buf; *cp == ' ' || *cp == '\t'; cp++)
837 ;
838 if (!*cp || *cp == '#' || *cp == '\n')
839 continue;
840 if (strchr(cp, '\n'))
841 *strchr(cp, '\n') = '\0';
842 value = strchr(cp, '=');
843 if (value == NULL) {
844 fprintf(stderr, "Bad line in %.100s: %.200s\n", filename, buf);
845 continue;
846 }
Damien Millerb1715dc2000-05-30 13:44:51 +1000847 /*
848 * Replace the equals sign by nul, and advance value to
849 * the value string.
850 */
Damien Millerb38eff82000-04-01 11:09:21 +1000851 *value = '\0';
852 value++;
853 child_set_env(env, envsize, cp, value);
854 }
855 fclose(f);
856}
857
858#ifdef USE_PAM
859/*
860 * Sets any environment variables which have been specified by PAM
861 */
862void do_pam_environment(char ***env, int *envsize)
863{
864 char *equals, var_name[512], var_val[512];
865 char **pam_env;
866 int i;
867
868 if ((pam_env = fetch_pam_environment()) == NULL)
869 return;
Kevin Stevesef4eea92001-02-05 12:42:17 +0000870
Damien Millerb38eff82000-04-01 11:09:21 +1000871 for(i = 0; pam_env[i] != NULL; i++) {
872 if ((equals = strstr(pam_env[i], "=")) == NULL)
873 continue;
Kevin Stevesef4eea92001-02-05 12:42:17 +0000874
Damien Millerb38eff82000-04-01 11:09:21 +1000875 if (strlen(pam_env[i]) < (sizeof(var_name) - 1)) {
876 memset(var_name, '\0', sizeof(var_name));
877 memset(var_val, '\0', sizeof(var_val));
878
879 strncpy(var_name, pam_env[i], equals - pam_env[i]);
880 strcpy(var_val, equals + 1);
881
Damien Millercb5e44a2000-09-29 12:12:36 +1100882 debug3("PAM environment: %s=%s", var_name, var_val);
Damien Millerb38eff82000-04-01 11:09:21 +1000883
884 child_set_env(env, envsize, var_name, var_val);
885 }
886 }
887}
888#endif /* USE_PAM */
889
Damien Millercb5e44a2000-09-29 12:12:36 +1100890#ifdef HAVE_CYGWIN
891void copy_environment(char ***env, int *envsize)
892{
893 char *equals, var_name[512], var_val[512];
894 int i;
895
896 for(i = 0; environ[i] != NULL; i++) {
897 if ((equals = strstr(environ[i], "=")) == NULL)
898 continue;
Kevin Stevesef4eea92001-02-05 12:42:17 +0000899
Damien Millercb5e44a2000-09-29 12:12:36 +1100900 if (strlen(environ[i]) < (sizeof(var_name) - 1)) {
901 memset(var_name, '\0', sizeof(var_name));
902 memset(var_val, '\0', sizeof(var_val));
903
904 strncpy(var_name, environ[i], equals - environ[i]);
905 strcpy(var_val, equals + 1);
906
907 debug3("Copy environment: %s=%s", var_name, var_val);
908
909 child_set_env(env, envsize, var_name, var_val);
910 }
911 }
912}
913#endif
914
Damien Miller5fc85652000-07-09 23:53:07 +1000915#if defined(HAVE_GETUSERATTR)
916/*
917 * AIX-specific login initialisation
918 */
919void set_limit(char *user, char *soft, char *hard, int resource, int mult)
920{
921 struct rlimit rlim;
Damien Miller65964d62000-07-11 09:16:22 +1000922 int slim, hlim;
Damien Miller5fc85652000-07-09 23:53:07 +1000923
924 getrlimit(resource, &rlim);
925
Damien Miller65964d62000-07-11 09:16:22 +1000926 slim = 0;
927 if (getuserattr(user, soft, &slim, SEC_INT) != -1) {
928 if (slim < 0) {
929 rlim.rlim_cur = RLIM_INFINITY;
930 } else if (slim != 0) {
931 /* See the wackiness below */
932 if (rlim.rlim_cur == slim * mult)
933 slim = 0;
934 else
935 rlim.rlim_cur = slim * mult;
936 }
937 }
Damien Miller5fc85652000-07-09 23:53:07 +1000938
Damien Miller65964d62000-07-11 09:16:22 +1000939 hlim = 0;
940 if (getuserattr(user, hard, &hlim, SEC_INT) != -1) {
941 if (hlim < 0) {
942 rlim.rlim_max = RLIM_INFINITY;
943 } else if (hlim != 0) {
944 rlim.rlim_max = hlim * mult;
945 }
946 }
Damien Miller5fc85652000-07-09 23:53:07 +1000947
Damien Miller65964d62000-07-11 09:16:22 +1000948 /*
949 * XXX For cpu and fsize the soft limit is set to the hard limit
950 * if the hard limit is left at its default value and the soft limit
951 * is changed from its default value, either by requesting it
952 * (slim == 0) or by setting it to the current default. At least
953 * that's how rlogind does it. If you're confused you're not alone.
954 * Bug or feature? AIX 4.3.1.2
955 */
956 if ((!strcmp(soft, "fsize") || !strcmp(soft, "cpu"))
957 && hlim == 0 && slim != 0)
958 rlim.rlim_max = rlim.rlim_cur;
959 /* A specified hard limit limits the soft limit */
960 else if (hlim > 0 && rlim.rlim_cur > rlim.rlim_max)
961 rlim.rlim_cur = rlim.rlim_max;
962 /* A soft limit can increase a hard limit */
963 else if (rlim.rlim_cur > rlim.rlim_max)
Damien Miller5fc85652000-07-09 23:53:07 +1000964 rlim.rlim_max = rlim.rlim_cur;
965
966 if (setrlimit(resource, &rlim) != 0)
Damien Miller65964d62000-07-11 09:16:22 +1000967 error("setrlimit(%.10s) failed: %.100s", soft, strerror(errno));
Damien Miller5fc85652000-07-09 23:53:07 +1000968}
969
970void set_limits_from_userattr(char *user)
971{
972 int mask;
973 char buf[16];
974
975 set_limit(user, S_UFSIZE, S_UFSIZE_HARD, RLIMIT_FSIZE, 512);
976 set_limit(user, S_UCPU, S_UCPU_HARD, RLIMIT_CPU, 1);
977 set_limit(user, S_UDATA, S_UDATA_HARD, RLIMIT_DATA, 512);
978 set_limit(user, S_USTACK, S_USTACK_HARD, RLIMIT_STACK, 512);
979 set_limit(user, S_URSS, S_URSS_HARD, RLIMIT_RSS, 512);
980 set_limit(user, S_UCORE, S_UCORE_HARD, RLIMIT_CORE, 512);
981#if defined(S_UNOFILE)
982 set_limit(user, S_UNOFILE, S_UNOFILE_HARD, RLIMIT_NOFILE, 1);
983#endif
984
985 if (getuserattr(user, S_UMASK, &mask, SEC_INT) != -1) {
986 /* Convert decimal to octal */
987 (void) snprintf(buf, sizeof(buf), "%d", mask);
988 if (sscanf(buf, "%o", &mask) == 1)
989 umask(mask);
990 }
991}
992#endif /* defined(HAVE_GETUSERATTR) */
993
Damien Millerb38eff82000-04-01 11:09:21 +1000994/*
995 * Performs common processing for the child, such as setting up the
996 * environment, closing extra file descriptors, setting the user and group
997 * ids, and executing the command or shell.
998 */
Damien Miller4af51302000-04-16 11:18:38 +1000999void
Damien Millerb38eff82000-04-01 11:09:21 +10001000do_child(const char *command, struct passwd * pw, const char *term,
1001 const char *display, const char *auth_proto,
1002 const char *auth_data, const char *ttyname)
1003{
Damien Miller7b28dc52000-09-05 13:34:53 +11001004 const char *shell, *hostname = NULL, *cp = NULL;
Damien Millerb38eff82000-04-01 11:09:21 +10001005 char buf[256];
Damien Miller0c043c12000-06-07 21:22:38 +10001006 char cmd[1024];
Damien Millerad833b32000-08-23 10:46:23 +10001007 FILE *f = NULL;
Ben Lindstrom46c16222000-12-22 01:43:59 +00001008 u_int envsize, i;
Damien Millerb38eff82000-04-01 11:09:21 +10001009 char **env;
1010 extern char **environ;
1011 struct stat st;
1012 char *argv[10];
Damien Miller91606b12000-06-28 08:22:29 +10001013#ifdef WITH_IRIX_PROJECT
1014 prid_t projid;
1015#endif /* WITH_IRIX_PROJECT */
Ben Lindstrom980754c2000-11-12 00:04:24 +00001016#ifdef WITH_IRIX_JOBS
1017 jid_t jid = 0;
1018#else
1019#ifdef WITH_IRIX_ARRAY
1020 int jid = 0;
1021#endif /* WITH_IRIX_ARRAY */
1022#endif /* WITH_IRIX_JOBS */
1023
Damien Millere8b5b042001-02-15 11:32:15 +11001024#ifdef USE_PAM
1025 do_pam_session(pw->pw_name, ttyname);
1026 do_pam_setcred();
1027#endif /* USE_PAM */
Damien Millerb38eff82000-04-01 11:09:21 +10001028
Damien Millerd3a18572000-06-07 19:55:44 +10001029 /* login(1) is only called if we execute the login shell */
1030 if (options.use_login && command != NULL)
1031 options.use_login = 0;
1032
Damien Millerb38eff82000-04-01 11:09:21 +10001033#ifndef USE_PAM /* pam_nologin handles this */
Damien Millerad833b32000-08-23 10:46:23 +10001034 if (!options.use_login) {
1035# ifdef HAVE_LOGIN_CAP
1036 if (!login_getcapbool(lc, "ignorenologin", 0) && pw->pw_uid)
1037 f = fopen(login_getcapstr(lc, "nologin", _PATH_NOLOGIN,
1038 _PATH_NOLOGIN), "r");
1039# else /* HAVE_LOGIN_CAP */
1040 if (pw->pw_uid)
1041 f = fopen(_PATH_NOLOGIN, "r");
1042# endif /* HAVE_LOGIN_CAP */
1043 if (f) {
1044 /* /etc/nologin exists. Print its contents and exit. */
1045 while (fgets(buf, sizeof(buf), f))
1046 fputs(buf, stderr);
1047 fclose(f);
Damien Millerb38eff82000-04-01 11:09:21 +10001048 exit(254);
Damien Millerad833b32000-08-23 10:46:23 +10001049 }
Damien Millerb38eff82000-04-01 11:09:21 +10001050 }
1051#endif /* USE_PAM */
1052
Damien Millerad833b32000-08-23 10:46:23 +10001053 /* Set login name, uid, gid, and groups. */
Damien Millerb38eff82000-04-01 11:09:21 +10001054 /* Login(1) does this as well, and it needs uid 0 for the "-h"
1055 switch, so we let login(1) to this for us. */
1056 if (!options.use_login) {
Damien Millerb8c656e2000-06-28 15:22:41 +10001057#ifdef HAVE_OSF_SIA
Damien Miller92ddb7d2001-02-14 01:25:23 +11001058 session_setup_sia(pw->pw_name, ttyname);
Kevin Steves7fafa5c2001-02-13 18:45:00 +00001059#else /* HAVE_OSF_SIA */
Damien Millerbac2d8a2000-09-05 16:13:06 +11001060#ifdef HAVE_CYGWIN
1061 if (is_winnt) {
1062#else
Damien Millerb38eff82000-04-01 11:09:21 +10001063 if (getuid() == 0 || geteuid() == 0) {
Damien Millerbac2d8a2000-09-05 16:13:06 +11001064#endif
Damien Millerad833b32000-08-23 10:46:23 +10001065# ifdef HAVE_GETUSERATTR
Damien Miller5fc85652000-07-09 23:53:07 +10001066 set_limits_from_userattr(pw->pw_name);
Damien Millerad833b32000-08-23 10:46:23 +10001067# endif /* HAVE_GETUSERATTR */
1068# ifdef HAVE_LOGIN_CAP
1069 if (setusercontext(lc, pw, pw->pw_uid,
1070 (LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) {
1071 perror("unable to set user context");
1072 exit(1);
1073 }
1074# else /* HAVE_LOGIN_CAP */
1075 if (setlogin(pw->pw_name) < 0)
1076 error("setlogin failed: %s", strerror(errno));
Damien Millerb38eff82000-04-01 11:09:21 +10001077 if (setgid(pw->pw_gid) < 0) {
1078 perror("setgid");
1079 exit(1);
1080 }
1081 /* Initialize the group list. */
1082 if (initgroups(pw->pw_name, pw->pw_gid) < 0) {
1083 perror("initgroups");
1084 exit(1);
1085 }
1086 endgrent();
Ben Lindstrom980754c2000-11-12 00:04:24 +00001087# ifdef WITH_IRIX_JOBS
1088 jid = jlimit_startjob(pw->pw_name, pw->pw_uid, "interactive");
1089 if (jid == -1) {
1090 fatal("Failed to create job container: %.100s",
1091 strerror(errno));
Kevin Stevesef4eea92001-02-05 12:42:17 +00001092 }
Ben Lindstrom980754c2000-11-12 00:04:24 +00001093# endif /* WITH_IRIX_JOBS */
Damien Millerad833b32000-08-23 10:46:23 +10001094# ifdef WITH_IRIX_ARRAY
Damien Miller91606b12000-06-28 08:22:29 +10001095 /* initialize array session */
Ben Lindstrom980754c2000-11-12 00:04:24 +00001096 if (jid == 0) {
1097 if (newarraysess() != 0)
1098 fatal("Failed to set up new array session: %.100s",
1099 strerror(errno));
1100 }
Damien Millerad833b32000-08-23 10:46:23 +10001101# endif /* WITH_IRIX_ARRAY */
1102# ifdef WITH_IRIX_PROJECT
Damien Miller91606b12000-06-28 08:22:29 +10001103 /* initialize irix project info */
1104 if ((projid = getdfltprojuser(pw->pw_name)) == -1) {
1105 debug("Failed to get project id, using projid 0");
1106 projid = 0;
1107 }
Damien Miller91606b12000-06-28 08:22:29 +10001108 if (setprid(projid))
1109 fatal("Failed to initialize project %d for %s: %.100s",
1110 (int)projid, pw->pw_name, strerror(errno));
Damien Millerad833b32000-08-23 10:46:23 +10001111# endif /* WITH_IRIX_PROJECT */
Ben Lindstrom49a79c02000-11-17 03:47:20 +00001112#ifdef WITH_IRIX_AUDIT
1113 if (sysconf(_SC_AUDIT)) {
1114 debug("Setting sat id to %d", (int) pw->pw_uid);
1115 if (satsetid(pw->pw_uid))
1116 debug("error setting satid: %.100s", strerror(errno));
1117 }
1118#endif /* WITH_IRIX_AUDIT */
1119
Damien Millerb38eff82000-04-01 11:09:21 +10001120 /* Permanently switch to the desired uid. */
1121 permanently_set_uid(pw->pw_uid);
Damien Millerad833b32000-08-23 10:46:23 +10001122# endif /* HAVE_LOGIN_CAP */
Damien Millerb38eff82000-04-01 11:09:21 +10001123 }
Damien Millerad833b32000-08-23 10:46:23 +10001124#endif /* HAVE_OSF_SIA */
1125
Damien Miller217f5672001-02-16 12:12:41 +11001126#if defined(HAVE_GETLUID) && defined(HAVE_SETLUID)
1127 /* Sets login uid for accounting */
1128 if (getluid() == -1 && setluid(pw->pw_uid) == -1)
1129 error("setluid: %s", strerror(errno));
1130#endif /* defined(HAVE_GETLUID) && defined(HAVE_SETLUID) */
1131
Damien Millerbac2d8a2000-09-05 16:13:06 +11001132#ifdef HAVE_CYGWIN
1133 if (is_winnt)
1134#endif
Damien Millerb38eff82000-04-01 11:09:21 +10001135 if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid)
Damien Millercaf6dd62000-08-29 11:33:50 +11001136 fatal("Failed to set uids to %u.", (u_int) pw->pw_uid);
Damien Millerb38eff82000-04-01 11:09:21 +10001137 }
1138 /*
1139 * Get the shell from the password data. An empty shell field is
1140 * legal, and means /bin/sh.
1141 */
1142 shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell;
Damien Millerad833b32000-08-23 10:46:23 +10001143#ifdef HAVE_LOGIN_CAP
1144 shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell);
1145#endif
Damien Millerb38eff82000-04-01 11:09:21 +10001146
1147#ifdef AFS
1148 /* Try to get AFS tokens for the local cell. */
1149 if (k_hasafs()) {
1150 char cell[64];
1151
1152 if (k_afs_cell_of_file(pw->pw_dir, cell, sizeof(cell)) == 0)
1153 krb_afslog(cell, 0);
1154
1155 krb_afslog(0, 0);
1156 }
1157#endif /* AFS */
1158
1159 /* Initialize the environment. */
1160 envsize = 100;
1161 env = xmalloc(envsize * sizeof(char *));
1162 env[0] = NULL;
1163
Damien Millerbac2d8a2000-09-05 16:13:06 +11001164#ifdef HAVE_CYGWIN
1165 /*
1166 * The Windows environment contains some setting which are
1167 * important for a running system. They must not be dropped.
1168 */
Damien Millercb5e44a2000-09-29 12:12:36 +11001169 copy_environment(&env, &envsize);
Damien Millerbac2d8a2000-09-05 16:13:06 +11001170#endif
1171
Damien Millerb38eff82000-04-01 11:09:21 +10001172 if (!options.use_login) {
1173 /* Set basic environment. */
1174 child_set_env(&env, &envsize, "USER", pw->pw_name);
1175 child_set_env(&env, &envsize, "LOGNAME", pw->pw_name);
1176 child_set_env(&env, &envsize, "HOME", pw->pw_dir);
Damien Millerad833b32000-08-23 10:46:23 +10001177#ifdef HAVE_LOGIN_CAP
1178 (void) setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH);
1179 child_set_env(&env, &envsize, "PATH", getenv("PATH"));
Damien Millercb5e44a2000-09-29 12:12:36 +11001180#else /* HAVE_LOGIN_CAP */
1181# ifndef HAVE_CYGWIN
Damien Millerbac2d8a2000-09-05 16:13:06 +11001182 /*
1183 * There's no standard path on Windows. The path contains
1184 * important components pointing to the system directories,
1185 * needed for loading shared libraries. So the path better
1186 * remains intact here.
1187 */
Damien Millerb38eff82000-04-01 11:09:21 +10001188 child_set_env(&env, &envsize, "PATH", _PATH_STDPATH);
Damien Millercb5e44a2000-09-29 12:12:36 +11001189# endif /* HAVE_CYGWIN */
1190#endif /* HAVE_LOGIN_CAP */
Damien Millerb38eff82000-04-01 11:09:21 +10001191
1192 snprintf(buf, sizeof buf, "%.200s/%.50s",
1193 _PATH_MAILDIR, pw->pw_name);
1194 child_set_env(&env, &envsize, "MAIL", buf);
1195
1196 /* Normal systems set SHELL by default. */
1197 child_set_env(&env, &envsize, "SHELL", shell);
1198 }
1199 if (getenv("TZ"))
1200 child_set_env(&env, &envsize, "TZ", getenv("TZ"));
1201
1202 /* Set custom environment options from RSA authentication. */
1203 while (custom_environment) {
1204 struct envstring *ce = custom_environment;
1205 char *s = ce->s;
1206 int i;
1207 for (i = 0; s[i] != '=' && s[i]; i++);
1208 if (s[i] == '=') {
1209 s[i] = 0;
1210 child_set_env(&env, &envsize, s, s + i + 1);
1211 }
1212 custom_environment = ce->next;
1213 xfree(ce->s);
1214 xfree(ce);
1215 }
1216
1217 snprintf(buf, sizeof buf, "%.50s %d %d",
1218 get_remote_ipaddr(), get_remote_port(), get_local_port());
1219 child_set_env(&env, &envsize, "SSH_CLIENT", buf);
1220
1221 if (ttyname)
1222 child_set_env(&env, &envsize, "SSH_TTY", ttyname);
1223 if (term)
1224 child_set_env(&env, &envsize, "TERM", term);
1225 if (display)
1226 child_set_env(&env, &envsize, "DISPLAY", display);
Damien Miller7b28dc52000-09-05 13:34:53 +11001227 if (original_command)
1228 child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND",
1229 original_command);
Damien Millerb38eff82000-04-01 11:09:21 +10001230
1231#ifdef _AIX
Damien Millercb5e44a2000-09-29 12:12:36 +11001232 if ((cp = getenv("AUTHSTATE")) != NULL)
1233 child_set_env(&env, &envsize, "AUTHSTATE", cp);
1234 if ((cp = getenv("KRB5CCNAME")) != NULL)
1235 child_set_env(&env, &envsize, "KRB5CCNAME", cp);
1236 read_environment_file(&env, &envsize, "/etc/environment");
Damien Millerb38eff82000-04-01 11:09:21 +10001237#endif
1238
1239#ifdef KRB4
1240 {
1241 extern char *ticket;
1242
1243 if (ticket)
1244 child_set_env(&env, &envsize, "KRBTKFILE", ticket);
1245 }
1246#endif /* KRB4 */
1247
1248#ifdef USE_PAM
1249 /* Pull in any environment variables that may have been set by PAM. */
1250 do_pam_environment(&env, &envsize);
1251#endif /* USE_PAM */
1252
Damien Millerb38eff82000-04-01 11:09:21 +10001253 if (xauthfile)
1254 child_set_env(&env, &envsize, "XAUTHORITY", xauthfile);
1255 if (auth_get_socket_name() != NULL)
1256 child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
1257 auth_get_socket_name());
1258
1259 /* read $HOME/.ssh/environment. */
1260 if (!options.use_login) {
Damien Millerb1715dc2000-05-30 13:44:51 +10001261 snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
1262 pw->pw_dir);
Damien Millerb38eff82000-04-01 11:09:21 +10001263 read_environment_file(&env, &envsize, buf);
1264 }
1265 if (debug_flag) {
1266 /* dump the environment */
1267 fprintf(stderr, "Environment:\n");
1268 for (i = 0; env[i]; i++)
1269 fprintf(stderr, " %.200s\n", env[i]);
1270 }
Damien Millerad833b32000-08-23 10:46:23 +10001271 /* we have to stash the hostname before we close our socket. */
1272 if (options.use_login)
1273 hostname = get_remote_name_or_ip();
Damien Millerb38eff82000-04-01 11:09:21 +10001274 /*
1275 * Close the connection descriptors; note that this is the child, and
1276 * the server will still have the socket open, and it is important
1277 * that we do not shutdown it. Note that the descriptors cannot be
1278 * closed before building the environment, as we call
1279 * get_remote_ipaddr there.
1280 */
1281 if (packet_get_connection_in() == packet_get_connection_out())
1282 close(packet_get_connection_in());
1283 else {
1284 close(packet_get_connection_in());
1285 close(packet_get_connection_out());
1286 }
1287 /*
1288 * Close all descriptors related to channels. They will still remain
1289 * open in the parent.
1290 */
1291 /* XXX better use close-on-exec? -markus */
1292 channel_close_all();
1293
1294 /*
1295 * Close any extra file descriptors. Note that there may still be
1296 * descriptors left by system functions. They will be closed later.
1297 */
1298 endpwent();
1299
1300 /*
1301 * Close any extra open file descriptors so that we don\'t have them
1302 * hanging around in clients. Note that we want to do this after
1303 * initgroups, because at least on Solaris 2.3 it leaves file
1304 * descriptors open.
1305 */
1306 for (i = 3; i < 64; i++)
1307 close(i);
1308
1309 /* Change current directory to the user\'s home directory. */
Damien Millerad833b32000-08-23 10:46:23 +10001310 if (chdir(pw->pw_dir) < 0) {
Damien Millerb38eff82000-04-01 11:09:21 +10001311 fprintf(stderr, "Could not chdir to home directory %s: %s\n",
1312 pw->pw_dir, strerror(errno));
Damien Millerad833b32000-08-23 10:46:23 +10001313#ifdef HAVE_LOGIN_CAP
1314 if (login_getcapbool(lc, "requirehome", 0))
1315 exit(1);
1316#endif
1317 }
Damien Millerb38eff82000-04-01 11:09:21 +10001318
1319 /*
1320 * Must take new environment into use so that .ssh/rc, /etc/sshrc and
1321 * xauth are run in the proper environment.
1322 */
1323 environ = env;
1324
1325 /*
1326 * Run $HOME/.ssh/rc, /etc/sshrc, or xauth (whichever is found first
1327 * in this order).
1328 */
1329 if (!options.use_login) {
Ben Lindstrom226cfa02001-01-22 05:34:40 +00001330 if (stat(_PATH_SSH_USER_RC, &st) >= 0) {
Damien Millerb38eff82000-04-01 11:09:21 +10001331 if (debug_flag)
Ben Lindstrom226cfa02001-01-22 05:34:40 +00001332 fprintf(stderr, "Running %s %s\n", _PATH_BSHELL, _PATH_SSH_USER_RC);
Damien Millerb38eff82000-04-01 11:09:21 +10001333
Ben Lindstrom226cfa02001-01-22 05:34:40 +00001334 f = popen(_PATH_BSHELL " " _PATH_SSH_USER_RC, "w");
Damien Millerb38eff82000-04-01 11:09:21 +10001335 if (f) {
1336 if (auth_proto != NULL && auth_data != NULL)
1337 fprintf(f, "%s %s\n", auth_proto, auth_data);
1338 pclose(f);
1339 } else
Ben Lindstrom226cfa02001-01-22 05:34:40 +00001340 fprintf(stderr, "Could not run %s\n", _PATH_SSH_USER_RC);
1341 } else if (stat(_PATH_SSH_SYSTEM_RC, &st) >= 0) {
Damien Millerb38eff82000-04-01 11:09:21 +10001342 if (debug_flag)
Ben Lindstrom226cfa02001-01-22 05:34:40 +00001343 fprintf(stderr, "Running %s %s\n", _PATH_BSHELL, _PATH_SSH_SYSTEM_RC);
Damien Millerb38eff82000-04-01 11:09:21 +10001344
Ben Lindstrom226cfa02001-01-22 05:34:40 +00001345 f = popen(_PATH_BSHELL " " _PATH_SSH_SYSTEM_RC, "w");
Damien Millerb38eff82000-04-01 11:09:21 +10001346 if (f) {
1347 if (auth_proto != NULL && auth_data != NULL)
1348 fprintf(f, "%s %s\n", auth_proto, auth_data);
1349 pclose(f);
1350 } else
Ben Lindstrom226cfa02001-01-22 05:34:40 +00001351 fprintf(stderr, "Could not run %s\n", _PATH_SSH_SYSTEM_RC);
Damien Miller0c043c12000-06-07 21:22:38 +10001352 } else if (options.xauth_location != NULL) {
Damien Millerb38eff82000-04-01 11:09:21 +10001353 /* Add authority data to .Xauthority if appropriate. */
1354 if (auth_proto != NULL && auth_data != NULL) {
Damien Millerd999ae22000-05-20 12:49:31 +10001355 char *screen = strchr(display, ':');
1356 if (debug_flag) {
Damien Millerb1715dc2000-05-30 13:44:51 +10001357 fprintf(stderr,
1358 "Running %.100s add %.100s %.100s %.100s\n",
Damien Miller0c043c12000-06-07 21:22:38 +10001359 options.xauth_location, display,
1360 auth_proto, auth_data);
Damien Miller05dd7952000-10-01 00:42:48 +11001361#ifndef HAVE_CYGWIN /* Unix sockets are not supported */
Damien Millerd999ae22000-05-20 12:49:31 +10001362 if (screen != NULL)
Damien Millerb1715dc2000-05-30 13:44:51 +10001363 fprintf(stderr,
1364 "Adding %.*s/unix%s %s %s\n",
Damien Millercaf6dd62000-08-29 11:33:50 +11001365 (int)(screen-display), display,
Damien Millerb1715dc2000-05-30 13:44:51 +10001366 screen, auth_proto, auth_data);
Damien Miller05dd7952000-10-01 00:42:48 +11001367#endif
Damien Millerd999ae22000-05-20 12:49:31 +10001368 }
Damien Miller0c043c12000-06-07 21:22:38 +10001369 snprintf(cmd, sizeof cmd, "%s -q -",
1370 options.xauth_location);
1371 f = popen(cmd, "w");
Damien Millerb38eff82000-04-01 11:09:21 +10001372 if (f) {
Damien Millerb1715dc2000-05-30 13:44:51 +10001373 fprintf(f, "add %s %s %s\n", display,
1374 auth_proto, auth_data);
Damien Miller05dd7952000-10-01 00:42:48 +11001375#ifndef HAVE_CYGWIN /* Unix sockets are not supported */
Kevin Stevesef4eea92001-02-05 12:42:17 +00001376 if (screen != NULL)
Damien Millerd999ae22000-05-20 12:49:31 +10001377 fprintf(f, "add %.*s/unix%s %s %s\n",
Damien Millercaf6dd62000-08-29 11:33:50 +11001378 (int)(screen-display), display,
Damien Millerb1715dc2000-05-30 13:44:51 +10001379 screen, auth_proto, auth_data);
Damien Miller05dd7952000-10-01 00:42:48 +11001380#endif
Damien Millerb38eff82000-04-01 11:09:21 +10001381 pclose(f);
Damien Miller0c043c12000-06-07 21:22:38 +10001382 } else {
1383 fprintf(stderr, "Could not run %s\n",
1384 cmd);
1385 }
Damien Millerb38eff82000-04-01 11:09:21 +10001386 }
1387 }
Damien Millerb38eff82000-04-01 11:09:21 +10001388 /* Get the last component of the shell name. */
1389 cp = strrchr(shell, '/');
1390 if (cp)
1391 cp++;
1392 else
1393 cp = shell;
1394 }
1395 /*
1396 * If we have no command, execute the shell. In this case, the shell
1397 * name to be passed in argv[0] is preceded by '-' to indicate that
1398 * this is a login shell.
1399 */
1400 if (!command) {
1401 if (!options.use_login) {
1402 char buf[256];
1403
1404 /*
1405 * Check for mail if we have a tty and it was enabled
1406 * in server options.
1407 */
1408 if (ttyname && options.check_mail) {
1409 char *mailbox;
1410 struct stat mailstat;
1411 mailbox = getenv("MAIL");
1412 if (mailbox != NULL) {
Damien Millerb1715dc2000-05-30 13:44:51 +10001413 if (stat(mailbox, &mailstat) != 0 ||
1414 mailstat.st_size == 0)
Damien Millerb38eff82000-04-01 11:09:21 +10001415 printf("No mail.\n");
1416 else if (mailstat.st_mtime < mailstat.st_atime)
1417 printf("You have mail.\n");
1418 else
1419 printf("You have new mail.\n");
1420 }
1421 }
1422 /* Start the shell. Set initial character to '-'. */
1423 buf[0] = '-';
1424 strncpy(buf + 1, cp, sizeof(buf) - 1);
1425 buf[sizeof(buf) - 1] = 0;
1426
1427 /* Execute the shell. */
1428 argv[0] = buf;
1429 argv[1] = NULL;
1430 execve(shell, argv, env);
1431
1432 /* Executing the shell failed. */
1433 perror(shell);
1434 exit(1);
1435
1436 } else {
1437 /* Launch login(1). */
1438
Damien Millerad833b32000-08-23 10:46:23 +10001439 execl(LOGIN_PROGRAM, "login", "-h", hostname,
Damien Miller942da032000-08-18 13:59:06 +10001440 "-p", "-f", "--", pw->pw_name, NULL);
Damien Millerb38eff82000-04-01 11:09:21 +10001441
1442 /* Login couldn't be executed, die. */
1443
1444 perror("login");
1445 exit(1);
1446 }
1447 }
1448 /*
1449 * Execute the command using the user's shell. This uses the -c
1450 * option to execute the command.
1451 */
1452 argv[0] = (char *) cp;
1453 argv[1] = "-c";
1454 argv[2] = (char *) command;
1455 argv[3] = NULL;
1456 execve(shell, argv, env);
1457 perror(shell);
1458 exit(1);
1459}
1460
1461Session *
1462session_new(void)
1463{
1464 int i;
1465 static int did_init = 0;
1466 if (!did_init) {
1467 debug("session_new: init");
1468 for(i = 0; i < MAX_SESSIONS; i++) {
1469 sessions[i].used = 0;
1470 sessions[i].self = i;
1471 }
1472 did_init = 1;
1473 }
1474 for(i = 0; i < MAX_SESSIONS; i++) {
1475 Session *s = &sessions[i];
1476 if (! s->used) {
1477 s->pid = 0;
Damien Millerbd483e72000-04-30 10:00:53 +10001478 s->extended = 0;
Damien Millerb38eff82000-04-01 11:09:21 +10001479 s->chanid = -1;
1480 s->ptyfd = -1;
1481 s->ttyfd = -1;
1482 s->term = NULL;
1483 s->pw = NULL;
1484 s->display = NULL;
1485 s->screen = 0;
1486 s->auth_data = NULL;
1487 s->auth_proto = NULL;
1488 s->used = 1;
Damien Millerbd483e72000-04-30 10:00:53 +10001489 s->pw = NULL;
Damien Miller15b29522000-10-14 12:33:48 +11001490 debug("session_new: session %d", i);
Damien Millerb38eff82000-04-01 11:09:21 +10001491 return s;
1492 }
1493 }
1494 return NULL;
1495}
1496
1497void
1498session_dump(void)
1499{
1500 int i;
1501 for(i = 0; i < MAX_SESSIONS; i++) {
1502 Session *s = &sessions[i];
1503 debug("dump: used %d session %d %p channel %d pid %d",
1504 s->used,
1505 s->self,
1506 s,
1507 s->chanid,
1508 s->pid);
1509 }
1510}
1511
Damien Millerefb4afe2000-04-12 18:45:05 +10001512int
1513session_open(int chanid)
1514{
1515 Session *s = session_new();
1516 debug("session_open: channel %d", chanid);
1517 if (s == NULL) {
1518 error("no more sessions");
1519 return 0;
1520 }
Damien Millerefb4afe2000-04-12 18:45:05 +10001521 s->pw = auth_get_user();
1522 if (s->pw == NULL)
Kevin Steves43cdef32001-02-11 14:12:08 +00001523 fatal("no user for session %d", s->self);
Damien Millerbd483e72000-04-30 10:00:53 +10001524 debug("session_open: session %d: link with channel %d", s->self, chanid);
1525 s->chanid = chanid;
Damien Millerefb4afe2000-04-12 18:45:05 +10001526 return 1;
1527}
1528
1529Session *
1530session_by_channel(int id)
1531{
1532 int i;
1533 for(i = 0; i < MAX_SESSIONS; i++) {
1534 Session *s = &sessions[i];
1535 if (s->used && s->chanid == id) {
1536 debug("session_by_channel: session %d channel %d", i, id);
1537 return s;
1538 }
1539 }
1540 debug("session_by_channel: unknown channel %d", id);
1541 session_dump();
1542 return NULL;
1543}
1544
1545Session *
1546session_by_pid(pid_t pid)
1547{
1548 int i;
1549 debug("session_by_pid: pid %d", pid);
1550 for(i = 0; i < MAX_SESSIONS; i++) {
1551 Session *s = &sessions[i];
1552 if (s->used && s->pid == pid)
1553 return s;
1554 }
1555 error("session_by_pid: unknown pid %d", pid);
1556 session_dump();
1557 return NULL;
1558}
1559
1560int
1561session_window_change_req(Session *s)
1562{
1563 s->col = packet_get_int();
1564 s->row = packet_get_int();
1565 s->xpixel = packet_get_int();
1566 s->ypixel = packet_get_int();
Damien Miller4af51302000-04-16 11:18:38 +10001567 packet_done();
Damien Millerefb4afe2000-04-12 18:45:05 +10001568 pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);
1569 return 1;
1570}
1571
1572int
1573session_pty_req(Session *s)
1574{
Ben Lindstrom46c16222000-12-22 01:43:59 +00001575 u_int len;
Damien Miller4af51302000-04-16 11:18:38 +10001576 char *term_modes; /* encoded terminal modes */
Damien Millerefb4afe2000-04-12 18:45:05 +10001577
Damien Millerf6d9e222000-06-18 14:50:44 +10001578 if (no_pty_flag)
1579 return 0;
Damien Millerefb4afe2000-04-12 18:45:05 +10001580 if (s->ttyfd != -1)
Damien Miller4af51302000-04-16 11:18:38 +10001581 return 0;
Damien Millerefb4afe2000-04-12 18:45:05 +10001582 s->term = packet_get_string(&len);
1583 s->col = packet_get_int();
1584 s->row = packet_get_int();
1585 s->xpixel = packet_get_int();
1586 s->ypixel = packet_get_int();
Damien Miller4af51302000-04-16 11:18:38 +10001587 term_modes = packet_get_string(&len);
1588 packet_done();
Damien Millerefb4afe2000-04-12 18:45:05 +10001589
1590 if (strcmp(s->term, "") == 0) {
1591 xfree(s->term);
1592 s->term = NULL;
1593 }
1594 /* Allocate a pty and open it. */
1595 if (!pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty))) {
1596 xfree(s->term);
1597 s->term = NULL;
1598 s->ptyfd = -1;
1599 s->ttyfd = -1;
1600 error("session_pty_req: session %d alloc failed", s->self);
Damien Miller4af51302000-04-16 11:18:38 +10001601 xfree(term_modes);
1602 return 0;
Damien Millerefb4afe2000-04-12 18:45:05 +10001603 }
1604 debug("session_pty_req: session %d alloc %s", s->self, s->tty);
1605 /*
1606 * Add a cleanup function to clear the utmp entry and record logout
1607 * time in case we call fatal() (e.g., the connection gets closed).
1608 */
1609 fatal_add_cleanup(pty_cleanup_proc, (void *)s);
1610 pty_setowner(s->pw, s->tty);
1611 /* Get window size from the packet. */
1612 pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);
1613
Damien Millere247cc42000-05-07 12:03:14 +10001614 session_proctitle(s);
1615
Damien Miller5f056372000-04-16 12:31:48 +10001616 /* XXX parse and set terminal modes */
1617 xfree(term_modes);
Damien Millerefb4afe2000-04-12 18:45:05 +10001618 return 1;
1619}
1620
Damien Millerbd483e72000-04-30 10:00:53 +10001621int
1622session_subsystem_req(Session *s)
1623{
Ben Lindstrom46c16222000-12-22 01:43:59 +00001624 u_int len;
Damien Millerbd483e72000-04-30 10:00:53 +10001625 int success = 0;
1626 char *subsys = packet_get_string(&len);
Damien Millerf6d9e222000-06-18 14:50:44 +10001627 int i;
Damien Millerbd483e72000-04-30 10:00:53 +10001628
1629 packet_done();
1630 log("subsystem request for %s", subsys);
1631
Damien Millerf6d9e222000-06-18 14:50:44 +10001632 for (i = 0; i < options.num_subsystems; i++) {
1633 if(strcmp(subsys, options.subsystem_name[i]) == 0) {
1634 debug("subsystem: exec() %s", options.subsystem_command[i]);
1635 do_exec_no_pty(s, options.subsystem_command[i], s->pw);
1636 success = 1;
1637 }
1638 }
1639
1640 if (!success)
1641 log("subsystem request for %s failed, subsystem not found", subsys);
1642
Damien Millerbd483e72000-04-30 10:00:53 +10001643 xfree(subsys);
1644 return success;
1645}
1646
1647int
1648session_x11_req(Session *s)
1649{
Damien Miller7b28dc52000-09-05 13:34:53 +11001650 int fd;
Damien Miller37023962000-07-11 17:31:38 +10001651 if (no_x11_forwarding_flag) {
Damien Millerf6d9e222000-06-18 14:50:44 +10001652 debug("X11 forwarding disabled in user configuration file.");
1653 return 0;
1654 }
Damien Millerbd483e72000-04-30 10:00:53 +10001655 if (!options.x11_forwarding) {
1656 debug("X11 forwarding disabled in server configuration file.");
1657 return 0;
1658 }
1659 if (xauthfile != NULL) {
1660 debug("X11 fwd already started.");
1661 return 0;
1662 }
1663
1664 debug("Received request for X11 forwarding with auth spoofing.");
1665 if (s->display != NULL)
1666 packet_disconnect("Protocol error: X11 display already set.");
1667
1668 s->single_connection = packet_get_char();
1669 s->auth_proto = packet_get_string(NULL);
1670 s->auth_data = packet_get_string(NULL);
1671 s->screen = packet_get_int();
1672 packet_done();
1673
1674 s->display = x11_create_display_inet(s->screen, options.x11_display_offset);
1675 if (s->display == NULL) {
1676 xfree(s->auth_proto);
1677 xfree(s->auth_data);
1678 return 0;
1679 }
1680 xauthfile = xmalloc(MAXPATHLEN);
1681 strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
1682 temporarily_use_uid(s->pw->pw_uid);
1683 if (mkdtemp(xauthfile) == NULL) {
1684 restore_uid();
1685 error("private X11 dir: mkdtemp %s failed: %s",
1686 xauthfile, strerror(errno));
1687 xfree(xauthfile);
1688 xauthfile = NULL;
1689 xfree(s->auth_proto);
1690 xfree(s->auth_data);
1691 /* XXXX remove listening channels */
1692 return 0;
1693 }
1694 strlcat(xauthfile, "/cookies", MAXPATHLEN);
Damien Miller7b28dc52000-09-05 13:34:53 +11001695 fd = open(xauthfile, O_RDWR|O_CREAT|O_EXCL, 0600);
1696 if (fd >= 0)
1697 close(fd);
Damien Millerbd483e72000-04-30 10:00:53 +10001698 restore_uid();
1699 fatal_add_cleanup(xauthfile_cleanup_proc, s);
1700 return 1;
1701}
1702
Damien Millerf6d9e222000-06-18 14:50:44 +10001703int
1704session_shell_req(Session *s)
1705{
1706 /* if forced_command == NULL, the shell is execed */
1707 char *shell = forced_command;
1708 packet_done();
1709 s->extended = 1;
1710 if (s->ttyfd == -1)
1711 do_exec_no_pty(s, shell, s->pw);
1712 else
1713 do_exec_pty(s, shell, s->pw);
1714 return 1;
1715}
1716
1717int
1718session_exec_req(Session *s)
1719{
Ben Lindstrom46c16222000-12-22 01:43:59 +00001720 u_int len;
Damien Millerf6d9e222000-06-18 14:50:44 +10001721 char *command = packet_get_string(&len);
1722 packet_done();
1723 if (forced_command) {
Damien Miller7b28dc52000-09-05 13:34:53 +11001724 original_command = command;
Damien Millerf6d9e222000-06-18 14:50:44 +10001725 command = forced_command;
1726 debug("Forced command '%.500s'", forced_command);
1727 }
1728 s->extended = 1;
1729 if (s->ttyfd == -1)
1730 do_exec_no_pty(s, command, s->pw);
1731 else
1732 do_exec_pty(s, command, s->pw);
1733 if (forced_command == NULL)
1734 xfree(command);
1735 return 1;
1736}
1737
Damien Miller0bc1bd82000-11-13 22:57:25 +11001738int
1739session_auth_agent_req(Session *s)
1740{
1741 static int called = 0;
1742 packet_done();
Ben Lindstrom14920292000-11-21 21:24:55 +00001743 if (no_agent_forwarding_flag) {
1744 debug("session_auth_agent_req: no_agent_forwarding_flag");
1745 return 0;
1746 }
Damien Miller0bc1bd82000-11-13 22:57:25 +11001747 if (called) {
1748 return 0;
1749 } else {
1750 called = 1;
1751 return auth_input_request_forwarding(s->pw);
1752 }
1753}
1754
Damien Millerefb4afe2000-04-12 18:45:05 +10001755void
1756session_input_channel_req(int id, void *arg)
1757{
Ben Lindstrom46c16222000-12-22 01:43:59 +00001758 u_int len;
Damien Millerefb4afe2000-04-12 18:45:05 +10001759 int reply;
1760 int success = 0;
1761 char *rtype;
1762 Session *s;
1763 Channel *c;
1764
1765 rtype = packet_get_string(&len);
1766 reply = packet_get_char();
1767
1768 s = session_by_channel(id);
1769 if (s == NULL)
1770 fatal("session_input_channel_req: channel %d: no session", id);
1771 c = channel_lookup(id);
1772 if (c == NULL)
1773 fatal("session_input_channel_req: channel %d: bad channel", id);
1774
1775 debug("session_input_channel_req: session %d channel %d request %s reply %d",
1776 s->self, id, rtype, reply);
1777
1778 /*
1779 * a session is in LARVAL state until a shell
1780 * or programm is executed
1781 */
1782 if (c->type == SSH_CHANNEL_LARVAL) {
1783 if (strcmp(rtype, "shell") == 0) {
Damien Millerf6d9e222000-06-18 14:50:44 +10001784 success = session_shell_req(s);
Damien Millerefb4afe2000-04-12 18:45:05 +10001785 } else if (strcmp(rtype, "exec") == 0) {
Damien Millerf6d9e222000-06-18 14:50:44 +10001786 success = session_exec_req(s);
Damien Millerefb4afe2000-04-12 18:45:05 +10001787 } else if (strcmp(rtype, "pty-req") == 0) {
Damien Miller5f056372000-04-16 12:31:48 +10001788 success = session_pty_req(s);
Damien Millerbd483e72000-04-30 10:00:53 +10001789 } else if (strcmp(rtype, "x11-req") == 0) {
1790 success = session_x11_req(s);
Damien Miller0bc1bd82000-11-13 22:57:25 +11001791 } else if (strcmp(rtype, "auth-agent-req@openssh.com") == 0) {
1792 success = session_auth_agent_req(s);
Damien Millerbd483e72000-04-30 10:00:53 +10001793 } else if (strcmp(rtype, "subsystem") == 0) {
1794 success = session_subsystem_req(s);
Damien Millerefb4afe2000-04-12 18:45:05 +10001795 }
1796 }
1797 if (strcmp(rtype, "window-change") == 0) {
1798 success = session_window_change_req(s);
1799 }
1800
1801 if (reply) {
1802 packet_start(success ?
1803 SSH2_MSG_CHANNEL_SUCCESS : SSH2_MSG_CHANNEL_FAILURE);
1804 packet_put_int(c->remote_id);
1805 packet_send();
1806 }
1807 xfree(rtype);
1808}
1809
1810void
1811session_set_fds(Session *s, int fdin, int fdout, int fderr)
1812{
1813 if (!compat20)
1814 fatal("session_set_fds: called for proto != 2.0");
1815 /*
1816 * now that have a child and a pipe to the child,
1817 * we can activate our channel and register the fd's
1818 */
1819 if (s->chanid == -1)
1820 fatal("no channel for session %d", s->self);
1821 channel_set_fds(s->chanid,
1822 fdout, fdin, fderr,
Damien Miller69b69aa2000-10-28 14:19:58 +11001823 fderr == -1 ? CHAN_EXTENDED_IGNORE : CHAN_EXTENDED_READ,
1824 1);
Damien Millerefb4afe2000-04-12 18:45:05 +10001825}
1826
Damien Millerb38eff82000-04-01 11:09:21 +10001827void
1828session_pty_cleanup(Session *s)
1829{
1830 if (s == NULL || s->ttyfd == -1)
1831 return;
1832
Kevin Steves43cdef32001-02-11 14:12:08 +00001833 debug("session_pty_cleanup: session %d release %s", s->self, s->tty);
Damien Millerb38eff82000-04-01 11:09:21 +10001834
1835 /* Cancel the cleanup function. */
1836 fatal_remove_cleanup(pty_cleanup_proc, (void *)s);
1837
1838 /* Record that the user has logged out. */
1839 record_logout(s->pid, s->tty);
1840
1841 /* Release the pseudo-tty. */
1842 pty_release(s->tty);
1843
1844 /*
1845 * Close the server side of the socket pairs. We must do this after
1846 * the pty cleanup, so that another process doesn't get this pty
1847 * while we're still cleaning up.
1848 */
1849 if (close(s->ptymaster) < 0)
1850 error("close(s->ptymaster): %s", strerror(errno));
1851}
Damien Millerefb4afe2000-04-12 18:45:05 +10001852
1853void
1854session_exit_message(Session *s, int status)
1855{
1856 Channel *c;
1857 if (s == NULL)
1858 fatal("session_close: no session");
1859 c = channel_lookup(s->chanid);
1860 if (c == NULL)
1861 fatal("session_close: session %d: no channel %d",
1862 s->self, s->chanid);
1863 debug("session_exit_message: session %d channel %d pid %d",
1864 s->self, s->chanid, s->pid);
1865
1866 if (WIFEXITED(status)) {
1867 channel_request_start(s->chanid,
1868 "exit-status", 0);
1869 packet_put_int(WEXITSTATUS(status));
1870 packet_send();
1871 } else if (WIFSIGNALED(status)) {
1872 channel_request_start(s->chanid,
1873 "exit-signal", 0);
1874 packet_put_int(WTERMSIG(status));
Damien Millerf3c6cf12000-05-17 22:08:29 +10001875#ifdef WCOREDUMP
Damien Millerefb4afe2000-04-12 18:45:05 +10001876 packet_put_char(WCOREDUMP(status));
Damien Millerf3c6cf12000-05-17 22:08:29 +10001877#else /* WCOREDUMP */
1878 packet_put_char(0);
1879#endif /* WCOREDUMP */
Damien Millerefb4afe2000-04-12 18:45:05 +10001880 packet_put_cstring("");
1881 packet_put_cstring("");
1882 packet_send();
1883 } else {
1884 /* Some weird exit cause. Just exit. */
1885 packet_disconnect("wait returned status %04x.", status);
1886 }
1887
1888 /* disconnect channel */
1889 debug("session_exit_message: release channel %d", s->chanid);
1890 channel_cancel_cleanup(s->chanid);
Damien Miller166fca82000-04-20 07:42:21 +10001891 /*
1892 * emulate a write failure with 'chan_write_failed', nobody will be
1893 * interested in data we write.
1894 * Note that we must not call 'chan_read_failed', since there could
1895 * be some more data waiting in the pipe.
1896 */
Damien Millerbd483e72000-04-30 10:00:53 +10001897 if (c->ostate != CHAN_OUTPUT_CLOSED)
1898 chan_write_failed(c);
Damien Millerefb4afe2000-04-12 18:45:05 +10001899 s->chanid = -1;
1900}
1901
1902void
1903session_free(Session *s)
1904{
1905 debug("session_free: session %d pid %d", s->self, s->pid);
1906 if (s->term)
1907 xfree(s->term);
1908 if (s->display)
1909 xfree(s->display);
1910 if (s->auth_data)
1911 xfree(s->auth_data);
1912 if (s->auth_proto)
1913 xfree(s->auth_proto);
1914 s->used = 0;
1915}
1916
1917void
1918session_close(Session *s)
1919{
1920 session_pty_cleanup(s);
1921 session_free(s);
Damien Millere247cc42000-05-07 12:03:14 +10001922 session_proctitle(s);
Damien Millerefb4afe2000-04-12 18:45:05 +10001923}
1924
1925void
1926session_close_by_pid(pid_t pid, int status)
1927{
1928 Session *s = session_by_pid(pid);
1929 if (s == NULL) {
1930 debug("session_close_by_pid: no session for pid %d", s->pid);
1931 return;
1932 }
1933 if (s->chanid != -1)
1934 session_exit_message(s, status);
1935 session_close(s);
1936}
1937
1938/*
1939 * this is called when a channel dies before
1940 * the session 'child' itself dies
1941 */
1942void
1943session_close_by_channel(int id, void *arg)
1944{
1945 Session *s = session_by_channel(id);
1946 if (s == NULL) {
1947 debug("session_close_by_channel: no session for channel %d", id);
1948 return;
1949 }
1950 /* disconnect channel */
1951 channel_cancel_cleanup(s->chanid);
1952 s->chanid = -1;
1953
1954 debug("session_close_by_channel: channel %d kill %d", id, s->pid);
1955 if (s->pid == 0) {
1956 /* close session immediately */
1957 session_close(s);
1958 } else {
1959 /* notify child, delay session cleanup */
Damien Miller7a445bb2000-06-26 13:12:37 +10001960 if (kill(s->pid, (s->ttyfd == -1) ? SIGTERM : SIGHUP) < 0)
Damien Millerefb4afe2000-04-12 18:45:05 +10001961 error("session_close_by_channel: kill %d: %s",
1962 s->pid, strerror(errno));
1963 }
1964}
1965
Damien Millere247cc42000-05-07 12:03:14 +10001966char *
1967session_tty_list(void)
1968{
1969 static char buf[1024];
1970 int i;
1971 buf[0] = '\0';
1972 for(i = 0; i < MAX_SESSIONS; i++) {
1973 Session *s = &sessions[i];
1974 if (s->used && s->ttyfd != -1) {
1975 if (buf[0] != '\0')
1976 strlcat(buf, ",", sizeof buf);
1977 strlcat(buf, strrchr(s->tty, '/') + 1, sizeof buf);
1978 }
1979 }
1980 if (buf[0] == '\0')
1981 strlcpy(buf, "notty", sizeof buf);
1982 return buf;
1983}
1984
1985void
1986session_proctitle(Session *s)
1987{
1988 if (s->pw == NULL)
1989 error("no user for session %d", s->self);
1990 else
1991 setproctitle("%s@%s", s->pw->pw_name, session_tty_list());
1992}
1993
Damien Millerefb4afe2000-04-12 18:45:05 +10001994void
Ben Lindstromdb65e8f2001-01-19 04:26:52 +00001995do_authenticated2(Authctxt *authctxt)
Damien Millerefb4afe2000-04-12 18:45:05 +10001996{
1997 /*
1998 * Cancel the alarm we set to limit the time taken for
1999 * authentication.
2000 */
2001 alarm(0);
Damien Miller182ee6e2000-07-12 09:45:27 +10002002 if (startup_pipe != -1) {
Damien Miller4d97ba22000-07-11 18:15:50 +10002003 close(startup_pipe);
Damien Miller182ee6e2000-07-12 09:45:27 +10002004 startup_pipe = -1;
2005 }
Kevin Steves48b7cc02000-10-07 13:24:00 +00002006#if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD)
Ben Lindstromdb65e8f2001-01-19 04:26:52 +00002007 if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) {
Damien Millerad833b32000-08-23 10:46:23 +10002008 error("unable to get login class");
2009 return;
2010 }
2011#endif
Damien Millerefb4afe2000-04-12 18:45:05 +10002012 server_loop2();
Damien Miller1b26ab22000-04-30 10:12:49 +10002013 if (xauthfile)
2014 xauthfile_cleanup_proc(NULL);
Damien Millerefb4afe2000-04-12 18:45:05 +10002015}