diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2001-03-22 02:02:12 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-03-22 02:02:12 +0000 |
| commit | b31783d5470d42f77a08acfe6513a0b209ffec1c (patch) | |
| tree | aa2c8c7e957564f22ecd0e16680d1de0ba9e06da /session.c | |
| parent | fc9b07de19f8ccd94e4543ddba58e0de3748804c (diff) | |
- markus@cvs.openbsd.org 2001/03/21 11:43:45
[auth1.c auth2.c session.c session.h]
merge common ssh v1/2 code
Diffstat (limited to 'session.c')
| -rw-r--r-- | session.c | 95 |
1 files changed, 43 insertions, 52 deletions
@@ -33,7 +33,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: session.c,v 1.64 2001/03/20 19:35:29 markus Exp $"); +RCSID("$OpenBSD: session.c,v 1.65 2001/03/21 11:43:44 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -129,6 +129,9 @@ void do_exec_no_pty(Session *s, const char *command); void do_login(Session *s, const char *command); void do_child(Session *s, const char *command); +void do_authenticated1(Authctxt *authctxt); +void do_authenticated2(Authctxt *authctxt); + /* import */ extern ServerOptions options; extern char *__progname; @@ -157,6 +160,34 @@ char *aixloginmsg; static login_cap_t *lc; #endif +void +do_authenticated(Authctxt *authctxt) +{ + /* + * Cancel the alarm we set to limit the time taken for + * authentication. + */ + alarm(0); + if (startup_pipe != -1) { + close(startup_pipe); + startup_pipe = -1; + } +#if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD) + if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) { + error("unable to get login class"); + return; + } +#endif + /* setup the channel layer */ + if (!no_port_forwarding_flag && options.allow_tcp_forwarding) + channel_permit_all_opens(); + + if (compat20) + do_authenticated2(authctxt); + else + do_authenticated1(authctxt); +} + /* * Remove local Xauthority file. */ @@ -206,47 +237,23 @@ pty_cleanup_proc(void *session) * are requested, etc. */ void -do_authenticated(struct passwd * pw) +do_authenticated1(Authctxt *authctxt) { Session *s; - int type, fd; - int compression_level = 0, enable_compression_after_reply = 0; - int have_pty = 0; char *command; - int n_bytes; - int plen; + int success, type, fd, n_bytes, plen, screen_flag, have_pty = 0; + int compression_level = 0, enable_compression_after_reply = 0; u_int proto_len, data_len, dlen; - int screen_flag; - - /* - * Cancel the alarm we set to limit the time taken for - * authentication. - */ - alarm(0); - if (startup_pipe != -1) { - close(startup_pipe); - startup_pipe = -1; - } - - if (!no_port_forwarding_flag && options.allow_tcp_forwarding) - channel_permit_all_opens(); s = session_new(); - s->pw = pw; - -#if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD) - if ((lc = login_getclass(pw->pw_class)) == NULL) { - error("unable to get login class"); - return; - } -#endif + s->pw = authctxt->pw; /* * We stay in this loop until the client requests to execute a shell * or a command. */ for (;;) { - int success = 0; + success = 0; /* Get a packet from the client. */ type = packet_read(&plen); @@ -283,7 +290,7 @@ do_authenticated(struct passwd * pw) break; } fatal_add_cleanup(pty_cleanup_proc, (void *)s); - pty_setowner(pw, s->tty); + pty_setowner(s->pw, s->tty); /* Get TERM from the packet. Note that the value may be of arbitrary length. */ s->term = packet_get_string(&dlen); @@ -358,7 +365,7 @@ do_authenticated(struct passwd * pw) /* Setup to always have a local .Xauthority. */ xauthfile = xmalloc(MAXPATHLEN); strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN); - temporarily_use_uid(pw->pw_uid); + temporarily_use_uid(s->pw->pw_uid); if (mkdtemp(xauthfile) == NULL) { restore_uid(); error("private X11 dir: mkdtemp %s failed: %s", @@ -383,7 +390,7 @@ do_authenticated(struct passwd * pw) break; } debug("Received authentication agent forwarding request."); - success = auth_input_request_forwarding(pw); + success = auth_input_request_forwarding(s->pw); break; case SSH_CMSG_PORT_FORWARD_REQUEST: @@ -396,7 +403,7 @@ do_authenticated(struct passwd * pw) break; } debug("Received TCP/IP port forwarding request."); - channel_input_port_forward_request(pw->pw_uid == 0, options.gateway_ports); + channel_input_port_forward_request(s->pw->pw_uid == 0, options.gateway_ports); success = 1; break; @@ -597,7 +604,7 @@ do_exec_pty(Session *s, const char *command) ttyfd = s->ttyfd; #if defined(USE_PAM) - do_pam_session(pw->pw_name, s->tty); + do_pam_session(s->pw->pw_name, s->tty); do_pam_setcred(); #endif @@ -2022,23 +2029,7 @@ session_proctitle(Session *s) void do_authenticated2(Authctxt *authctxt) { - /* - * Cancel the alarm we set to limit the time taken for - * authentication. - */ - alarm(0); - if (startup_pipe != -1) { - close(startup_pipe); - startup_pipe = -1; - } - if (!no_port_forwarding_flag && options.allow_tcp_forwarding) - channel_permit_all_opens(); -#if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD) - if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) { - error("unable to get login class"); - return; - } -#endif + server_loop2(); if (xauthfile) xauthfile_cleanup_proc(NULL); |