diff options
| -rw-r--r-- | usr.bin/ssh/auth1.c | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/auth2.c | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/session.c | 93 | ||||
| -rw-r--r-- | usr.bin/ssh/session.h | 7 |
4 files changed, 48 insertions, 60 deletions
diff --git a/usr.bin/ssh/auth1.c b/usr.bin/ssh/auth1.c index 3316b7e3586..a8221348493 100644 --- a/usr.bin/ssh/auth1.c +++ b/usr.bin/ssh/auth1.c @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth1.c,v 1.20 2001/03/20 18:57:04 markus Exp $"); +RCSID("$OpenBSD: auth1.c,v 1.21 2001/03/21 11:43:44 markus Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -376,5 +376,5 @@ do_authentication() xfree(authctxt); /* Perform session preparation. */ - do_authenticated(pw); + do_authenticated(authctxt); } diff --git a/usr.bin/ssh/auth2.c b/usr.bin/ssh/auth2.c index d5e29865122..6641961a329 100644 --- a/usr.bin/ssh/auth2.c +++ b/usr.bin/ssh/auth2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2.c,v 1.47 2001/03/20 18:57:04 markus Exp $"); +RCSID("$OpenBSD: auth2.c,v 1.48 2001/03/21 11:43:44 markus Exp $"); #include <openssl/evp.h> @@ -116,7 +116,7 @@ do_authentication2() dispatch_init(&protocol_error); dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request); dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt); - do_authenticated2(authctxt); + do_authenticated(authctxt); } void diff --git a/usr.bin/ssh/session.c b/usr.bin/ssh/session.c index 0c6dacc3d09..706a6542745 100644 --- a/usr.bin/ssh/session.c +++ b/usr.bin/ssh/session.c @@ -33,7 +33,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: session.c,v 1.64 2001/03/20 19:35:29 markus Exp $"); +RCSID("$OpenBSD: session.c,v 1.65 2001/03/21 11:43:44 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -94,6 +94,9 @@ void do_exec_no_pty(Session *s, const char *command); void do_login(Session *s, const char *command); void do_child(Session *s, const char *command); +void do_authenticated1(Authctxt *authctxt); +void do_authenticated2(Authctxt *authctxt); + /* import */ extern ServerOptions options; extern char *__progname; @@ -117,6 +120,34 @@ Session sessions[MAX_SESSIONS]; static login_cap_t *lc; #endif +void +do_authenticated(Authctxt *authctxt) +{ + /* + * Cancel the alarm we set to limit the time taken for + * authentication. + */ + alarm(0); + if (startup_pipe != -1) { + close(startup_pipe); + startup_pipe = -1; + } +#ifdef HAVE_LOGIN_CAP + if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) { + error("unable to get login class"); + return; + } +#endif + /* setup the channel layer */ + if (!no_port_forwarding_flag && options.allow_tcp_forwarding) + channel_permit_all_opens(); + + if (compat20) + do_authenticated2(authctxt); + else + do_authenticated1(authctxt); +} + /* * Remove local Xauthority file. */ @@ -166,47 +197,23 @@ pty_cleanup_proc(void *session) * are requested, etc. */ void -do_authenticated(struct passwd * pw) +do_authenticated1(Authctxt *authctxt) { Session *s; - int type, fd; - int compression_level = 0, enable_compression_after_reply = 0; - int have_pty = 0; char *command; - int n_bytes; - int plen; + int success, type, fd, n_bytes, plen, screen_flag, have_pty = 0; + int compression_level = 0, enable_compression_after_reply = 0; u_int proto_len, data_len, dlen; - int screen_flag; - - /* - * Cancel the alarm we set to limit the time taken for - * authentication. - */ - alarm(0); - if (startup_pipe != -1) { - close(startup_pipe); - startup_pipe = -1; - } s = session_new(); - s->pw = pw; - - if (!no_port_forwarding_flag && options.allow_tcp_forwarding) - channel_permit_all_opens(); - -#ifdef HAVE_LOGIN_CAP - if ((lc = login_getclass(pw->pw_class)) == NULL) { - error("unable to get login class"); - return; - } -#endif + s->pw = authctxt->pw; /* * We stay in this loop until the client requests to execute a shell * or a command. */ for (;;) { - int success = 0; + success = 0; /* Get a packet from the client. */ type = packet_read(&plen); @@ -243,7 +250,7 @@ do_authenticated(struct passwd * pw) break; } fatal_add_cleanup(pty_cleanup_proc, (void *)s); - pty_setowner(pw, s->tty); + pty_setowner(s->pw, s->tty); /* Get TERM from the packet. Note that the value may be of arbitrary length. */ s->term = packet_get_string(&dlen); @@ -318,7 +325,7 @@ do_authenticated(struct passwd * pw) /* Setup to always have a local .Xauthority. */ xauthfile = xmalloc(MAXPATHLEN); strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN); - temporarily_use_uid(pw->pw_uid); + temporarily_use_uid(s->pw->pw_uid); if (mkdtemp(xauthfile) == NULL) { restore_uid(); error("private X11 dir: mkdtemp %s failed: %s", @@ -343,7 +350,7 @@ do_authenticated(struct passwd * pw) break; } debug("Received authentication agent forwarding request."); - success = auth_input_request_forwarding(pw); + success = auth_input_request_forwarding(s->pw); break; case SSH_CMSG_PORT_FORWARD_REQUEST: @@ -356,7 +363,7 @@ do_authenticated(struct passwd * pw) break; } debug("Received TCP/IP port forwarding request."); - channel_input_port_forward_request(pw->pw_uid == 0, options.gateway_ports); + channel_input_port_forward_request(s->pw->pw_uid == 0, options.gateway_ports); success = 1; break; @@ -1685,23 +1692,7 @@ session_proctitle(Session *s) void do_authenticated2(Authctxt *authctxt) { - /* - * Cancel the alarm we set to limit the time taken for - * authentication. - */ - alarm(0); - if (startup_pipe != -1) { - close(startup_pipe); - startup_pipe = -1; - } - if (!no_port_forwarding_flag && options.allow_tcp_forwarding) - channel_permit_all_opens(); -#ifdef HAVE_LOGIN_CAP - if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) { - error("unable to get login class"); - return; - } -#endif + server_loop2(); if (xauthfile) xauthfile_cleanup_proc(NULL); diff --git a/usr.bin/ssh/session.h b/usr.bin/ssh/session.h index 133e9233f2a..842e9412a0d 100644 --- a/usr.bin/ssh/session.h +++ b/usr.bin/ssh/session.h @@ -1,4 +1,4 @@ -/* $OpenBSD: session.h,v 1.5 2001/01/29 01:58:18 niklas Exp $ */ +/* $OpenBSD: session.h,v 1.6 2001/03/21 11:43:45 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -26,11 +26,8 @@ #ifndef SESSION_H #define SESSION_H -/* SSH1 */ -void do_authenticated(struct passwd * pw); +void do_authenticated(Authctxt *ac); -/* SSH2 */ -void do_authenticated2(Authctxt *ac); int session_open(int id); void session_input_channel_req(int id, void *arg); void session_close_by_pid(pid_t pid, int status); |