summaryrefslogtreecommitdiffstats
path: root/session.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--session.c51
1 files changed, 18 insertions, 33 deletions
diff --git a/session.c b/session.c
index c821dcd..c941511 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.337 2024/02/01 02:37:33 djm Exp $ */
+/* $OpenBSD: session.c,v 1.338 2024/05/17 00:30:24 djm Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -103,6 +103,17 @@
#include <selinux/selinux.h>
#endif
+/*
+ * Hack for systems that do not support FD passing: allocate PTYs directly
+ * without calling into the monitor. This requires either the post-auth
+ * privsep process retain root privileges (see the comment in
+ * sshd-session.c:privsep_postauth) or that PTY allocation doesn't require
+ * privileges to begin with (e.g. Cygwin).
+ */
+#ifdef DISABLE_FD_PASSING
+#define mm_pty_allocate pty_allocate
+#endif
+
#define IS_INTERNAL_SFTP(c) \
(!strncmp(c, INTERNAL_SFTP_NAME, sizeof(INTERNAL_SFTP_NAME) - 1) && \
(c[sizeof(INTERNAL_SFTP_NAME) - 1] == '\0' || \
@@ -706,13 +717,13 @@ do_exec(struct ssh *ssh, Session *s, const char *command)
#ifdef SSH_AUDIT_EVENTS
if (command != NULL)
- PRIVSEP(audit_run_command(command));
+ mm_audit_run_command(command);
else if (s->ttyfd == -1) {
char *shell = s->pw->pw_shell;
if (shell[0] == '\0') /* empty shell means /bin/sh */
shell =_PATH_BSHELL;
- PRIVSEP(audit_run_command(shell));
+ mm_audit_run_command(shell);
}
#endif
if (s->ttyfd != -1)
@@ -738,8 +749,6 @@ do_login(struct ssh *ssh, Session *s, const char *command)
{
socklen_t fromlen;
struct sockaddr_storage from;
- struct passwd * pw = s->pw;
- pid_t pid = getpid();
/*
* Get IP address of client. If the connection is not a socket, let
@@ -755,26 +764,6 @@ do_login(struct ssh *ssh, Session *s, const char *command)
}
}
- /* Record that there was a login on that tty from the remote host. */
- if (!use_privsep)
- record_login(pid, s->tty, pw->pw_name, pw->pw_uid,
- session_get_remote_name_or_ip(ssh, utmp_len,
- options.use_dns),
- (struct sockaddr *)&from, fromlen);
-
-#ifdef USE_PAM
- /*
- * If password change is needed, do it now.
- * This needs to occur before the ~/.hushlogin check.
- */
- if (options.use_pam && !use_privsep && s->authctxt->force_pwchange) {
- display_loginmsg();
- do_pam_chauthtok();
- s->authctxt->force_pwchange = 0;
- /* XXX - signal [net] parent to enable forwardings */
- }
-#endif
-
if (check_quietlogin(s, command))
return;
@@ -1924,8 +1913,7 @@ session_pty_req(struct ssh *ssh, Session *s)
/* Allocate a pty and open it. */
debug("Allocating pty.");
- if (!PRIVSEP(pty_allocate(&s->ptyfd, &s->ttyfd, s->tty,
- sizeof(s->tty)))) {
+ if (!mm_pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty))) {
free(s->term);
s->term = NULL;
s->ptyfd = -1;
@@ -1940,9 +1928,6 @@ session_pty_req(struct ssh *ssh, Session *s)
if ((r = sshpkt_get_end(ssh)) != 0)
sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
- if (!use_privsep)
- pty_setowner(s->pw, s->tty);
-
/* Set window size from the packet. */
pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);
@@ -2160,7 +2145,7 @@ session_signal_req(struct ssh *ssh, Session *s)
signame, s->forced ? "forced-command" : "subsystem");
goto out;
}
- if (!use_privsep || mm_is_monitor()) {
+ if (mm_is_monitor()) {
error_f("session signalling requires privilege separation");
goto out;
}
@@ -2303,7 +2288,7 @@ session_pty_cleanup2(Session *s)
void
session_pty_cleanup(Session *s)
{
- PRIVSEP(session_pty_cleanup2(s));
+ mm_session_pty_cleanup2(s);
}
static char *
@@ -2712,7 +2697,7 @@ do_cleanup(struct ssh *ssh, Authctxt *authctxt)
* Cleanup ptys/utmp only if privsep is disabled,
* or if running in monitor.
*/
- if (!use_privsep || mm_is_monitor())
+ if (mm_is_monitor())
session_destroy_all(ssh, session_pty_cleanup2);
}