tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- djm@cvs.openbsd.org 2013/10/14 21:20:52 

[session.c session.h]
     Add logging of session starts in a useful format; ok markus@ feedback and
     ok dtucker@
This commit is contained in:
Damien Miller 2013-10-15 12:12:02 +11:00
parent 6efab27109
commit 71df752de2
3 changed files with 44 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -29,6 +29,10 @@
[sftp-server.8 sftp-server.c] [sftp-server.8 sftp-server.c]
tweak previous; tweak previous;
ok djm ok djm
- djm@cvs.openbsd.org 2013/10/14 21:20:52
[session.c session.h]
Add logging of session starts in a useful format; ok markus@ feedback and
ok dtucker@
20131010 20131010
- (dtucker) OpenBSD CVS Sync - (dtucker) OpenBSD CVS Sync

52
session.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: session.c,v 1.266 2013/07/19 07:37:48 markus Exp $ */ /* $OpenBSD: session.c,v 1.267 2013/10/14 21:20:52 djm Exp $ */
/* /*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved * All rights reserved
@ -794,27 +794,50 @@ int
do_exec(Session *s, const char *command) do_exec(Session *s, const char *command)
{ {
int ret; int ret;
const char *forced = NULL;
char session_type[1024], *tty = NULL;
if (options.adm_forced_command) { if (options.adm_forced_command) {
original_command = command; original_command = command;
command = options.adm_forced_command; command = options.adm_forced_command;
if (IS_INTERNAL_SFTP(command)) { forced = "(config)";
s->is_subsystem = s->is_subsystem ?
SUBSYSTEM_INT_SFTP : SUBSYSTEM_INT_SFTP_ERROR;
} else if (s->is_subsystem)
s->is_subsystem = SUBSYSTEM_EXT;
debug("Forced command (config) '%.900s'", command);
} else if (forced_command) { } else if (forced_command) {
original_command = command; original_command = command;
command = forced_command; command = forced_command;
forced = "(key-option)";
}
if (forced != NULL) {
if (IS_INTERNAL_SFTP(command)) { if (IS_INTERNAL_SFTP(command)) {
s->is_subsystem = s->is_subsystem ? s->is_subsystem = s->is_subsystem ?
SUBSYSTEM_INT_SFTP : SUBSYSTEM_INT_SFTP_ERROR; SUBSYSTEM_INT_SFTP : SUBSYSTEM_INT_SFTP_ERROR;
} else if (s->is_subsystem) } else if (s->is_subsystem)
s->is_subsystem = SUBSYSTEM_EXT; s->is_subsystem = SUBSYSTEM_EXT;
debug("Forced command (key option) '%.900s'", command); snprintf(session_type, sizeof(session_type),
"forced-command %s '%.900s'", forced, command);
} else if (s->is_subsystem) {
snprintf(session_type, sizeof(session_type),
"subsystem '%.900s'", s->subsys);
} else if (command == NULL) {
snprintf(session_type, sizeof(session_type), "shell");
} else {
/* NB. we don't log unforced commands to preserve privacy */
snprintf(session_type, sizeof(session_type), "command");
} }
if (s->ttyfd != -1) {
tty = s->tty;
if (strncmp(tty, "/dev/", 5) == 0)
tty += 5;
}
verbose("Starting session: %s%s%s for %s from %.200s port %d",
session_type,
tty == NULL ? "" : " on ",
tty == NULL ? "" : tty,
s->pw->pw_name,
get_remote_ipaddr(),
get_remote_port());
#ifdef SSH_AUDIT_EVENTS #ifdef SSH_AUDIT_EVENTS
if (command != NULL) if (command != NULL)
PRIVSEP(audit_run_command(command)); PRIVSEP(audit_run_command(command));
@ -2100,15 +2123,16 @@ session_subsystem_req(Session *s)
struct stat st; struct stat st;
u_int len; u_int len;
int success = 0; int success = 0;
char *prog, *cmd, *subsys = packet_get_string(&len); char *prog, *cmd;
u_int i; u_int i;
s->subsys = packet_get_string(&len);
packet_check_eom(); packet_check_eom();
logit("subsystem request for %.100s by user %s", subsys, debug2("subsystem request for %.100s by user %s", s->subsys,
s->pw->pw_name); s->pw->pw_name);
for (i = 0; i < options.num_subsystems; i++) { for (i = 0; i < options.num_subsystems; i++) {
if (strcmp(subsys, options.subsystem_name[i]) == 0) { if (strcmp(s->subsys, options.subsystem_name[i]) == 0) {
prog = options.subsystem_command[i]; prog = options.subsystem_command[i];
cmd = options.subsystem_args[i]; cmd = options.subsystem_args[i];
if (strcmp(INTERNAL_SFTP_NAME, prog) == 0) { if (strcmp(INTERNAL_SFTP_NAME, prog) == 0) {
@ -2127,10 +2151,9 @@ session_subsystem_req(Session *s)
} }
if (!success) if (!success)
logit("subsystem request for %.100s failed, subsystem not found", logit("subsystem request for %.100s by user %s failed, "
subsys); "subsystem not found", s->subsys, s->pw->pw_name);
free(subsys);
return success; return success;
} }
@ -2481,6 +2504,7 @@ session_close(Session *s)
free(s->auth_display); free(s->auth_display);
free(s->auth_data); free(s->auth_data);
free(s->auth_proto); free(s->auth_proto);
free(s->subsys);
if (s->env != NULL) { if (s->env != NULL) {
for (i = 0; i < s->num_env; i++) { for (i = 0; i < s->num_env; i++) {
free(s->env[i].name); free(s->env[i].name);

3
session.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: session.h,v 1.30 2008/05/08 12:21:16 djm Exp $ */ /* $OpenBSD: session.h,v 1.31 2013/10/14 21:20:52 djm Exp $ */
/* /*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@ -55,6 +55,7 @@ struct Session {
int chanid; int chanid;
int *x11_chanids; int *x11_chanids;
int is_subsystem; int is_subsystem;
char *subsys;
u_int num_env; u_int num_env;
struct { struct {
char *name; char *name;