- markus@cvs.openbsd.org 2001/03/21 11:43:45

[auth1.c auth2.c session.c session.h] merge common ssh v1/2 code
2001-03-22 02:02:12 +00:00 · 2001-03-22 02:02:12 +00:00 · b31783d547
parent fc9b07de19
commit b31783d547
5 changed files with 53 additions and 62 deletions
--- a/5
+++ b/5
@ -13,6 +13,9 @@
   - markus@cvs.openbsd.org 2001/03/20 19:21:21
     [session.c]
     remove unused arg
+   - markus@cvs.openbsd.org 2001/03/21 11:43:45
+     [auth1.c auth2.c session.c session.h]
+     merge common ssh v1/2 code

 20010321
 - (djm) Fix ttyname breakage for AIX and Tru64. Patch from Steve 
@ -4672,4 +4675,4 @@
 - Wrote replacements for strlcpy and mkdtemp
 - Released 1.0pre1

-$Id: ChangeLog,v 1.1004 2001/03/22 01:27:23 mouring Exp $
+$Id: ChangeLog,v 1.1005 2001/03/22 02:02:12 mouring Exp $
--- a/auth1.c
+++ b/auth1.c
@ -10,7 +10,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: auth1.c,v 1.20 2001/03/20 18:57:04 markus Exp $");
+RCSID("$OpenBSD: auth1.c,v 1.21 2001/03/21 11:43:44 markus Exp $");

 #include "xmalloc.h"
 #include "rsa.h"
@ -434,5 +434,5 @@ do_authentication()
 	xfree(authctxt);

 	/* Perform session preparation. */
-	do_authenticated(pw);
+	do_authenticated(authctxt);
 }
--- a/auth2.c
+++ b/auth2.c
@ -23,7 +23,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.47 2001/03/20 18:57:04 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.48 2001/03/21 11:43:44 markus Exp $");

 #include <openssl/evp.h>

@ -120,7 +120,7 @@ do_authentication2()
 	dispatch_init(&protocol_error);
 	dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request);
 	dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt);
-	do_authenticated2(authctxt);
+	do_authenticated(authctxt);
 }

 void
--- a/session.c
+++ b/session.c
@ -33,7 +33,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.64 2001/03/20 19:35:29 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.65 2001/03/21 11:43:44 markus Exp $");

 #include "ssh.h"
 #include "ssh1.h"
@ -129,6 +129,9 @@ void	do_exec_no_pty(Session *s, const char *command);
 void	do_login(Session *s, const char *command);
 void	do_child(Session *s, const char *command);

+void	do_authenticated1(Authctxt *authctxt);
+void	do_authenticated2(Authctxt *authctxt);
+
 /* import */
 extern ServerOptions options;
 extern char *__progname;
@ -157,6 +160,34 @@ char *aixloginmsg;
 static login_cap_t *lc;
 #endif

+void
+do_authenticated(Authctxt *authctxt)
+{
+	/*
+	 * Cancel the alarm we set to limit the time taken for
+	 * authentication.
+	 */
+	alarm(0);
+	if (startup_pipe != -1) {
+		close(startup_pipe);
+		startup_pipe = -1;
+	}
+#if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD)
+	if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) {
+		error("unable to get login class");
+		return;
+	}
+#endif
+	/* setup the channel layer */
+	if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
+		channel_permit_all_opens();
+
+	if (compat20)
+		do_authenticated2(authctxt);
+	else
+		do_authenticated1(authctxt);
+}
+
 /*
 * Remove local Xauthority file.
 */
@ -206,47 +237,23 @@ pty_cleanup_proc(void *session)
 * are requested, etc.
 */
 void
-do_authenticated(struct passwd * pw)
+do_authenticated1(Authctxt *authctxt)
 {
 	Session *s;
-	int type, fd;
-	int compression_level = 0, enable_compression_after_reply = 0;
-	int have_pty = 0;
 	char *command;
-	int n_bytes;
-	int plen;
+	int success, type, fd, n_bytes, plen, screen_flag, have_pty = 0;
+	int compression_level = 0, enable_compression_after_reply = 0;
 	u_int proto_len, data_len, dlen;
-	int screen_flag;
-
-	/*
-	 * Cancel the alarm we set to limit the time taken for
-	 * authentication.
-	 */
-	alarm(0);
-	if (startup_pipe != -1) {
-		close(startup_pipe);
-		startup_pipe = -1;
-	}
-
-	if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
-		channel_permit_all_opens();

 	s = session_new();
-	s->pw = pw;
-
-#if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD)
-	if ((lc = login_getclass(pw->pw_class)) == NULL) {
-		error("unable to get login class");
-		return;
-	}
-#endif
+	s->pw = authctxt->pw;

 	/*
 	 * We stay in this loop until the client requests to execute a shell
 	 * or a command.
 	 */
 	for (;;) {
-		int success = 0;
+		success = 0;

 		/* Get a packet from the client. */
 		type = packet_read(&plen);
@ -283,7 +290,7 @@ do_authenticated(struct passwd * pw)
 				break;
 			}
 			fatal_add_cleanup(pty_cleanup_proc, (void *)s);
-			pty_setowner(pw, s->tty);
+			pty_setowner(s->pw, s->tty);

 			/* Get TERM from the packet.  Note that the value may be of arbitrary length. */
 			s->term = packet_get_string(&dlen);
@ -358,7 +365,7 @@ do_authenticated(struct passwd * pw)
 			/* Setup to always have a local .Xauthority. */
 			xauthfile = xmalloc(MAXPATHLEN);
 			strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN);
-			temporarily_use_uid(pw->pw_uid);
+			temporarily_use_uid(s->pw->pw_uid);
 			if (mkdtemp(xauthfile) == NULL) {
 				restore_uid();
 				error("private X11 dir: mkdtemp %s failed: %s",
@ -383,7 +390,7 @@ do_authenticated(struct passwd * pw)
 				break;
 			}
 			debug("Received authentication agent forwarding request.");
-			success = auth_input_request_forwarding(pw);
+			success = auth_input_request_forwarding(s->pw);
 			break;

 		case SSH_CMSG_PORT_FORWARD_REQUEST:
@ -396,7 +403,7 @@ do_authenticated(struct passwd * pw)
 				break;
 			}
 			debug("Received TCP/IP port forwarding request.");
-			channel_input_port_forward_request(pw->pw_uid == 0, options.gateway_ports);
+			channel_input_port_forward_request(s->pw->pw_uid == 0, options.gateway_ports);
 			success = 1;
 			break;

@ -597,7 +604,7 @@ do_exec_pty(Session *s, const char *command)
 	ttyfd = s->ttyfd;

 #if defined(USE_PAM)
-	do_pam_session(pw->pw_name, s->tty);
+	do_pam_session(s->pw->pw_name, s->tty);
 	do_pam_setcred();
 #endif

@ -2022,23 +2029,7 @@ session_proctitle(Session *s)
 void
 do_authenticated2(Authctxt *authctxt)
 {
-	/*
-	 * Cancel the alarm we set to limit the time taken for
-	 * authentication.
-	 */
-	alarm(0);
-	if (startup_pipe != -1) {
-		close(startup_pipe);
-		startup_pipe = -1;
-	}
-	if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
-		channel_permit_all_opens();
-#if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD)
-	if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) {
-		error("unable to get login class");
-		return;
-	}
-#endif
+
 	server_loop2();
 	if (xauthfile)
 		xauthfile_cleanup_proc(NULL);
--- a/session.h
+++ b/session.h
@ -1,4 +1,4 @@
-/*	$OpenBSD: session.h,v 1.5 2001/01/29 01:58:18 niklas Exp $	*/
+/*	$OpenBSD: session.h,v 1.6 2001/03/21 11:43:45 markus Exp $	*/

 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@ -26,11 +26,8 @@
 #ifndef SESSION_H
 #define SESSION_H

-/* SSH1 */
-void	do_authenticated(struct passwd * pw);
+void	do_authenticated(Authctxt *ac);

-/* SSH2 */
-void	do_authenticated2(Authctxt *ac);
 int	session_open(int id);
 void	session_input_channel_req(int id, void *arg);
 void	session_close_by_pid(pid_t pid, int status);