1 |
|
|
/* $OpenBSD: sshpty.c,v 1.31 2016/11/29 03:54:50 dtucker Exp $ */ |
2 |
|
|
/* |
3 |
|
|
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 |
|
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
5 |
|
|
* All rights reserved |
6 |
|
|
* Allocating a pseudo-terminal, and making it the controlling tty. |
7 |
|
|
* |
8 |
|
|
* As far as I am concerned, the code I have written for this software |
9 |
|
|
* can be used freely for any purpose. Any derived versions of this |
10 |
|
|
* software must be clearly marked as such, and if the derived work is |
11 |
|
|
* incompatible with the protocol description in the RFC file, it must be |
12 |
|
|
* called by a name other than "ssh" or "Secure Shell". |
13 |
|
|
*/ |
14 |
|
|
|
15 |
|
|
#include <sys/types.h> |
16 |
|
|
#include <sys/ioctl.h> |
17 |
|
|
#include <sys/stat.h> |
18 |
|
|
|
19 |
|
|
#include <errno.h> |
20 |
|
|
#include <fcntl.h> |
21 |
|
|
#include <grp.h> |
22 |
|
|
#include <paths.h> |
23 |
|
|
#include <pwd.h> |
24 |
|
|
#include <stdarg.h> |
25 |
|
|
#include <string.h> |
26 |
|
|
#include <termios.h> |
27 |
|
|
#include <unistd.h> |
28 |
|
|
#include <util.h> |
29 |
|
|
|
30 |
|
|
#include "sshpty.h" |
31 |
|
|
#include "log.h" |
32 |
|
|
|
33 |
|
|
#ifndef O_NOCTTY |
34 |
|
|
#define O_NOCTTY 0 |
35 |
|
|
#endif |
36 |
|
|
|
37 |
|
|
/* |
38 |
|
|
* Allocates and opens a pty. Returns 0 if no pty could be allocated, or |
39 |
|
|
* nonzero if a pty was successfully allocated. On success, open file |
40 |
|
|
* descriptors for the pty and tty sides and the name of the tty side are |
41 |
|
|
* returned (the buffer must be able to hold at least 64 characters). |
42 |
|
|
*/ |
43 |
|
|
|
44 |
|
|
int |
45 |
|
|
pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, size_t namebuflen) |
46 |
|
|
{ |
47 |
|
|
char buf[64]; |
48 |
|
|
int i; |
49 |
|
|
|
50 |
|
|
i = openpty(ptyfd, ttyfd, buf, NULL, NULL); |
51 |
|
|
if (i < 0) { |
52 |
|
|
error("openpty: %.100s", strerror(errno)); |
53 |
|
|
return 0; |
54 |
|
|
} |
55 |
|
|
strlcpy(namebuf, buf, namebuflen); /* possible truncation */ |
56 |
|
|
return 1; |
57 |
|
|
} |
58 |
|
|
|
59 |
|
|
/* Releases the tty. Its ownership is returned to root, and permissions to 0666. */ |
60 |
|
|
|
61 |
|
|
void |
62 |
|
|
pty_release(const char *tty) |
63 |
|
|
{ |
64 |
|
|
if (chown(tty, (uid_t) 0, (gid_t) 0) < 0) |
65 |
|
|
error("chown %.100s 0 0 failed: %.100s", tty, strerror(errno)); |
66 |
|
|
if (chmod(tty, (mode_t) 0666) < 0) |
67 |
|
|
error("chmod %.100s 0666 failed: %.100s", tty, strerror(errno)); |
68 |
|
|
} |
69 |
|
|
|
70 |
|
|
/* Makes the tty the process's controlling tty and sets it to sane modes. */ |
71 |
|
|
|
72 |
|
|
void |
73 |
|
|
pty_make_controlling_tty(int *ttyfd, const char *tty) |
74 |
|
|
{ |
75 |
|
|
int fd; |
76 |
|
|
|
77 |
|
|
/* First disconnect from the old controlling tty. */ |
78 |
|
|
#ifdef TIOCNOTTY |
79 |
|
|
fd = open(_PATH_TTY, O_RDWR | O_NOCTTY); |
80 |
|
|
if (fd >= 0) { |
81 |
|
|
(void) ioctl(fd, TIOCNOTTY, NULL); |
82 |
|
|
close(fd); |
83 |
|
|
} |
84 |
|
|
#endif /* TIOCNOTTY */ |
85 |
|
|
if (setsid() < 0) |
86 |
|
|
error("setsid: %.100s", strerror(errno)); |
87 |
|
|
|
88 |
|
|
/* |
89 |
|
|
* Verify that we are successfully disconnected from the controlling |
90 |
|
|
* tty. |
91 |
|
|
*/ |
92 |
|
|
fd = open(_PATH_TTY, O_RDWR | O_NOCTTY); |
93 |
|
|
if (fd >= 0) { |
94 |
|
|
error("Failed to disconnect from controlling tty."); |
95 |
|
|
close(fd); |
96 |
|
|
} |
97 |
|
|
/* Make it our controlling tty. */ |
98 |
|
|
#ifdef TIOCSCTTY |
99 |
|
|
debug("Setting controlling tty using TIOCSCTTY."); |
100 |
|
|
if (ioctl(*ttyfd, TIOCSCTTY, NULL) < 0) |
101 |
|
|
error("ioctl(TIOCSCTTY): %.100s", strerror(errno)); |
102 |
|
|
#endif /* TIOCSCTTY */ |
103 |
|
|
fd = open(tty, O_RDWR); |
104 |
|
|
if (fd < 0) |
105 |
|
|
error("%.100s: %.100s", tty, strerror(errno)); |
106 |
|
|
else |
107 |
|
|
close(fd); |
108 |
|
|
|
109 |
|
|
/* Verify that we now have a controlling tty. */ |
110 |
|
|
fd = open(_PATH_TTY, O_WRONLY); |
111 |
|
|
if (fd < 0) |
112 |
|
|
error("open /dev/tty failed - could not set controlling tty: %.100s", |
113 |
|
|
strerror(errno)); |
114 |
|
|
else |
115 |
|
|
close(fd); |
116 |
|
|
} |
117 |
|
|
|
118 |
|
|
/* Changes the window size associated with the pty. */ |
119 |
|
|
|
120 |
|
|
void |
121 |
|
|
pty_change_window_size(int ptyfd, u_int row, u_int col, |
122 |
|
|
u_int xpixel, u_int ypixel) |
123 |
|
|
{ |
124 |
|
|
struct winsize w; |
125 |
|
|
|
126 |
|
|
/* may truncate u_int -> u_short */ |
127 |
|
|
w.ws_row = row; |
128 |
|
|
w.ws_col = col; |
129 |
|
|
w.ws_xpixel = xpixel; |
130 |
|
|
w.ws_ypixel = ypixel; |
131 |
|
|
(void) ioctl(ptyfd, TIOCSWINSZ, &w); |
132 |
|
|
} |
133 |
|
|
|
134 |
|
|
void |
135 |
|
|
pty_setowner(struct passwd *pw, const char *tty) |
136 |
|
|
{ |
137 |
|
|
struct group *grp; |
138 |
|
|
gid_t gid; |
139 |
|
|
mode_t mode; |
140 |
|
|
struct stat st; |
141 |
|
|
|
142 |
|
|
/* Determine the group to make the owner of the tty. */ |
143 |
|
|
grp = getgrnam("tty"); |
144 |
|
|
gid = (grp != NULL) ? grp->gr_gid : pw->pw_gid; |
145 |
|
|
mode = (grp != NULL) ? 0620 : 0600; |
146 |
|
|
|
147 |
|
|
/* |
148 |
|
|
* Change owner and mode of the tty as required. |
149 |
|
|
* Warn but continue if filesystem is read-only and the uids match/ |
150 |
|
|
* tty is owned by root. |
151 |
|
|
*/ |
152 |
|
|
if (stat(tty, &st)) |
153 |
|
|
fatal("stat(%.100s) failed: %.100s", tty, |
154 |
|
|
strerror(errno)); |
155 |
|
|
|
156 |
|
|
if (st.st_uid != pw->pw_uid || st.st_gid != gid) { |
157 |
|
|
if (chown(tty, pw->pw_uid, gid) < 0) { |
158 |
|
|
if (errno == EROFS && |
159 |
|
|
(st.st_uid == pw->pw_uid || st.st_uid == 0)) |
160 |
|
|
debug("chown(%.100s, %u, %u) failed: %.100s", |
161 |
|
|
tty, (u_int)pw->pw_uid, (u_int)gid, |
162 |
|
|
strerror(errno)); |
163 |
|
|
else |
164 |
|
|
fatal("chown(%.100s, %u, %u) failed: %.100s", |
165 |
|
|
tty, (u_int)pw->pw_uid, (u_int)gid, |
166 |
|
|
strerror(errno)); |
167 |
|
|
} |
168 |
|
|
} |
169 |
|
|
|
170 |
|
|
if ((st.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO)) != mode) { |
171 |
|
|
if (chmod(tty, mode) < 0) { |
172 |
|
|
if (errno == EROFS && |
173 |
|
|
(st.st_mode & (S_IRGRP | S_IROTH)) == 0) |
174 |
|
|
debug("chmod(%.100s, 0%o) failed: %.100s", |
175 |
|
|
tty, (u_int)mode, strerror(errno)); |
176 |
|
|
else |
177 |
|
|
fatal("chmod(%.100s, 0%o) failed: %.100s", |
178 |
|
|
tty, (u_int)mode, strerror(errno)); |
179 |
|
|
} |
180 |
|
|
} |
181 |
|
|
} |
182 |
|
|
|
183 |
|
|
/* Disconnect from the controlling tty. */ |
184 |
|
|
void |
185 |
|
|
disconnect_controlling_tty(void) |
186 |
|
|
{ |
187 |
|
|
int fd; |
188 |
|
|
|
189 |
|
|
if ((fd = open(_PATH_TTY, O_RDWR | O_NOCTTY)) >= 0) { |
190 |
|
|
(void) ioctl(fd, TIOCNOTTY, NULL); |
191 |
|
|
close(fd); |
192 |
|
|
} |
193 |
|
|
} |