ports/libssh
ports/libssh
1
1
Форкнуть 0
Код Релизы 1 Активность

server goes into backgroup

Просмотр исходного кода 
server accepts command line arguments
server write
comments into the configuration file.


git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@31 7dcaeef0-15fb-0310-b436-a5af3365683c
Этот коммит содержится в:
Aris Adamantiadis 2005-08-31 00:00:36 +00:00
родитель a8b5d63e14
Коммит 8963144850
3 изменённых файлов: 75 добавлений и 19 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

44
sftp_server/main.c
Просмотреть файл

@ -70,6 +70,10 @@ CHANNEL *recv_channel(SSH_SESSION *session){
return chan;
}
void usage(char *prog){
fprintf(stderr,"Usage : %s [-vD] [-f config]\n",prog);
}
int main(int argc, char **argv){
SSH_OPTIONS *options=ssh_options_new();
SSH_SESSION *session;
@ -77,11 +81,27 @@ int main(int argc, char **argv){
CHANNEL *chan=NULL;
SFTP_SESSION *sftp=NULL;
int ret;
int donotfork=0;
char *config="mercurius.conf";
ssh_options_getopt(options,&argc,argv);
if(argc>1)
ret=parse_config(argv[1]);
else
ret=parse_config("mercurius.conf");
while((ret=getopt(argc, argv, "Df:"))!=-1){
switch(ret){
case 'D':
donotfork=1;
break;
case 'f':
config=strdup(optarg);
break;
case '?':
usage(argv[0]);
exit(1);
}
}
if(optind<argc) {
usage(argv[0]);
exit(1);
}
ret=parse_config(config);
if(ret != 0){
printf("Error parsing configuration file\n");
return 1;
@ -94,7 +114,7 @@ int main(int argc, char **argv){
ssh_options_set_dsa_server_key(options,dsa);
if(rsa)
ssh_options_set_rsa_server_key(options,rsa);
printf("port : %d\n",port);
//printf("port : %d\n",port);
if(port!=0)
ssh_options_set_port(options,port);
ssh_bind=ssh_bind_new();
@ -104,6 +124,12 @@ int main(int argc, char **argv){
return 1;
}
signal(SIGCHLD,SIG_IGN);
if(!donotfork){
ssh_say(1,"Going into background...\n");
if(fork()){
exit(0);
}
}
while(1){
session=ssh_bind_accept(ssh_bind);
if(!session){
@ -117,7 +143,7 @@ int main(int argc, char **argv){
}
ssh_bind_free(ssh_bind);
printf("Socket connected : %d\n",ssh_get_fd(session));
//printf("Socket connected : %d\n",ssh_get_fd(session));
if(ssh_accept(session)){
printf("ssh_accept : %s\n",ssh_get_error(session));
return 1;
@ -126,7 +152,7 @@ int main(int argc, char **argv){
printf("error : %s\n",ssh_get_error(session));
return 1;
}
printf("user authenticated\n");
ssh_say(1,"user authenticated\n");
chan=recv_channel(session);
if(!chan){
printf("error : %s\n",ssh_get_error(session));
@ -137,9 +163,9 @@ int main(int argc, char **argv){
printf("error : %s\n",ssh_get_error(session));
return 1;
}
printf("Sftp session open by client\n");
ssh_say(1,"Sftp session open by client\n");
sftploop(session,sftp);
ssh_say(1,"Client disconnected\n");
ssh_disconnect(session);
return 0;
}

31
sftp_server/mercurius.conf
Просмотреть файл

@ -1,26 +1,47 @@
Port 4444
Hostkeyrsa /etc/ssh/ssh_host_rsa_key
Hostkeydsa /etc/ssh/ssh_host_dsa_key
#the group wheel has 4 users. They are regular
#users of the system because they are authenticating
#through the normal way (pam)
<group wheel>
user root, admin, webmaster
user aris
</group>
#they are virtual users using the uid of the user "ftp"
#they don't need a password and their home dir is
#chrooted to /home/ftp
<group anonymous>
user ftp, anonymous, anon
uid ftp
nopassword
chroot /home/ftp
</group>
#the users group log in normaly but are restricted to
#their own home dir.
#here, aris is both in wheel group : he has the properties
#of wheel users and "users" users.
#BUT he cannot have two conflicting properties.
<group users>
user test
user aris
chroot $HOME/
</group>
#everybody should be in world, at your convenance.
#it is no problem to have different users with different
#properties in the same group, as far as the group
#doesn't define new conflicting properties
<group world>
group wheel, anonymous, users
</group>
<dir />
list world
read world
write wheel
</dir>
#not implemented yet
#<dir />
# list world
# read world
# write wheel
#</dir>

19
sftp_server/userauth.c
Просмотреть файл

@ -25,6 +25,7 @@ MA 02111-1307, USA. */
//#include <libssh/sftp.h>
#include <security/pam_appl.h>
#include <pwd.h>
#include <errno.h>
#include <string.h>
#include "server.h"
@ -71,8 +72,10 @@ int postauth_conf(char *user){
root=user_chroot(user);
if(root){
if((ptr=strstr(root,"$HOME"))){
if(!pw)
if(!pw){
ssh_say(1,"Postauth failed : no home directory for user %s\n",user);
return -1; // this user has no user directory
}
*ptr=0;
snprintf(buffer,sizeof(buffer),"%s%s/%s",
root,pw->pw_dir,ptr+strlen("$HOME"));
@ -83,18 +86,23 @@ int postauth_conf(char *user){
/* we don't chroot right now because we still need getpwnam() */
char_uid=user_uid(user);
if(!char_uid){
if(!pw)
if(!pw){
ssh_say(1,"postauth failed : user %s doesn't exist(try to set the uid setting)\n",user);
return -1; // user doesn't exist !
}
char_uid=user;
}
uid=atoi(char_uid);
if(uid==0 && char_uid[0]!=0){
pw=getpwnam(char_uid);
if(!pw)
if(!pw){
ssh_say(1,"postauth failed : user %s does not exist\n",char_uid);
return -1;
}
uid=pw->pw_uid;
}
if(root && chroot(buffer)){
ssh_say(1,"Postauth failed : chroot failed (%s)\n",strerror(errno));
return -1; // cannot chroot
}
if(root){
@ -106,13 +114,13 @@ int postauth_conf(char *user){
chdir("/");
}
if(setuid(uid)){
ssh_say(1,"Postauth failed : cannot set uid (%)\n",strerror(errno));
return -1; // cannot setuid
}
return 0;
}
struct pam_conv pam_conv ={ password_conv, NULL };
/* returns 1 if authenticated, 0 if failed,
-1 if you must leave */
@ -136,6 +144,7 @@ int auth_password(char *user, char *password){
return -1;
return 1;
} else {
ssh_say(1,"password auth failed for user %s\n",user);
pam_end(pamh,PAM_AUTH_ERR);
return 0;
}