shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-11 18:50:28 +09:00
Code Issues Packages Projects Releases Wiki Activity

server goes into backgroup

Browse Source 
server accepts command line arguments
server write
comments into the configuration file.


git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@31 7dcaeef0-15fb-0310-b436-a5af3365683c
This commit is contained in:
Aris Adamantiadis
2005-08-31 00:00:36 +00:00
parent a8b5d63e14
commit 8963144850
3 changed files with 75 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
sftp_server/main.c
View File

@@ -70,6 +70,10 @@ CHANNEL *recv_channel(SSH_SESSION *session){
return chan; return chan;
} }
void usage(char *prog){
fprintf(stderr,"Usage : %s [-vD] [-f config]\n",prog);
}
int main(int argc, char **argv){ int main(int argc, char **argv){
SSH_OPTIONS *options=ssh_options_new(); SSH_OPTIONS *options=ssh_options_new();
SSH_SESSION *session; SSH_SESSION *session;
@@ -77,11 +81,27 @@ int main(int argc, char **argv){
CHANNEL *chan=NULL; CHANNEL *chan=NULL;
SFTP_SESSION *sftp=NULL; SFTP_SESSION *sftp=NULL;
int ret; int ret;
int donotfork=0;
char *config="mercurius.conf";
ssh_options_getopt(options,&argc,argv); ssh_options_getopt(options,&argc,argv);
if(argc>1) while((ret=getopt(argc, argv, "Df:"))!=-1){
ret=parse_config(argv[1]); switch(ret){
else case 'D':
ret=parse_config("mercurius.conf"); donotfork=1;
break;
case 'f':
config=strdup(optarg);
break;
case '?':
usage(argv[0]);
exit(1);
}
}
if(optind<argc) {
usage(argv[0]);
exit(1);
}
ret=parse_config(config);
if(ret != 0){ if(ret != 0){
printf("Error parsing configuration file\n"); printf("Error parsing configuration file\n");
return 1; return 1;
@@ -94,7 +114,7 @@ int main(int argc, char **argv){
ssh_options_set_dsa_server_key(options,dsa); ssh_options_set_dsa_server_key(options,dsa);
if(rsa) if(rsa)
ssh_options_set_rsa_server_key(options,rsa); ssh_options_set_rsa_server_key(options,rsa);
printf("port : %d\n",port); //printf("port : %d\n",port);
if(port!=0) if(port!=0)
ssh_options_set_port(options,port); ssh_options_set_port(options,port);
ssh_bind=ssh_bind_new(); ssh_bind=ssh_bind_new();
@@ -104,6 +124,12 @@ int main(int argc, char **argv){
return 1; return 1;
} }
signal(SIGCHLD,SIG_IGN); signal(SIGCHLD,SIG_IGN);
if(!donotfork){
ssh_say(1,"Going into background...\n");
if(fork()){
exit(0);
}
}
while(1){ while(1){
session=ssh_bind_accept(ssh_bind); session=ssh_bind_accept(ssh_bind);
if(!session){ if(!session){
@@ -117,7 +143,7 @@ int main(int argc, char **argv){
} }
ssh_bind_free(ssh_bind); ssh_bind_free(ssh_bind);
printf("Socket connected : %d\n",ssh_get_fd(session)); //printf("Socket connected : %d\n",ssh_get_fd(session));
if(ssh_accept(session)){ if(ssh_accept(session)){
printf("ssh_accept : %s\n",ssh_get_error(session)); printf("ssh_accept : %s\n",ssh_get_error(session));
return 1; return 1;
@@ -126,7 +152,7 @@ int main(int argc, char **argv){
printf("error : %s\n",ssh_get_error(session)); printf("error : %s\n",ssh_get_error(session));
return 1; return 1;
} }
printf("user authenticated\n"); ssh_say(1,"user authenticated\n");
chan=recv_channel(session); chan=recv_channel(session);
if(!chan){ if(!chan){
printf("error : %s\n",ssh_get_error(session)); printf("error : %s\n",ssh_get_error(session));
@@ -137,9 +163,9 @@ int main(int argc, char **argv){
printf("error : %s\n",ssh_get_error(session)); printf("error : %s\n",ssh_get_error(session));
return 1; return 1;
} }
printf("Sftp session open by client\n"); ssh_say(1,"Sftp session open by client\n");
sftploop(session,sftp); sftploop(session,sftp);
ssh_say(1,"Client disconnected\n");
ssh_disconnect(session); ssh_disconnect(session);
return 0; return 0;
} }

31
sftp_server/mercurius.conf
View File

@@ -1,26 +1,47 @@
Port 4444 Port 4444
Hostkeyrsa /etc/ssh/ssh_host_rsa_key Hostkeyrsa /etc/ssh/ssh_host_rsa_key
Hostkeydsa /etc/ssh/ssh_host_dsa_key Hostkeydsa /etc/ssh/ssh_host_dsa_key
#the group wheel has 4 users. They are regular
#users of the system because they are authenticating
#through the normal way (pam)
<group wheel> <group wheel>
user root, admin, webmaster user root, admin, webmaster
user aris user aris
</group> </group>
#they are virtual users using the uid of the user "ftp"
#they don't need a password and their home dir is
#chrooted to /home/ftp
<group anonymous> <group anonymous>
user ftp, anonymous, anon user ftp, anonymous, anon
uid ftp uid ftp
nopassword nopassword
chroot /home/ftp chroot /home/ftp
</group> </group>
#the users group log in normaly but are restricted to
#their own home dir.
#here, aris is both in wheel group : he has the properties
#of wheel users and "users" users.
#BUT he cannot have two conflicting properties.
<group users> <group users>
user test user test
user aris user aris
chroot $HOME/ chroot $HOME/
</group> </group>
#everybody should be in world, at your convenance.
#it is no problem to have different users with different
#properties in the same group, as far as the group
#doesn't define new conflicting properties
<group world> <group world>
group wheel, anonymous, users group wheel, anonymous, users
</group> </group>
<dir />
list world #not implemented yet
read world #<dir />
write wheel # list world
</dir> # read world
# write wheel
#</dir>

17
sftp_server/userauth.c
View File

@@ -25,6 +25,7 @@ MA 02111-1307, USA. */
//#include <libssh/sftp.h> //#include <libssh/sftp.h>
#include <security/pam_appl.h> #include <security/pam_appl.h>
#include <pwd.h> #include <pwd.h>
#include <errno.h>
#include <string.h> #include <string.h>
#include "server.h" #include "server.h"
@@ -71,8 +72,10 @@ int postauth_conf(char *user){
root=user_chroot(user); root=user_chroot(user);
if(root){ if(root){
if((ptr=strstr(root,"$HOME"))){ if((ptr=strstr(root,"$HOME"))){
if(!pw) if(!pw){
ssh_say(1,"Postauth failed : no home directory for user %s\n",user);
return -1; // this user has no user directory return -1; // this user has no user directory
}
*ptr=0; *ptr=0;
snprintf(buffer,sizeof(buffer),"%s%s/%s", snprintf(buffer,sizeof(buffer),"%s%s/%s",
root,pw->pw_dir,ptr+strlen("$HOME")); root,pw->pw_dir,ptr+strlen("$HOME"));
@@ -83,18 +86,23 @@ int postauth_conf(char *user){
/* we don't chroot right now because we still need getpwnam() */ /* we don't chroot right now because we still need getpwnam() */
char_uid=user_uid(user); char_uid=user_uid(user);
if(!char_uid){ if(!char_uid){
if(!pw) if(!pw){
ssh_say(1,"postauth failed : user %s doesn't exist(try to set the uid setting)\n",user);
return -1; // user doesn't exist ! return -1; // user doesn't exist !
}
char_uid=user; char_uid=user;
} }
uid=atoi(char_uid); uid=atoi(char_uid);
if(uid==0 && char_uid[0]!=0){ if(uid==0 && char_uid[0]!=0){
pw=getpwnam(char_uid); pw=getpwnam(char_uid);
if(!pw) if(!pw){
ssh_say(1,"postauth failed : user %s does not exist\n",char_uid);
return -1; return -1;
}
uid=pw->pw_uid; uid=pw->pw_uid;
} }
if(root && chroot(buffer)){ if(root && chroot(buffer)){
ssh_say(1,"Postauth failed : chroot failed (%s)\n",strerror(errno));
return -1; // cannot chroot return -1; // cannot chroot
} }
if(root){ if(root){
@@ -106,13 +114,13 @@ int postauth_conf(char *user){
chdir("/"); chdir("/");
} }
if(setuid(uid)){ if(setuid(uid)){
ssh_say(1,"Postauth failed : cannot set uid (%)\n",strerror(errno));
return -1; // cannot setuid return -1; // cannot setuid
} }
return 0; return 0;
} }
struct pam_conv pam_conv ={ password_conv, NULL }; struct pam_conv pam_conv ={ password_conv, NULL };
/* returns 1 if authenticated, 0 if failed, /* returns 1 if authenticated, 0 if failed,
-1 if you must leave */ -1 if you must leave */
@@ -136,6 +144,7 @@ int auth_password(char *user, char *password){
return -1; return -1;
return 1; return 1;
} else { } else {
ssh_say(1,"password auth failed for user %s\n",user);
pam_end(pamh,PAM_AUTH_ERR); pam_end(pamh,PAM_AUTH_ERR);
return 0; return 0;
} }