From: Daniil Tatianin Date: Thu, 27 Feb 2025 08:46:25 +0000 (+0300) Subject: platform: introduce a way to hook new session start X-Git-Tag: V_10_0_P1~25 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fdc4853c5b1567934d43ab13282f03033cc21325;p=thirdparty%2Fopenssh-portable.git platform: introduce a way to hook new session start Previously this was possible via post_fork_child, but ever since sshd was split into multiple binaries, this is now no longer possible becase of execv. --- diff --git a/Makefile.in b/Makefile.in index 974be207a..4617cebcd 100644 --- a/Makefile.in +++ b/Makefile.in @@ -140,7 +140,7 @@ SSHD_SESSION_OBJS=sshd-session.o auth-rhosts.o auth-passwd.o \ auth2-gss.o gss-serv.o gss-serv-krb5.o \ loginrec.o auth-pam.o auth-shadow.o auth-sia.o \ sftp-server.o sftp-common.o \ - uidswap.o $(SKOBJS) + uidswap.o platform-listen.o $(SKOBJS) SSHD_AUTH_OBJS=sshd-auth.o \ auth2-methods.o \ diff --git a/platform-listen.c b/platform-listen.c index 42c4040f0..4da2855ee 100644 --- a/platform-listen.c +++ b/platform-listen.c @@ -82,3 +82,6 @@ platform_post_fork_child(void) #endif } +void platform_pre_session_start(void) +{ +} diff --git a/platform.h b/platform.h index 5dec23276..08cbd225d 100644 --- a/platform.h +++ b/platform.h @@ -24,6 +24,7 @@ void platform_pre_restart(void); void platform_post_listen(void); void platform_post_fork_parent(pid_t child_pid); void platform_post_fork_child(void); +void platform_pre_session_start(void); int platform_privileged_uidswap(void); void platform_setusercontext(struct passwd *); void platform_setusercontext_post_groups(struct passwd *); diff --git a/sshd-session.c b/sshd-session.c index 1e2cee10f..c64eb29fc 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -999,6 +999,8 @@ main(int ac, char **av) closefrom(REEXEC_MIN_FREE_FD); + platform_pre_session_start(); + /* Reserve fds we'll need later for reexec things */ if ((devnull = open(_PATH_DEVNULL, O_RDWR)) == -1) fatal("open %s: %s", _PATH_DEVNULL, strerror(errno));