"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "shellinabox/service.c" between
shellinabox-2.19.tar.gz and shellinabox-2.20.tar.gz

About: shellinabox implements a web server that can export arbitrary command line tools to a web based terminal emulator. This emulator is accessible to any JavaScript and CSS enabled web browser. Fork of the no longer maintained original version on https://shellinabox.com/ respectively https://code.google.com/archive/p/shellinabox/.

service.c  (shellinabox-2.19):service.c  (shellinabox-2.20)
skipping to change at line 124 skipping to change at line 124
service->useLogin = 0; service->useLogin = 0;
service->useHomeDir = 0; service->useHomeDir = 0;
service->authUser = 2; service->authUser = 2;
service->useDefaultShell = 0; service->useDefaultShell = 0;
service->uid = -1; service->uid = -1;
service->gid = -1; service->gid = -1;
service->user = NULL; service->user = NULL;
service->group = NULL; service->group = NULL;
check(service->cwd = strdup("/")); check(service->cwd = strdup("/"));
char *host; char *host;
char *sshPort;
check(host = strdup("localhost")); check(host = strdup("localhost"));
check(sshPort = strdup("22"));
if ((ptr = strchr(arg, ':')) != NULL) { if ((ptr = strchr(arg, ':')) != NULL) {
check(ptr = strdup(ptr + 1)); ptr = ptr + 1;
char *end;
if ((end = strchr(ptr, ':')) != NULL) {
*end = '\000';
}
if (*ptr) { if (*ptr) {
free(host); char *tmp = strchr(ptr, ':');
host = ptr; if (tmp == NULL) {
} else { // If the second ":" is not found, keep as host whatever is after firs
free(ptr); t ":".
free(host);
check(host = strdup(ptr));
} else {
// If we find a second ":", keep as a host whatever is in between firs
t ":"
// and second ":" and as sshPort whatever is after second ":".
int size = (tmp - ptr + 1);
free(host);
free(sshPort);
check(host = malloc(size));
memset(host, 0, size);
memcpy(host, ptr, size - 1);
check(sshPort = strdup(tmp + 1));
}
} }
} }
// Don't allow manipulation of the SSH command line through "creative" use // Don't allow manipulation of the SSH command line through "creative" use
// of the host name. // of the host name.
for (char *h = host; *h; h++) { for (char *h = host; *h; h++) {
char ch = *h; char ch = *h;
if (!((ch >= '0' && ch <= '9') || if (!((ch >= '0' && ch <= '9') ||
(ch >= 'A' && ch <= 'Z') || (ch >= 'A' && ch <= 'Z') ||
(ch >= 'a' && ch <= 'z') || (ch >= 'a' && ch <= 'z') ||
ch == '-' || ch == '.')) { ch == '-' || ch == '.')) {
fatal("[config] Invalid hostname \"%s\" in service definition!", host); fatal("[config] Invalid hostname \"%s\" in service definition!", host);
} }
} }
// Don't allow manipulation of the SSH command line through "creative" use
// of the port.
for (char *h = sshPort; *h; h++) {
char ch = *h;
if (!(ch >= '0' && ch <= '9')) {
fatal("[config] Invalid port \"%s\" in service definition!", sshPort);
}
}
service->cmdline = stringPrintf(NULL, service->cmdline = stringPrintf(NULL,
"ssh -a -e none -i /dev/null -x -oChallengeResponseAuthentication=no " "ssh -a -e none -i /dev/null -x -oChallengeResponseAuthentication=no "
"-oCheckHostIP=no -oClearAllForwardings=yes -oCompression=no " "-oCheckHostIP=no -oClearAllForwardings=yes -oCompression=no "
"-oControlMaster=no -oGSSAPIAuthentication=no " "-oControlMaster=no -oGSSAPIAuthentication=no "
"-oHostbasedAuthentication=no -oIdentitiesOnly=yes " "-oHostbasedAuthentication=no -oIdentitiesOnly=yes "
"-oKbdInteractiveAuthentication=yes -oPasswordAuthentication=yes " "-oKbdInteractiveAuthentication=yes -oPasswordAuthentication=yes "
"-oPreferredAuthentications=keyboard-interactive,password " "-oPreferredAuthentications=keyboard-interactive,password "
"-oPubkeyAuthentication=no -oRhostsRSAAuthentication=no " "-oPubkeyAuthentication=no -oRhostsRSAAuthentication=no "
"-oRSAAuthentication=no -oStrictHostKeyChecking=no -oTunnel=no " "-oRSAAuthentication=no -oStrictHostKeyChecking=no -oTunnel=no "
"-oUserKnownHostsFile=/dev/null -oVerifyHostKeyDNS=no " "-oUserKnownHostsFile=/dev/null -oVerifyHostKeyDNS=no "
// beewoolie-2012.03.30: while it would be nice to disable this // beewoolie-2012.03.30: while it would be nice to disable this
// feature, we cannot be sure that it is available on the // feature, we cannot be sure that it is available on the
// target server. Removing it for the sake of Centos. // target server. Removing it for the sake of Centos.
// "-oVisualHostKey=no" // "-oVisualHostKey=no"
" -oLogLevel=FATAL %%s@%s", host); " -oLogLevel=FATAL -p%s %%s@%s",sshPort, host);
free(host); free(host);
free(sshPort);
} else { } else {
service->useLogin = 0; service->useLogin = 0;
// The user definition is either the word 'AUTH' or a valid user and // The user definition is either the word 'AUTH' or a valid user and
// group id. // group id.
if ((ptr = strchr(arg, ':')) == NULL) { if ((ptr = strchr(arg, ':')) == NULL) {
goto error; goto error;
} }
*ptr = '\000'; *ptr = '\000';
if (supportsPAM() && !strcmp(arg, "AUTH")) { if (supportsPAM() && !strcmp(arg, "AUTH")) {
 End of changes. 7 change blocks. 
10 lines changed or deleted 33 lines changed or added

Home  |  About  |  All  |  Newest  |  Fossies Dox  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTPS