/src/dropbear/src/sshpty.c

Source (jump to first uncovered line)
/*
 * Dropbear - a SSH2 server
 *
 * Copied from OpenSSH-3.5p1 source, modified by Matt Johnston 2003
 * 
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
 * Allocating a pseudo-terminal, and making it the controlling tty.
 *
 * As far as I am concerned, the code I have written for this software
 * can be used freely for any purpose.  Any derived versions of this
 * software must be clearly marked as such, and if the derived work is
 * incompatible with the protocol description in the RFC file, it must be
 * called by a name other than "ssh" or "Secure Shell".
 */

/*RCSID("OpenBSD: sshpty.c,v 1.7 2002/06/24 17:57:20 deraadt Exp ");*/

#include "includes.h"
#include "dbutil.h"
#include "errno.h"
#include "sshpty.h"

/* Pty allocated with _getpty gets broken if we do I_PUSH:es to it. */
#if defined(HAVE__GETPTY) || defined(HAVE_OPENPTY)
#undef HAVE_DEV_PTMX
#endif

#ifdef HAVE_PTY_H
# include <pty.h>
#endif
#if defined(USE_DEV_PTMX) && defined(HAVE_STROPTS_H)
# include <stropts.h>
#endif

#ifndef O_NOCTTY
#define O_NOCTTY 0
#endif

/*
 * Allocates and opens a pty.  Returns 0 if no pty could be allocated, or
 * nonzero if a pty was successfully allocated.  On success, open file
 * descriptors for the pty and tty sides and the name of the tty side are
 * returned (the buffer must be able to hold at least 64 characters).
 */

int
pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
{
#if defined(HAVE_OPENPTY)
  /* exists in recent (4.4) BSDs and OSF/1 */
  char *name;
  int i;

  i = openpty(ptyfd, ttyfd, NULL, NULL, NULL);
  if (i < 0) {
    dropbear_log(LOG_WARNING, 
        "pty_allocate: openpty: %.100s", strerror(errno));
    return 0;
  }
  name = ttyname(*ttyfd);
  if (!name) {
    dropbear_exit("ttyname fails for openpty device");
  }

  strlcpy(namebuf, name, namebuflen); /* possible truncation */
  return 1;
#else /* HAVE_OPENPTY */
#ifdef HAVE__GETPTY
  /*
   * _getpty(3) exists in SGI Irix 4.x, 5.x & 6.x -- it generates more
   * pty's automagically when needed
   */
  char *slave;

  slave = _getpty(ptyfd, O_RDWR, 0622, 0);
  if (slave == NULL) {
    dropbear_log(LOG_WARNING,
        "pty_allocate: _getpty: %.100s", strerror(errno));
    return 0;
  }
  strlcpy(namebuf, slave, namebuflen);
  /* Open the slave side. */
  *ttyfd = open(namebuf, O_RDWR | O_NOCTTY);
  if (*ttyfd < 0) {
    dropbear_log(LOG_WARNING,
        "pty_allocate error: ttyftd open error");
    close(*ptyfd);
    return 0;
  }
  return 1;
#else /* HAVE__GETPTY */
#if defined(USE_DEV_PTMX)
  /*
   * This code is used e.g. on Solaris 2.x.  (Note that Solaris 2.3
   * also has bsd-style ptys, but they simply do not work.)
   *
   * Linux systems may have the /dev/ptmx device, but this code won't work.
   */
  int ptm;
  char *pts;

  ptm = open("/dev/ptmx", O_RDWR | O_NOCTTY);
  if (ptm < 0) {
    dropbear_log(LOG_WARNING,
        "pty_allocate: /dev/ptmx: %.100s", strerror(errno));
    return 0;
  }
  if (grantpt(ptm) < 0) {
    dropbear_log(LOG_WARNING,
        "grantpt: %.100s", strerror(errno));
    return 0;
  }
  if (unlockpt(ptm) < 0) {
    dropbear_log(LOG_WARNING,
        "unlockpt: %.100s", strerror(errno));
    return 0;
  }
  pts = ptsname(ptm);
  if (pts == NULL) {
    dropbear_log(LOG_WARNING,
        "Slave pty side name could not be obtained.");
  }
  strlcpy(namebuf, pts, namebuflen);
  *ptyfd = ptm;

  /* Open the slave side. */
  *ttyfd = open(namebuf, O_RDWR | O_NOCTTY);
  if (*ttyfd < 0) {
    dropbear_log(LOG_ERR,
      "error opening pts %.100s: %.100s", namebuf, strerror(errno));
    close(*ptyfd);
    return 0;
  }
#if !defined(HAVE_CYGWIN) && defined(I_PUSH)
  /*
   * Push the appropriate streams modules, as described in Solaris pts(7).
   * HP-UX pts(7) doesn't have ttcompat module.
   */
  if (ioctl(*ttyfd, I_PUSH, "ptem") < 0) {
    dropbear_log(LOG_WARNING,
        "ioctl I_PUSH ptem: %.100s", strerror(errno));
  }
  if (ioctl(*ttyfd, I_PUSH, "ldterm") < 0) {
    dropbear_log(LOG_WARNING,
      "ioctl I_PUSH ldterm: %.100s", strerror(errno));
  }
#ifndef __hpux
  if (ioctl(*ttyfd, I_PUSH, "ttcompat") < 0) {
    dropbear_log(LOG_WARNING,
      "ioctl I_PUSH ttcompat: %.100s", strerror(errno));
  }
#endif
#endif
  return 1;
#else /* USE_DEV_PTMX */
#ifdef HAVE_DEV_PTS_AND_PTC
  /* AIX-style pty code. */
  const char *name;

  *ptyfd = open("/dev/ptc", O_RDWR | O_NOCTTY);
  if (*ptyfd < 0) {
    dropbear_log(LOG_ERR,
      "Could not open /dev/ptc: %.100s", strerror(errno));
    return 0;
  }
  name = ttyname(*ptyfd);
  if (!name) {
    dropbear_exit("ttyname fails for /dev/ptc device");
  }
  strlcpy(namebuf, name, namebuflen);
  *ttyfd = open(name, O_RDWR | O_NOCTTY);
  if (*ttyfd < 0) {
    dropbear_log(LOG_ERR,
      "Could not open pty slave side %.100s: %.100s",
        name, strerror(errno));
    close(*ptyfd);
    return 0;
  }
  return 1;
#else /* HAVE_DEV_PTS_AND_PTC */

  /* BSD-style pty code. */
  char buf[64];
  int i;
  const char *ptymajors = "pqrstuvwxyzabcdefghijklmnoABCDEFGHIJKLMNOPQRSTUVWXYZ";
  const char *ptyminors = "0123456789abcdef";
  int num_minors = strlen(ptyminors);
  int num_ptys = strlen(ptymajors) * num_minors;
  struct termios tio;

  for (i = 0; i < num_ptys; i++) {
    snprintf(buf, sizeof buf, "/dev/pty%c%c", ptymajors[i / num_minors],
       ptyminors[i % num_minors]);
    snprintf(namebuf, namebuflen, "/dev/tty%c%c",
        ptymajors[i / num_minors], ptyminors[i % num_minors]);

    *ptyfd = open(buf, O_RDWR | O_NOCTTY);
    if (*ptyfd < 0) {
      /* Try SCO style naming */
      snprintf(buf, sizeof buf, "/dev/ptyp%d", i);
      snprintf(namebuf, namebuflen, "/dev/ttyp%d", i);
      *ptyfd = open(buf, O_RDWR | O_NOCTTY);
      if (*ptyfd < 0) {
        continue;
      }
    }

    /* Open the slave side. */
    *ttyfd = open(namebuf, O_RDWR | O_NOCTTY);
    if (*ttyfd < 0) {
      dropbear_log(LOG_ERR,
        "pty_allocate: %.100s: %.100s", namebuf, strerror(errno));
      close(*ptyfd);
      return 0;
    }
    /* set tty modes to a sane state for broken clients */
    if (tcgetattr(*ptyfd, &tio) < 0) {
      dropbear_log(LOG_WARNING,
        "ptyallocate: tty modes failed: %.100s", strerror(errno));
    } else {
      tio.c_lflag |= (ECHO | ISIG | ICANON);
      tio.c_oflag |= (OPOST | ONLCR);
      tio.c_iflag |= ICRNL;

      /* Set the new modes for the terminal. */
      if (tcsetattr(*ptyfd, TCSANOW, &tio) < 0) {
        dropbear_log(LOG_WARNING,
          "Setting tty modes for pty failed: %.100s",
          strerror(errno));
      }
    }

    return 1;
  }
  dropbear_log(LOG_WARNING, "Failed to open any /dev/pty?? devices");
  return 0;
#endif /* HAVE_DEV_PTS_AND_PTC */
#endif /* USE_DEV_PTMX */
#endif /* HAVE__GETPTY */
#endif /* HAVE_OPENPTY */
}

/* Releases the tty.  Its ownership is returned to root, and permissions to 0666. */

void
pty_release(const char *tty_name)
{
  if (chown(tty_name, (uid_t) 0, (gid_t) 0) < 0
      && (errno != ENOENT)) {
    dropbear_log(LOG_ERR,
        "chown %.100s 0 0 failed: %.100s", tty_name, strerror(errno));
  }
  if (chmod(tty_name, (mode_t) 0666) < 0
      && (errno != ENOENT)) {
    dropbear_log(LOG_ERR,
      "chmod %.100s 0666 failed: %.100s", tty_name, strerror(errno));
  }
}

/* Makes the tty the processes controlling tty and sets it to sane modes. */

void
pty_make_controlling_tty(int *ttyfd, const char *tty_name)
{
  int fd;
#ifdef USE_VHANGUP
  void *old;
#endif /* USE_VHANGUP */

  /* Solaris has a problem with TIOCNOTTY for a bg process, so
   * we disable the signal which would STOP the process - matt */
  signal(SIGTTOU, SIG_IGN);

  /* First disconnect from the old controlling tty. */
#ifdef TIOCNOTTY
  fd = open(_PATH_TTY, O_RDWR | O_NOCTTY);
  if (fd >= 0) {
    (void) ioctl(fd, TIOCNOTTY, NULL);
    close(fd);
  }
#endif /* TIOCNOTTY */
  if (setsid() < 0) {
    dropbear_log(LOG_ERR,
      "setsid: %.100s", strerror(errno));
  }

  /*
   * Verify that we are successfully disconnected from the controlling
   * tty.
   */
  fd = open(_PATH_TTY, O_RDWR | O_NOCTTY);
  if (fd >= 0) {
    dropbear_log(LOG_ERR,
        "Failed to disconnect from controlling tty.\n");
    close(fd);
  }
  /* Make it our controlling tty. */
#ifdef TIOCSCTTY
  if (ioctl(*ttyfd, TIOCSCTTY, NULL) < 0) {
    dropbear_log(LOG_ERR,
      "ioctl(TIOCSCTTY): %.100s", strerror(errno));
  }
#endif /* TIOCSCTTY */
#ifdef HAVE_NEWS4
  if (setpgrp(0,0) < 0) {
    dropbear_log(LOG_ERR,
      error("SETPGRP %s",strerror(errno)));
  }
#endif /* HAVE_NEWS4 */
#ifdef USE_VHANGUP
  old = mysignal(SIGHUP, SIG_IGN);
  vhangup();
  mysignal(SIGHUP, old);
#endif /* USE_VHANGUP */
  fd = open(tty_name, O_RDWR);
  if (fd < 0) {
    dropbear_log(LOG_ERR,
      "%.100s: %.100s", tty_name, strerror(errno));
  } else {
#ifdef USE_VHANGUP
    close(*ttyfd);
    *ttyfd = fd;
#else /* USE_VHANGUP */
    close(fd);
#endif /* USE_VHANGUP */
  }
  /* Verify that we now have a controlling tty. */
  fd = open(_PATH_TTY, O_WRONLY);
  if (fd < 0) {
    dropbear_log(LOG_ERR,
      "open /dev/tty failed - could not set controlling tty: %.100s",
        strerror(errno));
  } else {
    close(fd);
  }
}

/* Changes the window size associated with the pty. */

void
pty_change_window_size(int ptyfd, int row, int col,
  int xpixel, int ypixel)
{
  struct winsize w;

  w.ws_row = row;
  w.ws_col = col;
  w.ws_xpixel = xpixel;
  w.ws_ypixel = ypixel;
  (void) ioctl(ptyfd, TIOCSWINSZ, &w);
}

void
pty_setowner(struct passwd *pw, const char *tty_name)
{
  struct group *grp;
  gid_t gid;
  mode_t mode;
  struct stat st;

  /* Determine the group to make the owner of the tty. */
  grp = getgrnam("tty");
  if (grp) {
    gid = grp->gr_gid;
    mode = S_IRUSR | S_IWUSR | S_IWGRP;
  } else {
    gid = pw->pw_gid;
    mode = S_IRUSR | S_IWUSR | S_IWGRP | S_IWOTH;
  }

  /*
   * Change owner and mode of the tty as required.
   * Warn but continue if filesystem is read-only and the uids match/
   * tty is owned by root.
   */
  if (stat(tty_name, &st)) {
    dropbear_exit("pty_setowner: stat(%.101s) failed: %.100s",
        tty_name, strerror(errno));
  }

  /* Allow either "tty" gid or user's own gid. On Linux with openpty()
   * this varies depending on the devpts mount options */
  if (st.st_uid != pw->pw_uid || !(st.st_gid == gid || st.st_gid == pw->pw_gid)) {
    if (chown(tty_name, pw->pw_uid, gid) < 0) {
      if (errno == EROFS &&
          (st.st_uid == pw->pw_uid || st.st_uid == 0)) {
        dropbear_log(LOG_ERR,
          "chown(%.100s, %u, %u) failed: %.100s",
            tty_name, (unsigned int)pw->pw_uid, (unsigned int)gid,
            strerror(errno));
      } else {
        dropbear_exit("chown(%.100s, %u, %u) failed: %.100s",
            tty_name, (unsigned int)pw->pw_uid, (unsigned int)gid,
            strerror(errno));
      }
    }
  }

  if ((st.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO)) != mode) {
    if (chmod(tty_name, mode) < 0) {
      if (errno == EROFS &&
          (st.st_mode & (S_IRGRP | S_IROTH)) == 0) {
        dropbear_log(LOG_ERR,
          "chmod(%.100s, 0%o) failed: %.100s",
          tty_name, mode, strerror(errno));
      } else {
        dropbear_exit("chmod(%.100s, 0%o) failed: %.100s",
            tty_name, mode, strerror(errno));
      }
    }
  }
}

Coverage Report

Created: 2025-08-27 07:03

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Dropbear - a SSH2 server
3		*
4		* Copied from OpenSSH-3.5p1 source, modified by Matt Johnston 2003
5		*
6		* Author: Tatu Ylonen <ylo@cs.hut.fi>
7		* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8		* All rights reserved
9		* Allocating a pseudo-terminal, and making it the controlling tty.
10		*
11		* As far as I am concerned, the code I have written for this software
12		* can be used freely for any purpose. Any derived versions of this
13		* software must be clearly marked as such, and if the derived work is
14		* incompatible with the protocol description in the RFC file, it must be
15		* called by a name other than "ssh" or "Secure Shell".
16		*/
17
18		/RCSID("OpenBSD: sshpty.c,v 1.7 2002/06/24 17:57:20 deraadt Exp ");/
19
20		#include "includes.h"
21		#include "dbutil.h"
22		#include "errno.h"
23		#include "sshpty.h"
24
25		/* Pty allocated with _getpty gets broken if we do I_PUSH:es to it. */
26		#if defined(HAVE__GETPTY) \|\| defined(HAVE_OPENPTY)
27		#undef HAVE_DEV_PTMX
28		#endif
29
30		#ifdef HAVE_PTY_H
31		# include <pty.h>
32		#endif
33		#if defined(USE_DEV_PTMX) && defined(HAVE_STROPTS_H)
34		# include <stropts.h>
35		#endif
36
37		#ifndef O_NOCTTY
38		#define O_NOCTTY 0
39		#endif
40
41		/*
42		* Allocates and opens a pty. Returns 0 if no pty could be allocated, or
43		* nonzero if a pty was successfully allocated. On success, open file
44		* descriptors for the pty and tty sides and the name of the tty side are
45		* returned (the buffer must be able to hold at least 64 characters).
46		*/
47
48		int
49		pty_allocate(int ptyfd, int ttyfd, char *namebuf, int namebuflen)
50	0	{
51	0	#if defined(HAVE_OPENPTY)
52		/* exists in recent (4.4) BSDs and OSF/1 */
53	0	char *name;
54	0	int i;
55
56	0	i = openpty(ptyfd, ttyfd, NULL, NULL, NULL);
57	0	if (i < 0) {
58	0	dropbear_log(LOG_WARNING,
59	0	"pty_allocate: openpty: %.100s", strerror(errno));
60	0	return 0;
61	0	}
62	0	name = ttyname(*ttyfd);
63	0	if (!name) {
64	0	dropbear_exit("ttyname fails for openpty device");
65	0	}
66
67	0	strlcpy(namebuf, name, namebuflen); /* possible truncation */
68	0	return 1;
69		#else /* HAVE_OPENPTY */
70		#ifdef HAVE__GETPTY
71		/*
72		* _getpty(3) exists in SGI Irix 4.x, 5.x & 6.x -- it generates more
73		* pty's automagically when needed
74		*/
75		char *slave;
76
77		slave = _getpty(ptyfd, O_RDWR, 0622, 0);
78		if (slave == NULL) {
79		dropbear_log(LOG_WARNING,
80		"pty_allocate: _getpty: %.100s", strerror(errno));
81		return 0;
82		}
83		strlcpy(namebuf, slave, namebuflen);
84		/* Open the slave side. */
85		*ttyfd = open(namebuf, O_RDWR \| O_NOCTTY);
86		if (*ttyfd < 0) {
87		dropbear_log(LOG_WARNING,
88		"pty_allocate error: ttyftd open error");
89		close(*ptyfd);
90		return 0;
91		}
92		return 1;
93		#else /* HAVE__GETPTY */
94		#if defined(USE_DEV_PTMX)
95		/*
96		* This code is used e.g. on Solaris 2.x. (Note that Solaris 2.3
97		* also has bsd-style ptys, but they simply do not work.)
98		*
99		* Linux systems may have the /dev/ptmx device, but this code won't work.
100		*/
101		int ptm;
102		char *pts;
103
104		ptm = open("/dev/ptmx", O_RDWR \| O_NOCTTY);
105		if (ptm < 0) {
106		dropbear_log(LOG_WARNING,
107		"pty_allocate: /dev/ptmx: %.100s", strerror(errno));
108		return 0;
109		}
110		if (grantpt(ptm) < 0) {
111		dropbear_log(LOG_WARNING,
112		"grantpt: %.100s", strerror(errno));
113		return 0;
114		}
115		if (unlockpt(ptm) < 0) {
116		dropbear_log(LOG_WARNING,
117		"unlockpt: %.100s", strerror(errno));
118		return 0;
119		}
120		pts = ptsname(ptm);
121		if (pts == NULL) {
122		dropbear_log(LOG_WARNING,
123		"Slave pty side name could not be obtained.");
124		}
125		strlcpy(namebuf, pts, namebuflen);
126		*ptyfd = ptm;
127
128		/* Open the slave side. */
129		*ttyfd = open(namebuf, O_RDWR \| O_NOCTTY);
130		if (*ttyfd < 0) {
131		dropbear_log(LOG_ERR,
132		"error opening pts %.100s: %.100s", namebuf, strerror(errno));
133		close(*ptyfd);
134		return 0;
135		}
136		#if !defined(HAVE_CYGWIN) && defined(I_PUSH)
137		/*
138		* Push the appropriate streams modules, as described in Solaris pts(7).
139		* HP-UX pts(7) doesn't have ttcompat module.
140		*/
141		if (ioctl(*ttyfd, I_PUSH, "ptem") < 0) {
142		dropbear_log(LOG_WARNING,
143		"ioctl I_PUSH ptem: %.100s", strerror(errno));
144		}
145		if (ioctl(*ttyfd, I_PUSH, "ldterm") < 0) {
146		dropbear_log(LOG_WARNING,
147		"ioctl I_PUSH ldterm: %.100s", strerror(errno));
148		}
149		#ifndef __hpux
150		if (ioctl(*ttyfd, I_PUSH, "ttcompat") < 0) {
151		dropbear_log(LOG_WARNING,
152		"ioctl I_PUSH ttcompat: %.100s", strerror(errno));
153		}
154		#endif
155		#endif
156		return 1;
157		#else /* USE_DEV_PTMX */
158		#ifdef HAVE_DEV_PTS_AND_PTC
159		/* AIX-style pty code. */
160		const char *name;
161
162		*ptyfd = open("/dev/ptc", O_RDWR \| O_NOCTTY);
163		if (*ptyfd < 0) {
164		dropbear_log(LOG_ERR,
165		"Could not open /dev/ptc: %.100s", strerror(errno));
166		return 0;
167		}
168		name = ttyname(*ptyfd);
169		if (!name) {
170		dropbear_exit("ttyname fails for /dev/ptc device");
171		}
172		strlcpy(namebuf, name, namebuflen);
173		*ttyfd = open(name, O_RDWR \| O_NOCTTY);
174		if (*ttyfd < 0) {
175		dropbear_log(LOG_ERR,
176		"Could not open pty slave side %.100s: %.100s",
177		name, strerror(errno));
178		close(*ptyfd);
179		return 0;
180		}
181		return 1;
182		#else /* HAVE_DEV_PTS_AND_PTC */
183
184		/* BSD-style pty code. */
185		char buf[64];
186		int i;
187		const char *ptymajors = "pqrstuvwxyzabcdefghijklmnoABCDEFGHIJKLMNOPQRSTUVWXYZ";
188		const char *ptyminors = "0123456789abcdef";
189		int num_minors = strlen(ptyminors);
190		int num_ptys = strlen(ptymajors) * num_minors;
191		struct termios tio;
192
193		for (i = 0; i < num_ptys; i++) {
194		snprintf(buf, sizeof buf, "/dev/pty%c%c", ptymajors[i / num_minors],
195		ptyminors[i % num_minors]);
196		snprintf(namebuf, namebuflen, "/dev/tty%c%c",
197		ptymajors[i / num_minors], ptyminors[i % num_minors]);
198
199		*ptyfd = open(buf, O_RDWR \| O_NOCTTY);
200		if (*ptyfd < 0) {
201		/* Try SCO style naming */
202		snprintf(buf, sizeof buf, "/dev/ptyp%d", i);
203		snprintf(namebuf, namebuflen, "/dev/ttyp%d", i);
204		*ptyfd = open(buf, O_RDWR \| O_NOCTTY);
205		if (*ptyfd < 0) {
206		continue;
207		}
208		}
209
210		/* Open the slave side. */
211		*ttyfd = open(namebuf, O_RDWR \| O_NOCTTY);
212		if (*ttyfd < 0) {
213		dropbear_log(LOG_ERR,
214		"pty_allocate: %.100s: %.100s", namebuf, strerror(errno));
215		close(*ptyfd);
216		return 0;
217		}
218		/* set tty modes to a sane state for broken clients */
219		if (tcgetattr(*ptyfd, &tio) < 0) {
220		dropbear_log(LOG_WARNING,
221		"ptyallocate: tty modes failed: %.100s", strerror(errno));
222		} else {
223		tio.c_lflag \|= (ECHO \| ISIG \| ICANON);
224		tio.c_oflag \|= (OPOST \| ONLCR);
225		tio.c_iflag \|= ICRNL;
226
227		/* Set the new modes for the terminal. */
228		if (tcsetattr(*ptyfd, TCSANOW, &tio) < 0) {
229		dropbear_log(LOG_WARNING,
230		"Setting tty modes for pty failed: %.100s",
231		strerror(errno));
232		}
233		}
234
235		return 1;
236		}
237		dropbear_log(LOG_WARNING, "Failed to open any /dev/pty?? devices");
238		return 0;
239		#endif /* HAVE_DEV_PTS_AND_PTC */
240		#endif /* USE_DEV_PTMX */
241		#endif /* HAVE__GETPTY */
242		#endif /* HAVE_OPENPTY */
243	0	}
244
245		/* Releases the tty. Its ownership is returned to root, and permissions to 0666. */
246
247		void
248		pty_release(const char *tty_name)
249	0	{
250	0	if (chown(tty_name, (uid_t) 0, (gid_t) 0) < 0
251	0	&& (errno != ENOENT)) {
252	0	dropbear_log(LOG_ERR,
253	0	"chown %.100s 0 0 failed: %.100s", tty_name, strerror(errno));
254	0	}
255	0	if (chmod(tty_name, (mode_t) 0666) < 0
256	0	&& (errno != ENOENT)) {
257	0	dropbear_log(LOG_ERR,
258	0	"chmod %.100s 0666 failed: %.100s", tty_name, strerror(errno));
259	0	}
260	0	}
261
262		/* Makes the tty the processes controlling tty and sets it to sane modes. */
263
264		void
265		pty_make_controlling_tty(int ttyfd, const char tty_name)
266	0	{
267	0	int fd;
268		#ifdef USE_VHANGUP
269		void *old;
270		#endif /* USE_VHANGUP */
271
272		/* Solaris has a problem with TIOCNOTTY for a bg process, so
273		* we disable the signal which would STOP the process - matt */
274	0	signal(SIGTTOU, SIG_IGN);
275
276		/* First disconnect from the old controlling tty. */
277	0	#ifdef TIOCNOTTY
278	0	fd = open(_PATH_TTY, O_RDWR \| O_NOCTTY);
279	0	if (fd >= 0) {
280	0	(void) ioctl(fd, TIOCNOTTY, NULL);
281	0	close(fd);
282	0	}
283	0	#endif /* TIOCNOTTY */
284	0	if (setsid() < 0) {
285	0	dropbear_log(LOG_ERR,
286	0	"setsid: %.100s", strerror(errno));
287	0	}
288
289		/*
290		* Verify that we are successfully disconnected from the controlling
291		* tty.
292		*/
293	0	fd = open(_PATH_TTY, O_RDWR \| O_NOCTTY);
294	0	if (fd >= 0) {
295	0	dropbear_log(LOG_ERR,
296	0	"Failed to disconnect from controlling tty.\n");
297	0	close(fd);
298	0	}
299		/* Make it our controlling tty. */
300	0	#ifdef TIOCSCTTY
301	0	if (ioctl(*ttyfd, TIOCSCTTY, NULL) < 0) {
302	0	dropbear_log(LOG_ERR,
303	0	"ioctl(TIOCSCTTY): %.100s", strerror(errno));
304	0	}
305	0	#endif /* TIOCSCTTY */
306		#ifdef HAVE_NEWS4
307		if (setpgrp(0,0) < 0) {
308		dropbear_log(LOG_ERR,
309		error("SETPGRP %s",strerror(errno)));
310		}
311		#endif /* HAVE_NEWS4 */
312		#ifdef USE_VHANGUP
313		old = mysignal(SIGHUP, SIG_IGN);
314		vhangup();
315		mysignal(SIGHUP, old);
316		#endif /* USE_VHANGUP */
317	0	fd = open(tty_name, O_RDWR);
318	0	if (fd < 0) {
319	0	dropbear_log(LOG_ERR,
320	0	"%.100s: %.100s", tty_name, strerror(errno));
321	0	} else {
322		#ifdef USE_VHANGUP
323		close(*ttyfd);
324		*ttyfd = fd;
325		#else /* USE_VHANGUP */
326	0	close(fd);
327	0	#endif /* USE_VHANGUP */
328	0	}
329		/* Verify that we now have a controlling tty. */
330	0	fd = open(_PATH_TTY, O_WRONLY);
331	0	if (fd < 0) {
332	0	dropbear_log(LOG_ERR,
333	0	"open /dev/tty failed - could not set controlling tty: %.100s",
334	0	strerror(errno));
335	0	} else {
336	0	close(fd);
337	0	}
338	0	}
339
340		/* Changes the window size associated with the pty. */
341
342		void
343		pty_change_window_size(int ptyfd, int row, int col,
344		int xpixel, int ypixel)
345	0	{
346	0	struct winsize w;
347
348	0	w.ws_row = row;
349	0	w.ws_col = col;
350	0	w.ws_xpixel = xpixel;
351	0	w.ws_ypixel = ypixel;
352	0	(void) ioctl(ptyfd, TIOCSWINSZ, &w);
353	0	}
354
355		void
356		pty_setowner(struct passwd pw, const char tty_name)
357	0	{
358	0	struct group *grp;
359	0	gid_t gid;
360	0	mode_t mode;
361	0	struct stat st;
362
363		/* Determine the group to make the owner of the tty. */
364	0	grp = getgrnam("tty");
365	0	if (grp) {
366	0	gid = grp->gr_gid;
367	0	mode = S_IRUSR \| S_IWUSR \| S_IWGRP;
368	0	} else {
369	0	gid = pw->pw_gid;
370	0	mode = S_IRUSR \| S_IWUSR \| S_IWGRP \| S_IWOTH;
371	0	}
372
373		/*
374		* Change owner and mode of the tty as required.
375		* Warn but continue if filesystem is read-only and the uids match/
376		* tty is owned by root.
377		*/
378	0	if (stat(tty_name, &st)) {
379	0	dropbear_exit("pty_setowner: stat(%.101s) failed: %.100s",
380	0	tty_name, strerror(errno));
381	0	}
382
383		/* Allow either "tty" gid or user's own gid. On Linux with openpty()
384		* this varies depending on the devpts mount options */
385	0	if (st.st_uid != pw->pw_uid \|\| !(st.st_gid == gid \|\| st.st_gid == pw->pw_gid)) {
386	0	if (chown(tty_name, pw->pw_uid, gid) < 0) {
387	0	if (errno == EROFS &&
388	0	(st.st_uid == pw->pw_uid \|\| st.st_uid == 0)) {
389	0	dropbear_log(LOG_ERR,
390	0	"chown(%.100s, %u, %u) failed: %.100s",
391	0	tty_name, (unsigned int)pw->pw_uid, (unsigned int)gid,
392	0	strerror(errno));
393	0	} else {
394	0	dropbear_exit("chown(%.100s, %u, %u) failed: %.100s",
395	0	tty_name, (unsigned int)pw->pw_uid, (unsigned int)gid,
396	0	strerror(errno));
397	0	}
398	0	}
399	0	}
400
401	0	if ((st.st_mode & (S_IRWXU\|S_IRWXG\|S_IRWXO)) != mode) {
402	0	if (chmod(tty_name, mode) < 0) {
403	0	if (errno == EROFS &&
404	0	(st.st_mode & (S_IRGRP \| S_IROTH)) == 0) {
405	0	dropbear_log(LOG_ERR,
406	0	"chmod(%.100s, 0%o) failed: %.100s",
407	0	tty_name, mode, strerror(errno));
408	0	} else {
409	0	dropbear_exit("chmod(%.100s, 0%o) failed: %.100s",
410	0	tty_name, mode, strerror(errno));
411	0	}
412	0	}
413	0	}
414	0	}