Skip to content

Commit 60cd4bc

Browse files
JacobBarthelmehJacobBarthelmeh
committed
redirect stdin with forced command
1 parent bbe3bac commit 60cd4bc

1 file changed

Lines changed: 36 additions & 6 deletions

File tree

apps/wolfsshd/wolfsshd.c

Lines changed: 36 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1169,6 +1169,7 @@ static int SHELL_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh,
11691169
int rc;
11701170
WS_SOCKET_T childFd = 0;
11711171
int stdoutPipe[2], stderrPipe[2];
1172+
int stdinPipe[2];
11721173
pid_t childPid;
11731174

11741175
#ifndef WOLFSSHD_SHELL_BUFFER_SZ
@@ -1193,6 +1194,8 @@ static int SHELL_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh,
11931194
stdoutPipe[1] = -1;
11941195
stderrPipe[0] = -1;
11951196
stderrPipe[1] = -1;
1197+
stdinPipe[0] = -1;
1198+
stdinPipe[1] = -1;
11961199

11971200
forcedCmd = wolfSSHD_ConfigGetForcedCmd(usrConf);
11981201

@@ -1223,10 +1226,18 @@ static int SHELL_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh,
12231226
}
12241227
if (pipe(stderrPipe) != 0) {
12251228
close(stdoutPipe[0]);
1226-
close(stderrPipe[1]);
1229+
close(stdoutPipe[1]);
12271230
wolfSSH_Log(WS_LOG_ERROR, "[SSHD] Issue creating stderr pipe");
12281231
return WS_FATAL_ERROR;
12291232
}
1233+
if (pipe(stdinPipe) != 0) {
1234+
close(stdoutPipe[0]);
1235+
close(stdoutPipe[1]);
1236+
close(stderrPipe[0]);
1237+
close(stderrPipe[1]);
1238+
wolfSSH_Log(WS_LOG_ERROR, "[SSHD] Issue creating stdin pipe");
1239+
return WS_FATAL_ERROR;
1240+
}
12301241
}
12311242

12321243
ChildRunning = 1;
@@ -1250,8 +1261,20 @@ static int SHELL_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh,
12501261
if (forcedCmd) {
12511262
close(stdoutPipe[0]);
12521263
close(stderrPipe[0]);
1264+
close(stdinPipe[1]);
12531265
stdoutPipe[0] = -1;
12541266
stderrPipe[0] = -1;
1267+
stdinPipe[1] = -1;
1268+
1269+
if (dup2(stdinPipe[0], STDIN_FILENO) == -1) {
1270+
wolfSSH_Log(WS_LOG_ERROR,
1271+
"[SSHD] Error redirecting stdin pipe");
1272+
if (wolfSSHD_AuthReducePermissions(conn->auth) != WS_SUCCESS) {
1273+
exit(1);
1274+
}
1275+
1276+
return WS_FATAL_ERROR;
1277+
}
12551278
if (dup2(stdoutPipe[1], STDOUT_FILENO) == -1) {
12561279
wolfSSH_Log(WS_LOG_ERROR,
12571280
"[SSHD] Error redirecting stdout pipe");
@@ -1361,6 +1384,7 @@ static int SHELL_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh,
13611384
ret = execv(cmd, (char**)args);
13621385
close(stdoutPipe[1]);
13631386
close(stderrPipe[1]);
1387+
close(stdinPipe[1]);
13641388
}
13651389
else {
13661390
ret = execv(cmd, (char**)args);
@@ -1418,6 +1442,7 @@ static int SHELL_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh,
14181442
if (forcedCmd) {
14191443
close(stdoutPipe[1]);
14201444
close(stderrPipe[1]);
1445+
close(stdinPipe[0]);
14211446
}
14221447

14231448
while (ChildRunning || windowFull || !stdoutEmpty || peerConnected) {
@@ -1485,8 +1510,9 @@ static int SHELL_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh,
14851510
sizeof channelBuffer);
14861511
if (cnt_r <= 0)
14871512
break;
1488-
cnt_w = (int)write(childFd,
1489-
channelBuffer, cnt_r);
1513+
1514+
cnt_w = (int)write(stdinPipe[1], channelBuffer,
1515+
cnt_r);
14901516
if (cnt_w <= 0)
14911517
break;
14921518
}
@@ -1520,9 +1546,9 @@ static int SHELL_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh,
15201546
WS_CHANNEL_ID_SELF);
15211547
eof = wolfSSH_ChannelGetEof(current);
15221548
if (eof) {
1523-
/* SSH is done, kill off child process */
1524-
kill(childPid, SIGKILL);
1525-
break;
1549+
/* SSH is done, close stdin pipe to child process */
1550+
close(stdinPipe[1]);
1551+
stdinPipe[1] = -1;
15261552
}
15271553
}
15281554
}
@@ -1705,8 +1731,12 @@ static int SHELL_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh,
17051731
if (readSz > 0) {
17061732
wolfSSH_extended_data_send(ssh, shellBuffer, readSz);
17071733
}
1734+
17081735
close(stdoutPipe[0]);
17091736
close(stderrPipe[0]);
1737+
if (stdinPipe[1] != -1) {
1738+
close(stdinPipe[1]);
1739+
}
17101740
}
17111741

17121742
(void)conn;

0 commit comments

Comments
 (0)