add handling exec sub shell to wolfsshd app

2023-01-15 14:36:56 -08:00 · 2023-01-15 14:36:56 -08:00 · c1ea43d505
parent 834a03ce84
commit c1ea43d505
1 changed files with 22 additions and 5 deletions
--- a/apps/wolfsshd/wolfsshd.c
+++ b/apps/wolfsshd/wolfsshd.c
@ -551,7 +551,7 @@ static int SFTP_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh,
 * user input as well as output of the shell.
 * return WS_SUCCESS on success */
 static int SHELL_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh,
-    WPASSWD* pPasswd, WOLFSSHD_CONFIG* usrConf)
+    WPASSWD* pPasswd, WOLFSSHD_CONFIG* usrConf, const char* subCmd)
 {
    WS_SOCKET_T sshFd = 0;
    int rc;
@ -565,6 +565,13 @@ static int SHELL_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh,
    char* forcedCmd;

    forcedCmd = wolfSSHD_ConfigGetForcedCmd(usrConf);
+
+    /* do not overwrite a forced command with 'exec' sub shell. Only set the
+     * 'exec' command when no forced command is set */
+    if (forcedCmd == NULL) {
+        forcedCmd = (char*)subCmd;
+    }
+
    if (forcedCmd != NULL && XSTRCMP(forcedCmd, "internal-sftp") == 0) {
        wolfSSH_Log(WS_LOG_ERROR,
                                "[SSHD] Only SFTP connections allowed for user "
@ -588,7 +595,7 @@ static int SHELL_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh,
    }
    else if (childPid == 0) {
        /* Child process */
-        const char *args[] = {"-sh", NULL};
+        const char *args[] = {"-sh", NULL, NULL, NULL};
        char cmd[MAX_COMMAND_SZ];
        int ret;

@ -651,8 +658,9 @@ static int SHELL_Subsystem(WOLFSSHD_CONNECTION* conn, WOLFSSH* ssh,

        errno = 0;
        if (forcedCmd) {
-            args[0] = NULL;
-            ret = execv(forcedCmd, (char**)args);
+            args[1] = "-c";
+            args[2] = forcedCmd;
+            ret = execv(cmd, (char**)args);
        }
        else {
            ret = execv(cmd, (char**)args);
@ -890,7 +898,7 @@ static void* HandleConnection(void* arg)
                #ifdef WOLFSSH_SHELL
                    if (ret == WS_SUCCESS) {
                        wolfSSH_Log(WS_LOG_INFO, "[SSHD] Entering new shell");
-                        SHELL_Subsystem(conn, ssh, pPasswd, usrConf);
+                        SHELL_Subsystem(conn, ssh, pPasswd, usrConf, NULL);
                    }
                #else
                    wolfSSH_Log(WS_LOG_ERROR,
@ -922,6 +930,15 @@ static void* HandleConnection(void* arg)

                case WOLFSSH_SESSION_UNKNOWN:
                case WOLFSSH_SESSION_EXEC:
+                    if (ret == WS_SUCCESS) {
+                        wolfSSH_Log(WS_LOG_INFO,
+                            "[SSHD] Entering exec session [%s]",
+                                wolfSSH_GetSessionCommand(ssh));
+                        SHELL_Subsystem(conn, ssh, pPasswd, usrConf,
+                                wolfSSH_GetSessionCommand(ssh));
+                    }
+                    break;
+
                case WOLFSSH_SESSION_TERMINAL:
                default:
                    wolfSSH_Log(WS_LOG_ERROR,