[openssh-commits] [openssh] 01/02: platform: introduce a way to hook new session start

git+noreply at mindrot.org git+noreply at mindrot.org
Sun Mar 23 11:24:24 AEDT 2025 

This is an automated email from the git hooks/post-receive script.

dtucker pushed a commit to branch master
in repository openssh.

commit fdc4853c5b1567934d43ab13282f03033cc21325
Author: Daniil Tatianin <d-tatianin at yandex-team.ru>
AuthorDate: Thu Feb 27 11:46:25 2025 +0300

    platform: introduce a way to hook new session start
    
    Previously this was possible via post_fork_child, but ever since sshd
    was split into multiple binaries, this is now no longer possible becase
    of execv.
---
 Makefile.in       | 2 +-
 platform-listen.c | 3 +++
 platform.h        | 1 +
 sshd-session.c    | 2 ++
 4 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/Makefile.in b/Makefile.in
index 974be207..4617cebc 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -140,7 +140,7 @@ SSHD_SESSION_OBJS=sshd-session.o auth-rhosts.o auth-passwd.o \
 	auth2-gss.o gss-serv.o gss-serv-krb5.o \
 	loginrec.o auth-pam.o auth-shadow.o auth-sia.o \
 	sftp-server.o sftp-common.o \
-	uidswap.o $(SKOBJS)
+	uidswap.o platform-listen.o $(SKOBJS)
 
 SSHD_AUTH_OBJS=sshd-auth.o \
 	auth2-methods.o \
diff --git a/platform-listen.c b/platform-listen.c
index 42c4040f..4da2855e 100644
--- a/platform-listen.c
+++ b/platform-listen.c
@@ -82,3 +82,6 @@ platform_post_fork_child(void)
 #endif
 }
 
+void platform_pre_session_start(void)
+{
+}
diff --git a/platform.h b/platform.h
index 5dec2327..08cbd225 100644
--- a/platform.h
+++ b/platform.h
@@ -24,6 +24,7 @@ void platform_pre_restart(void);
 void platform_post_listen(void);
 void platform_post_fork_parent(pid_t child_pid);
 void platform_post_fork_child(void);
+void platform_pre_session_start(void);
 int  platform_privileged_uidswap(void);
 void platform_setusercontext(struct passwd *);
 void platform_setusercontext_post_groups(struct passwd *);
diff --git a/sshd-session.c b/sshd-session.c
index 1e2cee10..c64eb29f 100644
--- a/sshd-session.c
+++ b/sshd-session.c
@@ -999,6 +999,8 @@ main(int ac, char **av)
 
 	closefrom(REEXEC_MIN_FREE_FD);
 
+	platform_pre_session_start();
+
 	/* Reserve fds we'll need later for reexec things */
 	if ((devnull = open(_PATH_DEVNULL, O_RDWR)) == -1)
 		fatal("open %s: %s", _PATH_DEVNULL, strerror(errno));

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list