Merge branch 'hans/ssh/execfix20/OTP-14881' into maint

* hans/ssh/execfix20/OTP-14881: ssh: Disable exec for non-default shell ssh: Test for disabled shell
author: Hans Nilsson <[email protected]> 2018-03-02 11:44:39 +0100
committer: Hans Nilsson <[email protected]> 2018-03-02 11:44:39 +0100
commit: cae492cdf842addf31cd43956278f98efe4e2443 (patch)
tree: d63512db7108abb1550a07cf22a913791535dc76 /lib/ssh/src/ssh_cli.erl
parent: fb218aaf3ef9da8f21a95f7e5a96e0210812d04b (diff)
parent: 2c525a02f087fff609cc6c7736c5c582f91e00dc (diff)
download: otp-cae492cdf842addf31cd43956278f98efe4e2443.tar.gz
otp-cae492cdf842addf31cd43956278f98efe4e2443.tar.bz2
otp-cae492cdf842addf31cd43956278f98efe4e2443.zip
1 files changed, 15 insertions, 2 deletions
diff --git a/lib/ssh/src/ssh_cli.erl b/lib/ssh/src/ssh_cli.erl
index 62854346b0..958c342f5f 100644
--- a/lib/ssh/src/ssh_cli.erl
+++ b/lib/ssh/src/ssh_cli.erl
@@ -127,7 +127,8 @@ handle_ssh_msg({ssh_cm, ConnectionHandler,
 			cm = ConnectionHandler}};
 
 handle_ssh_msg({ssh_cm, ConnectionHandler,
-		{exec, ChannelId, WantReply, Cmd}}, #state{exec=undefined} = State) ->
+		{exec, ChannelId, WantReply, Cmd}}, #state{exec=undefined,
+                                                           shell=?DEFAULT_SHELL} = State) ->
     {Reply, Status} = exec(Cmd),
     write_chars(ConnectionHandler,
 		ChannelId, io_lib:format("~p\n", [Reply])),
@@ -136,6 +137,15 @@ handle_ssh_msg({ssh_cm, ConnectionHandler,
     ssh_connection:exit_status(ConnectionHandler, ChannelId, Status),
     ssh_connection:send_eof(ConnectionHandler, ChannelId),
     {stop, ChannelId, State#state{channel = ChannelId, cm = ConnectionHandler}};
+
+handle_ssh_msg({ssh_cm, ConnectionHandler,
+		{exec, ChannelId, WantReply, _Cmd}}, #state{exec = undefined} = State) ->
+    write_chars(ConnectionHandler, ChannelId, 1, "Prohibited.\n"),
+    ssh_connection:reply_request(ConnectionHandler, WantReply, success, ChannelId),
+    ssh_connection:exit_status(ConnectionHandler, ChannelId, 255),
+    ssh_connection:send_eof(ConnectionHandler, ChannelId),
+    {stop, ChannelId, State#state{channel = ChannelId, cm = ConnectionHandler}};
+
 handle_ssh_msg({ssh_cm, ConnectionHandler,
 		{exec, ChannelId, WantReply, Cmd}}, State) ->
     NewState = start_shell(ConnectionHandler, Cmd, State),
@@ -453,11 +463,14 @@ move_cursor(From, To, #ssh_pty{width=Width, term=Type}) ->
 %% %%% make sure that there is data to send
 %% %%% before calling ssh_connection:send
 write_chars(ConnectionHandler, ChannelId, Chars) ->
+    write_chars(ConnectionHandler, ChannelId, ?SSH_EXTENDED_DATA_DEFAULT, Chars).
+
+write_chars(ConnectionHandler, ChannelId, Type, Chars) ->
     case has_chars(Chars) of
         false -> ok;
         true -> ssh_connection:send(ConnectionHandler,
                                     ChannelId,
-                                    ?SSH_EXTENDED_DATA_DEFAULT,
+                                    Type,
                                     Chars)
     end.
author	Hans Nilsson <[email protected]>	2018-03-02 11:44:39 +0100
committer	Hans Nilsson <[email protected]>	2018-03-02 11:44:39 +0100
commit	cae492cdf842addf31cd43956278f98efe4e2443 (patch)
tree	d63512db7108abb1550a07cf22a913791535dc76 /lib/ssh/src/ssh_cli.erl
parent	fb218aaf3ef9da8f21a95f7e5a96e0210812d04b (diff)
parent	2c525a02f087fff609cc6c7736c5c582f91e00dc (diff)
download	otp-cae492cdf842addf31cd43956278f98efe4e2443.tar.gz otp-cae492cdf842addf31cd43956278f98efe4e2443.tar.bz2 otp-cae492cdf842addf31cd43956278f98efe4e2443.zip