platform: introduce a way to hook new session start

Previously this was possible via post_fork_child, but ever since sshd was split into multiple binaries, this is now no longer possible becase of execv.
2026-01-12 00:04:08 +08:00 · 2025-02-27 11:46:25 +03:00
parent 1b311b6b17
commit fdc4853c5b
4 changed files with 7 additions and 1 deletions
--- a/Makefile.in
+++ b/Makefile.in
@@ -140,7 +140,7 @@ SSHD_SESSION_OBJS=sshd-session.o auth-rhosts.o auth-passwd.o \
 	auth2-gss.o gss-serv.o gss-serv-krb5.o \
 	loginrec.o auth-pam.o auth-shadow.o auth-sia.o \
 	sftp-server.o sftp-common.o \
-	uidswap.o $(SKOBJS)
+	uidswap.o platform-listen.o $(SKOBJS)

 SSHD_AUTH_OBJS=sshd-auth.o \
 	auth2-methods.o \
--- a/platform-listen.c
+++ b/platform-listen.c
@@ -82,3 +82,6 @@ platform_post_fork_child(void)
 #endif
 }

+void platform_pre_session_start(void)
+{
+}
--- a/platform.h
+++ b/platform.h
@@ -24,6 +24,7 @@ void platform_pre_restart(void);
 void platform_post_listen(void);
 void platform_post_fork_parent(pid_t child_pid);
 void platform_post_fork_child(void);
+void platform_pre_session_start(void);
 int  platform_privileged_uidswap(void);
 void platform_setusercontext(struct passwd *);
 void platform_setusercontext_post_groups(struct passwd *);
--- a/sshd-session.c
+++ b/sshd-session.c
@@ -999,6 +999,8 @@ main(int ac, char **av)

 	closefrom(REEXEC_MIN_FREE_FD);

+	platform_pre_session_start();
+
 	/* Reserve fds we'll need later for reexec things */
 	if ((devnull = open(_PATH_DEVNULL, O_RDWR)) == -1)
 		fatal("open %s: %s", _PATH_DEVNULL, strerror(errno));