| 173 | } |
| 174 | |
| 175 | func (s *sessionHandler) OnShell( |
| 176 | requestID uint64, |
| 177 | ) error { |
| 178 | mode := s.getPolicy(s.config.Shell.Mode) |
| 179 | switch mode { |
| 180 | case config2.ExecutionPolicyDisable: |
| 181 | fallthrough |
| 182 | case config2.ExecutionPolicyFilter: |
| 183 | err := message.UserMessage( |
| 184 | message.ESecurityShellRejected, |
| 185 | "Shell execution disabled.", |
| 186 | "Shell execution is disabled in the security settings.", |
| 187 | ) |
| 188 | s.logger.Debug(err) |
| 189 | return err |
| 190 | case config2.ExecutionPolicyEnable: |
| 191 | fallthrough |
| 192 | default: |
| 193 | } |
| 194 | if s.config.ForceCommand == "" { |
| 195 | return s.backend.OnShell(requestID) |
| 196 | } |
| 197 | s.logger.Debug( |
| 198 | message.NewMessage( |
| 199 | message.MSecurityForcingCommand, |
| 200 | "Forcing command execution to %s", |
| 201 | s.config.ForceCommand, |
| 202 | )) |
| 203 | return s.backend.OnExecRequest(requestID, s.config.ForceCommand) |
| 204 | } |
| 205 | |
| 206 | func (s *sessionHandler) OnSubsystem( |
| 207 | requestID uint64, |