diff options
author | kris <kris@FreeBSD.org> | 2000-09-10 09:35:38 +0000 |
---|---|---|
committer | kris <kris@FreeBSD.org> | 2000-09-10 09:35:38 +0000 |
commit | 24372e6c107e496b6909e6a488fe2303cef77299 (patch) | |
tree | 3c5f04df23b54861f107ea20953c1aa478ade5f7 /crypto/openssh/ssh.c | |
parent | 06ca4c9ec0ae64896cd4d42f586cdf3fa0c033ef (diff) | |
download | FreeBSD-src-24372e6c107e496b6909e6a488fe2303cef77299.zip FreeBSD-src-24372e6c107e496b6909e6a488fe2303cef77299.tar.gz |
Resolve conflicts and update for OpenSSH 2.2.0
Reviewed by: gshapiro, peter, green
Diffstat (limited to 'crypto/openssh/ssh.c')
-rw-r--r-- | crypto/openssh/ssh.c | 106 |
1 files changed, 71 insertions, 35 deletions
diff --git a/crypto/openssh/ssh.c b/crypto/openssh/ssh.c index 5708897..d46e992 100644 --- a/crypto/openssh/ssh.c +++ b/crypto/openssh/ssh.c @@ -2,18 +2,45 @@ * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved - * Created: Sat Mar 18 16:36:11 1995 ylo * Ssh client program. This program can be used to log into a remote machine. * The software supports strong authentication, encryption, and forwarding * of X11, TCP/IP, and authentication connections. * - * Modified to work with SSL by Niels Provos <provos@citi.umich.edu> in Canada. + * As far as I am concerned, the code I have written for this software + * can be used freely for any purpose. Any derived versions of this + * software must be clearly marked as such, and if the derived work is + * incompatible with the protocol description in the RFC file, it must be + * called by a name other than "ssh" or "Secure Shell". * - * $FreeBSD$ + * Copyright (c) 1999 Niels Provos. All rights reserved. + * + * Modified to work with SSL by Niels Provos <provos@citi.umich.edu> + * in Canada (German citizen). + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$Id: ssh.c,v 1.54 2000/05/30 17:32:06 markus Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.65 2000/09/07 20:40:30 markus Exp $"); +RCSID("$FreeBSD$"); #include <openssl/evp.h> #include <openssl/dsa.h> @@ -23,7 +50,6 @@ RCSID("$Id: ssh.c,v 1.54 2000/05/30 17:32:06 markus Exp $"); #include "ssh.h" #include "packet.h" #include "buffer.h" -#include "authfd.h" #include "readconf.h" #include "uidswap.h" @@ -31,6 +57,7 @@ RCSID("$Id: ssh.c,v 1.54 2000/05/30 17:32:06 markus Exp $"); #include "compat.h" #include "channels.h" #include "key.h" +#include "authfd.h" #include "authfile.h" extern char *__progname; @@ -117,7 +144,6 @@ usage() #endif /* AFS */ fprintf(stderr, " -X Enable X11 connection forwarding.\n"); fprintf(stderr, " -x Disable X11 connection forwarding.\n"); - fprintf(stderr, " -X Enable X11 connection forwarding.\n"); fprintf(stderr, " -i file Identity for RSA authentication (default: ~/.ssh/identity).\n"); fprintf(stderr, " -t Tty; allocate a tty even if command is given.\n"); fprintf(stderr, " -T Do not allocate a tty.\n"); @@ -249,8 +275,8 @@ main(int ac, char **av) cp = strrchr(av0, '/') + 1; else cp = av0; - if (strcmp(cp, "rsh") != 0 && strcmp(cp, "ssh") != 0 && - strcmp(cp, "rlogin") != 0 && strcmp(cp, "slogin") != 0) + if (strcmp(cp, "rsh") && strcmp(cp, "ssh") && strcmp(cp, "rlogin") && + strcmp(cp, "slogin") && strcmp(cp, "remsh")) host = cp; for (optind = 1; optind < ac; optind++) { @@ -458,7 +484,7 @@ main(int ac, char **av) } /* Cannot fork to background if no command. */ - if (fork_after_authentication_flag && buffer_len(&command) == 0) + if (fork_after_authentication_flag && buffer_len(&command) == 0 && !no_shell_flag) fatal("Cannot fork into background without a command to execute."); /* Allocate a tty by default if no command specified. */ @@ -487,6 +513,7 @@ main(int ac, char **av) pwcopy.pw_passwd = xstrdup(pw->pw_passwd); pwcopy.pw_uid = pw->pw_uid; pwcopy.pw_gid = pw->pw_gid; + pwcopy.pw_class = xstrdup(pw->pw_class); pwcopy.pw_dir = xstrdup(pw->pw_dir); pwcopy.pw_shell = xstrdup(pw->pw_shell); pwcopy.pw_class = xstrdup(pw->pw_class); @@ -622,7 +649,7 @@ main(int ac, char **av) */ snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, SSH_USER_DIR); if (stat(buf, &st) < 0) - if (mkdir(buf, 0755) < 0) + if (mkdir(buf, 0700) < 0) error("Could not create directory '%.200s'.", buf); /* Check if the connection failed, and try "rsh" if appropriate. */ @@ -679,17 +706,17 @@ x11_get_proto(char *proto, int proto_len, char *data, int data_len) FILE *f; int got_data = 0, i; -#ifdef XAUTH_PATH - /* Try to get Xauthority information for the display. */ - snprintf(line, sizeof line, "%.100s list %.200s 2>/dev/null", - XAUTH_PATH, getenv("DISPLAY")); - f = popen(line, "r"); - if (f && fgets(line, sizeof(line), f) && - sscanf(line, "%*s %s %s", proto, data) == 2) - got_data = 1; - if (f) - pclose(f); -#endif /* XAUTH_PATH */ + if (options.xauth_location) { + /* Try to get Xauthority information for the display. */ + snprintf(line, sizeof line, "%.100s list %.200s 2>/dev/null", + options.xauth_location, getenv("DISPLAY")); + f = popen(line, "r"); + if (f && fgets(line, sizeof(line), f) && + sscanf(line, "%*s %s %s", proto, data) == 2) + got_data = 1; + if (f) + pclose(f); + } /* * If we didn't get authentication data, just make up some * data. The forwarding code will check the validity of the @@ -871,7 +898,7 @@ ssh_session(void) } /* Enter the interactive session. */ - return client_loop(have_tty, tty_flag ? options.escape_char : -1); + return client_loop(have_tty, tty_flag ? options.escape_char : -1, 0); } void @@ -954,31 +981,40 @@ int ssh_session2(void) { int window, packetmax, id; - int in = dup(STDIN_FILENO); - int out = dup(STDOUT_FILENO); - int err = dup(STDERR_FILENO); + int in, out, err; + + if (stdin_null_flag) { + in = open("/dev/null", O_RDONLY); + } else { + in = dup(STDIN_FILENO); + } + out = dup(STDOUT_FILENO); + err = dup(STDERR_FILENO); if (in < 0 || out < 0 || err < 0) - fatal("dump in/out/err failed"); + fatal("dup() in/out/err failed"); /* should be pre-session */ init_local_fwd(); - window = 32*1024; - if (tty_flag) { - packetmax = window/8; - } else { + /* If requested, let ssh continue in the background. */ + if (fork_after_authentication_flag) + if (daemon(1, 1) < 0) + fatal("daemon() failed: %.200s", strerror(errno)); + + window = CHAN_SES_WINDOW_DEFAULT; + packetmax = CHAN_SES_PACKET_DEFAULT; + if (!tty_flag) { window *= 2; - packetmax = window/2; + packetmax *=2; } - id = channel_new( "session", SSH_CHANNEL_OPENING, in, out, err, - window, packetmax, CHAN_EXTENDED_WRITE, xstrdup("client-session")); - + window, packetmax, CHAN_EXTENDED_WRITE, + xstrdup("client-session")); channel_open(id); channel_register_callback(id, SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, client_init, (void *)0); - return client_loop(tty_flag, tty_flag ? options.escape_char : -1); + return client_loop(tty_flag, tty_flag ? options.escape_char : -1, id); } |