=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/clientloop.c,v retrieving revision 1.141 retrieving revision 1.141.2.3 diff -u -r1.141 -r1.141.2.3 --- src/usr.bin/ssh/clientloop.c 2005/07/16 01:35:24 1.141 +++ src/usr.bin/ssh/clientloop.c 2006/11/08 00:44:05 1.141.2.3 @@ -1,3 +1,4 @@ +/* $OpenBSD: clientloop.c,v 1.141.2.3 2006/11/08 00:44:05 brad Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -58,25 +59,41 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "includes.h" -RCSID("$OpenBSD: clientloop.c,v 1.141 2005/07/16 01:35:24 djm Exp $"); +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "xmalloc.h" #include "ssh.h" #include "ssh1.h" #include "ssh2.h" -#include "xmalloc.h" #include "packet.h" #include "buffer.h" #include "compat.h" #include "channels.h" #include "dispatch.h" -#include "buffer.h" -#include "bufaux.h" #include "key.h" +#include "cipher.h" #include "kex.h" #include "log.h" #include "readconf.h" #include "clientloop.h" +#include "sshconnect.h" #include "authfd.h" #include "atomicio.h" #include "sshpty.h" @@ -113,11 +130,11 @@ static volatile sig_atomic_t received_window_change_signal = 0; static volatile sig_atomic_t received_signal = 0; -/* Flag indicating whether the user\'s terminal is in non-blocking mode. */ +/* Flag indicating whether the user's terminal is in non-blocking mode. */ static int in_non_blocking_mode = 0; /* Common data for the client loop code. */ -static int quit_pending; /* Set to non-zero to quit the client loop. */ +static volatile sig_atomic_t quit_pending; /* Set non-zero to quit the loop. */ static int escape_char; /* Escape character. */ static int escape_pending; /* Last character was the escape character */ static int last_was_cr; /* Last character was a newline. */ @@ -177,7 +194,7 @@ * Signal handler for the window change signal (SIGWINCH). This just sets a * flag indicating that the window has changed. */ - +/*ARGSUSED */ static void window_change_handler(int sig) { @@ -189,7 +206,7 @@ * Signal handler for signals that cause the program to terminate. These * signals must be trapped to restore terminal modes. */ - +/*ARGSUSED */ static void signal_handler(int sig) { @@ -266,7 +283,7 @@ } } snprintf(cmd, sizeof(cmd), - "%s %s%s list %s . 2>" _PATH_DEVNULL, + "%s %s%s list %s 2>" _PATH_DEVNULL, xauth_path, generated ? "-f " : "" , generated ? xauthfile : "", @@ -421,10 +438,10 @@ if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) < 0) return; packet_start(SSH_CMSG_WINDOW_SIZE); - packet_put_int(ws.ws_row); - packet_put_int(ws.ws_col); - packet_put_int(ws.ws_xpixel); - packet_put_int(ws.ws_ypixel); + packet_put_int((u_int)ws.ws_row); + packet_put_int((u_int)ws.ws_col); + packet_put_int((u_int)ws.ws_xpixel); + packet_put_int((u_int)ws.ws_ypixel); packet_send(); } } @@ -439,8 +456,10 @@ static void server_alive_check(void) { - if (++server_alive_timeouts > options.server_alive_count_max) - packet_disconnect("Timeout, server not responding."); + if (++server_alive_timeouts > options.server_alive_count_max) { + logit("Timeout, server not responding."); + cleanup_exit(255); + } packet_start(SSH2_MSG_GLOBAL_REQUEST); packet_put_cstring("keepalive@openssh.com"); packet_put_char(1); /* boolean: want reply */ @@ -568,7 +587,7 @@ } static void -client_process_net_input(fd_set * readset) +client_process_net_input(fd_set *readset) { int len; char buf[8192]; @@ -676,7 +695,7 @@ } static void -client_process_control(fd_set * readset) +client_process_control(fd_set *readset) { Buffer m; Channel *c; @@ -807,8 +826,7 @@ return; } - cctx = xmalloc(sizeof(*cctx)); - memset(cctx, 0, sizeof(*cctx)); + cctx = xcalloc(1, sizeof(*cctx)); cctx->want_tty = (flags & SSHMUX_FLAG_TTY) != 0; cctx->want_subsys = (flags & SSHMUX_FLAG_SUBSYS) != 0; cctx->want_x_fwd = (flags & SSHMUX_FLAG_X11_FWD) != 0; @@ -823,7 +841,7 @@ env_len = MIN(env_len, 4096); debug3("%s: receiving %d env vars", __func__, env_len); if (env_len != 0) { - cctx->env = xmalloc(sizeof(*cctx->env) * (env_len + 1)); + cctx->env = xcalloc(env_len + 1, sizeof(*cctx->env)); for (i = 0; i < env_len; i++) cctx->env[i] = buffer_get_string(&m, &len); cctx->env[i] = NULL; @@ -831,6 +849,7 @@ debug2("%s: accepted tty %d, subsys %d, cmd %s", __func__, cctx->want_tty, cctx->want_subsys, cmd); + xfree(cmd); /* Gather fds from client */ new_fd[0] = mm_receive_fd(client_fd); @@ -911,12 +930,25 @@ if (*s == 'h' || *s == 'H' || *s == '?') { logit("Commands:"); - logit(" -Lport:host:hostport Request local forward"); - logit(" -Rport:host:hostport Request remote forward"); - logit(" -KRhostport Cancel remote forward"); + logit(" -L[bind_address:]port:host:hostport " + "Request local forward"); + logit(" -R[bind_address:]port:host:hostport " + "Request remote forward"); + logit(" -KR[bind_address:]port " + "Cancel remote forward"); + if (!options.permit_local_command) + goto out; + logit(" !args " + "Execute local command"); goto out; } + if (*s == '!' && options.permit_local_command) { + s++; + ssh_local_cmd(s); + goto out; + } + if (*s == 'K') { delete = 1; s++; @@ -968,9 +1000,12 @@ goto out; } } else { - channel_request_remote_forwarding(fwd.listen_host, + if (channel_request_remote_forwarding(fwd.listen_host, fwd.listen_port, fwd.connect_host, - fwd.connect_port); + fwd.connect_port) < 0) { + logit("Port forwarding failed."); + goto out; + } } logit("Forwarding port."); @@ -1162,7 +1197,7 @@ } static void -client_process_input(fd_set * readset) +client_process_input(fd_set *readset) { int len; char buf[8192]; @@ -1215,7 +1250,7 @@ } static void -client_process_output(fd_set * writeset) +client_process_output(fd_set *writeset) { int len; char buf[100]; @@ -1376,10 +1411,10 @@ session_ident = ssh2_chan_id; if (escape_char != SSH_ESCAPECHAR_NONE) channel_register_filter(session_ident, - simple_escape_filter); + simple_escape_filter, NULL); if (session_ident != -1) channel_register_cleanup(session_ident, - client_channel_closed); + client_channel_closed, 0); } else { /* Check if we should immediately send eof on stdin. */ client_check_initial_eof_on_stdin(); @@ -1678,7 +1713,7 @@ if (!options.forward_x11) { error("Warning: ssh server tried X11 forwarding."); - error("Warning: this is probably a break in attempt by a malicious server."); + error("Warning: this is probably a break-in attempt by a malicious server."); return NULL; } originator = packet_get_string(NULL); @@ -1711,7 +1746,7 @@ if (!options.forward_agent) { error("Warning: ssh server tried agent forwarding."); - error("Warning: this is probably a break in attempt by a malicious server."); + error("Warning: this is probably a break-in attempt by a malicious server."); return NULL; } sock = ssh_get_authentication_socket(); @@ -1859,10 +1894,10 @@ channel_request_start(id, "pty-req", 0); packet_put_cstring(term != NULL ? term : ""); - packet_put_int(ws.ws_col); - packet_put_int(ws.ws_row); - packet_put_int(ws.ws_xpixel); - packet_put_int(ws.ws_ypixel); + packet_put_int((u_int)ws.ws_col); + packet_put_int((u_int)ws.ws_row); + packet_put_int((u_int)ws.ws_xpixel); + packet_put_int((u_int)ws.ws_ypixel); tio = get_saved_tio(); tty_make_modes(-1, tiop != NULL ? tiop : &tio); packet_send(); @@ -1880,7 +1915,7 @@ /* Split */ name = xstrdup(env[i]); if ((val = strchr(name, '=')) == NULL) { - free(name); + xfree(name); continue; } *val++ = '\0'; @@ -1894,7 +1929,7 @@ } if (!matched) { debug3("Ignored env %s", name); - free(name); + xfree(name); continue; } @@ -1903,7 +1938,7 @@ packet_put_cstring(name); packet_put_cstring(val); packet_send(); - free(name); + xfree(name); } }