version 1.111, 2001/04/12 14:29:09 |
version 1.112, 2001/04/12 19:15:25 |
|
|
*/ |
*/ |
volatile int received_window_change_signal = 0; |
volatile int received_window_change_signal = 0; |
|
|
/* Host private key. */ |
/* Private host keys. */ |
Key *host_private_key = NULL; |
struct { |
|
Key **keys; |
|
int nkeys; |
|
} sensitive_data; |
|
|
/* Original real UID. */ |
/* Original real UID. */ |
uid_t original_real_uid; |
uid_t original_real_uid; |
|
|
* authentication. This must be done before releasing extra |
* authentication. This must be done before releasing extra |
* privileges, because the file is only readable by root. |
* privileges, because the file is only readable by root. |
*/ |
*/ |
if (ok && (options.protocol & SSH_PROTO_1)) { |
sensitive_data.nkeys = 0; |
host_private_key = key_load_private_type(KEY_RSA1, |
sensitive_data.keys = NULL; |
|
if (ok && (options.rhosts_rsa_authentication || |
|
options.hostbased_authentication)) { |
|
sensitive_data.nkeys = 3; |
|
sensitive_data.keys = xmalloc(sensitive_data.nkeys*sizeof(Key)); |
|
sensitive_data.keys[0] = key_load_private_type(KEY_RSA1, |
_PATH_HOST_KEY_FILE, "", NULL); |
_PATH_HOST_KEY_FILE, "", NULL); |
|
sensitive_data.keys[1] = key_load_private_type(KEY_DSA, |
|
_PATH_HOST_DSA_KEY_FILE, "", NULL); |
|
sensitive_data.keys[2] = key_load_private_type(KEY_RSA, |
|
_PATH_HOST_RSA_KEY_FILE, "", NULL); |
} |
} |
/* |
/* |
* Get rid of any extra privileges that we may have. We will no |
* Get rid of any extra privileges that we may have. We will no |
|
|
tilde_expand_filename(options.user_hostfile2, original_real_uid); |
tilde_expand_filename(options.user_hostfile2, original_real_uid); |
|
|
/* Log into the remote system. This never returns if the login fails. */ |
/* Log into the remote system. This never returns if the login fails. */ |
ssh_login(host_private_key, host, (struct sockaddr *)&hostaddr, pw); |
ssh_login(sensitive_data.keys, sensitive_data.nkeys, |
|
host, (struct sockaddr *)&hostaddr, pw); |
|
|
/* We no longer need the host private key. Clear it now. */ |
/* We no longer need the private host keys. Clear them now. */ |
if (host_private_key != NULL) |
if (sensitive_data.nkeys != 0) { |
key_free(host_private_key); /* Destroys contents safely */ |
for (i = 0; i < sensitive_data.nkeys; i++) { |
|
if (sensitive_data.keys[i] != NULL) { |
|
/* Destroys contents safely */ |
|
debug3("clear hostkey %d", i); |
|
key_free(sensitive_data.keys[i]); |
|
sensitive_data.keys[i] = NULL; |
|
} |
|
} |
|
xfree(sensitive_data.keys); |
|
} |
|
|
exit_status = compat20 ? ssh_session2() : ssh_session(); |
exit_status = compat20 ? ssh_session2() : ssh_session(); |
packet_close(); |
packet_close(); |