version 1.48, 2000/04/14 10:30:33 |
version 1.49, 2000/04/26 20:56:30 |
|
|
#include "includes.h" |
#include "includes.h" |
RCSID("$Id$"); |
RCSID("$Id$"); |
|
|
|
#include <openssl/evp.h> |
|
#include <openssl/dsa.h> |
|
#include <openssl/rsa.h> |
|
|
#include "xmalloc.h" |
#include "xmalloc.h" |
#include "ssh.h" |
#include "ssh.h" |
#include "packet.h" |
#include "packet.h" |
|
|
#include "ssh2.h" |
#include "ssh2.h" |
#include "compat.h" |
#include "compat.h" |
#include "channels.h" |
#include "channels.h" |
|
#include "key.h" |
|
#include "authfile.h" |
|
|
|
extern char *__progname; |
|
|
/* Flag indicating whether IPv4 or IPv6. This can be set on the command line. |
/* Flag indicating whether IPv4 or IPv6. This can be set on the command line. |
Default value is AF_UNSPEC means both IPv4 and IPv6. */ |
Default value is AF_UNSPEC means both IPv4 and IPv6. */ |
int IPv4or6 = AF_UNSPEC; |
int IPv4or6 = AF_UNSPEC; |
|
|
} |
} |
break; |
break; |
case 'c': |
case 'c': |
options.cipher = cipher_number(optarg); |
if (ciphers_valid(optarg)) { |
if (options.cipher == -1) { |
/* SSH2 only */ |
fprintf(stderr, "Unknown cipher type '%s'\n", optarg); |
options.ciphers = xstrdup(optarg); |
exit(1); |
} else { |
|
/* SSH1 only */ |
|
options.cipher = cipher_number(optarg); |
|
if (options.cipher == -1) { |
|
fprintf(stderr, "Unknown cipher type '%s'\n", optarg); |
|
exit(1); |
|
} |
} |
} |
break; |
break; |
case 'p': |
case 'p': |
|
|
if (!host) |
if (!host) |
usage(); |
usage(); |
|
|
/* check if RSA support exists */ |
OpenSSL_add_all_algorithms(); |
if (rsa_alive() == 0) { |
|
extern char *__progname; |
|
|
|
fprintf(stderr, |
|
"%s: no RSA support in libssl and libcrypto. See ssl(8).\n", |
|
__progname); |
|
exit(1); |
|
} |
|
/* Initialize the command to execute on remote host. */ |
/* Initialize the command to execute on remote host. */ |
buffer_init(&command); |
buffer_init(&command); |
|
|
|
|
/* reinit */ |
/* reinit */ |
log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 0); |
log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 0); |
|
|
|
/* check if RSA support exists */ |
|
if ((options.protocol & SSH_PROTO_1) && |
|
rsa_alive() == 0) { |
|
log("%s: no RSA support in libssl and libcrypto. See ssl(8).", |
|
__progname); |
|
log("Disabling protocol version 1"); |
|
options.protocol &= ~ (SSH_PROTO_1|SSH_PROTO_1_PREFERRED); |
|
} |
|
if (! options.protocol & (SSH_PROTO_1|SSH_PROTO_2)) { |
|
fprintf(stderr, "%s: No protocol version available.\n", |
|
__progname); |
|
exit(1); |
|
} |
|
|
if (options.user == NULL) |
if (options.user == NULL) |
options.user = xstrdup(pw->pw_name); |
options.user = xstrdup(pw->pw_name); |
|
|
|
|
* authentication. This must be done before releasing extra |
* authentication. This must be done before releasing extra |
* privileges, because the file is only readable by root. |
* privileges, because the file is only readable by root. |
*/ |
*/ |
if (ok) { |
if (ok && (options.protocol & SSH_PROTO_1)) { |
|
Key k; |
host_private_key = RSA_new(); |
host_private_key = RSA_new(); |
if (load_private_key(HOST_KEY_FILE, "", host_private_key, NULL)) |
k.type = KEY_RSA; |
|
k.rsa = host_private_key; |
|
if (load_private_key(HOST_KEY_FILE, "", &k, NULL)) |
host_private_key_loaded = 1; |
host_private_key_loaded = 1; |
} |
} |
/* |
/* |
|
|
exit(1); |
exit(1); |
} |
} |
/* Expand ~ in options.identity_files. */ |
/* Expand ~ in options.identity_files. */ |
|
/* XXX mem-leaks */ |
for (i = 0; i < options.num_identity_files; i++) |
for (i = 0; i < options.num_identity_files; i++) |
options.identity_files[i] = |
options.identity_files[i] = |
tilde_expand_filename(options.identity_files[i], original_real_uid); |
tilde_expand_filename(options.identity_files[i], original_real_uid); |
|
for (i = 0; i < options.num_identity_files2; i++) |
|
options.identity_files2[i] = |
|
tilde_expand_filename(options.identity_files2[i], original_real_uid); |
/* Expand ~ in known host file names. */ |
/* Expand ~ in known host file names. */ |
options.system_hostfile = tilde_expand_filename(options.system_hostfile, |
options.system_hostfile = tilde_expand_filename(options.system_hostfile, |
original_real_uid); |
original_real_uid); |
options.user_hostfile = tilde_expand_filename(options.user_hostfile, |
options.user_hostfile = tilde_expand_filename(options.user_hostfile, |
original_real_uid); |
original_real_uid); |
|
options.system_hostfile2 = tilde_expand_filename(options.system_hostfile2, |
|
original_real_uid); |
|
options.user_hostfile2 = tilde_expand_filename(options.user_hostfile2, |
|
original_real_uid); |
|
|
/* Log into the remote system. This never returns if the login fails. */ |
/* Log into the remote system. This never returns if the login fails. */ |
ssh_login(host_private_key_loaded, host_private_key, |
ssh_login(host_private_key_loaded, host_private_key, |