version 1.51.2.4, 2001/03/12 15:44:16 |
version 1.51.2.5, 2001/03/21 18:53:13 |
|
|
#endif /* AFS */ |
#endif /* AFS */ |
fprintf(stderr, " -X Enable X11 connection forwarding.\n"); |
fprintf(stderr, " -X Enable X11 connection forwarding.\n"); |
fprintf(stderr, " -x Disable X11 connection forwarding.\n"); |
fprintf(stderr, " -x Disable X11 connection forwarding.\n"); |
fprintf(stderr, " -i file Identity for RSA authentication (default: ~/.ssh/identity).\n"); |
fprintf(stderr, " -i file Identity for public key authentication " |
|
"(default: ~/.ssh/identity)\n"); |
fprintf(stderr, " -t Tty; allocate a tty even if command is given.\n"); |
fprintf(stderr, " -t Tty; allocate a tty even if command is given.\n"); |
fprintf(stderr, " -T Do not allocate a tty.\n"); |
fprintf(stderr, " -T Do not allocate a tty.\n"); |
fprintf(stderr, " -v Verbose; display verbose debugging messages.\n"); |
fprintf(stderr, " -v Verbose; display verbose debugging messages.\n"); |
|
|
fprintf(stderr, " -e char Set escape character; ``none'' = disable (default: ~).\n"); |
fprintf(stderr, " -e char Set escape character; ``none'' = disable (default: ~).\n"); |
|
|
fprintf(stderr, " -c cipher Select encryption algorithm: " |
fprintf(stderr, " -c cipher Select encryption algorithm: " |
"``3des'', " |
"``3des'', ``blowfish''\n"); |
"``blowfish''\n"); |
fprintf(stderr, " -m macs Specify MAC algorithms for protocol version 2.\n"); |
fprintf(stderr, " -p port Connect to this port. Server must be on the same port.\n"); |
fprintf(stderr, " -p port Connect to this port. Server must be on the same port.\n"); |
fprintf(stderr, " -L listen-port:host:port Forward local port to remote address\n"); |
fprintf(stderr, " -L listen-port:host:port Forward local port to remote address\n"); |
fprintf(stderr, " -R listen-port:host:port Forward remote port to local address\n"); |
fprintf(stderr, " -R listen-port:host:port Forward remote port to local address\n"); |
|
|
|
|
int ssh_session(void); |
int ssh_session(void); |
int ssh_session2(void); |
int ssh_session2(void); |
int guess_identity_file_type(const char *filename); |
void load_public_identity_files(void); |
|
|
/* |
/* |
* Main program for the ssh client. |
* Main program for the ssh client. |
|
|
u_short fwd_port, fwd_host_port; |
u_short fwd_port, fwd_host_port; |
char *optarg, *cp, buf[256]; |
char *optarg, *cp, buf[256]; |
struct stat st; |
struct stat st; |
struct passwd *pw, pwcopy; |
struct passwd *pw; |
int dummy; |
int dummy; |
uid_t original_effective_uid; |
uid_t original_effective_uid; |
|
|
|
|
options.log_level++; |
options.log_level++; |
break; |
break; |
} else { |
} else { |
fatal("Too high debugging level.\n"); |
fatal("Too high debugging level."); |
} |
} |
/* fallthrough */ |
/* fallthrough */ |
case 'V': |
case 'V': |
|
|
/* Do not allocate a tty if stdin is not a tty. */ |
/* Do not allocate a tty if stdin is not a tty. */ |
if (!isatty(fileno(stdin)) && !force_tty_flag) { |
if (!isatty(fileno(stdin)) && !force_tty_flag) { |
if (tty_flag) |
if (tty_flag) |
log("Pseudo-terminal will not be allocated because stdin is not a terminal.\n"); |
log("Pseudo-terminal will not be allocated because stdin is not a terminal."); |
tty_flag = 0; |
tty_flag = 0; |
} |
} |
|
|
/* Get user data. */ |
/* Get user data. */ |
pw = getpwuid(original_real_uid); |
pw = getpwuid(original_real_uid); |
if (!pw) { |
if (!pw) { |
log("You don't exist, go away!\n"); |
log("You don't exist, go away!"); |
exit(1); |
exit(1); |
} |
} |
/* Take a copy of the returned structure. */ |
/* Take a copy of the returned structure. */ |
memset(&pwcopy, 0, sizeof(pwcopy)); |
pw = pwcopy(pw); |
pwcopy.pw_name = xstrdup(pw->pw_name); |
|
pwcopy.pw_passwd = xstrdup(pw->pw_passwd); |
|
pwcopy.pw_uid = pw->pw_uid; |
|
pwcopy.pw_gid = pw->pw_gid; |
|
pwcopy.pw_class = xstrdup(pw->pw_class); |
|
pwcopy.pw_dir = xstrdup(pw->pw_dir); |
|
pwcopy.pw_shell = xstrdup(pw->pw_shell); |
|
pw = &pwcopy; |
|
|
|
/* Initialize "log" output. Since we are the client all output |
/* |
actually goes to the terminal. */ |
* Initialize "log" output. Since we are the client all output |
log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 0); |
* actually goes to stderr. |
|
*/ |
|
log_init(av[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1); |
|
|
/* Read per-user configuration file. */ |
/* Read per-user configuration file. */ |
snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, _PATH_SSH_USER_CONFFILE); |
snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, _PATH_SSH_USER_CONFFILE); |
|
|
fill_default_options(&options); |
fill_default_options(&options); |
|
|
/* reinit */ |
/* reinit */ |
log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 0); |
log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 1); |
|
|
if (options.user == NULL) |
if (options.user == NULL) |
options.user = xstrdup(pw->pw_name); |
options.user = xstrdup(pw->pw_name); |
|
|
} |
} |
exit(1); |
exit(1); |
} |
} |
/* Expand ~ in options.identity_files, known host file names. */ |
/* load options.identity_files */ |
/* XXX mem-leaks */ |
load_public_identity_files(); |
for (i = 0; i < options.num_identity_files; i++) { |
|
options.identity_files[i] = |
/* Expand ~ in known host file names. */ |
tilde_expand_filename(options.identity_files[i], original_real_uid); |
/* XXX mem-leaks: */ |
options.identity_files_type[i] = guess_identity_file_type(options.identity_files[i]); |
|
debug("identity file %s type %d", options.identity_files[i], |
|
options.identity_files_type[i]); |
|
} |
|
options.system_hostfile = |
options.system_hostfile = |
tilde_expand_filename(options.system_hostfile, original_real_uid); |
tilde_expand_filename(options.system_hostfile, original_real_uid); |
options.user_hostfile = |
options.user_hostfile = |
|
|
|
|
id = packet_get_int(); |
id = packet_get_int(); |
len = buffer_len(&command); |
len = buffer_len(&command); |
len = MAX(len, 900); |
if (len > 900) |
|
len = 900; |
packet_done(); |
packet_done(); |
if (type == SSH2_MSG_CHANNEL_FAILURE) |
if (type == SSH2_MSG_CHANNEL_FAILURE) |
fatal("Request for subsystem '%.*s' failed on channel %d", |
fatal("Request for subsystem '%.*s' failed on channel %d", |
|
|
debug("Sending command: %.*s", len, buffer_ptr(&command)); |
debug("Sending command: %.*s", len, buffer_ptr(&command)); |
channel_request_start(id, "exec", 0); |
channel_request_start(id, "exec", 0); |
} |
} |
packet_put_string(buffer_ptr(&command), len); |
packet_put_string(buffer_ptr(&command), buffer_len(&command)); |
packet_send(); |
packet_send(); |
} else { |
} else { |
channel_request(id, "shell", 0); |
channel_request(id, "shell", 0); |
|
|
} |
} |
key_free(public); |
key_free(public); |
return type; |
return type; |
|
} |
|
|
|
void |
|
load_public_identity_files(void) |
|
{ |
|
char *filename; |
|
Key *public; |
|
int i; |
|
|
|
for (i = 0; i < options.num_identity_files; i++) { |
|
filename = tilde_expand_filename(options.identity_files[i], |
|
original_real_uid); |
|
public = key_new(KEY_RSA1); |
|
if (!load_public_key(filename, public, NULL)) { |
|
key_free(public); |
|
public = key_new(KEY_UNSPEC); |
|
if (!try_load_public_key(filename, public, NULL)) { |
|
debug("unknown identity file %s", filename); |
|
key_free(public); |
|
public = NULL; |
|
} |
|
} |
|
debug("identity file %s type %d", filename, |
|
public ? public->type : -1); |
|
xfree(options.identity_files[i]); |
|
options.identity_files[i] = filename; |
|
options.identity_keys[i] = public; |
|
} |
} |
} |