===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/ssh.c,v
retrieving revision 1.51
retrieving revision 1.51.2.2
diff -u -r1.51 -r1.51.2.2
--- src/usr.bin/ssh/ssh.c	2000/05/08 17:12:15	1.51
+++ src/usr.bin/ssh/ssh.c	2000/09/01 18:23:23	1.51.2.2
@@ -11,7 +11,7 @@
  */
 
 #include "includes.h"
-RCSID("$Id: ssh.c,v 1.51 2000/05/08 17:12:15 markus Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.51.2.2 2000/09/01 18:23:23 jason Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/dsa.h>
@@ -21,7 +21,6 @@
 #include "ssh.h"
 #include "packet.h"
 #include "buffer.h"
-#include "authfd.h"
 #include "readconf.h"
 #include "uidswap.h"
 
@@ -29,6 +28,7 @@
 #include "compat.h"
 #include "channels.h"
 #include "key.h"
+#include "authfd.h"
 #include "authfile.h"
 
 extern char *__progname;
@@ -108,10 +108,12 @@
 	fprintf(stderr, "Options:\n");
 	fprintf(stderr, "  -l user     Log in using this user name.\n");
 	fprintf(stderr, "  -n          Redirect input from /dev/null.\n");
+	fprintf(stderr, "  -A          Enable authentication agent forwarding.\n");
 	fprintf(stderr, "  -a          Disable authentication agent forwarding.\n");
 #ifdef AFS
 	fprintf(stderr, "  -k          Disable Kerberos ticket and AFS token forwarding.\n");
 #endif				/* AFS */
+        fprintf(stderr, "  -X          Enable X11 connection forwarding.\n");
 	fprintf(stderr, "  -x          Disable X11 connection forwarding.\n");
 	fprintf(stderr, "  -i file     Identity for RSA authentication (default: ~/.ssh/identity).\n");
 	fprintf(stderr, "  -t          Tty; allocate a tty even if command is given.\n");
@@ -241,8 +243,8 @@
 		cp = strrchr(av0, '/') + 1;
 	else
 		cp = av0;
-	if (strcmp(cp, "rsh") != 0 && strcmp(cp, "ssh") != 0 &&
-	    strcmp(cp, "rlogin") != 0 && strcmp(cp, "slogin") != 0)
+	if (strcmp(cp, "rsh") && strcmp(cp, "ssh") && strcmp(cp, "rlogin") &&
+	    strcmp(cp, "slogin") && strcmp(cp, "remsh"))
 		host = cp;
 
 	for (optind = 1; optind < ac; optind++) {
@@ -306,6 +308,9 @@
 		case 'a':
 			options.forward_agent = 0;
 			break;
+		case 'A':
+			options.forward_agent = 1;
+			break;
 #ifdef AFS
 		case 'k':
 			options.kerberos_tgt_passing = 0;
@@ -422,7 +427,7 @@
 	if (!host)
 		usage();
 
-        OpenSSL_add_all_algorithms();
+	SSLeay_add_all_algorithms();
 
 	/* Initialize the command to execute on remote host. */
 	buffer_init(&command);
@@ -446,7 +451,7 @@
 	}
 
 	/* Cannot fork to background if no command. */
-	if (fork_after_authentication_flag && buffer_len(&command) == 0)
+	if (fork_after_authentication_flag && buffer_len(&command) == 0 && !no_shell_flag)
 		fatal("Cannot fork into background without a command to execute.");
 
 	/* Allocate a tty by default if no command specified. */
@@ -475,6 +480,7 @@
 	pwcopy.pw_passwd = xstrdup(pw->pw_passwd);
 	pwcopy.pw_uid = pw->pw_uid;
 	pwcopy.pw_gid = pw->pw_gid;
+	pwcopy.pw_class = xstrdup(pw->pw_class);
 	pwcopy.pw_dir = xstrdup(pw->pw_dir);
 	pwcopy.pw_shell = xstrdup(pw->pw_shell);
 	pw = &pwcopy;
@@ -607,7 +613,7 @@
 	 */
 	snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, SSH_USER_DIR);
 	if (stat(buf, &st) < 0)
-		if (mkdir(buf, 0755) < 0)
+		if (mkdir(buf, 0700) < 0)
 			error("Could not create directory '%.200s'.", buf);
 
 	/* Check if the connection failed, and try "rsh" if appropriate. */
@@ -664,17 +670,17 @@
 	FILE *f;
 	int got_data = 0, i;
 
-#ifdef XAUTH_PATH
-	/* Try to get Xauthority information for the display. */
-	snprintf(line, sizeof line, "%.100s list %.200s 2>/dev/null",
-		 XAUTH_PATH, getenv("DISPLAY"));
-	f = popen(line, "r");
-	if (f && fgets(line, sizeof(line), f) &&
-	    sscanf(line, "%*s %s %s", proto, data) == 2)
-		got_data = 1;
-	if (f)
-		pclose(f);
-#endif /* XAUTH_PATH */
+	if (options.xauth_location) {
+		/* Try to get Xauthority information for the display. */
+		snprintf(line, sizeof line, "%.100s list %.200s 2>/dev/null",
+		    options.xauth_location, getenv("DISPLAY"));
+		f = popen(line, "r");
+		if (f && fgets(line, sizeof(line), f) &&
+		    sscanf(line, "%*s %s %s", proto, data) == 2)
+			got_data = 1;
+		if (f)
+			pclose(f);
+	}
 	/*
 	 * If we didn't get authentication data, just make up some
 	 * data.  The forwarding code will check the validity of the
@@ -856,7 +862,7 @@
 	}
 
 	/* Enter the interactive session. */
-	return client_loop(have_tty, tty_flag ? options.escape_char : -1);
+	return client_loop(have_tty, tty_flag ? options.escape_char : -1, 0);
 }
 
 void
@@ -939,16 +945,27 @@
 ssh_session2(void)
 {
 	int window, packetmax, id;
-	int in  = dup(STDIN_FILENO);
-	int out = dup(STDOUT_FILENO);
-	int err = dup(STDERR_FILENO);
+	int in, out, err;
 
+	if (stdin_null_flag) {
+		in = open("/dev/null", O_RDONLY);
+	} else {
+		in = dup(STDIN_FILENO);
+	}
+	out = dup(STDOUT_FILENO);
+	err = dup(STDERR_FILENO);
+
 	if (in < 0 || out < 0 || err < 0)
-		fatal("dump in/out/err failed");
+		fatal("dup() in/out/err failed");
 
 	/* should be pre-session */
 	init_local_fwd();
 	
+	/* If requested, let ssh continue in the background. */
+	if (fork_after_authentication_flag)
+		if (daemon(1, 1) < 0)
+			fatal("daemon() failed: %.200s", strerror(errno));
+
 	window = 32*1024;
 	if (tty_flag) {
 		packetmax = window/8;
@@ -957,13 +974,13 @@
 		packetmax = window/2;
 	}
 
+/*XXX MAXPACK */
 	id = channel_new(
 	    "session", SSH_CHANNEL_OPENING, in, out, err,
 	    window, packetmax, CHAN_EXTENDED_WRITE, xstrdup("client-session"));
 
-
 	channel_open(id);
 	channel_register_callback(id, SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, client_init, (void *)0);
 
-	return client_loop(tty_flag, tty_flag ? options.escape_char : -1);
+	return client_loop(tty_flag, tty_flag ? options.escape_char : -1, id);
 }