version 1.102, 2001/04/05 10:42:55 |
version 1.103, 2001/04/06 21:00:14 |
|
|
* Connect to the given ssh server using a proxy command. |
* Connect to the given ssh server using a proxy command. |
*/ |
*/ |
int |
int |
ssh_proxy_connect(const char *host, u_short port, uid_t original_real_uid, |
ssh_proxy_connect(const char *host, u_short port, struct passwd *pw, |
const char *proxy_command) |
const char *proxy_command) |
{ |
{ |
Buffer command; |
Buffer command; |
|
|
char *argv[10]; |
char *argv[10]; |
|
|
/* Child. Permanently give up superuser privileges. */ |
/* Child. Permanently give up superuser privileges. */ |
permanently_set_uid(original_real_uid); |
permanently_set_uid(pw); |
|
|
/* Redirect stdin and stdout. */ |
/* Redirect stdin and stdout. */ |
close(pin[1]); |
close(pin[1]); |
|
|
* Creates a (possibly privileged) socket for use as the ssh connection. |
* Creates a (possibly privileged) socket for use as the ssh connection. |
*/ |
*/ |
int |
int |
ssh_create_socket(uid_t original_real_uid, int privileged, int family) |
ssh_create_socket(struct passwd *pw, int privileged, int family) |
{ |
{ |
int sock; |
int sock; |
|
|
|
|
* Just create an ordinary socket on arbitrary port. We use |
* Just create an ordinary socket on arbitrary port. We use |
* the user's uid to create the socket. |
* the user's uid to create the socket. |
*/ |
*/ |
temporarily_use_uid(original_real_uid); |
temporarily_use_uid(pw); |
sock = socket(family, SOCK_STREAM, 0); |
sock = socket(family, SOCK_STREAM, 0); |
if (sock < 0) |
if (sock < 0) |
error("socket: %.100s", strerror(errno)); |
error("socket: %.100s", strerror(errno)); |
|
|
int |
int |
ssh_connect(const char *host, struct sockaddr_storage * hostaddr, |
ssh_connect(const char *host, struct sockaddr_storage * hostaddr, |
u_short port, int connection_attempts, |
u_short port, int connection_attempts, |
int anonymous, uid_t original_real_uid, |
int anonymous, struct passwd *pw, |
const char *proxy_command) |
const char *proxy_command) |
{ |
{ |
int gaierr; |
int gaierr; |
|
|
} |
} |
/* If a proxy command is given, connect using it. */ |
/* If a proxy command is given, connect using it. */ |
if (proxy_command != NULL) |
if (proxy_command != NULL) |
return ssh_proxy_connect(host, port, original_real_uid, proxy_command); |
return ssh_proxy_connect(host, port, pw, proxy_command); |
|
|
/* No proxy command. */ |
/* No proxy command. */ |
|
|
|
|
host, ntop, strport); |
host, ntop, strport); |
|
|
/* Create a socket for connecting. */ |
/* Create a socket for connecting. */ |
sock = ssh_create_socket(original_real_uid, |
sock = ssh_create_socket(pw, |
!anonymous && geteuid() == 0, |
!anonymous && geteuid() == 0, |
ai->ai_family); |
ai->ai_family); |
if (sock < 0) |
if (sock < 0) |
|
|
* hope that it will help with tcp_wrappers showing |
* hope that it will help with tcp_wrappers showing |
* the remote uid as root. |
* the remote uid as root. |
*/ |
*/ |
temporarily_use_uid(original_real_uid); |
temporarily_use_uid(pw); |
if (connect(sock, ai->ai_addr, ai->ai_addrlen) >= 0) { |
if (connect(sock, ai->ai_addr, ai->ai_addrlen) >= 0) { |
/* Successful connection. */ |
/* Successful connection. */ |
memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen); |
memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen); |
|
|
*/ |
*/ |
void |
void |
ssh_login(Key *own_host_key, const char *orighost, |
ssh_login(Key *own_host_key, const char *orighost, |
struct sockaddr *hostaddr, uid_t original_real_uid) |
struct sockaddr *hostaddr, struct passwd *pw) |
{ |
{ |
struct passwd *pw; |
|
char *host, *cp; |
char *host, *cp; |
char *server_user, *local_user; |
char *server_user, *local_user; |
|
|
/* Get local user name. Use it as server user if no user name was given. */ |
|
pw = getpwuid(original_real_uid); |
|
if (!pw) |
|
fatal("User id %u not found from user database.", original_real_uid); |
|
local_user = xstrdup(pw->pw_name); |
local_user = xstrdup(pw->pw_name); |
server_user = options.user ? options.user : local_user; |
server_user = options.user ? options.user : local_user; |
|
|