version 1.158.2.2, 2005/06/05 02:22:39 |
version 1.158.2.3, 2005/09/02 03:45:01 |
|
|
static int |
static int |
ssh_proxy_connect(const char *host, u_short port, const char *proxy_command) |
ssh_proxy_connect(const char *host, u_short port, const char *proxy_command) |
{ |
{ |
Buffer command; |
char *command_string, *tmp; |
const char *cp; |
|
char *command_string; |
|
int pin[2], pout[2]; |
int pin[2], pout[2]; |
pid_t pid; |
pid_t pid; |
char strport[NI_MAXSERV]; |
char strport[NI_MAXSERV]; |
|
size_t len; |
|
|
/* Convert the port number into a string. */ |
/* Convert the port number into a string. */ |
snprintf(strport, sizeof strport, "%hu", port); |
snprintf(strport, sizeof strport, "%hu", port); |
|
|
* Use "exec" to avoid "sh -c" processes on some platforms |
* Use "exec" to avoid "sh -c" processes on some platforms |
* (e.g. Solaris) |
* (e.g. Solaris) |
*/ |
*/ |
buffer_init(&command); |
len = strlen(proxy_command) + 6; |
buffer_append(&command, "exec ", 5); |
tmp = xmalloc(len); |
|
strlcpy(tmp, "exec ", len); |
|
strlcat(tmp, proxy_command, len); |
|
command_string = percent_expand(tmp, "h", host, |
|
"p", strport, (char *)NULL); |
|
xfree(tmp); |
|
|
for (cp = proxy_command; *cp; cp++) { |
|
if (cp[0] == '%' && cp[1] == '%') { |
|
buffer_append(&command, "%", 1); |
|
cp++; |
|
continue; |
|
} |
|
if (cp[0] == '%' && cp[1] == 'h') { |
|
buffer_append(&command, host, strlen(host)); |
|
cp++; |
|
continue; |
|
} |
|
if (cp[0] == '%' && cp[1] == 'p') { |
|
buffer_append(&command, strport, strlen(strport)); |
|
cp++; |
|
continue; |
|
} |
|
buffer_append(&command, cp, 1); |
|
} |
|
buffer_append(&command, "\0", 1); |
|
|
|
/* Get the final command string. */ |
|
command_string = buffer_ptr(&command); |
|
|
|
/* Create pipes for communicating with the proxy. */ |
/* Create pipes for communicating with the proxy. */ |
if (pipe(pin) < 0 || pipe(pout) < 0) |
if (pipe(pin) < 0 || pipe(pout) < 0) |
fatal("Could not create pipes to communicate with the proxy: %.100s", |
fatal("Could not create pipes to communicate with the proxy: %.100s", |
|
|
close(pout[1]); |
close(pout[1]); |
|
|
/* Free the command name. */ |
/* Free the command name. */ |
buffer_free(&command); |
xfree(command_string); |
|
|
/* Set the connection file descriptors. */ |
/* Set the connection file descriptors. */ |
packet_set_connection(pout[0], pin[1]); |
packet_set_connection(pout[0], pin[1]); |
|
|
int sock = -1, attempt; |
int sock = -1, attempt; |
char ntop[NI_MAXHOST], strport[NI_MAXSERV]; |
char ntop[NI_MAXHOST], strport[NI_MAXSERV]; |
struct addrinfo hints, *ai, *aitop; |
struct addrinfo hints, *ai, *aitop; |
struct servent *sp; |
|
|
|
debug2("ssh_connect: needpriv %d", needpriv); |
debug2("ssh_connect: needpriv %d", needpriv); |
|
|
/* Get default port if port has not been set. */ |
|
if (port == 0) { |
|
sp = getservbyname(SSH_SERVICE_NAME, "tcp"); |
|
if (sp) |
|
port = ntohs(sp->s_port); |
|
else |
|
port = SSH_DEFAULT_PORT; |
|
} |
|
/* If a proxy command is given, connect using it. */ |
/* If a proxy command is given, connect using it. */ |
if (proxy_command != NULL) |
if (proxy_command != NULL) |
return ssh_proxy_connect(host, port, proxy_command); |
return ssh_proxy_connect(host, port, proxy_command); |
|
|
ssh_exchange_identification(void) |
ssh_exchange_identification(void) |
{ |
{ |
char buf[256], remote_version[256]; /* must be same size! */ |
char buf[256], remote_version[256]; /* must be same size! */ |
int remote_major, remote_minor, i, mismatch; |
int remote_major, remote_minor, mismatch; |
int connection_in = packet_get_connection_in(); |
int connection_in = packet_get_connection_in(); |
int connection_out = packet_get_connection_out(); |
int connection_out = packet_get_connection_out(); |
int minor1 = PROTOCOL_MINOR_1; |
int minor1 = PROTOCOL_MINOR_1; |
|
u_int i; |
|
|
/* Read other side\'s version identification. */ |
/* Read other side's version identification. */ |
for (;;) { |
for (;;) { |
for (i = 0; i < sizeof(buf) - 1; i++) { |
for (i = 0; i < sizeof(buf) - 1; i++) { |
int len = atomicio(read, connection_in, &buf[i], 1); |
size_t len = atomicio(read, connection_in, &buf[i], 1); |
if (len < 0) |
|
fatal("ssh_exchange_identification: read: %.100s", strerror(errno)); |
if (len != 1 && errno == EPIPE) |
if (len != 1) |
|
fatal("ssh_exchange_identification: Connection closed by remote host"); |
fatal("ssh_exchange_identification: Connection closed by remote host"); |
|
else if (len != 1) |
|
fatal("ssh_exchange_identification: read: %.100s", strerror(errno)); |
if (buf[i] == '\r') { |
if (buf[i] == '\r') { |
buf[i] = '\n'; |
buf[i] = '\n'; |
buf[i + 1] = 0; |
buf[i + 1] = 0; |
|
|
switch (hostaddr->sa_family) { |
switch (hostaddr->sa_family) { |
case AF_INET: |
case AF_INET: |
local = (ntohl(((struct sockaddr_in *)hostaddr)-> |
local = (ntohl(((struct sockaddr_in *)hostaddr)-> |
sin_addr.s_addr) >> 24) == IN_LOOPBACKNET; |
sin_addr.s_addr) >> 24) == IN_LOOPBACKNET; |
break; |
break; |
case AF_INET6: |
case AF_INET6: |
local = IN6_IS_ADDR_LOOPBACK( |
local = IN6_IS_ADDR_LOOPBACK( |
|
|
|
|
if (show_other_keys(host, host_key)) |
if (show_other_keys(host, host_key)) |
snprintf(msg1, sizeof(msg1), |
snprintf(msg1, sizeof(msg1), |
"\nbut keys of different type are already" |
"\nbut keys of different type are already" |
" known for this host."); |
" known for this host."); |
else |
else |
snprintf(msg1, sizeof(msg1), "."); |
snprintf(msg1, sizeof(msg1), "."); |
/* The default */ |
/* The default */ |