version 1.162.2.2, 2006/02/03 02:53:45 |
version 1.163, 2005/05/24 17:32:44 |
|
|
#include "readconf.h" |
#include "readconf.h" |
#include "atomicio.h" |
#include "atomicio.h" |
#include "misc.h" |
#include "misc.h" |
|
|
#include "dns.h" |
#include "dns.h" |
|
|
char *client_version_string = NULL; |
char *client_version_string = NULL; |
char *server_version_string = NULL; |
char *server_version_string = NULL; |
|
|
static int matching_host_key_dns = 0; |
int matching_host_key_dns = 0; |
|
|
/* import */ |
/* import */ |
extern Options options; |
extern Options options; |
|
|
static int |
static int |
ssh_proxy_connect(const char *host, u_short port, const char *proxy_command) |
ssh_proxy_connect(const char *host, u_short port, const char *proxy_command) |
{ |
{ |
char *command_string, *tmp; |
Buffer command; |
|
const char *cp; |
|
char *command_string; |
int pin[2], pout[2]; |
int pin[2], pout[2]; |
pid_t pid; |
pid_t pid; |
char strport[NI_MAXSERV]; |
char strport[NI_MAXSERV]; |
size_t len; |
|
|
|
/* Convert the port number into a string. */ |
/* Convert the port number into a string. */ |
snprintf(strport, sizeof strport, "%hu", port); |
snprintf(strport, sizeof strport, "%hu", port); |
|
|
* Use "exec" to avoid "sh -c" processes on some platforms |
* Use "exec" to avoid "sh -c" processes on some platforms |
* (e.g. Solaris) |
* (e.g. Solaris) |
*/ |
*/ |
len = strlen(proxy_command) + 6; |
buffer_init(&command); |
tmp = xmalloc(len); |
buffer_append(&command, "exec ", 5); |
strlcpy(tmp, "exec ", len); |
|
strlcat(tmp, proxy_command, len); |
|
command_string = percent_expand(tmp, "h", host, |
|
"p", strport, (char *)NULL); |
|
xfree(tmp); |
|
|
|
|
for (cp = proxy_command; *cp; cp++) { |
|
if (cp[0] == '%' && cp[1] == '%') { |
|
buffer_append(&command, "%", 1); |
|
cp++; |
|
continue; |
|
} |
|
if (cp[0] == '%' && cp[1] == 'h') { |
|
buffer_append(&command, host, strlen(host)); |
|
cp++; |
|
continue; |
|
} |
|
if (cp[0] == '%' && cp[1] == 'p') { |
|
buffer_append(&command, strport, strlen(strport)); |
|
cp++; |
|
continue; |
|
} |
|
buffer_append(&command, cp, 1); |
|
} |
|
buffer_append(&command, "\0", 1); |
|
|
|
/* Get the final command string. */ |
|
command_string = buffer_ptr(&command); |
|
|
/* Create pipes for communicating with the proxy. */ |
/* Create pipes for communicating with the proxy. */ |
if (pipe(pin) < 0 || pipe(pout) < 0) |
if (pipe(pin) < 0 || pipe(pout) < 0) |
fatal("Could not create pipes to communicate with the proxy: %.100s", |
fatal("Could not create pipes to communicate with the proxy: %.100s", |
|
|
close(pout[1]); |
close(pout[1]); |
|
|
/* Free the command name. */ |
/* Free the command name. */ |
xfree(command_string); |
buffer_free(&command); |
|
|
/* Set the connection file descriptors. */ |
/* Set the connection file descriptors. */ |
packet_set_connection(pout[0], pin[1]); |
packet_set_connection(pout[0], pin[1]); |
|
|
int sock = -1, attempt; |
int sock = -1, attempt; |
char ntop[NI_MAXHOST], strport[NI_MAXSERV]; |
char ntop[NI_MAXHOST], strport[NI_MAXSERV]; |
struct addrinfo hints, *ai, *aitop; |
struct addrinfo hints, *ai, *aitop; |
|
struct servent *sp; |
|
|
debug2("ssh_connect: needpriv %d", needpriv); |
debug2("ssh_connect: needpriv %d", needpriv); |
|
|
|
/* Get default port if port has not been set. */ |
|
if (port == 0) { |
|
sp = getservbyname(SSH_SERVICE_NAME, "tcp"); |
|
if (sp) |
|
port = ntohs(sp->s_port); |
|
else |
|
port = SSH_DEFAULT_PORT; |
|
} |
/* If a proxy command is given, connect using it. */ |
/* If a proxy command is given, connect using it. */ |
if (proxy_command != NULL) |
if (proxy_command != NULL) |
return ssh_proxy_connect(host, port, proxy_command); |
return ssh_proxy_connect(host, port, proxy_command); |
|
|
ssh_exchange_identification(void) |
ssh_exchange_identification(void) |
{ |
{ |
char buf[256], remote_version[256]; /* must be same size! */ |
char buf[256], remote_version[256]; /* must be same size! */ |
int remote_major, remote_minor, mismatch; |
int remote_major, remote_minor, i, mismatch; |
int connection_in = packet_get_connection_in(); |
int connection_in = packet_get_connection_in(); |
int connection_out = packet_get_connection_out(); |
int connection_out = packet_get_connection_out(); |
int minor1 = PROTOCOL_MINOR_1; |
int minor1 = PROTOCOL_MINOR_1; |
u_int i; |
|
|
|
/* Read other side's version identification. */ |
/* Read other side's version identification. */ |
for (;;) { |
for (;;) { |
for (i = 0; i < sizeof(buf) - 1; i++) { |
for (i = 0; i < sizeof(buf) - 1; i++) { |
size_t len = atomicio(read, connection_in, &buf[i], 1); |
size_t len = atomicio(read, connection_in, &buf[i], 1); |
|
|
if (len != 1 && errno == EPIPE) |
if (len != 1 && errno == EPIPE) |
fatal("ssh_exchange_identification: Connection closed by remote host"); |
fatal("ssh_exchange_identification: Connection closed by remote host"); |
else if (len != 1) |
else if (len != 1) |
fatal("ssh_exchange_identification: read: %.100s", strerror(errno)); |
fatal("ssh_exchange_identification: read: %.100s", strerror(errno)); |
|
|
switch (hostaddr->sa_family) { |
switch (hostaddr->sa_family) { |
case AF_INET: |
case AF_INET: |
local = (ntohl(((struct sockaddr_in *)hostaddr)-> |
local = (ntohl(((struct sockaddr_in *)hostaddr)-> |
sin_addr.s_addr) >> 24) == IN_LOOPBACKNET; |
sin_addr.s_addr) >> 24) == IN_LOOPBACKNET; |
break; |
break; |
case AF_INET6: |
case AF_INET6: |
local = IN6_IS_ADDR_LOOPBACK( |
local = IN6_IS_ADDR_LOOPBACK( |
|
|
file_key = key_new(host_key->type); |
file_key = key_new(host_key->type); |
|
|
/* |
/* |
* Check if the host key is present in the user's list of known |
* Check if the host key is present in the user\'s list of known |
* hosts or in the systemwide list. |
* hosts or in the systemwide list. |
*/ |
*/ |
host_file = user_hostfile; |
host_file = user_hostfile; |
|
|
|
|
if (show_other_keys(host, host_key)) |
if (show_other_keys(host, host_key)) |
snprintf(msg1, sizeof(msg1), |
snprintf(msg1, sizeof(msg1), |
"\nbut keys of different type are already" |
"\nbut keys of different type are already" |
" known for this host."); |
" known for this host."); |
else |
else |
snprintf(msg1, sizeof(msg1), "."); |
snprintf(msg1, sizeof(msg1), "."); |
/* The default */ |
/* The default */ |
|
|
error("Please contact your system administrator."); |
error("Please contact your system administrator."); |
|
|
xfree(fp); |
xfree(fp); |
} |
|
|
|
/* |
|
* Execute a local command |
|
*/ |
|
int |
|
ssh_local_cmd(const char *args) |
|
{ |
|
char *shell; |
|
pid_t pid; |
|
int status; |
|
|
|
if (!options.permit_local_command || |
|
args == NULL || !*args) |
|
return (1); |
|
|
|
if ((shell = getenv("SHELL")) == NULL) |
|
shell = _PATH_BSHELL; |
|
|
|
pid = fork(); |
|
if (pid == 0) { |
|
debug3("Executing %s -c \"%s\"", shell, args); |
|
execl(shell, shell, "-c", args, (char *)NULL); |
|
error("Couldn't execute %s -c \"%s\": %s", |
|
shell, args, strerror(errno)); |
|
_exit(1); |
|
} else if (pid == -1) |
|
fatal("fork failed: %.100s", strerror(errno)); |
|
while (waitpid(pid, &status, 0) == -1) |
|
if (errno != EINTR) |
|
fatal("Couldn't wait for child: %s", strerror(errno)); |
|
|
|
if (!WIFEXITED(status)) |
|
return (1); |
|
|
|
return (WEXITSTATUS(status)); |
|
} |
} |