Merged hpn13v5 to trunk.

[gssapi-openssh.git] / openssh / sshconnect2.c

diff --git a/openssh/sshconnect2.c b/openssh/sshconnect2.c
index 4a18b0582bc021e231913a3589b6b1a440b3c594..a61b99ced4a2ae4403bee61ce3a3192266c17306 100644 (file)
--- a/openssh/sshconnect2.c
+++ b/openssh/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.162 2006/08/30 00:06:51 dtucker Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.166 2008/07/17 08:48:00 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -31,12 +31,16 @@
 #include <sys/stat.h>
 
 #include <errno.h>
+#include <netdb.h>
 #include <pwd.h>
 #include <signal.h>
 #include <stdarg.h>
 #include <stdio.h>
 #include <string.h>
 #include <unistd.h>
+#if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H)
+#include <vis.h>
+#endif
 
 #include "openbsd-compat/sys-queue.h"
 
@@ -72,7 +76,11 @@
 extern char *client_version_string;
 extern char *server_version_string;
 extern Options options;
-extern Kex *xxx_kex;
+
+/* tty_flag is set in ssh.c. use this in ssh_userauth2 */
+/* if it is set then prevent the switch to the null cipher */
+
+extern int tty_flag;
 
 /* tty_flag is set in ssh.c. use this in ssh_userauth2 */
 /* if it is set then prevent the switch to the null cipher */
@@ -139,8 +147,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
        if (options.ciphers != NULL) {
                myproposal[PROPOSAL_ENC_ALGS_CTOS] =
                myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
-       } 
-
+       }
        myproposal[PROPOSAL_ENC_ALGS_CTOS] =
            compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]);
        myproposal[PROPOSAL_ENC_ALGS_STOC] =
@@ -171,7 +178,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
 #endif
 
        if (options.rekey_limit)
-               packet_set_rekey_limit(options.rekey_limit);
+               packet_set_rekey_limit((u_int32_t)options.rekey_limit);
 
        /* start key exchange */
        kex = kex_setup(myproposal);
@@ -464,14 +471,21 @@ input_userauth_error(int type, u_int32_t seq, void *ctxt)
 void
 input_userauth_banner(int type, u_int32_t seq, void *ctxt)
 {
-       char *msg, *lang;
+       char *msg, *raw, *lang;
+       u_int len;
 
        debug3("input_userauth_banner");
-       msg = packet_get_string(NULL);
+       raw = packet_get_string(&len);
        lang = packet_get_string(NULL);
-       if (options.log_level >= SYSLOG_LEVEL_INFO)
+       if (options.log_level >= SYSLOG_LEVEL_INFO) {
+               if (len > 65536)
+                       len = 65536;
+               msg = xmalloc(len * 4); /* max expansion from strnvis() */
+               strnvis(msg, raw, len * 4, VIS_SAFE|VIS_OCTAL);
                fprintf(stderr, "%s", msg);
-       xfree(msg);
+               xfree(msg);
+       }
+       xfree(raw);
        xfree(lang);
 }
 
@@ -1510,7 +1524,7 @@ userauth_hostbased(Authctxt *authctxt)
        Sensitive *sensitive = authctxt->sensitive;
        Buffer b;
        u_char *signature, *blob;
-       char *chost, *pkalg, *p;
+       char *chost, *pkalg, *p, myname[NI_MAXHOST];
        const char *service;
        u_int blen, slen;
        int ok, i, len, found = 0;
@@ -1534,7 +1548,16 @@ userauth_hostbased(Authctxt *authctxt)
                return 0;
        }
        /* figure out a name for the client host */
-       p = get_local_name(packet_get_connection_in());
+       p = NULL;
+       if (packet_connection_is_on_socket())
+               p = get_local_name(packet_get_connection_in());
+       if (p == NULL) {
+               if (gethostname(myname, sizeof(myname)) == -1) {
+                       verbose("userauth_hostbased: gethostname: %s", 
+                           strerror(errno));
+               } else
+                       p = xstrdup(myname);
+       }
        if (p == NULL) {
                error("userauth_hostbased: cannot get local ipaddr/name");
                key_free(private);