+ /* load options.identity_files */
+ load_public_identity_files();
+
+ /* Expand ~ in known host file names. */
+ /* XXX mem-leaks: */
+ options.system_hostfile =
+ tilde_expand_filename(options.system_hostfile, original_real_uid);
+ options.user_hostfile =
+ tilde_expand_filename(options.user_hostfile, original_real_uid);
+ options.system_hostfile2 =
+ tilde_expand_filename(options.system_hostfile2, original_real_uid);
+ options.user_hostfile2 =
+ tilde_expand_filename(options.user_hostfile2, original_real_uid);
+
+ /* Log into the remote system. This never returns if the login fails. */
+ ssh_login(sensitive_data.keys, sensitive_data.nkeys,
+ host, (struct sockaddr *)&hostaddr, pw);
+
+ /* We no longer need the private host keys. Clear them now. */
+ if (sensitive_data.nkeys != 0) {
+ for (i = 0; i < sensitive_data.nkeys; i++) {
+ if (sensitive_data.keys[i] != NULL) {
+ /* Destroys contents safely */
+ debug3("clear hostkey %d", i);
+ key_free(sensitive_data.keys[i]);
+ sensitive_data.keys[i] = NULL;
+ }
+ }
+ xfree(sensitive_data.keys);
+ }
+
+ exit_status = compat20 ? ssh_session2() : ssh_session();
+ packet_close();
+ return exit_status;
+}
+
+static void
+x11_get_proto(char *proto, int proto_len, char *data, int data_len)
+{
+ char line[512];
+ FILE *f;
+ int got_data = 0, i;
+
+ if (options.xauth_location) {
+ /* Try to get Xauthority information for the display. */
+ snprintf(line, sizeof line, "%.100s list %.200s 2>" _PATH_DEVNULL,
+ options.xauth_location, getenv("DISPLAY"));
+ f = popen(line, "r");
+ if (f && fgets(line, sizeof(line), f) &&
+ sscanf(line, "%*s %s %s", proto, data) == 2)
+ got_data = 1;
+ if (f)
+ pclose(f);
+ }
+ /*
+ * If we didn't get authentication data, just make up some
+ * data. The forwarding code will check the validity of the
+ * response anyway, and substitute this data. The X11
+ * server, however, will ignore this fake data and use
+ * whatever authentication mechanisms it was using otherwise
+ * for the local connection.
+ */
+ if (!got_data) {
+ u_int32_t rand = 0;
+
+ strlcpy(proto, "MIT-MAGIC-COOKIE-1", proto_len);
+ for (i = 0; i < 16; i++) {
+ if (i % 4 == 0)
+ rand = arc4random();
+ snprintf(data + 2 * i, data_len - 2 * i, "%02x", rand & 0xff);
+ rand >>= 8;
+ }
+ }
+}
+
+static void
+ssh_init_forwarding(void)
+{
+ int success = 0;
+ int i;
+
+ /* Initiate local TCP/IP port forwardings. */
+ for (i = 0; i < options.num_local_forwards; i++) {
+ debug("Connections to local port %d forwarded to remote address %.200s:%d",
+ options.local_forwards[i].port,
+ options.local_forwards[i].host,
+ options.local_forwards[i].host_port);
+ success += channel_request_local_forwarding(
+ options.local_forwards[i].port,
+ options.local_forwards[i].host,
+ options.local_forwards[i].host_port,
+ options.gateway_ports);
+ }
+ if (i > 0 && success == 0)
+ error("Could not request local forwarding.");
+
+ /* Initiate remote TCP/IP port forwardings. */
+ for (i = 0; i < options.num_remote_forwards; i++) {
+ debug("Connections to remote port %d forwarded to local address %.200s:%d",
+ options.remote_forwards[i].port,
+ options.remote_forwards[i].host,
+ options.remote_forwards[i].host_port);
+ channel_request_remote_forwarding(
+ options.remote_forwards[i].port,
+ options.remote_forwards[i].host,
+ options.remote_forwards[i].host_port);
+ }
+}
+
+static void
+check_agent_present(void)
+{
+ if (options.forward_agent) {
+ /* Clear agent forwarding if we don\'t have an agent. */
+ int authfd = ssh_get_authentication_socket();
+ if (authfd < 0)
+ options.forward_agent = 0;
+ else
+ ssh_close_authentication_socket(authfd);
+ }
+}
+
+static int
+ssh_session(void)
+{
+ int type;
+ int plen;
+ int interactive = 0;
+ int have_tty = 0;
+ struct winsize ws;
+ char *cp;
+
+ /* Enable compression if requested. */
+ if (options.compression) {
+ debug("Requesting compression at level %d.", options.compression_level);
+
+ if (options.compression_level < 1 || options.compression_level > 9)
+ fatal("Compression level must be from 1 (fast) to 9 (slow, best).");
+
+ /* Send the request. */
+ packet_start(SSH_CMSG_REQUEST_COMPRESSION);
+ packet_put_int(options.compression_level);
+ packet_send();
+ packet_write_wait();
+ type = packet_read(&plen);
+ if (type == SSH_SMSG_SUCCESS)
+ packet_start_compression(options.compression_level);
+ else if (type == SSH_SMSG_FAILURE)
+ log("Warning: Remote host refused compression.");
+ else
+ packet_disconnect("Protocol error waiting for compression response.");
+ }
+ /* Allocate a pseudo tty if appropriate. */
+ if (tty_flag) {
+ debug("Requesting pty.");
+
+ /* Start the packet. */
+ packet_start(SSH_CMSG_REQUEST_PTY);
+
+ /* Store TERM in the packet. There is no limit on the
+ length of the string. */
+ cp = getenv("TERM");
+ if (!cp)
+ cp = "";
+ packet_put_cstring(cp);
+
+ /* Store window size in the packet. */
+ if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) < 0)
+ memset(&ws, 0, sizeof(ws));
+ packet_put_int(ws.ws_row);
+ packet_put_int(ws.ws_col);
+ packet_put_int(ws.ws_xpixel);
+ packet_put_int(ws.ws_ypixel);
+
+ /* Store tty modes in the packet. */
+ tty_make_modes(fileno(stdin), NULL);
+
+ /* Send the packet, and wait for it to leave. */
+ packet_send();
+ packet_write_wait();
+
+ /* Read response from the server. */
+ type = packet_read(&plen);
+ if (type == SSH_SMSG_SUCCESS) {
+ interactive = 1;
+ have_tty = 1;
+ } else if (type == SSH_SMSG_FAILURE)
+ log("Warning: Remote host failed or refused to allocate a pseudo tty.");
+ else
+ packet_disconnect("Protocol error waiting for pty request response.");
+ }
+ /* Request X11 forwarding if enabled and DISPLAY is set. */
+ if (options.forward_x11 && getenv("DISPLAY") != NULL) {
+ char proto[512], data[512];
+ /* Get reasonable local authentication information. */
+ x11_get_proto(proto, sizeof proto, data, sizeof data);
+ /* Request forwarding with authentication spoofing. */
+ debug("Requesting X11 forwarding with authentication spoofing.");
+ x11_request_forwarding_with_spoofing(0, proto, data);
+
+ /* Read response from the server. */
+ type = packet_read(&plen);
+ if (type == SSH_SMSG_SUCCESS) {
+ interactive = 1;
+ } else if (type == SSH_SMSG_FAILURE) {
+ log("Warning: Remote host denied X11 forwarding.");
+ } else {
+ packet_disconnect("Protocol error waiting for X11 forwarding");
+ }
+ }
+ /* Tell the packet module whether this is an interactive session. */
+ packet_set_interactive(interactive);
+
+ /* Request authentication agent forwarding if appropriate. */
+ check_agent_present();
+
+ if (options.forward_agent) {
+ debug("Requesting authentication agent forwarding.");
+ auth_request_forwarding();
+
+ /* Read response from the server. */
+ type = packet_read(&plen);
+ packet_integrity_check(plen, 0, type);
+ if (type != SSH_SMSG_SUCCESS)
+ log("Warning: Remote host denied authentication agent forwarding.");
+ }
+
+ /* Initiate port forwardings. */
+ ssh_init_forwarding();
+
+ /* If requested, let ssh continue in the background. */
+ if (fork_after_authentication_flag)
+ if (daemon(1, 1) < 0)
+ fatal("daemon() failed: %.200s", strerror(errno));
+
+ /*
+ * If a command was specified on the command line, execute the
+ * command now. Otherwise request the server to start a shell.
+ */
+ if (buffer_len(&command) > 0) {
+ int len = buffer_len(&command);
+ if (len > 900)
+ len = 900;
+ debug("Sending command: %.*s", len, buffer_ptr(&command));
+ packet_start(SSH_CMSG_EXEC_CMD);
+ packet_put_string(buffer_ptr(&command), buffer_len(&command));
+ packet_send();
+ packet_write_wait();
+ } else {
+ debug("Requesting shell.");
+ packet_start(SSH_CMSG_EXEC_SHELL);
+ packet_send();
+ packet_write_wait();
+ }
+
+ /* Enter the interactive session. */
+ return client_loop(have_tty, tty_flag ?
+ options.escape_char : SSH_ESCAPECHAR_NONE, 0);
+}
+
+static void
+client_subsystem_reply(int type, int plen, void *ctxt)
+{
+ int id, len;
+
+ id = packet_get_int();
+ len = buffer_len(&command);
+ if (len > 900)
+ len = 900;
+ packet_done();
+ if (type == SSH2_MSG_CHANNEL_FAILURE)
+ fatal("Request for subsystem '%.*s' failed on channel %d",
+ len, buffer_ptr(&command), id);
+}
+
+static void
+ssh_session2_callback(int id, void *arg)
+{
+ int len;
+ int interactive = 0;
+ struct termios tio;
+
+ debug("client_init id %d arg %ld", id, (long)arg);
+
+ if (tty_flag) {
+ struct winsize ws;
+ char *cp;
+ cp = getenv("TERM");
+ if (!cp)
+ cp = "";
+ /* Store window size in the packet. */
+ if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) < 0)
+ memset(&ws, 0, sizeof(ws));
+
+ channel_request_start(id, "pty-req", 0);
+ packet_put_cstring(cp);
+ packet_put_int(ws.ws_col);
+ packet_put_int(ws.ws_row);
+ packet_put_int(ws.ws_xpixel);
+ packet_put_int(ws.ws_ypixel);
+ tio = get_saved_tio();
+ tty_make_modes(/*ignored*/ 0, &tio);
+ packet_send();
+ interactive = 1;
+ /* XXX wait for reply */