command line. */
int debug_flag = 0;
-/* Flag indicating whether quiet mode is on. */
-int quiet_flag = 0;
-
/* Flag indicating whether to allocate a pseudo tty. This can be set on the
command line, and is automatically set if no command is given on the command
line. */
/* Main program for the ssh client. */
-uid_t original_real_uid;
-
int
main(int ac, char **av)
{
case 'v':
case 'V':
- debug_flag = 1;
fprintf(stderr, "SSH Version %s, protocol version %d.%d.\n",
SSH_VERSION, PROTOCOL_MAJOR, PROTOCOL_MINOR);
fprintf(stderr, "Compiled with SSL.\n");
if (opt == 'V')
exit(0);
+ debug_flag = 1;
+ options.log_level = SYSLOG_LEVEL_DEBUG;
break;
case 'q':
- quiet_flag = 1;
+ options.log_level = SYSLOG_LEVEL_QUIET;
break;
case 'e':
case 'o':
dummy = 1;
- process_config_line(&options, host ? host : "", optarg,
- "command-line", 0, &dummy);
+ if (process_config_line(&options, host ? host : "", optarg,
+ "command-line", 0, &dummy) != 0)
+ exit(1);
break;
default:
/* Initialize "log" output. Since we are the client all output actually
goes to the terminal. */
- log_init(av[0], 1, debug_flag, quiet_flag, SYSLOG_FACILITY_USER);
+ log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 0);
/* Read per-user configuration file. */
snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, SSH_USER_CONFFILE);
/* Fill configuration defaults. */
fill_default_options(&options);
+
+ /* reinit */
+ log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 0);
+
if (options.user == NULL)
options.user = xstrdup(pw->pw_name);
}
/* Disable rhosts authentication if not running as root. */
- if (original_effective_uid != 0)
+ if (original_effective_uid != 0 || !options.use_privileged_port)
{
options.rhosts_authentication = 0;
options.rhosts_rsa_authentication = 0;
restore_uid();
/* Open a connection to the remote host. This needs root privileges if
- rhosts_{rsa_}authentication is true. */
-
- if (!options.use_privileged_port)
- {
- options.rhosts_authentication = 0;
- options.rhosts_rsa_authentication = 0;
- }
+ rhosts_{rsa_}authentication is enabled. */
ok = ssh_connect(host, &hostaddr, options.port, options.connection_attempts,
!options.rhosts_authentication &&
/* Log into the remote system. This never returns if the login fails. */
ssh_login(host_private_key_loaded, host_private_key,
- host, &hostaddr, &options, original_real_uid);
+ host, &hostaddr, original_real_uid);
/* We no longer need the host private key. Clear it now. */
if (host_private_key_loaded)
/* Close connection cleanly after attack. */
cipher_attack_detected = packet_disconnect;
- /* If requested, fork and let ssh continue in the background. */
- if (fork_after_authentication_flag)
- {
- int ret = fork();
- if (ret == -1)
- fatal("fork failed: %.100s", strerror(errno));
- if (ret != 0)
- exit(0);
- setsid();
- }
-
/* Enable compression if requested. */
if (options.compression)
{
options.remote_forwards[i].host_port);
}
+ /* If requested, fork and let ssh continue in the background. */
+ if (fork_after_authentication_flag)
+ {
+ int ret = fork();
+ if (ret == -1)
+ fatal("fork failed: %.100s", strerror(errno));
+ if (ret != 0)
+ exit(0);
+ setsid();
+ }
+
/* If a command was specified on the command line, execute the command now.
Otherwise request the server to start a shell. */
if (buffer_len(&command) > 0)
andersk / openssh.git / blobdiff