*/
#include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.183 2002/08/29 16:02:54 stevesk Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.190 2003/02/06 09:27:29 markus Exp $");
#include <openssl/evp.h>
#include <openssl/err.h>
/* # of replies received for global requests */
static int client_global_request_id = 0;
+/* pid of proxycommand child process */
+pid_t proxy_command_pid = 0;
+
/* Prints a help message to the user. This function never returns. */
static void
*/
original_real_uid = getuid();
original_effective_uid = geteuid();
+
+ /*
+ * Use uid-swapping to give up root privileges for the duration of
+ * option processing. We will re-instantiate the rights when we are
+ * ready to create the privileged port, and will permanently drop
+ * them when the port has been created (actually, when the connection
+ * has been made, as we may need to create the port several times).
+ */
+ PRIV_END;
#ifdef HAVE_SETRLIMIT
/* If we are installed setuid root be careful to not drop core. */
/* Get user data. */
pw = getpwuid(original_real_uid);
if (!pw) {
- log("You don't exist, go away!");
+ logit("You don't exist, go away!");
exit(1);
}
/* Take a copy of the returned structure. */
pw = pwcopy(pw);
- /*
- * Use uid-swapping to give up root privileges for the duration of
- * option processing. We will re-instantiate the rights when we are
- * ready to create the privileged port, and will permanently drop
- * them when the port has been created (actually, when the connection
- * has been made, as we may need to create the port several times).
- */
- PRIV_END;
-
/*
* Set our umask to something reasonable, as some files are created
* with the default umask. This will make them world-readable but
av += optind;
if (ac > 0 && !host && **av != '-') {
- if (strchr(*av, '@')) {
+ if (strrchr(*av, '@')) {
p = xstrdup(*av);
- cp = strchr(p, '@');
+ cp = strrchr(p, '@');
if (cp == NULL || cp == p)
usage();
options.user = p;
host = ++cp;
} else
host = *av;
- ac--, av++;
- if (ac > 0) {
- optind = 0;
- optreset = 1;
+ if (ac > 1) {
+ optind = optreset = 1;
goto again;
}
+ ac--, av++;
}
/* Check that we got a host name. */
/* Do not allocate a tty if stdin is not a tty. */
if (!isatty(fileno(stdin)) && !force_tty_flag) {
if (tty_flag)
- log("Pseudo-terminal will not be allocated because stdin is not a terminal.");
+ logit("Pseudo-terminal will not be allocated because stdin is not a terminal.");
tty_flag = 0;
}
if (options.hostname != NULL)
host = options.hostname;
+ if (options.proxy_command != NULL &&
+ strcmp(options.proxy_command, "none") == 0)
+ options.proxy_command = NULL;
+
/* Disable rhosts authentication if not running as root. */
#ifdef HAVE_CYGWIN
/* Ignore uid if running under Windows */
exit_status = compat20 ? ssh_session2() : ssh_session();
packet_close();
+
+ /*
+ * Send SIGHUP to proxy command if used. We don't wait() in
+ * case it hangs and instead rely on init to reap the child
+ */
+ if (proxy_command_pid > 1)
+ kill(proxy_command_pid, SIGHUP);
+
return exit_status;
}
if (!got_data) {
u_int32_t rand = 0;
- log("Warning: No xauth data; using fake authentication data for X11 forwarding.");
+ logit("Warning: No xauth data; using fake authentication data for X11 forwarding.");
strlcpy(proto, "MIT-MAGIC-COOKIE-1", sizeof proto);
for (i = 0; i < 16; i++) {
if (i % 4 == 0)
{
if (options.forward_agent) {
/* Clear agent forwarding if we don\'t have an agent. */
- int authfd = ssh_get_authentication_socket();
- if (authfd < 0)
+ if (!ssh_agent_present())
options.forward_agent = 0;
- else
- ssh_close_authentication_socket(authfd);
}
}
if (type == SSH_SMSG_SUCCESS)
packet_start_compression(options.compression_level);
else if (type == SSH_SMSG_FAILURE)
- log("Warning: Remote host refused compression.");
+ logit("Warning: Remote host refused compression.");
else
packet_disconnect("Protocol error waiting for compression response.");
}
interactive = 1;
have_tty = 1;
} else if (type == SSH_SMSG_FAILURE)
- log("Warning: Remote host failed or refused to allocate a pseudo tty.");
+ logit("Warning: Remote host failed or refused to allocate a pseudo tty.");
else
packet_disconnect("Protocol error waiting for pty request response.");
}
if (type == SSH_SMSG_SUCCESS) {
interactive = 1;
} else if (type == SSH_SMSG_FAILURE) {
- log("Warning: Remote host denied X11 forwarding.");
+ logit("Warning: Remote host denied X11 forwarding.");
} else {
packet_disconnect("Protocol error waiting for X11 forwarding");
}
type = packet_read();
packet_check_eom();
if (type != SSH_SMSG_SUCCESS)
- log("Warning: Remote host denied authentication agent forwarding.");
+ logit("Warning: Remote host denied authentication agent forwarding.");
}
/* Initiate port forwardings. */
options.remote_forwards[i].host,
options.remote_forwards[i].host_port);
if (type == SSH2_MSG_REQUEST_FAILURE)
- log("Warning: remote port forwarding failed for listen port %d",
+ logit("Warning: remote port forwarding failed for listen port %d",
options.remote_forwards[i].port);
}
int interactive = 0;
struct termios tio;
- debug("ssh_session2_setup: id %d", id);
+ debug2("ssh_session2_setup: id %d", id);
if (tty_flag) {
struct winsize ws;