- djm@cvs.openbsd.org 2010/01/30 02:54:53

[openssh.git] / sshconnect.c

diff --git a/sshconnect.c b/sshconnect.c
index ec8ba33e01674ea93d7b1cc14a9beb0e81621f78..63c4650f738b9957903d5fdecfff5385f48337df 100644 (file)
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.211 2008/07/01 07:24:22 dtucker Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.218 2010/01/13 00:19:04 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -28,6 +28,7 @@
 
 #include <ctype.h>
 #include <errno.h>
+#include <fcntl.h>
 #include <netdb.h>
 #ifdef HAVE_PATHS_H
 #include <paths.h>
@@ -56,6 +57,7 @@
 #include "atomicio.h"
 #include "misc.h"
 #include "dns.h"
+#include "roaming.h"
 #include "version.h"
 
 char *client_version_string = NULL;
@@ -70,10 +72,6 @@ extern uid_t original_real_uid;
 extern uid_t original_effective_uid;
 extern pid_t proxy_command_pid;
 
-#ifndef INET6_ADDRSTRLEN               /* for non IPv6 machines */
-#define INET6_ADDRSTRLEN 46
-#endif
-
 static int show_other_keys(const char *, Key *);
 static void warn_changed_key(Key *);
 
@@ -194,8 +192,11 @@ ssh_create_socket(int privileged, struct addrinfo *ai)
                return sock;
        }
        sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
-       if (sock < 0)
+       if (sock < 0) {
                error("socket: %.100s", strerror(errno));
+               return -1;
+       }
+       fcntl(sock, F_SETFD, FD_CLOEXEC);
 
        /* Bind the socket to an alternative local IP address */
        if (options.bind_address == NULL)
@@ -417,7 +418,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
  * Waits for the server identification string, and sends our own
  * identification string.
  */
-static void
+void
 ssh_exchange_identification(int timeout_ms)
 {
        char buf[256], remote_version[256];     /* must be same size! */
@@ -456,7 +457,7 @@ ssh_exchange_identification(int timeout_ms)
                                }
                        }
 
-                       len = atomicio(read, connection_in, &buf[i], 1);
+                       len = roaming_atomicio(read, connection_in, &buf[i], 1);
 
                        if (len != 1 && errno == EPIPE)
                                fatal("ssh_exchange_identification: "
@@ -541,7 +542,8 @@ ssh_exchange_identification(int timeout_ms)
            compat20 ? PROTOCOL_MAJOR_2 : PROTOCOL_MAJOR_1,
            compat20 ? PROTOCOL_MINOR_2 : minor1,
            SSH_VERSION, compat20 ? "\r\n" : "\n");
-       if (atomicio(vwrite, connection_out, buf, strlen(buf)) != strlen(buf))
+       if (roaming_atomicio(vwrite, connection_out, buf, strlen(buf))
+           != strlen(buf))
                fatal("write: %.100s", strerror(errno));
        client_version_string = xstrdup(buf);
        chop(client_version_string);
@@ -741,8 +743,8 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
                if (options.host_key_alias == NULL && port != 0 &&
                    port != SSH_DEFAULT_PORT) {
                        debug("checking without port identifier");
-                       if (check_host_key(hostname, hostaddr, 0, host_key, 2,
-                           user_hostfile, system_hostfile) == 0) {
+                       if (check_host_key(hostname, hostaddr, 0, host_key,
+                           ROQUIET, user_hostfile, system_hostfile) == 0) {
                                debug("found matching key w/out port");
                                break;
                        }
@@ -927,7 +929,7 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
                 * XXX Should permit the user to change to use the new id.
                 * This could be done by converting the host key to an
                 * identifying sentence, tell that the host identifies itself
-                * by that sentence, and ask the user if he/she whishes to
+                * by that sentence, and ask the user if he/she wishes to
                 * accept the authentication.
                 */
                break;