-/* $OpenBSD: sshconnect2.c,v 1.172 2009/10/23 01:57:11 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.177 2010/01/04 01:45:30 dtucker Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Damien Miller. All rights reserved.
#include <sys/stat.h>
#include <errno.h>
+#include <fcntl.h>
#include <netdb.h>
#include <pwd.h>
#include <signal.h>
dispatch_run(DISPATCH_BLOCK, &kex->done, kex);
+ if (options.use_roaming && !kex->roaming) {
+ debug("Roaming not allowed by server");
+ options.use_roaming = 0;
+ }
+
session_id2 = kex->session_id;
session_id2_len = kex->session_id_len;
if (len > 65536)
len = 65536;
msg = xmalloc(len * 4 + 1); /* max expansion from strnvis() */
- strnvis(msg, raw, len * 4 + 1, VIS_SAFE|VIS_OCTAL);
+ strnvis(msg, raw, len * 4 + 1, VIS_SAFE|VIS_OCTAL|VIS_NOSLASH);
fprintf(stderr, "%s", msg);
xfree(msg);
}
static int attempt = 0;
char prompt[150];
char *password;
+ const char *host = options.host_key_alias ? options.host_key_alias :
+ authctxt->host;
if (attempt++ >= options.number_of_password_prompts)
return 0;
error("Permission denied, please try again.");
snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ",
- authctxt->server_user, authctxt->host);
+ authctxt->server_user, host);
password = read_passphrase(prompt, 0);
packet_start(SSH2_MSG_USERAUTH_REQUEST);
packet_put_cstring(authctxt->server_user);
Authctxt *authctxt = ctxt;
char *info, *lang, *password = NULL, *retype = NULL;
char prompt[150];
+ const char *host = options.host_key_alias ? options.host_key_alias :
+ authctxt->host;
debug2("input_userauth_passwd_changereq");
packet_put_char(1); /* additional info */
snprintf(prompt, sizeof(prompt),
"Enter %.30s@%.128s's old password: ",
- authctxt->server_user, authctxt->host);
+ authctxt->server_user, host);
password = read_passphrase(prompt, 0);
packet_put_cstring(password);
memset(password, 0, strlen(password));
while (password == NULL) {
snprintf(prompt, sizeof(prompt),
"Enter %.30s@%.128s's new password: ",
- authctxt->server_user, authctxt->host);
+ authctxt->server_user, host);
password = read_passphrase(prompt, RP_ALLOW_EOF);
if (password == NULL) {
/* bail out */
}
snprintf(prompt, sizeof(prompt),
"Retype %.30s@%.128s's new password: ",
- authctxt->server_user, authctxt->host);
+ authctxt->server_user, host);
retype = read_passphrase(prompt, 0);
if (strcmp(password, retype) != 0) {
memset(password, 0, strlen(password));
return -1;
}
if (pid == 0) {
+ /* keep the socket on exec */
+ fcntl(packet_get_connection_in(), F_SETFD, 0);
permanently_drop_suid(getuid());
close(from[0]);
if (dup2(from[1], STDOUT_FILENO) < 0)
char *chost, *pkalg, *p, myname[NI_MAXHOST];
const char *service;
u_int blen, slen;
- int ok, i, len, found = 0;
+ int ok, i, found = 0;
/* check for a useful key */
for (i = 0; i < sensitive->nkeys; i++) {
xfree(blob);
return 0;
}
- len = strlen(p) + 2;
xasprintf(&chost, "%s.", p);
debug2("userauth_hostbased: chost %s", chost);
xfree(p);