X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/8efc0c151a0f57612e1aa0abb5b7d536db4cf76a..e9c75a39e84860f266a0f94707ca3712fdb57f53:/ssh.c diff --git a/ssh.c b/ssh.c index 9ec18336..702e7d26 100644 --- a/ssh.c +++ b/ssh.c @@ -32,9 +32,6 @@ RCSID("$Id$"); command line. */ int debug_flag = 0; -/* Flag indicating whether quiet mode is on. */ -int quiet_flag = 0; - /* Flag indicating whether to allocate a pseudo tty. This can be set on the command line, and is automatically set if no command is given on the command line. */ @@ -158,8 +155,6 @@ rsh_connect(char *host, char *user, Buffer *command) /* Main program for the ssh client. */ -uid_t original_real_uid; - int main(int ac, char **av) { @@ -308,16 +303,17 @@ main(int ac, char **av) case 'v': case 'V': - debug_flag = 1; fprintf(stderr, "SSH Version %s, protocol version %d.%d.\n", SSH_VERSION, PROTOCOL_MAJOR, PROTOCOL_MINOR); fprintf(stderr, "Compiled with SSL.\n"); if (opt == 'V') exit(0); + debug_flag = 1; + options.log_level = SYSLOG_LEVEL_DEBUG; break; case 'q': - quiet_flag = 1; + options.log_level = SYSLOG_LEVEL_QUIET; break; case 'e': @@ -387,8 +383,9 @@ main(int ac, char **av) case 'o': dummy = 1; - process_config_line(&options, host ? host : "", optarg, - "command-line", 0, &dummy); + if (process_config_line(&options, host ? host : "", optarg, + "command-line", 0, &dummy) != 0) + exit(1); break; default: @@ -468,7 +465,7 @@ main(int ac, char **av) /* Initialize "log" output. Since we are the client all output actually goes to the terminal. */ - log_init(av[0], 1, debug_flag, quiet_flag, SYSLOG_FACILITY_USER); + log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 0); /* Read per-user configuration file. */ snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, SSH_USER_CONFFILE); @@ -479,6 +476,10 @@ main(int ac, char **av) /* Fill configuration defaults. */ fill_default_options(&options); + + /* reinit */ + log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 0); + if (options.user == NULL) options.user = xstrdup(pw->pw_name); @@ -501,7 +502,7 @@ main(int ac, char **av) } /* Disable rhosts authentication if not running as root. */ - if (original_effective_uid != 0) + if (original_effective_uid != 0 || !options.use_privileged_port) { options.rhosts_authentication = 0; options.rhosts_rsa_authentication = 0; @@ -527,13 +528,7 @@ main(int ac, char **av) restore_uid(); /* Open a connection to the remote host. This needs root privileges if - rhosts_{rsa_}authentication is true. */ - - if (!options.use_privileged_port) - { - options.rhosts_authentication = 0; - options.rhosts_rsa_authentication = 0; - } + rhosts_{rsa_}authentication is enabled. */ ok = ssh_connect(host, &hostaddr, options.port, options.connection_attempts, !options.rhosts_authentication && @@ -596,7 +591,7 @@ main(int ac, char **av) /* Log into the remote system. This never returns if the login fails. */ ssh_login(host_private_key_loaded, host_private_key, - host, &hostaddr, &options, original_real_uid); + host, &hostaddr, original_real_uid); /* We no longer need the host private key. Clear it now. */ if (host_private_key_loaded) @@ -605,17 +600,6 @@ main(int ac, char **av) /* Close connection cleanly after attack. */ cipher_attack_detected = packet_disconnect; - /* If requested, fork and let ssh continue in the background. */ - if (fork_after_authentication_flag) - { - int ret = fork(); - if (ret == -1) - fatal("fork failed: %.100s", strerror(errno)); - if (ret != 0) - exit(0); - setsid(); - } - /* Enable compression if requested. */ if (options.compression) { @@ -777,6 +761,17 @@ main(int ac, char **av) options.remote_forwards[i].host_port); } + /* If requested, fork and let ssh continue in the background. */ + if (fork_after_authentication_flag) + { + int ret = fork(); + if (ret == -1) + fatal("fork failed: %.100s", strerror(errno)); + if (ret != 0) + exit(0); + setsid(); + } + /* If a command was specified on the command line, execute the command now. Otherwise request the server to start a shell. */ if (buffer_len(&command) > 0)