X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/96ee83868809f6ddea859fe398a8560e992b08c7..5d97cfbf8be086f7495f35675e967358d2babb7d:/ssh.c

diff --git a/ssh.c b/ssh.c
index 7db19f3b..bd0d5ba9 100644
--- a/ssh.c
+++ b/ssh.c
@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.97 2001/02/21 21:14:04 stevesk Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.115 2001/04/14 16:33:20 stevesk Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -67,6 +67,7 @@ RCSID("$OpenBSD: ssh.c,v 1.97 2001/02/21 21:14:04 stevesk Exp $");
 #include "misc.h"
 #include "kex.h"
 #include "mac.h"
+#include "sshtty.h"
 
 #ifdef HAVE___PROGNAME
 extern char *__progname;
@@ -130,11 +131,11 @@ struct sockaddr_storage hostaddr;
  */
 volatile int received_window_change_signal = 0;
 
-/* Flag indicating whether we have a valid host private key loaded. */
-int host_private_key_loaded = 0;
-
-/* Host private key. */
-RSA *host_private_key = NULL;
+/* Private host keys. */
+struct {
+	Key     **keys;
+	int	nkeys;
+} sensitive_data;
 
 /* Original real UID. */
 uid_t original_real_uid;
@@ -161,8 +162,8 @@ usage(void)
 #endif				/* AFS */
 	fprintf(stderr, "  -X          Enable X11 connection forwarding.\n");
 	fprintf(stderr, "  -x          Disable X11 connection forwarding.\n");
-	fprintf(stderr, "  -i file     Identity for public key authentication\n");
-	fprintf(stderr, "              (default: ~/.ssh/identity).\n");
+	fprintf(stderr, "  -i file     Identity for public key authentication "
+	    "(default: ~/.ssh/identity)\n");
 	fprintf(stderr, "  -t          Tty; allocate a tty even if command is given.\n");
 	fprintf(stderr, "  -T          Do not allocate a tty.\n");
 	fprintf(stderr, "  -v          Verbose; display verbose debugging messages.\n");
@@ -174,13 +175,17 @@ usage(void)
 	fprintf(stderr, "  -e char     Set escape character; ``none'' = disable (default: ~).\n");
 
 	fprintf(stderr, "  -c cipher   Select encryption algorithm: "
-			"``3des'', "
-			"``blowfish''\n");
+	    "``3des'', ``blowfish''\n");
+	fprintf(stderr, "  -m macs     Specify MAC algorithms for protocol version 2.\n");
 	fprintf(stderr, "  -p port     Connect to this port.  Server must be on the same port.\n");
 	fprintf(stderr, "  -L listen-port:host:port   Forward local port to remote address\n");
 	fprintf(stderr, "  -R listen-port:host:port   Forward remote port to local address\n");
 	fprintf(stderr, "              These cause %s to listen for connections on a port, and\n", __progname);
 	fprintf(stderr, "              forward them to the other side by connecting to host:port.\n");
+	fprintf(stderr, "  -D port     Dynamically forward local port to multiple remote addresses.\n");
+	fprintf(stderr, "              Allows %s to act as an application-layer proxy.\n",
+	    __progname);
+	fprintf(stderr, "              Protocols supported: SOCKS4, SOCKS5, HTTPS\n");
 	fprintf(stderr, "  -C          Enable compression.\n");
 	fprintf(stderr, "  -N          Do not execute a shell or command.\n");
 	fprintf(stderr, "  -g          Allow remote hosts to connect to forwarded ports.\n");
@@ -233,7 +238,7 @@ rsh_connect(char *host, char *user, Buffer * command)
 
 int	ssh_session(void);
 int	ssh_session2(void);
-int	guess_identity_file_type(const char *filename);
+void	load_public_identity_files(void);
 
 /*
  * Main program for the ssh client.
@@ -245,7 +250,7 @@ main(int ac, char **av)
 	u_short fwd_port, fwd_host_port;
 	char *optarg, *cp, buf[256];
 	struct stat st;
-	struct passwd *pw, pwcopy;
+	struct passwd *pw;
 	int dummy;
 	uid_t original_effective_uid;
 
@@ -268,6 +273,15 @@ main(int ac, char **av)
 			fatal("setrlimit failed: %.100s", strerror(errno));
 	}
 #endif
+	/* Get user data. */
+	pw = getpwuid(original_real_uid);
+	if (!pw) {
+		log("You don't exist, go away!");
+		exit(1);
+	}
+	/* Take a copy of the returned structure. */
+	pw = pwcopy(pw);
+
 	/*
 	 * Use uid-swapping to give up root privileges for the duration of
 	 * option processing.  We will re-instantiate the rights when we are
@@ -275,7 +289,7 @@ main(int ac, char **av)
 	 * them when the port has been created (actually, when the connection
 	 * has been made, as we may need to create the port several times).
 	 */
-	temporarily_use_uid(original_real_uid);
+	temporarily_use_uid(pw);
 
 	/*
 	 * Set our umask to something reasonable, as some files are created
@@ -308,7 +322,7 @@ main(int ac, char **av)
 		opt = av[optind][1];
 		if (!opt)
 			usage();
-		if (strchr("eilcmpLRo", opt)) {	/* options with arguments */
+		if (strchr("eilcmpLRDo", opt)) {   /* options with arguments */
 			optarg = av[optind] + 2;
 			if (strcmp(optarg, "") == 0) {
 				if (optind >= ac - 1)
@@ -388,7 +402,7 @@ main(int ac, char **av)
 				options.log_level++;
 				break;
 			} else {
-				fatal("Too high debugging level.\n");
+				fatal("Too high debugging level.");
 			}
 			/* fallthrough */
 		case 'V':
@@ -447,7 +461,11 @@ main(int ac, char **av)
 			}
 			break;
 		case 'p':
-			options.port = atoi(optarg);
+			options.port = a2port(optarg);
+			if (options.port == 0) {
+				fprintf(stderr, "Bad port '%s'\n", optarg);
+				exit(1);
+			}
 			break;
 		case 'l':
 			options.user = optarg;
@@ -474,6 +492,16 @@ main(int ac, char **av)
 			}
 			add_local_forward(&options, fwd_port, buf, fwd_host_port);
 			break;
+
+		case 'D':
+			fwd_port = a2port(optarg);
+			if (fwd_port == 0) {
+				fprintf(stderr, "Bad dynamic port '%s'\n", optarg);
+				exit(1);
+			}
+			add_local_forward(&options, fwd_port, "socks4", 0);
+			break;
+
 		case 'C':
 			options.compression = 1;
 			break;
@@ -517,7 +545,7 @@ main(int ac, char **av)
 		/* No command specified - execute shell on a tty. */
 		tty_flag = 1;
 		if (subsystem_flag) {
-			fprintf(stderr, "You must specify a subsystem to invoke.");
+			fprintf(stderr, "You must specify a subsystem to invoke.\n");
 			usage();
 		}
 	} else {
@@ -544,32 +572,16 @@ main(int ac, char **av)
 	/* Do not allocate a tty if stdin is not a tty. */
 	if (!isatty(fileno(stdin)) && !force_tty_flag) {
 		if (tty_flag)
-			log("Pseudo-terminal will not be allocated because stdin is not a terminal.\n");
+			log("Pseudo-terminal will not be allocated because stdin is not a terminal.");
 		tty_flag = 0;
 	}
 
-	/* Get user data. */
-	pw = getpwuid(original_real_uid);
-	if (!pw) {
-		log("You don't exist, go away!\n");
-		exit(1);
-	}
-	/* Take a copy of the returned structure. */
-	memset(&pwcopy, 0, sizeof(pwcopy));
-	pwcopy.pw_name = xstrdup(pw->pw_name);
-	pwcopy.pw_passwd = xstrdup(pw->pw_passwd);
-	pwcopy.pw_uid = pw->pw_uid;
-	pwcopy.pw_gid = pw->pw_gid;
-#ifdef HAVE_PW_CLASS_IN_PASSWD
-	pwcopy.pw_class = xstrdup(pw->pw_class);
-#endif
-	pwcopy.pw_dir = xstrdup(pw->pw_dir);
-	pwcopy.pw_shell = xstrdup(pw->pw_shell);
-	pw = &pwcopy;
-
-	/* Initialize "log" output.  Since we are the client all output
-	   actually goes to the terminal. */
-	log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 0);
+	/*
+	 * Initialize "log" output.  Since we are the client all output
+	 * actually goes to stderr.
+	 */
+	log_init(av[0], options.log_level == -1 ? SYSLOG_LEVEL_INFO : options.log_level,
+	    SYSLOG_FACILITY_USER, 1);
 
 	/* Read per-user configuration file. */
 	snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, _PATH_SSH_USER_CONFFILE);
@@ -582,7 +594,9 @@ main(int ac, char **av)
 	fill_default_options(&options);
 
 	/* reinit */
-	log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 0);
+	log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 1);
+
+	seed_rng();
 
 	if (options.user == NULL)
 		options.user = xstrdup(pw->pw_name);
@@ -601,6 +615,7 @@ main(int ac, char **av)
 		    "originating port will not be trusted.");
 		options.rhosts_authentication = 0;
 	}
+
 	/*
 	 * If using rsh has been selected, exec it now (without trying
 	 * anything else).  Note that we must release privileges first.
@@ -613,7 +628,7 @@ main(int ac, char **av)
 		restore_uid();
 
 		/* Switch to the original uid permanently. */
-		permanently_set_uid(original_real_uid);
+		permanently_set_uid(pw);
 
 		/* Execute rsh. */
 		rsh_connect(host, options.user, &command);
@@ -627,8 +642,7 @@ main(int ac, char **av)
 	ok = ssh_connect(host, &hostaddr, options.port,
 	    options.connection_attempts,
 	    original_effective_uid != 0 || !options.use_privileged_port,
-	    original_real_uid,
-	    options.proxy_command);
+	    pw, options.proxy_command);
 
 	/*
 	 * If we successfully made the connection, load the host private key
@@ -636,13 +650,18 @@ main(int ac, char **av)
 	 * authentication. This must be done before releasing extra
 	 * privileges, because the file is only readable by root.
 	 */
-	if (ok && (options.protocol & SSH_PROTO_1)) {
-		Key k;
-		host_private_key = RSA_new();
-		k.type = KEY_RSA1;
-		k.rsa = host_private_key;
-		if (load_private_key(_PATH_HOST_KEY_FILE, "", &k, NULL))
-			host_private_key_loaded = 1;
+	sensitive_data.nkeys = 0;
+	sensitive_data.keys = NULL;
+	if (ok && (options.rhosts_rsa_authentication ||
+	    options.hostbased_authentication)) {
+		sensitive_data.nkeys = 3;
+		sensitive_data.keys = xmalloc(sensitive_data.nkeys*sizeof(Key));
+		sensitive_data.keys[0] = key_load_private_type(KEY_RSA1,
+		    _PATH_HOST_KEY_FILE, "", NULL);
+		sensitive_data.keys[1] = key_load_private_type(KEY_DSA,
+		    _PATH_HOST_DSA_KEY_FILE, "", NULL);
+		sensitive_data.keys[2] = key_load_private_type(KEY_RSA,
+		    _PATH_HOST_RSA_KEY_FILE, "", NULL);
 	}
 	/*
 	 * Get rid of any extra privileges that we may have.  We will no
@@ -659,7 +678,7 @@ main(int ac, char **av)
 	 * process, read the private hostkey and impersonate the host.
 	 * OpenBSD does not allow ptracing of setuid processes.
 	 */
-	permanently_set_uid(original_real_uid);
+	permanently_set_uid(pw);
 
 	/*
 	 * Now that we are back to our own permissions, create ~/.ssh
@@ -686,15 +705,11 @@ main(int ac, char **av)
 		}
 		exit(1);
 	}
-	/* Expand ~ in options.identity_files, known host file names. */
-	/* XXX mem-leaks */
-	for (i = 0; i < options.num_identity_files; i++) {
-		options.identity_files[i] =
-		    tilde_expand_filename(options.identity_files[i], original_real_uid);
-		options.identity_files_type[i] = guess_identity_file_type(options.identity_files[i]);
-		debug("identity file %s type %d", options.identity_files[i],
-		    options.identity_files_type[i]);
-	}
+	/* load options.identity_files */
+	load_public_identity_files();
+
+	/* Expand ~ in known host file names. */
+	/* XXX mem-leaks: */
 	options.system_hostfile =
 	    tilde_expand_filename(options.system_hostfile, original_real_uid);
 	options.user_hostfile =
@@ -705,12 +720,21 @@ main(int ac, char **av)
 	    tilde_expand_filename(options.user_hostfile2, original_real_uid);
 
 	/* Log into the remote system.  This never returns if the login fails. */
-	ssh_login(host_private_key_loaded, host_private_key,
-		  host, (struct sockaddr *)&hostaddr, original_real_uid);
-
-	/* We no longer need the host private key.  Clear it now. */
-	if (host_private_key_loaded)
-		RSA_free(host_private_key);	/* Destroys contents safely */
+	ssh_login(sensitive_data.keys, sensitive_data.nkeys,
+	    host, (struct sockaddr *)&hostaddr, pw);
+
+	/* We no longer need the private host keys.  Clear them now. */
+	if (sensitive_data.nkeys != 0) {
+		for (i = 0; i < sensitive_data.nkeys; i++) {
+			if (sensitive_data.keys[i] != NULL) {
+				/* Destroys contents safely */
+				debug3("clear hostkey %d", i);
+				key_free(sensitive_data.keys[i]);
+				sensitive_data.keys[i] = NULL;
+			}
+		}
+		xfree(sensitive_data.keys);
+	}
 
 	exit_status = compat20 ? ssh_session2() : ssh_session();
 	packet_close();
@@ -856,7 +880,7 @@ ssh_session(void)
 		packet_put_int(ws.ws_ypixel);
 
 		/* Store tty modes in the packet. */
-		tty_make_modes(fileno(stdin));
+		tty_make_modes(fileno(stdin), NULL);
 
 		/* Send the packet, and wait for it to leave. */
 		packet_send();
@@ -947,7 +971,8 @@ client_subsystem_reply(int type, int plen, void *ctxt)
 
 	id = packet_get_int();
 	len = buffer_len(&command);
-	len = MAX(len, 900);
+	if (len > 900)
+		len = 900;
 	packet_done();
 	if (type == SSH2_MSG_CHANNEL_FAILURE)
 		fatal("Request for subsystem '%.*s' failed on channel %d",
@@ -959,12 +984,10 @@ ssh_session2_callback(int id, void *arg)
 {
 	int len;
 	int interactive = 0;
+	struct termios tio;
 
 	debug("client_init id %d arg %ld", id, (long)arg);
 
-	if (no_shell_flag)
-		goto done;
-
 	if (tty_flag) {
 		struct winsize ws;
 		char *cp;
@@ -981,7 +1004,8 @@ ssh_session2_callback(int id, void *arg)
 		packet_put_int(ws.ws_row);
 		packet_put_int(ws.ws_xpixel);
 		packet_put_int(ws.ws_ypixel);
-		packet_put_cstring("");		/* XXX: encode terminal modes */
+		tio = get_saved_tio();
+		tty_make_modes(/*ignored*/ 0, &tio);
 		packet_send();
 		interactive = 1;
 		/* XXX wait for reply */
@@ -1020,22 +1044,21 @@ ssh_session2_callback(int id, void *arg)
 			debug("Sending command: %.*s", len, buffer_ptr(&command));
 			channel_request_start(id, "exec", 0);
 		}
-		packet_put_string(buffer_ptr(&command), len);
+		packet_put_string(buffer_ptr(&command), buffer_len(&command));
 		packet_send();
 	} else {
 		channel_request(id, "shell", 0);
 	}
 	/* channel_callback(id, SSH2_MSG_OPEN_CONFIGMATION, client_init, 0); */
 
-done:
 	/* register different callback, etc. XXX */
 	packet_set_interactive(interactive);
 }
 
 int
-ssh_session2(void)
+ssh_session2_command(void)
 {
-	int window, packetmax, id;
+	int id, window, packetmax;
 	int in, out, err;
 
 	if (stdin_null_flag) {
@@ -1057,14 +1080,6 @@ ssh_session2(void)
 	if (!isatty(err))
 		set_nonblock(err);
 
-	/* XXX should be pre-session */
-	ssh_init_forwarding();
-
-	/* If requested, let ssh continue in the background. */
-	if (fork_after_authentication_flag)
-		if (daemon(1, 1) < 0)
-			fatal("daemon() failed: %.200s", strerror(errno));
-
 	window = CHAN_SES_WINDOW_DEFAULT;
 	packetmax = CHAN_SES_PACKET_DEFAULT;
 	if (!tty_flag) {
@@ -1076,29 +1091,48 @@ ssh_session2(void)
 	    window, packetmax, CHAN_EXTENDED_WRITE,
 	    xstrdup("client-session"), /*nonblock*/0);
 
+debug("channel_new: %d", id);
+
 	channel_open(id);
 	channel_register_callback(id, SSH2_MSG_CHANNEL_OPEN_CONFIRMATION,
 	     ssh_session2_callback, (void *)0);
 
-	return client_loop(tty_flag, tty_flag ? options.escape_char : -1, id);
+	return id;
 }
 
 int
-guess_identity_file_type(const char *filename)
+ssh_session2(void)
 {
-	struct stat st;
+	int id;
+
+	/* XXX should be pre-session */
+	ssh_init_forwarding();
+
+	id = no_shell_flag ? -1 : ssh_session2_command();
+
+	/* If requested, let ssh continue in the background. */
+	if (fork_after_authentication_flag)
+		if (daemon(1, 1) < 0)
+			fatal("daemon() failed: %.200s", strerror(errno));
+
+	return client_loop(tty_flag, tty_flag ? options.escape_char : -1, id);
+}
+
+void
+load_public_identity_files(void)
+{
+	char *filename;
 	Key *public;
-	int type = KEY_RSA1; /* default */
+	int i;
 
-	if (stat(filename, &st) < 0) {
-		/* ignore this key */
-		return KEY_UNSPEC;
-	}
-	public = key_new(type);
-	if (!load_public_key(filename, public, NULL)) {
-		/* ok, so we will assume this is 'some' key */
-		type = KEY_UNSPEC;
+	for (i = 0; i < options.num_identity_files; i++) {
+		filename = tilde_expand_filename(options.identity_files[i],
+		    original_real_uid);
+		public = key_load_public(filename, NULL);
+		debug("identity file %s type %d", filename,
+		    public ? public->type : -1);
+		xfree(options.identity_files[i]);
+		options.identity_files[i] = filename;
+		options.identity_keys[i] = public;
 	}
-	key_free(public);
-	return type;
 }