version 1.7.2.1, 2013/06/23 06:26:14 |
version 1.7.2.2, 2014/08/19 23:45:25 |
|
|
/* $NetBSD$ */ |
/* $NetBSD$ */ |
/* $OpenBSD: sshconnect.c,v 1.236 2012/09/14 16:51:34 markus Exp $ */ |
/* $OpenBSD: sshconnect.c,v 1.238 2013/05/17 00:13:14 djm Exp $ */ |
/* |
/* |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
Line 83 ssh_proxy_connect(const char *host, u_sh |
|
Line 83 ssh_proxy_connect(const char *host, u_sh |
|
pid_t pid; |
pid_t pid; |
char *shell, strport[NI_MAXSERV]; |
char *shell, strport[NI_MAXSERV]; |
|
|
|
if (!strcmp(proxy_command, "-")) { |
|
packet_set_connection(STDIN_FILENO, STDOUT_FILENO); |
|
packet_set_timeout(options.server_alive_interval, |
|
options.server_alive_count_max); |
|
return 0; |
|
} |
|
|
if ((shell = getenv("SHELL")) == NULL || *shell == '\0') |
if ((shell = getenv("SHELL")) == NULL || *shell == '\0') |
shell = __UNCONST(_PATH_BSHELL); |
shell = __UNCONST(_PATH_BSHELL); |
|
|
Line 99 ssh_proxy_connect(const char *host, u_sh |
|
Line 106 ssh_proxy_connect(const char *host, u_sh |
|
xasprintf(&tmp, "exec %s", proxy_command); |
xasprintf(&tmp, "exec %s", proxy_command); |
command_string = percent_expand(tmp, "h", host, "p", strport, |
command_string = percent_expand(tmp, "h", host, "p", strport, |
"r", options.user, (char *)NULL); |
"r", options.user, (char *)NULL); |
xfree(tmp); |
free(tmp); |
|
|
/* Create pipes for communicating with the proxy. */ |
/* Create pipes for communicating with the proxy. */ |
if (pipe(pin) < 0 || pipe(pout) < 0) |
if (pipe(pin) < 0 || pipe(pout) < 0) |
Line 153 ssh_proxy_connect(const char *host, u_sh |
|
Line 160 ssh_proxy_connect(const char *host, u_sh |
|
close(pout[1]); |
close(pout[1]); |
|
|
/* Free the command name. */ |
/* Free the command name. */ |
xfree(command_string); |
free(command_string); |
|
|
/* Set the connection file descriptors. */ |
/* Set the connection file descriptors. */ |
packet_set_connection(pout[0], pin[1]); |
packet_set_connection(pout[0], pin[1]); |
Line 338 timeout_connect(int sockfd, const struct |
|
Line 345 timeout_connect(int sockfd, const struct |
|
fatal("Bogus return (%d) from select()", rc); |
fatal("Bogus return (%d) from select()", rc); |
} |
} |
|
|
xfree(fdset); |
free(fdset); |
|
|
done: |
done: |
if (result == 0 && *timeoutp > 0) { |
if (result == 0 && *timeoutp > 0) { |
Line 560 ssh_exchange_identification(int timeout_ |
|
Line 567 ssh_exchange_identification(int timeout_ |
|
debug("ssh_exchange_identification: %s", buf); |
debug("ssh_exchange_identification: %s", buf); |
} |
} |
server_version_string = xstrdup(buf); |
server_version_string = xstrdup(buf); |
xfree(fdset); |
free(fdset); |
|
|
/* |
/* |
* Check that the versions match. In future this might accept |
* Check that the versions match. In future this might accept |
Line 636 confirm(const char *prompt) |
|
Line 643 confirm(const char *prompt) |
|
ret = 0; |
ret = 0; |
if (p && strncasecmp(p, "yes", 3) == 0) |
if (p && strncasecmp(p, "yes", 3) == 0) |
ret = 1; |
ret = 1; |
if (p) |
free(p); |
xfree(p); |
|
if (ret != -1) |
if (ret != -1) |
return ret; |
return ret; |
} |
} |
Line 845 check_host_key(char *hostname, struct so |
|
Line 851 check_host_key(char *hostname, struct so |
|
ra = key_fingerprint(host_key, SSH_FP_MD5, |
ra = key_fingerprint(host_key, SSH_FP_MD5, |
SSH_FP_RANDOMART); |
SSH_FP_RANDOMART); |
logit("Host key fingerprint is %s\n%s\n", fp, ra); |
logit("Host key fingerprint is %s\n%s\n", fp, ra); |
xfree(ra); |
free(ra); |
xfree(fp); |
free(fp); |
} |
} |
break; |
break; |
case HOST_NEW: |
case HOST_NEW: |
Line 906 check_host_key(char *hostname, struct so |
|
Line 912 check_host_key(char *hostname, struct so |
|
options.visual_host_key ? "\n" : "", |
options.visual_host_key ? "\n" : "", |
options.visual_host_key ? ra : "", |
options.visual_host_key ? ra : "", |
msg2); |
msg2); |
xfree(ra); |
free(ra); |
xfree(fp); |
free(fp); |
if (!confirm(msg)) |
if (!confirm(msg)) |
goto fail; |
goto fail; |
} |
} |
Line 1108 check_host_key(char *hostname, struct so |
|
Line 1114 check_host_key(char *hostname, struct so |
|
} |
} |
} |
} |
|
|
xfree(ip); |
free(ip); |
xfree(host); |
free(host); |
if (host_hostkeys != NULL) |
if (host_hostkeys != NULL) |
free_hostkeys(host_hostkeys); |
free_hostkeys(host_hostkeys); |
if (ip_hostkeys != NULL) |
if (ip_hostkeys != NULL) |
|
|
} |
} |
if (raw_key != NULL) |
if (raw_key != NULL) |
key_free(raw_key); |
key_free(raw_key); |
xfree(ip); |
free(ip); |
xfree(host); |
free(host); |
if (host_hostkeys != NULL) |
if (host_hostkeys != NULL) |
free_hostkeys(host_hostkeys); |
free_hostkeys(host_hostkeys); |
if (ip_hostkeys != NULL) |
if (ip_hostkeys != NULL) |
Line 1149 verify_host_key(char *host, struct socka |
|
Line 1155 verify_host_key(char *host, struct socka |
|
|
|
fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); |
fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); |
debug("Server host key: %s %s", key_type(host_key), fp); |
debug("Server host key: %s %s", key_type(host_key), fp); |
xfree(fp); |
free(fp); |
|
|
/* XXX certs are not yet supported for DNS */ |
/* XXX certs are not yet supported for DNS */ |
if (!key_is_cert(host_key) && options.verify_host_key_dns && |
if (!key_is_cert(host_key) && options.verify_host_key_dns && |
Line 1214 ssh_login(Sensitive *sensitive, const ch |
|
Line 1220 ssh_login(Sensitive *sensitive, const ch |
|
ssh_kex(host, hostaddr); |
ssh_kex(host, hostaddr); |
ssh_userauth1(local_user, server_user, host, sensitive); |
ssh_userauth1(local_user, server_user, host, sensitive); |
} |
} |
xfree(local_user); |
free(local_user); |
} |
} |
|
|
void |
void |
Line 1232 ssh_put_password(char *password) |
|
Line 1238 ssh_put_password(char *password) |
|
strlcpy(padded, password, size); |
strlcpy(padded, password, size); |
packet_put_string(padded, size); |
packet_put_string(padded, size); |
memset(padded, 0, size); |
memset(padded, 0, size); |
xfree(padded); |
free(padded); |
} |
} |
|
|
/* print all known host keys for a given host, but skip keys of given type */ |
/* print all known host keys for a given host, but skip keys of given type */ |
Line 1259 show_other_keys(struct hostkeys *hostkey |
|
Line 1265 show_other_keys(struct hostkeys *hostkey |
|
key_type(found->key), fp); |
key_type(found->key), fp); |
if (options.visual_host_key) |
if (options.visual_host_key) |
logit("%s", ra); |
logit("%s", ra); |
xfree(ra); |
free(ra); |
xfree(fp); |
free(fp); |
ret = 1; |
ret = 1; |
} |
} |
return ret; |
return ret; |
Line 1283 warn_changed_key(Key *host_key) |
|
Line 1289 warn_changed_key(Key *host_key) |
|
key_type(host_key), fp); |
key_type(host_key), fp); |
error("Please contact your system administrator."); |
error("Please contact your system administrator."); |
|
|
xfree(fp); |
free(fp); |
} |
} |
|
|
/* |
/* |