- djm@cvs.openbsd.org 2001/01/29 05:36:11
[ssh.1 ssh.c]
Allow invocation of sybsystem by commandline (-s); ok markus@
diff --git a/ChangeLog b/ChangeLog
index 9c97a12..0236fd4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,6 +10,9 @@
[rsa.c rsa.h ssh-agent.c sshconnect1.c sshd.c]
handle rsa_private_decrypt failures; helps against the Bleichenbacher
pkcs#1 attack
+ - djm@cvs.openbsd.org 2001/01/29 05:36:11
+ [ssh.1 ssh.c]
+ Allow invocation of sybsystem by commandline (-s); ok markus@
20000129
- (stevesk) sftp-server.c: use %lld vs. %qd
diff --git a/ssh.1 b/ssh.1
index 34f9498..6f10436 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh.1,v 1.79 2001/01/28 20:36:16 stevesk Exp $
+.\" $OpenBSD: ssh.1,v 1.80 2001/01/29 12:36:10 djm Exp $
.Dd September 25, 1999
.Dt SSH 1
.Os
@@ -48,7 +48,7 @@
.Op Ar command
.Pp
.Nm ssh
-.Op Fl afgknqtvxACNPTX246
+.Op Fl afgknqstvxACNPTX246
.Op Fl c Ar cipher_spec
.Op Fl e Ar escape_char
.Op Fl i Ar identity_file
@@ -470,6 +470,10 @@
Quiet mode.
Causes all warning and diagnostic messages to be suppressed.
Only fatal errors are displayed.
+.It Fl s
+May be used to request invocation of a subsystem on the remote system. Subsystems are a feature of the SSH2 protocol which facilitate the use
+of SSH as a secure transport for other application (eg. sftp). The
+subsystem is specified as the remote command.
.It Fl t
Force pseudo-tty allocation.
This can be used to execute arbitrary
diff --git a/ssh.c b/ssh.c
index 9f9055a..9eb4096 100644
--- a/ssh.c
+++ b/ssh.c
@@ -39,7 +39,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.84 2001/01/21 19:05:58 markus Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.85 2001/01/29 12:36:10 djm Exp $");
#include <openssl/evp.h>
#include <openssl/err.h>
@@ -139,6 +139,9 @@
/* command to be executed */
Buffer command;
+/* Should we execute a command or invoke a subsystem? */
+int subsystem_flag = 0;
+
/* Prints a help message to the user. This function never returns. */
void
@@ -181,6 +184,7 @@
fprintf(stderr, " -6 Use IPv6 only.\n");
fprintf(stderr, " -2 Force protocol version 2.\n");
fprintf(stderr, " -o 'option' Process the option as if it was read from a configuration file.\n");
+ fprintf(stderr, " -s Invoke command (mandatory) as SSH2 subsystem.\n");
exit(1);
}
@@ -484,6 +488,9 @@
"command-line", 0, &dummy) != 0)
exit(1);
break;
+ case 's':
+ subsystem_flag = 1;
+ break;
default:
usage();
}
@@ -507,6 +514,10 @@
if (optind == ac) {
/* No command specified - execute shell on a tty. */
tty_flag = 1;
+ if (subsystem_flag) {
+ fprintf(stderr, "You must specify a subsystem to invoke.");
+ usage();
+ }
} else {
/* A command has been specified. Store it into the
buffer. */
@@ -978,8 +989,13 @@
if (len > 0) {
if (len > 900)
len = 900;
- debug("Sending command: %.*s", len, buffer_ptr(&command));
- channel_request_start(id, "exec", 0);
+ if (subsystem_flag) {
+ debug("Sending subsystem: %.*s", len, buffer_ptr(&command));
+ channel_request_start(id, "subsystem", 0);
+ } else {
+ debug("Sending command: %.*s", len, buffer_ptr(&command));
+ channel_request_start(id, "exec", 0);
+ }
packet_put_string(buffer_ptr(&command), len);
packet_send();
} else {