blob: da390c12db429c7eed60364f7b8a210a5871bcf7 [file] [log] [blame]
Damien Millerd4a8b7e1999-10-27 13:42:43 +10001/*
Damien Miller95def091999-11-25 00:26:21 +11002 * Author: Tatu Ylonen <ylo@cs.hut.fi>
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved
Damien Miller95def091999-11-25 00:26:21 +11005 * Ssh client program. This program can be used to log into a remote machine.
6 * The software supports strong authentication, encryption, and forwarding
7 * of X11, TCP/IP, and authentication connections.
8 *
Damien Millere4340be2000-09-16 13:29:08 +11009 * As far as I am concerned, the code I have written for this software
10 * can be used freely for any purpose. Any derived versions of this
11 * software must be clearly marked as such, and if the derived work is
12 * incompatible with the protocol description in the RFC file, it must be
13 * called by a name other than "ssh" or "Secure Shell".
14 *
15 * Copyright (c) 1999 Niels Provos. All rights reserved.
Darren Tucker0a118da2003-10-15 15:54:32 +100016 * Copyright (c) 2000, 2001, 2002, 2003 Markus Friedl. All rights reserved.
Damien Millere4340be2000-09-16 13:29:08 +110017 *
18 * Modified to work with SSL by Niels Provos <provos@citi.umich.edu>
19 * in Canada (German citizen).
20 *
21 * Redistribution and use in source and binary forms, with or without
22 * modification, are permitted provided that the following conditions
23 * are met:
24 * 1. Redistributions of source code must retain the above copyright
25 * notice, this list of conditions and the following disclaimer.
26 * 2. Redistributions in binary form must reproduce the above copyright
27 * notice, this list of conditions and the following disclaimer in the
28 * documentation and/or other materials provided with the distribution.
29 *
30 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
31 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
32 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
33 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
34 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
35 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
36 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
37 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
38 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
39 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Damien Miller95def091999-11-25 00:26:21 +110040 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +100041
42#include "includes.h"
Damien Miller509b0102003-12-17 16:33:10 +110043RCSID("$OpenBSD: ssh.c,v 1.206 2003/12/16 15:49:51 markus Exp $");
Damien Millereba71ba2000-04-29 23:57:08 +100044
45#include <openssl/evp.h>
Damien Miller0bc1bd82000-11-13 22:57:25 +110046#include <openssl/err.h>
Damien Millerd4a8b7e1999-10-27 13:42:43 +100047
Damien Millerd4a8b7e1999-10-27 13:42:43 +100048#include "ssh.h"
Ben Lindstrom226cfa02001-01-22 05:34:40 +000049#include "ssh1.h"
Damien Miller1383bd82000-04-06 12:32:37 +100050#include "ssh2.h"
51#include "compat.h"
Ben Lindstrom226cfa02001-01-22 05:34:40 +000052#include "cipher.h"
53#include "xmalloc.h"
54#include "packet.h"
55#include "buffer.h"
Ben Lindstromc7637672001-06-09 00:36:26 +000056#include "channels.h"
Damien Millereba71ba2000-04-29 23:57:08 +100057#include "key.h"
Damien Miller994cf142000-07-21 10:19:44 +100058#include "authfd.h"
Damien Millereba71ba2000-04-29 23:57:08 +100059#include "authfile.h"
Ben Lindstrom226cfa02001-01-22 05:34:40 +000060#include "pathnames.h"
Ben Lindstrombf555ba2001-01-18 02:04:35 +000061#include "clientloop.h"
Ben Lindstrom226cfa02001-01-22 05:34:40 +000062#include "log.h"
63#include "readconf.h"
64#include "sshconnect.h"
65#include "tildexpand.h"
Ben Lindstrom1e7d3062001-02-09 02:36:43 +000066#include "dispatch.h"
Ben Lindstrom226cfa02001-01-22 05:34:40 +000067#include "misc.h"
Ben Lindstrom06b33aa2001-02-15 03:01:59 +000068#include "kex.h"
69#include "mac.h"
Ben Lindstromae8e2d32001-04-14 23:13:02 +000070#include "sshtty.h"
Damien Millerd4a8b7e1999-10-27 13:42:43 +100071
Ben Lindstromc5b68002001-07-04 04:52:03 +000072#ifdef SMARTCARD
Ben Lindstromc5b68002001-07-04 04:52:03 +000073#include "scard.h"
Ben Lindstrombcc18082001-08-06 21:59:25 +000074#endif
Ben Lindstromc5b68002001-07-04 04:52:03 +000075
Damien Miller3f905871999-11-15 17:10:57 +110076#ifdef HAVE___PROGNAME
77extern char *__progname;
Ben Lindstrom49a79c02000-11-17 03:47:20 +000078#else
79char *__progname;
80#endif
Damien Miller3f905871999-11-15 17:10:57 +110081
Damien Miller95def091999-11-25 00:26:21 +110082/* Flag indicating whether debug mode is on. This can be set on the command line. */
Damien Millerd4a8b7e1999-10-27 13:42:43 +100083int debug_flag = 0;
84
Damien Miller78928792000-04-12 20:17:38 +100085/* Flag indicating whether a tty should be allocated */
Damien Millerd4a8b7e1999-10-27 13:42:43 +100086int tty_flag = 0;
Ben Lindstrom4dccfa52000-12-28 16:40:05 +000087int no_tty_flag = 0;
88int force_tty_flag = 0;
Damien Millerd4a8b7e1999-10-27 13:42:43 +100089
Damien Miller1383bd82000-04-06 12:32:37 +100090/* don't exec a shell */
91int no_shell_flag = 0;
Damien Miller1383bd82000-04-06 12:32:37 +100092
Damien Miller5428f641999-11-25 11:54:57 +110093/*
94 * Flag indicating that nothing should be read from stdin. This can be set
95 * on the command line.
96 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +100097int stdin_null_flag = 0;
98
Damien Miller5428f641999-11-25 11:54:57 +110099/*
100 * Flag indicating that ssh should fork after authentication. This is useful
Ben Lindstromf666fec2002-06-06 19:51:58 +0000101 * so that the passphrase can be entered manually, and then ssh goes to the
Damien Miller5428f641999-11-25 11:54:57 +1100102 * background.
103 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000104int fork_after_authentication_flag = 0;
105
Damien Miller5428f641999-11-25 11:54:57 +1100106/*
107 * General data structure for command line options and options configurable
108 * in configuration files. See readconf.h.
109 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000110Options options;
111
Ben Lindstrom14f31ab2001-09-12 17:48:04 +0000112/* optional user configfile */
113char *config = NULL;
114
Damien Miller5428f641999-11-25 11:54:57 +1100115/*
116 * Name of the host we are connecting to. This is the name given on the
117 * command line, or the HostName specified for the user-supplied name in a
118 * configuration file.
119 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000120char *host;
121
122/* socket address the host resolves to */
Damien Miller34132e52000-01-14 15:45:46 +1100123struct sockaddr_storage hostaddr;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000124
Ben Lindstrom5eabda32001-04-12 23:34:34 +0000125/* Private host keys. */
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000126Sensitive sensitive_data;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000127
128/* Original real UID. */
129uid_t original_real_uid;
Ben Lindstromf9c48842002-06-11 16:37:51 +0000130uid_t original_effective_uid;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000131
Damien Miller1383bd82000-04-06 12:32:37 +1000132/* command to be executed */
133Buffer command;
134
Damien Miller832562e2001-01-30 09:30:01 +1100135/* Should we execute a command or invoke a subsystem? */
136int subsystem_flag = 0;
137
Damien Miller2797f7f2002-04-23 21:09:44 +1000138/* # of replies received for global requests */
139static int client_global_request_id = 0;
140
Damien Miller8c4e18a2002-09-19 12:05:02 +1000141/* pid of proxycommand child process */
142pid_t proxy_command_pid = 0;
143
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000144/* Prints a help message to the user. This function never returns. */
145
Ben Lindstrombba81212001-06-25 05:01:22 +0000146static void
Ben Lindstrom31ca54a2001-02-09 02:11:24 +0000147usage(void)
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000148{
Kevin Stevesec84dc12000-12-13 17:45:15 +0000149 fprintf(stderr, "Usage: %s [options] host [command]\n", __progname);
Damien Miller95def091999-11-25 00:26:21 +1100150 fprintf(stderr, "Options:\n");
151 fprintf(stderr, " -l user Log in using this user name.\n");
Ben Lindstrom31ca54a2001-02-09 02:11:24 +0000152 fprintf(stderr, " -n Redirect input from " _PATH_DEVNULL ".\n");
Ben Lindstrom14f31ab2001-09-12 17:48:04 +0000153 fprintf(stderr, " -F config Config file (default: ~/%s).\n",
154 _PATH_SSH_USER_CONFFILE);
Damien Millerb1715dc2000-05-30 13:44:51 +1000155 fprintf(stderr, " -A Enable authentication agent forwarding.\n");
Ben Lindstrom3b89c5e2001-06-05 20:44:16 +0000156 fprintf(stderr, " -a Disable authentication agent forwarding (default).\n");
Kevin Stevesef4eea92001-02-05 12:42:17 +0000157 fprintf(stderr, " -X Enable X11 connection forwarding.\n");
Darren Tucker0a118da2003-10-15 15:54:32 +1000158 fprintf(stderr, " -Y Enable trusted X11 connection forwarding.\n");
Ben Lindstrom3b89c5e2001-06-05 20:44:16 +0000159 fprintf(stderr, " -x Disable X11 connection forwarding (default).\n");
Ben Lindstrom0ab2a012001-03-05 06:45:21 +0000160 fprintf(stderr, " -i file Identity for public key authentication "
161 "(default: ~/.ssh/identity)\n");
Ben Lindstrom61eb9562001-08-06 21:53:42 +0000162#ifdef SMARTCARD
163 fprintf(stderr, " -I reader Set smartcard reader.\n");
Ben Lindstrombcc18082001-08-06 21:59:25 +0000164#endif
Damien Miller95def091999-11-25 00:26:21 +1100165 fprintf(stderr, " -t Tty; allocate a tty even if command is given.\n");
Damien Miller1383bd82000-04-06 12:32:37 +1000166 fprintf(stderr, " -T Do not allocate a tty.\n");
Damien Miller95def091999-11-25 00:26:21 +1100167 fprintf(stderr, " -v Verbose; display verbose debugging messages.\n");
Damien Millere4340be2000-09-16 13:29:08 +1100168 fprintf(stderr, " Multiple -v increases verbosity.\n");
Damien Miller95def091999-11-25 00:26:21 +1100169 fprintf(stderr, " -V Display version number only.\n");
Damien Miller95def091999-11-25 00:26:21 +1100170 fprintf(stderr, " -q Quiet; don't display any warning messages.\n");
171 fprintf(stderr, " -f Fork into background after authentication.\n");
172 fprintf(stderr, " -e char Set escape character; ``none'' = disable (default: ~).\n");
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000173
Ben Lindstrom3b89c5e2001-06-05 20:44:16 +0000174 fprintf(stderr, " -c cipher Select encryption algorithm\n");
Ben Lindstrom3d73a342001-03-05 07:39:01 +0000175 fprintf(stderr, " -m macs Specify MAC algorithms for protocol version 2.\n");
Damien Miller95def091999-11-25 00:26:21 +1100176 fprintf(stderr, " -p port Connect to this port. Server must be on the same port.\n");
177 fprintf(stderr, " -L listen-port:host:port Forward local port to remote address\n");
178 fprintf(stderr, " -R listen-port:host:port Forward remote port to local address\n");
Kevin Stevesec84dc12000-12-13 17:45:15 +0000179 fprintf(stderr, " These cause %s to listen for connections on a port, and\n", __progname);
Damien Miller95def091999-11-25 00:26:21 +1100180 fprintf(stderr, " forward them to the other side by connecting to host:port.\n");
Ben Lindstrom19ceb172001-09-12 17:54:24 +0000181 fprintf(stderr, " -D port Enable dynamic application-level port forwarding.\n");
Damien Miller95def091999-11-25 00:26:21 +1100182 fprintf(stderr, " -C Enable compression.\n");
Damien Miller1383bd82000-04-06 12:32:37 +1000183 fprintf(stderr, " -N Do not execute a shell or command.\n");
Damien Miller95def091999-11-25 00:26:21 +1100184 fprintf(stderr, " -g Allow remote hosts to connect to forwarded ports.\n");
Ben Lindstrom1e7d3062001-02-09 02:36:43 +0000185 fprintf(stderr, " -1 Force protocol version 1.\n");
186 fprintf(stderr, " -2 Force protocol version 2.\n");
Damien Miller34132e52000-01-14 15:45:46 +1100187 fprintf(stderr, " -4 Use IPv4 only.\n");
188 fprintf(stderr, " -6 Use IPv6 only.\n");
Damien Miller95def091999-11-25 00:26:21 +1100189 fprintf(stderr, " -o 'option' Process the option as if it was read from a configuration file.\n");
Damien Miller832562e2001-01-30 09:30:01 +1100190 fprintf(stderr, " -s Invoke command (mandatory) as SSH2 subsystem.\n");
Ben Lindstrom3b89c5e2001-06-05 20:44:16 +0000191 fprintf(stderr, " -b addr Local IP address.\n");
Damien Miller95def091999-11-25 00:26:21 +1100192 exit(1);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000193}
194
Ben Lindstrombba81212001-06-25 05:01:22 +0000195static int ssh_session(void);
196static int ssh_session2(void);
197static void load_public_identity_files(void);
Damien Miller1383bd82000-04-06 12:32:37 +1000198
Damien Miller95def091999-11-25 00:26:21 +1100199/*
200 * Main program for the ssh client.
201 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000202int
203main(int ac, char **av)
204{
Ben Lindstrom24157572002-06-12 16:09:39 +0000205 int i, opt, exit_status;
Damien Milleraae6c611999-12-06 11:47:28 +1100206 u_short fwd_port, fwd_host_port;
Ben Lindstrom1a174712001-09-12 17:56:15 +0000207 char sfwd_port[6], sfwd_host_port[6];
Damien Miller9836cf82003-12-17 16:30:06 +1100208 char *p, *cp, *line, buf[256];
Damien Miller95def091999-11-25 00:26:21 +1100209 struct stat st;
Ben Lindstrom086cf212001-03-05 05:56:40 +0000210 struct passwd *pw;
Damien Miller1383bd82000-04-06 12:32:37 +1000211 int dummy;
Ben Lindstrom5ccf63a2001-09-24 20:00:10 +0000212 extern int optind, optreset;
Damien Miller4f8e6692001-07-14 13:22:53 +1000213 extern char *optarg;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000214
Damien Miller59d3d5b2003-08-22 09:34:41 +1000215 __progname = ssh_get_progname(av[0]);
Damien Millerf9b625c2000-07-09 22:42:32 +1000216 init_rng();
217
Damien Miller5428f641999-11-25 11:54:57 +1100218 /*
219 * Save the original real uid. It will be needed later (uid-swapping
220 * may clobber the real uid).
221 */
Damien Miller95def091999-11-25 00:26:21 +1100222 original_real_uid = getuid();
223 original_effective_uid = geteuid();
Damien Millera8e06ce2003-11-21 23:48:55 +1100224
Damien Miller50b9a602002-09-04 16:50:06 +1000225 /*
226 * Use uid-swapping to give up root privileges for the duration of
227 * option processing. We will re-instantiate the rights when we are
228 * ready to create the privileged port, and will permanently drop
229 * them when the port has been created (actually, when the connection
230 * has been made, as we may need to create the port several times).
231 */
232 PRIV_END;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000233
Damien Miller05dd7952000-10-01 00:42:48 +1100234#ifdef HAVE_SETRLIMIT
Damien Miller95def091999-11-25 00:26:21 +1100235 /* If we are installed setuid root be careful to not drop core. */
236 if (original_real_uid != original_effective_uid) {
237 struct rlimit rlim;
238 rlim.rlim_cur = rlim.rlim_max = 0;
239 if (setrlimit(RLIMIT_CORE, &rlim) < 0)
240 fatal("setrlimit failed: %.100s", strerror(errno));
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000241 }
Damien Millerbac2d8a2000-09-05 16:13:06 +1100242#endif
Ben Lindstrom3fcf1a22001-04-08 18:26:59 +0000243 /* Get user data. */
244 pw = getpwuid(original_real_uid);
245 if (!pw) {
Damien Miller996acd22003-04-09 20:59:48 +1000246 logit("You don't exist, go away!");
Ben Lindstrom3fcf1a22001-04-08 18:26:59 +0000247 exit(1);
248 }
249 /* Take a copy of the returned structure. */
250 pw = pwcopy(pw);
251
Damien Miller5428f641999-11-25 11:54:57 +1100252 /*
Damien Miller5428f641999-11-25 11:54:57 +1100253 * Set our umask to something reasonable, as some files are created
254 * with the default umask. This will make them world-readable but
255 * writable only by the owner, which is ok for all files for which we
256 * don't set the modes explicitly.
257 */
Damien Miller95def091999-11-25 00:26:21 +1100258 umask(022);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000259
Damien Miller95def091999-11-25 00:26:21 +1100260 /* Initialize option structure to indicate that no values have been set. */
261 initialize_options(&options);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000262
Damien Miller95def091999-11-25 00:26:21 +1100263 /* Parse command-line arguments. */
264 host = NULL;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000265
Damien Millerf4614452001-07-14 12:18:10 +1000266again:
267 while ((opt = getopt(ac, av,
Darren Tucker0a118da2003-10-15 15:54:32 +1000268 "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:NPR:TVXY")) != -1) {
Damien Miller95def091999-11-25 00:26:21 +1100269 switch (opt) {
Ben Lindstrom1e7d3062001-02-09 02:36:43 +0000270 case '1':
271 options.protocol = SSH_PROTO_1;
272 break;
Damien Miller4af51302000-04-16 11:18:38 +1000273 case '2':
274 options.protocol = SSH_PROTO_2;
275 break;
Damien Miller34132e52000-01-14 15:45:46 +1100276 case '4':
Darren Tucker0a4f04b2003-07-03 20:37:47 +1000277 options.address_family = AF_INET;
Damien Miller34132e52000-01-14 15:45:46 +1100278 break;
Damien Miller34132e52000-01-14 15:45:46 +1100279 case '6':
Darren Tucker0a4f04b2003-07-03 20:37:47 +1000280 options.address_family = AF_INET6;
Damien Miller34132e52000-01-14 15:45:46 +1100281 break;
Damien Miller95def091999-11-25 00:26:21 +1100282 case 'n':
283 stdin_null_flag = 1;
284 break;
Damien Miller95def091999-11-25 00:26:21 +1100285 case 'f':
286 fork_after_authentication_flag = 1;
287 stdin_null_flag = 1;
288 break;
Damien Miller95def091999-11-25 00:26:21 +1100289 case 'x':
290 options.forward_x11 = 0;
291 break;
Damien Miller95def091999-11-25 00:26:21 +1100292 case 'X':
293 options.forward_x11 = 1;
294 break;
Darren Tucker0a118da2003-10-15 15:54:32 +1000295 case 'Y':
296 options.forward_x11 = 1;
297 options.forward_x11_trusted = 1;
298 break;
Damien Miller95def091999-11-25 00:26:21 +1100299 case 'g':
300 options.gateway_ports = 1;
301 break;
Damien Miller147bba32002-09-04 16:46:06 +1000302 case 'P': /* deprecated */
Damien Miller95def091999-11-25 00:26:21 +1100303 options.use_privileged_port = 0;
304 break;
Damien Miller95def091999-11-25 00:26:21 +1100305 case 'a':
306 options.forward_agent = 0;
307 break;
Damien Millerb1715dc2000-05-30 13:44:51 +1000308 case 'A':
309 options.forward_agent = 1;
310 break;
Damien Miller95def091999-11-25 00:26:21 +1100311 case 'k':
Damien Millere0113cc2003-11-24 13:10:09 +1100312 options.gss_deleg_creds = 0;
Damien Miller95def091999-11-25 00:26:21 +1100313 break;
Damien Miller95def091999-11-25 00:26:21 +1100314 case 'i':
315 if (stat(optarg, &st) < 0) {
Damien Millerf4614452001-07-14 12:18:10 +1000316 fprintf(stderr, "Warning: Identity file %s "
317 "does not exist.\n", optarg);
Damien Miller95def091999-11-25 00:26:21 +1100318 break;
319 }
Damien Millerf4614452001-07-14 12:18:10 +1000320 if (options.num_identity_files >=
321 SSH_MAX_IDENTITY_FILES)
322 fatal("Too many identity files specified "
323 "(max %d)", SSH_MAX_IDENTITY_FILES);
324 options.identity_files[options.num_identity_files++] =
325 xstrdup(optarg);
Damien Miller95def091999-11-25 00:26:21 +1100326 break;
Ben Lindstromc5b68002001-07-04 04:52:03 +0000327 case 'I':
328#ifdef SMARTCARD
Ben Lindstromf7db3bb2001-08-06 21:35:51 +0000329 options.smartcard_device = xstrdup(optarg);
Ben Lindstrombcc18082001-08-06 21:59:25 +0000330#else
Ben Lindstromc5b68002001-07-04 04:52:03 +0000331 fprintf(stderr, "no support for smartcards.\n");
Ben Lindstrombcc18082001-08-06 21:59:25 +0000332#endif
Ben Lindstromc5b68002001-07-04 04:52:03 +0000333 break;
Damien Miller95def091999-11-25 00:26:21 +1100334 case 't':
Ben Lindstrom4dccfa52000-12-28 16:40:05 +0000335 if (tty_flag)
336 force_tty_flag = 1;
Damien Miller95def091999-11-25 00:26:21 +1100337 tty_flag = 1;
338 break;
Damien Miller95def091999-11-25 00:26:21 +1100339 case 'v':
Darren Tuckere98dfa32003-07-19 19:54:31 +1000340 if (debug_flag == 0) {
Damien Millere4340be2000-09-16 13:29:08 +1100341 debug_flag = 1;
342 options.log_level = SYSLOG_LEVEL_DEBUG1;
Darren Tuckere98dfa32003-07-19 19:54:31 +1000343 } else {
344 if (options.log_level < SYSLOG_LEVEL_DEBUG3)
345 options.log_level++;
Damien Millere4340be2000-09-16 13:29:08 +1100346 break;
Darren Tuckere98dfa32003-07-19 19:54:31 +1000347 }
Damien Millere4340be2000-09-16 13:29:08 +1100348 /* fallthrough */
Damien Miller95def091999-11-25 00:26:21 +1100349 case 'V':
Damien Miller225736c2001-02-19 21:51:08 +1100350 fprintf(stderr,
Damien Miller6e80c362003-05-16 11:38:00 +1000351 "%s, SSH protocols %d.%d/%d.%d, %s\n",
Damien Miller78928792000-04-12 20:17:38 +1000352 SSH_VERSION,
353 PROTOCOL_MAJOR_1, PROTOCOL_MINOR_1,
Damien Miller225736c2001-02-19 21:51:08 +1100354 PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2,
Damien Miller6e80c362003-05-16 11:38:00 +1000355 SSLeay_version(SSLEAY_VERSION));
Damien Miller95def091999-11-25 00:26:21 +1100356 if (opt == 'V')
357 exit(0);
Damien Miller95def091999-11-25 00:26:21 +1100358 break;
Damien Miller95def091999-11-25 00:26:21 +1100359 case 'q':
360 options.log_level = SYSLOG_LEVEL_QUIET;
361 break;
Damien Miller95def091999-11-25 00:26:21 +1100362 case 'e':
363 if (optarg[0] == '^' && optarg[2] == 0 &&
Damien Millerf4614452001-07-14 12:18:10 +1000364 (u_char) optarg[1] >= 64 &&
365 (u_char) optarg[1] < 128)
Ben Lindstrom46c16222000-12-22 01:43:59 +0000366 options.escape_char = (u_char) optarg[1] & 31;
Damien Miller95def091999-11-25 00:26:21 +1100367 else if (strlen(optarg) == 1)
Ben Lindstrom46c16222000-12-22 01:43:59 +0000368 options.escape_char = (u_char) optarg[0];
Damien Miller95def091999-11-25 00:26:21 +1100369 else if (strcmp(optarg, "none") == 0)
Ben Lindstrom2b1f71b2001-06-05 20:32:21 +0000370 options.escape_char = SSH_ESCAPECHAR_NONE;
Damien Miller95def091999-11-25 00:26:21 +1100371 else {
Damien Millerf4614452001-07-14 12:18:10 +1000372 fprintf(stderr, "Bad escape character '%s'.\n",
373 optarg);
Damien Miller95def091999-11-25 00:26:21 +1100374 exit(1);
375 }
376 break;
Damien Miller95def091999-11-25 00:26:21 +1100377 case 'c':
Damien Millereba71ba2000-04-29 23:57:08 +1000378 if (ciphers_valid(optarg)) {
379 /* SSH2 only */
380 options.ciphers = xstrdup(optarg);
Damien Miller30c3d422000-05-09 11:02:59 +1000381 options.cipher = SSH_CIPHER_ILLEGAL;
Damien Millereba71ba2000-04-29 23:57:08 +1000382 } else {
383 /* SSH1 only */
Damien Millere39cacc2000-11-29 12:18:44 +1100384 options.cipher = cipher_number(optarg);
385 if (options.cipher == -1) {
Damien Millerf4614452001-07-14 12:18:10 +1000386 fprintf(stderr,
387 "Unknown cipher type '%s'\n",
388 optarg);
Damien Millereba71ba2000-04-29 23:57:08 +1000389 exit(1);
390 }
Damien Millerf4614452001-07-14 12:18:10 +1000391 if (options.cipher == SSH_CIPHER_3DES)
Damien Millere39cacc2000-11-29 12:18:44 +1100392 options.ciphers = "3des-cbc";
Damien Millerf4614452001-07-14 12:18:10 +1000393 else if (options.cipher == SSH_CIPHER_BLOWFISH)
Damien Millere39cacc2000-11-29 12:18:44 +1100394 options.ciphers = "blowfish-cbc";
Damien Millerf4614452001-07-14 12:18:10 +1000395 else
Damien Millere39cacc2000-11-29 12:18:44 +1100396 options.ciphers = (char *)-1;
Damien Miller95def091999-11-25 00:26:21 +1100397 }
398 break;
Ben Lindstrom06b33aa2001-02-15 03:01:59 +0000399 case 'm':
400 if (mac_valid(optarg))
401 options.macs = xstrdup(optarg);
402 else {
Damien Millerf4614452001-07-14 12:18:10 +1000403 fprintf(stderr, "Unknown mac type '%s'\n",
404 optarg);
Ben Lindstrom06b33aa2001-02-15 03:01:59 +0000405 exit(1);
406 }
407 break;
Damien Miller95def091999-11-25 00:26:21 +1100408 case 'p':
Ben Lindstrom19066a12001-04-12 23:39:26 +0000409 options.port = a2port(optarg);
410 if (options.port == 0) {
Ben Lindstrom146edb92001-04-11 23:06:28 +0000411 fprintf(stderr, "Bad port '%s'\n", optarg);
412 exit(1);
413 }
Damien Miller95def091999-11-25 00:26:21 +1100414 break;
Damien Miller95def091999-11-25 00:26:21 +1100415 case 'l':
416 options.user = optarg;
417 break;
Ben Lindstrom1a174712001-09-12 17:56:15 +0000418
Damien Miller95def091999-11-25 00:26:21 +1100419 case 'L':
Ben Lindstrom1a174712001-09-12 17:56:15 +0000420 case 'R':
Damien Miller1ea71662003-05-14 22:33:58 +1000421 if (sscanf(optarg, "%5[0123456789]:%255[^:]:%5[0123456789]",
Ben Lindstrom1a174712001-09-12 17:56:15 +0000422 sfwd_port, buf, sfwd_host_port) != 3 &&
Damien Miller1ea71662003-05-14 22:33:58 +1000423 sscanf(optarg, "%5[0123456789]/%255[^/]/%5[0123456789]",
Ben Lindstrom1a174712001-09-12 17:56:15 +0000424 sfwd_port, buf, sfwd_host_port) != 3) {
Damien Millerf4614452001-07-14 12:18:10 +1000425 fprintf(stderr,
Ben Lindstrom1a174712001-09-12 17:56:15 +0000426 "Bad forwarding specification '%s'\n",
Damien Millerf4614452001-07-14 12:18:10 +1000427 optarg);
Damien Miller95def091999-11-25 00:26:21 +1100428 usage();
429 /* NOTREACHED */
430 }
Ben Lindstrom1a174712001-09-12 17:56:15 +0000431 if ((fwd_port = a2port(sfwd_port)) == 0 ||
Ben Lindstrom6328ab32002-03-22 02:54:23 +0000432 (fwd_host_port = a2port(sfwd_host_port)) == 0) {
Ben Lindstrom1a174712001-09-12 17:56:15 +0000433 fprintf(stderr,
434 "Bad forwarding port(s) '%s'\n", optarg);
435 exit(1);
436 }
437 if (opt == 'L')
438 add_local_forward(&options, fwd_port, buf,
439 fwd_host_port);
440 else if (opt == 'R')
441 add_remote_forward(&options, fwd_port, buf,
Damien Miller9f0f5c62001-12-21 14:45:46 +1100442 fwd_host_port);
Damien Miller95def091999-11-25 00:26:21 +1100443 break;
Ben Lindstrom3bb4f9d2001-04-08 18:30:26 +0000444
445 case 'D':
Ben Lindstrom19066a12001-04-12 23:39:26 +0000446 fwd_port = a2port(optarg);
447 if (fwd_port == 0) {
Damien Millerf4614452001-07-14 12:18:10 +1000448 fprintf(stderr, "Bad dynamic port '%s'\n",
449 optarg);
Ben Lindstrom146edb92001-04-11 23:06:28 +0000450 exit(1);
451 }
Darren Tucker1c52ee32003-08-13 20:38:36 +1000452 add_local_forward(&options, fwd_port, "socks", 0);
Ben Lindstrom3bb4f9d2001-04-08 18:30:26 +0000453 break;
454
Damien Miller95def091999-11-25 00:26:21 +1100455 case 'C':
456 options.compression = 1;
457 break;
Damien Miller1383bd82000-04-06 12:32:37 +1000458 case 'N':
459 no_shell_flag = 1;
460 no_tty_flag = 1;
461 break;
Damien Miller1383bd82000-04-06 12:32:37 +1000462 case 'T':
463 no_tty_flag = 1;
464 break;
Damien Miller95def091999-11-25 00:26:21 +1100465 case 'o':
466 dummy = 1;
Damien Miller9836cf82003-12-17 16:30:06 +1100467 line = xstrdup(optarg);
Damien Millerf4614452001-07-14 12:18:10 +1000468 if (process_config_line(&options, host ? host : "",
Damien Miller9836cf82003-12-17 16:30:06 +1100469 line, "command-line", 0, &dummy) != 0)
Damien Miller95def091999-11-25 00:26:21 +1100470 exit(1);
Damien Miller9836cf82003-12-17 16:30:06 +1100471 xfree(line);
Damien Miller95def091999-11-25 00:26:21 +1100472 break;
Damien Miller832562e2001-01-30 09:30:01 +1100473 case 's':
474 subsystem_flag = 1;
475 break;
Ben Lindstrome0f88042001-04-30 13:06:24 +0000476 case 'b':
477 options.bind_address = optarg;
478 break;
Ben Lindstrom14f31ab2001-09-12 17:48:04 +0000479 case 'F':
480 config = optarg;
481 break;
Damien Miller95def091999-11-25 00:26:21 +1100482 default:
483 usage();
484 }
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000485 }
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000486
Damien Millerf4614452001-07-14 12:18:10 +1000487 ac -= optind;
488 av += optind;
489
490 if (ac > 0 && !host && **av != '-') {
Ben Lindstromc276c122002-12-23 02:14:51 +0000491 if (strrchr(*av, '@')) {
Damien Millerf4614452001-07-14 12:18:10 +1000492 p = xstrdup(*av);
Ben Lindstromc276c122002-12-23 02:14:51 +0000493 cp = strrchr(p, '@');
Damien Millerf4614452001-07-14 12:18:10 +1000494 if (cp == NULL || cp == p)
495 usage();
496 options.user = p;
497 *cp = '\0';
498 host = ++cp;
499 } else
500 host = *av;
Ben Lindstromb9fa6912002-12-23 02:24:54 +0000501 if (ac > 1) {
502 optind = optreset = 1;
Damien Millerf4614452001-07-14 12:18:10 +1000503 goto again;
504 }
Ben Lindstromb9fa6912002-12-23 02:24:54 +0000505 ac--, av++;
Damien Millerf4614452001-07-14 12:18:10 +1000506 }
507
Damien Miller95def091999-11-25 00:26:21 +1100508 /* Check that we got a host name. */
509 if (!host)
510 usage();
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000511
Damien Millercb5e44a2000-09-29 12:12:36 +1100512 SSLeay_add_all_algorithms();
Damien Miller0bc1bd82000-11-13 22:57:25 +1100513 ERR_load_crypto_strings();
Damien Millercb5e44a2000-09-29 12:12:36 +1100514
Damien Miller95def091999-11-25 00:26:21 +1100515 /* Initialize the command to execute on remote host. */
516 buffer_init(&command);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000517
Damien Miller5428f641999-11-25 11:54:57 +1100518 /*
519 * Save the command to execute on the remote host in a buffer. There
520 * is no limit on the length of the command, except by the maximum
521 * packet size. Also sets the tty flag if there is no command.
522 */
Damien Millerf4614452001-07-14 12:18:10 +1000523 if (!ac) {
Damien Miller95def091999-11-25 00:26:21 +1100524 /* No command specified - execute shell on a tty. */
525 tty_flag = 1;
Damien Miller832562e2001-01-30 09:30:01 +1100526 if (subsystem_flag) {
Damien Millerf4614452001-07-14 12:18:10 +1000527 fprintf(stderr,
528 "You must specify a subsystem to invoke.\n");
Damien Miller832562e2001-01-30 09:30:01 +1100529 usage();
530 }
Damien Miller95def091999-11-25 00:26:21 +1100531 } else {
Damien Millerf4614452001-07-14 12:18:10 +1000532 /* A command has been specified. Store it into the buffer. */
533 for (i = 0; i < ac; i++) {
534 if (i)
Damien Miller95def091999-11-25 00:26:21 +1100535 buffer_append(&command, " ", 1);
536 buffer_append(&command, av[i], strlen(av[i]));
537 }
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000538 }
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000539
Damien Miller95def091999-11-25 00:26:21 +1100540 /* Cannot fork to background if no command. */
Damien Millercaf6dd62000-08-29 11:33:50 +1100541 if (fork_after_authentication_flag && buffer_len(&command) == 0 && !no_shell_flag)
Damien Miller95def091999-11-25 00:26:21 +1100542 fatal("Cannot fork into background without a command to execute.");
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000543
Damien Miller95def091999-11-25 00:26:21 +1100544 /* Allocate a tty by default if no command specified. */
545 if (buffer_len(&command) == 0)
546 tty_flag = 1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000547
Ben Lindstroma962c2f2002-07-04 00:14:17 +0000548 /* Force no tty */
Ben Lindstromc72745a2000-12-02 19:03:54 +0000549 if (no_tty_flag)
550 tty_flag = 0;
Damien Miller95def091999-11-25 00:26:21 +1100551 /* Do not allocate a tty if stdin is not a tty. */
Ben Lindstrom4dccfa52000-12-28 16:40:05 +0000552 if (!isatty(fileno(stdin)) && !force_tty_flag) {
Damien Miller95def091999-11-25 00:26:21 +1100553 if (tty_flag)
Damien Miller996acd22003-04-09 20:59:48 +1000554 logit("Pseudo-terminal will not be allocated because stdin is not a terminal.");
Damien Miller95def091999-11-25 00:26:21 +1100555 tty_flag = 0;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000556 }
Damien Miller1383bd82000-04-06 12:32:37 +1000557
Ben Lindstrom8a432f52001-03-05 07:24:46 +0000558 /*
559 * Initialize "log" output. Since we are the client all output
560 * actually goes to stderr.
561 */
Ben Lindstrom2b646522001-04-12 16:16:57 +0000562 log_init(av[0], options.log_level == -1 ? SYSLOG_LEVEL_INFO : options.log_level,
563 SYSLOG_FACILITY_USER, 1);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000564
Ben Lindstrom14f31ab2001-09-12 17:48:04 +0000565 /*
566 * Read per-user configuration file. Ignore the system wide config
567 * file if the user specifies a config file on the command line.
568 */
569 if (config != NULL) {
Ben Lindstromedc0cf22001-09-12 18:32:20 +0000570 if (!read_config_file(config, host, &options))
571 fatal("Can't open user config file %.100s: "
572 "%.100s", config, strerror(errno));
Ben Lindstrom14f31ab2001-09-12 17:48:04 +0000573 } else {
574 snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir,
575 _PATH_SSH_USER_CONFFILE);
Ben Lindstromedc0cf22001-09-12 18:32:20 +0000576 (void)read_config_file(buf, host, &options);
Ben Lindstrom83f07d12001-10-03 17:22:29 +0000577
578 /* Read systemwide configuration file after use config. */
579 (void)read_config_file(_PATH_HOST_CONFIG_FILE, host, &options);
Ben Lindstrom14f31ab2001-09-12 17:48:04 +0000580 }
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000581
Damien Miller95def091999-11-25 00:26:21 +1100582 /* Fill configuration defaults. */
583 fill_default_options(&options);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000584
Darren Tucker0a4f04b2003-07-03 20:37:47 +1000585 channel_set_af(options.address_family);
586
Damien Miller95def091999-11-25 00:26:21 +1100587 /* reinit */
Ben Lindstrom8a432f52001-03-05 07:24:46 +0000588 log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 1);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000589
Damien Miller60bc5172001-03-19 09:38:15 +1100590 seed_rng();
591
Damien Miller95def091999-11-25 00:26:21 +1100592 if (options.user == NULL)
593 options.user = xstrdup(pw->pw_name);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000594
Damien Miller95def091999-11-25 00:26:21 +1100595 if (options.hostname != NULL)
596 host = options.hostname;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000597
Darren Tucker3f521e22003-07-03 16:20:42 +1000598 /* force lowercase for hostkey matching */
599 if (options.host_key_alias != NULL) {
600 for (p = options.host_key_alias; *p; p++)
601 if (isupper(*p))
602 *p = tolower(*p);
603 }
604
Damien Miller9f1e33a2003-02-24 11:57:32 +1100605 if (options.proxy_command != NULL &&
606 strcmp(options.proxy_command, "none") == 0)
607 options.proxy_command = NULL;
608
Kevin Stevesfcec7f82000-12-15 19:55:48 +0000609 /* Open a connection to the remote host. */
Darren Tucker0a4f04b2003-07-03 20:37:47 +1000610 if (ssh_connect(host, &hostaddr, options.port,
611 options.address_family, options.connection_attempts,
Ben Lindstrom1aa64272002-06-11 20:28:05 +0000612#ifdef HAVE_CYGWIN
613 options.use_privileged_port,
614#else
Ben Lindstromf9c48842002-06-11 16:37:51 +0000615 original_effective_uid == 0 && options.use_privileged_port,
Ben Lindstrom1aa64272002-06-11 20:28:05 +0000616#endif
Ben Lindstromda394ca2002-06-12 16:11:12 +0000617 options.proxy_command) != 0)
Ben Lindstrom24157572002-06-12 16:09:39 +0000618 exit(1);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000619
Damien Miller5428f641999-11-25 11:54:57 +1100620 /*
621 * If we successfully made the connection, load the host private key
622 * in case we will need it later for combined rsa-rhosts
623 * authentication. This must be done before releasing extra
624 * privileges, because the file is only readable by root.
Ben Lindstrom9e5bb572002-06-06 19:58:27 +0000625 * If we cannot access the private keys, load the public keys
626 * instead and try to execute the ssh-keysign helper instead.
Damien Miller5428f641999-11-25 11:54:57 +1100627 */
Ben Lindstrom5eabda32001-04-12 23:34:34 +0000628 sensitive_data.nkeys = 0;
629 sensitive_data.keys = NULL;
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000630 sensitive_data.external_keysign = 0;
Ben Lindstrom24157572002-06-12 16:09:39 +0000631 if (options.rhosts_rsa_authentication ||
632 options.hostbased_authentication) {
Ben Lindstrom5eabda32001-04-12 23:34:34 +0000633 sensitive_data.nkeys = 3;
Ben Lindstroma962c2f2002-07-04 00:14:17 +0000634 sensitive_data.keys = xmalloc(sensitive_data.nkeys *
635 sizeof(Key));
Ben Lindstromf9c48842002-06-11 16:37:51 +0000636
637 PRIV_START;
Ben Lindstrom5eabda32001-04-12 23:34:34 +0000638 sensitive_data.keys[0] = key_load_private_type(KEY_RSA1,
Ben Lindstromd0fca422001-03-26 13:44:06 +0000639 _PATH_HOST_KEY_FILE, "", NULL);
Ben Lindstrom5eabda32001-04-12 23:34:34 +0000640 sensitive_data.keys[1] = key_load_private_type(KEY_DSA,
641 _PATH_HOST_DSA_KEY_FILE, "", NULL);
642 sensitive_data.keys[2] = key_load_private_type(KEY_RSA,
643 _PATH_HOST_RSA_KEY_FILE, "", NULL);
Ben Lindstromf9c48842002-06-11 16:37:51 +0000644 PRIV_END;
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000645
Ben Lindstrom5d35a2f2002-07-04 00:19:40 +0000646 if (options.hostbased_authentication == 1 &&
647 sensitive_data.keys[0] == NULL &&
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000648 sensitive_data.keys[1] == NULL &&
649 sensitive_data.keys[2] == NULL) {
650 sensitive_data.keys[1] = key_load_public(
651 _PATH_HOST_DSA_KEY_FILE, NULL);
652 sensitive_data.keys[2] = key_load_public(
653 _PATH_HOST_RSA_KEY_FILE, NULL);
654 sensitive_data.external_keysign = 1;
655 }
Damien Miller95def091999-11-25 00:26:21 +1100656 }
Damien Miller5428f641999-11-25 11:54:57 +1100657 /*
658 * Get rid of any extra privileges that we may have. We will no
659 * longer need them. Also, extra privileges could make it very hard
660 * to read identity files and other non-world-readable files from the
661 * user's home directory if it happens to be on a NFS volume where
662 * root is mapped to nobody.
663 */
Ben Lindstromf9c48842002-06-11 16:37:51 +0000664 seteuid(original_real_uid);
665 setuid(original_real_uid);
Damien Miller95def091999-11-25 00:26:21 +1100666
Damien Miller5428f641999-11-25 11:54:57 +1100667 /*
668 * Now that we are back to our own permissions, create ~/.ssh
669 * directory if it doesn\'t already exist.
670 */
Ben Lindstrom930b14a2001-08-15 23:19:21 +0000671 snprintf(buf, sizeof buf, "%.100s%s%.100s", pw->pw_dir, strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR);
Damien Miller95def091999-11-25 00:26:21 +1100672 if (stat(buf, &st) < 0)
Damien Millerbe484b52000-07-15 14:14:16 +1000673 if (mkdir(buf, 0700) < 0)
Damien Miller95def091999-11-25 00:26:21 +1100674 error("Could not create directory '%.200s'.", buf);
675
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000676 /* load options.identity_files */
677 load_public_identity_files();
678
679 /* Expand ~ in known host file names. */
680 /* XXX mem-leaks: */
Damien Miller0bc1bd82000-11-13 22:57:25 +1100681 options.system_hostfile =
682 tilde_expand_filename(options.system_hostfile, original_real_uid);
683 options.user_hostfile =
684 tilde_expand_filename(options.user_hostfile, original_real_uid);
685 options.system_hostfile2 =
686 tilde_expand_filename(options.system_hostfile2, original_real_uid);
687 options.user_hostfile2 =
688 tilde_expand_filename(options.user_hostfile2, original_real_uid);
Damien Miller95def091999-11-25 00:26:21 +1100689
Damien Miller07cd5892001-11-12 10:52:03 +1100690 signal(SIGPIPE, SIG_IGN); /* ignore SIGPIPE early */
691
Damien Miller95def091999-11-25 00:26:21 +1100692 /* Log into the remote system. This never returns if the login fails. */
Ben Lindstrom1bad2562002-06-06 19:57:33 +0000693 ssh_login(&sensitive_data, host, (struct sockaddr *)&hostaddr, pw);
Damien Miller95def091999-11-25 00:26:21 +1100694
Ben Lindstrom5eabda32001-04-12 23:34:34 +0000695 /* We no longer need the private host keys. Clear them now. */
696 if (sensitive_data.nkeys != 0) {
697 for (i = 0; i < sensitive_data.nkeys; i++) {
698 if (sensitive_data.keys[i] != NULL) {
699 /* Destroys contents safely */
700 debug3("clear hostkey %d", i);
701 key_free(sensitive_data.keys[i]);
702 sensitive_data.keys[i] = NULL;
703 }
704 }
705 xfree(sensitive_data.keys);
706 }
Ben Lindstroma6c8a8d2001-08-06 21:42:00 +0000707 for (i = 0; i < options.num_identity_files; i++) {
708 if (options.identity_files[i]) {
709 xfree(options.identity_files[i]);
710 options.identity_files[i] = NULL;
711 }
712 if (options.identity_keys[i]) {
713 key_free(options.identity_keys[i]);
714 options.identity_keys[i] = NULL;
715 }
716 }
Damien Miller95def091999-11-25 00:26:21 +1100717
Damien Miller1383bd82000-04-06 12:32:37 +1000718 exit_status = compat20 ? ssh_session2() : ssh_session();
719 packet_close();
Damien Miller8c4e18a2002-09-19 12:05:02 +1000720
721 /*
Damien Millera8e06ce2003-11-21 23:48:55 +1100722 * Send SIGHUP to proxy command if used. We don't wait() in
Damien Miller8c4e18a2002-09-19 12:05:02 +1000723 * case it hangs and instead rely on init to reap the child
724 */
725 if (proxy_command_pid > 1)
726 kill(proxy_command_pid, SIGHUP);
727
Damien Miller1383bd82000-04-06 12:32:37 +1000728 return exit_status;
729}
730
Darren Tucker0a118da2003-10-15 15:54:32 +1000731#define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1"
732
Ben Lindstrombba81212001-06-25 05:01:22 +0000733static void
Ben Lindstrom4a4bd712001-12-06 17:45:19 +0000734x11_get_proto(char **_proto, char **_data)
Damien Millerbd483e72000-04-30 10:00:53 +1000735{
Darren Tucker0a118da2003-10-15 15:54:32 +1000736 char cmd[1024];
Damien Millerbd483e72000-04-30 10:00:53 +1000737 char line[512];
Darren Tucker0a118da2003-10-15 15:54:32 +1000738 char xdisplay[512];
Ben Lindstrom4a4bd712001-12-06 17:45:19 +0000739 static char proto[512], data[512];
Damien Millerbd483e72000-04-30 10:00:53 +1000740 FILE *f;
Darren Tucker0a118da2003-10-15 15:54:32 +1000741 int got_data = 0, generated = 0, do_unlink = 0, i;
742 char *display, *xauthdir, *xauthfile;
Ben Lindstromee8d52d2002-07-23 21:03:02 +0000743 struct stat st;
Damien Millerbd483e72000-04-30 10:00:53 +1000744
Darren Tucker0a118da2003-10-15 15:54:32 +1000745 xauthdir = xauthfile = NULL;
Ben Lindstrom4a4bd712001-12-06 17:45:19 +0000746 *_proto = proto;
747 *_data = data;
748 proto[0] = data[0] = '\0';
Darren Tucker0a118da2003-10-15 15:54:32 +1000749
Ben Lindstromee8d52d2002-07-23 21:03:02 +0000750 if (!options.xauth_location ||
751 (stat(options.xauth_location, &st) == -1)) {
752 debug("No xauth program.");
753 } else {
754 if ((display = getenv("DISPLAY")) == NULL) {
755 debug("x11_get_proto: DISPLAY not set");
756 return;
757 }
Darren Tucker0a118da2003-10-15 15:54:32 +1000758 /*
759 * Handle FamilyLocal case where $DISPLAY does
760 * not match an authorization entry. For this we
761 * just try "xauth list unix:displaynum.screennum".
762 * XXX: "localhost" match to determine FamilyLocal
763 * is not perfect.
764 */
765 if (strncmp(display, "localhost:", 10) == 0) {
766 snprintf(xdisplay, sizeof(xdisplay), "unix:%s",
767 display + 10);
768 display = xdisplay;
769 }
770 if (options.forward_x11_trusted == 0) {
771 xauthdir = xmalloc(MAXPATHLEN);
772 xauthfile = xmalloc(MAXPATHLEN);
773 strlcpy(xauthdir, "/tmp/ssh-XXXXXXXXXX", MAXPATHLEN);
774 if (mkdtemp(xauthdir) != NULL) {
775 do_unlink = 1;
776 snprintf(xauthfile, MAXPATHLEN, "%s/xauthfile",
777 xauthdir);
778 snprintf(cmd, sizeof(cmd),
779 "%s -f %s generate %s " SSH_X11_PROTO
780 " untrusted timeout 120 2>" _PATH_DEVNULL,
781 options.xauth_location, xauthfile, display);
782 debug2("x11_get_proto: %s", cmd);
783 if (system(cmd) == 0)
784 generated = 1;
785 }
786 }
787 snprintf(cmd, sizeof(cmd),
788 "%s %s%s list %s . 2>" _PATH_DEVNULL,
789 options.xauth_location,
790 generated ? "-f " : "" ,
791 generated ? xauthfile : "",
792 display);
793 debug2("x11_get_proto: %s", cmd);
794 f = popen(cmd, "r");
Damien Millerd3a18572000-06-07 19:55:44 +1000795 if (f && fgets(line, sizeof(line), f) &&
Ben Lindstrom4a4bd712001-12-06 17:45:19 +0000796 sscanf(line, "%*s %511s %511s", proto, data) == 2)
Damien Millerd3a18572000-06-07 19:55:44 +1000797 got_data = 1;
798 if (f)
799 pclose(f);
800 }
Darren Tucker0a118da2003-10-15 15:54:32 +1000801
802 if (do_unlink) {
803 unlink(xauthfile);
804 rmdir(xauthdir);
805 }
806 if (xauthdir)
807 xfree(xauthdir);
808 if (xauthfile)
809 xfree(xauthfile);
810
Damien Millerbd483e72000-04-30 10:00:53 +1000811 /*
812 * If we didn't get authentication data, just make up some
813 * data. The forwarding code will check the validity of the
814 * response anyway, and substitute this data. The X11
815 * server, however, will ignore this fake data and use
816 * whatever authentication mechanisms it was using otherwise
817 * for the local connection.
818 */
819 if (!got_data) {
820 u_int32_t rand = 0;
821
Darren Tucker0a118da2003-10-15 15:54:32 +1000822 logit("Warning: No xauth data; "
823 "using fake authentication data for X11 forwarding.");
824 strlcpy(proto, SSH_X11_PROTO, sizeof proto);
Damien Millerbd483e72000-04-30 10:00:53 +1000825 for (i = 0; i < 16; i++) {
826 if (i % 4 == 0)
827 rand = arc4random();
Darren Tucker0a118da2003-10-15 15:54:32 +1000828 snprintf(data + 2 * i, sizeof data - 2 * i, "%02x",
829 rand & 0xff);
Damien Millerbd483e72000-04-30 10:00:53 +1000830 rand >>= 8;
831 }
832 }
833}
834
Ben Lindstrombba81212001-06-25 05:01:22 +0000835static void
Damien Miller0bc1bd82000-11-13 22:57:25 +1100836ssh_init_forwarding(void)
837{
Kevin Steves12057502001-02-05 14:54:34 +0000838 int success = 0;
Damien Miller0bc1bd82000-11-13 22:57:25 +1100839 int i;
Kevin Steves12057502001-02-05 14:54:34 +0000840
Damien Miller0bc1bd82000-11-13 22:57:25 +1100841 /* Initiate local TCP/IP port forwardings. */
842 for (i = 0; i < options.num_local_forwards; i++) {
843 debug("Connections to local port %d forwarded to remote address %.200s:%d",
844 options.local_forwards[i].port,
845 options.local_forwards[i].host,
846 options.local_forwards[i].host_port);
Damien Millerb16461c2002-01-22 23:29:22 +1100847 success += channel_setup_local_fwd_listener(
Damien Miller0bc1bd82000-11-13 22:57:25 +1100848 options.local_forwards[i].port,
849 options.local_forwards[i].host,
850 options.local_forwards[i].host_port,
851 options.gateway_ports);
852 }
Kevin Steves12057502001-02-05 14:54:34 +0000853 if (i > 0 && success == 0)
854 error("Could not request local forwarding.");
Damien Miller0bc1bd82000-11-13 22:57:25 +1100855
856 /* Initiate remote TCP/IP port forwardings. */
857 for (i = 0; i < options.num_remote_forwards; i++) {
858 debug("Connections to remote port %d forwarded to local address %.200s:%d",
859 options.remote_forwards[i].port,
860 options.remote_forwards[i].host,
861 options.remote_forwards[i].host_port);
862 channel_request_remote_forwarding(
863 options.remote_forwards[i].port,
864 options.remote_forwards[i].host,
865 options.remote_forwards[i].host_port);
866 }
867}
868
Ben Lindstrombba81212001-06-25 05:01:22 +0000869static void
Damien Miller0bc1bd82000-11-13 22:57:25 +1100870check_agent_present(void)
871{
872 if (options.forward_agent) {
873 /* Clear agent forwarding if we don\'t have an agent. */
Damien Miller789e95d2002-09-12 09:52:46 +1000874 if (!ssh_agent_present())
Damien Miller0bc1bd82000-11-13 22:57:25 +1100875 options.forward_agent = 0;
Damien Miller0bc1bd82000-11-13 22:57:25 +1100876 }
877}
878
Ben Lindstrombba81212001-06-25 05:01:22 +0000879static int
Damien Miller1383bd82000-04-06 12:32:37 +1000880ssh_session(void)
881{
882 int type;
Damien Miller1383bd82000-04-06 12:32:37 +1000883 int interactive = 0;
884 int have_tty = 0;
885 struct winsize ws;
Damien Miller1383bd82000-04-06 12:32:37 +1000886 char *cp;
887
Damien Miller95def091999-11-25 00:26:21 +1100888 /* Enable compression if requested. */
889 if (options.compression) {
890 debug("Requesting compression at level %d.", options.compression_level);
891
892 if (options.compression_level < 1 || options.compression_level > 9)
893 fatal("Compression level must be from 1 (fast) to 9 (slow, best).");
894
895 /* Send the request. */
896 packet_start(SSH_CMSG_REQUEST_COMPRESSION);
897 packet_put_int(options.compression_level);
898 packet_send();
899 packet_write_wait();
Damien Millerdff50992002-01-22 23:16:32 +1100900 type = packet_read();
Damien Miller95def091999-11-25 00:26:21 +1100901 if (type == SSH_SMSG_SUCCESS)
902 packet_start_compression(options.compression_level);
903 else if (type == SSH_SMSG_FAILURE)
Damien Miller996acd22003-04-09 20:59:48 +1000904 logit("Warning: Remote host refused compression.");
Damien Miller95def091999-11-25 00:26:21 +1100905 else
906 packet_disconnect("Protocol error waiting for compression response.");
907 }
908 /* Allocate a pseudo tty if appropriate. */
909 if (tty_flag) {
910 debug("Requesting pty.");
911
912 /* Start the packet. */
913 packet_start(SSH_CMSG_REQUEST_PTY);
914
915 /* Store TERM in the packet. There is no limit on the
916 length of the string. */
917 cp = getenv("TERM");
918 if (!cp)
919 cp = "";
Ben Lindstrom664408d2001-06-09 01:42:01 +0000920 packet_put_cstring(cp);
Damien Miller95def091999-11-25 00:26:21 +1100921
922 /* Store window size in the packet. */
923 if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) < 0)
924 memset(&ws, 0, sizeof(ws));
925 packet_put_int(ws.ws_row);
926 packet_put_int(ws.ws_col);
927 packet_put_int(ws.ws_xpixel);
928 packet_put_int(ws.ws_ypixel);
929
930 /* Store tty modes in the packet. */
Ben Lindstromae8e2d32001-04-14 23:13:02 +0000931 tty_make_modes(fileno(stdin), NULL);
Damien Miller95def091999-11-25 00:26:21 +1100932
933 /* Send the packet, and wait for it to leave. */
934 packet_send();
935 packet_write_wait();
936
937 /* Read response from the server. */
Damien Millerdff50992002-01-22 23:16:32 +1100938 type = packet_read();
Damien Miller450a7a12000-03-26 13:04:51 +1000939 if (type == SSH_SMSG_SUCCESS) {
Damien Miller95def091999-11-25 00:26:21 +1100940 interactive = 1;
Damien Miller1383bd82000-04-06 12:32:37 +1000941 have_tty = 1;
Damien Miller450a7a12000-03-26 13:04:51 +1000942 } else if (type == SSH_SMSG_FAILURE)
Damien Miller996acd22003-04-09 20:59:48 +1000943 logit("Warning: Remote host failed or refused to allocate a pseudo tty.");
Damien Miller95def091999-11-25 00:26:21 +1100944 else
945 packet_disconnect("Protocol error waiting for pty request response.");
946 }
947 /* Request X11 forwarding if enabled and DISPLAY is set. */
948 if (options.forward_x11 && getenv("DISPLAY") != NULL) {
Ben Lindstrom4a4bd712001-12-06 17:45:19 +0000949 char *proto, *data;
Damien Millerbd483e72000-04-30 10:00:53 +1000950 /* Get reasonable local authentication information. */
Ben Lindstrom4a4bd712001-12-06 17:45:19 +0000951 x11_get_proto(&proto, &data);
Damien Millerbd483e72000-04-30 10:00:53 +1000952 /* Request forwarding with authentication spoofing. */
Damien Miller95def091999-11-25 00:26:21 +1100953 debug("Requesting X11 forwarding with authentication spoofing.");
Damien Millerbd483e72000-04-30 10:00:53 +1000954 x11_request_forwarding_with_spoofing(0, proto, data);
Damien Miller95def091999-11-25 00:26:21 +1100955
956 /* Read response from the server. */
Damien Millerdff50992002-01-22 23:16:32 +1100957 type = packet_read();
Damien Miller95def091999-11-25 00:26:21 +1100958 if (type == SSH_SMSG_SUCCESS) {
Damien Miller95def091999-11-25 00:26:21 +1100959 interactive = 1;
Damien Millerbd483e72000-04-30 10:00:53 +1000960 } else if (type == SSH_SMSG_FAILURE) {
Damien Miller996acd22003-04-09 20:59:48 +1000961 logit("Warning: Remote host denied X11 forwarding.");
Damien Millerbd483e72000-04-30 10:00:53 +1000962 } else {
Damien Miller95def091999-11-25 00:26:21 +1100963 packet_disconnect("Protocol error waiting for X11 forwarding");
Damien Millerbd483e72000-04-30 10:00:53 +1000964 }
Damien Miller95def091999-11-25 00:26:21 +1100965 }
966 /* Tell the packet module whether this is an interactive session. */
Ben Lindstrombf555ba2001-01-18 02:04:35 +0000967 packet_set_interactive(interactive);
Damien Miller95def091999-11-25 00:26:21 +1100968
969 /* Request authentication agent forwarding if appropriate. */
Damien Miller0bc1bd82000-11-13 22:57:25 +1100970 check_agent_present();
971
Damien Miller95def091999-11-25 00:26:21 +1100972 if (options.forward_agent) {
973 debug("Requesting authentication agent forwarding.");
974 auth_request_forwarding();
975
976 /* Read response from the server. */
Damien Millerdff50992002-01-22 23:16:32 +1100977 type = packet_read();
Damien Miller48b03fc2002-01-22 23:11:40 +1100978 packet_check_eom();
Damien Miller95def091999-11-25 00:26:21 +1100979 if (type != SSH_SMSG_SUCCESS)
Damien Miller996acd22003-04-09 20:59:48 +1000980 logit("Warning: Remote host denied authentication agent forwarding.");
Damien Miller95def091999-11-25 00:26:21 +1100981 }
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000982
Damien Miller0bc1bd82000-11-13 22:57:25 +1100983 /* Initiate port forwardings. */
984 ssh_init_forwarding();
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000985
Damien Miller5428f641999-11-25 11:54:57 +1100986 /* If requested, let ssh continue in the background. */
Damien Miller4af51302000-04-16 11:18:38 +1000987 if (fork_after_authentication_flag)
Damien Miller5428f641999-11-25 11:54:57 +1100988 if (daemon(1, 1) < 0)
989 fatal("daemon() failed: %.200s", strerror(errno));
990
991 /*
992 * If a command was specified on the command line, execute the
993 * command now. Otherwise request the server to start a shell.
994 */
Damien Miller95def091999-11-25 00:26:21 +1100995 if (buffer_len(&command) > 0) {
996 int len = buffer_len(&command);
997 if (len > 900)
998 len = 900;
Damien Miller5a6b4fe2001-12-21 14:56:54 +1100999 debug("Sending command: %.*s", len, (u_char *)buffer_ptr(&command));
Damien Miller95def091999-11-25 00:26:21 +11001000 packet_start(SSH_CMSG_EXEC_CMD);
1001 packet_put_string(buffer_ptr(&command), buffer_len(&command));
1002 packet_send();
1003 packet_write_wait();
1004 } else {
1005 debug("Requesting shell.");
1006 packet_start(SSH_CMSG_EXEC_SHELL);
1007 packet_send();
1008 packet_write_wait();
1009 }
Damien Millerd4a8b7e1999-10-27 13:42:43 +10001010
Damien Miller95def091999-11-25 00:26:21 +11001011 /* Enter the interactive session. */
Ben Lindstrom2b1f71b2001-06-05 20:32:21 +00001012 return client_loop(have_tty, tty_flag ?
1013 options.escape_char : SSH_ESCAPECHAR_NONE, 0);
Damien Miller1383bd82000-04-06 12:32:37 +10001014}
Damien Millerd4a8b7e1999-10-27 13:42:43 +10001015
Ben Lindstrombba81212001-06-25 05:01:22 +00001016static void
Damien Miller630d6f42002-01-22 23:17:30 +11001017client_subsystem_reply(int type, u_int32_t seq, void *ctxt)
Ben Lindstrom1e7d3062001-02-09 02:36:43 +00001018{
1019 int id, len;
1020
1021 id = packet_get_int();
1022 len = buffer_len(&command);
Ben Lindstrom4040fe12001-03-05 06:52:57 +00001023 if (len > 900)
1024 len = 900;
Damien Miller48b03fc2002-01-22 23:11:40 +11001025 packet_check_eom();
Ben Lindstrom1e7d3062001-02-09 02:36:43 +00001026 if (type == SSH2_MSG_CHANNEL_FAILURE)
1027 fatal("Request for subsystem '%.*s' failed on channel %d",
Damien Miller5a6b4fe2001-12-21 14:56:54 +11001028 len, (u_char *)buffer_ptr(&command), id);
Ben Lindstrom1e7d3062001-02-09 02:36:43 +00001029}
1030
Damien Miller2797f7f2002-04-23 21:09:44 +10001031void
Damien Miller509b0102003-12-17 16:33:10 +11001032client_global_request_reply_fwd(int type, u_int32_t seq, void *ctxt)
Damien Miller2797f7f2002-04-23 21:09:44 +10001033{
1034 int i;
1035
1036 i = client_global_request_id++;
Damien Miller509b0102003-12-17 16:33:10 +11001037 if (i >= options.num_remote_forwards)
Damien Miller2797f7f2002-04-23 21:09:44 +10001038 return;
Damien Miller2797f7f2002-04-23 21:09:44 +10001039 debug("remote forward %s for: listen %d, connect %s:%d",
1040 type == SSH2_MSG_REQUEST_SUCCESS ? "success" : "failure",
1041 options.remote_forwards[i].port,
1042 options.remote_forwards[i].host,
1043 options.remote_forwards[i].host_port);
1044 if (type == SSH2_MSG_REQUEST_FAILURE)
Damien Miller996acd22003-04-09 20:59:48 +10001045 logit("Warning: remote port forwarding failed for listen port %d",
Damien Miller2797f7f2002-04-23 21:09:44 +10001046 options.remote_forwards[i].port);
1047}
1048
Ben Lindstromf558cf62001-09-20 23:13:49 +00001049/* request pty/x11/agent/tcpfwd/shell for channel */
Ben Lindstrombba81212001-06-25 05:01:22 +00001050static void
Ben Lindstromf558cf62001-09-20 23:13:49 +00001051ssh_session2_setup(int id, void *arg)
Damien Miller1383bd82000-04-06 12:32:37 +10001052{
1053 int len;
Ben Lindstrombf555ba2001-01-18 02:04:35 +00001054 int interactive = 0;
Ben Lindstromae8e2d32001-04-14 23:13:02 +00001055 struct termios tio;
Ben Lindstrombf555ba2001-01-18 02:04:35 +00001056
Ben Lindstrom604dc722002-12-23 02:08:57 +00001057 debug2("ssh_session2_setup: id %d", id);
Damien Miller1383bd82000-04-06 12:32:37 +10001058
Damien Miller1383bd82000-04-06 12:32:37 +10001059 if (tty_flag) {
1060 struct winsize ws;
1061 char *cp;
1062 cp = getenv("TERM");
1063 if (!cp)
1064 cp = "";
1065 /* Store window size in the packet. */
1066 if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) < 0)
1067 memset(&ws, 0, sizeof(ws));
1068
1069 channel_request_start(id, "pty-req", 0);
1070 packet_put_cstring(cp);
1071 packet_put_int(ws.ws_col);
1072 packet_put_int(ws.ws_row);
1073 packet_put_int(ws.ws_xpixel);
1074 packet_put_int(ws.ws_ypixel);
Ben Lindstromae8e2d32001-04-14 23:13:02 +00001075 tio = get_saved_tio();
1076 tty_make_modes(/*ignored*/ 0, &tio);
Damien Miller1383bd82000-04-06 12:32:37 +10001077 packet_send();
Ben Lindstrombf555ba2001-01-18 02:04:35 +00001078 interactive = 1;
Damien Miller1383bd82000-04-06 12:32:37 +10001079 /* XXX wait for reply */
1080 }
Damien Millerbd483e72000-04-30 10:00:53 +10001081 if (options.forward_x11 &&
1082 getenv("DISPLAY") != NULL) {
Ben Lindstrom4a4bd712001-12-06 17:45:19 +00001083 char *proto, *data;
Damien Millerbd483e72000-04-30 10:00:53 +10001084 /* Get reasonable local authentication information. */
Ben Lindstrom4a4bd712001-12-06 17:45:19 +00001085 x11_get_proto(&proto, &data);
Damien Millerbd483e72000-04-30 10:00:53 +10001086 /* Request forwarding with authentication spoofing. */
1087 debug("Requesting X11 forwarding with authentication spoofing.");
1088 x11_request_forwarding_with_spoofing(id, proto, data);
Ben Lindstrombf555ba2001-01-18 02:04:35 +00001089 interactive = 1;
Damien Millerbd483e72000-04-30 10:00:53 +10001090 /* XXX wait for reply */
1091 }
1092
Damien Miller0bc1bd82000-11-13 22:57:25 +11001093 check_agent_present();
1094 if (options.forward_agent) {
1095 debug("Requesting authentication agent forwarding.");
1096 channel_request_start(id, "auth-agent-req@openssh.com", 0);
1097 packet_send();
1098 }
1099
Damien Miller1383bd82000-04-06 12:32:37 +10001100 len = buffer_len(&command);
1101 if (len > 0) {
1102 if (len > 900)
1103 len = 900;
Damien Miller832562e2001-01-30 09:30:01 +11001104 if (subsystem_flag) {
Damien Miller5a6b4fe2001-12-21 14:56:54 +11001105 debug("Sending subsystem: %.*s", len, (u_char *)buffer_ptr(&command));
Ben Lindstrom1e7d3062001-02-09 02:36:43 +00001106 channel_request_start(id, "subsystem", /*want reply*/ 1);
1107 /* register callback for reply */
Ben Lindstromf666fec2002-06-06 19:51:58 +00001108 /* XXX we assume that client_loop has already been called */
Ben Lindstrom1e7d3062001-02-09 02:36:43 +00001109 dispatch_set(SSH2_MSG_CHANNEL_FAILURE, &client_subsystem_reply);
1110 dispatch_set(SSH2_MSG_CHANNEL_SUCCESS, &client_subsystem_reply);
Damien Miller832562e2001-01-30 09:30:01 +11001111 } else {
Damien Miller5a6b4fe2001-12-21 14:56:54 +11001112 debug("Sending command: %.*s", len, (u_char *)buffer_ptr(&command));
Damien Miller832562e2001-01-30 09:30:01 +11001113 channel_request_start(id, "exec", 0);
1114 }
Ben Lindstrom4040fe12001-03-05 06:52:57 +00001115 packet_put_string(buffer_ptr(&command), buffer_len(&command));
Damien Miller1383bd82000-04-06 12:32:37 +10001116 packet_send();
1117 } else {
Damien Millera500cd62002-02-08 22:04:26 +11001118 channel_request_start(id, "shell", 0);
1119 packet_send();
Damien Miller1383bd82000-04-06 12:32:37 +10001120 }
Ben Lindstrom1e7d3062001-02-09 02:36:43 +00001121
Ben Lindstrombf555ba2001-01-18 02:04:35 +00001122 packet_set_interactive(interactive);
Damien Miller1383bd82000-04-06 12:32:37 +10001123}
1124
Ben Lindstromf558cf62001-09-20 23:13:49 +00001125/* open new channel for a session */
Ben Lindstrombba81212001-06-25 05:01:22 +00001126static int
Ben Lindstromf558cf62001-09-20 23:13:49 +00001127ssh_session2_open(void)
Damien Miller1383bd82000-04-06 12:32:37 +10001128{
Ben Lindstrom99c73b32001-05-05 04:09:47 +00001129 Channel *c;
1130 int window, packetmax, in, out, err;
Damien Millerad833b32000-08-23 10:46:23 +10001131
Damien Millercaf6dd62000-08-29 11:33:50 +11001132 if (stdin_null_flag) {
Ben Lindstrom31ca54a2001-02-09 02:11:24 +00001133 in = open(_PATH_DEVNULL, O_RDONLY);
Damien Millercaf6dd62000-08-29 11:33:50 +11001134 } else {
1135 in = dup(STDIN_FILENO);
1136 }
1137 out = dup(STDOUT_FILENO);
1138 err = dup(STDERR_FILENO);
1139
1140 if (in < 0 || out < 0 || err < 0)
1141 fatal("dup() in/out/err failed");
1142
Damien Miller69b69aa2000-10-28 14:19:58 +11001143 /* enable nonblocking unless tty */
1144 if (!isatty(in))
1145 set_nonblock(in);
1146 if (!isatty(out))
1147 set_nonblock(out);
1148 if (!isatty(err))
1149 set_nonblock(err);
1150
Damien Millere4340be2000-09-16 13:29:08 +11001151 window = CHAN_SES_WINDOW_DEFAULT;
1152 packetmax = CHAN_SES_PACKET_DEFAULT;
Damien Miller19a59452002-02-19 15:20:57 +11001153 if (tty_flag) {
1154 window >>= 1;
1155 packetmax >>= 1;
Damien Miller1383bd82000-04-06 12:32:37 +10001156 }
Ben Lindstrom99c73b32001-05-05 04:09:47 +00001157 c = channel_new(
Damien Miller1383bd82000-04-06 12:32:37 +10001158 "session", SSH_CHANNEL_OPENING, in, out, err,
Damien Millere4340be2000-09-16 13:29:08 +11001159 window, packetmax, CHAN_EXTENDED_WRITE,
Damien Millerb1ca8bb2003-05-14 13:45:42 +10001160 "client-session", /*nonblock*/0);
Damien Miller1383bd82000-04-06 12:32:37 +10001161
Ben Lindstromf558cf62001-09-20 23:13:49 +00001162 debug3("ssh_session2_open: channel_new: %d", c->self);
Ben Lindstrom4c3f77d2001-04-05 23:37:36 +00001163
Ben Lindstrom5ec26452001-06-09 00:18:51 +00001164 channel_send_open(c->self);
Ben Lindstromf558cf62001-09-20 23:13:49 +00001165 if (!no_shell_flag)
Damien Miller67f0bc02002-02-05 12:23:08 +11001166 channel_register_confirm(c->self, ssh_session2_setup);
Damien Miller1383bd82000-04-06 12:32:37 +10001167
Ben Lindstrom99c73b32001-05-05 04:09:47 +00001168 return c->self;
Ben Lindstrom4c3f77d2001-04-05 23:37:36 +00001169}
1170
Ben Lindstrombba81212001-06-25 05:01:22 +00001171static int
Ben Lindstrom4c3f77d2001-04-05 23:37:36 +00001172ssh_session2(void)
1173{
Ben Lindstromf558cf62001-09-20 23:13:49 +00001174 int id = -1;
Ben Lindstrom4c3f77d2001-04-05 23:37:36 +00001175
1176 /* XXX should be pre-session */
1177 ssh_init_forwarding();
1178
Ben Lindstromf558cf62001-09-20 23:13:49 +00001179 if (!no_shell_flag || (datafellows & SSH_BUG_DUMMYCHAN))
1180 id = ssh_session2_open();
Ben Lindstrom4c3f77d2001-04-05 23:37:36 +00001181
1182 /* If requested, let ssh continue in the background. */
1183 if (fork_after_authentication_flag)
1184 if (daemon(1, 1) < 0)
1185 fatal("daemon() failed: %.200s", strerror(errno));
1186
Ben Lindstrom2b1f71b2001-06-05 20:32:21 +00001187 return client_loop(tty_flag, tty_flag ?
1188 options.escape_char : SSH_ESCAPECHAR_NONE, id);
Damien Millerd4a8b7e1999-10-27 13:42:43 +10001189}
Damien Miller0bc1bd82000-11-13 22:57:25 +11001190
Ben Lindstrombba81212001-06-25 05:01:22 +00001191static void
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001192load_public_identity_files(void)
1193{
1194 char *filename;
Ben Lindstrom711b04a2001-08-06 21:12:42 +00001195 int i = 0;
Ben Lindstrom0936a5b2002-03-26 03:17:42 +00001196 Key *public;
Ben Lindstrom711b04a2001-08-06 21:12:42 +00001197#ifdef SMARTCARD
Ben Lindstrom0936a5b2002-03-26 03:17:42 +00001198 Key **keys;
1199
Ben Lindstromf7db3bb2001-08-06 21:35:51 +00001200 if (options.smartcard_device != NULL &&
Ben Lindstrom0936a5b2002-03-26 03:17:42 +00001201 options.num_identity_files < SSH_MAX_IDENTITY_FILES &&
1202 (keys = sc_get_keys(options.smartcard_device, NULL)) != NULL ) {
1203 int count = 0;
1204 for (i = 0; keys[i] != NULL; i++) {
1205 count++;
Ben Lindstrom0936a5b2002-03-26 03:17:42 +00001206 memmove(&options.identity_files[1], &options.identity_files[0],
1207 sizeof(char *) * (SSH_MAX_IDENTITY_FILES - 1));
1208 memmove(&options.identity_keys[1], &options.identity_keys[0],
1209 sizeof(Key *) * (SSH_MAX_IDENTITY_FILES - 1));
1210 options.num_identity_files++;
1211 options.identity_keys[0] = keys[i];
Damien Miller56a0bb02003-06-18 20:28:40 +10001212 options.identity_files[0] = sc_get_key_label(keys[i]);
Ben Lindstrom0936a5b2002-03-26 03:17:42 +00001213 }
Ben Lindstrom4f054602002-03-26 03:23:00 +00001214 if (options.num_identity_files > SSH_MAX_IDENTITY_FILES)
1215 options.num_identity_files = SSH_MAX_IDENTITY_FILES;
Ben Lindstrom0936a5b2002-03-26 03:17:42 +00001216 i = count;
1217 xfree(keys);
Ben Lindstrom711b04a2001-08-06 21:12:42 +00001218 }
Ben Lindstromffce1472001-08-06 21:57:31 +00001219#endif /* SMARTCARD */
Ben Lindstrom711b04a2001-08-06 21:12:42 +00001220 for (; i < options.num_identity_files; i++) {
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001221 filename = tilde_expand_filename(options.identity_files[i],
1222 original_real_uid);
Ben Lindstromd0fca422001-03-26 13:44:06 +00001223 public = key_load_public(filename, NULL);
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001224 debug("identity file %s type %d", filename,
1225 public ? public->type : -1);
1226 xfree(options.identity_files[i]);
1227 options.identity_files[i] = filename;
1228 options.identity_keys[i] = public;
1229 }
1230}