diff options
author | Damien Miller <djm@mindrot.org> | 2001-01-30 09:30:01 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2001-01-30 09:30:01 +1100 |
commit | 832562e9ba9052d41c257af2419621350ca2af01 (patch) | |
tree | 429a188e6e4b7b45bc102f61630ed7dff4a7180f | |
parent | 7650bc68420a227212ba0ff5cd4a0d133471b872 (diff) |
- djm@cvs.openbsd.org 2001/01/29 05:36:11
[ssh.1 ssh.c]
Allow invocation of sybsystem by commandline (-s); ok markus@
-rw-r--r-- | ChangeLog | 3 | ||||
-rw-r--r-- | ssh.1 | 8 | ||||
-rw-r--r-- | ssh.c | 22 |
3 files changed, 28 insertions, 5 deletions
@@ -10,6 +10,9 @@ | |||
10 | [rsa.c rsa.h ssh-agent.c sshconnect1.c sshd.c] | 10 | [rsa.c rsa.h ssh-agent.c sshconnect1.c sshd.c] |
11 | handle rsa_private_decrypt failures; helps against the Bleichenbacher | 11 | handle rsa_private_decrypt failures; helps against the Bleichenbacher |
12 | pkcs#1 attack | 12 | pkcs#1 attack |
13 | - djm@cvs.openbsd.org 2001/01/29 05:36:11 | ||
14 | [ssh.1 ssh.c] | ||
15 | Allow invocation of sybsystem by commandline (-s); ok markus@ | ||
13 | 16 | ||
14 | 20000129 | 17 | 20000129 |
15 | - (stevesk) sftp-server.c: use %lld vs. %qd | 18 | - (stevesk) sftp-server.c: use %lld vs. %qd |
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: ssh.1,v 1.79 2001/01/28 20:36:16 stevesk Exp $ | 37 | .\" $OpenBSD: ssh.1,v 1.80 2001/01/29 12:36:10 djm Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSH 1 | 39 | .Dt SSH 1 |
40 | .Os | 40 | .Os |
@@ -48,7 +48,7 @@ | |||
48 | .Op Ar command | 48 | .Op Ar command |
49 | .Pp | 49 | .Pp |
50 | .Nm ssh | 50 | .Nm ssh |
51 | .Op Fl afgknqtvxACNPTX246 | 51 | .Op Fl afgknqstvxACNPTX246 |
52 | .Op Fl c Ar cipher_spec | 52 | .Op Fl c Ar cipher_spec |
53 | .Op Fl e Ar escape_char | 53 | .Op Fl e Ar escape_char |
54 | .Op Fl i Ar identity_file | 54 | .Op Fl i Ar identity_file |
@@ -470,6 +470,10 @@ for older servers. | |||
470 | Quiet mode. | 470 | Quiet mode. |
471 | Causes all warning and diagnostic messages to be suppressed. | 471 | Causes all warning and diagnostic messages to be suppressed. |
472 | Only fatal errors are displayed. | 472 | Only fatal errors are displayed. |
473 | .It Fl s | ||
474 | May be used to request invocation of a subsystem on the remote system. Subsystems are a feature of the SSH2 protocol which facilitate the use | ||
475 | of SSH as a secure transport for other application (eg. sftp). The | ||
476 | subsystem is specified as the remote command. | ||
473 | .It Fl t | 477 | .It Fl t |
474 | Force pseudo-tty allocation. | 478 | Force pseudo-tty allocation. |
475 | This can be used to execute arbitrary | 479 | This can be used to execute arbitrary |
@@ -39,7 +39,7 @@ | |||
39 | */ | 39 | */ |
40 | 40 | ||
41 | #include "includes.h" | 41 | #include "includes.h" |
42 | RCSID("$OpenBSD: ssh.c,v 1.84 2001/01/21 19:05:58 markus Exp $"); | 42 | RCSID("$OpenBSD: ssh.c,v 1.85 2001/01/29 12:36:10 djm Exp $"); |
43 | 43 | ||
44 | #include <openssl/evp.h> | 44 | #include <openssl/evp.h> |
45 | #include <openssl/err.h> | 45 | #include <openssl/err.h> |
@@ -139,6 +139,9 @@ uid_t original_real_uid; | |||
139 | /* command to be executed */ | 139 | /* command to be executed */ |
140 | Buffer command; | 140 | Buffer command; |
141 | 141 | ||
142 | /* Should we execute a command or invoke a subsystem? */ | ||
143 | int subsystem_flag = 0; | ||
144 | |||
142 | /* Prints a help message to the user. This function never returns. */ | 145 | /* Prints a help message to the user. This function never returns. */ |
143 | 146 | ||
144 | void | 147 | void |
@@ -181,6 +184,7 @@ usage() | |||
181 | fprintf(stderr, " -6 Use IPv6 only.\n"); | 184 | fprintf(stderr, " -6 Use IPv6 only.\n"); |
182 | fprintf(stderr, " -2 Force protocol version 2.\n"); | 185 | fprintf(stderr, " -2 Force protocol version 2.\n"); |
183 | fprintf(stderr, " -o 'option' Process the option as if it was read from a configuration file.\n"); | 186 | fprintf(stderr, " -o 'option' Process the option as if it was read from a configuration file.\n"); |
187 | fprintf(stderr, " -s Invoke command (mandatory) as SSH2 subsystem.\n"); | ||
184 | exit(1); | 188 | exit(1); |
185 | } | 189 | } |
186 | 190 | ||
@@ -484,6 +488,9 @@ main(int ac, char **av) | |||
484 | "command-line", 0, &dummy) != 0) | 488 | "command-line", 0, &dummy) != 0) |
485 | exit(1); | 489 | exit(1); |
486 | break; | 490 | break; |
491 | case 's': | ||
492 | subsystem_flag = 1; | ||
493 | break; | ||
487 | default: | 494 | default: |
488 | usage(); | 495 | usage(); |
489 | } | 496 | } |
@@ -507,6 +514,10 @@ main(int ac, char **av) | |||
507 | if (optind == ac) { | 514 | if (optind == ac) { |
508 | /* No command specified - execute shell on a tty. */ | 515 | /* No command specified - execute shell on a tty. */ |
509 | tty_flag = 1; | 516 | tty_flag = 1; |
517 | if (subsystem_flag) { | ||
518 | fprintf(stderr, "You must specify a subsystem to invoke."); | ||
519 | usage(); | ||
520 | } | ||
510 | } else { | 521 | } else { |
511 | /* A command has been specified. Store it into the | 522 | /* A command has been specified. Store it into the |
512 | buffer. */ | 523 | buffer. */ |
@@ -978,8 +989,13 @@ ssh_session2_callback(int id, void *arg) | |||
978 | if (len > 0) { | 989 | if (len > 0) { |
979 | if (len > 900) | 990 | if (len > 900) |
980 | len = 900; | 991 | len = 900; |
981 | debug("Sending command: %.*s", len, buffer_ptr(&command)); | 992 | if (subsystem_flag) { |
982 | channel_request_start(id, "exec", 0); | 993 | debug("Sending subsystem: %.*s", len, buffer_ptr(&command)); |
994 | channel_request_start(id, "subsystem", 0); | ||
995 | } else { | ||
996 | debug("Sending command: %.*s", len, buffer_ptr(&command)); | ||
997 | channel_request_start(id, "exec", 0); | ||
998 | } | ||
983 | packet_put_string(buffer_ptr(&command), len); | 999 | packet_put_string(buffer_ptr(&command), len); |
984 | packet_send(); | 1000 | packet_send(); |
985 | } else { | 1001 | } else { |