diff options
Diffstat (limited to 'clientloop.c')
-rw-r--r-- | clientloop.c | 38 |
1 files changed, 34 insertions, 4 deletions
diff --git a/clientloop.c b/clientloop.c index eb3200331..8f2f270d7 100644 --- a/clientloop.c +++ b/clientloop.c | |||
@@ -59,7 +59,7 @@ | |||
59 | */ | 59 | */ |
60 | 60 | ||
61 | #include "includes.h" | 61 | #include "includes.h" |
62 | RCSID("$OpenBSD: clientloop.c,v 1.126 2004/06/17 14:52:48 djm Exp $"); | 62 | RCSID("$OpenBSD: clientloop.c,v 1.127 2004/06/17 15:10:13 djm Exp $"); |
63 | 63 | ||
64 | #include "ssh.h" | 64 | #include "ssh.h" |
65 | #include "ssh1.h" | 65 | #include "ssh1.h" |
@@ -549,7 +549,7 @@ client_extra_session2_setup(int id, void *arg) | |||
549 | client_session2_setup(id, cctx->want_tty, cctx->want_subsys, | 549 | client_session2_setup(id, cctx->want_tty, cctx->want_subsys, |
550 | cctx->term, &cctx->tio, c->rfd, &cctx->cmd, cctx->env, | 550 | cctx->term, &cctx->tio, c->rfd, &cctx->cmd, cctx->env, |
551 | client_subsystem_reply); | 551 | client_subsystem_reply); |
552 | 552 | ||
553 | c->confirm_ctx = NULL; | 553 | c->confirm_ctx = NULL; |
554 | buffer_free(&cctx->cmd); | 554 | buffer_free(&cctx->cmd); |
555 | xfree(cctx->term); | 555 | xfree(cctx->term); |
@@ -566,7 +566,7 @@ client_process_control(fd_set * readset) | |||
566 | { | 566 | { |
567 | Buffer m; | 567 | Buffer m; |
568 | Channel *c; | 568 | Channel *c; |
569 | int client_fd, new_fd[3], ver, i; | 569 | int client_fd, new_fd[3], ver, i, allowed; |
570 | socklen_t addrlen; | 570 | socklen_t addrlen; |
571 | struct sockaddr_storage addr; | 571 | struct sockaddr_storage addr; |
572 | struct confirm_ctx *cctx; | 572 | struct confirm_ctx *cctx; |
@@ -600,23 +600,52 @@ client_process_control(fd_set * readset) | |||
600 | close(client_fd); | 600 | close(client_fd); |
601 | return; | 601 | return; |
602 | } | 602 | } |
603 | /* XXX: implement use of ssh-askpass to confirm additional channels */ | 603 | |
604 | allowed = 1; | ||
605 | if (options.control_master == 2) { | ||
606 | char *p, prompt[1024]; | ||
607 | |||
608 | allowed = 0; | ||
609 | snprintf(prompt, sizeof(prompt), | ||
610 | "Allow shared connection to %s? ", host); | ||
611 | p = read_passphrase(prompt, RP_USE_ASKPASS|RP_ALLOW_EOF); | ||
612 | if (p != NULL) { | ||
613 | /* | ||
614 | * Accept empty responses and responses consisting | ||
615 | * of the word "yes" as affirmative. | ||
616 | */ | ||
617 | if (*p == '\0' || *p == '\n' || | ||
618 | strcasecmp(p, "yes") == 0) | ||
619 | allowed = 1; | ||
620 | xfree(p); | ||
621 | } | ||
622 | } | ||
604 | 623 | ||
605 | unset_nonblock(client_fd); | 624 | unset_nonblock(client_fd); |
606 | 625 | ||
607 | buffer_init(&m); | 626 | buffer_init(&m); |
608 | 627 | ||
628 | buffer_put_int(&m, allowed); | ||
609 | buffer_put_int(&m, getpid()); | 629 | buffer_put_int(&m, getpid()); |
610 | if (ssh_msg_send(client_fd, /* version */0, &m) == -1) { | 630 | if (ssh_msg_send(client_fd, /* version */0, &m) == -1) { |
611 | error("%s: client msg_send failed", __func__); | 631 | error("%s: client msg_send failed", __func__); |
612 | close(client_fd); | 632 | close(client_fd); |
633 | buffer_free(&m); | ||
613 | return; | 634 | return; |
614 | } | 635 | } |
615 | buffer_clear(&m); | 636 | buffer_clear(&m); |
616 | 637 | ||
638 | if (!allowed) { | ||
639 | error("Refused control connection"); | ||
640 | close(client_fd); | ||
641 | buffer_free(&m); | ||
642 | return; | ||
643 | } | ||
644 | |||
617 | if (ssh_msg_recv(client_fd, &m) == -1) { | 645 | if (ssh_msg_recv(client_fd, &m) == -1) { |
618 | error("%s: client msg_recv failed", __func__); | 646 | error("%s: client msg_recv failed", __func__); |
619 | close(client_fd); | 647 | close(client_fd); |
648 | buffer_free(&m); | ||
620 | return; | 649 | return; |
621 | } | 650 | } |
622 | 651 | ||
@@ -670,6 +699,7 @@ client_process_control(fd_set * readset) | |||
670 | close(new_fd[0]); | 699 | close(new_fd[0]); |
671 | close(new_fd[1]); | 700 | close(new_fd[1]); |
672 | close(new_fd[2]); | 701 | close(new_fd[2]); |
702 | buffer_free(&m); | ||
673 | return; | 703 | return; |
674 | } | 704 | } |
675 | buffer_free(&m); | 705 | buffer_free(&m); |