summaryrefslogtreecommitdiff
path: root/clientloop.c
diff options
context:
space:
mode:
Diffstat (limited to 'clientloop.c')
-rw-r--r--clientloop.c55
1 files changed, 36 insertions, 19 deletions
diff --git a/clientloop.c b/clientloop.c
index f10fab769..52667017c 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: clientloop.c,v 1.201 2008/07/16 11:51:14 djm Exp $ */ 1/* $OpenBSD: clientloop.c,v 1.209 2009/02/12 03:00:56 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -107,10 +107,13 @@
107#include "atomicio.h" 107#include "atomicio.h"
108#include "sshpty.h" 108#include "sshpty.h"
109#include "misc.h" 109#include "misc.h"
110#include "monitor_fdpass.h"
111#include "match.h" 110#include "match.h"
112#include "msg.h" 111#include "msg.h"
113 112
113#ifdef GSSAPI
114#include "ssh-gss.h"
115#endif
116
114/* import options */ 117/* import options */
115extern Options options; 118extern Options options;
116 119
@@ -765,8 +768,8 @@ process_cmdline(void)
765 void (*handler)(int); 768 void (*handler)(int);
766 char *s, *cmd, *cancel_host; 769 char *s, *cmd, *cancel_host;
767 int delete = 0; 770 int delete = 0;
768 int local = 0; 771 int local = 0, remote = 0, dynamic = 0;
769 u_short cancel_port; 772 int cancel_port;
770 Forward fwd; 773 Forward fwd;
771 774
772 bzero(&fwd, sizeof(fwd)); 775 bzero(&fwd, sizeof(fwd));
@@ -790,6 +793,8 @@ process_cmdline(void)
790 "Request local forward"); 793 "Request local forward");
791 logit(" -R[bind_address:]port:host:hostport " 794 logit(" -R[bind_address:]port:host:hostport "
792 "Request remote forward"); 795 "Request remote forward");
796 logit(" -D[bind_address:]port "
797 "Request dynamic forward");
793 logit(" -KR[bind_address:]port " 798 logit(" -KR[bind_address:]port "
794 "Cancel remote forward"); 799 "Cancel remote forward");
795 if (!options.permit_local_command) 800 if (!options.permit_local_command)
@@ -809,17 +814,22 @@ process_cmdline(void)
809 delete = 1; 814 delete = 1;
810 s++; 815 s++;
811 } 816 }
812 if (*s != 'L' && *s != 'R') { 817 if (*s == 'L')
818 local = 1;
819 else if (*s == 'R')
820 remote = 1;
821 else if (*s == 'D')
822 dynamic = 1;
823 else {
813 logit("Invalid command."); 824 logit("Invalid command.");
814 goto out; 825 goto out;
815 } 826 }
816 if (*s == 'L') 827
817 local = 1; 828 if ((local || dynamic) && delete) {
818 if (local && delete) {
819 logit("Not supported."); 829 logit("Not supported.");
820 goto out; 830 goto out;
821 } 831 }
822 if ((!local || delete) && !compat20) { 832 if (remote && delete && !compat20) {
823 logit("Not supported for SSH protocol version 1."); 833 logit("Not supported for SSH protocol version 1.");
824 goto out; 834 goto out;
825 } 835 }
@@ -837,17 +847,17 @@ process_cmdline(void)
837 cancel_port = a2port(cancel_host); 847 cancel_port = a2port(cancel_host);
838 cancel_host = NULL; 848 cancel_host = NULL;
839 } 849 }
840 if (cancel_port == 0) { 850 if (cancel_port <= 0) {
841 logit("Bad forwarding close port"); 851 logit("Bad forwarding close port");
842 goto out; 852 goto out;
843 } 853 }
844 channel_request_rforward_cancel(cancel_host, cancel_port); 854 channel_request_rforward_cancel(cancel_host, cancel_port);
845 } else { 855 } else {
846 if (!parse_forward(&fwd, s)) { 856 if (!parse_forward(&fwd, s, dynamic, remote)) {
847 logit("Bad forwarding specification."); 857 logit("Bad forwarding specification.");
848 goto out; 858 goto out;
849 } 859 }
850 if (local) { 860 if (local || dynamic) {
851 if (channel_setup_local_fwd_listener(fwd.listen_host, 861 if (channel_setup_local_fwd_listener(fwd.listen_host,
852 fwd.listen_port, fwd.connect_host, 862 fwd.listen_port, fwd.connect_host,
853 fwd.connect_port, options.gateway_ports) < 0) { 863 fwd.connect_port, options.gateway_ports) < 0) {
@@ -1036,7 +1046,6 @@ process_escapes(Channel *c, Buffer *bin, Buffer *bout, Buffer *berr,
1036Supported escape sequences:\r\n\ 1046Supported escape sequences:\r\n\
1037 %c. - terminate session\r\n\ 1047 %c. - terminate session\r\n\
1038 %cB - send a BREAK to the remote system\r\n\ 1048 %cB - send a BREAK to the remote system\r\n\
1039 %cC - open a command line\r\n\
1040 %cR - Request rekey (SSH protocol 2 only)\r\n\ 1049 %cR - Request rekey (SSH protocol 2 only)\r\n\
1041 %c# - list forwarded connections\r\n\ 1050 %c# - list forwarded connections\r\n\
1042 %c? - this message\r\n\ 1051 %c? - this message\r\n\
@@ -1045,8 +1054,7 @@ Supported escape sequences:\r\n\
1045 escape_char, escape_char, 1054 escape_char, escape_char,
1046 escape_char, escape_char, 1055 escape_char, escape_char,
1047 escape_char, escape_char, 1056 escape_char, escape_char,
1048 escape_char, escape_char, 1057 escape_char, escape_char);
1049 escape_char);
1050 } else { 1058 } else {
1051 snprintf(string, sizeof string, 1059 snprintf(string, sizeof string,
1052"%c?\r\n\ 1060"%c?\r\n\
@@ -1081,6 +1089,8 @@ Supported escape sequences:\r\n\
1081 continue; 1089 continue;
1082 1090
1083 case 'C': 1091 case 'C':
1092 if (c && c->ctl_fd != -1)
1093 goto noescape;
1084 process_cmdline(); 1094 process_cmdline();
1085 continue; 1095 continue;
1086 1096
@@ -1423,6 +1433,13 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
1423 /* Do channel operations unless rekeying in progress. */ 1433 /* Do channel operations unless rekeying in progress. */
1424 if (!rekeying) { 1434 if (!rekeying) {
1425 channel_after_select(readset, writeset); 1435 channel_after_select(readset, writeset);
1436
1437 if (options.gss_renewal_rekey &&
1438 ssh_gssapi_credentials_updated(GSS_C_NO_CONTEXT)) {
1439 debug("credentials updated - forcing rekey");
1440 need_rekeying = 1;
1441 }
1442
1426 if (need_rekeying || packet_need_rekeying()) { 1443 if (need_rekeying || packet_need_rekeying()) {
1427 debug("need rekeying"); 1444 debug("need rekeying");
1428 xxx_kex->done = 0; 1445 xxx_kex->done = 0;
@@ -1632,7 +1649,7 @@ client_request_forwarded_tcpip(const char *request_type, int rchan)
1632{ 1649{
1633 Channel *c = NULL; 1650 Channel *c = NULL;
1634 char *listen_address, *originator_address; 1651 char *listen_address, *originator_address;
1635 int listen_port, originator_port; 1652 u_short listen_port, originator_port;
1636 1653
1637 /* Get rest of the packet */ 1654 /* Get rest of the packet */
1638 listen_address = packet_get_string(NULL); 1655 listen_address = packet_get_string(NULL);
@@ -1658,7 +1675,7 @@ client_request_x11(const char *request_type, int rchan)
1658{ 1675{
1659 Channel *c = NULL; 1676 Channel *c = NULL;
1660 char *originator; 1677 char *originator;
1661 int originator_port; 1678 u_short originator_port;
1662 int sock; 1679 int sock;
1663 1680
1664 if (!options.forward_x11) { 1681 if (!options.forward_x11) {
@@ -1722,7 +1739,7 @@ client_request_tun_fwd(int tun_mode, int local_tun, int remote_tun)
1722 return 0; 1739 return 0;
1723 1740
1724 if (!compat20) { 1741 if (!compat20) {
1725 error("Tunnel forwarding is not support for protocol 1"); 1742 error("Tunnel forwarding is not supported for protocol 1");
1726 return -1; 1743 return -1;
1727 } 1744 }
1728 1745
@@ -1846,7 +1863,7 @@ client_input_channel_req(int type, u_int32_t seq, void *ctxt)
1846 if (reply) { 1863 if (reply) {
1847 packet_start(success ? 1864 packet_start(success ?
1848 SSH2_MSG_CHANNEL_SUCCESS : SSH2_MSG_CHANNEL_FAILURE); 1865 SSH2_MSG_CHANNEL_SUCCESS : SSH2_MSG_CHANNEL_FAILURE);
1849 packet_put_int(id); 1866 packet_put_int(c->remote_id);
1850 packet_send(); 1867 packet_send();
1851 } 1868 }
1852 xfree(rtype); 1869 xfree(rtype);