diff options
Diffstat (limited to 'ssh.c')
-rw-r--r-- | ssh.c | 35 |
1 files changed, 19 insertions, 16 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh.c,v 1.500 2019/01/19 21:43:56 djm Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.507 2019/09/13 04:27:35 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -162,7 +162,7 @@ char *config = NULL; | |||
162 | 162 | ||
163 | /* | 163 | /* |
164 | * Name of the host we are connecting to. This is the name given on the | 164 | * Name of the host we are connecting to. This is the name given on the |
165 | * command line, or the HostName specified for the user-supplied name in a | 165 | * command line, or the Hostname specified for the user-supplied name in a |
166 | * configuration file. | 166 | * configuration file. |
167 | */ | 167 | */ |
168 | char *host; | 168 | char *host; |
@@ -236,7 +236,8 @@ resolve_host(const char *name, int port, int logerr, char *cname, size_t clen) | |||
236 | { | 236 | { |
237 | char strport[NI_MAXSERV]; | 237 | char strport[NI_MAXSERV]; |
238 | struct addrinfo hints, *res; | 238 | struct addrinfo hints, *res; |
239 | int gaierr, loglevel = SYSLOG_LEVEL_DEBUG1; | 239 | int gaierr; |
240 | LogLevel loglevel = SYSLOG_LEVEL_DEBUG1; | ||
240 | 241 | ||
241 | if (port <= 0) | 242 | if (port <= 0) |
242 | port = default_ssh_port(); | 243 | port = default_ssh_port(); |
@@ -595,7 +596,6 @@ main(int ac, char **av) | |||
595 | struct ssh_digest_ctx *md; | 596 | struct ssh_digest_ctx *md; |
596 | u_char conn_hash[SSH_DIGEST_MAX_LENGTH]; | 597 | u_char conn_hash[SSH_DIGEST_MAX_LENGTH]; |
597 | 598 | ||
598 | ssh_malloc_init(); /* must be called before any mallocs */ | ||
599 | /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ | 599 | /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ |
600 | sanitise_stdfd(); | 600 | sanitise_stdfd(); |
601 | 601 | ||
@@ -773,7 +773,7 @@ main(int ac, char **av) | |||
773 | break; | 773 | break; |
774 | case 'i': | 774 | case 'i': |
775 | p = tilde_expand_filename(optarg, getuid()); | 775 | p = tilde_expand_filename(optarg, getuid()); |
776 | if (stat(p, &st) < 0) | 776 | if (stat(p, &st) == -1) |
777 | fprintf(stderr, "Warning: Identity file %s " | 777 | fprintf(stderr, "Warning: Identity file %s " |
778 | "not accessible: %s.\n", p, | 778 | "not accessible: %s.\n", p, |
779 | strerror(errno)); | 779 | strerror(errno)); |
@@ -790,8 +790,11 @@ main(int ac, char **av) | |||
790 | #endif | 790 | #endif |
791 | break; | 791 | break; |
792 | case 'J': | 792 | case 'J': |
793 | if (options.jump_host != NULL) | 793 | if (options.jump_host != NULL) { |
794 | fatal("Only a single -J option permitted"); | 794 | fatal("Only a single -J option is permitted " |
795 | "(use commas to separate multiple " | ||
796 | "jump hops)"); | ||
797 | } | ||
795 | if (options.proxy_command != NULL) | 798 | if (options.proxy_command != NULL) |
796 | fatal("Cannot specify -J with ProxyCommand"); | 799 | fatal("Cannot specify -J with ProxyCommand"); |
797 | if (parse_jump(optarg, &options, 1) == -1) | 800 | if (parse_jump(optarg, &options, 1) == -1) |
@@ -874,7 +877,7 @@ main(int ac, char **av) | |||
874 | } | 877 | } |
875 | break; | 878 | break; |
876 | case 'c': | 879 | case 'c': |
877 | if (!ciphers_valid(*optarg == '+' ? | 880 | if (!ciphers_valid(*optarg == '+' || *optarg == '^' ? |
878 | optarg + 1 : optarg)) { | 881 | optarg + 1 : optarg)) { |
879 | fprintf(stderr, "Unknown cipher type '%s'\n", | 882 | fprintf(stderr, "Unknown cipher type '%s'\n", |
880 | optarg); | 883 | optarg); |
@@ -1366,7 +1369,7 @@ main(int ac, char **av) | |||
1366 | timeout_ms = options.connection_timeout * 1000; | 1369 | timeout_ms = options.connection_timeout * 1000; |
1367 | 1370 | ||
1368 | /* Open a connection to the remote host. */ | 1371 | /* Open a connection to the remote host. */ |
1369 | if (ssh_connect(ssh, host, addrs, &hostaddr, options.port, | 1372 | if (ssh_connect(ssh, host_arg, host, addrs, &hostaddr, options.port, |
1370 | options.address_family, options.connection_attempts, | 1373 | options.address_family, options.connection_attempts, |
1371 | &timeout_ms, options.tcp_keep_alive) != 0) | 1374 | &timeout_ms, options.tcp_keep_alive) != 0) |
1372 | exit(255); | 1375 | exit(255); |
@@ -1423,7 +1426,7 @@ main(int ac, char **av) | |||
1423 | if (config == NULL) { | 1426 | if (config == NULL) { |
1424 | r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir, | 1427 | r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir, |
1425 | strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR); | 1428 | strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR); |
1426 | if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) { | 1429 | if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) == -1) { |
1427 | #ifdef WITH_SELINUX | 1430 | #ifdef WITH_SELINUX |
1428 | ssh_selinux_setfscreatecon(buf); | 1431 | ssh_selinux_setfscreatecon(buf); |
1429 | #endif | 1432 | #endif |
@@ -1590,7 +1593,7 @@ fork_postauth(void) | |||
1590 | control_persist_detach(); | 1593 | control_persist_detach(); |
1591 | debug("forking to background"); | 1594 | debug("forking to background"); |
1592 | fork_after_authentication_flag = 0; | 1595 | fork_after_authentication_flag = 0; |
1593 | if (daemon(1, 1) < 0) | 1596 | if (daemon(1, 1) == -1) |
1594 | fatal("daemon() failed: %.200s", strerror(errno)); | 1597 | fatal("daemon() failed: %.200s", strerror(errno)); |
1595 | } | 1598 | } |
1596 | 1599 | ||
@@ -1686,8 +1689,8 @@ ssh_init_stdio_forwarding(struct ssh *ssh) | |||
1686 | debug3("%s: %s:%d", __func__, options.stdio_forward_host, | 1689 | debug3("%s: %s:%d", __func__, options.stdio_forward_host, |
1687 | options.stdio_forward_port); | 1690 | options.stdio_forward_port); |
1688 | 1691 | ||
1689 | if ((in = dup(STDIN_FILENO)) < 0 || | 1692 | if ((in = dup(STDIN_FILENO)) == -1 || |
1690 | (out = dup(STDOUT_FILENO)) < 0) | 1693 | (out = dup(STDOUT_FILENO)) == -1) |
1691 | fatal("channel_connect_stdio_fwd: dup() in/out failed"); | 1694 | fatal("channel_connect_stdio_fwd: dup() in/out failed"); |
1692 | if ((c = channel_connect_stdio_fwd(ssh, options.stdio_forward_host, | 1695 | if ((c = channel_connect_stdio_fwd(ssh, options.stdio_forward_host, |
1693 | options.stdio_forward_port, in, out)) == NULL) | 1696 | options.stdio_forward_port, in, out)) == NULL) |
@@ -1840,7 +1843,7 @@ ssh_session2_open(struct ssh *ssh) | |||
1840 | out = dup(STDOUT_FILENO); | 1843 | out = dup(STDOUT_FILENO); |
1841 | err = dup(STDERR_FILENO); | 1844 | err = dup(STDERR_FILENO); |
1842 | 1845 | ||
1843 | if (in < 0 || out < 0 || err < 0) | 1846 | if (in == -1 || out == -1 || err == -1) |
1844 | fatal("dup() in/out/err failed"); | 1847 | fatal("dup() in/out/err failed"); |
1845 | 1848 | ||
1846 | /* enable nonblocking unless tty */ | 1849 | /* enable nonblocking unless tty */ |
@@ -1971,7 +1974,7 @@ ssh_session2(struct ssh *ssh, struct passwd *pw) | |||
1971 | if ((devnull = open(_PATH_DEVNULL, O_WRONLY)) == -1) | 1974 | if ((devnull = open(_PATH_DEVNULL, O_WRONLY)) == -1) |
1972 | error("%s: open %s: %s", __func__, | 1975 | error("%s: open %s: %s", __func__, |
1973 | _PATH_DEVNULL, strerror(errno)); | 1976 | _PATH_DEVNULL, strerror(errno)); |
1974 | if (dup2(devnull, STDOUT_FILENO) < 0) | 1977 | if (dup2(devnull, STDOUT_FILENO) == -1) |
1975 | fatal("%s: dup2() stdout failed", __func__); | 1978 | fatal("%s: dup2() stdout failed", __func__); |
1976 | if (devnull > STDERR_FILENO) | 1979 | if (devnull > STDERR_FILENO) |
1977 | close(devnull); | 1980 | close(devnull); |
@@ -2158,7 +2161,7 @@ main_sigchld_handler(int sig) | |||
2158 | int status; | 2161 | int status; |
2159 | 2162 | ||
2160 | while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || | 2163 | while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || |
2161 | (pid < 0 && errno == EINTR)) | 2164 | (pid == -1 && errno == EINTR)) |
2162 | ; | 2165 | ; |
2163 | errno = save_errno; | 2166 | errno = save_errno; |
2164 | } | 2167 | } |