/* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland *                    All rights reserved * Ssh client program.  This program can be used to log into a remote machine. * The software supports strong authentication, encryption, and forwarding * of X11, TCP/IP, and authentication connections. * * As far as I am concerned, the code I have written for this software * can be used freely for any purpose.  Any derived versions of this * software must be clearly marked as such, and if the derived work is * incompatible with the protocol description in the RFC file, it must be * called by a name other than "ssh" or "Secure Shell". * * Copyright (c) 1999 Niels Provos.  All rights reserved. * Copyright (c) 2000, 2001, 2002 Markus Friedl.  All rights reserved. * * Modified to work with SSL by Niels Provos <provos@citi.umich.edu> * in Canada (German citizen). * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright *    notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright *    notice, this list of conditions and the following disclaimer in the *    documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */#include "includes.h"RCSID("$OpenBSD: ssh.c,v 1.190 2003/02/06 09:27:29 markus Exp $");#include <openssl/evp.h>#include <openssl/err.h>#include "ssh.h"#include "ssh1.h"#include "ssh2.h"#include "compat.h"#include "cipher.h"#include "xmalloc.h"#include "packet.h"#include "buffer.h"#include "channels.h"#include "key.h"#include "authfd.h"#include "authfile.h"#include "pathnames.h"#include "clientloop.h"#include "log.h"#include "readconf.h"#include "sshconnect.h"#include "tildexpand.h"#include "dispatch.h"#include "misc.h"#include "kex.h"#include "mac.h"#include "sshtty.h"#ifdef SMARTCARD#include "scard.h"#endifextern char *__progname;/* Flag indicating whether IPv4 or IPv6.  This can be set on the command line.   Default value is AF_UNSPEC means both IPv4 and IPv6. */int IPv4or6 = AF_UNSPEC;/* Flag indicating whether debug mode is on.  This can be set on the command line. */int debug_flag = 0;/* Flag indicating whether a tty should be allocated */int tty_flag = 0;int no_tty_flag = 0;int force_tty_flag = 0;/* don't exec a shell */int no_shell_flag = 0;/* * Flag indicating that nothing should be read from stdin.  This can be set * on the command line. */int stdin_null_flag = 0;/* * Flag indicating that ssh should fork after authentication.  This is useful * so that the passphrase can be entered manually, and then ssh goes to the * background. */int fork_after_authentication_flag = 0;/* * General data structure for command line options and options configurable * in configuration files.  See readconf.h. */Options options;/* optional user configfile */char *config = NULL;/* * Name of the host we are connecting to.  This is the name given on the * command line, or the HostName specified for the user-supplied name in a * configuration file. */char *host;/* socket address the host resolves to */struct sockaddr_storage hostaddr;/* Private host keys. */Sensitive sensitive_data;/* Original real UID. */uid_t original_real_uid;uid_t original_effective_uid;/* command to be executed */Buffer command;/* Should we execute a command or invoke a subsystem? */int subsystem_flag = 0;/* # of replies received for global requests */static int client_global_request_id = 0;/* pid of proxycommand child process */pid_t proxy_command_pid = 0;/* Prints a help message to the user.  This function never returns. */static voidusage(void){	fprintf(stderr, "Usage: %s [options] host [command]\n", __progname);	fprintf(stderr, "Options:\n");	fprintf(stderr, "  -l user     Log in using this user name.\n");	fprintf(stderr, "  -n          Redirect input from " _PATH_DEVNULL ".\n");	fprintf(stderr, "  -F config   Config file (default: ~/%s).\n",	     _PATH_SSH_USER_CONFFILE);	fprintf(stderr, "  -A          Enable authentication agent forwarding.\n");	fprintf(stderr, "  -a          Disable authentication agent forwarding (default).\n");#ifdef AFS	fprintf(stderr, "  -k          Disable Kerberos ticket and AFS token forwarding.\n");#endif				/* AFS */	fprintf(stderr, "  -X          Enable X11 connection forwarding.\n");	fprintf(stderr, "  -x          Disable X11 connection forwarding (default).\n");	fprintf(stderr, "  -i file     Identity for public key authentication "	    "(default: ~/.ssh/identity)\n");#ifdef SMARTCARD	fprintf(stderr, "  -I reader   Set smartcard reader.\n");#endif	fprintf(stderr, "  -t          Tty; allocate a tty even if command is given.\n");	fprintf(stderr, "  -T          Do not allocate a tty.\n");	fprintf(stderr, "  -v          Verbose; display verbose debugging messages.\n");	fprintf(stderr, "              Multiple -v increases verbosity.\n");	fprintf(stderr, "  -V          Display version number only.\n");	fprintf(stderr, "  -q          Quiet; don't display any warning messages.\n");	fprintf(stderr, "  -f          Fork into background after authentication.\n");	fprintf(stderr, "  -e char     Set escape character; ``none'' = disable (default: ~).\n");	fprintf(stderr, "  -c cipher   Select encryption algorithm\n");	fprintf(stderr, "  -m macs     Specify MAC algorithms for protocol version 2.\n");	fprintf(stderr, "  -p port     Connect to this port.  Server must be on the same port.\n");	fprintf(stderr, "  -L listen-port:host:port   Forward local port to remote address\n");	fprintf(stderr, "  -R listen-port:host:port   Forward remote port to local address\n");	fprintf(stderr, "              These cause %s to listen for connections on a port, and\n", __progname);	fprintf(stderr, "              forward them to the other side by connecting to host:port.\n");	fprintf(stderr, "  -D port     Enable dynamic application-level port forwarding.\n");	fprintf(stderr, "  -C          Enable compression.\n");	fprintf(stderr, "  -N          Do not execute a shell or command.\n");	fprintf(stderr, "  -g          Allow remote hosts to connect to forwarded ports.\n");	fprintf(stderr, "  -1          Force protocol version 1.\n");	fprintf(stderr, "  -2          Force protocol version 2.\n");	fprintf(stderr, "  -4          Use IPv4 only.\n");	fprintf(stderr, "  -6          Use IPv6 only.\n");	fprintf(stderr, "  -o 'option' Process the option as if it was read from a configuration file.\n");	fprintf(stderr, "  -s          Invoke command (mandatory) as SSH2 subsystem.\n");	fprintf(stderr, "  -b addr     Local IP address.\n");	exit(1);}static int ssh_session(void);static int ssh_session2(void);static void load_public_identity_files(void);/* * Main program for the ssh client. */intmain(int ac, char **av){	int i, opt, exit_status;	u_short fwd_port, fwd_host_port;	char sfwd_port[6], sfwd_host_port[6];	char *p, *cp, buf[256];	struct stat st;	struct passwd *pw;	int dummy;	extern int optind, optreset;	extern char *optarg;	/*	 * Save the original real uid.  It will be needed later (uid-swapping	 * may clobber the real uid).	 */	original_real_uid = getuid();	original_effective_uid = geteuid();	/*	 * Use uid-swapping to give up root privileges for the duration of	 * option processing.  We will re-instantiate the rights when we are	 * ready to create the privileged port, and will permanently drop	 * them when the port has been created (actually, when the connection	 * has been made, as we may need to create the port several times).	 */	PRIV_END;	/* If we are installed setuid root be careful to not drop core. */	if (original_real_uid != original_effective_uid) {		struct rlimit rlim;		rlim.rlim_cur = rlim.rlim_max = 0;		if (setrlimit(RLIMIT_CORE, &rlim) < 0)			fatal("setrlimit failed: %.100s", strerror(errno));	}	/* Get user data. */	pw = getpwuid(original_real_uid);	if (!pw) {		log("You don't exist, go away!");		exit(1);	}	/* Take a copy of the returned structure. */	pw = pwcopy(pw);	/*	 * Set our umask to something reasonable, as some files are created	 * with the default umask.  This will make them world-readable but	 * writable only by the owner, which is ok for all files for which we	 * don't set the modes explicitly.	 */	umask(022);	/* Initialize option structure to indicate that no values have been set. */	initialize_options(&options);	/* Parse command-line arguments. */	host = NULL;again:	while ((opt = getopt(ac, av,	    "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:NPR:TVX")) != -1) {		switch (opt) {		case '1':			options.protocol = SSH_PROTO_1;			break;		case '2':			options.protocol = SSH_PROTO_2;			break;		case '4':			IPv4or6 = AF_INET;			break;		case '6':			IPv4or6 = AF_INET6;			break;		case 'n':			stdin_null_flag = 1;			break;		case 'f':			fork_after_authentication_flag = 1;			stdin_null_flag = 1;			break;		case 'x':			options.forward_x11 = 0;			break;		case 'X':			options.forward_x11 = 1;			break;		case 'g':			options.gateway_ports = 1;			break;		case 'P':	/* deprecated */			options.use_privileged_port = 0;			break;		case 'a':			options.forward_agent = 0;			break;		case 'A':			options.forward_agent = 1;			break;#ifdef AFS		case 'k':			options.kerberos_tgt_passing = 0;			options.afs_token_passing = 0;			break;#endif		case 'i':			if (stat(optarg, &st) < 0) {				fprintf(stderr, "Warning: Identity file %s "				    "does not exist.\n", optarg);				break;			}			if (options.num_identity_files >=			    SSH_MAX_IDENTITY_FILES)				fatal("Too many identity files specified "				    "(max %d)", SSH_MAX_IDENTITY_FILES);			options.identity_files[options.num_identity_files++] =			    xstrdup(optarg);			break;		case 'I':#ifdef SMARTCARD			options.smartcard_device = xstrdup(optarg);#else			fprintf(stderr, "no support for smartcards.\n");#endif			break;		case 't':			if (tty_flag)				force_tty_flag = 1;			tty_flag = 1;			break;		case 'v':			if (0 == debug_flag) {				debug_flag = 1;				options.log_level = SYSLOG_LEVEL_DEBUG1;			} else if (options.log_level < SYSLOG_LEVEL_DEBUG3) {				options.log_level++;				break;			} else				fatal("Too high debugging level.");			/* fallthrough */		case 'V':			fprintf(stderr,			    "%s, SSH protocols %d.%d/%d.%d, OpenSSL 0x%8.8lx\n",			    SSH_VERSION,			    PROTOCOL_MAJOR_1, PROTOCOL_MINOR_1,			    PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2,			    SSLeay());			if (opt == 'V')				exit(0);			break;		case 'q':			options.log_level = SYSLOG_LEVEL_QUIET;			break;		case 'e':			if (optarg[0] == '^' && optarg[2] == 0 &&			    (u_char) optarg[1] >= 64 &&			    (u_char) optarg[1] < 128)				options.escape_char = (u_char) optarg[1] & 31;			else if (strlen(optarg) == 1)				options.escape_char = (u_char) optarg[0];			else if (strcmp(optarg, "none") == 0)				options.escape_char = SSH_ESCAPECHAR_NONE;			else {				fprintf(stderr, "Bad escape character '%s'.\n",				    optarg);				exit(1);			}			break;		case 'c':			if (ciphers_valid(optarg)) {				/* SSH2 only */				options.ciphers = xstrdup(optarg);				options.cipher = SSH_CIPHER_ILLEGAL;			} else {				/* SSH1 only */				options.cipher = cipher_number(optarg);				if (options.cipher == -1) {					fprintf(stderr,					    "Unknown cipher type '%s'\n",					    optarg);					exit(1);				}				if (options.cipher == SSH_CIPHER_3DES)					options.ciphers = "3des-cbc";				else if (options.cipher == SSH_CIPHER_BLOWFISH)					options.ciphers = "blowfish-cbc";				else					options.ciphers = (char *)-1;			}			break;