tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-29 08:44:52 +02:00
Code Issues Packages Projects Releases Wiki Activity

- markus@cvs.openbsd.org 2001/07/25 14:35:18

Browse Source 
[readconf.c ssh.1 ssh.c sshconnect.c]
     cleanup connect(); connection_attempts 4 -> 1; from
eivind@freebsd.org
This commit is contained in:
Ben Lindstrom 2001-08-06 21:07:11 +00:00
parent f9bedf1441
commit f9cedb9ca0
5 changed files with 72 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -32,6 +32,10 @@
- markus@cvs.openbsd.org 2001/07/25 11:59:35
[scard.c]
typo in comment
- markus@cvs.openbsd.org 2001/07/25 14:35:18
[readconf.c ssh.1 ssh.c sshconnect.c]
cleanup connect(); connection_attempts 4 -> 1; from
eivind@freebsd.org
20010803
- (djm) Fix interrupted read in entropy gatherer. Spotted by markus@ on
@ -6142,4 +6146,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
$Id: ChangeLog,v 1.1435 2001/08/06 21:05:05 mouring Exp $
$Id: ChangeLog,v 1.1436 2001/08/06 21:07:11 mouring Exp $

4
readconf.c
View File

@ -12,7 +12,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: readconf.c,v 1.83 2001/07/22 22:04:19 markus Exp $");
RCSID("$OpenBSD: readconf.c,v 1.84 2001/07/25 14:35:18 markus Exp $");
#include "ssh.h"
#include "xmalloc.h"
@ -843,7 +843,7 @@ fill_default_options(Options * options)
if (options->port == -1)
options->port = 0; /* Filled in ssh_connect. */
if (options->connection_attempts == -1)
options->connection_attempts = 4;
options->connection_attempts = 1;
if (options->number_of_password_prompts == -1)
options->number_of_password_prompts = 3;
/* Selected in ssh_login(). */

4
ssh.1
View File

@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $OpenBSD: ssh.1,v 1.123 2001/07/23 12:47:05 markus Exp $
.\" $OpenBSD: ssh.1,v 1.124 2001/07/25 14:35:18 markus Exp $
.Dd September 25, 1999
.Dt SSH 1
.Os
@ -732,7 +732,7 @@ Specifies the number of tries (one per second) to make before falling
back to rsh or exiting.
The argument must be an integer.
This may be useful in scripts if the connection sometimes fails.
The default is 4.
The default is 1.
.It Cm EscapeChar
Sets the escape character (default:
.Ql ~ ) .

29
ssh.c
View File

@ -39,7 +39,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: ssh.c,v 1.129 2001/07/11 16:29:59 markus Exp $");
RCSID("$OpenBSD: ssh.c,v 1.130 2001/07/25 14:35:18 markus Exp $");
#include <openssl/evp.h>
#include <openssl/err.h>
@ -252,7 +252,7 @@ static void load_public_identity_files(void);
int
main(int ac, char **av)
{
int i, opt, exit_status, ok;
int i, opt, exit_status, cerr;
u_short fwd_port, fwd_host_port;
char *p, *cp, buf[256];
struct stat st;
@ -666,7 +666,7 @@ again:
/* Open a connection to the remote host. */
ok = ssh_connect(host, &hostaddr, options.port,
cerr = ssh_connect(host, &hostaddr, options.port,
options.connection_attempts,
original_effective_uid != 0 || !options.use_privileged_port,
pw, options.proxy_command);
@ -679,7 +679,7 @@ again:
*/
sensitive_data.nkeys = 0;
sensitive_data.keys = NULL;
if (ok && (options.rhosts_rsa_authentication ||
if (!cerr && (options.rhosts_rsa_authentication ||
options.hostbased_authentication)) {
sensitive_data.nkeys = 3;
sensitive_data.keys = xmalloc(sensitive_data.nkeys*sizeof(Key));
@ -717,20 +717,19 @@ again:
error("Could not create directory '%.200s'.", buf);
/* Check if the connection failed, and try "rsh" if appropriate. */
if (!ok) {
if (cerr) {
if (!options.fallback_to_rsh)
exit(1);
if (options.port != 0)
log("Secure connection to %.100s on port %hu refused%.100s.",
host, options.port,
options.fallback_to_rsh ? "; reverting to insecure method" : "");
log("Secure connection to %.100s on port %hu refused; "
"reverting to insecure method",
host, options.port);
else
log("Secure connection to %.100s refused%.100s.", host,
options.fallback_to_rsh ? "; reverting to insecure method" : "");
log("Secure connection to %.100s refused; "
"reverting to insecure method.", host);
if (options.fallback_to_rsh) {
rsh_connect(host, options.user, &command);
fatal("rsh_connect returned");
}
exit(1);
rsh_connect(host, options.user, &command);
fatal("rsh_connect returned");
}
/* load options.identity_files */
load_public_identity_files();

56
sshconnect.c
View File

@ -13,7 +13,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: sshconnect.c,v 1.109 2001/06/23 15:12:21 itojun Exp $");
RCSID("$OpenBSD: sshconnect.c,v 1.110 2001/07/25 14:35:18 markus Exp $");
#include <openssl/bn.h>
@ -41,6 +41,27 @@ extern char *__progname;
/* AF_UNSPEC or AF_INET or AF_INET6 */
extern int IPv4or6;
static const char *
sockaddr_ntop(struct sockaddr *sa)
{
void *addr;
static char addrbuf[INET6_ADDRSTRLEN];
switch (sa->sa_family) {
case AF_INET:
addr = &((struct sockaddr_in *)sa)->sin_addr;
break;
case AF_INET6:
addr = &((struct sockaddr_in6 *)sa)->sin6_addr;
break;
default:
/* This case should be protected against elsewhere */
abort();
}
inet_ntop(sa->sa_family, addr, addrbuf, sizeof(addrbuf));
return addrbuf;
}
/*
* Connect to the given ssh server using a proxy command.
*/
@ -138,7 +159,8 @@ ssh_proxy_connect(const char *host, u_short port, struct passwd *pw,
/* Set the connection file descriptors. */
packet_set_connection(pout[0], pin[1]);
return 1;
/* Indicate OK return */
return 0;
}
/*
@ -208,6 +230,12 @@ ssh_create_socket(struct passwd *pw, int privileged, int family)
* second). If proxy_command is non-NULL, it specifies the command (with %h
* and %p substituted for host and port, respectively) to use to contact
* the daemon.
* Return values:
* 0 for OK
* ECONNREFUSED if we got a "Connection Refused" by the peer on any address
* ECONNABORTED if we failed without a "Connection refused"
* Suitable error messages for the connection failure will already have been
* printed.
*/
int
ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
@ -222,6 +250,12 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
struct addrinfo hints, *ai, *aitop;
struct linger linger;
struct servent *sp;
/*
* Did we get only other errors than "Connection refused" (which
* should block fallback to rsh and similar), or did we get at least
* one "Connection refused"?
*/
int full_failure = 1;
debug("ssh_connect: getuid %u geteuid %u anon %d",
(u_int) getuid(), (u_int) geteuid(), anonymous);
@ -252,8 +286,8 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
* Try to connect several times. On some machines, the first time
* will sometimes fail. In general socket code appears to behave
* quite magically on many machines.
*/
for (attempt = 0; attempt < connection_attempts; attempt++) {
*/
for (attempt = 0; ;) {
if (attempt > 0)
debug("Trying again...");
@ -280,6 +314,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
#endif
ai->ai_family);
if (sock < 0)
/* Any error is already output */
continue;
/* Connect to the host. We use the user's uid in the
@ -293,7 +328,11 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
restore_uid();
break;
} else {
debug("connect: %.100s", strerror(errno));
if (errno == ECONNREFUSED)
full_failure = 0;
log("ssh: connect to address %s port %s: %s",
sockaddr_ntop(ai->ai_addr), strport,
strerror(errno));
restore_uid();
/*
* Close the failed socket; there appear to
@ -308,6 +347,9 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
if (ai)
break; /* Successful connection. */
attempt++;
if (attempt >= connection_attempts)
break;
/* Sleep a moment before retrying. */
sleep(1);
}
@ -316,7 +358,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
/* Return failure if we didn't get a successful connection. */
if (attempt >= connection_attempts)
return 0;
return full_failure ? ECONNABORTED : ECONNREFUSED;
debug("Connection established.");
@ -338,7 +380,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
/* Set the connection. */
packet_set_connection(sock, sock);
return 1;
return 0;
}
/*