* one of the file descriptors).

 * one of the file descriptors).

 */

 */

client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,

client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,

    int *maxfdp, int *nallocp, int rekeying)

    int *maxfdp, int *nallocp, int rekeying)

{

{

	/* Add any selections by the channel mechanism. */

	/* Add any selections by the channel mechanism. */

	channel_prepare_select(readsetp, writesetp, maxfdp, nallocp, rekeying);

	channel_prepare_select(readsetp, writesetp, maxfdp, nallocp, rekeying);

			/* clear mask since we did not call select() */

			/* clear mask since we did not call select() */

			memset(*readsetp, 0, *nallocp);

			memset(*readsetp, 0, *nallocp);

			memset(*writesetp, 0, *nallocp);

			memset(*writesetp, 0, *nallocp);

		} else {

		} else {

			FD_SET(connection_in, *readsetp);

			FD_SET(connection_in, *readsetp);

		}

		}

	 * SSH_MSG_IGNORE packet when the timeout expires.

	 * SSH_MSG_IGNORE packet when the timeout expires.

	 */

	 */

		char buf[100];

		char buf[100];

		/*

		/*

		memset(*writesetp, 0, *nallocp);

		memset(*writesetp, 0, *nallocp);

		if (errno == EINTR)

		if (errno == EINTR)

		/* Note: we might still have data in the buffers. */

		/* Note: we might still have data in the buffers. */

		snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno));

		snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno));

		buffer_append(&stderr_buffer, buf, strlen(buf));

		buffer_append(&stderr_buffer, buf, strlen(buf));

		quit_pending = 1;

		quit_pending = 1;

	}

	}

}

}

static void

static void

{

{

	fd_set *readset = NULL, *writeset = NULL;

	fd_set *readset = NULL, *writeset = NULL;

	double start_time, total_time;

	double start_time, total_time;

	int max_fd = 0, max_fd2 = 0, len, rekeying = 0, nalloc = 0;

	int max_fd = 0, max_fd2 = 0, len, rekeying = 0, nalloc = 0;

	char buf[100];

	char buf[100];

		 * available on one of the descriptors).

		 * available on one of the descriptors).

		 */

		 */

		max_fd2 = max_fd;

		max_fd2 = max_fd;

		    &max_fd2, &nalloc, rekeying);

		    &max_fd2, &nalloc, rekeying);

		if (quit_pending)

		if (quit_pending)

		if (quit_pending)

		if (quit_pending)

			break;

			break;

		if (!compat20) {

		if (!compat20) {

			/* Buffer data from stdin */

			/* Buffer data from stdin */

 */

 */

static int connection_in = -1;

static int connection_in = -1;

static int connection_out = -1;

static int connection_out = -1;

/* Protocol flags for the remote side. */

/* Protocol flags for the remote side. */

static u_int remote_protocol_flags = 0;

static u_int remote_protocol_flags = 0;

 * packet_set_encryption_key is called.

 * packet_set_encryption_key is called.

 */

 */

void

void

{

{

	Cipher *none = cipher_by_name("none");

	Cipher *none = cipher_by_name("none");

	if (none == NULL)

	if (none == NULL)

		fatal("packet_set_connection: cannot load cipher 'none'");

		fatal("packet_set_connection: cannot load cipher 'none'");

	connection_in = fd_in;

	connection_in = fd_in;

	connection_out = fd_out;

	connection_out = fd_out;

	cipher_init(&send_context, none, (u_char *) "", 0, NULL, 0);

	cipher_init(&send_context, none, (u_char *) "", 0, NULL, 0);

	cipher_init(&receive_context, none, (u_char *) "", 0, NULL, 0);

	cipher_init(&receive_context, none, (u_char *) "", 0, NULL, 0);

	newkeys[MODE_IN] = newkeys[MODE_OUT] = NULL;

	newkeys[MODE_IN] = newkeys[MODE_OUT] = NULL;

	int type, len;

	int type, len;

	fd_set *setp;

	fd_set *setp;

	char buf[8192];

	char buf[8192];

	DBG(debug("packet_read()"));

	DBG(debug("packet_read()"));

	setp = (fd_set *)xmalloc(howmany(connection_in+1, NFDBITS) *

	setp = (fd_set *)xmalloc(howmany(connection_in+1, NFDBITS) *

		    sizeof(fd_mask));

		    sizeof(fd_mask));

		FD_SET(connection_in, setp);

		FD_SET(connection_in, setp);

		/* Wait for some data to arrive. */

		/* Wait for some data to arrive. */

		    (errno == EAGAIN || errno == EINTR))

		    (errno == EAGAIN || errno == EINTR))

			;

			;

		/* Read data from the socket. */

		/* Read data from the socket. */

		len = read(connection_in, buf, sizeof(buf));

		len = read(connection_in, buf, sizeof(buf));

#include <openssl/bn.h>

#include <openssl/bn.h>

void     packet_set_nonblocking(void);

void     packet_set_nonblocking(void);

int      packet_get_connection_in(void);

int      packet_get_connection_in(void);

int      packet_get_connection_out(void);

int      packet_get_connection_out(void);

     UseRsh no

     UseRsh no

     StrictHostKeyChecking yes

     StrictHostKeyChecking yes

     KeepAlives no

     KeepAlives no

     IdentityFile ~/.ssh/identity

     IdentityFile ~/.ssh/identity

     Port 22

     Port 22

     EscapeChar ~

     EscapeChar ~

	oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,

	oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,

	oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,

	oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,

	oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,

	oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,

} OpCodes;

} OpCodes;

/* Textual representations of the tokens. */

/* Textual representations of the tokens. */

	{ "smartcarddevice", oSmartcardDevice },

	{ "smartcarddevice", oSmartcardDevice },

	{ "clearallforwardings", oClearAllForwardings }, 

	{ "clearallforwardings", oClearAllForwardings }, 

	{ "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, 

	{ "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, 

	{ NULL, 0 }

	{ NULL, 0 }

};

};

		intptr = &options->no_host_authentication_for_localhost;

		intptr = &options->no_host_authentication_for_localhost;

		goto parse_flag;

		goto parse_flag;

	case oNumberOfPasswordPrompts:

	case oNumberOfPasswordPrompts:

		intptr = &options->number_of_password_prompts;

		intptr = &options->number_of_password_prompts;

		goto parse_int;

		goto parse_int;

	options->strict_host_key_checking = -1;

	options->strict_host_key_checking = -1;

	options->compression = -1;

	options->compression = -1;

	options->keepalives = -1;

	options->keepalives = -1;

	options->compression_level = -1;

	options->compression_level = -1;

	options->port = -1;

	options->port = -1;

	options->connection_attempts = -1;

	options->connection_attempts = -1;

		options->compression = 0;

		options->compression = 0;

	if (options->keepalives == -1)

	if (options->keepalives == -1)

		options->keepalives = 1;

		options->keepalives = 1;

	if (options->compression_level == -1)

	if (options->compression_level == -1)

		options->compression_level = 6;

		options->compression_level = 6;

	if (options->port == -1)

	if (options->port == -1)

	int     compression_level;	/* Compression level 1 (fast) to 9

	int     compression_level;	/* Compression level 1 (fast) to 9

					 * (best). */

					 * (best). */

	int     keepalives;	/* Set SO_KEEPALIVE. */

	int     keepalives;	/* Set SO_KEEPALIVE. */

	LogLevel log_level;	/* Level for logging. */

	LogLevel log_level;	/* Level for logging. */

	int     port;		/* Port to connect. */

	int     port;		/* Port to connect. */

{

{

	int j;

	int j;

	enable_compat20();

	enable_compat20();

	myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = c->c_keytype == KT_DSA?

	myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = c->c_keytype == KT_DSA?

	    "ssh-dss": "ssh-rsa";

	    "ssh-dss": "ssh-rsa";

If set to

If set to

.Dq yes ,

.Dq yes ,

passphrase/password querying will be disabled.

passphrase/password querying will be disabled.

This option is useful in scripts and other batch jobs where no user

This option is useful in scripts and other batch jobs where no user

The argument must be

The argument must be

.Dq yes

.Dq yes

or

or

Specifies whether the system should send keepalive messages to the

Specifies whether the system should send keepalive messages to the

other side.

other side.

If they are sent, death of the connection or crash of one

If they are sent, death of the connection or crash of one

However, this means that

However, this means that

connections will die if the route is down temporarily, and some people

connections will die if the route is down temporarily, and some people

find it annoying.

find it annoying.

.Nm

.Nm

tries version 2 and falls back to version 1

tries version 2 and falls back to version 1

if version 2 is not available.

if version 2 is not available.

.It Cm ProxyCommand

.It Cm ProxyCommand

Specifies the command to use to connect to the server.

Specifies the command to use to connect to the server.

The command

The command

.Dq no .

.Dq no .

The default is

The default is

.Dq yes .

.Dq yes .

.It Cm SmartcardDevice

.It Cm SmartcardDevice

Specifies which smartcard device to use. The argument to this keyword is

Specifies which smartcard device to use. The argument to this keyword is

the device

the device

#define INET6_ADDRSTRLEN 46

#define INET6_ADDRSTRLEN 46

#endif

#endif

static const char *

static const char *

sockaddr_ntop(struct sockaddr *sa)

sockaddr_ntop(struct sockaddr *sa)

{

{

	return addrbuf;

	return addrbuf;

}

}

/*

/*

 * Connect to the given ssh server using a proxy command.

 * Connect to the given ssh server using a proxy command.

 */

 */

	buffer_free(&command);

	buffer_free(&command);

	/* Set the connection file descriptors. */

	/* Set the connection file descriptors. */

	/* Indicate OK return */

	/* Indicate OK return */

	return 0;

	return 0;

		error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));

		error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));

	/* Set the connection. */

	/* Set the connection. */

	return 0;

	return 0;

}

}

	int connection_in = packet_get_connection_in();

	int connection_in = packet_get_connection_in();

	int connection_out = packet_get_connection_out();

	int connection_out = packet_get_connection_out();

	int minor1 = PROTOCOL_MINOR_1;

	int minor1 = PROTOCOL_MINOR_1;

	for (;;) {

	for (;;) {

				fatal("ssh_exchange_identification: read: %.100s", strerror(errno));

				fatal("ssh_exchange_identification: read: %.100s", strerror(errno));

			if (len != 1)

			if (len != 1)

				fatal("ssh_exchange_identification: Connection closed by remote host");

				fatal("ssh_exchange_identification: Connection closed by remote host");

			if (buf[i] == '\n') {

			if (buf[i] == '\n') {

				buf[i + 1] = 0;

				buf[i + 1] = 0;

				break;

				break;

			}

			}

		}

		}

		buf[sizeof(buf) - 1] = 0;

		buf[sizeof(buf) - 1] = 0;

		if (strncmp(buf, "SSH-", 4) == 0)

		if (strncmp(buf, "SSH-", 4) == 0)

		debug("ssh_exchange_identification: %s", buf);

		debug("ssh_exchange_identification: %s", buf);

	}

	}

	server_version_string = xstrdup(buf);

	server_version_string = xstrdup(buf);

	/*

	/*

	 * Check that the versions match.  In future this might accept

	 * Check that the versions match.  In future this might accept

	 * Register our connection.  This turns encryption off because we do

	 * Register our connection.  This turns encryption off because we do

	 * not have a key.

	 * not have a key.

	 */

	 */

	remote_port = get_remote_port();

	remote_port = get_remote_port();

	remote_ip = get_remote_ipaddr();

	remote_ip = get_remote_ipaddr();