/* vi: ts=8 sts=4 sw=4 * * $Id$ * * This file is part of the KDE project, module tdesu. * Copyright (C) 2000 Geert Jansen * * This is free software; you can use this library under the GNU Library * General Public License, version 2. See the file "COPYING.LIB" for the * exact licensing terms. * * ssh.cpp: Execute a program on a remote machine using ssh. */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "ssh.h" #include "kcookie.h" SshProcess::SshProcess(const TQCString &host, const TQCString &user, const TQCString &command) { m_Host = host; m_User = user; m_Command = command; m_Stub = "tdesu_stub"; srand(time(0L)); } SshProcess::~SshProcess() { } void SshProcess::setStub(const TQCString &stub) { m_Stub = stub; } int SshProcess::checkInstall(const char *password) { return exec(password, 1); } int SshProcess::checkNeedPassword() { return exec(0L, 2); } int SshProcess::exec(const char *password, int check) { if (check) setTerminal(true); QCStringList args; args += "-l"; args += m_User; args += "-o"; args += "StrictHostKeyChecking=no"; args += m_Host; args += m_Stub; if (StubProcess::exec("ssh", args) < 0) { return check ? SshNotFound : -1; } int ret = ConverseSsh(password, check); if (ret < 0) { if (!check) kdError(900) << k_lineinfo << "Conversation with ssh failed\n"; return ret; } if (check == 2) { if (ret == 1) { kill(m_Pid, SIGTERM); waitForChild(); } return ret; } if (m_bErase && password) { char *ptr = const_cast(password); const uint plen = strlen(password); for (unsigned i=0; i < plen; i++) ptr[i] = '\000'; } ret = ConverseStub(check); if (ret < 0) { if (!check) kdError(900) << k_lineinfo << "Converstation with tdesu_stub failed\n"; return ret; } else if (ret == 1) { kill(m_Pid, SIGTERM); waitForChild(); ret = SshIncorrectPassword; } if (check == 1) { waitForChild(); return 0; } setExitString("Waiting for forwarded connections to terminate"); ret = waitForChild(); return ret; } /* * Create a port forwarding for DCOP. For the remote port, we take a pseudo * random number between 10k and 50k. This is not ok, of course, but I see * no other way. There is, afaik, no security issue involved here. If the port * happens to be occupied, ssh will refuse to start. * * 14/SEP/2000: DCOP forwarding is not used anymore. */ TQCString SshProcess::dcopForward() { TQCString result; setDcopTransport("tcp"); TQCString srv = StubProcess::dcopServer(); if (srv.isEmpty()) return result; int i = srv.find('/'); if (i == -1) return result; if (srv.left(i) != "tcp") return result; int j = srv.find(':', ++i); if (j == -1) return result; TQCString host = srv.mid(i, j-i); bool ok; int port = srv.mid(++j).toInt(&ok); if (!ok) return result; m_dcopPort = 10000 + (int) ((40000.0 * rand()) / (1.0 + RAND_MAX)); result.sprintf("%d:%s:%d", m_dcopPort, host.data(), port); return result; } /* * Conversation with ssh. * If check is 0, this waits for either a "Password: " prompt, * or the header of the stub. If a prompt is received, the password is * written back. Used for running a command. * If check is 1, operation is the same as 0 except that if a stub header is * received, the stub is stopped with the "stop" command. This is used for * checking a password. * If check is 2, operation is the same as 1, except that no password is * written. The prompt is saved to m_Prompt. Used for checking the need for * a password. */ int SshProcess::ConverseSsh(const char *password, int check) { unsigned i, j, colon; TQCString line; int state = 0; while (state < 2) { line = readLine(); const uint len = line.length(); if (line.isNull()) return -1; switch (state) { case 0: // Check for "tdesu_stub" header. if (line == "tdesu_stub") { unreadLine(line); return 0; } // Match "Password: " with the regex ^[^:]+:[\w]*$. for (i=0,j=0,colon=0; i