| --- a/channels.h |
| +++ b/channels.h |
| @@ -179,9 +179,9 @@ struct Channel { |
| |
| /* default window/packet sizes for tcp/x11-fwd-channel */ |
| #define CHAN_SES_PACKET_DEFAULT (32*1024) |
| -#define CHAN_SES_WINDOW_DEFAULT (64*CHAN_SES_PACKET_DEFAULT) |
| +#define CHAN_SES_WINDOW_DEFAULT (4*CHAN_SES_PACKET_DEFAULT) |
| #define CHAN_TCP_PACKET_DEFAULT (32*1024) |
| -#define CHAN_TCP_WINDOW_DEFAULT (64*CHAN_TCP_PACKET_DEFAULT) |
| +#define CHAN_TCP_WINDOW_DEFAULT (4*CHAN_TCP_PACKET_DEFAULT) |
| #define CHAN_X11_PACKET_DEFAULT (16*1024) |
| #define CHAN_X11_WINDOW_DEFAULT (4*CHAN_X11_PACKET_DEFAULT) |
| |
| --- a/ssh.c |
| +++ b/ssh.c |
| @@ -506,7 +506,7 @@ set_addrinfo_port(struct addrinfo *addrs, int port) |
| * Main program for the ssh client. |
| */ |
| int |
| -main(int ac, char **av) |
| +ssh_main(int ac, char **av, const char *subsystem) |
| { |
| struct ssh *ssh = NULL; |
| int i, r, opt, exit_status, use_syslog, direct, timeout_ms; |
| @@ -964,6 +964,21 @@ main(int ac, char **av) |
| /* Initialize the command to execute on remote host. */ |
| buffer_init(&command); |
| |
| + if (subsystem) { |
| + /* |
| + * Hijack the codeflow now that we're done parsing the command line. |
| + * We want all the flags, but none of the command line. Unless they |
| + * passed in -s themselves. |
| + */ |
| + if (!subsystem_flag) { |
| + subsystem_flag = 1; |
| + av = xcalloc(2, sizeof(*av)); |
| + av[0] = subsystem; |
| + av[1] = NULL; |
| + ac = 1; |
| + } |
| + } |
| + |
| /* |
| * Save the command to execute on the remote host in a buffer. There |
| * is no limit on the length of the command, except by the maximum |
| |
| We hack the agent code to use a fake IP address which the plugin watches for. |
| We should have the plugin deal with AF_UNIX requests instead, then we won't |
| have to hack up OpenSSH. |
| |
| --- a/authfd.c |
| +++ b/authfd.c |
| @@ -88,7 +88,10 @@ ssh_get_authentication_socket(int *fdp) |
| { |
| const char *authsocket; |
| int sock, oerrno; |
| - struct sockaddr_un sunaddr; |
| + struct sockaddr_in sunaddr; |
| + |
| + /* Magic value. Keep in sync with //ssh_client/src/file_system.cc */ |
| + static const int kSshAgentFakeIP = 0x7F010203; |
| |
| if (fdp != NULL) |
| *fdp = -1; |
| @@ -98,10 +101,10 @@ ssh_get_authentication_socket(int *fdp) |
| return SSH_ERR_AGENT_NOT_PRESENT; |
| |
| memset(&sunaddr, 0, sizeof(sunaddr)); |
| - sunaddr.sun_family = AF_UNIX; |
| - strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path)); |
| + sunaddr.sin_family = AF_INET; |
| + sunaddr.sin_addr.s_addr = htonl(kSshAgentFakeIP); |
| |
| - if ((sock = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) |
| + if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) |
| return SSH_ERR_SYSTEM_ERROR; |
| |
| /* close on exec */ |
| |
| daemonized() relies on funcs we don't implement (because we don't need them), |
| and this func is only used in sshd. disable it to avoid link failures. |
| |
| --- a/misc.c |
| +++ b/misc.c |
| @@ -1268,6 +1268,7 @@ bind_permitted(int port, uid_t uid) |
| return 1; |
| } |
| |
| +#if !defined(__pnacl__) && !defined(__nacl__) |
| /* returns 1 if process is already daemonized, 0 otherwise */ |
| int |
| daemonized(void) |
| @@ -1285,6 +1286,7 @@ daemonized(void) |
| debug3("already daemonized"); |
| return 1; |
| } |
| +#endif |
| |
| |
| /* |