diff options
| author | Colin Watson <cjwatson@debian.org> | 2009-12-29 21:42:53 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2009-12-29 21:42:53 +0000 |
| commit | 87552344215a38d3a2b0d4d63dc151e05978bbe1 (patch) | |
| tree | 9f4b96055e6ccaa915e8d59d9f2805e9e119371d /monitor.c | |
| parent | a25ec0b132c44c9e341e08464ff830de06b81126 (diff) | |
| parent | ef94e5613d37bcbf880f21ee6094e4b1c7683a4c (diff) | |
import openssh-5.1p1-gsskex-cjwatson-20080722.patch
Diffstat (limited to 'monitor.c')
| -rw-r--r-- | monitor.c | 33 |
1 files changed, 23 insertions, 10 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: monitor.c,v 1.91 2007/05/17 20:52:13 djm Exp $ */ | 1 | /* $OpenBSD: monitor.c,v 1.99 2008/07/10 18:08:11 markus Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
| 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
| @@ -51,6 +51,7 @@ | |||
| 51 | 51 | ||
| 52 | #include <openssl/dh.h> | 52 | #include <openssl/dh.h> |
| 53 | 53 | ||
| 54 | #include "openbsd-compat/sys-queue.h" | ||
| 54 | #include "xmalloc.h" | 55 | #include "xmalloc.h" |
| 55 | #include "ssh.h" | 56 | #include "ssh.h" |
| 56 | #include "key.h" | 57 | #include "key.h" |
| @@ -658,11 +659,11 @@ mm_answer_pwnamallow(int sock, Buffer *m) | |||
| 658 | #endif | 659 | #endif |
| 659 | buffer_put_cstring(m, pwent->pw_dir); | 660 | buffer_put_cstring(m, pwent->pw_dir); |
| 660 | buffer_put_cstring(m, pwent->pw_shell); | 661 | buffer_put_cstring(m, pwent->pw_shell); |
| 662 | |||
| 663 | out: | ||
| 661 | buffer_put_string(m, &options, sizeof(options)); | 664 | buffer_put_string(m, &options, sizeof(options)); |
| 662 | if (options.banner != NULL) | 665 | if (options.banner != NULL) |
| 663 | buffer_put_cstring(m, options.banner); | 666 | buffer_put_cstring(m, options.banner); |
| 664 | |||
| 665 | out: | ||
| 666 | debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed); | 667 | debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed); |
| 667 | mm_request_send(sock, MONITOR_ANS_PWNAM, m); | 668 | mm_request_send(sock, MONITOR_ANS_PWNAM, m); |
| 668 | 669 | ||
| @@ -1029,6 +1030,8 @@ mm_answer_keyallowed(int sock, Buffer *m) | |||
| 1029 | allowed = options.pubkey_authentication && | 1030 | allowed = options.pubkey_authentication && |
| 1030 | user_key_allowed(authctxt->pw, key); | 1031 | user_key_allowed(authctxt->pw, key); |
| 1031 | auth_method = "publickey"; | 1032 | auth_method = "publickey"; |
| 1033 | if (options.pubkey_authentication && allowed != 1) | ||
| 1034 | auth_clear_options(); | ||
| 1032 | break; | 1035 | break; |
| 1033 | case MM_HOSTKEY: | 1036 | case MM_HOSTKEY: |
| 1034 | allowed = options.hostbased_authentication && | 1037 | allowed = options.hostbased_authentication && |
| @@ -1041,6 +1044,8 @@ mm_answer_keyallowed(int sock, Buffer *m) | |||
| 1041 | allowed = options.rhosts_rsa_authentication && | 1044 | allowed = options.rhosts_rsa_authentication && |
| 1042 | auth_rhosts_rsa_key_allowed(authctxt->pw, | 1045 | auth_rhosts_rsa_key_allowed(authctxt->pw, |
| 1043 | cuser, chost, key); | 1046 | cuser, chost, key); |
| 1047 | if (options.rhosts_rsa_authentication && allowed != 1) | ||
| 1048 | auth_clear_options(); | ||
| 1044 | auth_method = "rsa"; | 1049 | auth_method = "rsa"; |
| 1045 | break; | 1050 | break; |
| 1046 | default: | 1051 | default: |
| @@ -1070,7 +1075,7 @@ mm_answer_keyallowed(int sock, Buffer *m) | |||
| 1070 | } | 1075 | } |
| 1071 | 1076 | ||
| 1072 | debug3("%s: key %p is %s", | 1077 | debug3("%s: key %p is %s", |
| 1073 | __func__, key, allowed ? "allowed" : "disallowed"); | 1078 | __func__, key, allowed ? "allowed" : "not allowed"); |
| 1074 | 1079 | ||
| 1075 | buffer_clear(m); | 1080 | buffer_clear(m); |
| 1076 | buffer_put_int(m, allowed); | 1081 | buffer_put_int(m, allowed); |
| @@ -1287,7 +1292,7 @@ mm_session_close(Session *s) | |||
| 1287 | debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd); | 1292 | debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd); |
| 1288 | session_pty_cleanup2(s); | 1293 | session_pty_cleanup2(s); |
| 1289 | } | 1294 | } |
| 1290 | s->used = 0; | 1295 | session_unused(s->self); |
| 1291 | } | 1296 | } |
| 1292 | 1297 | ||
| 1293 | int | 1298 | int |
| @@ -1329,8 +1334,9 @@ mm_answer_pty(int sock, Buffer *m) | |||
| 1329 | 1334 | ||
| 1330 | mm_request_send(sock, MONITOR_ANS_PTY, m); | 1335 | mm_request_send(sock, MONITOR_ANS_PTY, m); |
| 1331 | 1336 | ||
| 1332 | mm_send_fd(sock, s->ptyfd); | 1337 | if (mm_send_fd(sock, s->ptyfd) == -1 || |
| 1333 | mm_send_fd(sock, s->ttyfd); | 1338 | mm_send_fd(sock, s->ttyfd) == -1) |
| 1339 | fatal("%s: send fds failed", __func__); | ||
| 1334 | 1340 | ||
| 1335 | /* make sure nothing uses fd 0 */ | 1341 | /* make sure nothing uses fd 0 */ |
| 1336 | if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0) | 1342 | if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0) |
| @@ -1561,6 +1567,11 @@ mm_answer_term(int sock, Buffer *req) | |||
| 1561 | /* The child is terminating */ | 1567 | /* The child is terminating */ |
| 1562 | session_destroy_all(&mm_session_close); | 1568 | session_destroy_all(&mm_session_close); |
| 1563 | 1569 | ||
| 1570 | #ifdef USE_PAM | ||
| 1571 | if (options.use_pam) | ||
| 1572 | sshpam_cleanup(); | ||
| 1573 | #endif | ||
| 1574 | |||
| 1564 | while (waitpid(pmonitor->m_pid, &status, 0) == -1) | 1575 | while (waitpid(pmonitor->m_pid, &status, 0) == -1) |
| 1565 | if (errno != EINTR) | 1576 | if (errno != EINTR) |
| 1566 | exit(1); | 1577 | exit(1); |
| @@ -1714,7 +1725,7 @@ mm_get_keystate(struct monitor *pmonitor) | |||
| 1714 | u_char *blob, *p; | 1725 | u_char *blob, *p; |
| 1715 | u_int bloblen, plen; | 1726 | u_int bloblen, plen; |
| 1716 | u_int32_t seqnr, packets; | 1727 | u_int32_t seqnr, packets; |
| 1717 | u_int64_t blocks; | 1728 | u_int64_t blocks, bytes; |
| 1718 | 1729 | ||
| 1719 | debug3("%s: Waiting for new keys", __func__); | 1730 | debug3("%s: Waiting for new keys", __func__); |
| 1720 | 1731 | ||
| @@ -1747,11 +1758,13 @@ mm_get_keystate(struct monitor *pmonitor) | |||
| 1747 | seqnr = buffer_get_int(&m); | 1758 | seqnr = buffer_get_int(&m); |
| 1748 | blocks = buffer_get_int64(&m); | 1759 | blocks = buffer_get_int64(&m); |
| 1749 | packets = buffer_get_int(&m); | 1760 | packets = buffer_get_int(&m); |
| 1750 | packet_set_state(MODE_OUT, seqnr, blocks, packets); | 1761 | bytes = buffer_get_int64(&m); |
| 1762 | packet_set_state(MODE_OUT, seqnr, blocks, packets, bytes); | ||
| 1751 | seqnr = buffer_get_int(&m); | 1763 | seqnr = buffer_get_int(&m); |
| 1752 | blocks = buffer_get_int64(&m); | 1764 | blocks = buffer_get_int64(&m); |
| 1753 | packets = buffer_get_int(&m); | 1765 | packets = buffer_get_int(&m); |
| 1754 | packet_set_state(MODE_IN, seqnr, blocks, packets); | 1766 | bytes = buffer_get_int64(&m); |
| 1767 | packet_set_state(MODE_IN, seqnr, blocks, packets, bytes); | ||
| 1755 | 1768 | ||
| 1756 | skip: | 1769 | skip: |
| 1757 | /* Get the key context */ | 1770 | /* Get the key context */ |