diff options
author | Colin Watson <cjwatson@debian.org> | 2010-03-31 10:46:28 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2010-03-31 10:46:28 +0100 |
commit | efd3d4522636ae029488c2e9730b60c88e257d2e (patch) | |
tree | 31e02ac3f16090ce8c53448677356b2b7f423683 /monitor_fdpass.c | |
parent | bbec4db36d464ea1d464a707625125f9fd5c7b5e (diff) | |
parent | d1a87e462e1db89f19cd960588d0c6b287cb5ccc (diff) |
* New upstream release (LP: #535029).
- After a transition period of about 10 years, this release disables SSH
protocol 1 by default. Clients and servers that need to use the
legacy protocol must explicitly enable it in ssh_config / sshd_config
or on the command-line.
- Remove the libsectok/OpenSC-based smartcard code and add support for
PKCS#11 tokens. This support is enabled by default in the Debian
packaging, since it now doesn't involve additional library
dependencies (closes: #231472, LP: #16918).
- Add support for certificate authentication of users and hosts using a
new, minimal OpenSSH certificate format (closes: #482806).
- Added a 'netcat mode' to ssh(1): "ssh -W host:port ...".
- Add the ability to revoke keys in sshd(8) and ssh(1). (For the Debian
package, this overlaps with the key blacklisting facility added in
openssh 1:4.7p1-9, but with different file formats and slightly
different scopes; for the moment, I've roughly merged the two.)
- Various multiplexing improvements, including support for requesting
port-forwardings via the multiplex protocol (closes: #360151).
- Allow setting an explicit umask on the sftp-server(8) commandline to
override whatever default the user has (closes: #496843).
- Many sftp client improvements, including tab-completion, more options,
and recursive transfer support for get/put (LP: #33378). The old
mget/mput commands never worked properly and have been removed
(closes: #270399, #428082).
- Do not prompt for a passphrase if we fail to open a keyfile, and log
the reason why the open failed to debug (closes: #431538).
- Prevent sftp from crashing when given a "-" without a command. Also,
allow whitespace to follow a "-" (closes: #531561).
Diffstat (limited to 'monitor_fdpass.c')
-rw-r--r-- | monitor_fdpass.c | 23 |
1 files changed, 18 insertions, 5 deletions
diff --git a/monitor_fdpass.c b/monitor_fdpass.c index 4b9a066bc..7eb6f5c6e 100644 --- a/monitor_fdpass.c +++ b/monitor_fdpass.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor_fdpass.c,v 1.18 2008/11/30 11:59:26 dtucker Exp $ */ | 1 | /* $OpenBSD: monitor_fdpass.c,v 1.19 2010/01/12 00:58:25 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 2001 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2001 Niels Provos <provos@citi.umich.edu> |
4 | * All rights reserved. | 4 | * All rights reserved. |
@@ -34,6 +34,9 @@ | |||
34 | #endif | 34 | #endif |
35 | 35 | ||
36 | #include <errno.h> | 36 | #include <errno.h> |
37 | #ifdef HAVE_POLL_H | ||
38 | #include <poll.h> | ||
39 | #endif | ||
37 | #include <string.h> | 40 | #include <string.h> |
38 | #include <stdarg.h> | 41 | #include <stdarg.h> |
39 | 42 | ||
@@ -55,6 +58,7 @@ mm_send_fd(int sock, int fd) | |||
55 | struct iovec vec; | 58 | struct iovec vec; |
56 | char ch = '\0'; | 59 | char ch = '\0'; |
57 | ssize_t n; | 60 | ssize_t n; |
61 | struct pollfd pfd; | ||
58 | 62 | ||
59 | memset(&msg, 0, sizeof(msg)); | 63 | memset(&msg, 0, sizeof(msg)); |
60 | #ifdef HAVE_ACCRIGHTS_IN_MSGHDR | 64 | #ifdef HAVE_ACCRIGHTS_IN_MSGHDR |
@@ -75,9 +79,13 @@ mm_send_fd(int sock, int fd) | |||
75 | msg.msg_iov = &vec; | 79 | msg.msg_iov = &vec; |
76 | msg.msg_iovlen = 1; | 80 | msg.msg_iovlen = 1; |
77 | 81 | ||
78 | while ((n = sendmsg(sock, &msg, 0)) == -1 && (errno == EAGAIN || | 82 | pfd.fd = sock; |
79 | errno == EINTR)) | 83 | pfd.events = POLLOUT; |
84 | while ((n = sendmsg(sock, &msg, 0)) == -1 && | ||
85 | (errno == EAGAIN || errno == EINTR)) { | ||
80 | debug3("%s: sendmsg(%d): %s", __func__, fd, strerror(errno)); | 86 | debug3("%s: sendmsg(%d): %s", __func__, fd, strerror(errno)); |
87 | (void)poll(&pfd, 1, -1); | ||
88 | } | ||
81 | if (n == -1) { | 89 | if (n == -1) { |
82 | error("%s: sendmsg(%d): %s", __func__, fd, | 90 | error("%s: sendmsg(%d): %s", __func__, fd, |
83 | strerror(errno)); | 91 | strerror(errno)); |
@@ -112,6 +120,7 @@ mm_receive_fd(int sock) | |||
112 | ssize_t n; | 120 | ssize_t n; |
113 | char ch; | 121 | char ch; |
114 | int fd; | 122 | int fd; |
123 | struct pollfd pfd; | ||
115 | 124 | ||
116 | memset(&msg, 0, sizeof(msg)); | 125 | memset(&msg, 0, sizeof(msg)); |
117 | vec.iov_base = &ch; | 126 | vec.iov_base = &ch; |
@@ -126,9 +135,13 @@ mm_receive_fd(int sock) | |||
126 | msg.msg_controllen = sizeof(cmsgbuf.buf); | 135 | msg.msg_controllen = sizeof(cmsgbuf.buf); |
127 | #endif | 136 | #endif |
128 | 137 | ||
129 | while ((n = recvmsg(sock, &msg, 0)) == -1 && (errno == EAGAIN || | 138 | pfd.fd = sock; |
130 | errno == EINTR)) | 139 | pfd.events = POLLIN; |
140 | while ((n = recvmsg(sock, &msg, 0)) == -1 && | ||
141 | (errno == EAGAIN || errno == EINTR)) { | ||
131 | debug3("%s: recvmsg: %s", __func__, strerror(errno)); | 142 | debug3("%s: recvmsg: %s", __func__, strerror(errno)); |
143 | (void)poll(&pfd, 1, -1); | ||
144 | } | ||
132 | if (n == -1) { | 145 | if (n == -1) { |
133 | error("%s: recvmsg: %s", __func__, strerror(errno)); | 146 | error("%s: recvmsg: %s", __func__, strerror(errno)); |
134 | return -1; | 147 | return -1; |