diff options
author | Darren Tucker <dtucker@zip.com.au> | 2013-05-16 20:29:28 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2013-05-16 20:29:28 +1000 |
commit | 5f96f3b4bee11ae2b9b32ff9b881c3693e210f96 (patch) | |
tree | 1e1c647e73e447b06b194b38b5d39e95aec8bef9 /serverloop.c | |
parent | c53c2af173cf67fd1c26f98e7900299b1b65b6ec (diff) |
- dtucker@cvs.openbsd.org 2013/05/16 04:09:14
[sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config
sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing
rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man
page.
Diffstat (limited to 'serverloop.c')
-rw-r--r-- | serverloop.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/serverloop.c b/serverloop.c index e224bd08a..595899f61 100644 --- a/serverloop.c +++ b/serverloop.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: serverloop.c,v 1.164 2012/12/07 01:51:35 dtucker Exp $ */ | 1 | /* $OpenBSD: serverloop.c,v 1.165 2013/05/16 04:09:14 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -277,7 +277,7 @@ client_alive_check(void) | |||
277 | */ | 277 | */ |
278 | static void | 278 | static void |
279 | wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp, | 279 | wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp, |
280 | u_int *nallocp, u_int max_time_milliseconds) | 280 | u_int *nallocp, u_int64_t max_time_milliseconds) |
281 | { | 281 | { |
282 | struct timeval tv, *tvp; | 282 | struct timeval tv, *tvp; |
283 | int ret; | 283 | int ret; |
@@ -563,7 +563,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) | |||
563 | int wait_status; /* Status returned by wait(). */ | 563 | int wait_status; /* Status returned by wait(). */ |
564 | pid_t wait_pid; /* pid returned by wait(). */ | 564 | pid_t wait_pid; /* pid returned by wait(). */ |
565 | int waiting_termination = 0; /* Have displayed waiting close message. */ | 565 | int waiting_termination = 0; /* Have displayed waiting close message. */ |
566 | u_int max_time_milliseconds; | 566 | u_int64_t max_time_milliseconds; |
567 | u_int previous_stdout_buffer_bytes; | 567 | u_int previous_stdout_buffer_bytes; |
568 | u_int stdout_buffer_bytes; | 568 | u_int stdout_buffer_bytes; |
569 | int type; | 569 | int type; |
@@ -826,6 +826,7 @@ server_loop2(Authctxt *authctxt) | |||
826 | { | 826 | { |
827 | fd_set *readset = NULL, *writeset = NULL; | 827 | fd_set *readset = NULL, *writeset = NULL; |
828 | int rekeying = 0, max_fd, nalloc = 0; | 828 | int rekeying = 0, max_fd, nalloc = 0; |
829 | u_int64_t rekey_timeout_ms = 0; | ||
829 | 830 | ||
830 | debug("Entering interactive session for SSH2."); | 831 | debug("Entering interactive session for SSH2."); |
831 | 832 | ||
@@ -854,8 +855,13 @@ server_loop2(Authctxt *authctxt) | |||
854 | 855 | ||
855 | if (!rekeying && packet_not_very_much_data_to_write()) | 856 | if (!rekeying && packet_not_very_much_data_to_write()) |
856 | channel_output_poll(); | 857 | channel_output_poll(); |
858 | if (options.rekey_interval > 0 && compat20 && !rekeying) | ||
859 | rekey_timeout_ms = packet_get_rekey_timeout() * 1000; | ||
860 | else | ||
861 | rekey_timeout_ms = 0; | ||
862 | |||
857 | wait_until_can_do_something(&readset, &writeset, &max_fd, | 863 | wait_until_can_do_something(&readset, &writeset, &max_fd, |
858 | &nalloc, 0); | 864 | &nalloc, rekey_timeout_ms); |
859 | 865 | ||
860 | if (received_sigterm) { | 866 | if (received_sigterm) { |
861 | logit("Exiting on signal %d", (int)received_sigterm); | 867 | logit("Exiting on signal %d", (int)received_sigterm); |