diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2013-05-16 20:29:28 +1000 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2013-05-16 20:29:28 +1000 |
| commit | 5f96f3b4bee11ae2b9b32ff9b881c3693e210f96 (patch) | |
| tree | 1e1c647e73e447b06b194b38b5d39e95aec8bef9 /serverloop.c | |
| parent | c53c2af173cf67fd1c26f98e7900299b1b65b6ec (diff) | |
- dtucker@cvs.openbsd.org 2013/05/16 04:09:14
[sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config
sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing
rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man
page.
Diffstat (limited to 'serverloop.c')
| -rw-r--r-- | serverloop.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/serverloop.c b/serverloop.c index e224bd08a..595899f61 100644 --- a/serverloop.c +++ b/serverloop.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: serverloop.c,v 1.164 2012/12/07 01:51:35 dtucker Exp $ */ | 1 | /* $OpenBSD: serverloop.c,v 1.165 2013/05/16 04:09:14 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -277,7 +277,7 @@ client_alive_check(void) | |||
| 277 | */ | 277 | */ |
| 278 | static void | 278 | static void |
| 279 | wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp, | 279 | wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp, |
| 280 | u_int *nallocp, u_int max_time_milliseconds) | 280 | u_int *nallocp, u_int64_t max_time_milliseconds) |
| 281 | { | 281 | { |
| 282 | struct timeval tv, *tvp; | 282 | struct timeval tv, *tvp; |
| 283 | int ret; | 283 | int ret; |
| @@ -563,7 +563,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) | |||
| 563 | int wait_status; /* Status returned by wait(). */ | 563 | int wait_status; /* Status returned by wait(). */ |
| 564 | pid_t wait_pid; /* pid returned by wait(). */ | 564 | pid_t wait_pid; /* pid returned by wait(). */ |
| 565 | int waiting_termination = 0; /* Have displayed waiting close message. */ | 565 | int waiting_termination = 0; /* Have displayed waiting close message. */ |
| 566 | u_int max_time_milliseconds; | 566 | u_int64_t max_time_milliseconds; |
| 567 | u_int previous_stdout_buffer_bytes; | 567 | u_int previous_stdout_buffer_bytes; |
| 568 | u_int stdout_buffer_bytes; | 568 | u_int stdout_buffer_bytes; |
| 569 | int type; | 569 | int type; |
| @@ -826,6 +826,7 @@ server_loop2(Authctxt *authctxt) | |||
| 826 | { | 826 | { |
| 827 | fd_set *readset = NULL, *writeset = NULL; | 827 | fd_set *readset = NULL, *writeset = NULL; |
| 828 | int rekeying = 0, max_fd, nalloc = 0; | 828 | int rekeying = 0, max_fd, nalloc = 0; |
| 829 | u_int64_t rekey_timeout_ms = 0; | ||
| 829 | 830 | ||
| 830 | debug("Entering interactive session for SSH2."); | 831 | debug("Entering interactive session for SSH2."); |
| 831 | 832 | ||
| @@ -854,8 +855,13 @@ server_loop2(Authctxt *authctxt) | |||
| 854 | 855 | ||
| 855 | if (!rekeying && packet_not_very_much_data_to_write()) | 856 | if (!rekeying && packet_not_very_much_data_to_write()) |
| 856 | channel_output_poll(); | 857 | channel_output_poll(); |
| 858 | if (options.rekey_interval > 0 && compat20 && !rekeying) | ||
| 859 | rekey_timeout_ms = packet_get_rekey_timeout() * 1000; | ||
| 860 | else | ||
| 861 | rekey_timeout_ms = 0; | ||
| 862 | |||
| 857 | wait_until_can_do_something(&readset, &writeset, &max_fd, | 863 | wait_until_can_do_something(&readset, &writeset, &max_fd, |
| 858 | &nalloc, 0); | 864 | &nalloc, rekey_timeout_ms); |
| 859 | 865 | ||
| 860 | if (received_sigterm) { | 866 | if (received_sigterm) { |
| 861 | logit("Exiting on signal %d", (int)received_sigterm); | 867 | logit("Exiting on signal %d", (int)received_sigterm); |