Import openssh_7.3p1.orig.tar.gz

author: Colin Watson <cjwatson@debian.org> 2016-08-06 10:49:58 +0100
committer: Colin Watson <cjwatson@debian.org> 2016-08-06 10:49:58 +0100
commit: a8ed8d256b2e2c05b0c15565a7938028c5192277 (patch)
tree: 87abbdc914a38b43e4e5bb9581ad1f46eabbf88e /serverloop.c
parent: f0329aac23c61e1a5197d6d57349a63f459bccb0 (diff)
parent: 99522ba7ec6963a05c04a156bf20e3ba3605987c (diff)
1 files changed, 24 insertions, 23 deletions
diff --git a/serverloop.c b/serverloop.c
index 80d1db549..3563e5d42 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: serverloop.c,v 1.182 2016/02/08 10:57:07 djm Exp $ */
+/* $OpenBSD: serverloop.c,v 1.184 2016/03/07 19:02:43 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -276,7 +276,7 @@ client_alive_check(void)
 */
 static void
 wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp,
-    u_int *nallocp, u_int64_t max_time_milliseconds)
+    u_int *nallocp, u_int64_t max_time_ms)
 {
        struct timeval tv, *tvp;
        int ret;
@@ -288,9 +288,9 @@ wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp,
        channel_prepare_select(readsetp, writesetp, maxfdp, nallocp,
            &minwait_secs, 0);
+        /* XXX need proper deadline system for rekey/client alive */
        if (minwait_secs != 0)
-                max_time_milliseconds = MIN(max_time_milliseconds,
+                max_time_ms = MIN(max_time_ms, (u_int)minwait_secs * 1000);
-                    (u_int)minwait_secs * 1000);
        /*
         * if using client_alive, set the max timeout accordingly,
@@ -300,11 +300,13 @@ wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp,
         * this could be randomized somewhat to make traffic
         * analysis more difficult, but we're not doing it yet.
         */
-        if (compat20 &&
+        if (compat20 && options.client_alive_interval) {
-            max_time_milliseconds == 0 && options.client_alive_interval) {
+                uint64_t keepalive_ms =
+                    (uint64_t)options.client_alive_interval * 1000;
                client_alive_scheduled = 1;
-                max_time_milliseconds =
+                if (max_time_ms == 0 || max_time_ms > keepalive_ms)
-                    (u_int64_t)options.client_alive_interval * 1000;
+                        max_time_ms = keepalive_ms;
        }
        if (compat20) {
@@ -353,14 +355,14 @@ wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp,
         * from it, then read as much as is available and exit.
         */
        if (child_terminated && packet_not_very_much_data_to_write())
-                if (max_time_milliseconds == 0 || client_alive_scheduled)
+                if (max_time_ms == 0 || client_alive_scheduled)
-                        max_time_milliseconds = 100;
+                        max_time_ms = 100;
-        if (max_time_milliseconds == 0)
+        if (max_time_ms == 0)
                tvp = NULL;
        else {
-                tv.tv_sec = max_time_milliseconds / 1000;
+                tv.tv_sec = max_time_ms / 1000;
-                tv.tv_usec = 1000 * (max_time_milliseconds % 1000);
+                tv.tv_usec = 1000 * (max_time_ms % 1000);
                tvp = &tv;
        }
@@ -393,6 +395,7 @@ wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp,
 static void
 process_input(fd_set *readset)
 {
+        struct ssh *ssh = active_state; /* XXX */
        int len;
        char buf[16384];
@@ -400,8 +403,8 @@ process_input(fd_set *readset)
        if (FD_ISSET(connection_in, readset)) {
                len = read(connection_in, buf, sizeof(buf));
                if (len == 0) {
-                        verbose("Connection closed by %.100s",
+                        verbose("Connection closed by %.100s port %d",
-                            get_remote_ipaddr());
+                            ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
                        connection_closed = 1;
                        if (compat20)
                                return;
@@ -410,8 +413,9 @@ process_input(fd_set *readset)
                        if (errno != EINTR && errno != EAGAIN &&
                            errno != EWOULDBLOCK) {
                                verbose("Read error from remote host "
-                                    "%.100s: %.100s",
+                                    "%.100s port %d: %.100s",
-                                    get_remote_ipaddr(), strerror(errno));
+                                    ssh_remote_ipaddr(ssh),
+                                    ssh_remote_port(ssh), strerror(errno));
                                cleanup_exit(255);
                        }
                } else {
@@ -1239,12 +1243,9 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt)
                /* check permissions */
                if ((options.allow_tcp_forwarding & FORWARD_REMOTE) == 0 ||
                    no_port_forwarding_flag ||
-                    (!want_reply && fwd.listen_port == 0)
+                    (!want_reply && fwd.listen_port == 0) ||
-#ifndef NO_IPPORT_RESERVED_CONCEPT
+                    (fwd.listen_port != 0 && fwd.listen_port < IPPORT_RESERVED &&
-                    || (fwd.listen_port != 0 && fwd.listen_port < IPPORT_RESERVED &&
+                    pw->pw_uid != 0)) {
-                    pw->pw_uid != 0)
-#endif
-                    ) {
                        success = 0;
                        packet_send_debug("Server has disabled port forwarding.");
                } else {
author	Colin Watson <cjwatson@debian.org>	2016-08-06 10:49:58 +0100
committer	Colin Watson <cjwatson@debian.org>	2016-08-06 10:49:58 +0100
commit	a8ed8d256b2e2c05b0c15565a7938028c5192277 (patch)
tree	87abbdc914a38b43e4e5bb9581ad1f46eabbf88e /serverloop.c
parent	f0329aac23c61e1a5197d6d57349a63f459bccb0 (diff)
parent	99522ba7ec6963a05c04a156bf20e3ba3605987c (diff)