diff options
| author | Damien Miller <djm@mindrot.org> | 1999-12-09 10:31:37 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 1999-12-09 10:31:37 +1100 |
| commit | 50945fa861f9b17d0cf88ec7998847bcf1c5eda6 (patch) | |
| tree | 58757427a77d5775b9aebc7f4a5cb6cf9019da2f /sshd.c | |
| parent | bf1c9b2012fadab02392126bece5d21e9ddffda6 (diff) | |
- OpenBSD CVS updates:
- [readpass.c]
avoid stdio; based on work by markus, millert, and I
- [sshd.c]
make sure the client selects a supported cipher
- [sshd.c]
fix sighup handling. accept would just restart and daemon handled
sighup only after the next connection was accepted. use poll on
listen sock now.
- [sshd.c]
make that a fatal
Diffstat (limited to 'sshd.c')
| -rw-r--r-- | sshd.c | 23 |
1 files changed, 20 insertions, 3 deletions
| @@ -11,7 +11,9 @@ | |||
| 11 | */ | 11 | */ |
| 12 | 12 | ||
| 13 | #include "includes.h" | 13 | #include "includes.h" |
| 14 | RCSID("$Id: sshd.c,v 1.36 1999/12/08 23:16:55 damien Exp $"); | 14 | RCSID("$Id: sshd.c,v 1.37 1999/12/08 23:31:37 damien Exp $"); |
| 15 | |||
| 16 | #include <poll.h> | ||
| 15 | 17 | ||
| 16 | #include "xmalloc.h" | 18 | #include "xmalloc.h" |
| 17 | #include "rsa.h" | 19 | #include "rsa.h" |
| @@ -419,6 +421,7 @@ main(int ac, char **av) | |||
| 419 | int opt, aux, sock_in, sock_out, newsock, i, pid, on = 1; | 421 | int opt, aux, sock_in, sock_out, newsock, i, pid, on = 1; |
| 420 | int remote_major, remote_minor; | 422 | int remote_major, remote_minor; |
| 421 | int silentrsa = 0; | 423 | int silentrsa = 0; |
| 424 | struct pollfd fds; | ||
| 422 | struct sockaddr_in sin; | 425 | struct sockaddr_in sin; |
| 423 | char buf[100]; /* Must not be larger than remote_version. */ | 426 | char buf[100]; /* Must not be larger than remote_version. */ |
| 424 | char remote_version[100]; /* Must be at least as big as buf. */ | 427 | char remote_version[100]; /* Must be at least as big as buf. */ |
| @@ -688,7 +691,18 @@ main(int ac, char **av) | |||
| 688 | for (;;) { | 691 | for (;;) { |
| 689 | if (received_sighup) | 692 | if (received_sighup) |
| 690 | sighup_restart(); | 693 | sighup_restart(); |
| 691 | /* Wait in accept until there is a connection. */ | 694 | /* Wait in poll until there is a connection. */ |
| 695 | memset(&fds, 0, sizeof(fds)); | ||
| 696 | fds.fd = listen_sock; | ||
| 697 | fds.events = POLLIN; | ||
| 698 | if (poll(&fds, 1, -1) == -1) { | ||
| 699 | if (errno == EINTR) | ||
| 700 | continue; | ||
| 701 | fatal("poll: %.100s", strerror(errno)); | ||
| 702 | /*NOTREACHED*/ | ||
| 703 | } | ||
| 704 | if (fds.revents == 0) | ||
| 705 | continue; | ||
| 692 | aux = sizeof(sin); | 706 | aux = sizeof(sin); |
| 693 | newsock = accept(listen_sock, (struct sockaddr *) & sin, &aux); | 707 | newsock = accept(listen_sock, (struct sockaddr *) & sin, &aux); |
| 694 | if (received_sighup) | 708 | if (received_sighup) |
| @@ -1026,9 +1040,12 @@ do_connection() | |||
| 1026 | /* Read clients reply (cipher type and session key). */ | 1040 | /* Read clients reply (cipher type and session key). */ |
| 1027 | packet_read_expect(&plen, SSH_CMSG_SESSION_KEY); | 1041 | packet_read_expect(&plen, SSH_CMSG_SESSION_KEY); |
| 1028 | 1042 | ||
| 1029 | /* Get cipher type. */ | 1043 | /* Get cipher type and check whether we accept this. */ |
| 1030 | cipher_type = packet_get_char(); | 1044 | cipher_type = packet_get_char(); |
| 1031 | 1045 | ||
| 1046 | if (!(cipher_mask() & (1 << cipher_type))) | ||
| 1047 | packet_disconnect("Warning: client selects unsupported cipher."); | ||
| 1048 | |||
| 1032 | /* Get check bytes from the packet. These must match those we | 1049 | /* Get check bytes from the packet. These must match those we |
| 1033 | sent earlier with the public key packet. */ | 1050 | sent earlier with the public key packet. */ |
| 1034 | for (i = 0; i < 8; i++) | 1051 | for (i = 0; i < 8; i++) |