summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog6
-rw-r--r--configure.in6
-rw-r--r--ssh-agent.c4
-rw-r--r--ssh-keyscan.c12
4 files changed, 25 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog
index a727479b9..d23a7f555 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
120001227
2 - (bal) Typo in configure.in: entut?ent should be endut?ent. Suggested by
3 Takumi Yamane <yamtak@b-session.com>
4 - (bal) Checks for getrlimit(), sysconf(), and setdtablesize(). Patch
5 by Corinna Vinschen <vinschen@redhat.com>
6
120001223 720001223
2 - (bal) Fixed Makefile.in to support recompile of all ssh and sshd objects 8 - (bal) Fixed Makefile.in to support recompile of all ssh and sshd objects
3 if a change to config.h has occurred. Suggested by Gert Doering 9 if a change to config.h has occurred. Suggested by Gert Doering
diff --git a/configure.in b/configure.in
index 4601cd38b..fa93d5e1d 100644
--- a/configure.in
+++ b/configure.in
@@ -304,16 +304,16 @@ fi
304AC_CHECK_HEADERS(bstring.h endian.h floatingpoint.h getopt.h lastlog.h limits.h login.h login_cap.h maillock.h netdb.h netgroup.h netinet/in_systm.h paths.h poll.h pty.h shadow.h security/pam_appl.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h sys/poll.h sys/queue.h sys/select.h sys/stat.h sys/stropts.h sys/sysmacros.h sys/time.h sys/ttcompat.h sys/un.h stddef.h time.h ttyent.h usersec.h util.h utmp.h utmpx.h vis.h) 304AC_CHECK_HEADERS(bstring.h endian.h floatingpoint.h getopt.h lastlog.h limits.h login.h login_cap.h maillock.h netdb.h netgroup.h netinet/in_systm.h paths.h poll.h pty.h shadow.h security/pam_appl.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h sys/poll.h sys/queue.h sys/select.h sys/stat.h sys/stropts.h sys/sysmacros.h sys/time.h sys/ttcompat.h sys/un.h stddef.h time.h ttyent.h usersec.h util.h utmp.h utmpx.h vis.h)
305 305
306dnl Checks for library functions. 306dnl Checks for library functions.
307AC_CHECK_FUNCS(arc4random atexit b64_ntop bcopy bindresvport_af clock fchmod freeaddrinfo futimes gai_strerror getcwd getaddrinfo getnameinfo getrusage getttyent inet_aton inet_ntoa innetgr login_getcapbool md5_crypt memmove mkdtemp on_exit openpty realpath rresvport_af setenv seteuid setlogin setproctitle setreuid setrlimit setsid sigaction sigvec snprintf strerror strlcat strlcpy strsep strtok_r vsnprintf vhangup vis waitpid _getpty __b64_ntop) 307AC_CHECK_FUNCS(arc4random atexit b64_ntop bcopy bindresvport_af clock fchmod freeaddrinfo futimes gai_strerror getcwd getaddrinfo getnameinfo getrlimit getrusage getttyent inet_aton inet_ntoa innetgr login_getcapbool md5_crypt memmove mkdtemp on_exit openpty realpath rresvport_af setdtablesize setenv seteuid setlogin setproctitle setreuid setrlimit setsid sigaction sigvec snprintf strerror strlcat strlcpy strsep strtok_r sysconf vsnprintf vhangup vis waitpid _getpty __b64_ntop)
308dnl Checks for time functions 308dnl Checks for time functions
309AC_CHECK_FUNCS(gettimeofday time) 309AC_CHECK_FUNCS(gettimeofday time)
310dnl Checks for libutil functions 310dnl Checks for libutil functions
311AC_CHECK_FUNCS(login logout updwtmp logwtmp) 311AC_CHECK_FUNCS(login logout updwtmp logwtmp)
312dnl Checks for utmp functions 312dnl Checks for utmp functions
313AC_CHECK_FUNCS(entutent getutent getutid getutline pututline setutent) 313AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
314AC_CHECK_FUNCS(utmpname) 314AC_CHECK_FUNCS(utmpname)
315dnl Checks for utmpx functions 315dnl Checks for utmpx functions
316AC_CHECK_FUNCS(entutxent getutxent getutxid getutxline pututxline ) 316AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
317AC_CHECK_FUNCS(setutxent utmpxname) 317AC_CHECK_FUNCS(setutxent utmpxname)
318 318
319AC_CHECK_FUNC(getuserattr, 319AC_CHECK_FUNC(getuserattr,
diff --git a/ssh-agent.c b/ssh-agent.c
index 9c0a583e8..55704e492 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -674,7 +674,9 @@ main(int ac, char **av)
674 fd_set readset, writeset; 674 fd_set readset, writeset;
675 int sock, c_flag = 0, k_flag = 0, s_flag = 0, ch; 675 int sock, c_flag = 0, k_flag = 0, s_flag = 0, ch;
676 struct sockaddr_un sunaddr; 676 struct sockaddr_un sunaddr;
677#ifdef HAVE_SETRLIMIT
677 struct rlimit rlim; 678 struct rlimit rlim;
679#endif
678 pid_t pid; 680 pid_t pid;
679 char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid]; 681 char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid];
680 extern int optind; 682 extern int optind;
@@ -805,12 +807,14 @@ main(int ac, char **av)
805 close(1); 807 close(1);
806 close(2); 808 close(2);
807 809
810#ifdef HAVE_SETRLIMIT
808 /* deny core dumps, since memory contains unencrypted private keys */ 811 /* deny core dumps, since memory contains unencrypted private keys */
809 rlim.rlim_cur = rlim.rlim_max = 0; 812 rlim.rlim_cur = rlim.rlim_max = 0;
810 if (setrlimit(RLIMIT_CORE, &rlim) < 0) { 813 if (setrlimit(RLIMIT_CORE, &rlim) < 0) {
811 perror("setrlimit rlimit_core failed"); 814 perror("setrlimit rlimit_core failed");
812 cleanup_exit(1); 815 cleanup_exit(1);
813 } 816 }
817#endif
814 if (setsid() == -1) { 818 if (setsid() == -1) {
815 perror("setsid"); 819 perror("setsid");
816 cleanup_exit(1); 820 cleanup_exit(1);
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index d85cc337f..41bd733ce 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -183,6 +183,7 @@ getline(Linebuf * lb)
183static int 183static int
184fdlim_get(int hard) 184fdlim_get(int hard)
185{ 185{
186#if defined(HAVE_GETRLIMIT)
186 struct rlimit rlfd; 187 struct rlimit rlfd;
187 if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0) 188 if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0)
188 return (-1); 189 return (-1);
@@ -190,19 +191,30 @@ fdlim_get(int hard)
190 return 10000; 191 return 10000;
191 else 192 else
192 return hard ? rlfd.rlim_max : rlfd.rlim_cur; 193 return hard ? rlfd.rlim_max : rlfd.rlim_cur;
194#elif defined (HAVE_SYSCONF)
195 return sysconf (_SC_OPEN_MAX);
196#else
197 return 10000;
198#endif
193} 199}
194 200
195static int 201static int
196fdlim_set(int lim) 202fdlim_set(int lim)
197{ 203{
204#if defined(HAVE_SETRLIMIT)
198 struct rlimit rlfd; 205 struct rlimit rlfd;
206#endif
199 if (lim <= 0) 207 if (lim <= 0)
200 return (-1); 208 return (-1);
209#if defined(HAVE_SETRLIMIT)
201 if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0) 210 if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0)
202 return (-1); 211 return (-1);
203 rlfd.rlim_cur = lim; 212 rlfd.rlim_cur = lim;
204 if (setrlimit(RLIMIT_NOFILE, &rlfd) < 0) 213 if (setrlimit(RLIMIT_NOFILE, &rlfd) < 0)
205 return (-1); 214 return (-1);
215#elif defined (HAVE_SETDTABLESIZE)
216 setdtablesize (lim);
217#endif
206 return (0); 218 return (0);
207} 219}
208 220