diff options
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | configure.in | 6 | ||||
-rw-r--r-- | ssh-agent.c | 4 | ||||
-rw-r--r-- | ssh-keyscan.c | 12 |
4 files changed, 25 insertions, 3 deletions
@@ -1,3 +1,9 @@ | |||
1 | 20001227 | ||
2 | - (bal) Typo in configure.in: entut?ent should be endut?ent. Suggested by | ||
3 | Takumi Yamane <yamtak@b-session.com> | ||
4 | - (bal) Checks for getrlimit(), sysconf(), and setdtablesize(). Patch | ||
5 | by Corinna Vinschen <vinschen@redhat.com> | ||
6 | |||
1 | 20001223 | 7 | 20001223 |
2 | - (bal) Fixed Makefile.in to support recompile of all ssh and sshd objects | 8 | - (bal) Fixed Makefile.in to support recompile of all ssh and sshd objects |
3 | if a change to config.h has occurred. Suggested by Gert Doering | 9 | if a change to config.h has occurred. Suggested by Gert Doering |
diff --git a/configure.in b/configure.in index 4601cd38b..fa93d5e1d 100644 --- a/configure.in +++ b/configure.in | |||
@@ -304,16 +304,16 @@ fi | |||
304 | AC_CHECK_HEADERS(bstring.h endian.h floatingpoint.h getopt.h lastlog.h limits.h login.h login_cap.h maillock.h netdb.h netgroup.h netinet/in_systm.h paths.h poll.h pty.h shadow.h security/pam_appl.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h sys/poll.h sys/queue.h sys/select.h sys/stat.h sys/stropts.h sys/sysmacros.h sys/time.h sys/ttcompat.h sys/un.h stddef.h time.h ttyent.h usersec.h util.h utmp.h utmpx.h vis.h) | 304 | AC_CHECK_HEADERS(bstring.h endian.h floatingpoint.h getopt.h lastlog.h limits.h login.h login_cap.h maillock.h netdb.h netgroup.h netinet/in_systm.h paths.h poll.h pty.h shadow.h security/pam_appl.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h sys/poll.h sys/queue.h sys/select.h sys/stat.h sys/stropts.h sys/sysmacros.h sys/time.h sys/ttcompat.h sys/un.h stddef.h time.h ttyent.h usersec.h util.h utmp.h utmpx.h vis.h) |
305 | 305 | ||
306 | dnl Checks for library functions. | 306 | dnl Checks for library functions. |
307 | AC_CHECK_FUNCS(arc4random atexit b64_ntop bcopy bindresvport_af clock fchmod freeaddrinfo futimes gai_strerror getcwd getaddrinfo getnameinfo getrusage getttyent inet_aton inet_ntoa innetgr login_getcapbool md5_crypt memmove mkdtemp on_exit openpty realpath rresvport_af setenv seteuid setlogin setproctitle setreuid setrlimit setsid sigaction sigvec snprintf strerror strlcat strlcpy strsep strtok_r vsnprintf vhangup vis waitpid _getpty __b64_ntop) | 307 | AC_CHECK_FUNCS(arc4random atexit b64_ntop bcopy bindresvport_af clock fchmod freeaddrinfo futimes gai_strerror getcwd getaddrinfo getnameinfo getrlimit getrusage getttyent inet_aton inet_ntoa innetgr login_getcapbool md5_crypt memmove mkdtemp on_exit openpty realpath rresvport_af setdtablesize setenv seteuid setlogin setproctitle setreuid setrlimit setsid sigaction sigvec snprintf strerror strlcat strlcpy strsep strtok_r sysconf vsnprintf vhangup vis waitpid _getpty __b64_ntop) |
308 | dnl Checks for time functions | 308 | dnl Checks for time functions |
309 | AC_CHECK_FUNCS(gettimeofday time) | 309 | AC_CHECK_FUNCS(gettimeofday time) |
310 | dnl Checks for libutil functions | 310 | dnl Checks for libutil functions |
311 | AC_CHECK_FUNCS(login logout updwtmp logwtmp) | 311 | AC_CHECK_FUNCS(login logout updwtmp logwtmp) |
312 | dnl Checks for utmp functions | 312 | dnl Checks for utmp functions |
313 | AC_CHECK_FUNCS(entutent getutent getutid getutline pututline setutent) | 313 | AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent) |
314 | AC_CHECK_FUNCS(utmpname) | 314 | AC_CHECK_FUNCS(utmpname) |
315 | dnl Checks for utmpx functions | 315 | dnl Checks for utmpx functions |
316 | AC_CHECK_FUNCS(entutxent getutxent getutxid getutxline pututxline ) | 316 | AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline ) |
317 | AC_CHECK_FUNCS(setutxent utmpxname) | 317 | AC_CHECK_FUNCS(setutxent utmpxname) |
318 | 318 | ||
319 | AC_CHECK_FUNC(getuserattr, | 319 | AC_CHECK_FUNC(getuserattr, |
diff --git a/ssh-agent.c b/ssh-agent.c index 9c0a583e8..55704e492 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
@@ -674,7 +674,9 @@ main(int ac, char **av) | |||
674 | fd_set readset, writeset; | 674 | fd_set readset, writeset; |
675 | int sock, c_flag = 0, k_flag = 0, s_flag = 0, ch; | 675 | int sock, c_flag = 0, k_flag = 0, s_flag = 0, ch; |
676 | struct sockaddr_un sunaddr; | 676 | struct sockaddr_un sunaddr; |
677 | #ifdef HAVE_SETRLIMIT | ||
677 | struct rlimit rlim; | 678 | struct rlimit rlim; |
679 | #endif | ||
678 | pid_t pid; | 680 | pid_t pid; |
679 | char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid]; | 681 | char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid]; |
680 | extern int optind; | 682 | extern int optind; |
@@ -805,12 +807,14 @@ main(int ac, char **av) | |||
805 | close(1); | 807 | close(1); |
806 | close(2); | 808 | close(2); |
807 | 809 | ||
810 | #ifdef HAVE_SETRLIMIT | ||
808 | /* deny core dumps, since memory contains unencrypted private keys */ | 811 | /* deny core dumps, since memory contains unencrypted private keys */ |
809 | rlim.rlim_cur = rlim.rlim_max = 0; | 812 | rlim.rlim_cur = rlim.rlim_max = 0; |
810 | if (setrlimit(RLIMIT_CORE, &rlim) < 0) { | 813 | if (setrlimit(RLIMIT_CORE, &rlim) < 0) { |
811 | perror("setrlimit rlimit_core failed"); | 814 | perror("setrlimit rlimit_core failed"); |
812 | cleanup_exit(1); | 815 | cleanup_exit(1); |
813 | } | 816 | } |
817 | #endif | ||
814 | if (setsid() == -1) { | 818 | if (setsid() == -1) { |
815 | perror("setsid"); | 819 | perror("setsid"); |
816 | cleanup_exit(1); | 820 | cleanup_exit(1); |
diff --git a/ssh-keyscan.c b/ssh-keyscan.c index d85cc337f..41bd733ce 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c | |||
@@ -183,6 +183,7 @@ getline(Linebuf * lb) | |||
183 | static int | 183 | static int |
184 | fdlim_get(int hard) | 184 | fdlim_get(int hard) |
185 | { | 185 | { |
186 | #if defined(HAVE_GETRLIMIT) | ||
186 | struct rlimit rlfd; | 187 | struct rlimit rlfd; |
187 | if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0) | 188 | if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0) |
188 | return (-1); | 189 | return (-1); |
@@ -190,19 +191,30 @@ fdlim_get(int hard) | |||
190 | return 10000; | 191 | return 10000; |
191 | else | 192 | else |
192 | return hard ? rlfd.rlim_max : rlfd.rlim_cur; | 193 | return hard ? rlfd.rlim_max : rlfd.rlim_cur; |
194 | #elif defined (HAVE_SYSCONF) | ||
195 | return sysconf (_SC_OPEN_MAX); | ||
196 | #else | ||
197 | return 10000; | ||
198 | #endif | ||
193 | } | 199 | } |
194 | 200 | ||
195 | static int | 201 | static int |
196 | fdlim_set(int lim) | 202 | fdlim_set(int lim) |
197 | { | 203 | { |
204 | #if defined(HAVE_SETRLIMIT) | ||
198 | struct rlimit rlfd; | 205 | struct rlimit rlfd; |
206 | #endif | ||
199 | if (lim <= 0) | 207 | if (lim <= 0) |
200 | return (-1); | 208 | return (-1); |
209 | #if defined(HAVE_SETRLIMIT) | ||
201 | if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0) | 210 | if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0) |
202 | return (-1); | 211 | return (-1); |
203 | rlfd.rlim_cur = lim; | 212 | rlfd.rlim_cur = lim; |
204 | if (setrlimit(RLIMIT_NOFILE, &rlfd) < 0) | 213 | if (setrlimit(RLIMIT_NOFILE, &rlfd) < 0) |
205 | return (-1); | 214 | return (-1); |
215 | #elif defined (HAVE_SETDTABLESIZE) | ||
216 | setdtablesize (lim); | ||
217 | #endif | ||
206 | return (0); | 218 | return (0); |
207 | } | 219 | } |
208 | 220 | ||