diff options
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | acconfig.h | 5 | ||||
-rw-r--r-- | configure.ac | 27 | ||||
-rw-r--r-- | monitor_mm.c | 10 | ||||
-rw-r--r-- | openbsd-compat/Makefile.in | 4 | ||||
-rw-r--r-- | openbsd-compat/xmmap.c | 65 | ||||
-rw-r--r-- | servconf.c | 2 |
7 files changed, 77 insertions, 42 deletions
@@ -1,5 +1,9 @@ | |||
1 | 20020714 | 1 | 20020714 |
2 | - (tim) [Makefile.in] replace "id sshd" with "sshd -t" | 2 | - (tim) [Makefile.in] replace "id sshd" with "sshd -t" |
3 | - (bal/tim) [acconfig.h configure.ac monitor_mm.c servconf.c | ||
4 | openbsd-compat/Makefile.in] support compression on platforms that | ||
5 | have no/broken MAP_ANON. Moved code to openbsd-compat/xmmap.c | ||
6 | Based on patch from nalin@redhat.com of code extracted from Owl's package | ||
3 | 7 | ||
4 | 20020712 | 8 | 20020712 |
5 | - (tim) [Makefile.in] quiet down install-files: and check-user: | 9 | - (tim) [Makefile.in] quiet down install-files: and check-user: |
@@ -1352,4 +1356,4 @@ | |||
1352 | - (stevesk) entropy.c: typo in debug message | 1356 | - (stevesk) entropy.c: typo in debug message |
1353 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ | 1357 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ |
1354 | 1358 | ||
1355 | $Id: ChangeLog,v 1.2362 2002/07/14 17:02:20 tim Exp $ | 1359 | $Id: ChangeLog,v 1.2363 2002/07/14 20:36:49 tim Exp $ |
diff --git a/acconfig.h b/acconfig.h index 147295510..f8fc650d7 100644 --- a/acconfig.h +++ b/acconfig.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: acconfig.h,v 1.143 2002/07/09 14:06:40 mouring Exp $ */ | 1 | /* $Id: acconfig.h,v 1.144 2002/07/14 20:36:50 tim Exp $ */ |
2 | 2 | ||
3 | #ifndef _CONFIG_H | 3 | #ifndef _CONFIG_H |
4 | #define _CONFIG_H | 4 | #define _CONFIG_H |
@@ -358,9 +358,6 @@ | |||
358 | /* Path that unprivileged child will chroot() to in privep mode */ | 358 | /* Path that unprivileged child will chroot() to in privep mode */ |
359 | #undef PRIVSEP_PATH | 359 | #undef PRIVSEP_PATH |
360 | 360 | ||
361 | /* Define if you have the `mmap' function that supports MAP_ANON|SHARED */ | ||
362 | #undef HAVE_MMAP_ANON_SHARED | ||
363 | |||
364 | /* Define if your platform needs to skip post auth file descriptor passing */ | 361 | /* Define if your platform needs to skip post auth file descriptor passing */ |
365 | #undef DISABLE_FD_PASSING | 362 | #undef DISABLE_FD_PASSING |
366 | 363 | ||
diff --git a/configure.ac b/configure.ac index 0c60c5e61..1fb3056e6 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: configure.ac,v 1.78 2002/07/13 01:11:25 tim Exp $ | 1 | # $Id: configure.ac,v 1.79 2002/07/14 20:36:50 tim Exp $ |
2 | 2 | ||
3 | AC_INIT | 3 | AC_INIT |
4 | AC_CONFIG_SRCDIR([ssh.c]) | 4 | AC_CONFIG_SRCDIR([ssh.c]) |
@@ -583,31 +583,6 @@ AC_CHECK_FUNCS(arc4random b64_ntop bcopy bindresvport_sa \ | |||
583 | socketpair strerror strlcat strlcpy strmode strsep sysconf tcgetpgrp \ | 583 | socketpair strerror strlcat strlcpy strmode strsep sysconf tcgetpgrp \ |
584 | truncate utimes vhangup vsnprintf waitpid __b64_ntop _getpty) | 584 | truncate utimes vhangup vsnprintf waitpid __b64_ntop _getpty) |
585 | 585 | ||
586 | if test $ac_cv_func_mmap = yes ; then | ||
587 | AC_MSG_CHECKING([for mmap anon shared]) | ||
588 | AC_TRY_RUN( | ||
589 | [ | ||
590 | #include <stdio.h> | ||
591 | #include <sys/types.h> | ||
592 | #include <sys/mman.h> | ||
593 | #if !defined(MAP_ANON) && defined(MAP_ANONYMOUS) | ||
594 | #define MAP_ANON MAP_ANONYMOUS | ||
595 | #endif | ||
596 | main() { char *p; | ||
597 | p = (char *) mmap(NULL, 10, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED, -1, 0); | ||
598 | if (p == (char *)-1) | ||
599 | exit(1); | ||
600 | exit(0); | ||
601 | } | ||
602 | ], | ||
603 | [ | ||
604 | AC_MSG_RESULT(yes) | ||
605 | AC_DEFINE(HAVE_MMAP_ANON_SHARED) | ||
606 | ], | ||
607 | [ AC_MSG_RESULT(no) ] | ||
608 | ) | ||
609 | fi | ||
610 | |||
611 | dnl IRIX and Solaris 2.5.1 have dirname() in libgen | 586 | dnl IRIX and Solaris 2.5.1 have dirname() in libgen |
612 | AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ | 587 | AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ |
613 | AC_CHECK_LIB(gen, dirname,[ | 588 | AC_CHECK_LIB(gen, dirname,[ |
diff --git a/monitor_mm.c b/monitor_mm.c index f72a180ea..fb5f2c82c 100644 --- a/monitor_mm.c +++ b/monitor_mm.c | |||
@@ -91,15 +91,9 @@ mm_create(struct mm_master *mmalloc, size_t size) | |||
91 | */ | 91 | */ |
92 | mm->mmalloc = mmalloc; | 92 | mm->mmalloc = mmalloc; |
93 | 93 | ||
94 | #ifdef HAVE_MMAP_ANON_SHARED | 94 | address = xmmap(size); |
95 | address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED, | ||
96 | -1, 0); | ||
97 | if (address == MAP_FAILED) | 95 | if (address == MAP_FAILED) |
98 | fatal("mmap(%lu): %s", (u_long)size, strerror(errno)); | 96 | fatal("mmap(%lu): %s", (u_long)size, strerror(errno)); |
99 | #else | ||
100 | fatal("%s: UsePrivilegeSeparation=yes and Compression=yes not supported", | ||
101 | __func__); | ||
102 | #endif | ||
103 | 97 | ||
104 | mm->address = address; | 98 | mm->address = address; |
105 | mm->size = size; | 99 | mm->size = size; |
@@ -137,7 +131,7 @@ mm_destroy(struct mm_master *mm) | |||
137 | mm_freelist(mm->mmalloc, &mm->rb_free); | 131 | mm_freelist(mm->mmalloc, &mm->rb_free); |
138 | mm_freelist(mm->mmalloc, &mm->rb_allocated); | 132 | mm_freelist(mm->mmalloc, &mm->rb_allocated); |
139 | 133 | ||
140 | #ifdef HAVE_MMAP_ANON_SHARED | 134 | #ifdef HAVE_MMAP |
141 | if (munmap(mm->address, mm->size) == -1) | 135 | if (munmap(mm->address, mm->size) == -1) |
142 | fatal("munmap(%p, %lu): %s", mm->address, (u_long)mm->size, | 136 | fatal("munmap(%p, %lu): %s", mm->address, (u_long)mm->size, |
143 | strerror(errno)); | 137 | strerror(errno)); |
diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in index 3e09cfefe..c365ae18f 100644 --- a/openbsd-compat/Makefile.in +++ b/openbsd-compat/Makefile.in | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: Makefile.in,v 1.21 2002/02/19 20:27:57 mouring Exp $ | 1 | # $Id: Makefile.in,v 1.22 2002/07/14 20:36:51 tim Exp $ |
2 | 2 | ||
3 | sysconfdir=@sysconfdir@ | 3 | sysconfdir=@sysconfdir@ |
4 | piddir=@piddir@ | 4 | piddir=@piddir@ |
@@ -18,7 +18,7 @@ LDFLAGS=-L. @LDFLAGS@ | |||
18 | 18 | ||
19 | OPENBSD=base64.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o | 19 | OPENBSD=base64.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o |
20 | 20 | ||
21 | COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-misc.o bsd-nextstep.o bsd-snprintf.o bsd-waitpid.o fake-getaddrinfo.o fake-getnameinfo.o | 21 | COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-misc.o bsd-nextstep.o bsd-snprintf.o bsd-waitpid.o fake-getaddrinfo.o fake-getnameinfo.o xmmap.o |
22 | 22 | ||
23 | PORTS=port-irix.o port-aix.o | 23 | PORTS=port-irix.o port-aix.o |
24 | 24 | ||
diff --git a/openbsd-compat/xmmap.c b/openbsd-compat/xmmap.c new file mode 100644 index 000000000..a6b7d3bdf --- /dev/null +++ b/openbsd-compat/xmmap.c | |||
@@ -0,0 +1,65 @@ | |||
1 | /* | ||
2 | * Redistribution and use in source and binary forms, with or without | ||
3 | * modification, are permitted provided that the following conditions | ||
4 | * are met: | ||
5 | * 1. Redistributions of source code must retain the above copyright | ||
6 | * notice, this list of conditions and the following disclaimer. | ||
7 | * 2. Redistributions in binary form must reproduce the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer in the | ||
9 | * documentation and/or other materials provided with the distribution. | ||
10 | * | ||
11 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
12 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
13 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
14 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
15 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
16 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
17 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
18 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
19 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
20 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
21 | */ | ||
22 | |||
23 | #include "includes.h" | ||
24 | |||
25 | #ifdef HAVE_SYS_MMAN_H | ||
26 | #include <sys/mman.h> | ||
27 | #endif | ||
28 | |||
29 | void *xmmap(size_t size) | ||
30 | { | ||
31 | void *address; | ||
32 | |||
33 | #ifdef HAVE_MMAP | ||
34 | # ifdef MAP_ANON | ||
35 | address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED, | ||
36 | -1, 0); | ||
37 | # else | ||
38 | address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_SHARED, | ||
39 | open("/dev/zero", O_RDWR), 0); | ||
40 | # endif | ||
41 | |||
42 | #define MM_SWAP_TEMPLATE "/var/run/sshd.mm.XXXXXXXX" | ||
43 | if (address == MAP_FAILED) { | ||
44 | char tmpname[sizeof(MM_SWAP_TEMPLATE)] = MM_SWAP_TEMPLATE; | ||
45 | int tmpfd; | ||
46 | |||
47 | tmpfd = mkstemp(tmpname); | ||
48 | if (tmpfd == -1) | ||
49 | fatal("mkstemp(\"%s\"): %s", | ||
50 | MM_SWAP_TEMPLATE, strerror(errno)); | ||
51 | unlink(tmpname); | ||
52 | ftruncate(tmpfd, size); | ||
53 | address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_SHARED, | ||
54 | tmpfd, 0); | ||
55 | close(tmpfd); | ||
56 | } | ||
57 | |||
58 | return (address); | ||
59 | #else | ||
60 | fatal("%s: UsePrivilegeSeparation=yes and Compression=yes not supported", | ||
61 | __func__); | ||
62 | #endif /* HAVE_MMAP */ | ||
63 | |||
64 | } | ||
65 | |||
diff --git a/servconf.c b/servconf.c index f311ae48d..bdf39afb8 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -257,7 +257,7 @@ fill_default_server_options(ServerOptions *options) | |||
257 | if (use_privsep == -1) | 257 | if (use_privsep == -1) |
258 | use_privsep = 1; | 258 | use_privsep = 1; |
259 | 259 | ||
260 | #if !defined(HAVE_MMAP_ANON_SHARED) | 260 | #ifndef HAVE_MMAP |
261 | if (use_privsep && options->compression == 1) { | 261 | if (use_privsep && options->compression == 1) { |
262 | error("This platform does not support both privilege " | 262 | error("This platform does not support both privilege " |
263 | "separation and compression"); | 263 | "separation and compression"); |