summaryrefslogtreecommitdiff
path: root/monitor.c
diff options
context:
space:
mode:
Diffstat (limited to 'monitor.c')
-rw-r--r--monitor.c33
1 files changed, 23 insertions, 10 deletions
diff --git a/monitor.c b/monitor.c
index 08c7ea3cb..73cf6bc9b 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor.c,v 1.91 2007/05/17 20:52:13 djm Exp $ */ 1/* $OpenBSD: monitor.c,v 1.99 2008/07/10 18:08:11 markus Exp $ */
2/* 2/*
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -51,6 +51,7 @@
51 51
52#include <openssl/dh.h> 52#include <openssl/dh.h>
53 53
54#include "openbsd-compat/sys-queue.h"
54#include "xmalloc.h" 55#include "xmalloc.h"
55#include "ssh.h" 56#include "ssh.h"
56#include "key.h" 57#include "key.h"
@@ -643,11 +644,11 @@ mm_answer_pwnamallow(int sock, Buffer *m)
643#endif 644#endif
644 buffer_put_cstring(m, pwent->pw_dir); 645 buffer_put_cstring(m, pwent->pw_dir);
645 buffer_put_cstring(m, pwent->pw_shell); 646 buffer_put_cstring(m, pwent->pw_shell);
647
648 out:
646 buffer_put_string(m, &options, sizeof(options)); 649 buffer_put_string(m, &options, sizeof(options));
647 if (options.banner != NULL) 650 if (options.banner != NULL)
648 buffer_put_cstring(m, options.banner); 651 buffer_put_cstring(m, options.banner);
649
650 out:
651 debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed); 652 debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed);
652 mm_request_send(sock, MONITOR_ANS_PWNAM, m); 653 mm_request_send(sock, MONITOR_ANS_PWNAM, m);
653 654
@@ -1014,6 +1015,8 @@ mm_answer_keyallowed(int sock, Buffer *m)
1014 allowed = options.pubkey_authentication && 1015 allowed = options.pubkey_authentication &&
1015 user_key_allowed(authctxt->pw, key); 1016 user_key_allowed(authctxt->pw, key);
1016 auth_method = "publickey"; 1017 auth_method = "publickey";
1018 if (options.pubkey_authentication && allowed != 1)
1019 auth_clear_options();
1017 break; 1020 break;
1018 case MM_HOSTKEY: 1021 case MM_HOSTKEY:
1019 allowed = options.hostbased_authentication && 1022 allowed = options.hostbased_authentication &&
@@ -1026,6 +1029,8 @@ mm_answer_keyallowed(int sock, Buffer *m)
1026 allowed = options.rhosts_rsa_authentication && 1029 allowed = options.rhosts_rsa_authentication &&
1027 auth_rhosts_rsa_key_allowed(authctxt->pw, 1030 auth_rhosts_rsa_key_allowed(authctxt->pw,
1028 cuser, chost, key); 1031 cuser, chost, key);
1032 if (options.rhosts_rsa_authentication && allowed != 1)
1033 auth_clear_options();
1029 auth_method = "rsa"; 1034 auth_method = "rsa";
1030 break; 1035 break;
1031 default: 1036 default:
@@ -1055,7 +1060,7 @@ mm_answer_keyallowed(int sock, Buffer *m)
1055 } 1060 }
1056 1061
1057 debug3("%s: key %p is %s", 1062 debug3("%s: key %p is %s",
1058 __func__, key, allowed ? "allowed" : "disallowed"); 1063 __func__, key, allowed ? "allowed" : "not allowed");
1059 1064
1060 buffer_clear(m); 1065 buffer_clear(m);
1061 buffer_put_int(m, allowed); 1066 buffer_put_int(m, allowed);
@@ -1272,7 +1277,7 @@ mm_session_close(Session *s)
1272 debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd); 1277 debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd);
1273 session_pty_cleanup2(s); 1278 session_pty_cleanup2(s);
1274 } 1279 }
1275 s->used = 0; 1280 session_unused(s->self);
1276} 1281}
1277 1282
1278int 1283int
@@ -1314,8 +1319,9 @@ mm_answer_pty(int sock, Buffer *m)
1314 1319
1315 mm_request_send(sock, MONITOR_ANS_PTY, m); 1320 mm_request_send(sock, MONITOR_ANS_PTY, m);
1316 1321
1317 mm_send_fd(sock, s->ptyfd); 1322 if (mm_send_fd(sock, s->ptyfd) == -1 ||
1318 mm_send_fd(sock, s->ttyfd); 1323 mm_send_fd(sock, s->ttyfd) == -1)
1324 fatal("%s: send fds failed", __func__);
1319 1325
1320 /* make sure nothing uses fd 0 */ 1326 /* make sure nothing uses fd 0 */
1321 if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0) 1327 if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0)
@@ -1546,6 +1552,11 @@ mm_answer_term(int sock, Buffer *req)
1546 /* The child is terminating */ 1552 /* The child is terminating */
1547 session_destroy_all(&mm_session_close); 1553 session_destroy_all(&mm_session_close);
1548 1554
1555#ifdef USE_PAM
1556 if (options.use_pam)
1557 sshpam_cleanup();
1558#endif
1559
1549 while (waitpid(pmonitor->m_pid, &status, 0) == -1) 1560 while (waitpid(pmonitor->m_pid, &status, 0) == -1)
1550 if (errno != EINTR) 1561 if (errno != EINTR)
1551 exit(1); 1562 exit(1);
@@ -1694,7 +1705,7 @@ mm_get_keystate(struct monitor *pmonitor)
1694 u_char *blob, *p; 1705 u_char *blob, *p;
1695 u_int bloblen, plen; 1706 u_int bloblen, plen;
1696 u_int32_t seqnr, packets; 1707 u_int32_t seqnr, packets;
1697 u_int64_t blocks; 1708 u_int64_t blocks, bytes;
1698 1709
1699 debug3("%s: Waiting for new keys", __func__); 1710 debug3("%s: Waiting for new keys", __func__);
1700 1711
@@ -1727,11 +1738,13 @@ mm_get_keystate(struct monitor *pmonitor)
1727 seqnr = buffer_get_int(&m); 1738 seqnr = buffer_get_int(&m);
1728 blocks = buffer_get_int64(&m); 1739 blocks = buffer_get_int64(&m);
1729 packets = buffer_get_int(&m); 1740 packets = buffer_get_int(&m);
1730 packet_set_state(MODE_OUT, seqnr, blocks, packets); 1741 bytes = buffer_get_int64(&m);
1742 packet_set_state(MODE_OUT, seqnr, blocks, packets, bytes);
1731 seqnr = buffer_get_int(&m); 1743 seqnr = buffer_get_int(&m);
1732 blocks = buffer_get_int64(&m); 1744 blocks = buffer_get_int64(&m);
1733 packets = buffer_get_int(&m); 1745 packets = buffer_get_int(&m);
1734 packet_set_state(MODE_IN, seqnr, blocks, packets); 1746 bytes = buffer_get_int64(&m);
1747 packet_set_state(MODE_IN, seqnr, blocks, packets, bytes);
1735 1748
1736 skip: 1749 skip:
1737 /* Get the key context */ 1750 /* Get the key context */
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-28 21:36:00 +0000