summaryrefslogtreecommitdiff
path: root/monitor.c
diff options
context:
space:
mode:
Diffstat (limited to 'monitor.c')
-rw-r--r--monitor.c33
1 files changed, 23 insertions, 10 deletions
diff --git a/monitor.c b/monitor.c
index de323f538..5305911a4 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor.c,v 1.91 2007/05/17 20:52:13 djm Exp $ */ 1/* $OpenBSD: monitor.c,v 1.99 2008/07/10 18:08:11 markus Exp $ */
2/* 2/*
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -51,6 +51,7 @@
51 51
52#include <openssl/dh.h> 52#include <openssl/dh.h>
53 53
54#include "openbsd-compat/sys-queue.h"
54#include "xmalloc.h" 55#include "xmalloc.h"
55#include "ssh.h" 56#include "ssh.h"
56#include "key.h" 57#include "key.h"
@@ -660,11 +661,11 @@ mm_answer_pwnamallow(int sock, Buffer *m)
660#endif 661#endif
661 buffer_put_cstring(m, pwent->pw_dir); 662 buffer_put_cstring(m, pwent->pw_dir);
662 buffer_put_cstring(m, pwent->pw_shell); 663 buffer_put_cstring(m, pwent->pw_shell);
664
665 out:
663 buffer_put_string(m, &options, sizeof(options)); 666 buffer_put_string(m, &options, sizeof(options));
664 if (options.banner != NULL) 667 if (options.banner != NULL)
665 buffer_put_cstring(m, options.banner); 668 buffer_put_cstring(m, options.banner);
666
667 out:
668 debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed); 669 debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed);
669 mm_request_send(sock, MONITOR_ANS_PWNAM, m); 670 mm_request_send(sock, MONITOR_ANS_PWNAM, m);
670 671
@@ -1055,6 +1056,8 @@ mm_answer_keyallowed(int sock, Buffer *m)
1055 allowed = options.pubkey_authentication && 1056 allowed = options.pubkey_authentication &&
1056 user_key_allowed(authctxt->pw, key); 1057 user_key_allowed(authctxt->pw, key);
1057 auth_method = "publickey"; 1058 auth_method = "publickey";
1059 if (options.pubkey_authentication && allowed != 1)
1060 auth_clear_options();
1058 break; 1061 break;
1059 case MM_HOSTKEY: 1062 case MM_HOSTKEY:
1060 allowed = options.hostbased_authentication && 1063 allowed = options.hostbased_authentication &&
@@ -1067,6 +1070,8 @@ mm_answer_keyallowed(int sock, Buffer *m)
1067 allowed = options.rhosts_rsa_authentication && 1070 allowed = options.rhosts_rsa_authentication &&
1068 auth_rhosts_rsa_key_allowed(authctxt->pw, 1071 auth_rhosts_rsa_key_allowed(authctxt->pw,
1069 cuser, chost, key); 1072 cuser, chost, key);
1073 if (options.rhosts_rsa_authentication && allowed != 1)
1074 auth_clear_options();
1070 auth_method = "rsa"; 1075 auth_method = "rsa";
1071 break; 1076 break;
1072 default: 1077 default:
@@ -1096,7 +1101,7 @@ mm_answer_keyallowed(int sock, Buffer *m)
1096 } 1101 }
1097 1102
1098 debug3("%s: key %p is %s", 1103 debug3("%s: key %p is %s",
1099 __func__, key, allowed ? "allowed" : "disallowed"); 1104 __func__, key, allowed ? "allowed" : "not allowed");
1100 1105
1101 buffer_clear(m); 1106 buffer_clear(m);
1102 buffer_put_int(m, allowed); 1107 buffer_put_int(m, allowed);
@@ -1313,7 +1318,7 @@ mm_session_close(Session *s)
1313 debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd); 1318 debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd);
1314 session_pty_cleanup2(s); 1319 session_pty_cleanup2(s);
1315 } 1320 }
1316 s->used = 0; 1321 session_unused(s->self);
1317} 1322}
1318 1323
1319int 1324int
@@ -1355,8 +1360,9 @@ mm_answer_pty(int sock, Buffer *m)
1355 1360
1356 mm_request_send(sock, MONITOR_ANS_PTY, m); 1361 mm_request_send(sock, MONITOR_ANS_PTY, m);
1357 1362
1358 mm_send_fd(sock, s->ptyfd); 1363 if (mm_send_fd(sock, s->ptyfd) == -1 ||
1359 mm_send_fd(sock, s->ttyfd); 1364 mm_send_fd(sock, s->ttyfd) == -1)
1365 fatal("%s: send fds failed", __func__);
1360 1366
1361 /* make sure nothing uses fd 0 */ 1367 /* make sure nothing uses fd 0 */
1362 if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0) 1368 if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0)
@@ -1587,6 +1593,11 @@ mm_answer_term(int sock, Buffer *req)
1587 /* The child is terminating */ 1593 /* The child is terminating */
1588 session_destroy_all(&mm_session_close); 1594 session_destroy_all(&mm_session_close);
1589 1595
1596#ifdef USE_PAM
1597 if (options.use_pam)
1598 sshpam_cleanup();
1599#endif
1600
1590 while (waitpid(pmonitor->m_pid, &status, 0) == -1) 1601 while (waitpid(pmonitor->m_pid, &status, 0) == -1)
1591 if (errno != EINTR) 1602 if (errno != EINTR)
1592 exit(1); 1603 exit(1);
@@ -1740,7 +1751,7 @@ mm_get_keystate(struct monitor *pmonitor)
1740 u_char *blob, *p; 1751 u_char *blob, *p;
1741 u_int bloblen, plen; 1752 u_int bloblen, plen;
1742 u_int32_t seqnr, packets; 1753 u_int32_t seqnr, packets;
1743 u_int64_t blocks; 1754 u_int64_t blocks, bytes;
1744 1755
1745 debug3("%s: Waiting for new keys", __func__); 1756 debug3("%s: Waiting for new keys", __func__);
1746 1757
@@ -1773,11 +1784,13 @@ mm_get_keystate(struct monitor *pmonitor)
1773 seqnr = buffer_get_int(&m); 1784 seqnr = buffer_get_int(&m);
1774 blocks = buffer_get_int64(&m); 1785 blocks = buffer_get_int64(&m);
1775 packets = buffer_get_int(&m); 1786 packets = buffer_get_int(&m);
1776 packet_set_state(MODE_OUT, seqnr, blocks, packets); 1787 bytes = buffer_get_int64(&m);
1788 packet_set_state(MODE_OUT, seqnr, blocks, packets, bytes);
1777 seqnr = buffer_get_int(&m); 1789 seqnr = buffer_get_int(&m);
1778 blocks = buffer_get_int64(&m); 1790 blocks = buffer_get_int64(&m);
1779 packets = buffer_get_int(&m); 1791 packets = buffer_get_int(&m);
1780 packet_set_state(MODE_IN, seqnr, blocks, packets); 1792 bytes = buffer_get_int64(&m);
1793 packet_set_state(MODE_IN, seqnr, blocks, packets, bytes);
1781 1794
1782 skip: 1795 skip:
1783 /* Get the key context */ 1796 /* Get the key context */
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-17 04:11:01 +0000