summaryrefslogtreecommitdiff
path: root/serverloop.c
diff options
context:
space:
mode:
Diffstat (limited to 'serverloop.c')
-rw-r--r--serverloop.c47
1 files changed, 24 insertions, 23 deletions
diff --git a/serverloop.c b/serverloop.c
index 830f88562..c4e1d1d61 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: serverloop.c,v 1.182 2016/02/08 10:57:07 djm Exp $ */ 1/* $OpenBSD: serverloop.c,v 1.184 2016/03/07 19:02:43 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -276,7 +276,7 @@ client_alive_check(void)
276 */ 276 */
277static void 277static void
278wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp, 278wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp,
279 u_int *nallocp, u_int64_t max_time_milliseconds) 279 u_int *nallocp, u_int64_t max_time_ms)
280{ 280{
281 struct timeval tv, *tvp; 281 struct timeval tv, *tvp;
282 int ret; 282 int ret;
@@ -288,9 +288,9 @@ wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp,
288 channel_prepare_select(readsetp, writesetp, maxfdp, nallocp, 288 channel_prepare_select(readsetp, writesetp, maxfdp, nallocp,
289 &minwait_secs, 0); 289 &minwait_secs, 0);
290 290
291 /* XXX need proper deadline system for rekey/client alive */
291 if (minwait_secs != 0) 292 if (minwait_secs != 0)
292 max_time_milliseconds = MIN(max_time_milliseconds, 293 max_time_ms = MIN(max_time_ms, (u_int)minwait_secs * 1000);
293 (u_int)minwait_secs * 1000);
294 294
295 /* 295 /*
296 * if using client_alive, set the max timeout accordingly, 296 * if using client_alive, set the max timeout accordingly,
@@ -300,11 +300,13 @@ wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp,
300 * this could be randomized somewhat to make traffic 300 * this could be randomized somewhat to make traffic
301 * analysis more difficult, but we're not doing it yet. 301 * analysis more difficult, but we're not doing it yet.
302 */ 302 */
303 if (compat20 && 303 if (compat20 && options.client_alive_interval) {
304 max_time_milliseconds == 0 && options.client_alive_interval) { 304 uint64_t keepalive_ms =
305 (uint64_t)options.client_alive_interval * 1000;
306
305 client_alive_scheduled = 1; 307 client_alive_scheduled = 1;
306 max_time_milliseconds = 308 if (max_time_ms == 0 || max_time_ms > keepalive_ms)
307 (u_int64_t)options.client_alive_interval * 1000; 309 max_time_ms = keepalive_ms;
308 } 310 }
309 311
310 if (compat20) { 312 if (compat20) {
@@ -353,14 +355,14 @@ wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp,
353 * from it, then read as much as is available and exit. 355 * from it, then read as much as is available and exit.
354 */ 356 */
355 if (child_terminated && packet_not_very_much_data_to_write()) 357 if (child_terminated && packet_not_very_much_data_to_write())
356 if (max_time_milliseconds == 0 || client_alive_scheduled) 358 if (max_time_ms == 0 || client_alive_scheduled)
357 max_time_milliseconds = 100; 359 max_time_ms = 100;
358 360
359 if (max_time_milliseconds == 0) 361 if (max_time_ms == 0)
360 tvp = NULL; 362 tvp = NULL;
361 else { 363 else {
362 tv.tv_sec = max_time_milliseconds / 1000; 364 tv.tv_sec = max_time_ms / 1000;
363 tv.tv_usec = 1000 * (max_time_milliseconds % 1000); 365 tv.tv_usec = 1000 * (max_time_ms % 1000);
364 tvp = &tv; 366 tvp = &tv;
365 } 367 }
366 368
@@ -393,6 +395,7 @@ wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp,
393static void 395static void
394process_input(fd_set *readset) 396process_input(fd_set *readset)
395{ 397{
398 struct ssh *ssh = active_state; /* XXX */
396 int len; 399 int len;
397 char buf[16384]; 400 char buf[16384];
398 401
@@ -400,8 +403,8 @@ process_input(fd_set *readset)
400 if (FD_ISSET(connection_in, readset)) { 403 if (FD_ISSET(connection_in, readset)) {
401 len = read(connection_in, buf, sizeof(buf)); 404 len = read(connection_in, buf, sizeof(buf));
402 if (len == 0) { 405 if (len == 0) {
403 verbose("Connection closed by %.100s", 406 verbose("Connection closed by %.100s port %d",
404 get_remote_ipaddr()); 407 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
405 connection_closed = 1; 408 connection_closed = 1;
406 if (compat20) 409 if (compat20)
407 return; 410 return;
@@ -410,8 +413,9 @@ process_input(fd_set *readset)
410 if (errno != EINTR && errno != EAGAIN && 413 if (errno != EINTR && errno != EAGAIN &&
411 errno != EWOULDBLOCK) { 414 errno != EWOULDBLOCK) {
412 verbose("Read error from remote host " 415 verbose("Read error from remote host "
413 "%.100s: %.100s", 416 "%.100s port %d: %.100s",
414 get_remote_ipaddr(), strerror(errno)); 417 ssh_remote_ipaddr(ssh),
418 ssh_remote_port(ssh), strerror(errno));
415 cleanup_exit(255); 419 cleanup_exit(255);
416 } 420 }
417 } else { 421 } else {
@@ -1239,12 +1243,9 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt)
1239 /* check permissions */ 1243 /* check permissions */
1240 if ((options.allow_tcp_forwarding & FORWARD_REMOTE) == 0 || 1244 if ((options.allow_tcp_forwarding & FORWARD_REMOTE) == 0 ||
1241 no_port_forwarding_flag || 1245 no_port_forwarding_flag ||
1242 (!want_reply && fwd.listen_port == 0) 1246 (!want_reply && fwd.listen_port == 0) ||
1243#ifndef NO_IPPORT_RESERVED_CONCEPT 1247 (fwd.listen_port != 0 && fwd.listen_port < IPPORT_RESERVED &&
1244 || (fwd.listen_port != 0 && fwd.listen_port < IPPORT_RESERVED && 1248 pw->pw_uid != 0)) {
1245 pw->pw_uid != 0)
1246#endif
1247 ) {
1248 success = 0; 1249 success = 0;
1249 packet_send_debug("Server has disabled port forwarding."); 1250 packet_send_debug("Server has disabled port forwarding.");
1250 } else { 1251 } else {
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-21 23:01:35 +0000