diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 24 |
1 files changed, 16 insertions, 8 deletions
@@ -42,7 +42,7 @@ | |||
42 | */ | 42 | */ |
43 | 43 | ||
44 | #include "includes.h" | 44 | #include "includes.h" |
45 | RCSID("$OpenBSD: sshd.c,v 1.249 2002/06/23 03:30:17 deraadt Exp $"); | 45 | RCSID("$OpenBSD: sshd.c,v 1.250 2002/06/23 10:29:52 deraadt Exp $"); |
46 | 46 | ||
47 | #include <openssl/dh.h> | 47 | #include <openssl/dh.h> |
48 | #include <openssl/bn.h> | 48 | #include <openssl/bn.h> |
@@ -219,6 +219,7 @@ static void | |||
219 | close_listen_socks(void) | 219 | close_listen_socks(void) |
220 | { | 220 | { |
221 | int i; | 221 | int i; |
222 | |||
222 | for (i = 0; i < num_listen_socks; i++) | 223 | for (i = 0; i < num_listen_socks; i++) |
223 | close(listen_socks[i]); | 224 | close(listen_socks[i]); |
224 | num_listen_socks = -1; | 225 | num_listen_socks = -1; |
@@ -228,6 +229,7 @@ static void | |||
228 | close_startup_pipes(void) | 229 | close_startup_pipes(void) |
229 | { | 230 | { |
230 | int i; | 231 | int i; |
232 | |||
231 | if (startup_pipes) | 233 | if (startup_pipes) |
232 | for (i = 0; i < options.max_startups; i++) | 234 | for (i = 0; i < options.max_startups; i++) |
233 | if (startup_pipes[i] != -1) | 235 | if (startup_pipes[i] != -1) |
@@ -260,7 +262,8 @@ sighup_restart(void) | |||
260 | close_listen_socks(); | 262 | close_listen_socks(); |
261 | close_startup_pipes(); | 263 | close_startup_pipes(); |
262 | execv(saved_argv[0], saved_argv); | 264 | execv(saved_argv[0], saved_argv); |
263 | log("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0], strerror(errno)); | 265 | log("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0], |
266 | strerror(errno)); | ||
264 | exit(1); | 267 | exit(1); |
265 | } | 268 | } |
266 | 269 | ||
@@ -280,8 +283,8 @@ sigterm_handler(int sig) | |||
280 | static void | 283 | static void |
281 | main_sigchld_handler(int sig) | 284 | main_sigchld_handler(int sig) |
282 | { | 285 | { |
283 | pid_t pid; | ||
284 | int save_errno = errno; | 286 | int save_errno = errno; |
287 | pid_t pid; | ||
285 | int status; | 288 | int status; |
286 | 289 | ||
287 | while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || | 290 | while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || |
@@ -341,6 +344,7 @@ static void | |||
341 | key_regeneration_alarm(int sig) | 344 | key_regeneration_alarm(int sig) |
342 | { | 345 | { |
343 | int save_errno = errno; | 346 | int save_errno = errno; |
347 | |||
344 | signal(SIGALRM, SIG_DFL); | 348 | signal(SIGALRM, SIG_DFL); |
345 | errno = save_errno; | 349 | errno = save_errno; |
346 | key_do_regen = 1; | 350 | key_do_regen = 1; |
@@ -526,8 +530,8 @@ static void | |||
526 | privsep_preauth_child(void) | 530 | privsep_preauth_child(void) |
527 | { | 531 | { |
528 | u_int32_t rand[256]; | 532 | u_int32_t rand[256]; |
529 | int i; | ||
530 | struct passwd *pw; | 533 | struct passwd *pw; |
534 | int i; | ||
531 | 535 | ||
532 | /* Enable challenge-response authentication for privilege separation */ | 536 | /* Enable challenge-response authentication for privilege separation */ |
533 | privsep_challenge_enable(); | 537 | privsep_challenge_enable(); |
@@ -683,6 +687,7 @@ Key * | |||
683 | get_hostkey_by_type(int type) | 687 | get_hostkey_by_type(int type) |
684 | { | 688 | { |
685 | int i; | 689 | int i; |
690 | |||
686 | for (i = 0; i < options.num_host_key_files; i++) { | 691 | for (i = 0; i < options.num_host_key_files; i++) { |
687 | Key *key = sensitive_data.host_keys[i]; | 692 | Key *key = sensitive_data.host_keys[i]; |
688 | if (key != NULL && key->type == type) | 693 | if (key != NULL && key->type == type) |
@@ -703,6 +708,7 @@ int | |||
703 | get_hostkey_index(Key *key) | 708 | get_hostkey_index(Key *key) |
704 | { | 709 | { |
705 | int i; | 710 | int i; |
711 | |||
706 | for (i = 0; i < options.num_host_key_files; i++) { | 712 | for (i = 0; i < options.num_host_key_files; i++) { |
707 | if (key == sensitive_data.host_keys[i]) | 713 | if (key == sensitive_data.host_keys[i]) |
708 | return (i); | 714 | return (i); |
@@ -991,11 +997,13 @@ main(int ac, char **av) | |||
991 | * hate software patents. I dont know if this can go? Niels | 997 | * hate software patents. I dont know if this can go? Niels |
992 | */ | 998 | */ |
993 | if (options.server_key_bits > | 999 | if (options.server_key_bits > |
994 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) - SSH_KEY_BITS_RESERVED && | 1000 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) - |
995 | options.server_key_bits < | 1001 | SSH_KEY_BITS_RESERVED && options.server_key_bits < |
996 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + SSH_KEY_BITS_RESERVED) { | 1002 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + |
1003 | SSH_KEY_BITS_RESERVED) { | ||
997 | options.server_key_bits = | 1004 | options.server_key_bits = |
998 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + SSH_KEY_BITS_RESERVED; | 1005 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + |
1006 | SSH_KEY_BITS_RESERVED; | ||
999 | debug("Forcing server key to %d bits to make it differ from host key.", | 1007 | debug("Forcing server key to %d bits to make it differ from host key.", |
1000 | options.server_key_bits); | 1008 | options.server_key_bits); |
1001 | } | 1009 | } |