diff options
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 32 |
1 files changed, 23 insertions, 9 deletions
@@ -42,7 +42,7 @@ | |||
42 | */ | 42 | */ |
43 | 43 | ||
44 | #include "includes.h" | 44 | #include "includes.h" |
45 | RCSID("$OpenBSD: sshd.c,v 1.260 2002/09/27 10:42:09 mickey Exp $"); | 45 | RCSID("$OpenBSD: sshd.c,v 1.263 2003/02/16 17:09:57 markus Exp $"); |
46 | 46 | ||
47 | #include <openssl/dh.h> | 47 | #include <openssl/dh.h> |
48 | #include <openssl/bn.h> | 48 | #include <openssl/bn.h> |
@@ -202,8 +202,8 @@ int *startup_pipes = NULL; | |||
202 | int startup_pipe; /* in child */ | 202 | int startup_pipe; /* in child */ |
203 | 203 | ||
204 | /* variables used for privilege separation */ | 204 | /* variables used for privilege separation */ |
205 | extern struct monitor *pmonitor; | 205 | int use_privsep; |
206 | extern int use_privsep; | 206 | struct monitor *pmonitor; |
207 | 207 | ||
208 | /* Prototypes for various functions defined later in this file. */ | 208 | /* Prototypes for various functions defined later in this file. */ |
209 | void destroy_sensitive_data(void); | 209 | void destroy_sensitive_data(void); |
@@ -827,9 +827,17 @@ main(int ac, char **av) | |||
827 | __progname = get_progname(av[0]); | 827 | __progname = get_progname(av[0]); |
828 | init_rng(); | 828 | init_rng(); |
829 | 829 | ||
830 | /* Save argv. */ | 830 | /* Save argv. Duplicate so setproctitle emulation doesn't clobber it */ |
831 | saved_argc = ac; | 831 | saved_argc = ac; |
832 | saved_argv = av; | 832 | saved_argv = av; |
833 | saved_argv = xmalloc(sizeof(*saved_argv) * ac); | ||
834 | for (i = 0; i < ac; i++) | ||
835 | saved_argv[i] = xstrdup(av[i]); | ||
836 | |||
837 | #ifndef HAVE_SETPROCTITLE | ||
838 | /* Prepare for later setproctitle emulation */ | ||
839 | compat_init_setproctitle(ac, av); | ||
840 | #endif | ||
833 | 841 | ||
834 | /* Initialize configuration options to their default values. */ | 842 | /* Initialize configuration options to their default values. */ |
835 | initialize_server_options(&options); | 843 | initialize_server_options(&options); |
@@ -944,7 +952,7 @@ main(int ac, char **av) | |||
944 | SYSLOG_LEVEL_INFO : options.log_level, | 952 | SYSLOG_LEVEL_INFO : options.log_level, |
945 | options.log_facility == SYSLOG_FACILITY_NOT_SET ? | 953 | options.log_facility == SYSLOG_FACILITY_NOT_SET ? |
946 | SYSLOG_FACILITY_AUTH : options.log_facility, | 954 | SYSLOG_FACILITY_AUTH : options.log_facility, |
947 | !inetd_flag); | 955 | log_stderr || !inetd_flag); |
948 | 956 | ||
949 | #ifdef _UNICOS | 957 | #ifdef _UNICOS |
950 | /* Cray can define user privs drop all prives now! | 958 | /* Cray can define user privs drop all prives now! |
@@ -1058,8 +1066,8 @@ main(int ac, char **av) | |||
1058 | #else | 1066 | #else |
1059 | if (st.st_uid != 0 || (st.st_mode & (S_IWGRP|S_IWOTH)) != 0) | 1067 | if (st.st_uid != 0 || (st.st_mode & (S_IWGRP|S_IWOTH)) != 0) |
1060 | #endif | 1068 | #endif |
1061 | fatal("Bad owner or mode for %s", | 1069 | fatal("%s must be owned by root and not group or " |
1062 | _PATH_PRIVSEP_CHROOT_DIR); | 1070 | "world-writable.", _PATH_PRIVSEP_CHROOT_DIR); |
1063 | } | 1071 | } |
1064 | 1072 | ||
1065 | /* Configuration looks good, so exit if in test mode. */ | 1073 | /* Configuration looks good, so exit if in test mode. */ |
@@ -1392,8 +1400,12 @@ main(int ac, char **av) | |||
1392 | * setlogin() affects the entire process group. We don't | 1400 | * setlogin() affects the entire process group. We don't |
1393 | * want the child to be able to affect the parent. | 1401 | * want the child to be able to affect the parent. |
1394 | */ | 1402 | */ |
1395 | #if 0 | 1403 | #if !defined(STREAMS_PUSH_ACQUIRES_CTTY) |
1396 | /* XXX: this breaks Solaris */ | 1404 | /* |
1405 | * If setsid is called on Solaris, sshd will acquire the controlling | ||
1406 | * terminal while pushing STREAMS modules. This will prevent the | ||
1407 | * shell from acquiring it later. | ||
1408 | */ | ||
1397 | if (!debug_flag && !inetd_flag && setsid() < 0) | 1409 | if (!debug_flag && !inetd_flag && setsid() < 0) |
1398 | error("setsid: %.100s", strerror(errno)); | 1410 | error("setsid: %.100s", strerror(errno)); |
1399 | #endif | 1411 | #endif |
@@ -1806,6 +1818,8 @@ do_ssh2_kex(void) | |||
1806 | 1818 | ||
1807 | /* start key exchange */ | 1819 | /* start key exchange */ |
1808 | kex = kex_setup(myproposal); | 1820 | kex = kex_setup(myproposal); |
1821 | kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; | ||
1822 | kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; | ||
1809 | kex->server = 1; | 1823 | kex->server = 1; |
1810 | kex->client_version_string=client_version_string; | 1824 | kex->client_version_string=client_version_string; |
1811 | kex->server_version_string=server_version_string; | 1825 | kex->server_version_string=server_version_string; |