summaryrefslogtreecommitdiff
path: root/sshd.c
diff options
context:
space:
mode:
Diffstat (limited to 'sshd.c')
-rw-r--r--sshd.c32
1 files changed, 23 insertions, 9 deletions
diff --git a/sshd.c b/sshd.c
index 35685643f..d49973859 100644
--- a/sshd.c
+++ b/sshd.c
@@ -42,7 +42,7 @@
42 */ 42 */
43 43
44#include "includes.h" 44#include "includes.h"
45RCSID("$OpenBSD: sshd.c,v 1.260 2002/09/27 10:42:09 mickey Exp $"); 45RCSID("$OpenBSD: sshd.c,v 1.263 2003/02/16 17:09:57 markus Exp $");
46 46
47#include <openssl/dh.h> 47#include <openssl/dh.h>
48#include <openssl/bn.h> 48#include <openssl/bn.h>
@@ -202,8 +202,8 @@ int *startup_pipes = NULL;
202int startup_pipe; /* in child */ 202int startup_pipe; /* in child */
203 203
204/* variables used for privilege separation */ 204/* variables used for privilege separation */
205extern struct monitor *pmonitor; 205int use_privsep;
206extern int use_privsep; 206struct monitor *pmonitor;
207 207
208/* Prototypes for various functions defined later in this file. */ 208/* Prototypes for various functions defined later in this file. */
209void destroy_sensitive_data(void); 209void destroy_sensitive_data(void);
@@ -827,9 +827,17 @@ main(int ac, char **av)
827 __progname = get_progname(av[0]); 827 __progname = get_progname(av[0]);
828 init_rng(); 828 init_rng();
829 829
830 /* Save argv. */ 830 /* Save argv. Duplicate so setproctitle emulation doesn't clobber it */
831 saved_argc = ac; 831 saved_argc = ac;
832 saved_argv = av; 832 saved_argv = av;
833 saved_argv = xmalloc(sizeof(*saved_argv) * ac);
834 for (i = 0; i < ac; i++)
835 saved_argv[i] = xstrdup(av[i]);
836
837#ifndef HAVE_SETPROCTITLE
838 /* Prepare for later setproctitle emulation */
839 compat_init_setproctitle(ac, av);
840#endif
833 841
834 /* Initialize configuration options to their default values. */ 842 /* Initialize configuration options to their default values. */
835 initialize_server_options(&options); 843 initialize_server_options(&options);
@@ -949,7 +957,7 @@ main(int ac, char **av)
949 SYSLOG_LEVEL_INFO : options.log_level, 957 SYSLOG_LEVEL_INFO : options.log_level,
950 options.log_facility == SYSLOG_FACILITY_NOT_SET ? 958 options.log_facility == SYSLOG_FACILITY_NOT_SET ?
951 SYSLOG_FACILITY_AUTH : options.log_facility, 959 SYSLOG_FACILITY_AUTH : options.log_facility,
952 !inetd_flag); 960 log_stderr || !inetd_flag);
953 961
954#ifdef _UNICOS 962#ifdef _UNICOS
955 /* Cray can define user privs drop all prives now! 963 /* Cray can define user privs drop all prives now!
@@ -1063,8 +1071,8 @@ main(int ac, char **av)
1063#else 1071#else
1064 if (st.st_uid != 0 || (st.st_mode & (S_IWGRP|S_IWOTH)) != 0) 1072 if (st.st_uid != 0 || (st.st_mode & (S_IWGRP|S_IWOTH)) != 0)
1065#endif 1073#endif
1066 fatal("Bad owner or mode for %s", 1074 fatal("%s must be owned by root and not group or "
1067 _PATH_PRIVSEP_CHROOT_DIR); 1075 "world-writable.", _PATH_PRIVSEP_CHROOT_DIR);
1068 } 1076 }
1069 1077
1070 /* Configuration looks good, so exit if in test mode. */ 1078 /* Configuration looks good, so exit if in test mode. */
@@ -1397,8 +1405,12 @@ main(int ac, char **av)
1397 * setlogin() affects the entire process group. We don't 1405 * setlogin() affects the entire process group. We don't
1398 * want the child to be able to affect the parent. 1406 * want the child to be able to affect the parent.
1399 */ 1407 */
1400#if 0 1408#if !defined(STREAMS_PUSH_ACQUIRES_CTTY)
1401 /* XXX: this breaks Solaris */ 1409 /*
1410 * If setsid is called on Solaris, sshd will acquire the controlling
1411 * terminal while pushing STREAMS modules. This will prevent the
1412 * shell from acquiring it later.
1413 */
1402 if (!debug_flag && !inetd_flag && setsid() < 0) 1414 if (!debug_flag && !inetd_flag && setsid() < 0)
1403 error("setsid: %.100s", strerror(errno)); 1415 error("setsid: %.100s", strerror(errno));
1404#endif 1416#endif
@@ -1811,6 +1823,8 @@ do_ssh2_kex(void)
1811 1823
1812 /* start key exchange */ 1824 /* start key exchange */
1813 kex = kex_setup(myproposal); 1825 kex = kex_setup(myproposal);
1826 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
1827 kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
1814 kex->server = 1; 1828 kex->server = 1;
1815 kex->client_version_string=client_version_string; 1829 kex->client_version_string=client_version_string;
1816 kex->server_version_string=server_version_string; 1830 kex->server_version_string=server_version_string;