- dtucker@cvs.openbsd.org 2004/02/05 05:37:17
[monitor.c sshd.c]
Pass SIGALRM through to privsep child if LoginGraceTime expires. ok markus@
This commit is contained in:
Darren Tucker
parent
c52a29913d
commit
a8be9e23d2
|
|
@ -18,6 +18,9 @@
|
||||||
support for password change; ok dtucker@
|
support for password change; ok dtucker@
|
||||||
(set password-dead=1w in login.conf to use this).
|
(set password-dead=1w in login.conf to use this).
|
||||||
In -Portable, this is currently only platforms using bsdauth.
|
In -Portable, this is currently only platforms using bsdauth.
|
||||||
|
- dtucker@cvs.openbsd.org 2004/02/05 05:37:17
|
||||||
|
[monitor.c sshd.c]
|
||||||
|
Pass SIGALRM through to privsep child if LoginGraceTime expires. ok markus@
|
||||||
|
|
||||||
20040129
|
20040129
|
||||||
- (dtucker) OpenBSD CVS Sync regress/
|
- (dtucker) OpenBSD CVS Sync regress/
|
||||||
|
|
@ -1803,4 +1806,4 @@
|
||||||
- Fix sshd BindAddress and -b options for systems using fake-getaddrinfo.
|
- Fix sshd BindAddress and -b options for systems using fake-getaddrinfo.
|
||||||
Report from murple@murple.net, diagnosis from dtucker@zip.com.au
|
Report from murple@murple.net, diagnosis from dtucker@zip.com.au
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.3212 2004/02/06 05:24:31 dtucker Exp $
|
$Id: ChangeLog,v 1.3213 2004/02/06 05:40:27 dtucker Exp $
|
||||||
|
|
|
||||||
|
|
@ -25,7 +25,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: monitor.c,v 1.54 2003/11/21 11:57:03 djm Exp $");
|
RCSID("$OpenBSD: monitor.c,v 1.55 2004/02/05 05:37:17 dtucker Exp $");
|
||||||
|
|
||||||
#include <openssl/dh.h>
|
#include <openssl/dh.h>
|
||||||
|
|
||||||
|
|
@ -1708,6 +1708,7 @@ monitor_init(void)
|
||||||
|
|
||||||
mon = xmalloc(sizeof(*mon));
|
mon = xmalloc(sizeof(*mon));
|
||||||
|
|
||||||
|
mon->m_pid = 0;
|
||||||
monitor_socketpair(pair);
|
monitor_socketpair(pair);
|
||||||
|
|
||||||
mon->m_recvfd = pair[0];
|
mon->m_recvfd = pair[0];
|
||||||
|
|
|
||||||
8
sshd.c
8
sshd.c
|
|
@ -42,7 +42,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: sshd.c,v 1.284 2003/12/09 21:53:37 markus Exp $");
|
RCSID("$OpenBSD: sshd.c,v 1.285 2004/02/05 05:37:17 dtucker Exp $");
|
||||||
|
|
||||||
#include <openssl/dh.h>
|
#include <openssl/dh.h>
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
|
|
@ -200,7 +200,7 @@ int startup_pipe; /* in child */
|
||||||
|
|
||||||
/* variables used for privilege separation */
|
/* variables used for privilege separation */
|
||||||
int use_privsep;
|
int use_privsep;
|
||||||
struct monitor *pmonitor;
|
struct monitor *pmonitor = NULL;
|
||||||
|
|
||||||
/* message to be displayed after login */
|
/* message to be displayed after login */
|
||||||
Buffer loginmsg;
|
Buffer loginmsg;
|
||||||
|
|
@ -306,6 +306,9 @@ grace_alarm_handler(int sig)
|
||||||
{
|
{
|
||||||
/* XXX no idea how fix this signal handler */
|
/* XXX no idea how fix this signal handler */
|
||||||
|
|
||||||
|
if (use_privsep && pmonitor != NULL && pmonitor->m_pid > 0)
|
||||||
|
kill(pmonitor->m_pid, SIGALRM);
|
||||||
|
|
||||||
/* Log error and exit. */
|
/* Log error and exit. */
|
||||||
fatal("Timeout before authentication for %s", get_remote_ipaddr());
|
fatal("Timeout before authentication for %s", get_remote_ipaddr());
|
||||||
}
|
}
|
||||||
|
|
@ -593,6 +596,7 @@ privsep_preauth(Authctxt *authctxt)
|
||||||
debug2("Network child is on pid %ld", (long)pid);
|
debug2("Network child is on pid %ld", (long)pid);
|
||||||
|
|
||||||
close(pmonitor->m_recvfd);
|
close(pmonitor->m_recvfd);
|
||||||
|
pmonitor->m_pid = pid;
|
||||||
monitor_child_preauth(authctxt, pmonitor);
|
monitor_child_preauth(authctxt, pmonitor);
|
||||||
close(pmonitor->m_sendfd);
|
close(pmonitor->m_sendfd);
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue