-/* $OpenBSD: monitor.c,v 1.88 2006/08/12 20:46:46 miod Exp $ */
+/* $OpenBSD: monitor.c,v 1.94 2007/10/29 04:08:08 dtucker Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
/* The first few requests do not require asynchronous access */
while (!authenticated) {
auth_method = "unknown";
- authenticated = monitor_read(pmonitor, mon_dispatch, &ent);
+ authenticated = (monitor_read(pmonitor, mon_dispatch, &ent) == 1);
if (authenticated) {
if (!(ent->flags & MON_AUTHDECIDE))
fatal("%s: unexpected authentication from %d",
monitor_set_child_handler(pmonitor->m_pid);
signal(SIGHUP, &monitor_child_handler);
signal(SIGTERM, &monitor_child_handler);
+ signal(SIGINT, &monitor_child_handler);
if (compat20) {
mon_dispatch = mon_dispatch_postauth20;
buffer_put_cstring(m, pwent->pw_shell);
out:
+ buffer_put_string(m, &options, sizeof(options));
+ if (options.banner != NULL)
+ buffer_put_cstring(m, options.banner);
debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed);
mm_request_send(sock, MONITOR_ANS_PWNAM, m);
verified = key_verify(key, signature, signaturelen, data, datalen);
debug3("%s: key %p signature %s",
- __func__, key, verified ? "verified" : "unverified");
+ __func__, key, (verified == 1) ? "verified" : "unverified");
key_free(key);
xfree(blob);
buffer_put_int(m, verified);
mm_request_send(sock, MONITOR_ANS_KEYVERIFY, m);
- return (verified);
+ return (verified == 1);
}
static void
mm_request_send(sock, MONITOR_ANS_PTY, m);
- mm_send_fd(sock, s->ptyfd);
- mm_send_fd(sock, s->ttyfd);
+ if (mm_send_fd(sock, s->ptyfd) == -1 ||
+ mm_send_fd(sock, s->ttyfd) == -1)
+ fatal("%s: send fds failed", __func__);
/* make sure nothing uses fd 0 */
if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0)
/* The child is terminating */
session_destroy_all(&mm_session_close);
+#ifdef USE_PAM
+ if (options.use_pam)
+ sshpam_cleanup();
+#endif
+
while (waitpid(pmonitor->m_pid, &status, 0) == -1)
if (errno != EINTR)
exit(1);
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
+ kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
#ifdef GSSAPI
kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
+ kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server;
kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server;
#endif
- kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
kex->server = 1;
kex->hostkey_type = buffer_get_int(m);
kex->kex_type = buffer_get_int(m);
data.value = buffer_get_string(m, &len);
data.length = len;
if (data.length != 20)
- fatal("%s: data length incorrect: %d", __func__, data.length);
+ fatal("%s: data length incorrect: %d", __func__, (int)data.length);
/* Save the session ID on the first time around */
if (session_id2_len == 0) {
return(0);
}
-
#endif /* GSSAPI */
andersk / gssapi-openssh.git / blobdiff