*/
#include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.142 2000/12/20 19:37:22 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.147 2001/01/10 19:43:20 deraadt Exp $");
#include "xmalloc.h"
#include "rsa.h"
* do anything with the private key or random state before forking.
* Thus there should be no concurrency control/asynchronous execution
* problems.
+ * XXX calling log() is not safe from races.
*/
-/* XXX do we really want this work to be done in a signal handler ? -m */
void
generate_empheral_server_key(void)
{
arc4random_stir();
log("RSA key generation complete.");
}
+
void
key_regeneration_alarm(int sig)
{
fprintf(stderr, " -f file Configuration file (default %s)\n", SERVER_CONFIG_FILE);
fprintf(stderr, " -d Debugging mode (multiple -d means more debugging)\n");
fprintf(stderr, " -i Started from inetd\n");
+ fprintf(stderr, " -D Do not fork into daemon mode\n");
fprintf(stderr, " -q Quiet (no logging)\n");
fprintf(stderr, " -p port Listen on the specified port (default: 22)\n");
fprintf(stderr, " -k seconds Regenerate server key every this many seconds (default: 3600)\n");
- fprintf(stderr, " -g seconds Grace period for authentication (default: 300)\n");
+ fprintf(stderr, " -g seconds Grace period for authentication (default: 600)\n");
fprintf(stderr, " -b bits Size of server RSA key (default: 768 bits)\n");
fprintf(stderr, " -h file File from which to read host key (default: %s)\n",
HOST_KEY_FILE);
* key (unless started from inetd)
*/
log_init(__progname,
- options.log_level == -1 ? SYSLOG_LEVEL_INFO : options.log_level,
+ options.log_level == -1 ? SYSLOG_LEVEL_NOTICE : options.log_level,
options.log_facility == -1 ? SYSLOG_FACILITY_AUTH : options.log_facility,
!silent && !inetd_flag);
/*
* the read end of the pipe is ready
* if the child has closed the pipe
- * after successfull authentication
+ * after successful authentication
* or if the child has died
*/
close(startup_pipes[i]);