*/
#include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.265 2003/04/14 14:17:50 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.271 2003/06/28 16:23:06 deraadt Exp $");
#include <openssl/dh.h>
#include <openssl/bn.h>
/* same for ssh2 */
u_char *session_id2 = NULL;
-int session_id2_len = 0;
+u_int session_id2_len = 0;
/* record remote hostname or ip */
u_int utmp_len = MAXHOSTNAMELEN;
int use_privsep;
struct monitor *pmonitor;
+/* message to be displayed after login */
+Buffer loginmsg;
+
/* Prototypes for various functions defined later in this file. */
void destroy_sensitive_data(void);
void demote_sensitive_data(void);
if (client_version_string == NULL) {
/* Send our protocol version identification. */
- if (atomicio(write, sock_out, server_version_string,
+ if (atomicio(vwrite, sock_out, server_version_string,
strlen(server_version_string))
!= strlen(server_version_string)) {
logit("Could not write ident string to %s", get_remote_ipaddr());
if (sscanf(client_version_string, "SSH-%d.%d-%[^\n]\n",
&remote_major, &remote_minor, remote_version) != 3) {
s = "Protocol mismatch.\n";
- (void) atomicio(write, sock_out, s, strlen(s));
+ (void) atomicio(vwrite, sock_out, s, strlen(s));
close(sock_in);
close(sock_out);
logit("Bad protocol version identification '%.100s' from %s",
if (mismatch) {
s = "Protocol major versions differ.\n";
- (void) atomicio(write, sock_out, s, strlen(s));
+ (void) atomicio(vwrite, sock_out, s, strlen(s));
close(sock_in);
close(sock_out);
logit("Protocol major versions differ for %s: %.200s vs. %.200s",
do_setusercontext(pw);
#else
gidset[0] = pw->pw_gid;
- if (setgid(pw->pw_gid) < 0)
- fatal("setgid failed for %u", pw->pw_gid );
if (setgroups(1, gidset) < 0)
fatal("setgroups: %.100s", strerror(errno));
permanently_set_uid(pw);
/* Save argv. Duplicate so setproctitle emulation doesn't clobber it */
saved_argc = ac;
- saved_argv = av;
saved_argv = xmalloc(sizeof(*saved_argv) * (ac + 1));
for (i = 0; i < ac; i++)
saved_argv[i] = xstrdup(av[i]);
#ifndef HAVE_SETPROCTITLE
/* Prepare for later setproctitle emulation */
compat_init_setproctitle(ac, av);
+ av = saved_argv;
#endif
/* Initialize configuration options to their default values. */
* overwrite any old pid in the file.
*/
f = fopen(options.pid_file, "wb");
- if (f) {
+ if (f == NULL) {
+ error("Couldn't create pid file \"%s\": %s",
+ options.pid_file, strerror(errno));
+ } else {
fprintf(f, "%ld\n", (long) getpid());
fclose(f);
}
if ((options.protocol & SSH_PROTO_1) &&
key_used == 0) {
/* Schedule server key regeneration alarm. */
- signal(SIGALRM, key_regeneration_alarm);
+ mysignal(SIGALRM, key_regeneration_alarm);
alarm(options.key_regeneration_time);
key_used = 1;
}
* mode; it is just annoying to have the server exit just when you
* are about to discover the bug.
*/
- signal(SIGALRM, grace_alarm_handler);
+ mysignal(SIGALRM, grace_alarm_handler);
if (!debug_flag)
alarm(options.login_grace_time);
packet_set_nonblocking();
+ /* prepare buffers to collect authentication messages */
+ buffer_init(&loginmsg);
+
if (use_privsep)
if ((authctxt = privsep_preauth()) != NULL)
goto authenticated;