- (dtucker) [Makefile.in added roaming_client.c roaming_serv.c] Import new

[openssh.git] / sshd.c

diff --git a/sshd.c b/sshd.c
index fa314b8a7c115afa438e0214369db861ad5e1d5f..e23d462eebb193b63471a442437fe7e848bb5a8b 100644 (file)
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.365 2008/10/30 19:31:16 stevesk Exp $ */
+/* $OpenBSD: sshd.c,v 1.368 2009/10/28 16:38:18 reyk Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -117,6 +117,7 @@
 #include "ssh-gss.h"
 #endif
 #include "monitor_wrap.h"
+#include "roaming.h"
 #include "version.h"
 
 #ifdef LIBWRAP
@@ -419,7 +420,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
        server_version_string = xstrdup(buf);
 
        /* Send our protocol version identification. */
-       if (atomicio(vwrite, sock_out, server_version_string,
+       if (roaming_atomicio(vwrite, sock_out, server_version_string,
            strlen(server_version_string))
            != strlen(server_version_string)) {
                logit("Could not write ident string to %s", get_remote_ipaddr());
@@ -429,7 +430,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
        /* Read other sides version identification. */
        memset(buf, 0, sizeof(buf));
        for (i = 0; i < sizeof(buf) - 1; i++) {
-               if (atomicio(read, sock_in, &buf[i], 1) != 1) {
+               if (roaming_atomicio(read, sock_in, &buf[i], 1) != 1) {
                        logit("Did not receive identification string from %s",
                            get_remote_ipaddr());
                        cleanup_exit(255);
@@ -577,7 +578,7 @@ demote_sensitive_data(void)
 static void
 privsep_preauth_child(void)
 {
-       u_int32_t rnd[256];
+       u_int32_t rnd[256];
        gid_t gidset[1];
 
        /* Enable challenge-response authentication for privilege separation */
@@ -959,8 +960,8 @@ server_listen(void)
                        continue;
                }
                /* Create socket for listening. */
-               listen_sock = socket(ai->ai_family, ai->ai_socktype,
-                   ai->ai_protocol);
+               listen_sock = socket_rdomain(ai->ai_family, ai->ai_socktype,
+                   ai->ai_protocol, options.rdomain);
                if (listen_sock < 0) {
                        /* kernel may not support ipv6 */
                        verbose("socket: %.100s", strerror(errno));
@@ -978,15 +979,9 @@ server_listen(void)
                    &on, sizeof(on)) == -1)
                        error("setsockopt SO_REUSEADDR: %s", strerror(errno));
 
-#ifdef IPV6_V6ONLY
                /* Only communicate in IPv6 over AF_INET6 sockets. */
-               if (ai->ai_family == AF_INET6) {
-                       if (setsockopt(listen_sock, IPPROTO_IPV6, IPV6_V6ONLY,
-                           &on, sizeof(on)) == -1)
-                               error("setsockopt IPV6_V6ONLY: %s",
-                                   strerror(errno));
-               }
-#endif
+               if (ai->ai_family == AF_INET6)
+                       sock_set_v6only(listen_sock);
 
                debug("Bind to port %s on %s.", strport, ntop);
 
@@ -1333,7 +1328,7 @@ main(int ac, char **av)
                                exit(1);
                        }
                        options.ports[options.num_ports++] = a2port(optarg);
-                       if (options.ports[options.num_ports-1] == 0) {
+                       if (options.ports[options.num_ports-1] <= 0) {
                                fprintf(stderr, "Bad port number.\n");
                                exit(1);
                        }
@@ -1474,8 +1469,9 @@ main(int ac, char **av)
        if (options.challenge_response_authentication)
                options.kbd_interactive_authentication = 1;
 
-       /* set default channel AF */
+       /* set default channel AF and routing domain */
        channel_set_af(options.address_family);
+       channel_set_rdomain(options.rdomain);
 
        /* Check that there are no remaining arguments. */
        if (optind < ac) {
@@ -1661,6 +1657,7 @@ main(int ac, char **av)
        if (inetd_flag) {
                server_accept_inetd(&sock_in, &sock_out);
        } else {
+               platform_pre_listen();
                server_listen();
 
                if (options.protocol & SSH_PROTO_1)