*/
#include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.316 2005/10/30 08:29:29 dtucker Exp $");
+
+#include <sys/types.h>
+#ifdef HAVE_SYS_STAT_H
+# include <sys/stat.h>
+#endif
+#include <sys/ioctl.h>
+#include <sys/wait.h>
+
+#ifdef HAVE_PATHS_H
+#include <paths.h>
+#endif
+#include <signal.h>
#include <openssl/dh.h>
#include <openssl/bn.h>
goto skip;
}
- /* Authentication complete */
- alarm(0);
- if (startup_pipe != -1) {
- close(startup_pipe);
- startup_pipe = -1;
- }
-
/* New socket pair */
monitor_reinit(pmonitor);
num_listen_socks++;
/* Start listening on the port. */
- logit("Server listening on %s port %s.", ntop, strport);
if (listen(listen_sock, SSH_LISTEN_BACKLOG) < 0)
- fatal("listen: %.100s", strerror(errno));
-
+ fatal("listen on [%s]:%s: %.100s",
+ ntop, strport, strerror(errno));
+ logit("Server listening on %s port %s.", ntop, strport);
}
freeaddrinfo(options.listen_addrs);
verbose("Connection from %.500s port %d", remote_ip, remote_port);
/*
- * We don\'t want to listen forever unless the other side
+ * We don't want to listen forever unless the other side
* successfully authenticates itself. So we set up an alarm which is
* cleared after successful authentication. A limit of zero
- * indicates no limit. Note that we don\'t set the alarm in debugging
+ * indicates no limit. Note that we don't set the alarm in debugging
* mode; it is just annoying to have the server exit just when you
* are about to discover the bug.
*/
}
authenticated:
+ /*
+ * Cancel the alarm we set to limit the time taken for
+ * authentication.
+ */
+ alarm(0);
+ signal(SIGALRM, SIG_DFL);
+ if (startup_pipe != -1) {
+ close(startup_pipe);
+ startup_pipe = -1;
+ }
+
#ifdef SSH_AUDIT_EVENTS
audit_event(SSH_AUTH_SUCCESS);
#endif
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
+ kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
kex->server = 1;
kex->client_version_string=client_version_string;
kex->server_version_string=server_version_string;