-/* $OpenBSD: sshd.c,v 1.359 2008/06/10 08:17:40 jmc Exp $ */
+/* $OpenBSD: sshd.c,v 1.364 2008/07/10 18:08:11 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
int mismatch;
int remote_major, remote_minor;
int major, minor;
- char *s;
+ char *s, *newline = "\n";
char buf[256]; /* Must not be larger than remote_version. */
char remote_version[256]; /* Must be at least as big as buf. */
} else if (options.protocol & SSH_PROTO_2) {
major = PROTOCOL_MAJOR_2;
minor = PROTOCOL_MINOR_2;
+ newline = "\r\n";
} else {
major = PROTOCOL_MAJOR_1;
minor = PROTOCOL_MINOR_1;
}
- snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n", major, minor, SSH_VERSION);
+ snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s%s", major, minor,
+ SSH_VERSION, newline);
server_version_string = xstrdup(buf);
/* Send our protocol version identification. */
if (pmonitor->m_pid == -1)
fatal("fork of unprivileged child failed");
else if (pmonitor->m_pid != 0) {
- debug2("User child is on pid %ld", (long)pmonitor->m_pid);
+ verbose("User child is on pid %ld", (long)pmonitor->m_pid);
close(pmonitor->m_recvfd);
buffer_clear(&loginmsg);
monitor_child_postauth(pmonitor);
*newsock = accept(listen_socks[i],
(struct sockaddr *)&from, &fromlen);
if (*newsock < 0) {
- if (errno != EINTR && errno != EWOULDBLOCK)
+ if (errno != EINTR && errno != EAGAIN &&
+ errno != EWOULDBLOCK)
error("accept: %.100s", strerror(errno));
continue;
}
int remote_port;
char *line, *p, *cp;
int config_s[2] = { -1 , -1 };
+ u_int64_t ibytes, obytes;
+ mode_t new_umask;
Key *key;
Authctxt *authctxt;
* the parameters we need. If we're not doing an extended test,
* do not silently ignore connection test params.
*/
- if (test_flag >= 2 && (test_user != NULL || test_host != NULL || test_addr != NULL)
+ if (test_flag >= 2 &&
+ (test_user != NULL || test_host != NULL || test_addr != NULL)
&& (test_user == NULL || test_host == NULL || test_addr == NULL))
fatal("user, host and addr are all required when testing "
"Match configs");
rexec_argv[rexec_argc + 1] = NULL;
}
+ /* Ensure that umask disallows at least group and world write */
+ new_umask = umask(0077) | 0022;
+ (void) umask(new_umask);
+
/* Initialize the log (it is reinitialized below in case we forked). */
if (debug_flag && (!inetd_flag || rexeced_flag))
log_stderr = 1;
destroy_sensitive_data();
}
+ packet_set_timeout(options.client_alive_interval,
+ options.client_alive_count_max);
+
/* Start session. */
do_authenticated(authctxt);
/* The connection has been terminated. */
- verbose("Closing connection to %.100s", remote_ip);
+ packet_get_state(MODE_IN, NULL, NULL, NULL, &ibytes);
+ packet_get_state(MODE_OUT, NULL, NULL, NULL, &obytes);
+ verbose("Transferred: sent %llu, received %llu bytes", obytes, ibytes);
+
+ verbose("Closing connection to %.500s port %d", remote_ip, remote_port);
#ifdef USE_PAM
if (options.use_pam)