]> andersk Git - openssh.git/blobdiff - serverloop.c
andersk / openssh.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
- (tim) [configure.ac sshd.8] Enable locked account check (a "*LK*" string)
[openssh.git] / serverloop.c
diff --git a/serverloop.c b/serverloop.c
index b0c4aafa0a02fdc8b557d9dbd482ae0c9ba52c3d..03376bacf5df99e817f32c8fd1290be449fef328 100644 (file)
--- a/serverloop.c
+++ b/serverloop.c
@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: serverloop.c,v 1.118 2005/07/17 07:17:55 djm Exp $");
+RCSID("$OpenBSD: serverloop.c,v 1.121 2005/10/31 11:48:29 djm Exp $");
 
 #include "xmalloc.h"
 #include "packet.h"
@@ -61,6 +61,7 @@ extern ServerOptions options;
 /* XXX */
 extern Kex *xxx_kex;
 extern Authctxt *the_authctxt;
+extern int use_privsep;
 
 static Buffer stdin_buffer;    /* Buffer for stdin data. */
 static Buffer stdout_buffer;   /* Buffer for stdout data. */
@@ -90,6 +91,9 @@ static int client_alive_timeouts = 0;
 
 static volatile sig_atomic_t child_terminated = 0;     /* The child has terminated. */
 
+/* Cleanup on signals (!use_privsep case only) */
+static volatile sig_atomic_t received_sigterm = 0;
+
 /* prototypes */
 static void server_init_dispatch(void);
 
@@ -151,6 +155,12 @@ sigchld_handler(int sig)
        errno = save_errno;
 }
 
+static void
+sigterm_handler(int sig)
+{
+       received_sigterm = sig;
+}
+
 /*
  * Make packets from buffered stderr data, and buffer it for sending
  * to the client.
@@ -502,6 +512,12 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg)
        child_terminated = 0;
        mysignal(SIGCHLD, sigchld_handler);
 
+       if (!use_privsep) {
+               signal(SIGTERM, sigterm_handler);
+               signal(SIGINT, sigterm_handler);
+               signal(SIGQUIT, sigterm_handler);
+       }
+
        /* Initialize our global variables. */
        fdin = fdin_arg;
        fdout = fdout_arg;
@@ -548,7 +564,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg)
         * If we have no separate fderr (which is the case when we have a pty
         * - there we cannot make difference between data sent to stdout and
         * stderr), indicate that we have seen an EOF from stderr.  This way
-        * we don\'t need to check the descriptor everywhere.
+        * we don't need to check the descriptor everywhere.
         */
        if (fderr == -1)
                fderr_eof = 1;
@@ -629,6 +645,12 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg)
                wait_until_can_do_something(&readset, &writeset, &max_fd,
                    &nalloc, max_time_milliseconds);
 
+               if (received_sigterm) {
+                       logit("Exiting on signal %d", received_sigterm);
+                       /* Clean up sessions, utmp, etc. */
+                       cleanup_exit(255);
+               }
+
                /* Process any channel events. */
                channel_after_select(readset, writeset);
 
@@ -749,6 +771,12 @@ server_loop2(Authctxt *authctxt)
        connection_in = packet_get_connection_in();
        connection_out = packet_get_connection_out();
 
+       if (!use_privsep) {
+               signal(SIGTERM, sigterm_handler);
+               signal(SIGINT, sigterm_handler);
+               signal(SIGQUIT, sigterm_handler);
+       }
+
        notify_setup();
 
        max_fd = MAX(connection_in, connection_out);
@@ -766,6 +794,12 @@ server_loop2(Authctxt *authctxt)
                wait_until_can_do_something(&readset, &writeset, &max_fd,
                    &nalloc, 0);
 
+               if (received_sigterm) {
+                       logit("Exiting on signal %d", received_sigterm);
+                       /* Clean up sessions, utmp, etc. */
+                       cleanup_exit(255);
+               }
+
                collect_children();
                if (!rekeying) {
                        channel_after_select(readset, writeset);
@@ -900,7 +934,7 @@ server_request_session(void)
                channel_free(c);
                return NULL;
        }
-       channel_register_cleanup(c->self, session_close_by_channel);
+       channel_register_cleanup(c->self, session_close_by_channel, 0);
        return c;
 }
 
@@ -983,7 +1017,7 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt)
 #ifndef NO_IPPORT_RESERVED_CONCEPT
                    || (listen_port < IPPORT_RESERVED && pw->pw_uid != 0)
 #endif
-                  ) {
+                   ) {
                        success = 0;
                        packet_send_debug("Server has disabled port forwarding.");
                } else {
git-cvsimport mirror of OpenSSH
This page took 0.035121 seconds and 4 git commands to generate.