- (tim) [buildpkg.sh.in openssh.xml.in] Allow more flexibility where smf(5)

[openssh.git] / monitor.c

diff --git a/monitor.c b/monitor.c
index 9e6bcc85f4ffac26f302359b8ec25e793d4b7fca..08c7ea3cb7d53ec63dbfddc4ed068704b77a90fb 100644 (file)
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.87 2006/08/06 01:13:32 stevesk Exp $ */
+/* $OpenBSD: monitor.c,v 1.91 2007/05/17 20:52:13 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -40,9 +40,10 @@
 #endif
 #include <pwd.h>
 #include <signal.h>
+#include <stdarg.h>
 #include <stdlib.h>
 #include <string.h>
-#include <zlib.h>
+#include <unistd.h>
 
 #ifdef SKEY
 #include <skey.h>
@@ -285,7 +286,7 @@ struct mon_table mon_dispatch_postauth15[] = {
     {MONITOR_REQ_TERM, 0, mm_answer_term},
 #ifdef SSH_AUDIT_EVENTS
     {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},
-    {MONITOR_REQ_AUDIT_COMMAND, MON_ONCE, mm_answer_audit_command},
+    {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT|MON_ONCE, mm_answer_audit_command},
 #endif
     {0, 0, NULL}
 };
@@ -349,7 +350,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
        /* The first few requests do not require asynchronous access */
        while (!authenticated) {
                auth_method = "unknown";
-               authenticated = monitor_read(pmonitor, mon_dispatch, &ent);
+               authenticated = (monitor_read(pmonitor, mon_dispatch, &ent) == 1);
                if (authenticated) {
                        if (!(ent->flags & MON_AUTHDECIDE))
                                fatal("%s: unexpected authentication from %d",
@@ -408,6 +409,7 @@ monitor_child_postauth(struct monitor *pmonitor)
        monitor_set_child_handler(pmonitor->m_pid);
        signal(SIGHUP, &monitor_child_handler);
        signal(SIGTERM, &monitor_child_handler);
+       signal(SIGINT, &monitor_child_handler);
 
        if (compat20) {
                mon_dispatch = mon_dispatch_postauth20;
@@ -641,6 +643,9 @@ mm_answer_pwnamallow(int sock, Buffer *m)
 #endif
        buffer_put_cstring(m, pwent->pw_dir);
        buffer_put_cstring(m, pwent->pw_shell);
+       buffer_put_string(m, &options, sizeof(options));
+       if (options.banner != NULL)
+               buffer_put_cstring(m, options.banner);
 
  out:
        debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed);
@@ -659,9 +664,6 @@ mm_answer_pwnamallow(int sock, Buffer *m)
        if (options.use_pam)
                monitor_permit(mon_dispatch, MONITOR_REQ_PAM_START, 1);
 #endif
-#ifdef SSH_AUDIT_EVENTS
-       monitor_permit(mon_dispatch, MONITOR_REQ_AUDIT_COMMAND, 1);
-#endif
 
        return (0);
 }
@@ -1219,7 +1221,7 @@ mm_answer_keyverify(int sock, Buffer *m)
 
        verified = key_verify(key, signature, signaturelen, data, datalen);
        debug3("%s: key %p signature %s",
-           __func__, key, verified ? "verified" : "unverified");
+           __func__, key, (verified == 1) ? "verified" : "unverified");
 
        key_free(key);
        xfree(blob);
@@ -1234,7 +1236,7 @@ mm_answer_keyverify(int sock, Buffer *m)
        buffer_put_int(m, verified);
        mm_request_send(sock, MONITOR_ANS_KEYVERIFY, m);
 
-       return (verified);
+       return (verified == 1);
 }
 
 static void