- ian@cvs.openbsd.org 2008/06/12 23:24:58

[openssh.git] / monitor.c

diff --git a/monitor.c b/monitor.c
index b20d0c726a010435a1bbe843faa4c20452277fea..f872edbb50ae2d7bfbd167bbc5ef18576d9d5bfd 100644 (file)
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.88 2006/08/12 20:46:46 miod Exp $ */
+/* $OpenBSD: monitor.c,v 1.96 2008/05/08 12:21:16 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -51,6 +51,7 @@
 
 #include <openssl/dh.h>
 
+#include "openbsd-compat/sys-queue.h"
 #include "xmalloc.h"
 #include "ssh.h"
 #include "key.h"
@@ -350,7 +351,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
        /* The first few requests do not require asynchronous access */
        while (!authenticated) {
                auth_method = "unknown";
-               authenticated = monitor_read(pmonitor, mon_dispatch, &ent);
+               authenticated = (monitor_read(pmonitor, mon_dispatch, &ent) == 1);
                if (authenticated) {
                        if (!(ent->flags & MON_AUTHDECIDE))
                                fatal("%s: unexpected authentication from %d",
@@ -409,6 +410,7 @@ monitor_child_postauth(struct monitor *pmonitor)
        monitor_set_child_handler(pmonitor->m_pid);
        signal(SIGHUP, &monitor_child_handler);
        signal(SIGTERM, &monitor_child_handler);
+       signal(SIGINT, &monitor_child_handler);
 
        if (compat20) {
                mon_dispatch = mon_dispatch_postauth20;
@@ -644,6 +646,9 @@ mm_answer_pwnamallow(int sock, Buffer *m)
        buffer_put_cstring(m, pwent->pw_shell);
 
  out:
+       buffer_put_string(m, &options, sizeof(options));
+       if (options.banner != NULL)
+               buffer_put_cstring(m, options.banner);
        debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed);
        mm_request_send(sock, MONITOR_ANS_PWNAM, m);
 
@@ -1217,7 +1222,7 @@ mm_answer_keyverify(int sock, Buffer *m)
 
        verified = key_verify(key, signature, signaturelen, data, datalen);
        debug3("%s: key %p signature %s",
-           __func__, key, verified ? "verified" : "unverified");
+           __func__, key, (verified == 1) ? "verified" : "unverified");
 
        key_free(key);
        xfree(blob);
@@ -1232,7 +1237,7 @@ mm_answer_keyverify(int sock, Buffer *m)
        buffer_put_int(m, verified);
        mm_request_send(sock, MONITOR_ANS_KEYVERIFY, m);
 
-       return (verified);
+       return (verified == 1);
 }
 
 static void
@@ -1268,7 +1273,7 @@ mm_session_close(Session *s)
                debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd);
                session_pty_cleanup2(s);
        }
-       s->used = 0;
+       session_unused(s->self);
 }
 
 int
@@ -1310,8 +1315,9 @@ mm_answer_pty(int sock, Buffer *m)
 
        mm_request_send(sock, MONITOR_ANS_PTY, m);
 
-       mm_send_fd(sock, s->ptyfd);
-       mm_send_fd(sock, s->ttyfd);
+       if (mm_send_fd(sock, s->ptyfd) == -1 ||
+           mm_send_fd(sock, s->ttyfd) == -1)
+               fatal("%s: send fds failed", __func__);
 
        /* make sure nothing uses fd 0 */
        if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0)
@@ -1542,6 +1548,11 @@ mm_answer_term(int sock, Buffer *req)
        /* The child is terminating */
        session_destroy_all(&mm_session_close);
 
+#ifdef USE_PAM
+       if (options.use_pam)
+               sshpam_cleanup();
+#endif
+
        while (waitpid(pmonitor->m_pid, &status, 0) == -1)
                if (errno != EINTR)
                        exit(1);