diff options
author | Darren Tucker <dtucker@zip.com.au> | 2013-05-16 20:29:28 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2013-05-16 20:29:28 +1000 |
commit | 5f96f3b4bee11ae2b9b32ff9b881c3693e210f96 (patch) | |
tree | 1e1c647e73e447b06b194b38b5d39e95aec8bef9 /serverloop.c | |
parent | c53c2af173cf67fd1c26f98e7900299b1b65b6ec (diff) |
- dtucker@cvs.openbsd.org 2013/05/16 04:09:14
[sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config
sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing
rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man
page.
Diffstat (limited to 'serverloop.c')
-rw-r--r-- | serverloop.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/serverloop.c b/serverloop.c index e224bd08..595899f6 100644 --- a/serverloop.c +++ b/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.164 2012/12/07 01:51:35 dtucker Exp $ */ +/* $OpenBSD: serverloop.c,v 1.165 2013/05/16 04:09:14 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -277,7 +277,7 @@ client_alive_check(void) */ static void wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp, - u_int *nallocp, u_int max_time_milliseconds) + u_int *nallocp, u_int64_t max_time_milliseconds) { struct timeval tv, *tvp; int ret; @@ -563,7 +563,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) int wait_status; /* Status returned by wait(). */ pid_t wait_pid; /* pid returned by wait(). */ int waiting_termination = 0; /* Have displayed waiting close message. */ - u_int max_time_milliseconds; + u_int64_t max_time_milliseconds; u_int previous_stdout_buffer_bytes; u_int stdout_buffer_bytes; int type; @@ -826,6 +826,7 @@ server_loop2(Authctxt *authctxt) { fd_set *readset = NULL, *writeset = NULL; int rekeying = 0, max_fd, nalloc = 0; + u_int64_t rekey_timeout_ms = 0; debug("Entering interactive session for SSH2."); @@ -854,8 +855,13 @@ server_loop2(Authctxt *authctxt) if (!rekeying && packet_not_very_much_data_to_write()) channel_output_poll(); + if (options.rekey_interval > 0 && compat20 && !rekeying) + rekey_timeout_ms = packet_get_rekey_timeout() * 1000; + else + rekey_timeout_ms = 0; + wait_until_can_do_something(&readset, &writeset, &max_fd, - &nalloc, 0); + &nalloc, rekey_timeout_ms); if (received_sigterm) { logit("Exiting on signal %d", (int)received_sigterm); |