Mercurial > dropbear

comparison common-session.c @ 1144:624fc24cfae5 coverity

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
merge
author Matt Johnston <matt@ucc.asn.au>
date Fri, 07 Aug 2015 21:26:03 +0800
parents 924ff1b959a2
children a550e1e2e2a9
comparison
equal deleted inserted replaced
1133:d41c7b967868 1144:624fc24cfae5
74 ses.socket_prio = DROPBEAR_PRIO_DEFAULT; 74 ses.socket_prio = DROPBEAR_PRIO_DEFAULT;
75 /* Sets it to lowdelay */ 75 /* Sets it to lowdelay */
76 update_channel_prio(); 76 update_channel_prio();
77 77
78 now = monotonic_now(); 78 now = monotonic_now();
79 ses.connect_time = now;
79 ses.last_packet_time_keepalive_recv = now; 80 ses.last_packet_time_keepalive_recv = now;
80 ses.last_packet_time_idle = now; 81 ses.last_packet_time_idle = now;
81 ses.last_packet_time_any_sent = 0; 82 ses.last_packet_time_any_sent = 0;
82 ses.last_packet_time_keepalive_sent = 0; 83 ses.last_packet_time_keepalive_sent = 0;
83 84
484 static void checktimeouts() { 485 static void checktimeouts() {
485 486
486 time_t now; 487 time_t now;
487 now = monotonic_now(); 488 now = monotonic_now();
488 489
490 if (IS_DROPBEAR_SERVER && ses.connect_time != 0
491 && now - ses.connect_time >= AUTH_TIMEOUT) {
492 dropbear_close("Timeout before auth");
493 }
494
489 /* we can't rekey if we haven't done remote ident exchange yet */ 495 /* we can't rekey if we haven't done remote ident exchange yet */
490 if (ses.remoteident == NULL) { 496 if (ses.remoteident == NULL) {
491 return; 497 return;
492 } 498 }
493 499
524 && now - ses.last_packet_time_idle >= opts.idle_timeout_secs) { 530 && now - ses.last_packet_time_idle >= opts.idle_timeout_secs) {
525 dropbear_close("Idle timeout"); 531 dropbear_close("Idle timeout");
526 } 532 }
527 } 533 }
528 534
535 static void update_timeout(long limit, long now, long last_event, long * timeout) {
536 TRACE2(("update_timeout limit %ld, now %ld, last %ld, timeout %ld",
537 limit, now, last_event, *timeout))
538 if (last_event > 0 && limit > 0) {
539 *timeout = MIN(*timeout, last_event+limit-now);
540 TRACE2(("new timeout %ld", *timeout))
541 }
542 }
543
529 static long select_timeout() { 544 static long select_timeout() {
530 /* determine the minimum timeout that might be required, so 545 /* determine the minimum timeout that might be required, so
531 as to avoid waking when unneccessary */ 546 as to avoid waking when unneccessary */
532 long ret = LONG_MAX; 547 long timeout = LONG_MAX;
533 if (KEX_REKEY_TIMEOUT > 0) 548 long now = monotonic_now();
534 ret = MIN(KEX_REKEY_TIMEOUT, ret); 549
535 /* AUTH_TIMEOUT is only relevant before authdone */ 550 update_timeout(KEX_REKEY_TIMEOUT, now, ses.kexstate.lastkextime, &timeout);
536 if (ses.authstate.authdone != 1 && AUTH_TIMEOUT > 0) 551
537 ret = MIN(AUTH_TIMEOUT, ret); 552 if (ses.authstate.authdone != 1 && IS_DROPBEAR_SERVER) {
538 if (opts.keepalive_secs > 0) 553 /* AUTH_TIMEOUT is only relevant before authdone */
539 ret = MIN(opts.keepalive_secs, ret); 554 update_timeout(AUTH_TIMEOUT, now, ses.connect_time, &timeout);
540 if (opts.idle_timeout_secs > 0) 555 }
541 ret = MIN(opts.idle_timeout_secs, ret); 556
542 return ret; 557 if (ses.authstate.authdone) {
558 update_timeout(opts.keepalive_secs, now,
559 MAX(ses.last_packet_time_keepalive_recv, ses.last_packet_time_keepalive_sent),
560 &timeout);
561 }
562
563 update_timeout(opts.idle_timeout_secs, now, ses.last_packet_time_idle,
564 &timeout);
565
566 /* clamp negative timeouts to zero - event has already triggered */
567 return MAX(timeout, 0);
543 } 568 }
544 569
545 const char* get_user_shell() { 570 const char* get_user_shell() {
546 /* an empty shell should be interpreted as "/bin/sh" */ 571 /* an empty shell should be interpreted as "/bin/sh" */
547 if (ses.authstate.pw_shell[0] == '\0') { 572 if (ses.authstate.pw_shell[0] == '\0') {