Mercurial > dropbear
diff svr-main.c @ 511:582cb38e4eb5 insecure-nocrypto
propagate from branch 'au.asn.ucc.matt.dropbear' (head cdcc3c729e29544e8b98a408e2dc60e4483dfd2a)
to branch 'au.asn.ucc.matt.dropbear.insecure-nocrypto' (head 0ca38a1cf349f7426ac9de34ebe4c3e3735effab)
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 06 Nov 2008 13:16:55 +0000 |
parents | df7f7da7f6e4 |
children | 07a58e4da1ac |
line wrap: on
line diff
--- a/svr-main.c Mon Oct 02 06:40:51 2006 +0000 +++ b/svr-main.c Thu Nov 06 13:16:55 2008 +0000 @@ -28,6 +28,7 @@ #include "buffer.h" #include "signkey.h" #include "runopts.h" +#include "random.h" static size_t listensockets(int *sock, size_t sockcount, int *maxfd); static void sigchld_handler(int dummy); @@ -51,6 +52,8 @@ _dropbear_exit = svr_dropbear_exit; _dropbear_log = svr_dropbear_log; + disallow_core(); + /* get commandline options */ svr_getopts(argc, argv); @@ -108,7 +111,6 @@ #ifdef NON_INETD_MODE void main_noinetd() { fd_set fds; - struct timeval seltimeout; unsigned int i, j; int val; int maxsock = -1; @@ -122,6 +124,24 @@ int childsock; int childpipe[2]; + /* Note: commonsetup() must happen before we daemon()ise. Otherwise + daemon() will chdir("/"), and we won't be able to find local-dir + hostkeys. */ + commonsetup(); + + /* sockets to identify pre-authenticated clients */ + for (i = 0; i < MAX_UNAUTH_CLIENTS; i++) { + childpipes[i] = -1; + } + bzero(preauth_addrs, sizeof(preauth_addrs)); + + /* Set up the listening sockets */ + listensockcount = listensockets(listensocks, MAX_LISTEN_ADDR, &maxsock); + if (listensockcount == 0) + { + dropbear_exit("No listening ports available."); + } + /* fork */ if (svr_opts.forkbg) { int closefds = 0; @@ -135,43 +155,25 @@ } } - commonsetup(); - /* should be done after syslog is working */ if (svr_opts.forkbg) { dropbear_log(LOG_INFO, "Running in background"); } else { - dropbear_log(LOG_INFO, "Not forking"); + dropbear_log(LOG_INFO, "Not backgrounding"); } /* create a PID file so that we can be killed easily */ - pidfile = fopen(DROPBEAR_PIDFILE, "w"); + pidfile = fopen(svr_opts.pidfile, "w"); if (pidfile) { fprintf(pidfile, "%d\n", getpid()); fclose(pidfile); } - /* sockets to identify pre-authenticated clients */ - for (i = 0; i < MAX_UNAUTH_CLIENTS; i++) { - childpipes[i] = -1; - } - bzero(preauth_addrs, sizeof(preauth_addrs)); - - /* Set up the listening sockets */ - listensockcount = listensockets(listensocks, MAX_LISTEN_ADDR, &maxsock); - if (listensockcount == 0) - { - dropbear_exit("No listening ports available."); - } - /* incoming connection select loop */ for(;;) { FD_ZERO(&fds); - seltimeout.tv_sec = 60; - seltimeout.tv_usec = 0; - /* listening sockets */ for (i = 0; i < listensockcount; i++) { FD_SET(listensocks[i], &fds); @@ -185,15 +187,15 @@ } } - val = select(maxsock+1, &fds, NULL, NULL, &seltimeout); + val = select(maxsock+1, &fds, NULL, NULL, NULL); if (exitflag) { - unlink(DROPBEAR_PIDFILE); + unlink(svr_opts.pidfile); dropbear_exit("Terminated by signal"); } if (val == 0) { - /* timeout reached */ + /* timeout reached - shouldn't happen. eh */ continue; } @@ -264,7 +266,11 @@ goto out; } +#ifdef DEBUG_NOFORK + fork_ret = 0; +#else fork_ret = fork(); +#endif if (fork_ret < 0) { dropbear_log(LOG_WARNING, "error forking: %s", strerror(errno)); goto out; @@ -290,9 +296,11 @@ addrstring = getaddrstring(&remoteaddr, 1); dropbear_log(LOG_INFO, "Child connection from %s", addrstring); +#ifndef DEBUG_NOFORK if (setsid() < 0) { dropbear_exit("setsid: %s", strerror(errno)); } +#endif /* make sure we close sockets */ for (i = 0; i < listensockcount; i++) { @@ -397,9 +405,9 @@ for (i = 0; i < svr_opts.portcount; i++) { - TRACE(("listening on '%s'", svr_opts.ports[i])) + TRACE(("listening on '%s:%s'", svr_opts.addresses[i], svr_opts.ports[i])) - nsock = dropbear_listen("", svr_opts.ports[i], &sock[sockpos], + nsock = dropbear_listen(svr_opts.addresses[i], svr_opts.ports[i], &sock[sockpos], sockcount - sockpos, &errstring, maxfd);