diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2024-05-17 02:30:23 +0200 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2024-05-17 06:41:35 +0200 |
| commit | 03e3de416ed7c34faeb692967737be4a7bbe2eb5 (patch) | |
| tree | 6794217dbc0a1369e9d6e1b0a9f40534596a6648 /ssh_api.c | |
| parent | upstream: simplify exit message handling, which was more complicated (diff) | |
| download | openssh-03e3de416ed7c34faeb692967737be4a7bbe2eb5.tar.xz openssh-03e3de416ed7c34faeb692967737be4a7bbe2eb5.zip | |
upstream: Start the process of splitting sshd into separate
binaries. This step splits sshd into a listener and a session binary. More
splits are planned.
After this changes, the listener binary will validate the configuration,
load the hostkeys, listen on port 22 and manage MaxStartups only. All
session handling will be performed by a new sshd-session binary that the
listener fork+execs.
This reduces the listener process to the minimum necessary and sets us
up for future work on the sshd-session binary.
feedback/ok markus@ deraadt@
NB. if you're updating via source, please restart sshd after installing,
otherwise you run the risk of locking yourself out.
OpenBSD-Commit-ID: 43c04a1ab96cdbdeb53d2df0125a6d42c5f19934
Diffstat (limited to 'ssh_api.c')
| -rw-r--r-- | ssh_api.c | 17 |
1 files changed, 11 insertions, 6 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: ssh_api.c,v 1.28 2024/01/09 21:39:14 djm Exp $ */ +/* $OpenBSD: ssh_api.c,v 1.29 2024/05/17 00:30:24 djm Exp $ */ /* * Copyright (c) 2012 Markus Friedl. All rights reserved. * @@ -27,6 +27,7 @@ #include "log.h" #include "authfile.h" #include "sshkey.h" +#include "dh.h" #include "misc.h" #include "ssh2.h" #include "version.h" @@ -49,10 +50,8 @@ int _ssh_host_key_sign(struct ssh *, struct sshkey *, struct sshkey *, u_char **, size_t *, const u_char *, size_t, const char *); /* - * stubs for the server side implementation of kex. - * disable privsep so our stubs will never be called. + * stubs for privsep calls in the server side implementation of kex. */ -int use_privsep = 0; int mm_sshkey_sign(struct sshkey *, u_char **, u_int *, const u_char *, u_int, const char *, const char *, const char *, u_int); @@ -65,14 +64,20 @@ mm_sshkey_sign(struct sshkey *key, u_char **sigp, u_int *lenp, const u_char *data, u_int datalen, const char *alg, const char *sk_provider, const char *sk_pin, u_int compat) { - return (-1); + size_t slen = 0; + int ret; + + ret = sshkey_sign(key, sigp, &slen, data, datalen, alg, + sk_provider, sk_pin, compat); + *lenp = slen; + return ret; } #ifdef WITH_OPENSSL DH * mm_choose_dh(int min, int nbits, int max) { - return (NULL); + return choose_dh(min, nbits, max); } #endif |