Attachment #979 for bug #1090

Lines 98-103 initialize_server_options(ServerOptions Link Here

(-)servconf.c (+9 lines)
98	options->use_dns = -1;	98	options->use_dns = -1;
99	options->client_alive_interval = -1;	99	options->client_alive_interval = -1;
100	options->client_alive_count_max = -1;	100	options->client_alive_count_max = -1;
		101	options->max_sessions = -1;
101	options->authorized_keys_file = NULL;	102	options->authorized_keys_file = NULL;
102	options->authorized_keys_file2 = NULL;	103	options->authorized_keys_file2 = NULL;
103	options->num_accept_env = 0;	104	options->num_accept_env = 0;
Lines 220-225 fill_default_server_options(ServerOption Link Here
220	options->client_alive_interval = 0;	221	options->client_alive_interval = 0;
221	if (options->client_alive_count_max == -1)	222	if (options->client_alive_count_max == -1)
222	options->client_alive_count_max = 3;	223	options->client_alive_count_max = 3;
		224	if (options->max_sessions == -1)
		225	options->max_sessions = 64;
223	if (options->authorized_keys_file2 == NULL) {	226	if (options->authorized_keys_file2 == NULL) {
224	/* authorized_keys_file2 falls back to authorized_keys_file */	227	/* authorized_keys_file2 falls back to authorized_keys_file */
225	if (options->authorized_keys_file != NULL)	228	if (options->authorized_keys_file != NULL)
Lines 272-277 typedef enum { Link Here
272	sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,	275	sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
273	sGssAuthentication, sGssCleanupCreds, sAcceptEnv,	276	sGssAuthentication, sGssCleanupCreds, sAcceptEnv,
274	sUsePrivilegeSeparation,	277	sUsePrivilegeSeparation,
		278	sMaxSessions,
275	sDeprecated, sUnsupported	279	sDeprecated, sUnsupported
276	} ServerOpCodes;	280	} ServerOpCodes;
277		281
Lines 373-378 static struct { Link Here
373	{ "authorizedkeysfile2", sAuthorizedKeysFile2 },	377	{ "authorizedkeysfile2", sAuthorizedKeysFile2 },
374	{ "useprivilegeseparation", sUsePrivilegeSeparation},	378	{ "useprivilegeseparation", sUsePrivilegeSeparation},
375	{ "acceptenv", sAcceptEnv },	379	{ "acceptenv", sAcceptEnv },
		380	{ "maxsessions", sMaxSessions },
376	{ NULL, sBadOption }	381	{ NULL, sBadOption }
377	};	382	};
378		383
Lines 949-954 parse_flag: Link Here
949	intptr = &options->client_alive_count_max;	954	intptr = &options->client_alive_count_max;
950	goto parse_int;	955	goto parse_int;
951		956
		957	case sMaxSessions:
		958	intptr = &options->max_sessions;
		959	goto parse_int;
		960
952	case sAcceptEnv:	961	case sAcceptEnv:
953	while ((arg = strdelim(&cp)) && *arg != '\0') {	962	while ((arg = strdelim(&cp)) && *arg != '\0') {
954	if (strchr(arg, '=') != NULL)	963	if (strchr(arg, '=') != NULL)

Lines 133-138 typedef struct { Link Here

(-)servconf.h (+1 lines)
133		133
134	char authorized_keys_file; / File containing public keys */	134	char authorized_keys_file; / File containing public keys */
135	char *authorized_keys_file2;	135	char *authorized_keys_file2;
		136	int max_sessions; /* Maximum number of sessions */
136	int use_pam; /* Enable auth via PAM */	137	int use_pam; /* Enable auth via PAM */
137	} ServerOptions;	138	} ServerOptions;
138		139




const char *original_command = NULL;

/* data */
static Session	*sessions = NULL;
static int num_sessions = 0;

#ifdef HAVE_LOGIN_CAP
login_cap_t *lc;

session_new(void)
{
	int i;
	Session *s = NULL, *n = NULL;

	if (sessions == NULL) {
		debug("session_new: init");
		sessions = calloc(1, sizeof(sessions[0]));
		if (sessions == NULL) {
			error("session_new: can't allocate initial session: %s",
			    strerror(errno));
			return NULL;
		}
		num_sessions = 1;
		for (i = 0; i < num_sessions; i++) {
			/* XXX: unnecessary since calloc zeroes? */
			sessions[i].used = 0;
		}
		did_init = 1;
	}
	for (i = 0; i < num_sessions; i++) {
		s = &sessions[i];
		if (!s->used)
			break;
	}
	/* if we reached the end of the array and are within limits, expand */
	if (num_sessions == i && num_sessions < INT_MAX && \
	    (options.max_sessions == 0 ||
	    num_sessions < options.max_sessions)) {
		debug("session_new: realloc");
		n = realloc(sessions, (num_sessions + 1) * sizeof(*sessions));
		if (n == NULL) {
			error("session_new: realloc sessions failed: %s",
			    strerror(errno));
			return NULL;
		}
		sessions = n;
		num_sessions++;
		s = &sessions[i];
		s->used = 0;
	}
	if (!s->used) {
		memset(s, 0, sizeof(*s));
		s->chanid = -1;
		s->ptyfd = -1;
		s->ttyfd = -1;
		s->used = 1;
		s->self = i;
		s->x11_chanids = NULL;
		debug("session_new: session %d", i);
		return s;
	}
	debug("session_new: no room");
	return NULL;
}


session_dump(void)
{
	int i;
	for (i = 0; i < num_sessions; i++) {
		Session *s = &sessions[i];
		debug("dump: used %d session %d %p channel %d pid %ld",
		    s->used,

session_by_tty(char *tty)
{
	int i;
	for (i = 0; i < num_sessions; i++) {
		Session *s = &sessions[i];
		if (s->used && s->ttyfd != -1 && strcmp(s->tty, tty) == 0) {
			debug("session_by_tty: session %d tty %s", i, tty);

session_by_channel(int id)
{
	int i;
	for (i = 0; i < num_sessions; i++) {
		Session *s = &sessions[i];
		if (s->used && s->chanid == id) {
			debug("session_by_channel: session %d channel %d", i, id);

{
	int i, j;

	for (i = 0; i < num_sessions; i++) {
		Session *s = &sessions[i];

		if (s->x11_chanids == NULL || !s->used)

{
	int i;
	debug("session_by_pid: pid %ld", (long)pid);
	for (i = 0; i < num_sessions; i++) {
		Session *s = &sessions[i];
		if (s->used && s->pid == pid)
			return s;

session_destroy_all(void (*closefunc)(Session *))
{
	int i;
	for (i = 0; i < num_sessions; i++) {
		Session *s = &sessions[i];
		if (s->used) {
			if (closefunc != NULL)

	char *cp;

	buf[0] = '\0';
	for (i = 0; i < num_sessions; i++) {
		Session *s = &sessions[i];
		if (s->used && s->ttyfd != -1) {


Lines 439-444 connection. Link Here

(-)sshd_config.5 (+3 lines)
439	Once the number of failures reaches half this value,	439	Once the number of failures reaches half this value,
440	additional failures are logged.	440	additional failures are logged.
441	The default is 6.	441	The default is 6.
		442	.It Cm MaxSessions
		443	Defines the maximum number of sessions that a server will permit.
		444	The default is 64.
442	.It Cm MaxStartups	445	.It Cm MaxStartups
443	Specifies the maximum number of concurrent unauthenticated connections to the	446	Specifies the maximum number of concurrent unauthenticated connections to the
444	.Nm sshd	447	.Nm sshd

Return to bug 1090

Lines 104-111 extern Buffer loginmsg; Link Here

(-)session.c (-26 / +53 lines)
104	const char *original_command = NULL;	104	const char *original_command = NULL;
105		105
106	/* data */	106	/* data */
107	#define MAX_SESSIONS 10	107	static Session *sessions = NULL;
108	Session sessions[MAX_SESSIONS];	108	static int num_sessions = 0;
109		109
110	#ifdef HAVE_LOGIN_CAP	110	#ifdef HAVE_LOGIN_CAP
111	login_cap_t *lc;	111	login_cap_t *lc;
Lines 1623-1650 Session * Link Here
1623	session_new(void)	1623	session_new(void)
1624	{	1624	{
1625	int i;	1625	int i;
1626	static int did_init = 0;	1626	Session s = NULL, n = NULL;
1627	if (!did_init) {	1627
		1628	if (sessions == NULL) {
1628	debug("session_new: init");	1629	debug("session_new: init");
1629	for (i = 0; i < MAX_SESSIONS; i++) {	1630	sessions = calloc(1, sizeof(sessions[0]));
		1631	if (sessions == NULL) {
		1632	error("session_new: can't allocate initial session: %s",
		1633	strerror(errno));
		1634	return NULL;
		1635	}
		1636	num_sessions = 1;
		1637	for (i = 0; i < num_sessions; i++) {
		1638	/* XXX: unnecessary since calloc zeroes? */
1630	sessions[i].used = 0;	1639	sessions[i].used = 0;
1631	}	1640	}
1632	did_init = 1;
1633	}	1641	}
1634	for (i = 0; i < MAX_SESSIONS; i++) {	1642	for (i = 0; i < num_sessions; i++) {
1635	Session *s = &sessions[i];	1643	s = &sessions[i];
1636	if (! s->used) {	1644	if (!s->used)
1637	memset(s, 0, sizeof(*s));	1645	break;
1638	s->chanid = -1;	1646	}
1639	s->ptyfd = -1;	1647	/* if we reached the end of the array and are within limits, expand */
1640	s->ttyfd = -1;	1648	if (num_sessions == i && num_sessions < INT_MAX && \
1641	s->used = 1;	1649	(options.max_sessions == 0 \|\|
1642	s->self = i;	1650	num_sessions < options.max_sessions)) {
1643	s->x11_chanids = NULL;	1651	debug("session_new: realloc");
1644	debug("session_new: session %d", i);	1652	n = realloc(sessions, (num_sessions + 1) * sizeof(*sessions));
1645	return s;	1653	if (n == NULL) {
1646	}	1654	error("session_new: realloc sessions failed: %s",
		1655	strerror(errno));
		1656	return NULL;
		1657	}
		1658	sessions = n;
		1659	num_sessions++;
		1660	s = &sessions[i];
		1661	s->used = 0;
		1662	}
		1663	if (!s->used) {
		1664	memset(s, 0, sizeof(*s));
		1665	s->chanid = -1;
		1666	s->ptyfd = -1;
		1667	s->ttyfd = -1;
		1668	s->used = 1;
		1669	s->self = i;
		1670	s->x11_chanids = NULL;
		1671	debug("session_new: session %d", i);
		1672	return s;
1647	}	1673	}
		1674	debug("session_new: no room");
1648	return NULL;	1675	return NULL;
1649	}	1676	}
1650		1677
Lines 1652-1658 static void Link Here
1652	session_dump(void)	1679	session_dump(void)
1653	{	1680	{
1654	int i;	1681	int i;
1655	for (i = 0; i < MAX_SESSIONS; i++) {	1682	for (i = 0; i < num_sessions; i++) {
1656	Session *s = &sessions[i];	1683	Session *s = &sessions[i];
1657	debug("dump: used %d session %d %p channel %d pid %ld",	1684	debug("dump: used %d session %d %p channel %d pid %ld",
1658	s->used,	1685	s->used,
Lines 1685-1691 Session * Link Here
1685	session_by_tty(char *tty)	1712	session_by_tty(char *tty)
1686	{	1713	{
1687	int i;	1714	int i;
1688	for (i = 0; i < MAX_SESSIONS; i++) {	1715	for (i = 0; i < num_sessions; i++) {
1689	Session *s = &sessions[i];	1716	Session *s = &sessions[i];
1690	if (s->used && s->ttyfd != -1 && strcmp(s->tty, tty) == 0) {	1717	if (s->used && s->ttyfd != -1 && strcmp(s->tty, tty) == 0) {
1691	debug("session_by_tty: session %d tty %s", i, tty);	1718	debug("session_by_tty: session %d tty %s", i, tty);
Lines 1701-1707 static Session * Link Here
1701	session_by_channel(int id)	1728	session_by_channel(int id)
1702	{	1729	{
1703	int i;	1730	int i;
1704	for (i = 0; i < MAX_SESSIONS; i++) {	1731	for (i = 0; i < num_sessions; i++) {
1705	Session *s = &sessions[i];	1732	Session *s = &sessions[i];
1706	if (s->used && s->chanid == id) {	1733	if (s->used && s->chanid == id) {
1707	debug("session_by_channel: session %d channel %d", i, id);	1734	debug("session_by_channel: session %d channel %d", i, id);
Lines 1718-1724 session_by_x11_channel(int id) Link Here
1718	{	1745	{
1719	int i, j;	1746	int i, j;
1720		1747
1721	for (i = 0; i < MAX_SESSIONS; i++) {	1748	for (i = 0; i < num_sessions; i++) {
1722	Session *s = &sessions[i];	1749	Session *s = &sessions[i];
1723		1750
1724	if (s->x11_chanids == NULL \|\| !s->used)	1751	if (s->x11_chanids == NULL \|\| !s->used)
Lines 1741-1747 session_by_pid(pid_t pid) Link Here
1741	{	1768	{
1742	int i;	1769	int i;
1743	debug("session_by_pid: pid %ld", (long)pid);	1770	debug("session_by_pid: pid %ld", (long)pid);
1744	for (i = 0; i < MAX_SESSIONS; i++) {	1771	for (i = 0; i < num_sessions; i++) {
1745	Session *s = &sessions[i];	1772	Session *s = &sessions[i];
1746	if (s->used && s->pid == pid)	1773	if (s->used && s->pid == pid)
1747	return s;	1774	return s;
Lines 2283-2289 void Link Here
2283	session_destroy_all(void (closefunc)(Session ))	2310	session_destroy_all(void (closefunc)(Session ))
2284	{	2311	{
2285	int i;	2312	int i;
2286	for (i = 0; i < MAX_SESSIONS; i++) {	2313	for (i = 0; i < num_sessions; i++) {
2287	Session *s = &sessions[i];	2314	Session *s = &sessions[i];
2288	if (s->used) {	2315	if (s->used) {
2289	if (closefunc != NULL)	2316	if (closefunc != NULL)
Lines 2302-2308 session_tty_list(void) Link Here
2302	char *cp;	2329	char *cp;
2303		2330
2304	buf[0] = '\0';	2331	buf[0] = '\0';
2305	for (i = 0; i < MAX_SESSIONS; i++) {	2332	for (i = 0; i < num_sessions; i++) {
2306	Session *s = &sessions[i];	2333	Session *s = &sessions[i];
2307	if (s->used && s->ttyfd != -1) {	2334	if (s->used && s->ttyfd != -1) {
2308		2335