Bugzilla – Attachment 1473 Details for
Bug 1090
Increase MAX_SESSIONS?
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
adds MaxSessions knob to daemon configuration
openssh-4.7p1-maxsessions.patch (text/plain), 5.87 KB, created by
Paul Wankadia
on 2008-03-19 12:03:01 AEDT
(
hide
)
Description:
adds MaxSessions knob to daemon configuration
Filename:
MIME Type:
Creator:
Paul Wankadia
Created:
2008-03-19 12:03:01 AEDT
Size:
5.87 KB
patch
obsolete
>diff -durN openssh-4.7p1.orig/servconf.c openssh-4.7p1/servconf.c >--- openssh-4.7p1.orig/servconf.c 2007-05-20 15:03:16.000000000 +1000 >+++ openssh-4.7p1/servconf.c 2008-03-17 10:20:37.417562000 +1100 >@@ -112,6 +112,7 @@ > options->max_startups_rate = -1; > options->max_startups = -1; > options->max_authtries = -1; >+ options->max_sessions = -1; > options->banner = NULL; > options->use_dns = -1; > options->client_alive_interval = -1; >@@ -232,6 +233,8 @@ > options->max_startups_begin = options->max_startups; > if (options->max_authtries == -1) > options->max_authtries = DEFAULT_AUTH_FAIL_MAX; >+ if (options->max_sessions == -1) >+ options->max_sessions = DEFAULT_SESSIONS_MAX; > if (options->use_dns == -1) > options->use_dns = 1; > if (options->client_alive_interval == -1) >@@ -286,7 +289,7 @@ > sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, > sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, > sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, >- sMaxStartups, sMaxAuthTries, >+ sMaxStartups, sMaxAuthTries, sMaxSessions, > sBanner, sUseDNS, sHostbasedAuthentication, > sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, > sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, >@@ -389,6 +392,7 @@ > { "subsystem", sSubsystem, SSHCFG_GLOBAL }, > { "maxstartups", sMaxStartups, SSHCFG_GLOBAL }, > { "maxauthtries", sMaxAuthTries, SSHCFG_GLOBAL }, >+ { "maxsessions", sMaxSessions, SSHCFG_GLOBAL }, > { "banner", sBanner, SSHCFG_ALL }, > { "usedns", sUseDNS, SSHCFG_GLOBAL }, > { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL }, >@@ -1142,6 +1146,10 @@ > intptr = &options->max_authtries; > goto parse_int; > >+ case sMaxSessions: >+ intptr = &options->max_sessions; >+ goto parse_int; >+ > case sBanner: > charptr = &options->banner; > goto parse_filename; >diff -durN openssh-4.7p1.orig/servconf.h openssh-4.7p1/servconf.h >--- openssh-4.7p1.orig/servconf.h 2007-02-19 22:25:38.000000000 +1100 >+++ openssh-4.7p1/servconf.h 2008-03-17 10:19:22.229947000 +1100 >@@ -35,6 +35,7 @@ > #define PERMIT_YES 3 > > #define DEFAULT_AUTH_FAIL_MAX 6 /* Default for MaxAuthTries */ >+#define DEFAULT_SESSIONS_MAX 10 /* Default for MaxSessions */ > > typedef struct { > u_int num_ports; >@@ -119,6 +120,7 @@ > int max_startups_rate; > int max_startups; > int max_authtries; >+ int max_sessions; > char *banner; /* SSH-2 banner message */ > int use_dns; > int client_alive_interval; /* >diff -durN openssh-4.7p1.orig/session.c openssh-4.7p1/session.c >--- openssh-4.7p1.orig/session.c 2007-08-16 23:28:04.000000000 +1000 >+++ openssh-4.7p1/session.c 2008-03-17 10:47:29.504393000 +1100 >@@ -129,8 +129,7 @@ > const char *original_command = NULL; > > /* data */ >-#define MAX_SESSIONS 10 >-Session sessions[MAX_SESSIONS]; >+static Session *sessions = NULL; > > #ifdef HAVE_LOGIN_CAP > login_cap_t *lc; >@@ -1656,15 +1655,11 @@ > session_new(void) > { > int i; >- static int did_init = 0; >- if (!did_init) { >- debug("session_new: init"); >- for (i = 0; i < MAX_SESSIONS; i++) { >- sessions[i].used = 0; >- } >- did_init = 1; >+ if (sessions == NULL) { >+ debug("session_new: init %d sessions", options.max_sessions); >+ sessions = xcalloc(options.max_sessions, sizeof(Session)); > } >- for (i = 0; i < MAX_SESSIONS; i++) { >+ for (i = 0; i < options.max_sessions; i++) { > Session *s = &sessions[i]; > if (! s->used) { > memset(s, 0, sizeof(*s)); >@@ -1685,7 +1680,7 @@ > session_dump(void) > { > int i; >- for (i = 0; i < MAX_SESSIONS; i++) { >+ for (i = 0; i < options.max_sessions; i++) { > Session *s = &sessions[i]; > debug("dump: used %d session %d %p channel %d pid %ld", > s->used, >@@ -1718,7 +1713,7 @@ > session_by_tty(char *tty) > { > int i; >- for (i = 0; i < MAX_SESSIONS; i++) { >+ for (i = 0; i < options.max_sessions; i++) { > Session *s = &sessions[i]; > if (s->used && s->ttyfd != -1 && strcmp(s->tty, tty) == 0) { > debug("session_by_tty: session %d tty %s", i, tty); >@@ -1734,7 +1729,7 @@ > session_by_channel(int id) > { > int i; >- for (i = 0; i < MAX_SESSIONS; i++) { >+ for (i = 0; i < options.max_sessions; i++) { > Session *s = &sessions[i]; > if (s->used && s->chanid == id) { > debug("session_by_channel: session %d channel %d", i, id); >@@ -1751,7 +1746,7 @@ > { > int i, j; > >- for (i = 0; i < MAX_SESSIONS; i++) { >+ for (i = 0; i < options.max_sessions; i++) { > Session *s = &sessions[i]; > > if (s->x11_chanids == NULL || !s->used) >@@ -1774,7 +1769,7 @@ > { > int i; > debug("session_by_pid: pid %ld", (long)pid); >- for (i = 0; i < MAX_SESSIONS; i++) { >+ for (i = 0; i < options.max_sessions; i++) { > Session *s = &sessions[i]; > if (s->used && s->pid == pid) > return s; >@@ -2327,7 +2322,7 @@ > session_destroy_all(void (*closefunc)(Session *)) > { > int i; >- for (i = 0; i < MAX_SESSIONS; i++) { >+ for (i = 0; i < options.max_sessions; i++) { > Session *s = &sessions[i]; > if (s->used) { > if (closefunc != NULL) >@@ -2346,7 +2341,7 @@ > char *cp; > > buf[0] = '\0'; >- for (i = 0; i < MAX_SESSIONS; i++) { >+ for (i = 0; i < options.max_sessions; i++) { > Session *s = &sessions[i]; > if (s->used && s->ttyfd != -1) { > >diff -durN openssh-4.7p1.orig/sshd_config openssh-4.7p1/sshd_config >--- openssh-4.7p1.orig/sshd_config 2007-03-21 20:42:25.000000000 +1100 >+++ openssh-4.7p1/sshd_config 2008-03-17 10:10:18.093993000 +1100 >@@ -41,6 +41,7 @@ > #PermitRootLogin yes > #StrictModes yes > #MaxAuthTries 6 >+#MaxSessions 10 > > #RSAAuthentication yes > #PubkeyAuthentication yes >diff -durN openssh-4.7p1.orig/sshd_config.5 openssh-4.7p1/sshd_config.5 >--- openssh-4.7p1.orig/sshd_config.5 2007-06-11 14:07:13.000000000 +1000 >+++ openssh-4.7p1/sshd_config.5 2008-03-17 10:18:06.854408000 +1100 >@@ -535,6 +535,9 @@ > Once the number of failures reaches half this value, > additional failures are logged. > The default is 6. >+.It Cm MaxSessions >+Specifies the maximum number of open sessions permitted per network connection. >+The default is 10. > .It Cm MaxStartups > Specifies the maximum number of concurrent unauthenticated connections to the > SSH daemon.
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1473">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1090
:
963
|
979
| 1473 |
1483