mirror of
git://anongit.mindrot.org/openssh.git
synced 2024-11-24 02:02:10 +08:00
7207f64a23
[monitor.c monitor_wrap.c session.h servconf.c servconf.h session.c] [sshd_config sshd_config.5] Make the maximum number of sessions run-time controllable via a sshd_config MaxSessions knob. This is useful for disabling login/shell/subsystem access while leaving port-forwarding working (MaxSessions 0), disabling connection multiplexing (MaxSessions 1) or simply increasing the number of allows multiplexed sessions. Because some bozos are sure to configure MaxSessions in excess of the number of available file descriptors in sshd (which, at peak, might be as many as 9*MaxSessions), audit sshd to ensure that it doesn't leak fds on error paths, and make it fail gracefully on out-of-fd conditions - sending channel errors instead of than exiting with fatal(). bz#1090; MaxSessions config bits and manpage from junyer AT gmail.com ok markus@
84 lines
2.5 KiB
C
84 lines
2.5 KiB
C
/* $OpenBSD: session.h,v 1.30 2008/05/08 12:21:16 djm Exp $ */
|
|
|
|
/*
|
|
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
|
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
|
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
*/
|
|
#ifndef SESSION_H
|
|
#define SESSION_H
|
|
|
|
#define TTYSZ 64
|
|
typedef struct Session Session;
|
|
struct Session {
|
|
int used;
|
|
int self;
|
|
int next_unused;
|
|
struct passwd *pw;
|
|
Authctxt *authctxt;
|
|
pid_t pid;
|
|
|
|
/* tty */
|
|
char *term;
|
|
int ptyfd, ttyfd, ptymaster;
|
|
u_int row, col, xpixel, ypixel;
|
|
char tty[TTYSZ];
|
|
|
|
/* X11 */
|
|
u_int display_number;
|
|
char *display;
|
|
u_int screen;
|
|
char *auth_display;
|
|
char *auth_proto;
|
|
char *auth_data;
|
|
int single_connection;
|
|
|
|
/* proto 2 */
|
|
int chanid;
|
|
int *x11_chanids;
|
|
int is_subsystem;
|
|
u_int num_env;
|
|
struct {
|
|
char *name;
|
|
char *val;
|
|
} *env;
|
|
};
|
|
|
|
void do_authenticated(Authctxt *);
|
|
void do_cleanup(Authctxt *);
|
|
|
|
int session_open(Authctxt *, int);
|
|
void session_unused(int);
|
|
int session_input_channel_req(Channel *, const char *);
|
|
void session_close_by_pid(pid_t, int);
|
|
void session_close_by_channel(int, void *);
|
|
void session_destroy_all(void (*)(Session *));
|
|
void session_pty_cleanup2(Session *);
|
|
|
|
Session *session_new(void);
|
|
Session *session_by_tty(char *);
|
|
void session_close(Session *);
|
|
void do_setusercontext(struct passwd *);
|
|
void child_set_env(char ***envp, u_int *envsizep, const char *name,
|
|
const char *value);
|
|
|
|
#endif
|