diff options
author | Damien Miller <djm@mindrot.org> | 2012-10-31 08:58:58 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2012-10-31 08:58:58 +1100 |
commit | 09d3e1251250dcf45e5434cd474430e4ec5e8639 (patch) | |
tree | 674ce6528821636740dce3a32ac1634b397643c9 /sshd.c | |
parent | 07daed505f1cd6a0beff4d060b588debcc1ca8c8 (diff) | |
download | openssh-git-09d3e1251250dcf45e5434cd474430e4ec5e8639.tar.gz |
- djm@cvs.openbsd.org 2012/10/30 21:29:55
[auth-rsa.c auth.c auth.h auth2-pubkey.c servconf.c servconf.h]
[sshd.c sshd_config sshd_config.5]
new sshd_config option AuthorizedKeysCommand to support fetching
authorized_keys from a command in addition to (or instead of) from
the filesystem. The command is run as the target server user unless
another specified via a new AuthorizedKeysCommandUser option.
patch originally by jchadima AT redhat.com, reworked by me; feedback
and ok markus@
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 11 |
1 files changed, 10 insertions, 1 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.393 2012/07/10 02:19:15 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.394 2012/10/30 21:29:55 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -359,6 +359,15 @@ grace_alarm_handler(int sig) if (use_privsep && pmonitor != NULL && pmonitor->m_pid > 0) kill(pmonitor->m_pid, SIGALRM); + /* + * Try to kill any processes that we have spawned, E.g. authorized + * keys command helpers. + */ + if (getpgid(0) == getpid()) { + signal(SIGTERM, SIG_IGN); + killpg(0, SIGTERM); + } + /* Log error and exit. */ sigdie("Timeout before authentication for %s", get_remote_ipaddr()); } |