diff options
| -rw-r--r-- | common-session.c | 5 | ||||
| -rw-r--r-- | session.h | 10 | ||||
| -rw-r--r-- | svr-auth.c | 3 | ||||
| -rw-r--r-- | svr-session.c | 12 |
4 files changed, 17 insertions, 13 deletions
diff --git a/common-session.c b/common-session.c index 90129b4..a90673f 100644 --- a/common-session.c +++ b/common-session.c @@ -60,7 +60,6 @@ void common_session_init(int sock_in, int sock_out) { ses.maxfd = MAX(sock_in, sock_out); now = monotonic_now(); - ses.connect_time = now; ses.last_packet_time_keepalive_recv = now; ses.last_packet_time_idle = now; ses.last_packet_time_any_sent = 0; @@ -415,10 +414,6 @@ static void checktimeouts() { time_t now; now = monotonic_now(); - if (now - ses.connect_time >= AUTH_TIMEOUT) { - dropbear_close("Timeout before auth"); - } - /* we can't rekey if we haven't done remote ident exchange yet */ if (ses.remoteident == NULL) { return; @@ -104,11 +104,6 @@ struct sshsession { /* Is it a client or server? */ unsigned char isserver; - time_t connect_time; /* time the connection was established - (cleared after auth once we're not - respecting AUTH_TIMEOUT any more). - A monotonic time, not realworld */ - int sock_in; int sock_out; @@ -221,6 +216,11 @@ struct serversession { /* The resolved remote address, used for lastlog etc */ char *remotehost; + time_t connect_time; /* time the connection was established + (cleared after auth once we're not + respecting AUTH_TIMEOUT any more). + A monotonic time, not realworld */ + #ifdef USE_VFORK pid_t server_pid; #endif @@ -392,8 +392,7 @@ void send_msg_userauth_success() { /* authdone must be set after encrypt_packet() for * delayed-zlib mode */ ses.authstate.authdone = 1; - ses.connect_time = 0; - + svr_ses.connect_time = 0; if (ses.authstate.pw_uid == 0) { ses.allowprivport = 1; diff --git a/svr-session.c b/svr-session.c index 90d3414..4d3c058 100644 --- a/svr-session.c +++ b/svr-session.c @@ -80,12 +80,22 @@ svr_session_cleanup(void) svr_pubkey_options_cleanup(); } +static void +svr_sessionloop() { + if (svr_ses.connect_time != 0 + && monotonic_now() - svr_ses.connect_time >= AUTH_TIMEOUT) { + dropbear_close("Timeout before auth"); + } +} + void svr_session(int sock, int childpipe) { char *host, *port; size_t len; common_session_init(sock, sock); + svr_ses.connect_time = monotonic_now();; + /* Initialise server specific parts of the session */ svr_ses.childpipe = childpipe; #ifdef USE_VFORK @@ -126,7 +136,7 @@ void svr_session(int sock, int childpipe) { /* Run the main for loop. NULL is for the dispatcher - only the client * code makes use of it */ - session_loop(NULL); + session_loop(svr_sessionloop); /* Not reached */ |