Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / c72745afa96a87d41a22804f48499db12d95dfcd^! / . / ssh-agent.c
commitc72745afa96a87d41a22804f48499db12d95dfcd[log] [tgz]
authorBen Lindstrom <mouring@eviladmin.org>Sat Dec 02 19:03:54 2000 +0000
committerBen Lindstrom <mouring@eviladmin.org>Sat Dec 02 19:03:54 2000 +0000
treef4c529e4effe1a7f0c9b818bd198a305c73efeb9
parenta15e39b05fa013e16bbe293244cb49b0f27e2901 [diff] [blame]
20001203
- (bal) OpenBSD CVS updates:
  - markus@cvs.openbsd.org 2000/11/30 22:54:31
    [channels.c]
    debug->warn if tried to do -R style fwd w/o client requesting this;
    ok neils@
  - markus@cvs.openbsd.org 2000/11/29 20:39:17
    [cipher.c]
    des_cbc_encrypt -> des_ncbc_encrypt since it already updates the IV
  - markus@cvs.openbsd.org 2000/11/30 18:33:05
    [ssh-agent.c]
    agents must not dump core, ok niels@
  - markus@cvs.openbsd.org 2000/11/30 07:04:02
    [ssh.1]
    T is for both protocols
  - markus@cvs.openbsd.org 2000/12/01 00:00:51
    [ssh.1]
    typo; from green@FreeBSD.org
  - markus@cvs.openbsd.org 2000/11/30 07:02:35
    [ssh.c]
    check -T before isatty()
  - provos@cvs.openbsd.org 2000/11/29 13:51:27
    [sshconnect.c]
    show IP address and hostname when new key is encountered. okay markus@
  - markus@cvs.openbsd.org 2000/11/30 22:53:35
    [sshconnect.c]
    disable agent/x11/port fwding if hostkey has changed; ok niels@
  - marksu@cvs.openbsd.org 2000/11/29 21:11:59
    [sshd.c]
    sshd -D, startup w/o deamon(), for monitoring scripts or inittab;
    from handler@sub-rosa.com and eric@urbanrange.com; ok niels@

diff --git a/ssh-agent.c b/ssh-agent.c
index 6f89dd5..821ee26 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: ssh-agent.c,v 1.40 2000/11/14 23:48:55 markus Exp $	*/
+/*	$OpenBSD: ssh-agent.c,v 1.41 2000/11/30 18:33:05 markus Exp $	*/
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -37,7 +37,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.40 2000/11/14 23:48:55 markus Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.41 2000/11/30 18:33:05 markus Exp $");
 
 #include "ssh.h"
 #include "rsa.h"
@@ -674,6 +674,7 @@
 	fd_set readset, writeset;
 	int sock, c_flag = 0, k_flag = 0, s_flag = 0, ch;
 	struct sockaddr_un sunaddr;
+	struct rlimit rlim;
 	pid_t pid;
 	char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid];
 	extern int optind;
@@ -804,6 +805,12 @@
 	close(1);
 	close(2);
 
+	/* deny core dumps, since memory contains unencrypted private keys */
+	rlim.rlim_cur = rlim.rlim_max = 0;
+	if (setrlimit(RLIMIT_CORE, &rlim) < 0) {
+		perror("setrlimit rlimit_core failed");
+		cleanup_exit(1);
+	}
 	if (setsid() == -1) {
 		perror("setsid");
 		cleanup_exit(1);