]>
Commit | Line | Data |
---|---|---|
c6bcc418 JR |
1 | diff -ur openssh-3.2.3p1.orig/session.c openssh-3.2.3p1/session.c |
2 | --- openssh-3.2.3p1.orig/session.c Mon May 13 02:48:58 2002 | |
3 | +++ openssh-3.2.3p1/session.c Thu May 30 21:33:40 2002 | |
4 | @@ -340,6 +340,44 @@ | |
5 | } | |
6 | } | |
7 | ||
8 | +struct _user_limits_struct { | |
9 | + int supported; | |
10 | + struct rlimit limit; | |
11 | +}; | |
12 | + | |
13 | +static int _save_limits(struct _user_limits_struct *pl) | |
14 | +{ | |
15 | + int i, r; | |
16 | + int retval = 0; | |
17 | + | |
18 | + for(i = 0; i < RLIM_NLIMITS; i++) { | |
19 | + pl[i].supported = 0; | |
20 | + pl[i].limit.rlim_cur = RLIM_INFINITY; | |
21 | + pl[i].limit.rlim_max = RLIM_INFINITY; | |
22 | + r = getrlimit(i, &pl[i].limit); | |
23 | + if (r == -1) { | |
24 | + if (errno != EINVAL) { | |
25 | + retval = -1; | |
26 | + } | |
27 | + } else { | |
28 | + pl[i].supported = 1; | |
29 | + } | |
30 | + } | |
31 | + | |
32 | + return retval; | |
33 | +} | |
34 | + | |
35 | +static void _restore_limits(struct _user_limits_struct *pl) | |
36 | +{ | |
37 | + int i; | |
38 | + int status; | |
39 | + | |
40 | + for (i=0; i<RLIM_NLIMITS; i++) { | |
41 | + if (pl[i].supported) | |
42 | + status |= setrlimit(i, &pl[i].limit); | |
43 | + } | |
44 | +} | |
45 | + | |
46 | /* | |
47 | * This is called to fork and execute a command when we have no tty. This | |
48 | * will call do_child from the child, and server_loop from the parent after | |
49 | @@ -349,6 +387,9 @@ | |
50 | do_exec_no_pty(Session *s, const char *command) | |
51 | { | |
52 | int pid; | |
53 | +#if defined(USE_PAM) | |
54 | + struct _user_limits_struct pl[RLIM_NLIMITS]; | |
55 | +#endif /* USE_PAM */ | |
56 | ||
57 | #ifdef USE_PIPES | |
58 | int pin[2], pout[2], perr[2]; | |
59 | @@ -370,6 +411,7 @@ | |
60 | session_proctitle(s); | |
61 | ||
62 | #if defined(USE_PAM) | |
63 | + _save_limits(pl); | |
64 | do_pam_session(s->pw->pw_name, NULL); | |
65 | do_pam_setcred(1); | |
66 | if (is_pam_password_change_required()) | |
67 | @@ -430,6 +472,9 @@ | |
68 | do_child(s, command); | |
69 | /* NOTREACHED */ | |
70 | } | |
71 | +#if defined(USE_PAM) | |
72 | + _restore_limits(pl); | |
73 | +#endif /* USE_PAM */ | |
74 | #ifdef HAVE_CYGWIN | |
75 | if (is_winnt) | |
76 | cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); | |
77 | @@ -481,6 +526,9 @@ | |
78 | { | |
79 | int fdout, ptyfd, ttyfd, ptymaster; | |
80 | pid_t pid; | |
81 | +#if defined(USE_PAM) | |
82 | + struct _user_limits_struct pl[RLIM_NLIMITS]; | |
83 | +#endif /* USE_PAM */ | |
84 | ||
85 | if (s == NULL) | |
86 | fatal("do_exec_pty: no session"); | |
87 | @@ -488,6 +536,7 @@ | |
88 | ttyfd = s->ttyfd; | |
89 | ||
90 | #if defined(USE_PAM) | |
91 | + _save_limits(pl); | |
92 | do_pam_session(s->pw->pw_name, s->tty); | |
93 | do_pam_setcred(1); | |
94 | #endif | |
95 | @@ -528,6 +577,9 @@ | |
96 | do_child(s, command); | |
97 | /* NOTREACHED */ | |
98 | } | |
99 | +#if defined(USE_PAM) | |
100 | + _restore_limits(pl); | |
101 | +#endif /* USE_PAM */ | |
102 | #ifdef HAVE_CYGWIN | |
103 | if (is_winnt) | |
104 | cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); |